src/Controller/WidgetElectronicInvoiceController.php line 153

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\ElectronicInvoiceContact;
  6. use App\Repository\AccountingFirmRepository;
  7. use App\Repository\AuthorizedDomainRepository;
  8. use App\Services\WidgetMailing;
  9. use Doctrine\ORM\EntityManagerInterface;
  10. use Qferrer\Mjml\Twig\MjmlExtension;
  11. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  12. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  13. use Symfony\Component\HttpFoundation\BinaryFileResponse;
  14. use Symfony\Component\HttpFoundation\JsonResponse;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpFoundation\ResponseHeaderBag;
  17. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  18. use Symfony\Component\HttpKernel\KernelInterface;
  19. use Symfony\Component\Mailer\MailerInterface;
  20. use Symfony\Component\Routing\Annotation\Route;
  21. use Twig\Environment;
  23. class WidgetElectronicInvoiceController extends AbstractController
  24. {
  25.     protected MjmlExtension $mjmlRenderer;
  26.     protected Environment $twig;
  27.     private MailerInterface $mailer;
  29.     public function __construct(MailerInterface $mailerMjmlExtension $mjmlRendererEnvironment $twig)
  30.     {
  31.         $this->mailer $mailer;
  32.         $this->mjmlRenderer $mjmlRenderer;
  33.         $this->twig $twig;
  34.     }
  36.     #[Route('/check-electronic-invoice'name'w_electronic_invoice_check')]
  37.     public function ctrl_checkElectronicInvoice(Request $requestAccountingFirmRepository $repositorystring $prefix null): JsonResponse
  38.     {
  39.         $token $request->query->get('token');
  40.         $host $request->get('host');
  42.         if ($token && $host) {
  43.             $accountingFirm $repository->findOneBy(['electronicInvoiceToken' => $token]);
  44.             $isAuthorized false;
  45.             if ($accountingFirm && in_array($host$accountingFirm->getListAuthorizedDomains())) {
  46.                 $isAuthorized true;
  47.             }
  48.             $url $isAuthorized $accountingFirm->getElectronicInvoiceWidgetUrl() : null;
  49.         } else {
  50.             $accountingFirm $repository->findOneBy(['host' => $host]);
  51.             $url $accountingFirm $prefix $this->generateUrl('w_electronic_invoice_get') : null;
  52.         }
  54.         return $this->json($url);
  55.     }
  57.     #[Route('/widget-electronic-invoice'name'w_electronic_invoice_get')]
  58.     public function ctrl_widgetElectronicInvoice(Request $requestAccountingFirmRepository $repositoryAuthorizedDomainRepository $domainsParameterBagInterface $params)
  59.     {
  60.         $token $request->query->get('token');
  61.         $host $request->get('host');
  63.         if ($host != "preview") {
  64.              $accountingFirm $repository->findOneBy(['host' => $host]);
  66.             if (is_null($accountingFirm)) {
  67.                 $domains $domains->findBy(['name' => $host]);
  69.                 if (is_null($domains)) {
  70.                     throw new NotFoundHttpException();
  71.                 }
  73.                 foreach ($domains as $dom) {
  74.                     $tmp_ac $dom->getAccountingFirm();
  75.                     if ($tmp_ac->getElectronicInvoiceToken() == $token) {
  76.                         $accountingFirm $tmp_ac;
  77.                         break;
  78.                     }
  79.                 }
  80.             }
  82.             if (is_null($accountingFirm)) {
  83.                 throw new NotFoundHttpException();
  84.             }
  85.         }
  87.         return $this->render('widget_electronic_invoice/content.html.twig', [
  88.             'cabinet' => $accountingFirm,
  89.             'serverUrl' => $params->get('domain_widget_electronic_invoice')
  90.         ]);
  91.     }
  93.     #[Route('/widget-electronic-invoice-popup'name'w_electronic_invoice_popup_get')]
  94.     public function ctrl_widgetElectronicInvoicePopup(Request $requestAccountingFirmRepository $repositoryAuthorizedDomainRepository $domainsParameterBagInterface $params)
  95.     {
  96.         $token $request->query->get('token');
  97.         $host $request->get('host');
  99.         if ($host != "preview") {
  100.             $accountingFirm $repository->findOneBy(['host' => $host]);
  102.             if (is_null($accountingFirm)) {
  103.                 $domains $domains->findBy(['name' => $host]);
  105.                 if (is_null($domains)) {
  106.                     throw new NotFoundHttpException();
  107.                 }
  109.                 foreach ($domains as $dom) {
  110.                     $tmp_ac $dom->getAccountingFirm();
  111.                     if ($tmp_ac->getElectronicInvoiceToken() == $token) {
  112.                         $accountingFirm $tmp_ac;
  113.                         break;
  114.                     }
  115.                 }
  116.             }
  118.             if (is_null($accountingFirm)) {
  119.                 throw new NotFoundHttpException();
  120.             }
  121.         }
  123.         $electronicInvoiceUrl $accountingFirm->getUrl() . $accountingFirm->getElectronicInvoiceWidgetUrl();
  125.         return $this->render('widget_electronic_invoice/popup.html.twig', [
  126.             'cabinet' => $accountingFirm,
