Merge 83c7f8a into ad03e88

app/config/eccube/packages/eccube.yaml

@@ -60,3 +60,7 @@ parameters:
     product_order_price_lower: 1
     product_order_newer: 2
     product_order_price_higher: 3
+    password_min_len: 8
+    password_max_len: 32
+    auth_magic: '%env(ECCUBE_AUTH_MAGIC)%'
+    password_hash_algos: SHA256

src/Eccube/Controller/Admin/AdminController.php

@@ -24,12 +24,9 @@
 
 namespace Eccube\Controller\Admin;
 
-use Doctrine\ORM\EntityManager;
 use Doctrine\ORM\NoResultException;
 use Doctrine\ORM\Query\ResultSetMapping;
 use Doctrine\ORM\QueryBuilder;
-use Eccube\Annotation\Inject;
-use Eccube\Application;
 use Eccube\Common\Constant;
 use Eccube\Controller\AbstractController;
 use Eccube\Entity\Master\OrderStatus;
@@ -43,11 +40,9 @@
 use Eccube\Repository\MemberRepository;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
-use Symfony\Component\EventDispatcher\EventDispatcher;
 use Symfony\Component\Form\Form;
-use Symfony\Component\Form\FormFactory;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\Security\Core\Authorization\AuthorizationChecker;
+use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
 use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
 
@@ -56,15 +51,8 @@
  */
 class AdminController extends AbstractController
 {
-    public function __construct(EventDispatcher $eventDispatcher, AuthenticationUtils $helper, AuthorizationChecker $authorizationChecker)
-    {
-        $this->eventDispatcher = $eventDispatcher;
-        $this->helper = $helper;
-        $this->authorizationChecker = $authorizationChecker;
-    }
-
     /**
-     * @var AuthorizationChecker
+     * @var AuthorizationCheckerInterface
      */
     protected $authorizationChecker;
 
@@ -74,53 +62,48 @@ public function __construct(EventDispatcher $eventDispatcher, AuthenticationUtil
     protected $helper;
 
     /**
-     * @Inject(MemberRepository::class)
      * @var MemberRepository
      */
     protected $memberRepository;
 
-    /**
-     * @Inject("orm.em")
-     * @var EntityManager
-     */
-    protected $entityManager;
-
-    /**
-     * @Inject("config")
-     * @var array
-     */
-    protected $appConfig;
 
     /**
-     * @Inject("eccube.event.dispatcher")
-     * @var EventDispatcher
+     * @var EncoderFactoryInterface
      */
-    protected $eventDispatcher;
+    protected $encoderFactory;
 
-    /**
-     * @Inject("form.factory")
-     * @var FormFactory
-     */
-    protected $formFactory;
 
     /**
-     * @Inject("security.encoder_factory")
-     * @var EncoderFactoryInterface
+     * AdminController constructor.
+     * @param AuthorizationCheckerInterface $authorizationChecker
+     * @param AuthenticationUtils $helper
+     * @param MemberRepository $memberRepository
+     * @param EncoderFactoryInterface $encoderFactory
      */
-    protected $encoderFactory;
+    public function __construct(
+        AuthorizationCheckerInterface $authorizationChecker,
+        AuthenticationUtils $helper,
+        MemberRepository $memberRepository,
+        EncoderFactoryInterface $encoderFactory
+    ) {
+        $this->authorizationChecker = $authorizationChecker;
+        $this->helper = $helper;
+        $this->memberRepository = $memberRepository;
+        $this->encoderFactory = $encoderFactory;
+    }
 
     /**
      * @Route("/%admin_route%/login", name="admin_login")
      * @Template("@admin/login.twig")
      */
-    public function login(Application $app, Request $request)
+    public function login(Request $request)
     {
         if ($this->authorizationChecker->isGranted('ROLE_ADMIN')) {
-            return $this->redirect($this->generateUrl('admin_homepage'));
+            return $this->redirectToRoute('admin_homepage');
         }
 
         /* @var $form \Symfony\Component\Form\FormInterface */
-        $builder = $this->container->get('form.factory')->createNamedBuilder('', LoginType::class);
+        $builder = $this->formFactory->createNamedBuilder('', LoginType::class);
 
