src/Controller/ApiController.php line 2462

Open in your IDE?
  1. <?php
  2. namespace App\Controller;
  3. use App\Event\HolidayEvent;
  4. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  5. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  6. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\HttpFoundation\Response;
  9. use Symfony\Component\Routing\Annotation\Route;
  10. use Symfony\Component\Security\Core\User\UserInterface;
  11. use Pimcore\Model\Asset;
  12. use Pimcore\Model\DataObject;
  13. use Pimcore\Model\Document;
  14. use Pimcore\Model\Element\Tag;
  15. use Pimcore\Model\DataObject\Data\BlockElement;
  16. use Symfony\Component\Stopwatch\Stopwatch;
  17. use App\Form\ManageUserCreateType;
  18. use App\Form\ManageUserUpdateType;
  19. use App\Form\PasswordFormType;
  20. use App\Form\RegistrationFormHandler;
  21. use App\Model\Customer;
  22. use App\Model\TrycareMembership;
  23. use App\Services\CreateSubuserService;
  24. use App\Services\GeneralService;
  25. use App\Services\HeadOfficeService;
  26. use App\Services\PermissionService;
  27. use App\Services\ToolsService;
  28. use App\Services\NotificationService;
  29. use App\Services\EmployeeContractService;
  30. use App\Services\FreeTrialService;
  31. use App\Services\TrycareService;
  32. use App\Services\LeavingWizardService;
  33. use App\Stripe\UserHandler;
  34. use Carbon\Carbon;
  35. use CustomerManagementFrameworkBundle\CustomerProvider\CustomerProviderInterface;
  36. use Error;
  37. use Pimcore\DataObject\Consent\Service;
  38. use Psr\Log\LoggerInterface;
  39. use Symfony\Component\HttpClient\Exception\InvalidArgumentException;
  40. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  41. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  42. use Symfony\Component\HttpKernel\Exception\PreconditionFailedHttpException;
  43. use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
  44. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  45. /**
  46.  * @Route("/api", name="api")
  47.  */
  48. class ApiController extends AbstractController
  49. {
  50.     /**
  51.      * @Route("/template-hub/templates/read", name="template-hub-read")
  52.      */
  53.     public function templateHubReadAction(Stopwatch $stopwatch)
  54.     {
  55.         if (!$this->isGranted('ROLE_USER')) {
  56.             throw new UnauthorizedHttpException('Not authorized.');
  57.         }
  58.         $listPublic = new DataObject\Templates\Listing();
  59.         $listPublic->load();
  60.         $listPublic $listPublic->getData();
  61.         $listCategories array_map(function ($template) {
  62.             return $template->getCategory();
  63.         }, $listPublic);
  64.         $listCategories array_unique($listCategories);
  65.         $templatesList = [];
  66.         foreach ($listCategories as $category) {
  67.             $list array_filter($listPublic, function ($item) use ($category) {
  68.                 return $item->getCategory() === $category;
  69.             });
  70.             $dataContent = [];
  71.             foreach ($list as $template) {
  72.                 /* if ($asset instanceof \Pimcore\Model\Asset\Document) {
  73.                     try {
  74.                     if (!$asset->getCustomSetting('document_page_count')) {
  75.                         $asset->processPageCount();
  76.                     }
  77.                     } catch (\Exception $e) {
  78.                     //do nothing
  79.                     }
  80.                 } */
  81.                 $coverPath $template->getCover()->getPath();
  82.                 $coverFilename $template->getCover()->getFilename();
  83.                 $dataContent[] = [
  84.                     'name' => $template->getTitle(),
  85.                     'id' => $template->getId(),
  86.                     "preview" => $coverPath $coverFilename,
  87.                     "linkDocument" => $template->getDocument()->getFullPath(),
  88.                     /* "linkPdf" => $template->getPdf()->getFullPath(), */
  89.                 ];
  90.             }
  91.             $templatesList[] = [
  92.                 "category" => $category,
  93.                 "data" => $dataContent
  94.             ];
  95.         }
  96.         $response = new Response();
  97.         $response->headers->set('Content-Type''application/json');
  98.         $response->headers->set('Access-Control-Allow-Origin''*');
  99.         $response->setContent(json_encode($templatesList));
  100.         return $response;
  101.     }
  102.     /**
  103.      * @Route("/head-office/assets/create", name="template-hub-assets-create", methods={"POST"})
  104.      * 
  105.      * @param Request $request
  106.      * @return Response
  107.      */
  108.     public function headOfficeAssetCreateAction(Request $request)
  109.     {
  110.         $loggedUser $this->getUser();
  111.         if (!$loggedUser) {
  112.             throw new UnauthorizedHttpException('Not authorized.');
  113.         }
  114.         $id $loggedUser->getId();
  115.         if ($request->getContent()) {
  116.             $data json_decode($request->getContent(), true);
  117.             $fileName $data['fileKey'];
  118.             $title $data['title'];
  119.             $description $data['description'];
  120.             $parentFolder DataObject::getByPath("/Head Office/Private/" $id);
  121.             if (!$parentFolder) {
  122.                 $parentFolder DataObject\Service::createFolderByPath("/Head Office/Private/" $id);
  123.             }
  124.             $newObject = new DataObject\HOFile();
  125.             $newObject->setKey($fileName);
  126.             $newObject->setParent($parentFolder);
  127.             $newObject->setTitle($title);
  128.             $newObject->setDescription($description);
  129.             $newObject->setPublished(true);
  130.             $newObject->save();
  131.             return new Response($newObject->getId());
  132.         }
  133.         return new Response(null);
  134.     }
  135.     /**
  136.      * @Route("/head-office/assets/read", name="template-hub-assets-read", methods={"GET"})
  137.      * 
  138.      * @param Request $request
  139.      * @return Response
  140.      */
  141.     public function headOfficeAssetReadAction(Request $request)
  142.     {
  143.         $loggedUser $this->getUser();
  144.         if (!$loggedUser) {
  145.             throw new UnauthorizedHttpException('Not authorized.');
  146.         }
  147.         $id $loggedUser->getId();
  148.         $parentFolder DataObject::getByPath("/Head Office/Private/" $id);
  149.         if ($parentFolder) {
  150.             $list = new DataObject\HOFile\Listing();
  151.             $list->setCondition("o_parentId = ?"$parentFolder->getId());
  152.             $list->load();
  153.             $list $list->getData();
  154.             $dataContent = [];
  155.             foreach ($list as $file) {
  156.                 $dataContent[] = [
  157.                     'title' => $file->getTitle(),
  158.                     'description' => $file->getDescription(),
  159.                     'id' => $file->getId(),
  160.                     'key' => $file->getKey()
  161.                 ];
  162.             };
  163.             return new Response(json_encode($dataContent));
  164.         }
  165.         return new Response(null);
  166.     }
  167.     /**
  168.      * @Route("/head-office/assets/delete", name="template-hub-assets-delete", methods={"POST"})
  169.      * 
  170.      * @param Request $request
  171.      * @return Response
  172.      */
  173.     public function headOfficeAssetDeleteAction(Request $request)
  174.     {
  175.         $loggedUser $this->getUser();
  176.         if (!$loggedUser) {
  177.             throw new UnauthorizedHttpException('Not authorized.');
  178.         }
  179.         $id $loggedUser->getId();
  180.         if ($request->getContent()) {
  181.             $data json_decode($request->getContent(), true);
  182.             $fileId $data['objectId'];
  183.             $object DataObject::getById($fileId);
  184.             $object->delete();
  185.             return new Response('File deleted');
  186.         }
  187.         return new Response(null);
  188.     }
  189.     /**
  190.      * @Route("/head-office/credentials/set-cognito", name="head-office-cognito", methods={"PATCH"})
  191.      * 
  192.      * @param Request $request
  193.      * @return Response
  194.      */
  195.     public function headOfficeSetVaultAction(Request $request)
  196.     {
  197.         $loggedUser $this->getUser();
  198.         if (!$loggedUser) {
  199.             throw new UnauthorizedHttpException('Not authorized.');
  200.         }
  201.         $id $loggedUser->getId();
  202.         if ($request->getContent()) {
  203.             $data json_decode($request->getContent(), true);
  204.             $cognito $data['cognitoConfirmed'];
  205.             $loggedUser->setCognitoConfirmed($cognito);
  206.             $loggedUser->save();
  207.             $response = new Response();
  208.             return $response->setContent(json_encode(['message' => 'OK']));
  209.         }
  210.         throw new BadRequestHttpException();
  211.     }
  212.     /**
  213.      * @Route("/head-office/credentials/set", name="head-office-credentials-set", methods={"PUT"}))
  214.      */
  215.     public function headOfficeSetCredentialsAction(Request $requestPermissionService $permissionProviderService $consentService)
  216.     {
  217.         $loggedUser $this->getUser();
  218.         if (!$loggedUser) {
  219.             throw new UnauthorizedHttpException('Not authorized.');
  220.         }
  221.         $data json_decode($request->getContent(), true);
  222.         $password $data['password'];
  223.         $cognito $data['cognito'];
  224.         $loggedUser->setPassword($password);
  225.         $loggedUser->setCognito($cognito);
  226.         $consentService->giveConsent($loggedUser"termsAndPolicy""Agreed with website's terms of use and privacy policy.");
  227.         try {
  228.             $loggedUser->save();
  229.             $response = new Response();
  230.             return $response->setContent(json_encode(['message' => 'OK']));
  231.         } catch (\Exception $e) {
  232.             throw new BadRequestHttpException($e);
  233.         }
  234.     }
  235.     /**
  236.      * @Route("/head-office/credentials/get", name="head-office-credentials", methods={"GET"}))
  237.      */
  238.     public function headOfficeCheckCredentialsAction(PermissionService $permissionProvider)
  239.     {
  240.         $loggedUser $this->getUser();
  241.         if (!$loggedUser) {
  242.             throw new UnauthorizedHttpException('Not authorized.');
  243.         }
  244.         $id $loggedUser->getId();
  245.         $role $loggedUser->getTypeOfUser();
  246.         $userData = [];
  247.         $cpdCycles = [];
  248.         foreach ($loggedUser->getCpdCycles() as $cycle) {
  249.             $cpdCycles[] = [
  250.                 'id' => $cycle->getId(),
  251.                 'startingDate' => $cycle->getStartDate(),
  252.                 'endDate' => $cycle->getEndDate(),
  253.                 'createdAt' => $cycle->getCreationDate(),
  254.                 'requiredHours' => $cycle->getRequiredHours()
  255.             ];
  256.         }
