src/Controller/DefaultController.php line 53

Open in your IDE?
  1. <?php
  3. namespace MedBrief\MSR\Controller;
  5. use DateTime;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Exception;
  8. use MedBrief\MSR\Controller\BaseController as Controller;
  9. use MedBrief\MSR\Entity\Analytics\AnalyticsReport;
  10. use MedBrief\MSR\Entity\Invitation;
  11. use MedBrief\MSR\Entity\Project;
  12. use MedBrief\MSR\Entity\RoleInvitation;
  13. use MedBrief\MSR\Entity\User;
  14. use MedBrief\MSR\Form\ChangePasswordFormType;
  15. use MedBrief\MSR\Form\Filter\MatterFilterType;
  16. use MedBrief\MSR\Form\Order\MatterOrderType;
  17. use MedBrief\MSR\Repository\ProjectRepository;
  18. use MedBrief\MSR\Repository\RoleInvitationRepository;
  19. use MedBrief\MSR\Repository\SystemNotificationRepository;
  20. use MedBrief\MSR\Service\Analytics\AnalyticsService;
  21. use MedBrief\MSR\Service\Analytics\Model\AnalyticsEmbeddedReport;
  22. use MedBrief\MSR\Service\DeviceDetectorService;
  23. use MedBrief\MSR\Service\EntityHelper\ProjectHelper;
  24. use MedBrief\MSR\Service\EntityHelper\UserHelper;
  25. use MedBrief\MSR\Service\LicenceRenewal\RenewalHelperService;
  26. use MedBrief\MSR\Service\ProjectMatch\MatchExpertUser;
  27. use MedBrief\MSR\Service\Role\RoleParserService;
  28. use MedBrief\MSR\Service\Security\GeneralSecurityService;
  29. use MedBrief\MSR\Traits\PaginatorAwareTrait;
  30. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
  31. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
  32. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  33. use Symfony\Component\HttpFoundation\Cookie;
  34. use Symfony\Component\HttpFoundation\JsonResponse;
  35. use Symfony\Component\HttpFoundation\RedirectResponse;
  36. use Symfony\Component\HttpFoundation\Request;
  37. use Symfony\Component\HttpFoundation\Response;
  38. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  39. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  40. use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
  41. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  43. class DefaultController extends Controller
  44. {
  45. use PaginatorAwareTrait;
  47. /**
  48. * When the user navigates to the MedBrief home page, if they are logged in, then we
  49. * log them out. We then redirect to login. This is per Steve England's
  50. * request that for security purposes, when the landing page is hit, we log
  51. * users out.
  52. */
  53. public function indexAction(): JsonResponse|RedirectResponse
  54. {
  55. // if the user is currently logged in
  56. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  57. // Forward to the dashboard. We used to log the user out but this caused more problems than it solved.
  58. return $this->redirectWithAjaxSupport($this->generateUrl('infology_medbrief_dashboard'));
  59. }
  61. // if we have a redirect page specified in the parameters
  62. $redirectUrl = $this->getParameter('root_page_redirect_url');
  63. if ($redirectUrl) {
  64. // redirect the user to it
  65. return $this->redirectWithAjaxSupport($redirectUrl);
  66. }
  67. // otherwise just sent them to login
  68. return $this->redirectWithAjaxSupport($this->generateUrl('login'));
  69. }
  71. /**
  72. * @param EntityManagerInterface $entityManager
  73. * @param AnalyticsService $analyticsService
  74. * @param UserHelper $userHelper
  75. * @param ProjectRepository $projectRepository
  76. * @param RoleInvitationRepository $roleInvitationRepository
  77. * @param SystemNotificationRepository $systemNotificationRepository
  78. * @param RoleParserService $roleParser
  79. * @param RenewalHelperService $renewalHelperService
  80. * @param Request $request
  81. * @param ProjectHelper $projectHelper
  82. * @param MatchExpertUser $matchExpertUserService
  83. * @param GeneralSecurityService $generalSecurityService
  84. *
  85. * @throws Exception
  86. *
  87. */
  88. public function dashboardAction(
  89. AnalyticsService $analyticsService,
  90. UserHelper $userHelper,
  91. ProjectRepository $projectRepository,
  92. RoleInvitationRepository $roleInvitationRepository,
  93. SystemNotificationRepository $systemNotificationRepository,
  94. RoleParserService $roleParser,
  95. RenewalHelperService $renewalHelperService,
  96. ProjectHelper $projectHelper,
  97. MatchExpertUser $matchExpertUserService,
  98. Request $request,
  99. GeneralSecurityService $generalSecurityService
  100. ): JsonResponse|RedirectResponse|Response {
  102. // Get the response message from url if we have one from the (match expert) complete profile confirm button.
