wktr/mediatekformation
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

M2T3;M2T4 : gérer les catégories; ajouter l'accès avec authentification

Browse source
This commit is contained in:
Erwann PHILIPPE 2026-01-26 10:46:20 +01:00
parent 9bf8205b4d
commit cfa4c7ec99
14 changed files with 488 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
composer.json
View file

@ -100,7 +100,7 @@
"symfony/browser-kit": "6.4.*",
"symfony/css-selector": "6.4.*",
"symfony/debug-bundle": "6.4.*",
"symfony/maker-bundle": "^1.0",
"symfony/maker-bundle": "^1.65",
"symfony/phpunit-bridge": "^7.0",
"symfony/stopwatch": "6.4.*",
"symfony/web-profiler-bundle": "6.4.*"

60
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "449a04e5b2ca2b8ce88b30d4b38fa5c0",
"content-hash": "ffcef31327f8f7d322be34e2515dedf0",
"packages": [
{
"name": "composer/semver",
@ -5672,16 +5672,16 @@
},
{
"name": "symfony/security-bundle",
"version": "v6.4.7",
"version": "v6.4.10",
"source": {
"type": "git",
"url": "https://github.com/symfony/security-bundle.git",
"reference": "c9112933215b9b3c48851eb6644263d5c9d93245"
"reference": "50007f4f76632741b62fa9604c5f65807f268b72"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/security-bundle/zipball/c9112933215b9b3c48851eb6644263d5c9d93245",
"reference": "c9112933215b9b3c48851eb6644263d5c9d93245",
"url": "https://api.github.com/repos/symfony/security-bundle/zipball/50007f4f76632741b62fa9604c5f65807f268b72",
"reference": "50007f4f76632741b62fa9604c5f65807f268b72",
"shasum": ""
},
"require": {
@ -5764,7 +5764,7 @@
"description": "Provides a tight integration of the Security component into the Symfony full-stack framework",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/security-bundle/tree/v6.4.7"
"source": "https://github.com/symfony/security-bundle/tree/v6.4.10"
},
"funding": [
{
@ -5780,7 +5780,7 @@
"type": "tidelift"
}
],
"time": "2024-04-18T09:22:46+00:00"
"time": "2024-07-17T10:49:44+00:00"
},
{
"name": "symfony/security-core",
@ -9473,31 +9473,31 @@
},
{
"name": "symfony/maker-bundle",
"version": "v1.59.1",
"version": "v1.65.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/maker-bundle.git",
"reference": "b87b1b25c607a8a50832395bc751c784946a0350"
"reference": "eba30452d212769c9a5bcf0716959fd8ba1e54e3"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/maker-bundle/zipball/b87b1b25c607a8a50832395bc751c784946a0350",
"reference": "b87b1b25c607a8a50832395bc751c784946a0350",
"url": "https://api.github.com/repos/symfony/maker-bundle/zipball/eba30452d212769c9a5bcf0716959fd8ba1e54e3",
"reference": "eba30452d212769c9a5bcf0716959fd8ba1e54e3",
"shasum": ""
},
"require": {
"doctrine/inflector": "^2.0",
"nikic/php-parser": "^4.18|^5.0",
"nikic/php-parser": "^5.0",
"php": ">=8.1",
"symfony/config": "^6.4|^7.0",
"symfony/console": "^6.4|^7.0",
"symfony/dependency-injection": "^6.4|^7.0",
"symfony/config": "^6.4|^7.0|^8.0",
"symfony/console": "^6.4|^7.0|^8.0",
"symfony/dependency-injection": "^6.4|^7.0|^8.0",
"symfony/deprecation-contracts": "^2.2|^3",
"symfony/filesystem": "^6.4|^7.0",
"symfony/finder": "^6.4|^7.0",
"symfony/framework-bundle": "^6.4|^7.0",
"symfony/http-kernel": "^6.4|^7.0",
"symfony/process": "^6.4|^7.0"
"symfony/filesystem": "^6.4|^7.0|^8.0",
"symfony/finder": "^6.4|^7.0|^8.0",
"symfony/framework-bundle": "^6.4|^7.0|^8.0",
"symfony/http-kernel": "^6.4|^7.0|^8.0",
"symfony/process": "^6.4|^7.0|^8.0"
},
"conflict": {
"doctrine/doctrine-bundle": "<2.10",
@ -9505,12 +9505,14 @@
},
"require-dev": {
"composer/semver": "^3.0",
"doctrine/doctrine-bundle": "^2.5.0",
"doctrine/doctrine-bundle": "^2.5.0|^3.0.0",
"doctrine/orm": "^2.15|^3",
"symfony/http-client": "^6.4|^7.0",
"symfony/phpunit-bridge": "^6.4.1|^7.0",
"symfony/security-core": "^6.4|^7.0",
"symfony/yaml": "^6.4|^7.0",
"doctrine/persistence": "^3.1|^4.0",
"symfony/http-client": "^6.4|^7.0|^8.0",
"symfony/phpunit-bridge": "^6.4.1|^7.0|^8.0",
"symfony/security-core": "^6.4|^7.0|^8.0",
"symfony/security-http": "^6.4|^7.0|^8.0",
"symfony/yaml": "^6.4|^7.0|^8.0",
"twig/twig": "^3.0|^4.x-dev"
},
"type": "symfony-bundle",
@ -9545,7 +9547,7 @@
],
"support": {
"issues": "https://github.com/symfony/maker-bundle/issues",
"source": "https://github.com/symfony/maker-bundle/tree/v1.59.1"
"source": "https://github.com/symfony/maker-bundle/tree/v1.65.1"
},
"funding": [
{
@ -9556,12 +9558,16 @@
"url": "https://github.com/fabpot",
"type": "github"
},
{
"url": "https://github.com/nicolas-grekas",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
"type": "tidelift"
}
],
"time": "2024-05-06T03:59:59+00:00"
"time": "2025-12-02T07:14:37+00:00"
},
{
"name": "symfony/phpunit-bridge",