  257.         $permissions $permissionProvider->getPermissions($loggedUser);
  258.         $plans = [];
  259.         foreach ($loggedUser->getCpdPlans() as $cpdPlan) {
  260.             $plans[] = [
  261.                 'id' => $cpdPlan->getid(),
  262.                 'createdAt' => $cpdPlan->getCreationDate()
  263.             ];
  264.         }
  265.         $clinic $loggedUser->getClinic();
  266.         $clinicBranches = [];
  267.         foreach ($clinic->getBranches() as $branch) {
  268.             $clinicBranches[] = [
  269.                 'name' => $branch->getName(),
  270.                 'isMain' => $branch->getIsMain(),
  271.                 'id' => $branch->getId(),
  272.                 'isNew' => $branch->getIsNew()
  273.             ];
  274.         }
  275.         $role $loggedUser->getTypeOfUser();
  276.         $subscription $loggedUser->getSubscription();
  277.         $superuser $clinic->getSuperuser();
  278.         $includedSubs count($superuser->getIncludedSubscriptions());
  279.         if ($superuser->getSubscription()->getIsTrycareMembership()) {
  280.             $includedSubs TrycareMembership::getAdditionalSubscriptionsAmount($superuser->getSubscription()->getTrycareMemberId());
  281.         }
  282.         $userData = [
  283.             'id' => $id,
  284.             'role' => $loggedUser->getTypeOfUser(),
  285.             'cognito' => $loggedUser->getCognito(),
  286.             'email' => $loggedUser->getEmail(),
  287.             'clinicId' => $clinic->getName(),
  288.             'cognitoConfirmed' => $loggedUser->getCognitoConfirmed(),
  289.             'firstName' => $loggedUser->getFirstname(),
  290.             'lastName' => $loggedUser->getLastname(),
  291.             'displayName' => $loggedUser->getDisplayName(),
  292.             'profession' => $loggedUser->getProfession(),
  293.             'gdcNumber' => $loggedUser->getGdcNumber(),
  294.             'cpdCycles' => $cpdCycles,
  295.             'newAlert' => $loggedUser->getNewAlert(),
  296.             'permissions' => $permissions,
  297.             'licence' => [
  298.                 'endOfCycle' => $subscription->getExpiryDate(),
  299.                 'cancel' => $subscription->getCancelEndPeriod(),
  300.                 'cycleType' => $subscription->getBillingCycle(),
  301.                 'freeTrial' => $subscription->getIsFreeTrial(),
  302.                 'includedSubs' => $includedSubs
  303.             ],
  304.             'cpdPlans' => $plans,
  305.             'clinicBranches' => $clinicBranches,
  306.             'newsletter' => $loggedUser->getNewsletterActive(),
  307.             'isTrycareMembership' => $subscription->getIsTrycareMembership(),
  308.             'validTrycareMembership' => TrycareMembership::validateTrycareMembership($subscription->getTrycareMemberId()),
  309.             'holidaysTermsAgreed' => $loggedUser->getHolidaysTermsAgreed(), 
  310.         ];
  311.         $response = new Response();
  312.         $response->headers->set('Content-Type''application/json');
  313.         $response->headers->set('Access-Control-Allow-Origin''*');
  314.         $response->setContent(json_encode($userData));
  315.         return $response;
  316.     }
  317.     /**
  318.      * @Route("/head-office/credentials/update", name="head-office-credentials-update", methods={"PUT"}))
  319.      */
  320.     public function headOfficeUpdateUserAction(Request $requestPermissionService $permissionProviderService $consentServiceUserHandler $userHandler)
  321.     {
  322.         $loggedUser $this->getUser();
  323.         if (!$loggedUser) {
  324.             throw new UnauthorizedHttpException('Not authorized.');
  325.         }
  326.         $content json_decode($request->getContent());
  327.         $form $this->createForm(ManageUserUpdateType::class);
  328.         $form->submit((array)$content);
  329.         if (!$form->isValid()) {
  330.             $errors = [];
  331.             foreach ($form->getErrors(deeptrueflattentrue) as $error) {
  332.                 $errors[] = $error->getMessage();
  333.             }
  334.             throw new BadRequestHttpException(json_encode($errors));
  335.         }
  336.         $data json_decode($request->getContent(), true);
  337.         if ($loggedUser->getTypeOfUser() === 'subuser' && $data['termsAndPolicy'] != true) {
  338.             throw new BadRequestHttpException('You must agree to our terms and policies.');
  339.         }
  340.         $clinic $loggedUser->getClinic();
  341.         //create main location
  342.         if (array_key_exists('firstLineAddress'$data)) {
  343.             $branch $userHandler->createBranch(['name' => $data['firstLineAddress'], 'isMain' => true], $clinic);
  344.             $clinic->setBranches([...$clinic->getBranches(), $branch]);
  345.         }
  346.         $loggedUser->setFirstname($data['firstname']);
  347.         $loggedUser->setLastname($data['lastname']);
  348.         $loggedUser->setProfession($data['profession']);
  349.         $loggedUser->setGdcNumber($data['gdcNumber']);
  350.         // $loggedUser->setPhone($data['contact']);
  351.         if (array_key_exists('termsAndPolicy'$data)) {
  352.             $consentService->giveConsent($loggedUser"termsAndPolicy""Agreed with website's terms of use and privacy policy.");
  353.         }
  354.         if (array_key_exists('dealsAndOffers'$data)) {
  355.             $consentMessage "Consent given for deals and offers";
  356.             $consentService->giveConsent($loggedUser"dealsAndOffers"$consentMessage);
  357.         }
  358.         if (array_key_exists('cognito'$data)) {
  359.             $loggedUser->setCognito($data['cognito']);
  360.         }
  361.         if (array_key_exists('displayName'$data)) {
  362.             $loggedUser->setDisplayName($data['displayName']);
  363.         }
  364.         if (array_key_exists('password'$data)) {
  365.             $loggedUser->setPassword($data['password']);
  366.         }
  367.         if ($loggedUser->getTypeOfUser() === 'superuser') {
  368.             if (array_key_exists('practiceName'$data)) {
  369.                 $clinic->setDisplayName($data['practiceName']);
  370.             }
  371.             if (array_key_exists('phone'$data)) {
  372.                 $clinic->setPhone($data['phone']);
  373.             }
  374.             $clinic->save();
  375.         }
  376.         try {
  377.             $loggedUser->save();
  378.             $response = new Response();
  379.             return $response->setContent(json_encode(['message' => 'OK']));
  380.         } catch (\Exception $e) {
  381.             throw new BadRequestHttpException($e);
  382.         }
  383.     }
  384.     /**
  385.      * @Route("/head-office/protocols/get", name="head-office-protocols-get", methods={"GET"}))
  386.      */
  387.     public function headOfficeGetProtocolsAction()
  388.     {
  389.         $loggedUser $this->getUser();
  390.         if (!$loggedUser) {
  391.             throw new UnauthorizedHttpException('Not authorized.');
  392.         }
  393.         $id $loggedUser->getId();
  394.         $protocols = [
  395.             'clinicalPractice',
  396.             'riskAssessments',
  397.             'decontaminationAndCleaning',
  398.             'wasteManagement',
  399.             'occupationalHazards',
  400.             'miscellaneous'
  401.         ];
  402.         $clinic $loggedUser->getClinic();
  403.         $clinicHealthSafetyProtocols = [];
  404.         foreach ($protocols as $protocol) {
  405.             $getter "get" ucwords($protocol);
  406.             $protocolDoc $clinic->$getter();
  407.             if (!empty($protocolDoc)) {
  408.                 $data = [];
  409.                 foreach ($protocolDoc as $doc) {
  410.                     $data[] = [
  411.                         'title' => $doc->getTitle(),
  412.                         'date' => $doc->getAddedDate(),
  413.                         'id' => $doc->getId(),
  414.                         'key' => $doc->getKey()
  415.                     ];
  416.                 }
  417.                 $clinicHealthSafetyProtocols[$protocol] = $data;
  418.             } else {
  419.                 $clinicHealthSafetyProtocols[$protocol] = null;
  420.             }
  421.         }
  422.         $response = new Response();
  423.         $response->headers->set('Content-Type''application/json');
  424.         $response->headers->set('Access-Control-Allow-Origin''*');
  425.         $response->setContent(json_encode($clinicHealthSafetyProtocols));
  426.         return $response;
  427.     }
  428.     /**
  429.      * @Route("/head-office/protocols/post", name="head-office-protocols-post", methods={"POST"})
  430.      * 
  431.      * @param Request $request
  432.      * @return Response
  433.      */
  434.     public function headOfficePostProtocolsAction(Request $requestPermissionService $permissionProvider)
  435.     {
  436.         $loggedUser $this->getUser();
  437.         if (!$loggedUser) {
  438.             throw new UnauthorizedHttpException('Not authorized.');
  439.         }
  440.         $permissionProvider->checkPermissions('teamHQ'$loggedUser);
  441.         if ($request->getContent()) {
  442.             $data json_decode($request->getContent(), true);
  443.             $fileName $data['fileKey'];
  444.             $title $data['title'];
  445.             $documentType $data['documentType'];
  446.             $clinic $loggedUser->getClinic();
  447.             $parentFolder DataObject::getByPath("/Companies/" $clinic->getName() . "/Protocol Documents");
  448.             if (!$parentFolder) {
  449.                 $parentFolder DataObject\Service::createFolderByPath("/Companies/" $clinic->getName() . "/Protocol Documents");
  450.             }
  451.             $currentDate date("d/m/Y");
  452.             $newObject = new DataObject\ProtocolDocument();
  453.             $newObject->setKey($fileName);
  454.             $newObject->setParent($parentFolder);
  455.             $newObject->setTitle($title);
  456.             $newObject->setAddedDate($currentDate);
  457.             $newObject->setPublished(true);
  458.             $newObject->save();
  459.             $getter "get" ucwords($documentType);
  460.             $setter "set" ucwords($documentType);
  461.             $currentDocs $clinic->$getter();
  462.             $clinic->$setter(array_merge($currentDocs, [$newObject]));
  463.             $clinic->save();
  464.             return new Response(json_encode($currentDocs));
  465.         }
  466.         return new Response(null);
  467.     }
  468.     /**
  469.      * @Route("/head-office/protocols/delete/{id}", name="head-office-protocols-delete", methods={"DELETE"})
  470.      * 
  471.      * @param Request $request
  472.      * @return Response
  473.      */
  474.     public function headOfficeProtocolsDeleteAction(Request $request$idPermissionService $permissionProvider)
  475.     {
  476.         $loggedUser $this->getUser();
  477.         if (!$loggedUser) {
  478.             throw new UnauthorizedHttpException('Not authorized.');
  479.         }
  480.         $permissionProvider->checkPermissions('teamHQ'$loggedUser);
  481.         $object DataObject::getById($id);
  482.         if ($object) {
  483.             $object->delete();
  484.             return new Response('File deleted');
  485.         }