  103. $responseMessage = $request->query->get('message', null);
  104. $referrer = $request->headers->get('referer');
  106. if ($responseMessage && $generalSecurityService->isRequestFromMedBrief($referrer)) {
  107. $this->addFlash('success', $responseMessage);
  108. }
  110. // Redirect to pending invitations page if User has pending role invitations.
  111. if ($this->userHasPendingInvitations()) {
  112. return $this->redirectWithAjaxSupport($this->pendingInvitationsUrlWithoutFlash());
  113. }
  115. /** @var User $user */
  116. $user = $this->getUser();
  117. $userHelper->setUser($user);
  119. // If the user has 2FA enabled and is rate limited, redirect them to the login page.
  120. if ($user->hasMultiMfaEnabled() && $request->getSession()->has('rateLimited')) {
  121. $this->addFlash('danger', 'You have entered the incorrect authentication code too many times. Please try again in fifteen minutes.');
  122. return $this->redirectToRoute('logout');
  123. }
  125. // If the user has 2FA enabled and their IP Address has been blacklisted, redirect them to the login page.
  126. if ($user->hasMultiMfaEnabled() && $request->getSession()->has('ipBlacklisted')) {
  127. $this->addFlash('danger', 'You have entered the incorrect authentication code too many times from this IP Address. Please try again in fifteen minutes.');
  128. return $this->redirectToRoute('logout');
  129. }
  131. $analyticsEmbeddedReport = $analyticsService->generateAnalyticsEmbeddedReport($user, AnalyticsReport::REPORT_TYPE_DASHBOARD);
  133. // We use this to determine if we should display the 'Explore Analytics' button.
  134. $analyticsEmbeddedReportMain = $analyticsService->generateAnalyticsEmbeddedReport($user, AnalyticsReport::REPORT_TYPE_MAIN);
  136. $recentlyViewedProjects = $this->getRecentlyViewedProjects($projectRepository, $userHelper, $projectHelper, $matchExpertUserService, false)['projects'];
  137. $favouriteProjects = $this->getFavouriteProjects($projectHelper, $matchExpertUserService, false)['projects'];
  138. $recentlyAcceptedProjects = $this->getRecentlyAcceptedProjects($roleInvitationRepository, $roleParser, $projectHelper, $matchExpertUserService, false)['projects'];
  140. $recentlyViewedProjectCount = count($recentlyViewedProjects);
  141. $favouritesCount = count($favouriteProjects);
  142. $recentlyAcceptedCount = count($recentlyAcceptedProjects);
  143. // Fetch renewal projects and filter by active licence renewal terms to get accurate count
  144. $renewalProjectsForCount = $projectRepository->findRenewalsDueWithin30DaysForUser($userHelper);
  145. $eligibleRenewalProjects = $this->getEligibleRenewalProjects($renewalProjectsForCount, $renewalHelperService);
  146. $renewalsCount = count($eligibleRenewalProjects);
  148. // Create a combined array of all unique Projects fetched in this controller action.
  149. $uniqueProjects = array_unique(array_merge(
  150. $recentlyViewedProjects,
  151. $favouriteProjects,
  152. $recentlyAcceptedProjects,
  153. ));
  155. $grossTotalProjectsCount = count($uniqueProjects);
  157. // All Projects that have a renewal date
  158. $eligibleProjects = $this->getEligibleRenewalProjects($uniqueProjects, $renewalHelperService);
  160. // Get the latest active system notification
  161. $systemNotification = $systemNotificationRepository->findLatestSystemNotification();
  163. /**
  164. * Create a form we will use to allow the user to Filter this list
  165. */
  166. $filterForm = $this->createForm(MatterFilterType::class, null, [
  167. 'userHelper' => $userHelper,
  168. 'em' => $this->getDoctrine()->getManager(),
  169. ]);
  171. // Create and user a form to order this list
  172. $orderForm = $this->createForm(MatterOrderType::class);
  174. $isExpert = $user->isExpertOnly() || $user->isExpertViewerOnly();
  176. // Order A applies to all user roles, excluding the two expert user roles
  177. // Order B applies to the two expert user roles only
  178. $tabOrder = $isExpert ? 'order-b' : 'order-a';
  180. return $this->renderTurbo('Default/dashboard.html.twig', [
  181. 'eligibleProjectsToDisplayRenewalDate' => $eligibleProjects,
  182. 'filterForm' => $filterForm->createView(),
  183. 'orderForm' => $orderForm->createView(),
  184. 'systemNotification' => $systemNotification,
  185. 'analyticsEmbeddedReport' => $analyticsEmbeddedReport,
  186. 'analyticsEmbeddedReportMain' => $analyticsEmbeddedReportMain,
  187. 'recentlyViewedCount' => $recentlyViewedProjectCount,
  188. 'recentlyAcceptedCount' => $recentlyAcceptedCount,
  189. 'favouritesCount' => $favouritesCount,
  190. 'renewalsCount' => $renewalsCount,
  191. 'grossTotalProjectsCount' => $grossTotalProjectsCount,
  192. 'tabOrder' => $tabOrder,
  193. 'isExpert' => $isExpert,
  195. ]);
  196. }
  198. /**
  199. * List Matters most recently viewed
  200. *
  201. * @Template("Default/Partials/viewedTab.html.twig")
  202. *
  203. * @param RoleInvitationRepository $roleInvitationRepository
  204. * @param RoleParserService $roleParser
  205. * @param UserHelper $userHelper
  206. * @param ProjectRepository $projectRepository
  207. * @param RenewalHelperService $renewalHelperService
  208. * @param ProjectHelper $projectHelper
  209. * @param MatchExpertUser $matchExpertUserService
  210. *
  211. * @throws Exception
  212. *
  213. */
  214. public function dashboardViewedAjaxAction(
  215. UserHelper $userHelper,
  216. ProjectRepository $projectRepository,
  217. RenewalHelperService $renewalHelperService,
  218. MatchExpertUser $matchExpertUserService,
  219. ProjectHelper $projectHelper,
  220. ): JsonResponse|RedirectResponse|array {
  221. // Redirect to pending invitations page if User has pending role invitations.