17
config/packages/security.yaml
View file

@ -4,14 +4,23 @@ security:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
users_in_memory: { memory: null }
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: App\Entity\User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
lazy: true
provider: users_in_memory
provider: app_user_provider
custom_authenticator: App\Security\AppCustomAuthenticator
logout:
path: app_logout
# where to redirect after logout
# target: app_any_route
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall
@ -22,7 +31,7 @@ security:
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
# - { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
when@test:
@ -33,7 +42,7 @@ when@test:
# are not important, waste resources and increase test times. The following
# reduces the work factor to the lowest possible values.
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
algorithm: auto
algorithm: bcrypt
cost: 4 # Lowest possible value for bcrypt
time_cost: 3 # Lowest possible value for argon
memory_cost: 10 # Lowest possible value for argon

31
migrations/Version20260123101220.php Normal file
View file

@ -0,0 +1,31 @@
<?php
declare(strict_types=1);
namespace DoctrineMigrations;
use Doctrine\DBAL\Schema\Schema;
use Doctrine\Migrations\AbstractMigration;
/**
* Auto-generated Migration: Please modify to your needs!
*/
final class Version20260123101220 extends AbstractMigration
{
public function getDescription(): string
{
return '';
}
public function up(Schema $schema): void
{
// this up() migration is auto-generated, please modify it to your needs
$this->addSql('CREATE TABLE user (id INT AUTO_INCREMENT NOT NULL, username VARCHAR(180) NOT NULL, roles JSON NOT NULL, password VARCHAR(255) NOT NULL, UNIQUE INDEX UNIQ_IDENTIFIER_USERNAME (username), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8mb4 COLLATE `utf8mb4_unicode_ci` ENGINE = InnoDB');
}
public function down(Schema $schema): void
{
// this down() migration is auto-generated, please modify it to your needs
$this->addSql('DROP TABLE user');
}
}