  486.         throw new BadRequestHttpException();
  487.     }
  488.     public function filterForTags($tagIds)
  489.     {
  490.         $tagIds is_array($tagIds) ? $tagIds explode(','$tagIds);
  491.         $listing = new \Pimcore\Model\Asset\Listing();
  492.         if ($tagIds) {
  493.             $conditionParts = [];
  494.             foreach ($tagIds as $tagId) {
  495.                 $conditionParts[] = "id IN (SELECT cId FROM tags_assignment WHERE ctype = 'asset' AND tagid = " . (int) $tagId ")";
  496.             }
  497.             if (count($conditionParts) > 0) {
  498.                 $condition implode(" AND "$conditionParts);
  499.                 $listing->addConditionParam($condition);
  500.                 $listing->load();
  501.             }
  502.         }
  503.         return $listing;
  504.     }
  505.     /**
  506.      * @Route("/head-office/locker/", name="head-office-locker-get", methods={"GET"})
  507.      * 
  508.      * @param Request $request
  509.      * @return Response
  510.      */
  511.     public function headOfficeGetLockerAction()
  512.     {
  513.         $loggedUser $this->getUser();
  514.         if (!$loggedUser) {
  515.             throw new UnauthorizedHttpException('You must be logged in to use this service');
  516.         }
  517.         $clinic $loggedUser->getClinic();
  518.         $parentFolder DataObject::getByPath("/Companies/" $clinic->getName() . "/Locker");
  519.         $data = [];
  520.         if ($parentFolder) {
  521.             $list = new DataObject\LockerDocument\Listing();
  522.             $list->setCondition("o_parentId = ?"$parentFolder->getId());
  523.             $list->load();
  524.             $list $list->getData();
  525.             foreach ($list as $document) {
  526.                 $data[] = [
  527.                     'id' => $document->getId(),
  528.                     'key' => $document->getKey(),
  529.                     'title' => $document->getTitle(),
  530.                     'date' => $document->getAddedDate(),
  531.                     'documentKey' => $document->getDocumentKey(),
  532.                     'isPinned' => $document->getIsPinned(),
  533.                     'isMinutes' => $document->getIsMinutes()
  534.                 ];
  535.             }
  536.         }
  537.         return new Response(json_encode($data));
  538.     }
  539.     /**
  540.      * @Route("/head-office/locker/", name="head-office-locker-post", methods={"POST"})
  541.      * 
  542.      * @param Request $request
  543.      * @return Response
  544.      */
  545.     public function headOfficePostLockerAction(Request $requestPermissionService $permissionProviderNotificationService $notificationProvider)
  546.     {
  547.         $loggedUser $this->getUser();
  548.         if (!$loggedUser) {
  549.             throw new UnauthorizedHttpException('Not authorized.');
  550.         }
  551.         $permissionProvider->checkPermissions('teamHQ'$loggedUser);
  552.         if ($request->getContent()) {
  553.             $data json_decode($request->getContent(), true);
  554.             $clinic $loggedUser->getClinic();
  555.             $parentFolder DataObject::getByPath("/Companies/" $clinic->getName() . "/Locker");
  556.             if (!$parentFolder) {
  557.                 $parentFolder DataObject\Service::createFolderByPath("/Companies/" $clinic->getName() . "/Locker");
  558.             }
  559.             $title $data['title'];
  560.             $documentKey $data['documentKey'];
  561.             $key $data['documentKey'];
  562.             $isPinned $data['showHighlight'];
  563.             $isMinutes $data['isMinutes'];
  564.             $shouldNotify $data['showNotify'];
  565.             $currentDate date("d/m/Y");
  566.             $newObject = new DataObject\LockerDocument();
  567.             $newObject->setParent($parentFolder);
  568.             $newObject->setTitle($title);
  569.             $newObject->setAddedDate($currentDate);
  570.             $newObject->setDocumentKey($documentKey);
  571.             $newObject->setKey($key);
  572.             $newObject->setIsPinned($isPinned);
  573.             $newObject->setIsMinutes($isMinutes);
  574.             $newObject->setPublished(true);
  575.             $newObject->save();
  576.             if ($shouldNotify) {
  577.                 $superuser $loggedUser->getTypeOfUser() === 'superuser' $loggedUser $clinic->getSuperuser();
  578.                 $subusers $superuser->getSubusers();
  579.                 $allUsers = array(...$subusers$superuser);
  580.                 $message 'A new document "' $newObject->getTitle() . '" has been uploaded to the {%TeamHQ%}.';
  581.                 foreach ($allUsers as $user) {
  582.                     $notificationProvider->createNotification($user$message'team-lounge');
  583.                 }
  584.             }
  585.             $response = new Response();
  586.             return $response->setContent(json_encode(['message' => 'OK']));
  587.         }
  588.         return new Response(null);
  589.     }
  590.     /**
  591.      * @Route("/head-office/locker/{id}", name="head-office-locker-delete", methods={"DELETE"})
  592.      * 
  593.      * @param Request $request
  594.      * @return Response
  595.      */
  596.     public function headOfficeDeleteLockerAction(Request $request$idPermissionService $permissionProvider)
  597.     {
  598.         $loggedUser $this->getUser();
  599.         if (!$loggedUser) {
  600.             throw new UnauthorizedHttpException('Not authorized.');
  601.         }
  602.         $permissionProvider->checkPermissions('teamHQ'$loggedUser);
  603.         $practiceDocument DataObject::getById($id);
  604.         if (!is_null($practiceDocument)) {
  605.             $practiceDocument->delete();
  606.             return new Response('OK'Response::HTTP_OK);
  607.         }
  608.         throw new BadRequestHttpException();
  609.     }
  610.     /**
  611.      * @Route("/head-office/locker/unpin/{id}", name="head-office-locker-unpin", methods={"PUT"})
  612.      * 
  613.      * @param Request $request
  614.      * @return Response
  615.      */
  616.     public function headOfficeUnpinLockerAction(Request $request$idPermissionService $permissionProvider)
  617.     {
  618.         $loggedUser $this->getUser();
  619.         if (!$loggedUser) {
  620.             throw new UnauthorizedHttpException('Not authorized.');
  621.         }
  622.         $permissionProvider->checkPermissions('teamHQ'$loggedUser);
  623.         $practiceDocument DataObject::getById($id);
  624.         if (!is_null($practiceDocument)) {
  625.             $practiceDocument->setIsPinned(false);
  626.             $practiceDocument->save();
  627.             return new Response('OK'Response::HTTP_OK);
  628.         }
  629.         throw new BadRequestHttpException();
  630.     }
  631.     /**
  632.      * @Route("/head-office/locker/pin/{id}", name="head-office-locker-pin", methods={"PUT"})
  633.      * 
  634.      * @param Request $request
  635.      * @return Response
  636.      */
  637.     public function headOfficePinLockerAction(Request $request$idPermissionService $permissionProvider)
  638.     {
  639.         $loggedUser $this->getUser();
  640.         if (!$loggedUser) {
  641.             throw new UnauthorizedHttpException('Not authorized.');
  642.         }
  643.         $permissionProvider->checkPermissions('teamHQ'$loggedUser);
  644.         $practiceDocument DataObject::getById($id);
  645.         if (!is_null($practiceDocument)) {
  646.             $practiceDocument->setIsPinned(true);
  647.             $practiceDocument->save();
  648.             return new Response('OK'Response::HTTP_OK);
  649.         }
  650.         throw new BadRequestHttpException();
  651.     }
  652.     /**
  653.      * @Route("/head-office/team-message/", name="head-office-locker-teammessage-put", methods={"PUT"})
  654.      * 
  655.      * @param Request $request
  656.      * @return Response
  657.      */
  658.     public function headOfficePutTeamMessageAction(Request $requestPermissionService $permissionProvider)
  659.     {
  660.         $loggedUser $this->getUser();
  661.         if (!$loggedUser) {
  662.             throw new UnauthorizedHttpException('Not authorized.');
  663.         }
  664.         $permissionProvider->checkPermissions('teamHQ'$loggedUser);
  665.         if ($request->getContent()) {
  666.             $data json_decode($request->getContent(), true);
  667.             $id $loggedUser->getId();
  668.             $clinic $loggedUser->getClinic();
  669.             $customerMessageArea $data['customerMessageArea'];
  670.             $teamMessageArea $data['teamMessageArea'];
  671.             $clinic->setTeamMessageArea($teamMessageArea);
  672.             $clinic->setCustomerMessageArea($customerMessageArea);
  673.             $clinic->save();
  674.             return new Response('OK'Response::HTTP_OK);
  675.         }
  676.     }
  677.     /**
  678.      * @Route("/head-office/team-message/", name="head-office-teammessage-get", methods={"GET"})
  679.      * 
  680.      * @param Request $request
  681.      * @return Response
  682.      */
  683.     public function headOfficeGetTeamMessageAction(Request $request)
  684.     {
  685.         $loggedUser $this->getUser();
  686.         if (!$loggedUser) {
  687.             throw new UnauthorizedHttpException('Not authorized.');
  688.         }
  689.         $id $loggedUser->getId();
  690.         $clinic $loggedUser->getClinic();
  691.         $data = [
  692.             'customerMessage' => $clinic->getCustomerMessageArea(),
  693.             'teamMessage' => $clinic->getTeamMessageArea(),
  694.         ];
  695.         return new Response(json_encode(['messages' => $data]));
  696.     }
  697.     /**
  698.      * @Route("/head-office/our-team/document/request", name="our-team-create-request", methods={"POST"})
  699.      * 
  700.      * @param Request $request
  701.      * @return Response
  702.      */
  703.     public function headOfficeCreateDocumentRequestAction(Request $requestToolsService $toolsProvider)
  704.     {
  705.         $loggedUser $this->getUser();
  706.         if (!$loggedUser) {
  707.             throw new UnauthorizedHttpException('Not authorized.');
  708.         }
  709.         $data json_decode($request->getContent(), true);
  710.         $user DataObject\Customer::getByID($data['user']);
  711.         $toolsProvider->createUserTask($user$data['description'], 'userDocument');
  712.         return new Response('OK'Response::HTTP_OK);
  713.     }
  714.     /**
  715.      * @Route("/head-office/our-team/documents", name="our-team-upload-doc", methods={"POST"})
  716.      * 
  717.      * @param Request $request
  718.      * @return Response
  719.      */
  720.     public function headOfficeUploadDocumentAction(Request $requestHeadOfficeService $hoService)
  721.     {
  722.         $loggedUser $this->getUser();
  723.         if (!$loggedUser) {
  724.             throw new UnauthorizedHttpException('Not authorized.');
  725.         }
  726.         $data json_decode($request->getContent(), true);
  727.         if (empty($data['documentKey']) || empty($data['name']) || empty($data['ownerId'])) {
  728.             throw new BadRequestHttpException('File and name are required');
  729.         }