  222. if ($this->userHasPendingInvitations()) {
  223. return $this->redirectWithAjaxSupport($this->pendingInvitationsUrlWithFlash());
  224. }
  226. $userHelper->setUser($this->getUser());
  228. $recentlyViewed = $this->getRecentlyViewedProjects($projectRepository, $userHelper, $projectHelper, $matchExpertUserService);
  229. $recentlyViewedProjects = $recentlyViewed['projects'];
  230. $userType = $recentlyViewed['userType'];
  232. // Return if no qualifying Projects
  233. if ($recentlyViewedProjects === []) {
  234. return [
  235. 'blurb' => 'You do not have any recently viewed matters.',
  236. ];
  237. }
  239. // All Projects that have a renewal date
  240. $eligibleProjects = $this->getEligibleRenewalProjects($recentlyViewedProjects, $renewalHelperService);
  242. return [
  243. 'projects' => $recentlyViewedProjects,
  244. 'eligibleProjectsToDisplayRenewalDate' => $eligibleProjects,
  245. 'blurb' => 'Most recently viewed matters (up to 20).',
  246. 'userType' => $userType,
  247. ];
  249. }
  251. /**
  252. * List the User's favourite Matters
  253. *
  254. * @Template("Default/Partials/favouritesTab.html.twig")
  255. *
  256. * @param Request $request
  257. * @param RenewalHelperService $renewalHelperService
  258. * @param ProjectHelper $projectHelper
  259. * @param MatchExpertUser $matchExpertUserService
  260. *
  261. * @throws Exception
  262. */
  263. public function dashboardFavouritesAjaxAction(Request $request, RenewalHelperService $renewalHelperService, ProjectHelper $projectHelper, MatchExpertUser $matchExpertUserService): JsonResponse|RedirectResponse|array
  264. {
  265. // Redirect to pending invitations page if User has pending role invitations.
  266. if ($this->userHasPendingInvitations()) {
  267. return $this->redirectWithAjaxSupport($this->pendingInvitationsUrlWithFlash());
  268. }
  270. $favouriteProjectsArray = $this->getFavouriteProjects($projectHelper, $matchExpertUserService);
  271. $favouriteProjects = $favouriteProjectsArray['projects'];
  272. $userType = $favouriteProjectsArray['userType'];
  274. // Return if no qualifying Projects
  275. if ($favouriteProjects === []) {
  276. return [
  277. 'blurb' => 'You do not have any matters added as a favourite.',
  278. ];
  279. }
  281. // All favourite Projects that have a renewal date
  282. $eligibleProjects = $this->getEligibleRenewalProjects($favouriteProjects, $renewalHelperService);
  283. $projectCount = count($favouriteProjects);
  284. $blurbText = $projectCount === 1 ? '1 Matter added as a favourite.' : sprintf('%d %s', $projectCount, 'Matters added as a favourite.');
  286. // Paginate with a specific page and limit
  287. $pagination = $this->paginator->paginate(
  288. $favouriteProjects, // the array to paginate
  289. $request->query->getInt('page', 1), // current page number, default is 1
  290. 10 // items per page
  291. );
  293. return [
  294. 'pagination' => $pagination,
  295. 'totalProjectCount' => $projectCount,
  296. 'eligibleProjectsToDisplayRenewalDate' => $eligibleProjects,
  297. 'blurb' => $blurbText,
  298. 'userType' => $userType,
  299. ];
  300. }
  302. /**
  303. * List Matters accepted in the past 30 days
  304. *
  305. * @Template("Default/Partials/invitationsTab.html.twig")
  306. *
  307. * @param Request $request
  308. * @param RoleInvitationRepository $roleInvitationRepository
  309. * @param RoleParserService $roleParser
  310. * @param RenewalHelperService $renewalHelperService
  311. * @param ProjectHelper $projectHelper
  312. * @param MatchExpertUser $matchExpertUserService
  313. *
  314. * @throws Exception
  315. */
  316. public function dashboardInvitationsAjaxAction(
  317. Request $request,
  318. RoleInvitationRepository $roleInvitationRepository,
  319. RoleParserService $roleParser,
  320. RenewalHelperService $renewalHelperService,
  321. MatchExpertUser $matchExpertUserService,
  322. ProjectHelper $projectHelper
  323. ): JsonResponse|RedirectResponse|array {
  324. // Redirect to pending invitations page if User has pending role invitations.