32
src/Controller/SecurityController.php Normal file
View file

@ -0,0 +1,32 @@
<?php
namespace App\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
class SecurityController extends AbstractController
{
#[Route(path: '/login', name: 'app_login')]
public function login(AuthenticationUtils $authenticationUtils): Response
{
// if ($this->getUser()) {
// return $this->redirectToRoute('target_path');
// }
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render('security/login.html.twig', ['last_username' => $lastUsername, 'error' => $error]);
}
#[Route(path: '/logout', name: 'app_logout')]
public function logout(): void
{
throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
}
}

68
src/Controller/admin/AdminCategoriesController.php Normal file
View file

@ -0,0 +1,68 @@
<?php
namespace App\Controller\admin;
use App\Entity\Categorie;
use App\Repository\CategorieRepository;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
class AdminCategoriesController extends AbstractController
{
/**
* @var CategorieRepository
*/
private $categorieRepository;
public function __construct(CategorieRepository $categorieRepository)
{
$this->categorieRepository = $categorieRepository;
}
#[Route('/admin/categories', name:'admin.categories')]
public function index(){
$categories = $this->categorieRepository->findAll();
$count = [];
foreach ($categories as $categorie) {
$count[$categorie->getId()] = $this->categorieRepository->countFormationsByCategorie($categorie);
}
return $this->render('pages/admin/admin.categories.html.twig', [
'categories'=> $categories,
'usageCounts' => $count,
]);
}
#[Route('/admin/categories/remove/{id}', name:'admin.categories.remove')]
public function remove(int $id){
$categorie = $this->categorieRepository->find($id);
$count = $this->categorieRepository->countFormationsByCategorie($categorie);
if($count == 0){
$this->categorieRepository->remove($categorie);
return $this->redirectToRoute('admin.categories');
}
return $this->redirectToRoute('admin.categories');
}
#[Route('admin/categories/add', name:'admin.categories.add')]
public function add(Request $request){
$name = $request->request->get('name');
$token = $request->request->get('_token');
if (!$this->isCsrfTokenValid('filtre_title', $token)) {
throw $this->createAccessDeniedException('Token CSRF invalide.');
}
if ($name) {
$category = new Categorie();
$category->setName($name);
$this->categorieRepository->add($category);
$this->addFlash('success', 'Catégorie ajoutée !');
}
return $this->redirectToRoute('admin.categories');
}
}

103
src/Entity/User.php Normal file
View file

@ -0,0 +1,103 @@
<?php
namespace App\Entity;
use App\Repository\UserRepository;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\UserInterface;
#[ORM\Entity(repositoryClass: UserRepository::class)]
#[ORM\UniqueConstraint(name: 'UNIQ_IDENTIFIER_USERNAME', fields: ['username'])]
class User implements UserInterface, PasswordAuthenticatedUserInterface
{
#[ORM\Id]
#[ORM\GeneratedValue]
#[ORM\Column]
private ?int $id = null;
#[ORM\Column(length: 180)]
private ?string $username = null;
/**
* @var list<string> The user roles
*/
#[ORM\Column]
private array $roles = [];
/**
* @var string The hashed password
*/
#[ORM\Column]
private ?string $password = null;
public function getId(): ?int
{
return $this->id;
}
public function getUsername(): ?string
{
return $this->username;
}
public function setUsername(string $username): static
{
$this->username = $username;
return $this;
}
/**
* A visual identifier that represents this user.
*
* @see UserInterface
*/
public function getUserIdentifier(): string
{
return (string) $this->username;
}
/**
* @see UserInterface
*/
public function getRoles(): array
{
$roles = $this->roles;
// guarantee every user at least has ROLE_USER
$roles[] = 'ROLE_USER';
return array_unique($roles);
}
/**
* @param list<string> $roles
*/
public function setRoles(array $roles): static
{
$this->roles = $roles;
return $this;
}
/**
* @see PasswordAuthenticatedUserInterface
*/
public function getPassword(): ?string
{
return $this->password;
}
public function setPassword(string $password): static
{
$this->password = $password;
return $this;
}
#[\Deprecated]
public function eraseCredentials(): void
{
// @deprecated, to be removed when upgrading to Symfony 8
}
}