  730.         $owner DataObject\Customer::getById($data['ownerId']);
  731.         $hoService->createUserDocument($data$owner$loggedUser);
  732.         return new Response('OK'Response::HTTP_OK);
  733.     }
  734.     /**
  735.      * @Route("/head-office/our-team/documents/{id}", name="our-team-delete-doc", methods={"DELETE"})
  736.      * 
  737.      * @param Request $request
  738.      * @return Response
  739.      */
  740.     public function headOfficeDeleteDocumentAction($idRequest $requestHeadOfficeService $hoService)
  741.     {
  742.         $loggedUser $this->getUser();
  743.         if (!$loggedUser) {
  744.             throw new UnauthorizedHttpException('Not authorized.');
  745.         }
  746.         //check if is owner
  747.         $doc DataObject\UserDocument::getById($id);
  748.         if (!$doc || $doc->getOwner() !== $loggedUser) {
  749.             throw new NotFoundHttpException('Document not found');
  750.         }
  751.         $doc->delete();
  752.         return new Response('OK'Response::HTTP_OK);
  753.     }
  754.     /**
  755.      * This method retrieves users removed from a clinic from the dashboard, the criteria to identify such users is determined
  756.      * by active (false), clinic (still part of a clinic), no subscription and no parent user
  757.      * 
  758.      * @Route("/head-office/our-team/users/inactive", name="our-team-get-inactive-users", methods={"GET"})
  759.      * 
  760.      * @param Request $request
  761.      * @return Response
  762.      */
  763.     public function headOfficeGetInactiveUsersAction(GeneralService $generalProviderPermissionService $permissionProviderHeadOfficeService $hoService)
  764.     {
  765.         $loggedUser $this->getUser();
  766.         if (!$loggedUser) {
  767.             throw new UnauthorizedHttpException('Not authorized.');
  768.         }
  769.         $permissionProvider->checkPermissions('management'$loggedUser);
  770.         $clinic $loggedUser->getClinic();
  771.         $inactiveUsers $hoService->getInactiveClinicUsers($clinic);
  772.         $inactiveUsersData $generalProvider->getUsersData($inactiveUsers);
  773.         $response = new Response();
  774.         $response->setContent(json_encode(['users' => $inactiveUsersData]));
  775.         return $response;
  776.     }
  777.     /**
  778.      * @Route("/head-office/our-team/users/prorata/{contractId}", name="calculate-user-leave", methods={"GET"})
  779.      * 
  780.      * @param Request $request
  781.      * @return Response
  782.      */
  783.     public function headOfficeGetProRataUserAction(
  784.         $contractId,
  785.         HeadOfficeService $hoService,
  786.         PermissionService $permissionProvider,
  787.         Request $request
  788.     ) {
  789.         $loggedUser $this->getUser();
  790.         if (!$loggedUser) {
  791.             throw new UnauthorizedHttpException('Not authorized.');
  792.         }
  793.         $permissionProvider->checkPermissions('management'$loggedUser);
  794.         $contract DataObject\EmployeeContractDetails::getById($contractId);
  795.         if (!$contract) {
  796.             throw new BadRequestHttpException('Contract not valid');
  797.         }
  798.         $user $contract->getUser();
  799.         if (!$user) {
  800.             throw new BadRequestHttpException('User id not valid');
  801.         }
  802.         if ($user->getClinic() !== $loggedUser->getClinic()) {
  803.             throw new UnauthorizedHttpException('Not authorized');
  804.         }
  805.         $endDate $request->query->get('endDate');
  806.         if (!$endDate) {
  807.             throw new BadRequestHttpException('No end date provided');
  808.         }
  809.         $prorata $hoService->getTotalHolidaysProRata($contract$userCarbon::parse($endDate));
  810.         $response = new Response();
  811.         $response->headers->set('Content-Type''application/json');
  812.         $response->headers->set('Access-Control-Allow-Origin''*');
  813.         $data = [
  814.             'prorata' => $prorata
  815.         ];
  816.         $response->setContent(json_encode($data));
  817.         return $response;
  818.     }
  819.     /**
  820.      * @Route("/head-office/our-team/users/{userId}", name="our-team-get-user", methods={"GET"})
  821.      * 
  822.      * @param Request $request
  823.      * @return Response
  824.      */
  825.     public function headOfficeGetUserAction($userIdHeadOfficeService $hoServicePermissionService $permissionProviderLeavingWizardService $leavingWizardService)
  826.     {
  827.         $loggedUser $this->getUser();
  828.         if (!$loggedUser) {
  829.             throw new UnauthorizedHttpException('Not authorized.');
  830.         }
  831.         //TODO remove comments
  832.         //check permission if not getting own info
  833.         // if ($userId != $loggedUser->getId()) {
  834.         //     $permissionProvider->checkPermissions('management', $loggedUser);
  835.         // }
  836.         $user DataObject\Customer::getById($userId);
  837.         $docs $hoService->getUserDocs($userId);
  838.         $clinic $loggedUser->getClinic();
  839.         $policy $hoService->getHolidayPolicyData($hoService->getHolidayPolicyByClinic($clinic));
  840.         //TODO The contract should be the relevant contract for the period, not specifically the last
  841.         $employeeContractDetails $hoService->getUserLastCreatedContract($user);
  842.         $leavingWizardData $leavingWizardService->getLeavingWizardInfoByUserid($userId);
  843.         $employeeContractDetailsData $employeeContractDetails
  844.             $hoService->getEmployeeContractDetailsData($employeeContractDetails)
  845.             : null;
  846.         $workPeriods $employeeContractDetailsData $hoService->getContractWorkPeriods($employeeContractDetails) : [];
  847.         $contracts $hoService->getUserContracts($user);
  848.         $contractsData array_map(function ($contract) use ($hoService) {
  849.             $data $hoService->getEmployeeContractDetailsData($contract);
  850.             $data['workPeriods'] = $hoService->getContractWorkPeriods($contract);
  851.             return $data;
  852.         }, $contracts);
  853.         $response = new Response();
  854.         $response->headers->set('Content-Type''application/json');
  855.         $response->headers->set('Access-Control-Allow-Origin''*');
  856.         $data = [
  857.             'id' => $userId,
  858.             'documents' => $docs,
  859.             /* 'clinic policy' => $policy, */
  860.             'contractDetails' => $employeeContractDetailsData,
  861.             'contracts' => $contractsData,
  862.             'leavingWizard' => $leavingWizardData,
  863.             'workPeriods' => $workPeriods,
  864.             'amendments' => $hoService->getAmendmentsByUser($user),
  865.             'holidayDetails' => $employeeContractDetailsData
  866.                 $hoService->getUserHolidayDetails($user$hoService->getHolidayPolicyByClinic($user->getClinic())) : null //only retrieves when contract is set
  867.         ];
  868.         $response->setContent(json_encode($data));
  869.         return $response;
  870.     }
  871.     /**
  872.      * @Route("/head-office/our-team/users/{userId}/contracts", name="our-team-post-user", methods={"POST"})
  873.      * 
  874.      * @param Request $request
  875.      * @return Response
  876.      */
  877.     public function headOfficePostUserAction(
  878.         $userId,
  879.         Request $request,
  880.         HeadOfficeService $hoService,
  881.         PermissionService $permissionProvider
  882.     ) {
  883.         $loggedUser $this->getUser();
  884.         if (!$loggedUser) {
  885.             throw new UnauthorizedHttpException('Not authorized.');
  886.         }
  887.         //check permission
  888.         $permissionProvider->checkPermissions('management'$loggedUser);
  889.         $user DataObject\Customer::getById($userId);
  890.         if (!$user) {
  891.             throw new BadRequestHttpException('User id not valid');
  892.         }
  893.         if ($user->getClinic() !== $loggedUser->getClinic()) {
  894.             throw new UnauthorizedHttpException('Not authorized');
  895.         }
  896.         $payload json_decode($request->getContent(), true);
  897.         $contracts $hoService->getUserContracts($user);
  898.         
  899.         $lastCreatedContract $hoService->getUserLastCreatedContract($user);
  900.         $contract $lastCreatedContract;
  901.         $today Carbon::now()->toDateString();
  902.         $lastEffectiveDate $lastCreatedContract $lastCreatedContract->getEffectiveDate() : null;
  903.         //if the last saved contract is today, we just update it, do not create a new contract
  904.         if (!$lastEffectiveDate || $lastEffectiveDate->toDateString() != $today) {
  905.             $contract $hoService->createEmployeeContractDetails($user);
  906.         }
  907.         if ($lastCreatedContract) {
  908.             $payload['hiringDate'] = $lastCreatedContract->getHiringDate();
  909.         } else {
  910.             $payload['hiringDate'] = Carbon::parse($payload['hiringDate']);
  911.         }
  912.         $hoService->updateEmployeeContractDetails($payload$contract);
  913.         $hoService->saveWorkPeriods($payload['workPeriods'], $contract);
  914.         $response = new Response();
  915.         $response->headers->set('Content-Type''application/json');
  916.         $response->headers->set('Access-Control-Allow-Origin''*');
  917.         return $response->setContent(json_encode(['id' => $contract->getId()]));
  918.     }
  919.     /**
  920.      * @Route("/head-office/our-team/users/{userId}/contracts/{contractId}", name="our-team-put-user", methods={"PUT"})
  921.      * 
  922.      * @param Request $request
  923.      * @return Response
  924.      */
  925.     public function headOfficePutUserAction($userId$contractIdRequest $requestHeadOfficeService $hoServicePermissionService $permissionProvider)
  926.     {
  927.         $loggedUser $this->getUser();
  928.         if (!$loggedUser) {
  929.             throw new UnauthorizedHttpException('Not authorized.');
  930.         }
  931.         //check permission
  932.         $permissionProvider->checkPermissions('management'$loggedUser);
  933.         $user DataObject\Customer::getById($userId);
  934.         $contract DataObject\EmployeeContractDetails::getById($contractId);
  935.         if (!$user || !$contract || $contract->getUser()->getId() != $user->getId()) {
  936.             throw new BadRequestHttpException('Contract not found');
  937.         }
  938.         if ($user->getClinic() !== $loggedUser->getClinic()) {
  939.             throw new UnauthorizedHttpException('Not authorized');
  940.         }
  941.         $payload json_decode($request->getContent(), true);
  942.         if (isset($payload['workPeriods'])) {
  943.             $hoService->saveWorkPeriods($payload['workPeriods'], $contract);
  944.         }
  945.         if (isset($payload['reportTo'])) {
  946.             $hoService->updateContractReportTo($contract$payload['reportTo']);
  947.             $contract->save();
  948.         }
  949.         if (!empty($payload['endDate'])) {
  950.             $hoService->updateContractEndDate($contract$payload['endDate']);
  951.         }
  952.         
