From be5663c4684f2da73d37d2125d6ac426a989810c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20B=C3=B6hmer?= <mail@jan-boehmer.de>
Date: Mon, 13 Mar 2023 22:16:02 +0100
Subject: [PATCH] Allow import/export of users

---
 src/Entity/UserSystem/Group.php    |  3 +++
 src/Entity/UserSystem/User.php     | 15 +++++++++++++++
 src/Form/AdminPages/ImportType.php |  2 +-
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/src/Entity/UserSystem/Group.php b/src/Entity/UserSystem/Group.php
index 0b29036f..30bec19c 100644
--- a/src/Entity/UserSystem/Group.php
+++ b/src/Entity/UserSystem/Group.php
@@ -30,6 +30,7 @@ use App\Validator\Constraints\ValidPermission;
 use Doctrine\Common\Collections\ArrayCollection;
 use Doctrine\Common\Collections\Collection;
 use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Serializer\Annotation\Groups;
 use Symfony\Component\Validator\Constraints as Assert;
 
 /**
@@ -65,6 +66,7 @@ class Group extends AbstractStructuralDBElement implements HasPermissionsInterfa
     /**
      * @var bool If true all users associated with this group must have enabled some kind of 2 factor authentication
      * @ORM\Column(type="boolean", name="enforce_2fa")
+     * @Groups({"extended", "full", "import"})
      */
     protected $enforce2FA = false;
     /**
@@ -79,6 +81,7 @@ class Group extends AbstractStructuralDBElement implements HasPermissionsInterfa
      * @var PermissionData|null
      * @ValidPermission()
      * @ORM\Embedded(class="PermissionData", columnPrefix="permissions_")
+     * @Groups({"full"})
      */
     protected ?PermissionData $permissions = null;
 
diff --git a/src/Entity/UserSystem/User.php b/src/Entity/UserSystem/User.php
index eddf9179..fd8c9054 100644
--- a/src/Entity/UserSystem/User.php
+++ b/src/Entity/UserSystem/User.php
@@ -33,6 +33,7 @@ use App\Validator\Constraints\ValidTheme;
 use Hslavich\OneloginSamlBundle\Security\User\SamlUserInterface;
 use Jbtronics\TFAWebauthn\Model\LegacyU2FKeyInterface;
 use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
+use Symfony\Component\Serializer\Annotation\Groups;
 use Webauthn\PublicKeyCredentialUserEntity;
 use function count;
 use DateTime;
@@ -74,6 +75,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
     /**
      * @var bool Determines if the user is disabled (user can not log in)
      * @ORM\Column(type="boolean")
+     * @Groups({"extended", "full", "import"})
      */
     protected bool $disabled = false;
 
@@ -81,6 +83,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
      * @var string|null The theme
      * @ORM\Column(type="string", name="config_theme", nullable=true)
      * @ValidTheme()
+     * @Groups({"full", "import"})
      */
     protected ?string $theme = null;
 
@@ -124,6 +127,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
      * @ORM\ManyToOne(targetEntity="Group", inversedBy="users")
      * @ORM\JoinColumn(name="group_id", referencedColumnName="id")
      * @Selectable()
+     * @Groups({"extended", "full", "import"})
      */
     protected ?Group $group = null;
 
@@ -137,6 +141,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
      * @var string|null The timezone the user prefers
      * @ORM\Column(type="string", name="config_timezone", nullable=true)
      * @Assert\Timezone()
+     * @Groups({"full", "import"})
      */
     protected ?string $timezone = '';
 
@@ -144,6 +149,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
      * @var string|null The language/locale the user prefers
      * @ORM\Column(type="string", name="config_language", nullable=true)
      * @Assert\Language()
+     * @Groups({"full", "import"})
      */
     protected ?string $language = '';
 
@@ -151,30 +157,35 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
      * @var string|null The email address of the user
      * @ORM\Column(type="string", length=255, nullable=true)
      * @Assert\Email()
+     * @Groups({"simple", "extended", "full", "import"})
      */
     protected ?string $email = '';
 
     /**
      * @var string|null The department the user is working
      * @ORM\Column(type="string", length=255, nullable=true)
+     * @Groups({"simple", "extended", "full", "import"})
      */
     protected ?string $department = '';
 
     /**
      * @var string|null The last name of the User
      * @ORM\Column(type="string", length=255,  nullable=true)
+     * @Groups({"simple", "extended", "full", "import"})
      */
     protected ?string $last_name = '';
 
     /**
      * @var string|null The first name of the User
      * @ORM\Column(type="string", length=255, nullable=true)
+     * @Groups({"simple", "extended", "full", "import"})
      */
     protected ?string $first_name = '';
 
     /**
      * @var bool True if the user needs to change password after log in
      * @ORM\Column(type="boolean")
+     * @Groups({"extended", "full", "import"})
      */
     protected bool $need_pw_change = true;
 
@@ -206,6 +217,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
 
     /** @var DateTime|null The time when the backup codes were generated
      * @ORM\Column(type="datetime", nullable=true)
+     * @Groups({"full"})
      */
     protected ?DateTime $backupCodesGenerationDate = null;
 
@@ -228,6 +240,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
      * @ORM\ManyToOne(targetEntity="App\Entity\PriceInformations\Currency")
      * @ORM\JoinColumn(name="currency_id", referencedColumnName="id")
      * @Selectable()
+     * @Groups({"extended", "full", "import"})
      */
     protected $currency;
 
@@ -235,6 +248,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
      * @var PermissionData
      * @ValidPermission()
      * @ORM\Embedded(class="PermissionData", columnPrefix="permissions_")
+     * @Groups({"simple", "extended", "full", "import"})
      */
     protected ?PermissionData $permissions = null;
 
@@ -247,6 +261,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
     /**
      * @var bool True if the user was created by a SAML provider (and therefore cannot change its password)
      * @ORM\Column(type="boolean")
+     * @Groups({"extended", "full"})
      */
     protected bool $saml_user = false;
 
diff --git a/src/Form/AdminPages/ImportType.php b/src/Form/AdminPages/ImportType.php
index 6af7d6e1..e33bf450 100644
--- a/src/Form/AdminPages/ImportType.php
+++ b/src/Form/AdminPages/ImportType.php
@@ -50,7 +50,7 @@ class ImportType extends AbstractType
 
         //Disable import if user is not allowed to create elements.
         $entity = new $data['entity_class']();
-        $perm_name = 'create';
+        $perm_name = 'import';
         $disabled = !$this->security->isGranted($perm_name, $entity);
 
         $builder