  325. if ($this->userHasPendingInvitations()) {
  326. return $this->redirectWithAjaxSupport($this->pendingInvitationsUrlWithFlash());
  327. }
  329. $recentlyAcceptedArray = $this->getRecentlyAcceptedProjects($roleInvitationRepository, $roleParser, $projectHelper, $matchExpertUserService);
  330. $recentlyAccepted = $recentlyAcceptedArray['projects'];
  331. $userType = $recentlyAcceptedArray['userType'];
  333. // Return if no qualifying Projects
  334. if ($recentlyAccepted === []) {
  335. return [
  336. 'blurb' => 'You have not accepted any invitations in the last 30 days.',
  337. ];
  338. }
  340. // All recently accepted Projects that have a renewal date
  341. $eligibleProjects = $this->getEligibleRenewalProjects($recentlyAccepted, $renewalHelperService);
  342. $projectCount = count($recentlyAccepted);
  343. $blurbText = $projectCount === 1 ? '1 Invitation accepted in the last 30 days.' : sprintf('%d %s', $projectCount, 'Invitations accepted in the last 30 days.');
  345. // Paginate with a specific page and limit
  346. $pagination = $this->paginator->paginate(
  347. $recentlyAccepted, // the array to paginate
  348. $request->query->getInt('page', 1), // current page number, default is 1
  349. 10 // items per page
  350. );
  352. return [
  353. 'pagination' => $pagination,
  354. 'totalProjectCount' => $projectCount,
  355. 'eligibleProjectsToDisplayRenewalDate' => $eligibleProjects,
  356. 'blurb' => $blurbText,
  357. 'userType' => $userType,
  358. ];
  359. }
  361. /**
  362. * List Matters due for renewal
  363. *
  364. * @Template("Default/Partials/renewalsTab.html.twig")
  365. *
  366. * @param Request $request
  367. * @param ProjectRepository $projectRepository
  368. * @param UserHelper $userHelper
  369. * @param ProjectHelper $projectHelper
  370. * @param MatchExpertUser $matchExpertUserService
  371. * @param RenewalHelperService $renewalHelperService
  372. *
  373. * @return array
  374. */
  375. public function dashboardRenewalsAjaxAction(Request $request, ProjectRepository $projectRepository, UserHelper $userHelper, ProjectHelper $projectHelper, MatchExpertUser $matchExpertUserService, RenewalHelperService $renewalHelperService): RedirectResponse|array
  376. {
  377. // Redirect to pending invitations page if User has pending role invitations.
  378. if ($this->userHasPendingInvitations()) {
  379. return $this->redirect($this->pendingInvitationsUrlWithFlash());
  380. }
  382. $userHelper->setUser($this->getUser());
  384. // All Projects that are due for renewal within the next 30 days
  385. $renewalProjects = $projectRepository->findRenewalsDueWithin30DaysForUser($userHelper);
  387. // Filter out projects whose accounts no longer have active licence renewal terms.
  388. // Use array_values(array_filter()) instead of getEligibleRenewalProjects() to preserve
  389. // the DB query's nextRenewalDate ASC sort order (soonest renewals first).