  953.         return new Response('OK'Response::HTTP_OK);
  954.     }
  955.     /**
  956.      * @Route("/head-office/our-team/users/history/{userId}", name="our-team-get-user-history", methods={"GET"})
  957.      * 
  958.      * @param Request $request
  959.      * @return Response
  960.      */
  961.     public function headOfficeGetUserHolidayHistoryAction(
  962.         $userId,
  963.         HeadOfficeService $hoService,
  964.         PermissionService $permissionProvider,
  965.         Request $request
  966.     ) {
  967.         $loggedUser $this->getUser();
  968.         if (!$loggedUser) {
  969.             throw new UnauthorizedHttpException('Not authorized.');
  970.         }
  971.         //check permission if not getting own info
  972.         if ($userId != $loggedUser->getId()) {
  973.             $permissionProvider->checkPermissions('management'$loggedUser);
  974.         }
  975.         $user DataObject\Customer::getById($userId);
  976.         if (!$user) {
  977.             throw new BadRequestHttpException('User id not valid');
  978.         }
  979.         if ($user->getClinic() !== $loggedUser->getClinic()) {
  980.             throw new UnauthorizedHttpException('Not authorized');
  981.         }
  982.         $yearAgo = (int)$request->query->get('year');
  983.         if (!$yearAgo) {
  984.             $yearAgo 1;
  985.         }
  986.         [$events$limit$yearAgo] = $hoService->getUserHolidaysEvents($user$yearAgo);
  987.         $response = new Response();
  988.         $response->headers->set('Content-Type''application/json');
  989.         $response->headers->set('Access-Control-Allow-Origin''*');
  990.         $response->setContent(json_encode(['history' => $events'limit' => $limit'year' => $yearAgo]));
  991.         return $response;
  992.     }
  993.     /**
  994.      * @Route("/head-office/our-team/policies", name="create-our-team-policies", methods={"POST"})
  995.      * 
  996.      * @param Request $request
  997.      * @return Response
  998.      */
  999.     public function headOfficeCreatePolicyAction(Request $requestPermissionService $permissionProviderHeadOfficeService $hoService)
  1000.     {
  1001.         $loggedUser $this->getUser();
  1002.         if (!$loggedUser) {
  1003.             throw new UnauthorizedHttpException('Not authorized.');
  1004.         }
  1005.         //check permission
  1006.         $permissionProvider->checkPermissions('management'$loggedUser);
  1007.         $clinic $loggedUser->getClinic();
  1008.         $policy $hoService->createOrUpdateHolidayPolicy(json_decode($request->getContent(), true), $clinic);
  1009.         $clinic->setHolidayPolicy($policy);
  1010.         $clinic->save();
  1011.         return new Response('OK'Response::HTTP_OK);
  1012.     }
  1013.     /**
  1014.      * @Route("/head-office/our-team/policies", name="get-our-team-policies", methods={"GET"})
  1015.      * 
  1016.      * @param Request $request
  1017.      * @return Response
  1018.      */
  1019.     public function headOfficeGetPolicyAction(PermissionService $permissionProviderHeadOfficeService $hoService)
  1020.     {
  1021.         $loggedUser $this->getUser();
  1022.         if (!$loggedUser) {
  1023.             throw new UnauthorizedHttpException('Not authorized.');
  1024.         }
  1025.         $clinic $loggedUser->getClinic();
  1026.         $policy $hoService->getHolidayPolicyData($hoService->getHolidayPolicyByClinic($clinic));
  1027.         $response = new Response();
  1028.         $response->headers->set('Content-Type''application/json');
  1029.         $response->headers->set('Access-Control-Allow-Origin''*');
  1030.         $response->setContent(json_encode(['policy' => $policy]));
  1031.         return $response;
  1032.     }
  1033.     /**
  1034.      * @Route("/head-office/our-team/policies/{id}", name="update-our-team-policies", methods={"PUT"})
  1035.      * 
  1036.      * @param Request $request
  1037.      * @return Response
  1038.      */
  1039.     public function headOfficeUpdatePolicyAction($idRequest $requestPermissionService $permissionProviderHeadOfficeService $hoServiceGeneralService $generalProvider)
  1040.     {
  1041.         $loggedUser $this->getUser();
  1042.         if (!$loggedUser) {
  1043.             throw new UnauthorizedHttpException('Not authorized.');
  1044.         }
  1045.         //check permission
  1046.         $permissionProvider->checkPermissions('management'$loggedUser);
  1047.         $clinic $loggedUser->getClinic();
  1048.         //check ownership
  1049.         if ($hoService->getHolidayPolicyByClinic($clinic)->getId() != $id) {
  1050.             throw new UnauthorizedHttpException('Not allowed');
  1051.         }
  1052.         $policy $hoService->createOrUpdateHolidayPolicy(json_decode($request->getContent(), true), $clinic$id);
  1053.         $clinic->setHolidayPolicy($policy);
  1054.         return new Response('OK'Response::HTTP_OK);
  1055.     }
  1056.     /**
  1057.      * @Route("/head-office/our-team/holiday-enrollment", name="get-our-team-holiday-enrollment", methods={"GET"})
  1058.      * 
  1059.      * @param Request $request
  1060.      * @return Response
  1061.      */
  1062.     public function headOfficeGetEnrollmentsAction(PermissionService $permissionProviderHeadOfficeService $hoServiceGeneralService $generalProvider)
  1063.     {
  1064.         $loggedUser $this->getUser();
  1065.         if (!$loggedUser) {
  1066.             throw new UnauthorizedHttpException('Not authorized.');
  1067.         }
  1068.         //check permission
  1069.         $permissionProvider->checkPermissions('management'$loggedUser);
  1070.         $clinic $loggedUser->getClinic();
  1071.         $allsetUsers $hoService->getClinicHolidayEnrolledUsers($clinic);
  1072.         $data = [];
  1073.         foreach ($allsetUsers as $user) {
  1074.             $data[] = $generalProvider->getUserData($user);
  1075.         }
  1076.         $response = new Response();
  1077.         $response->headers->set('Content-Type''application/json');
  1078.         $response->headers->set('Access-Control-Allow-Origin''*');
  1079.         $response->setContent(json_encode(['users' => $data]));
  1080.         return $response;
  1081.     }
  1082.     /**
  1083.      * @Route("/head-office/our-team/amendments/{userId}", name="create-holiday-amendment", methods={"POST"})
  1084.      * 
  1085.      * @param Request $request
  1086.      * @return Response
  1087.      */
  1088.     public function headOfficeCreateAmendmentAction(
  1089.         $userId,
  1090.         Request $request,
  1091.         PermissionService $permissionProvider,
  1092.         HeadOfficeService $hoService,
  1093.         EventDispatcherInterface $dispatcher,
  1094.     ) {
  1095.         $loggedUser $this->getUser();
  1096.         if (!$loggedUser) {
  1097.             throw new UnauthorizedHttpException('Not authorized.');
  1098.         }
  1099.         //check permission
  1100.         $permissionProvider->checkPermissions('management'$loggedUser);
  1101.         $user DataObject\Customer::getById($userId);
  1102.         if (!$user) {
  1103.             throw new BadRequestHttpException('User id not valid');
  1104.         }
  1105.         if ($user->getClinic() !== $loggedUser->getClinic()) {
  1106.             throw new UnauthorizedHttpException('Not authorized');
  1107.         }
  1108.         $employeeContractDetails $hoService->getUserLastCreatedContract($user);
  1109.         if (!$employeeContractDetails) {
  1110.             throw new BadRequestHttpException('Employee contract is not set');
  1111.         }
  1112.         $payload json_decode($request->getContent(), true);
  1113.         $payload['adjustmentBase'] = $hoService->getHolidayPolicyByClinic($user->getClinic())->getHolidayEntitlementBase();
  1114.         $amendment $hoService->createHolidayAmendment($user$payload$loggedUser);
  1115.         $amendmentDetails $hoService->getAmendmentDetails($amendment);
  1116.         $msg $hoService->createHolidayMessage('amendmentCreated'$amendmentDetails);
  1117.         //create a new event to notify
  1118.         $event = new HolidayEvent([
  1119.             'recipients' => [$amendment->getEmployee()],
  1120.             'msg' => $msg,
  1121.             'id' => $userId
  1122.         ]);
  1123.         $dispatcher->dispatch($event'holiday.onAmendmentCreated');
  1124.         return new Response('OK'Response::HTTP_OK);
  1125.     }
  1126.     /**
  1127.      * @Route("/head-office/our-team/requests/{userId}", name="create-holiday-request", methods={"POST"})
  1128.      * 
  1129.      * @param Request $request
  1130.      * @return Response
  1131.      */
  1132.     public function headOfficeCreateHolidayRequestAction(
  1133.         $userId,
  1134.         Request $request,
  1135.         HeadOfficeService $hoService,
  1136.         EventDispatcherInterface $dispatcher,
  1137.     ) {
  1138.         $loggedUser $this->getUser();
  1139.         if (!$loggedUser) {
  1140.             throw new UnauthorizedHttpException('Not authorized.');
  1141.         }
  1142.         $user DataObject\Customer::getById($userId);
  1143.         if (!$user) {
  1144.             throw new UnauthorizedHttpException('User id not valid');
  1145.         }
  1146.         if ($user->getClinic() !== $loggedUser->getClinic()) {
  1147.             throw new UnauthorizedHttpException('Not authorized');
  1148.         }
  1149.         $policy $hoService->getHolidayPolicyByClinic($user->getClinic());
  1150.         $payload json_decode($request->getContent(), true);
  1151.         $type $payload['type'];
  1152.         //check if request includes a bank holiday
  1153.         $startDate Carbon::parse($payload['start']);
  1154.         $endDate $type === 'days' Carbon::parse($payload['end']) : $startDate->clone();
  1155.         $hours $payload['hours'];
  1156.         $intersectBankHolidays $hoService->getBankHolidaysFromInterval($startDate$endDate$policy->getApplicableBankHoliday());
  1157.         $processedRequests $hoService->separateRequestsByBankHolidays($intersectBankHolidays$startDate$endDate$type);
  1158.         $contract $hoService->getUserLastCreatedContract($user);
  1159.         $holidayEntitlementType $policy->getHolidayEntitlementBase();
  1160.         // if holiday entitlement is based in hours and type is period, should add hours to processed request
  1161.         if ($holidayEntitlementType === 'hours' && $type === 'period') {
  1162.             $processedRequests array_map(function ($req) use ($hours) {
  1163.                 $req['hours'] = $hours;
  1164.                 return $req;
  1165.             }, $processedRequests);
  1166.         }
  1167.         //check clinic policy to see if holidays cannot be negative
  1168.         if (!$policy->getHolidayCounterNegative() && $payload['category'] == 'holiday') {
  1169.             $exceedsAvailable $hoService->checkRequestsExceedAvailableHolidays($user$processedRequests);
  1170.             if ($exceedsAvailable) {
  1171.                 throw new BadRequestHttpException('Your request period exceeds holidays available.');
  1172.             }
  1173.         }
  1174.         foreach ($processedRequests as $processedRequest) {
  1175.             $data = [
  1176.                 'start' => $processedRequest['start'],
  1177.                 'end' => $processedRequest['end'],
  1178.                 'type' => $processedRequest['type'],
  1179.                 'description' => $payload['description'],