  127.             'serverUrl' => $params->get('domain_widget_electronic_invoice'),
  128.             'electronicInvoiceUrl' => $electronicInvoiceUrl
  129.         ]);
  130.     }
  132.     #[Route('/embed'name'w_electronic_invoice_embed')]
  133.     public function embed()
  134.     {
  135.         $root $this->getParameter('kernel.project_dir');
  136.         $path $root '/public/widgets/widget_electronic_invoice/widget_electronic_invoice.js';
  138.         return new BinaryFileResponse($path);
  139.     }
  141.     #[Route('/{filename}.{format}'name'w_electronic_invoice_files')]
  142.     public function widget_files(string $filenamestring $format)
  143.     {
  144.         $allowed = array('png''jpg''jpeg''gif''js''svg''eot''ttf''woff');
  145.         if (in_array($format$allowed)) {
  146.             $root $this->getParameter('kernel.project_dir');
  147.             $path $root '/public/widget_electronic_invoice/' $filename '.' $format;
  149.             return new BinaryFileResponse($path);
  150.         }
  152.         return false;
  153.     }
  155.     #[Route('/send-electronic-invoice'name'widget_electronic_invoice_send_form'methods: ['POST'])]
  156.     public function sendForm(
  157.         Request $request,
  158.         EntityManagerInterface $em,
  159.         AccountingFirmRepository $accountingFirmRepository,
  160.         WidgetMailing $widgetMailing
  161.     ): JsonResponse {
  163.         // Vérifie le JSON reçu
  164.         $data json_decode($request->getContent(), true);
  166.         if (!$data) {
  167.             return new JsonResponse([
  168.                 "success" => false,
  169.                 "error"   => "invalid_json"
  170.             ], 400);
  171.         }
  173.         //--------------------------------------
  174.         // 1) ANTI-SPAM : Honeypot
  175.         //--------------------------------------
  176.         if (!empty($data['website'] ?? null)) {
  177.             // On répond comme si tout était OK, pour ne rien révéler
  178.             return new JsonResponse(["success" => true]);
  179.         }
  181.         //--------------------------------------
  182.         // 2) ANTI-SPAM : Timestamp minimal
  183.         //--------------------------------------
  184.         if (!isset($data['form_ts']) || (time() * 1000 - (int)$data['form_ts']) < 1000) {
  185.             // Pareil : réponse neutre
  186.             return new JsonResponse(["success" => true]);
  187.         }
  189.         //--------------------------------------
  190.         // 3) Validation des champs
  191.         //--------------------------------------
  192.         $required = ['company''firstname''lastname''phone''email''message'];
  193.         foreach ($required as $field) {
  194.             if (empty(trim($data[$field] ?? ''))) {
  195.                 return new JsonResponse([
  196.                     "success" => false,
  197.                     "error"   => "missing_field",
  198.                     "field"   => $field
  199.                 ], 400);
  200.             }
  201.         }
  203.         // Email valide ?
  204.         if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
  205.             return new JsonResponse([
  206.                 "success" => false,
  207.                 "error"   => "invalid_email"
  208.             ], 400);
  209.         }
  211.         $accountingFirm $accountingFirmRepository->findOneBy(['id' => $data['accountingFirmId']]);
  213.         if (!$accountingFirm) {
  214.             return new JsonResponse([
  215.                 "success" => false,
  216.                 "error"   => "invalid_accounting_firm"
  217.             ], 400);
  218.         }
  220.         //--------------------------------------
  221.         // 4) Création de l'entité ElectronicInvoiceContact
  222.         //--------------------------------------
  225.         $eiContact = new ElectronicInvoiceContact();
  226.         $eiContact->setAccountingFirm($accountingFirm);
  227.         $eiContact->setCompany($data['company']);
  228.         $eiContact->setFirstname($data['firstname']);
  229.         $eiContact->setLastname($data['lastname']);
  230.         $eiContact->setPhone($data['phone']);
  231.         $eiContact->setEmail($data['email']);
  232.         $eiContact->setMessage($data['message']);
  233.         $eiContact->setCreatedAt(new \DateTimeImmutable());
  235.         $em->persist($eiContact);
  236.         $em->flush();
  238.         //--------------------------------------
  239.         // 5) Envoi email via ton service WidgetMailing
  240.         //--------------------------------------
  241.         try {
  242.             $widgetMailing->sendElectronicInvoiceContact($eiContact);
  243.         } catch (\Throwable $e) {
  244.             // Sentry le capturera automatiquement puisque tu l’as configuré côté front
  245.             return new JsonResponse([
  246.                 "success" => false,
  247.                 "error"   => "mail_error",
  248.                 "details" => $e->getMessage()
  249.             ], 500);
  250.         }
  252.         //--------------------------------------
  253.         // 6) Réponse finale
  254.         //--------------------------------------
  255.         return new JsonResponse([
  256.             "success" => true
  257.         ]);
  258.     }
  260. }