  390. $renewalProjects = array_values(array_filter(
  391. $renewalProjects,
  392. fn (Project $project): ?bool => $renewalHelperService->isMatterEligibleForRenewal($project)
  393. ));
  395. $projectCount = count($renewalProjects);
  396. $blurbText = $projectCount === 1 ? '1 Matter due for renewal within the next 30 days.' : sprintf('%d %s', $projectCount, 'Matters due for renewal within the next 30 days.');
  398. // Return if no qualifying Projects
  399. if (empty($renewalProjects)) {
  400. return [
  401. 'blurb' => 'There are no matters due for renewal in the next 30 days.',
  402. ];
  403. }
  405. // Paginate with a specific page and limit
  406. $pagination = $this->paginator->paginate(
  407. $renewalProjects, // the array to paginate
  408. $request->query->getInt('page', 1), // current page number, default is 1
  409. 10 // items per page
  410. );
  412. // Determine user type for displaying unread message counts (firm/expert)
  413. $userType = $matchExpertUserService->getUserType($this->getUser());
  414. // This sets the unread message counts on each Project entity
  415. $projectHelper->setUnreadMessageCount(iterator_to_array($pagination), $userType, $this->getUser());
  417. return [
  418. 'pagination' => $pagination,
  419. 'totalProjectCount' => $projectCount,
  420. 'eligibleProjectsToDisplayRenewalDate' => $renewalProjects,
  421. 'blurb' => $blurbText,
  422. 'userType' => $userType,
  423. ];
  424. }
  426. /**
  427. * @Template("Default/analytics.html.twig")
  428. *
  429. * @Security("is_granted('IS_AUTHENTICATED_REMEMBERED')")
  430. *
  431. * @param AnalyticsService $analyticsService
  432. */
  433. public function analyticsAction(AnalyticsService $analyticsService): RedirectResponse|array
  434. {
  435. $analyticsEmbeddedReport = $analyticsService->generateAnalyticsEmbeddedReport($this->getUser(), AnalyticsReport::REPORT_TYPE_MAIN);
  436. if (!$analyticsEmbeddedReport instanceof AnalyticsEmbeddedReport) {
  437. $this->addFlash('warning', 'No Analytics Report for this case');
  438. return $this->redirectToRoute('infology_medbrief_dashboard');
  439. }
  440. return [
  441. 'analyticsEmbeddedReport' => $analyticsEmbeddedReport,
  442. ];
  443. }
  445. /**
  446. * This action is the click through from the email that is sent to a user asking
  447. * them to finalise their registration in order to enable their account
  448. *
  449. * @Template("Default/enableAccount.html.twig")
  450. *
  451. * @param Request $request
  452. * @param TokenStorageInterface $tokenStorage
  453. * @param EventDispatcherInterface $eventDispatcher
  454. * @param EntityManagerInterface $entityManager
  455. * @param UserPasswordEncoderInterface $userPasswordEncoder
  456. * @param UserHelper $userHelper
  457. *
  458. * @throws Exception
  459. */
  460. public function enableAccountAction(
  461. Request $request,
  462. TokenStorageInterface $tokenStorage,
  463. EventDispatcherInterface $eventDispatcher,
  464. EntityManagerInterface $entityManager,
  465. UserPasswordEncoderInterface $userPasswordEncoder,
  466. UserHelper $userHelper
  467. ): RedirectResponse|array {
  468. // if the user is logged in
  469. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  470. // log them out
  471. $tokenStorage->setToken();
  472. $request->getSession()->invalidate();
  474. // redirect them back here
  475. return $this->redirect($request->getRequestUri());
  476. }
  478. // grab the invitation code from the URL
  479. $invitationCode = $request->query->get('i');
  481. // if none was provided, we have a problem
  482. if (empty($invitationCode)) {
  483. throw $this->createNotFoundException('Invitation could not be found.');
  484. }
  486. // try to find a matching invitation
  487. $invitation = $this->getDoctrine()->getRepository(Invitation::class)->findOneByCode($invitationCode);
  489. // if we cant find one, we have a problem
  490. if (!$invitation) {
  491. throw $this->createNotFoundException('Unable to find Invitation.');
  492. }
  494. // try to find a user who matches this invitation
  495. $matchingUser = $entityManager->getRepository(User::class)
  496. ->findOneByEmail($invitation->getEmail())
  497. ;
  499. if (!$matchingUser) {
  500. throw $this->createNotFoundException('Unable to find User.');
  501. }
  503. // if the user is already enabled, then we assume this invitation has been processed already
  504. if ($matchingUser->isEnabled()) {
  505. return $this->redirectToRoute('infology_medbrief_invitation_already_processed');
  506. }
  508. // if we get here then we have found a user who is not yet enabled and may now complete their registration
  509. $form = $this->createForm(ChangePasswordFormType::class, $matchingUser, [
  510. 'action' => $this->generateUrl('infology_medbrief_user_complete_registration', ['id' => $matchingUser->getId()]),
  511. ]);
  513. $form->handleRequest($request);
  515. if ($form->isSubmitted() && $form->isValid()) {
  517. // Accept the Medbrief policies
  518. $userHelper->acceptDeclineMedbriefPolicies($matchingUser);
  520. $encodedPassword = $userPasswordEncoder->encodePassword(
  521. $matchingUser,
  522. $form->get('plainPassword')->getData()
  523. );
  525. // Set the password
  526. $matchingUser->setPassword($encodedPassword);
  528. // set the user enabled now
  529. $matchingUser->setEnabled(true);
  530. $entityManager->flush();
  532. // log the user in
  533. $token = new PostAuthenticationGuardToken($matchingUser, 'main', $matchingUser->getRoles());
  534. $tokenStorage->setToken($token); //now the user is logged in
  536. //now dispatch the login event
  537. $eventDispatcher->dispatch(
  538. new InteractiveLoginEvent($request, $token),
  539. 'security.interactive_login'
  540. );
  542. // Determine if th user requires 2FA to be enabled (if they don't already) and store it in the session
  543. // to prevent navigating to any part of the site, except the 2FA enable page, or logout page.