  1180.                 'category' => $payload['category'],
  1181.                 'period' => !empty($payload['category']) ? $payload['category'] : '',
  1182.                 'hours' => !empty($processedRequest['hours']) ? $processedRequest['hours'] : ''
  1183.             ];
  1184.             $request $hoService->createHolidayRequest($user$data$loggedUser);
  1185.             $requestDetails $hoService->getHolidayRequestDetails('requestCreated'$request$holidayEntitlementType === 'hours');
  1186.             $msg $hoService->createHolidayMessage('requestCreated'$requestDetails);
  1187.             //create a new event to notify
  1188.             $event = new HolidayEvent([
  1189.                 'recipients' => $contract->getReportTo(),
  1190.                 'msg' => $msg,
  1191.                 'id' => $userId
  1192.             ]);
  1193.             $dispatcher->dispatch($event'holiday.onRequestCreated');
  1194.         }
  1195.         return new Response('OK'Response::HTTP_OK);
  1196.     }
  1197.     /**
  1198.      * @Route("/head-office/our-team/requests/{id}", name="update-holiday-request", methods={"PUT"})
  1199.      * 
  1200.      * @param Request $request
  1201.      * @return Response
  1202.      */
  1203.     public function headOfficeUpdateRequestAction(
  1204.         $id,
  1205.         Request $request,
  1206.         HeadOfficeService $hoService,
  1207.         EventDispatcherInterface $dispatcher,
  1208.     ) {
  1209.         $loggedUser $this->getUser();
  1210.         if (!$loggedUser) {
  1211.             throw new UnauthorizedHttpException('Not authorized.');
  1212.         }
  1213.         $holidayRequest DataObject\HolidayRequest::getById($id);
  1214.         $employee $holidayRequest->getEmployee();
  1215.         $contract $hoService->getUserLastCreatedContract($employee);
  1216.         $reportedUsers $contract->getReportTo();
  1217.         $isManager $employee->getClinic() == $loggedUser->getClinic()
  1218.             && in_array($loggedUser->getTypeOfUser(), ['superuser''manager']);
  1219.         $isReportedTo in_array($loggedUser$reportedUsers);
  1220.         //only users or the person who the user reports to are able to update
  1221.         if (!$holidayRequest || (!$isManager && !$isReportedTo)) {
  1222.             throw new BadRequestHttpException('Request not found');
  1223.         }
  1224.         $payload json_decode($request->getContent(), true);
  1225.         //approvals are only updated by reported user
  1226.         if ($isManager || in_array($loggedUser$reportedUsers) && isset($payload['approved'])) {
  1227.             $status $payload['approved'] ? 'approved' 'rejected';
  1228.             $hoService->updateHolidayRequestStatus(
  1229.                 $holidayRequest,
  1230.                 $holidayRequest->getStatus(),
  1231.                 $status,
  1232.                 $loggedUser,
  1233.                 $payload['rejectReason']
  1234.             );
  1235.         }
  1236.         $holidayRequest->save();
  1237.         $eventType $holidayRequest->getStatus() === 'approved'
  1238.             'requestAccepted' : ($holidayRequest->getStatus() === 'rejected' 'requestRejected' null);
  1239.         if ($eventType) {
  1240.             $policy $hoService->getHolidayPolicyByClinic($employee->getClinic());
  1241.             $holidayEntitlementType $policy->getHolidayEntitlementBase();
  1242.             $requestDetails $hoService->getHolidayRequestDetails($eventType$holidayRequest$holidayEntitlementType === 'hours');
  1243.             $msg $hoService->createHolidayMessage($eventType$requestDetails);
  1244.             //create a new event to notify
  1245.             $event = new HolidayEvent([
  1246.                 'recipients' => [$holidayRequest->getEmployee()],
  1247.                 'msg' => $msg,
  1248.                 'id' => $employee->getId()
  1249.             ]);
  1250.             $dispatcher->dispatch($event'holiday.on' ucfirst($eventType));
  1251.         }
  1252.         return new Response('OK'Response::HTTP_OK);
  1253.     }
  1254.     /**
  1255.      * @Route("/head-office/our-team/requests/{id}", name="delete-holiday-request", methods={"DELETE"})
  1256.      * 
  1257.      * @param Request $request
  1258.      * @return Response
  1259.      */
  1260.     public function headOfficeDeleteRequestAction($id)
  1261.     {
  1262.         $loggedUser $this->getUser();
  1263.         if (!$loggedUser) {
  1264.             throw new UnauthorizedHttpException('Not authorized.');
  1265.         }
  1266.         $holidayRequest DataObject\HolidayRequest::getById($id);
  1267.         $employee $holidayRequest->getEmployee();
  1268.         //only owners can delete their own requests
  1269.         if (!$holidayRequest || $employee != $loggedUser) {
  1270.             throw new BadRequestHttpException('Request not found');
  1271.         }
  1272.         $today Carbon::now();
  1273.         $requestStart Carbon::parse($holidayRequest->getStart());
  1274.         if ($today->gt($requestStart)) {
  1275.             throw new BadRequestHttpException('It is a past request');
  1276.         }
  1277.         $holidayRequest->delete();
  1278.         return new Response('OK'Response::HTTP_OK);
  1279.     }
  1280.     /**
  1281.      * @Route("/head-office/our-team/requests", name="create-multiple-holiday-request", methods={"POST"})
  1282.      * 
  1283.      * @param Request $request
  1284.      * @return Response
  1285.      */
  1286.     public function headOfficeCreateMultipleHolidaysRequestAction(
  1287.         Request $request,
  1288.         HeadOfficeService $hoService,
  1289.         EventDispatcherInterface $dispatcher,
  1290.         PermissionService $permissionProvider
  1291.     ) {
  1292.         $loggedUser $this->getUser();
  1293.         if (!$loggedUser) {
  1294.             throw new UnauthorizedHttpException('Not authorized.');
  1295.         }
  1296.         $permissionProvider->checkPermissions('management'$loggedUser);
  1297.         $policy $hoService->getHolidayPolicyByClinic($loggedUser->getClinic());
  1298.         $payload json_decode($request->getContent(), true);
  1299.         $type "days";
  1300.         //check if request includes a bank holiday
  1301.         $startDate Carbon::parse($payload['start']);
  1302.         $endDate Carbon::parse($payload['end']);
  1303.         $intersectBankHolidays $hoService->getBankHolidaysFromInterval($startDate$endDate$policy->getApplicableBankHoliday());
  1304.         $processedRequests $hoService->separateRequestsByBankHolidays($intersectBankHolidays$startDate$endDate$type);
  1305.         foreach ($payload['users'] as $userId => $shouldCreate) {
  1306.             $user DataObject\Customer::getById($userId);
  1307.             if (!$shouldCreate || $user->getClinic() !== $loggedUser->getClinic()) {
  1308.                 continue;
  1309.             }
  1310.             $contract $hoService->getUserLastCreatedContract($user);
  1311.             $holidayEntitlementType $policy->getHolidayEntitlementBase();
  1312.             foreach ($processedRequests as $processedRequest) {
  1313.                 $data = [
  1314.                     'start' => $processedRequest['start'],
  1315.                     'end' => $processedRequest['end'],
  1316.                     'type' => $processedRequest['type'],
  1317.                     'description' => $payload['description'],
  1318.                     'category' => 'holiday'
  1319.                 ];
  1320.                 $request $hoService->createHolidayRequest($user$data$loggedUser);
  1321.                 $request->setStatus('approved'); //it's approved straight away
  1322.                 $request->save();
  1323.                 $requestDetails $hoService->getHolidayRequestDetails('requestCreated'$request$holidayEntitlementType === 'hours');
  1324.                 $msg $hoService->createHolidayMessage('requestCreated'$requestDetails);
  1325.                 //create a new event to notify
  1326.                 $event = new HolidayEvent([
  1327.                     'recipients' => $contract->getReportTo(),
  1328.                     'msg' => $msg,
  1329.                     'id' => $userId
  1330.                 ]);
  1331.                 $dispatcher->dispatch($event'holiday.onRequestCreated');
  1332.             }
  1333.         }
  1334.         return new Response('OK'Response::HTTP_OK);
  1335.     }
  1336.     /**
  1337.      * @Route("/head-office/our-team/leaves", name="get-clinic-leaves", methods={"GET"})
  1338.      * 
  1339.      * @param Request $request
  1340.      * @return Response
  1341.      */
  1342.     public function headOfficeClinicLeavesAction(HeadOfficeService $hoServicePermissionService $permissionProviderGeneralService $generalProvider)
  1343.     {
  1344.         $loggedUser $this->getUser();
  1345.         if (!$loggedUser) {
  1346.             throw new UnauthorizedHttpException('Not authorized.');
  1347.         }
  1348.         $teamUsers = [];
  1349.         if ($loggedUser->getTypeOfUser() == 'subuser') {
  1350.             $teamUsers = [$loggedUser];
  1351.         } else {
  1352.             $teamUsers $hoService->getReporteesByManager($loggedUser);
  1353.         }
  1354.         $policy $hoService->getHolidayPolicyByClinic($loggedUser->getClinic());
  1355.         $leaves $hoService->getReporteeLeaves($teamUsers$policy->getHolidayEntitlementBase());
  1356.         $response = new Response();
  1357.         $response->headers->set('Content-Type''application/json');
  1358.         $response->headers->set('Access-Control-Allow-Origin''*');
  1359.         $response->setContent(json_encode(['teamLeaves' => $leaves'reportees' => $generalProvider->getUsersData(array_unique($teamUsers))]));
  1360.         return $response;
  1361.     }
  1362.     /**
  1363.      * @Route("/head-office/our-team/bank-holidays", name="get-bank-holidays", methods={"GET"})
  1364.      * 
  1365.      * @param Request $request
  1366.      * @return Response
  1367.      */
  1368.     public function headOfficeGetBankHolidaysAction(HeadOfficeService $hoService)
  1369.     {
  1370.         $loggedUser $this->getUser();
  1371.         if (!$loggedUser) {
  1372.             throw new UnauthorizedHttpException('Not authorized.');
  1373.         }
  1374.         $bankHolidays $hoService->getBankHolidaysFromClinic($loggedUser->getClinic());
  1375.         $response = new Response();
  1376.         $response->headers->set('Content-Type''application/json');
  1377.         $response->headers->set('Access-Control-Allow-Origin''*');
  1378.         $response->setContent(json_encode(['bankHolidays' => $bankHolidays]));
  1379.         return $response;
  1380.     }
  1381.     /**
  1382.      * @Route("/head-office/our-team/leaver-wizard", name="create-leave", methods={"POST"})
  1383.      */
  1384.     public function createLeaveAction(Request $requestHeadOfficeService $hoServicePermissionService $permissionProviderLeavingWizardService $leavingWizardService)
  1385.     {
  1386.         $loggedUser $this->getUser();
  1387.         if (!$loggedUser) {
  1388.             throw new UnauthorizedHttpException('Not authorized.');
  1389.         }
  1390.         $permissionProvider->checkPermissions('management'$loggedUser);
  1391.         $payload json_decode($request->getContent(), true);
  1392.         //any validation
  1393.         $leavingWizardService->createLeaveWizardInfo($payload$loggedUser);
  1394.         return new Response('OK'Response::HTTP_OK);
  1395.     }
  1396.     