16
src/Repository/CategorieRepository.php
View file

@ -44,4 +44,20 @@ class CategorieRepository extends ServiceEntityRepository
->getResult();
}
/**
* Compte le nombre de formations pour une catégorie donnée
* @param Categorie $categorie
* @return int
*/
public function countFormationsByCategorie(Categorie $categorie): int
{
return (int) $this->createQueryBuilder('c')
->select('COUNT(f.id)')
->join('c.formations', 'f')
->where('c.id = :id')
->setParameter('id', $categorie->getId())
->getQuery()
->getSingleScalarResult();
}
}

60
src/Repository/UserRepository.php Normal file
View file

@ -0,0 +1,60 @@
<?php
namespace App\Repository;
use App\Entity\User;
use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
use Doctrine\Persistence\ManagerRegistry;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
/**
* @extends ServiceEntityRepository<User>
*/
class UserRepository extends ServiceEntityRepository implements PasswordUpgraderInterface
{
public function __construct(ManagerRegistry $registry)
{
parent::__construct($registry, User::class);
}
/**
* Used to upgrade (rehash) the user's password automatically over time.
*/
public function upgradePassword(PasswordAuthenticatedUserInterface $user, string $newHashedPassword): void
{
if (!$user instanceof User) {
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', $user::class));
}
$user->setPassword($newHashedPassword);
$this->getEntityManager()->persist($user);
$this->getEntityManager()->flush();
}
// /**
// * @return User[] Returns an array of User objects
// */
// public function findByExampleField($value): array
// {
// return $this->createQueryBuilder('u')
// ->andWhere('u.exampleField = :val')
// ->setParameter('val', $value)
// ->orderBy('u.id', 'ASC')
// ->setMaxResults(10)
// ->getQuery()
// ->getResult()
// ;
// }
// public function findOneBySomeField($value): ?User
// {
// return $this->createQueryBuilder('u')
// ->andWhere('u.exampleField = :val')
// ->setParameter('val', $value)
// ->getQuery()
// ->getOneOrNullResult()
// ;
// }
}

54
src/Security/AppCustomAuthenticator.php Normal file
View file

@ -0,0 +1,54 @@
<?php
namespace App\Security;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
use Symfony\Component\Security\Http\SecurityRequestAttributes;
use Symfony\Component\Security\Http\Util\TargetPathTrait;
class AppCustomAuthenticator extends AbstractLoginFormAuthenticator
{
use TargetPathTrait;
public const LOGIN_ROUTE = 'app_login';
public function __construct(private UrlGeneratorInterface $urlGenerator)
{
}
public function authenticate(Request $request): Passport
{
$username = $request->getPayload()->getString('username');
$request->getSession()->set(SecurityRequestAttributes::LAST_USERNAME, $username);
return new Passport(
new UserBadge($username),
new PasswordCredentials($request->getPayload()->getString('password')),
[
new CsrfTokenBadge('authenticate', $request->getPayload()->getString('_csrf_token')), ]
);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
if ($targetPath = $this->getTargetPath($request->getSession(), $firewallName)) {
return new RedirectResponse($targetPath);
}
return new RedirectResponse($this->urlGenerator->generate('app_home'));
}
protected function getLoginUrl(Request $request): string
{
return $this->urlGenerator->generate(self::LOGIN_ROUTE);
}
}