  544. // @see MedBrief\MSR\EventSubscriber\Enforce2FASubscriber
  545. /** @var User $user */
  546. $user = $this->getUser();
  547. $userHelper->setUser($user);
  549. if ($userHelper->twoFactoryAuthEnabledUser() && !$user->hasMultiMfaEnabled()) {
  550. $request->getSession()->set('enforce-two-factor-authentication-detail', [
  551. '2faRequired' => true,
  552. 'targetPath' => null,
  553. ]);
  555. return $this->redirectToRoute('mfa_enable_force');
  556. }
  558. // If the user has 2FA enabled and is rate limited, redirect them to the login page.
  559. if ($user->hasMultiMfaEnabled() && $request->getSession()->has('rateLimited')) {
  560. $this->addFlash('danger', 'You have entered the incorrect authentication code too many times. Please try again in five minutes.');
  561. return $this->redirectToRoute('logout');
  562. }
  564. // If the user has 2FA enabled and their IP Address has been blacklisted, redirect them to the login page.
  565. if ($user->hasMultiMfaEnabled() && $request->getSession()->has('ipBlacklisted')) {
  566. $this->addFlash('danger', 'You have entered the incorrect authentication code too many times from this IP address. Please try again in fifteen minutes.');
  567. return $this->redirectToRoute('logout');
  568. }
  570. return $this->redirectToRoute('infology_medbrief_dashboard');
  571. }
  573. return [
  574. 'user' => $matchingUser,
  575. 'form' => $form->createView(),
  576. ];
  577. }
  579. /**
  580. * Is the user logged in?
  581. *
  582. *
  583. *
  584. * @param Request $request
  585. *
  586. * @return JsonResponse 1/0
  587. */
  588. public function isUserLoggedInAction(Request $request)
  589. {
  590. // if the user is currently logged in
  591. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  592. return new JsonResponse(['status' => 1], 200);
  593. }
  595. return new JsonResponse(['status' => 0], 200);
  596. }
  598. /**
  599. * Refresh the session upon user wishing to remain logged in.
  600. *
  601. *
  602. *
  603. * @param Request $request
  604. *
  605. * @return JsonResponse
  606. */
  607. public function refreshSessionAction(Request $request)
  608. {
  609. // if the user is currently logged in
  610. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  611. // Extend the session
  612. try {
  613. $cookie_lifetime = ini_get('session.cookie_lifetime');
  614. if ($cookie_lifetime === false || $cookie_lifetime === '') {
  615. throw new Exception('session.cookie_lifetime not found!');
  616. }
  618. $lifeTime = (int) $cookie_lifetime;
  619. } catch (Exception) {
  620. $lifeTime = $request->getSession()->getMetadataBag()->getLifetime();
  621. }
  622. $request->getSession()->getMetadataBag()->stampNew($lifeTime);
  624. $now = new DateTime();
  625. $expire = $request->getSession()->getMetadataBag()->getCreated() + $request->getSession()->getMetadataBag()->getLifetime();
  627. $response = new JsonResponse([
  628. 'sessionExpire' => $expire,
  629. ]);
  630. $sessionName = $this->getParameter('session.name');
  631. $sessionCookieValue = $request->cookies->get($sessionName);
  632. $sessionCookie = Cookie::create($sessionName, $sessionCookieValue, $expire);
  633. $response->headers->setCookie($sessionCookie);
  635. return $response;
  636. }
  637. return new JsonResponse([], 404);
  638. }
  640. /**
  641. * Refresh the session upon user wishing to remain logged in.
  642. *
  643. *
  644. *
  645. * @param Request $request
  646. *
  647. * @return JsonResponse
  648. */
  649. public function refreshUserSessionAction(Request $request)
  650. {
  651. // if the user is currently logged in
  652. if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
  653. // Expiration time
  654. $expire = time() + (20 * 60 * 1000);
  656. return new JsonResponse([
  657. 'sessionExpire' => $expire,
  658. ]);
  659. }
  660. return new JsonResponse(['status' => 0], Response::HTTP_FORBIDDEN);
  661. }
  663. /**
  664. * Redirect the user to the login page with a message
  665. *
  666. * Used by the session timeout feature to logout inactive users while preserving
  667. * the return URL so they can resume where they left off after logging back in.