  1397.     /**
  1398.      * @Route("/head-office/our-team/leaver-wizard/{userId}", name="get-leave", methods={"GET"})
  1399.      */
  1400.     public function getLeaveAction($userIdRequest $requestHeadOfficeService $hoServicePermissionService $permissionProviderLeavingWizardService $leavingWizardService)
  1401.     {
  1402.         $loggedUser $this->getUser();
  1403.         if (!$loggedUser) {
  1404.             throw new UnauthorizedHttpException('Not authorized.');
  1405.         }
  1406.         //any validation
  1407.         $data $leavingWizardService->getLeavingWizardInfoByUserid($userId);
  1408.         $response = new Response();
  1409.         $response->headers->set('Content-Type''application/json');
  1410.         $response->headers->set('Access-Control-Allow-Origin''*');
  1411.         $response->setContent(json_encode(['leavingWizardInfo' => $data]));
  1412.         return $response;
  1413.     }
  1414.     /**
  1415.      * @Route("/education/courses", name="education-courses-read")
  1416.      */
  1417.     public function educationCourseReadAction()
  1418.     {
  1419.         $loggedUser $this->getUser();
  1420.         if (!$loggedUser) {
  1421.             throw new UnauthorizedHttpException('Not authorized.');
  1422.         }
  1423.         $entries = new DataObject\Course\Listing();
  1424.         $entries->load();
  1425.         $entries $entries->getData();
  1426.         $data = [];
  1427.         foreach ($entries as $course) {
  1428.             $modules = [];
  1429.             foreach ($course->getModules()->getItems() as $module) {
  1430.                 $units = [];
  1431.                 foreach ($module->getUnits() as $unit) {
  1432.                     $video $unit->getVideo();
  1433.                     /* $videoDuration = ($video && $video->getData()) ? $video->getData()->getCustomSettings()['embeddedMetaData']['Duration'] : ''; */
  1434.                     $units[] = [
  1435.                         'name' => $unit->getName(),
  1436.                         'id' => $unit->getId(),
  1437.                         'number' => $unit->getNumber(),
  1438.                         'quiz' => $unit->getHasQuiz(),
  1439.                         'description' => $unit->getDescription(),
  1440.                         'videoDuration' => ''
  1441.                     ];
  1442.                 }
  1443.                 $modules[] = [
  1444.                     'name' => $module->getName(),
  1445.                     'number' => $module->getNumber(),
  1446.                     'units' => $units
  1447.                 ];
  1448.             }
  1449.             $cardImage $course->getCardImage();
  1450.             $cardThumbnail = ($cardImage) ? $cardImage->getThumbnail('courseCard')->getPath() : null;
  1451.             $listImage $course->getListImage();
  1452.             $listThumbnail = ($listImage) ? $listImage->getThumbnail('newsList')->getPath() : null;
  1453.             $data[] = [
  1454.                 'name' => $course->getName(),
  1455.                 'id' => $course->getId(),
  1456.                 'provider' => $course->getProvider(),
  1457.                 'instructor' => $course->getInstructor(),
  1458.                 'cardImage' => $cardThumbnail,
  1459.                 'listImage' => $listThumbnail,
  1460.                 'modules' => $modules,
  1461.                 'description' => $course->getDescription()
  1462.             ];
  1463.         }
  1464.         $response = new Response();
  1465.         $response->headers->set('Content-Type''application/json');
  1466.         $response->headers->set('Access-Control-Allow-Origin''*');
  1467.         $response->setContent(json_encode($data));
  1468.         return $response;
  1469.     }
  1470.     /**
  1471.      * @Route("/education/courses/getting-started", name="education-courses-getting-started", methods={"GET"})
  1472.      */
  1473.     public function educationGettingStartedReadAction()
  1474.     {
  1475.         $loggedUser $this->getUser();
  1476.         if (!$loggedUser) {
  1477.             throw new UnauthorizedHttpException('Not authorized.');
  1478.         }
  1479.         $page DataObject\GettingStartedPageEducation::getById(2316);
  1480.         $data = [];
  1481.         $banner = [];
  1482.         $mainCourseLinks = [];
  1483.         foreach ($page->getCoursesLink() as $courseLink) {
  1484.             array_push($mainCourseLinks$courseLink->getId());
  1485.         };
  1486.         $banner['title'] = $page->getTitle();
  1487.         $banner['text'] = $page->getText();
  1488.         $banner['background'] = $page->getBackground()->getThumbnail('heroGrid')->getPath();
  1489.         $banner['newCourse'] = $page->getNewCourse();
  1490.         $banner['courseLink'] = $mainCourseLinks;
  1491.         $featuredCourses = [];
  1492.         foreach ($page->getFeaturedCourse() as $course) {
  1493.             $featuredCourses[] = [
  1494.                 'title' => $course['title']->getData(),
  1495.                 'text' => $course['text']->getData(),
  1496.                 'image' => $course['image']->getData()->getThumbnail('standardTeaser')->getPath(),
  1497.                 'link' => $course['courseLink']->getData()->getId(),
  1498.             ];
  1499.         }
  1500.         $data['banner'] = $banner;
  1501.         $data['featuredCourses'] = $featuredCourses;
  1502.         $response = new Response();
  1503.         $response->headers->set('Content-Type''application/json');
  1504.         $response->headers->set('Access-Control-Allow-Origin''*');
  1505.         $response->setContent(json_encode($data));
  1506.         return $response;
  1507.     }
  1508.     /**
  1509.      * @Route("/education/courses/{unitId}", name="education-read", methods={"GET"})
  1510.      */
  1511.     public function educationUnitReadAction($unitId)
  1512.     {
  1513.         $loggedUser $this->getUser();
  1514.         if (!$loggedUser) {
  1515.             throw new UnauthorizedHttpException('Not authorized.');
  1516.         }
  1517.         $unit DataObject\CourseUnit::getById($unitId);
  1518.         $quiz = [];
  1519.         if ($unit->getHasQuiz()) {
  1520.             if ($unit->getQuestions()) {
  1521.                 foreach ($unit->getQuestions()->getItems() as $question) {
  1522.                     $answers = [];
  1523.                     foreach ($question->getAnswer() as $answer) {
  1524.                         $answers[] = $answer['possibleAnswer']->getData();
  1525.                     }
  1526.                     $quiz[] = [
  1527.                         'question' => $question->getQuestion(),
  1528.                         'id' => $question->getIndex(),
  1529.                         'answers' => $answers
  1530.                     ];
  1531.                 }
  1532.             }
  1533.         } else {
  1534.             $quiz null;
  1535.         }
  1536.         $video $unit->getVideo();
  1537.         $videoPath = ($video) ? $video->getData()->getPath() : '';
  1538.         $videoName = ($video) ? $video->getData()->getFilename() : '';
  1539.         $data = [
  1540.             'name' => $unit->getName(),
  1541.             'id' => $unit->getId(),
  1542.             'number' => $unit->getNumber(),
  1543.             'quiz' => $quiz,
  1544.             'description' => $unit->getDescription(),
  1545.             'video' => $videoPath $videoName,
  1546.             'resources' => $unit->getResources()
  1547.         ];
  1548.         $response = new Response();
  1549.         $response->headers->set('Content-Type''application/json');
  1550.         $response->headers->set('Access-Control-Allow-Origin''*');
  1551.         $response->setContent(json_encode($data));
  1552.         return $response;
  1553.     }
  1554.     /**
  1555.      * @Route("/education/courses/{courseId}", name="add-my-course", methods={"POST"})
  1556.      */
  1557.     public function addMyCourseAction($courseIdRequest $request)
  1558.     {
  1559.         $loggedUser $this->getUser();
  1560.         if (!$loggedUser) {
  1561.             throw new UnauthorizedHttpException('Not authorized.');
  1562.         }
  1563.         $id $loggedUser->getId();
  1564.         $currentCourses $loggedUser->getMyCourses();
  1565.         if ($request->getContent()) {
  1566.             $data json_decode($request->getContent(), true);
  1567.             $courses $data['courses'];
  1568.             $coursesToAdd = [];
  1569.             foreach ($courses as $courseItem) {
  1570.                 $course DataObject\Course::getById($courseItem);
  1571.                 if (!$course) {
  1572.                     return new Response('Bad Request');
  1573.                 }
  1574.                 if (!in_array($course$currentCourses)) {
  1575.                     array_push($coursesToAdd$course);
  1576.                 }
  1577.             }
  1578.             $loggedUser->setMyCourses(array_merge($currentCourses$coursesToAdd));
  1579.         } else {
  1580.             $course DataObject\Course::getById($courseId);
  1581.             if (!$course) {
  1582.                 return new Response('Bad Request');
  1583.             }
  1584.             $loggedUser->setMyCourses(array_merge($currentCourses, [$course]));
  1585.         }
  1586.         $loggedUser->save();
  1587.         return new Response('OK'Response::HTTP_OK);
  1588.     }
  1589.     /**
  1590.      * @Route("/education/courses/{courseId}", name="remove-my-course", methods={"DELETE"})
  1591.      */
  1592.     public function removeMyCourseAction($courseIdRequest $request)
  1593.     {
  1594.         $loggedUser $this->getUser();
  1595.         if (!$loggedUser) {
  1596.             throw new UnauthorizedHttpException('Not authorized.');
  1597.         }
  1598.         $currentCourses $loggedUser->getMyCourses();
  1599.         if ($request->getContent()) {
  1600.             $data json_decode($request->getContent(), true);
  1601.             $courses $data['courses'];
  1602.             $currentCourses array_filter($currentCourses, function ($currentCourse) use ($courses) {
  1603.                 if (!in_array($currentCourse->getId(), $courses)) {
  1604.                     return true;
  1605.                 };
  1606.                 return false;
  1607.             });
  1608.             $loggedUser->setMyCourses(array_merge($currentCourses));
  1609.         } else {
  1610.             $course DataObject\Course::getById($courseId);
  1611.             if (!$course) {
  1612.                 return new Response('Bad Request');
  1613.             }
  1614.             $currentCourses array_filter($currentCourses, function ($course) use ($courseId) {
  1615.                 return ($course->getId() != $courseId);
  1616.             });
  1617.             $loggedUser->setMyCourses(array_merge($currentCourses));
  1618.         }
  1619.         $loggedUser->save();
  1620.         return new Response('OK'Response::HTTP_OK);
  1621.     }
  1622.     /**
  1623.      * @Route("/education/users", name="education-users-read")
  1624.      */
  1625.     public function educationUsersReadAction()
  1626.     {
  1627.         $loggedUser $this->getUser();
  1628.         if (!$loggedUser) {
  1629.             throw new UnauthorizedHttpException('Not authorized.');
  1630.         }
  1631.         $data = [];
  1632.         $modules = [];
  1633.         $courses $loggedUser->getMyCourses();
  1634.         $myCourses = [];
  1635.         foreach ($courses as $course) {
  1636.             $myCourses[] = [
  1637.                 'id' => $course->getId(),
  1638.             ];
  1639.         }
  1640.         $log = [];
  1641.         if ($loggedUser->getCourse()) {
  1642.             foreach ($loggedUser->getCourse()->getItems() as $course) {
