From 6d563bd8319afb0c2d5c55d934082ce7d48de2f6 Mon Sep 17 00:00:00 2001
From: samuel <Samuel.BERION@etu.uca.fr>
Date: Wed, 11 Jun 2025 16:17:43 +0200
Subject: [PATCH] Admin : routes access control for /users + possibility to
 extend elsewhere

---
 config/packages/security.yaml      |  1 +
 src/Controller/AdminController.php | 74 ++++++++++++++++++++++++++++++
 src/Controller/UserController.php  | 18 --------
 3 files changed, 75 insertions(+), 18 deletions(-)
 create mode 100644 src/Controller/AdminController.php

diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 9ebc483..0d566b9 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -41,6 +41,7 @@ security:
         - { path: ^/login, roles: PUBLIC_ACCESS }
         - { path: ^/register, roles: PUBLIC_ACCESS }
         - { path: ^/, roles: ROLE_USER }
+        - { path: ^/admin, roles: ROLE_ADMIN }
 
         
         
diff --git a/src/Controller/AdminController.php b/src/Controller/AdminController.php
new file mode 100644
index 0000000..0a11a6a
--- /dev/null
+++ b/src/Controller/AdminController.php
@@ -0,0 +1,74 @@
+<?php
+
+namespace App\Controller;
+
+use App\Entity\User;
+use App\Repository\UserRepository;
+use Doctrine\ORM\EntityManagerInterface;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
+
+#[Route('/admin', name: 'admin_users_')]
+#[IsGranted('ROLE_ADMIN')]
+class AdminController extends AbstractController
+{
+    private EntityManagerInterface $entityManager;
+    private UserPasswordHasherInterface $passwordHasher;
+
+    public function __construct(EntityManagerInterface $entityManager, UserPasswordHasherInterface $passwordHasher)
+    {
+        $this->entityManager = $entityManager;
+        $this->passwordHasher = $passwordHasher;
+    }
+
+    #[Route('/users', name: 'list', methods: ['GET'])]
+    public function getUserById(UserRepository $userRepository): JsonResponse
+    {
+        $users = $userRepository->findAll();
+
+        $data = array_map(function (User $user) {
+            return [
+                'id' => $user->getId(),
+                'username' => $user->getUsername(),
+                'roles' => $user->getRoles(),
+            ];
+        }, $users);
+
+        return $this->json($data);
+    }
+
+    #[Route('/users/add', name: 'add_user', methods: ['POST'])]
+    public function addUser(Request $request, UserPasswordHasherInterface $passwordHasher): JsonResponse
+    {
+        $data = json_decode($request->getContent(), true);
+
+        $username = $data['username'] ?? null;
+        $password = $data['password'] ?? null;
+        $roles = $data['roles'] ?? ['ROLE_USER'];
+
+        if (!$username || !$password) {
+            return $this->json(['error' => 'Missing username or password'], Response::HTTP_BAD_REQUEST);
+        }
+
+        $existingUser = $this->entityManager->getRepository(User::class)->findOneBy(['username' => $username]);
+        if ($existingUser) {
+            return $this->json(['error' => 'User already exists'], Response::HTTP_CONFLICT);
+        }
+
+        $user = new User();
+        $user->setUsername($username);
+        $user->setRoles($roles);
+        $user->setPassword($passwordHasher->hashPassword($user, $password));
+
+        $this->entityManager->persist($user);
+        $this->entityManager->flush();
+
+        return $this->json(['message' => 'User created successfully', 'id' => $user->getId()], Response::HTTP_CREATED);
+    }
+
+}
diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
index 98f1138..319d5b1 100644
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@@ -19,22 +19,4 @@ class UserController extends AbstractController
         $this->entityManager = $entityManager;
     }
 
-    #[Route('/{userId}', name: 'get_by_id', methods: ['GET'])]
-    public function getUserById(int $userId): JsonResponse
-    {
-        $user = $this->entityManager->getRepository(User::class)->find($userId);
-
-        if (!$user) {
-            return $this->json(['error' => 'User not found'], Response::HTTP_NOT_FOUND);
-        }
-
-        $data = [
-            'id' => $user->getId(),
-            'username' => $user->getUsername(),
-            'roles' => $user->getRoles(),
-        ];
-
-        return $this->json($data);
-    }
-
 }