  668. *
  669. * @param Request $request
  670. */
  671. public function userInactivityLoginRedirectAction(Request $request): RedirectResponse
  672. {
  673. $this->addFlash('warning', 'You have been automatically logged out due to inactivity');
  675. // Get the return URL from the query parameter (passed from JavaScript)
  676. $returnUrl = $request->query->get('returnUrl');
  678. // Note: Uses 'logout' route (not legacy 'fos_user_security_logout' which no longer exists)
  679. $response = $this->redirectToRoute('logout');
  681. // Store return URL in a cookie that survives logout (session is cleared on logout)
  682. // The login authenticator will read this cookie and redirect after successful login
  683. if ($returnUrl) {
  684. $response->headers->setCookie(
  685. new Cookie(
  686. 'inactivity_return_url',
  687. $returnUrl,
  688. time() + 3600, // 1 hour expiry
  689. '/',
  690. null,
  691. $request->isSecure(),
  692. true, // httpOnly
  693. false,
  694. Cookie::SAMESITE_LAX
  695. )
  696. );
  697. }
  699. return $response;
  700. }
  702. /**
  703. * Helper function which determines if the user is using a deprecated browser.
  704. *
  705. *
  706. *
  707. * @param Request $request
  708. * @param DeviceDetectorService $deviceDetector
  709. *
  710. * @return bool
  711. */
  712. protected function isDeprecatedBrowser(Request $request, DeviceDetectorService $deviceDetector)
  713. {
  714. $dci = $deviceDetector->getClientInfoFromRequest($request);
  716. if (is_array($dci)) {
  717. // Check if the browser matches IE10 or lower (which we won't support in future).
  718. return $dci['type'] === 'browser' && $dci['short_name'] === 'IE' && floor($dci['version']) <= 10;
  719. }
  721. // If we didn't get an array of results, this is probably an automated action
  722. return true;
  723. }
  725. /**
  726. * Helper function to determine whether the User has any pending Role Invitations
  727. */
  728. private function userHasPendingInvitations(): bool
  729. {
  730. return $this->getUser()->hasUnsuppressedRoleInvitationsPendingApproval();
  731. }
  733. /**
  734. * Generate the Url to the role invitation listing page and
  735. * add a flash message to current session
  736. */
  737. private function pendingInvitationsUrlWithFlash(): string
  738. {
  739. $this->addFlash('info', 'You have pending invitations. Before you continue, please accept or decline all of your invitations.');
  741. return $this->generateUrl('infology_medbrief_role_invitation_list_pending');
  742. }
  744. /**
  745. * Generate the Url to the role invitation listing page without adding a flash message to current session
  746. * Used for AJAX calls where we want to redirect the user but not show a flash message as well
  747. */
  748. private function pendingInvitationsUrlWithoutFlash(): string
  749. {
  750. return $this->generateUrl('infology_medbrief_role_invitation_list_pending');
  751. }
  753. /**
  754. * Get all Projects the User has recently viewed
  755. *
  756. * @param ProjectRepository $projectRepository
  757. * @param UserHelper $userHelper
  758. * @param ProjectHelper $projectHelper
  759. * @param int $limit
  760. * @param bool $calculateUnreadMessages
  761. * @param MatchExpertUser $matchExpertUserService
  762. *
  763. * @return array ['projects' => Project[], 'userType' => string|null]
  764. */
  765. private function getRecentlyViewedProjects(
  766. ProjectRepository $projectRepository,
  767. UserHelper $userHelper,
  768. ProjectHelper $projectHelper,
  769. MatchExpertUser $matchExpertUserService,
  770. bool $calculateUnreadMessages = true,
  771. int $limit = 20
  772. ): array {
  773. $projects = $projectRepository->findRecentlyAccessedByUser($userHelper, $limit);
  774. // if calculating unread messages, set them on each Project entity
  775. if ($calculateUnreadMessages) {
  776. // Determine user type for displaying unread message counts (firm/expert)
  777. $userType = $matchExpertUserService->getUserType($this->getUser());
  778. // This sets the unread message counts on each Project entity
  779. $projectHelper->setUnreadMessageCount(iterator_to_array($projects), $userType, $userHelper->getUser());
  780. return ['projects' => $projects, 'userType' => $userType];
  781. }
  782. return ['projects' => $projects, 'userType' => null];
  783. }
  785. /**
  786. * Get all Projects the User has recently accepted
  787. *
  788. * @param RoleInvitationRepository $roleInvitationRepository
  789. * @param RoleParserService $roleParser
  790. * @param ProjectHelper $projectHelper
  791. * @param bool $calculateUnreadMessages
  792. * @param MatchExpertUser $matchExpertUserService
  793. *
  794. * @return array ['projects' => Project[], 'userType' => string|null]
  795. */
  796. private function getRecentlyAcceptedProjects(RoleInvitationRepository $roleInvitationRepository, RoleParserService $roleParser, ProjectHelper $projectHelper, MatchExpertUser $matchExpertUserService, bool $calculateUnreadMessages = true): array
