thecodingmachine
diff --git a/‎src/api/src/Infrastructure/Security/Voter/UserVoter.php‎
Lines changed: 13 additions & 5 deletions b/‎src/api/src/Infrastructure/Security/Voter/UserVoter.php‎
Lines changed: 13 additions & 5 deletions
diff --git a/‎src/api/src/UseCase/User/CreateUser.php‎
Lines changed: 52 additions & 4 deletions b/‎src/api/src/UseCase/User/CreateUser.php‎
Lines changed: 52 additions & 4 deletions
diff --git a/‎src/api/src/UseCase/User/DeleteUser.php‎
Lines changed: 15 additions & 5 deletions b/‎src/api/src/UseCase/User/DeleteUser.php‎
Lines changed: 15 additions & 5 deletions
diff --git a/‎src/api/src/UseCase/User/GetUser.php‎
Lines changed: 3 additions & 3 deletions b/‎src/api/src/UseCase/User/GetUser.php‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎…api/src/UseCase/User/UpdateMyProfile.php‎ ‎…rc/UseCase/User/UpdateProfilePicture.php‎src/api/src/UseCase/User/UpdateMyProfile.php renamed to src/api/src/UseCase/User/UpdateProfilePicture.php
Lines changed: 2 additions & 2 deletions b/‎…api/src/UseCase/User/UpdateMyProfile.php‎ ‎…rc/UseCase/User/UpdateProfilePicture.php‎src/api/src/UseCase/User/UpdateMyProfile.php renamed to src/api/src/UseCase/User/UpdateProfilePicture.php
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/api/src/UseCase/User/UpdateUser.php‎
Lines changed: 101 additions & 0 deletions b/‎src/api/src/UseCase/User/UpdateUser.php‎
Lines changed: 101 additions & 0 deletions
diff --git a/‎src/webapp/assets/css/overrides.scss‎
Lines changed: 4 additions & 0 deletions b/‎src/webapp/assets/css/overrides.scss‎
Lines changed: 4 additions & 0 deletions
@@ -14,8 +14,8 @@
 
 final class UserVoter extends AppVoter
 {
-    public const UPDATE_USER = 'UPDATE_USER';
     public const GET_USER    = 'GET_USER';
+    public const DELETE_USER = 'DELETE_USER';
 
     /**
      * @param mixed $subject
@@ -26,8 +26,8 @@ protected function supports(string $attribute, $subject): bool
             ! in_array(
                 $attribute,
                 [
-                    self::UPDATE_USER,
                     self::GET_USER,
+                    self::DELETE_USER,
                 ]
             )
         ) {
@@ -52,16 +52,24 @@ protected function voteOnAttribute(string $attribute, $subject, TokenInterface $
         assert($subject instanceof User);
 
         switch ($attribute) {
-            case self::UPDATE_USER:
             case self::GET_USER:
-                // The administrator can update/get any user.
+                // The administrator can get any user.
                 if ($this->security->isGranted(Role::getSymfonyRole(Role::ADMINISTRATOR()))) {
                     return true;
                 }
 
-                // Other users may only update/get themselves.
+                // Other users may only get themselves.
                 return $user->getId() === $subject->getId();
 
+            case self::DELETE_USER:
+                // Only administrators may delete a user...
+                if (! $this->security->isGranted(Role::getSymfonyRole(Role::ADMINISTRATOR()))) {
+                    return false;
+                }
+
+                // ...but only if it's not a self delete!
+                return $user->getId() !== $subject->getId();
+
             default:
                 return false;
         }
 
@@ -7,28 +7,35 @@
 use App\Domain\Dao\UserDao;
 use App\Domain\Enum\Locale;
 use App\Domain\Enum\Role;
+use App\Domain\Model\Storable\ProfilePicture;
 use App\Domain\Model\User;
 use App\Domain\Throwable\InvalidModel;
+use App\Domain\Throwable\InvalidStorable;
 use App\UseCase\User\ResetPassword\ResetPassword;
+use Psr\Http\Message\UploadedFileInterface;
 use TheCodingMachine\GraphQLite\Annotations\Logged;
 use TheCodingMachine\GraphQLite\Annotations\Mutation;
 use TheCodingMachine\GraphQLite\Annotations\Security;
 
 final class CreateUser
 {
     private UserDao $userDao;
+    private UpdateProfilePicture $updateProfilePicture;
     private ResetPassword $resetPassword;
 
     public function __construct(
         UserDao $userDao,
+        UpdateProfilePicture $updateProfilePicture,
         ResetPassword $resetPassword
     ) {
-        $this->userDao       = $userDao;
-        $this->resetPassword = $resetPassword;
+        $this->userDao              = $userDao;
+        $this->updateProfilePicture = $updateProfilePicture;
+        $this->resetPassword        = $resetPassword;
     }
 