         $event = new EventArgs(
             array(
@@ -142,19 +125,19 @@ public function login(Application $app, Request $request)
      * @Route("/%admin_route%/", name="admin_homepage")
      * @Template("@admin/index.twig")
      */
-    public function index(Application $app, Request $request)
+    public function index(Request $request)
     {
         // install.phpのチェック.
-        if (isset($this->appConfig['eccube_install']) && $this->appConfig['eccube_install'] == 1) {
-            $file = $this->appConfig['root_dir'] . '/html/install.php';
+        if (isset($this->eccubeConfig['eccube_install']) && $this->eccubeConfig['eccube_install'] == 1) {
+            $file = $this->eccubeConfig['root_dir'] . '/html/install.php';
             if (file_exists($file)) {
-                $message = $app->trans('admin.install.warning', array('installphpPath' => 'html/install.php'));
-                $app->addWarning($message, 'admin');
+                $message = $this->translator->trans('admin.install.warning', array('installphpPath' => 'html/install.php'));
+                $this->addWarning($message, 'admin');
             }
-            $fileOnRoot = $this->appConfig['root_dir'] . '/install.php';
+            $fileOnRoot = $this->eccubeConfig['root_dir'] . '/install.php';
             if (file_exists($fileOnRoot)) {
-                $message = $app->trans('admin.install.warning', array('installphpPath' => 'install.php'));
-                $app->addWarning($message, 'admin');
+                $message = $this->translator->trans('admin.install.warning', array('installphpPath' => 'install.php'));
+                $this->addWarning($message, 'admin');
             }
         }
 
@@ -203,9 +186,9 @@ public function index(Application $app, Request $request)
         $excludes = $event->getArgument('excludes');
 
         // 受注ステータスごとの受注件数.
-        $Orders = $this->getOrderEachStatus($this->getDoctrine()->getManager(), $excludes);
+        $Orders = $this->getOrderEachStatus($this->entityManager, $excludes);
         // 受注ステータスの一覧.
-        $OrderStatuses = $this->findOrderStatus($this->getDoctrine()->getManager(), $excludes);
+        $OrderStatuses = $this->findOrderStatus($this->entityManager, $excludes);
 
         /**
          * 売り上げ状況
@@ -225,19 +208,19 @@ public function index(Application $app, Request $request)
         $excludes = $event->getArgument('excludes');
 
         // 今日の売上/件数
-        $salesToday = $this->getSalesByDay($this->getDoctrine()->getManager(), new \DateTime(), $excludes);
+        $salesToday = $this->getSalesByDay($this->entityManager, new \DateTime(), $excludes);
         // 昨日の売上/件数
-        $salesYesterday = $this->getSalesByDay($this->getDoctrine()->getManager(), new \DateTime('-1 day'), $excludes);
+        $salesYesterday = $this->getSalesByDay($this->entityManager, new \DateTime('-1 day'), $excludes);
         // 今月の売上/件数
-        $salesThisMonth = $this->getSalesByMonth($this->getDoctrine()->getManager(), new \DateTime(), $excludes);
+        $salesThisMonth = $this->getSalesByMonth($this->entityManager, new \DateTime(), $excludes);
 
         /**
          * ショップ状況
          */
         // 在庫切れ商品数
-        $countNonStockProducts = $this->countNonStockProducts($this->getDoctrine()->getManager());
+        $countNonStockProducts = $this->countNonStockProducts($this->entityManager);
         // 本会員数
-        $countCustomers = $this->countCustomers($this->getDoctrine()->getManager());
+        $countCustomers = $this->countCustomers($this->entityManager);
 
         $event = new EventArgs(
             array(
@@ -271,13 +254,12 @@ public function index(Application $app, Request $request)
      * パスワード変更画面
      *
      * @Route("/%admin_route%/change_password", name="admin_change_password")
-     * @Template("change_password.twig")
+     * @Template("@admin/change_password.twig")
      *
-     * @param Application $app
      * @param Request $request
-     * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
+     * @return \Symfony\Component\HttpFoundation\RedirectResponse|array
      */
-    public function changePassword(Application $app, Request $request)
+    public function changePassword(Request $request)
     {
         $builder = $this->formFactory
             ->createBuilder(ChangePasswordType::class);
@@ -294,7 +276,7 @@ public function changePassword(Application $app, Request $request)
         $form->handleRequest($request);
 
         if ($form->isSubmitted() && $form->isValid()) {
-            $Member = $app->user();
+            $Member = $this->getUser();
             $salt = $Member->getSalt();
             $password = $form->get('change_password')->getData();
 
@@ -322,9 +304,9 @@ public function changePassword(Application $app, Request $request)
             );
             $this->eventDispatcher->dispatch(EccubeEvents::ADMIN_ADMIN_CHANGE_PASSWORD_COMPLETE, $event);
 
-            $app->addSuccess('admin.change_password.save.complete', 'admin');
+            $this->addSuccess('admin.change_password.save.complete', 'admin');
 