  797. {
  798. /**
  799. * Not Accessed
  800. */
  801. $recentlyAccepted = $roleInvitationRepository->findLatestProjectRoleInvitationsByUser($this->getUser());
  803. // Map Role Invitations to obtain Projects via the RoleParserService
  804. $recentlyAccepted = array_map(fn (RoleInvitation $roleInvitation)
  805. => $roleParser->parseRole($roleInvitation)->getSubject(), $recentlyAccepted);
  807. // Filter out Projects with any type of deleted or archived status
  808. $recentlyAccepted = array_filter($recentlyAccepted, fn ($project): bool => !$project->isCloseInProgressOrComplete());
  810. // if calculating unread messages, set them on each Project entity
  811. if ($calculateUnreadMessages) {
  812. // Determine user type for displaying unread message counts (firm/expert)
  813. $userType = $matchExpertUserService->getUserType($this->getUser());
  814. // This sets the unread message counts on each Project entity
  815. $projectHelper->setUnreadMessageCount(iterator_to_array($recentlyAccepted), $userType, $this->getUser());
  816. return ['projects' => $recentlyAccepted, 'userType' => $userType];
  817. }
  819. return ['projects' => $recentlyAccepted, 'userType' => null];
  820. }
  822. /**
  823. * Get all the User's favourite Projects
  824. *
  825. * @param ProjectHelper $projectHelper
  826. * @param bool $calculateUnreadMessages
  827. * @param MatchExpertUser $matchExpertUserService
  828. *
  829. * @return array ['projects' => Project[], 'userType' => string|null]
  830. */
  831. private function getFavouriteProjects(ProjectHelper $projectHelper, MatchExpertUser $matchExpertUserService, bool $calculateUnreadMessages = true): array
  832. {
  833. $favouriteProjects = $this->getUser()->getFavouriteProjects()->toArray();
  834. // Filter out deleted and archived Projects
  835. $favouriteProjects = array_filter($favouriteProjects, fn ($project): bool => !$project->isDeleteStatusComplete() && !$project->isArchiveStatusComplete());
  837. // Converts favourite projects to project_id's and removes ones where access is no longer granted
  838. foreach ($favouriteProjects as $key => $project) {
  839. if (!$this->isGranted('READ', $project)) {
  840. unset($favouriteProjects[$key]);
  841. }
  842. }
  844. // if calculating unread messages, set them on each Project entity
  845. if ($calculateUnreadMessages) {
  846. // Determine user type for displaying unread message counts (firm/expert)
  847. $userType = $matchExpertUserService->getUserType($this->getUser());
  848. // This sets the unread message counts on each Project entity
  849. $projectHelper->setUnreadMessageCount(iterator_to_array($favouriteProjects), $userType, $this->getUser());
  850. return ['projects' => $favouriteProjects, 'userType' => $userType];
  851. }
  853. // TODO: create a UserProject Entity to store the date when the Project was favourited
  854. return ['projects' => $favouriteProjects, 'userType' => null];
  855. }
  857. /**
  858. * @param Project[] $projects
  859. * @param RenewalHelperService $renewalHelperService
  860. *
  861. * @return Projects[]|[]
  862. */
  863. private function getEligibleRenewalProjects(array $projects, RenewalHelperService $renewalHelperService): array
  864. {
  865. $eligibleProjectsToDisplayRenewalDate = array_filter($projects, fn ($project): ?bool => $renewalHelperService->isMatterEligibleForRenewal($project));
  867. return $this->sortProjectsByDateOrder($eligibleProjectsToDisplayRenewalDate, 'descending');
  868. }
  870. /**
  871. * Sort an array of Projects by their Updated date in specified order.
  872. *
  873. *
  874. *
  875. * @param array $projects
  876. * @param string $order
  877. *
  878. * @return array $projects
  879. */
  880. private function sortProjectsByDateOrder(array $projects, string $order = 'descending'): array
  881. {
  882. // Use usort to sort the array using the custom comparison function
  883. if ($order === 'descending') {
  884. usort($projects, self::compareByDateDescending(...));
  885. } else {
  886. usort($projects, self::compareByDateAscending(...));
  887. }
  889. return $projects;
  890. }
  892. /**
  893. * Callback function for the comparison of two Projects by Updated date Descending.
  894. *
  895. * @param Project $project1
  896. * @param Project $project2
  897. */
  898. private function compareByDateDescending($project1, $project2): bool
  899. {
  900. $date1 = $project1->getUpdated();
  901. $date2 = $project2->getUpdated();
  902. return $date2 <=> $date1;
  903. }
  905. /**
  906. * Callback function for the comparison of two Projects by Updated date Ascending.
  907. *
  908. * @param Project $project1
  909. * @param Project $project2
  910. */
  911. private function compareByDateAscending($project1, $project2): bool
  912. {
  913. $date1 = $project1->getUpdated();
  914. $date2 = $project2->getUpdated();
  915. return $date1 <=> $date2;
  916. }
  917. }