     /**
      * @throws InvalidModel
+     * @throws InvalidStorable
      *
      * @Mutation
      * @Logged
@@ -39,7 +46,35 @@ public function createUser(
         string $lastName,
         string $email,
         Locale $locale,
-        Role $role
+        Role $role,
+        ?UploadedFileInterface $profilePicture = null
+    ): User {
+        $storable = null;
+        if ($profilePicture !== null) {
+            $storable = ProfilePicture::createFromUploadedFile($profilePicture);
+        }
+
+        return $this->create(
+            $firstName,
+            $lastName,
+            $email,
+            $locale,
+            $role,
+            $storable
+        );
+    }
+
+    /**
+     * @throws InvalidModel
+     * @throws InvalidStorable
+     */
+    public function create(
+        string $firstName,
+        string $lastName,
+        string $email,
+        Locale $locale,
+        Role $role,
+        ?ProfilePicture $profilePicture = null
     ): User {
         $user = new User(
             $firstName,
@@ -49,7 +84,20 @@ public function createUser(
             $role
         );
 
-        $this->userDao->save($user);
+        if ($profilePicture === null) {
+            $this->userDao->save($user);
+
+            return $user;
+        }
+
+        $this->userDao->validate($user);
+        $user = $this
+            ->updateProfilePicture
+            ->update(
+                $user,
+                $profilePicture
+            );
+
         $this->resetPassword->resetPassword($email);
 
         return $user;
 
@@ -6,30 +6,40 @@
 
 use App\Domain\Dao\UserDao;
 use App\Domain\Model\User;
+use App\Domain\Storage\ProfilePictureStorage;
 use TheCodingMachine\GraphQLite\Annotations\Logged;
 use TheCodingMachine\GraphQLite\Annotations\Mutation;
 use TheCodingMachine\GraphQLite\Annotations\Security;
 
 final class DeleteUser
 {
     private UserDao $userDao;
+    private ProfilePictureStorage $profilePictureStorage;
 
     public function __construct(
-        UserDao $userDao
+        UserDao $userDao,
+        ProfilePictureStorage $profilePictureStorage
     ) {
-        $this->userDao = $userDao;
+        $this->userDao               = $userDao;
+        $this->profilePictureStorage = $profilePictureStorage;
     }
 
     /**
      * @Mutation
      * @Logged
-     * @Security("is_granted('ROLE_ADMINISTRATOR')")
+     * @Security("is_granted('DELETE_USER', user1)")
      */
-    public function deleteUser(User $user): bool
+    public function deleteUser(User $user1): bool
     {
+        // Remove profile picture (if any).
+        $filename = $user1->getProfilePicture();
+        if ($filename !== null) {
+            $this->profilePictureStorage->delete($filename);
+        }
+
         // Cascade = true will also delete the reset
         // password token (if any).
-        $this->userDao->delete($user, true);
+        $this->userDao->delete($user1, true);
 
         return true;
     }
 
@@ -14,11 +14,11 @@ final class GetUser
     /**
      * @Query
      * @Logged
-     * @Security("is_granted('GET_USER', user)")
+     * @Security("is_granted('GET_USER', user1)")
      */
-    public function user(User $user): User
+    public function user(User $user1): User
     {
         // GraphQLite black magic.
-        return $user;
+        return $user1;
     }
 }
@@ -15,7 +15,7 @@
 use TheCodingMachine\GraphQLite\Annotations\Logged;
 use TheCodingMachine\GraphQLite\Annotations\Mutation;
 