8
templates/baseadmin.html.twig
View file

@ -13,13 +13,13 @@
<div class="collapse navbar-collapse" id="navbarSupportedContent">
<ul class="navbar-nav mr-auto">
<li class="nav-item">
<a class="nav-link" href="{{ path('accueil') }}">Accueil</a>
<a class="nav-link" href="{{ path('admin.formations') }}">Formations</a>
</li>
<li class="nav-item">
<a class="nav-link" href="{{ path('formations') }}">Formations</a>
<a class="nav-link" href="{{ path('admin.playlists') }}">Playlists</a>
</li>
<li class="nav-item">
<a class="nav-link" href="{{ path('playlists') }}">Playlists</a>
<a class="nav-link" href="{{ path('admin.categories') }}">Catégories</a>
</li>
</ul>
</div>
@ -30,6 +30,8 @@
{% block footer %}
<div class="container text-center">
<footer>
<hr>
<a href="{{ path('app_logout') }}">Se déconnecter</a>
<hr>
<p><small><i>
Consultez nos <a class="link-secondary" href="{{ path('cgu') }}">Conditions Générales d'Utilisation</a>

43
templates/pages/admin/admin.categories.html.twig Normal file
View file

@ -0,0 +1,43 @@
{% extends "baseadmin.html.twig" %}
{% block body %}
<h3>Liste des catégories présentes</h3>
<table class="table table-stripped">
<thead>
<tr>
<th>
Nom
</th>
<th>
Nombre d'utilisation
</th>
<th>
Actions
</th>
</tr>
</thead>
<tbody>
{% for categorie in categories %}
<tr>
<td>
{{ categorie.name }}
</td>
<td>
{{ usageCounts[categorie.id] | default(0) }}
</td>
<td>
<a href="{{ path('admin.categories.remove', {'id': categorie.id}) }}" class="btn btn-danger" onclick="return confirm('Êtes vous sûr de vouloir supprimer {{ categorie.name }} ?')">Supprimer</a>
</td>
</tr>
{% endfor %}
</tbody>
</table>
<br>
<h3>Ajouter une formation</h3>
<form class="form-inline mt-1" method="POST" action="{{ path('admin.categories.add') }}">
<div class="form-group mr-1 mb-2">
<input type="text" name="name" id="name">
<input type="hidden" name="_token" value="{{ csrf_token('filtre_title') }}">
<button type="submit" class="btn btn-info mb-2 btn-sm">Ajouter</button>
</div>
</form>
{% endblock %}

2
templates/pages/admin/admin.formations.html.twig
View file

@ -32,7 +32,7 @@
</th>
<th>
Catégories
<form class="form-inline mt-1" method="POST" action="{{ path('formations.findallcontain', {champ:'id', table:'categories'}) }}">
<form class="form-inline mt-1" method="POST" action="{{ path('admin.formations.findallcontain', {champ:'id', table:'categories'}) }}">
<select class="form-select form-select-sm" name="recherche" id="recherche" onchange="this.form.submit()">
<option value=""></option>
{% for categorie in categories %}

28
templates/security/login.html.twig Normal file
View file

@ -0,0 +1,28 @@
{% extends 'base.html.twig' %}
{% block title %}Log in!{% endblock %}
{% block body %}
<form method="post">
{% if error %}
<div class="alert alert-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
{% endif %}
{% if app.user %}
<div class="mb-3">
You are logged in as {{ app.user.userIdentifier }}, <a href="{{ logout_path() }}">Logout</a>
</div>
{% endif %}
<h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
<label for="inputUsername">Username</label>
<input type="text" value="{{ last_username }}" name="username" id="inputUsername" class="form-control" autocomplete="username" required autofocus>
<label for="inputPassword">Password</label>
<input type="password" name="password" id="inputPassword" class="form-control" autocomplete="current-password" required>
<input type="hidden" name="_csrf_token" data-controller="csrf-protection" value="{{ csrf_token('authenticate') }}">
<button class="btn btn-lg btn-primary" type="submit">
Sign in
</button>
</form>
{% endblock %}