-            return $app->redirect($app->url('admin_change_password'));
+            return $this->redirectToRoute('admin_change_password');
         }
 
         return [
@@ -337,11 +319,10 @@ public function changePassword(Application $app, Request $request)
      *
      * @Route("/%admin_route%/nonstock", name="admin_homepage_nonstock")
      *
-     * @param Application $app
      * @param Request $request
      * @return \Symfony\Component\HttpFoundation\Response
      */
-    public function searchNonStockProducts(Application $app, Request $request)
+    public function searchNonStockProducts(Request $request)
     {
         // 商品マスター検索用フォーム
         /* @var Form $form */
@@ -357,14 +338,18 @@ public function searchNonStockProducts(Application $app, Request $request)
             $session = $request->getSession();
             $session->set('eccube.admin.product.search', $searchData);
 
-            return $app->redirect($app->url('admin_product_page', array(
+            return $this->redirectToRoute('admin_product_page', array(
                 'page_no' => 1,
-                'status' => $this->appConfig['admin_product_stock_status'])));
+                'status' => $this->eccubeConfig['admin_product_stock_status']));
         }
-
-        return $app->redirect($app->url('admin_homepage'));
+        return $this->redirectToRoute('admin_homepage');
     }
 
+    /**
+     * @param $em
+     * @param array $excludes
+     * @return array
+     */
     protected function findOrderStatus($em, array $excludes)
     {
         /* @var $qb QueryBuilder */
@@ -379,6 +364,11 @@ protected function findOrderStatus($em, array $excludes)
             ->getResult();
     }
 
+    /**
+     * @param $em
+     * @param array $excludes
+     * @return array
+     */
     protected function getOrderEachStatus($em, array $excludes)
     {
         $sql = 'SELECT
@@ -406,6 +396,12 @@ protected function getOrderEachStatus($em, array $excludes)
         return $orderArray;
     }
 
+    /**
+     * @param $em
+     * @param $dateTime
+     * @param array $excludes
+     * @return array
+     */
     protected function getSalesByMonth($em, $dateTime, array $excludes)
     {
         // concat... for pgsql
@@ -436,6 +432,12 @@ protected function getSalesByMonth($em, $dateTime, array $excludes)
         return $result;
     }
 
+    /**
+     * @param $em
+     * @param $dateTime
+     * @param array $excludes
+     * @return array
+     */
     protected function getSalesByDay($em, $dateTime, array $excludes)
     {
         // concat... for pgsql
@@ -466,6 +468,12 @@ protected function getSalesByDay($em, $dateTime, array $excludes)
         return $result;
     }
 
+    /**
+     * @param $em
+     * @return mixed
+     * @throws NoResultException
+     * @throws \Doctrine\ORM\NonUniqueResultException
+     */
     protected function countNonStockProducts($em)
     {
         /** @var $qb \Doctrine\ORM\QueryBuilder */
@@ -481,6 +489,12 @@ protected function countNonStockProducts($em)
             ->getSingleScalarResult();
     }
 
+    /**
+     * @param $em
+     * @return mixed
+     * @throws NoResultException
+     * @throws \Doctrine\ORM\NonUniqueResultException
+     */
     protected function countCustomers($em)
     {
         $Status = $em

src/Eccube/Form/Type/Admin/ChangePasswordType.php

@@ -23,46 +23,36 @@
 
 namespace Eccube\Form\Type\Admin;
 
-use Eccube\Annotation\FormType;
-use Eccube\Annotation\Inject;
-use Eccube\Application;
 use Symfony\Component\Form\AbstractType;
 use Symfony\Component\Form\Extension\Core\Type\PasswordType;
 use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
 use Symfony\Component\Form\FormBuilderInterface;
-use Symfony\Component\Form\FormError;
-use Symfony\Component\Form\FormEvents;
 use Symfony\Component\OptionsResolver\OptionsResolver;
 use Symfony\Component\Security\Core\Validator\Constraints\UserPassword;
 use Symfony\Component\Validator\Constraints as Assert;
 
-/**
- * @FormType
- */
+
 class ChangePasswordType extends AbstractType
 {
     /**
-     * @Inject("config")
      * @var array
      */
     protected $appConfig;
 
     /**
-     * @var \Eccube\Application $app
-     * @Inject(Application::class)
+     * ChangePasswordType constructor.
+     * @param array $eccubeConfig
      */
-    protected $app;
-
-    public function __construct()
+    public function __construct(array $eccubeConfig)
     {
+        $this->appConfig = $eccubeConfig;
     }
 
     /**
      * {@inheritdoc}
      */
     public function buildForm(FormBuilderInterface $builder, array $options)
     {
-        $app = $this->app;
         $builder
             ->add('current_password', PasswordType::class, array(
                 'label' => '現在のパスワード',
@@ -86,11 +76,10 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                     )),
                     new Assert\Regex(array(
                         'pattern' => '/^[[:graph:][:space:]]+$/i',
-                        'message' => 'form.type.graph.invalid',
+                        'message' => 'form.type.graph.invalid',
                     )),
                 ),
             ))
-            ->addEventSubscriber(new \Eccube\Event\FormEventSubscriber());
         ;
     }