-final class UpdateMyProfile
+final class UpdateProfilePicture
 {
     private UserDao $userDao;
     private ProfilePictureStorage $profilePictureStorage;
@@ -36,7 +36,7 @@ public function __construct(
      * @Logged
      * @InjectUser(for="$user")
      */
-    public function updateMyProfile(
+    public function updateProfilePicture(
         User $user,
         ?UploadedFileInterface $profilePicture = null
     ): User {
 
@@ -0,0 +1,101 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\UseCase\User;
+
+use App\Domain\Dao\UserDao;
+use App\Domain\Enum\Locale;
+use App\Domain\Enum\Role;
+use App\Domain\Model\Storable\ProfilePicture;
+use App\Domain\Model\User;
+use App\Domain\Throwable\InvalidModel;
+use App\Domain\Throwable\InvalidStorable;
+use Psr\Http\Message\UploadedFileInterface;
+use TheCodingMachine\GraphQLite\Annotations\Logged;
+use TheCodingMachine\GraphQLite\Annotations\Mutation;
+use TheCodingMachine\GraphQLite\Annotations\Security;
+
+use function strval;
+
+final class UpdateUser
+{
+    private UserDao $userDao;
+    private UpdateProfilePicture $updateProfilePicture;
+
+    public function __construct(
+        UserDao $userDao,
+        UpdateProfilePicture $updateProfilePicture
+    ) {
+        $this->userDao              = $userDao;
+        $this->updateProfilePicture = $updateProfilePicture;
+    }
+
+    /**
+     * @throws InvalidModel
+     * @throws InvalidStorable
+     *
+     * @Mutation
+     * @Logged
+     * @Security("is_granted('ROLE_ADMINISTRATOR')")
+     */
+    public function updateUser(
+        User $user,
+        string $firstName,
+        string $lastName,
+        string $email,
+        Locale $locale,
+        Role $role,
+        ?UploadedFileInterface $profilePicture = null
+    ): User {
+        $storable = null;
+        if ($profilePicture !== null) {
+            $storable = ProfilePicture::createFromUploadedFile($profilePicture);
+        }
+
+        return $this->update(
+            $user,
+            $firstName,
+            $lastName,
+            $email,
+            $locale,
+            $role,
+            $storable
+        );
+    }
+
+    /**
+     * @throws InvalidModel
+     * @throws InvalidStorable
+     */
+    public function update(
+        User $user,
+        string $firstName,
+        string $lastName,
+        string $email,
+        Locale $locale,
+        Role $role,
+        ?ProfilePicture $profilePicture = null
+    ): User {
+        $user->setFirstName($firstName);
+        $user->setLastName($lastName);
+        $user->setEmail($email);
+        $user->setLocale(strval($locale));
+        $user->setRole(strval($role));
+
+        if ($profilePicture === null) {
+            $this->userDao->save($user);
+
+            return $user;
+        }
+
+        $this->userDao->validate($user);
+
+        return $this
+            ->updateProfilePicture
+            ->update(
+                $user,
+                $profilePicture
+            );
+    }
+}
@@ -9,3 +9,7 @@ body {
 .card {
   box-shadow: 0 1px 2px 0 rgba(0,0,0,.1);
 }
+
+.table td {
+  vertical-align: middle !important;
+}
Original file line number	Diff line number	Diff line change
`@@ -14,11 +14,11 @@ final class GetUser`
`14`	`14`	`/**`
`15`	`15`	`* @Query`
`16`	`16`	`* @Logged`
`17`		`- * @Security("is_granted('GET_USER', user)")`
	`17`	`+ * @Security("is_granted('GET_USER', user1)")`
`18`	`18`	`*/`
`19`		`- public function user(User $user): User`
	`19`	`+ public function user(User $user1): User`
`20`	`20`	`{`
`21`	`21`	`// GraphQLite black magic.`
`22`		`- return $user;`
	`22`	`+ return $user1;`
`23`	`23`	`}`
`24`	`24`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,3 +9,7 @@ body {`
`9`	`9`	`.card {`
`10`	`10`	`box-shadow: 0 1px 2px 0 rgba(0,0,0,.1);`
`11`	`11`	`}`
	`12`	`+`
	`13`	`+.table td {`
	`14`	`+ vertical-align: middle !important;`
	`15`	`+}`