  1643.                 $courseModule $course->getmodule();
  1644.                 $modules = [];
  1645.                 foreach ($courseModule as $module) {
  1646.                     $units = [];
  1647.                     foreach ($module['units']->getData() as $unit) {
  1648.                         $units[] = [
  1649.                             'id' => intval($unit[0]),
  1650.                             'number' => intval($unit[1]),
  1651.                             'quiz' => $unit[2],
  1652.                             'quizCompleted' => $unit[3],
  1653.                         ];
  1654.                     }
  1655.                     $modules[] = [
  1656.                         'number' => $module['moduleNumber']->getData(),
  1657.                         'units' => $units
  1658.                     ];
  1659.                 }
  1660.                 $log[] = [
  1661.                     'name' => $course->getName(),
  1662.                     'id' => $course->getCourseId(),
  1663.                     'modules' => $modules,
  1664.                 ];
  1665.             }
  1666.         }
  1667.         $data['log'] = $log;
  1668.         $data['myCourses'] = $myCourses;
  1669.         $response = new Response();
  1670.         $response->headers->set('Content-Type''application/json');
  1671.         $response->headers->set('Access-Control-Allow-Origin''*');
  1672.         $response->setContent(json_encode($data));
  1673.         return $response;
  1674.     }
  1675.     /**
  1676.      * @Route("/education/quiz/{unitId}", name="education-quiz-post", methods={"POST"})
  1677.      * 
  1678.      * @param Request $request
  1679.      * @return Response
  1680.      */
  1681.     public function educationQuizCheckAction(Request $request$unitId)
  1682.     {
  1683.         $loggedUser $this->getUser();
  1684.         if (!$loggedUser) {
  1685.             throw new UnauthorizedHttpException('Not authorized.');
  1686.         }
  1687.         $id $loggedUser->getId();
  1688.         if ($request->getContent()) {
  1689.             $data json_decode($request->getContent(), true);
  1690.             $answersEncoded $data['answers'];
  1691.             $answers json_decode($answersEncodedtrue);
  1692.             $unit DataObject\CourseUnit::getById($unitId);
  1693.             $questions $unit->getQuestions()->getItems();
  1694.             $correctAnswers 0;
  1695.             foreach ($questions as $question) {
  1696.                 /*  $correctAnswers[] = [
  1697.                     'qIndex'=> $question->getIndex(),
  1698.                     'currAnswer'=>$answers['0']
  1699.                 ]; */
  1700.                 $correct preg_replace('/\s+/'''$question->getRightAnswer());
  1701.                 $answer preg_replace('/\s+/'''$answers[strval($question->getIndex())]);
  1702.                 if ($answer === $correct) {
  1703.                     $correctAnswers++;
  1704.                 }
  1705.             }
  1706.             $response = new Response();
  1707.             $response->headers->set('Content-Type''application/json');
  1708.             $response->headers->set('Access-Control-Allow-Origin''*');
  1709.             $response->setContent($correctAnswers);
  1710.             return $response;
  1711.         }
  1712.         return new Response(null);
  1713.     }
  1714.     /**
  1715.      * @Route("/education/users/{unitId}", name="education-users-post", methods={"POST"})
  1716.      * 
  1717.      * @param Request $request
  1718.      * @return Response
  1719.      */
  1720.     public function educationUsersPostAction(Request $request$unitId)
  1721.     {
  1722.         $loggedUser $this->getUser();
  1723.         if (!$loggedUser) {
  1724.             throw new UnauthorizedHttpException('Not authorized.');
  1725.         }
  1726.         $id $loggedUser->getId();
  1727.         if ($request->getContent()) {
  1728.             $data json_decode($request->getContent(), true);
  1729.             $courseName $data['courseName'];
  1730.             $courseId $data['courseId'];
  1731.             $moduleNumber $data['moduleNumber'];
  1732.             $completedQuiz $data['completedQuiz'];
  1733.             $unit DataObject\CourseUnit::getById($unitId);
  1734.             $courseLog $loggedUser->getCourse();
  1735.             $hasQuiz = !empty($unit->getQuestions());
  1736.             $moduleQuiz $unit->getModuleQuiz();
  1737.             if (!is_null($courseLog)) {
  1738.                 $courseLog $loggedUser->getCourse()->getItems();
  1739.                 $currentCourse array_filter($courseLog, function ($course) use ($courseId) {
  1740.                     return ($course->getCourseId() == $courseId);
  1741.                 });
  1742.                 if (!empty($currentCourse)) {
  1743.                     $courseIndex key($currentCourse);
  1744.                     $modules $currentCourse[$courseIndex]->getModule();
  1745.                     $currentModule array_filter($modules, function ($module) use ($moduleNumber) {
  1746.                         return ($module['moduleNumber']->getData() == $moduleNumber);
  1747.                     });
  1748.                     if (!empty($currentModule)) {
  1749.                         $moduleIndex key($currentModule);
  1750.                         $currentUnits $currentModule[$moduleIndex]['units']->getData();
  1751.                         if ($completedQuiz == true) {
  1752.                             if ($moduleQuiz) {
  1753.                                 $currentModule[$moduleIndex]['units']->setData([...$currentUnits, [$unit->getId(), $unit->getNumber(), $hasQuiztrue]]);
  1754.                                 $loggedUser->save();
  1755.                                 return new Response('OK'Response::HTTP_OK);
  1756.                             }
  1757.                         }
  1758.                         $currentModule[$moduleIndex]['units']->setData([...$currentUnits, [$unit->getId(), $unit->getNumber(), $hasQuizboolval($completedQuiz)]]);
  1759.                         $loggedUser->save();
  1760.                     } else {
  1761.                         $blockData = [
  1762.                             "moduleNumber" => new BlockElement('moduleNumber''numeric'$moduleNumber),
  1763.                             "units" => new BlockElement('units''table', [[$unit->getId(), $unit->getNumber(), $hasQuiz$moduleQuiz boolval($moduleQuiz) : boolval($completedQuiz)]])
  1764.                         ];
  1765.                         $currentCourse[0]->setModule(array_merge($modules, [$blockData]));
  1766.                         $loggedUser->save();
  1767.                     }
  1768.                 } else {
  1769.                     $newCourse = new DataObject\Fieldcollection\Data\CourseUserLog();
  1770.                     $newCourse->setName($courseName);
  1771.                     $newCourse->setCourseId($courseId);
  1772.                     $blockData = [
  1773.                         "moduleNumber" => new BlockElement('moduleNumber''numeric'$moduleNumber),
  1774.                         "units" => new BlockElement('units''table', [[$unit->getId(), $unit->getNumber(), $hasQuiz$moduleQuiz boolval($moduleQuiz) : boolval($completedQuiz)]])
  1775.                     ];
  1776.                     $newCourse->setModule([$blockData]);
  1777.                     $loggedUser->getCourse()->setItems(array_merge($courseLog, [$newCourse]));
  1778.                     $loggedUser->save();
  1779.                 }
  1780.             } else {
  1781.                 $newCourse = new DataObject\Fieldcollection\Data\CourseUserLog();
  1782.                 $newCourse->setName($courseName);
  1783.                 $newCourse->setCourseId($courseId);
  1784.                 $blockData = [
  1785.                     "moduleNumber" => new BlockElement('moduleNumber''numeric'$moduleNumber),
  1786.                     "units" => new BlockElement('units''table', [[$unit->getId(), $unit->getNumber(), $hasQuiz$moduleQuiz boolval($moduleQuiz) : boolval($completedQuiz)]])
  1787.                 ];
  1788.                 $newCourse->setModule([$blockData]);
  1789.                 $courses = new DataObject\Fieldcollection();
  1790.                 $courses->add($newCourse);
  1791.                 $loggedUser->setCourse($courses);
  1792.                 $loggedUser->save();
  1793.             }
  1794.             return new Response('OK'Response::HTTP_OK);
  1795.         }
  1796.         return new Response(null);
  1797.     }
  1798.     /**
  1799.      * @Route("/dashboard/credentials", name="dashboard-credentials-get", methods={"GET"})
  1800.      */
  1801.     public function dashboardGetCredentialsAction(GeneralService $generalProviderPermissionService $permissionProvider)
  1802.     {
  1803.         $loggedUser $this->getUser();
  1804.         if (!$loggedUser) {
  1805.             throw new UnauthorizedHttpException('Not authorized.');
  1806.         }
  1807.         $permissionProvider->checkPermissions('management'$loggedUser);
  1808.         $super $permissionProvider->getSuperuser($loggedUser);
  1809.         $allUsers $super->getSubusers();
  1810.         if ($loggedUser->getTypeOfUser() !== 'superuser') {
  1811.             $allUsers array_merge($allUsers, [$loggedUser->getClinic()->getSuperuser()]);
  1812.         }
  1813.         $users $generalProvider->getUsersData($allUsers);
  1814.         $subscriptionsData $this->filterIncludedSubscriptions($super);
  1815.         $includedSubsTotal count($subscriptionsData['includedSubs']);
  1816.         $includedSubsNotUsed count($subscriptionsData['includedSubs']) - count($subscriptionsData['includedSubsNotUsed']);
  1817.         if ($super->getSubscription()->getIsTrycareMembership()) {
  1818.             $includedSubsTotal TrycareMembership::getAdditionalSubscriptionsAmount($super->getSubscription()->getTrycareMemberId());
  1819.             $includedSubsNotUsed $includedSubsTotal count($subscriptionsData['includedSubs']);
  1820.         }
  1821.         $userData = [];
  1822.         $userData = [
  1823.             'subusers' => $users,
  1824.             'role' => $loggedUser->getTypeOfUser(),
  1825.             'includedSubTotal' => $includedSubsTotal,
  1826.             'includedSubUsed' => $includedSubsNotUsed
  1827.         ];
  1828.         $response = new Response();
  1829.         $response->headers->set('Content-Type''application/json');
  1830.         $response->headers->set('Access-Control-Allow-Origin''*');
  1831.         $response->setContent(json_encode($userData));
  1832.         return $response;
  1833.     }
  1834.     /**
  1835.      * @Route("/dashboard/credentials", name="dashboard-credentials-change", methods={"PUT"})
  1836.      */
  1837.     public function dashboardUpdateCredentialsAction(Request $request)
  1838.     {
  1839.         $loggedUser $this->getUser();
  1840.         if (!$loggedUser) {
  1841.             throw new UnauthorizedHttpException('Not authorized.');
  1842.         }
  1843.         $content json_decode($request->getContent());
  1844.         $form $this->createForm(PasswordFormType::class);
  1845.         $form->submit((array)$content);
  1846.         if (!$form->isValid()) {
  1847.             $errors = [];
  1848.             foreach ($form->getErrors(deeptrueflattentrue) as $error) {
  1849.                 $propertyName $error->getOrigin()->getName();
  1850.                 $errors[] = $error->getMessage();
  1851.             }
  1852.             throw new BadRequestHttpException(json_encode($errors));
  1853.         }
  1854.         $plainPass $form->getData()['password'];
  1855.         $loggedUser->setPassword($plainPass);
  1856.         $loggedUser->save();
  1857.         return new Response(json_encode($plainPass), Response::HTTP_OK);
  1858.     }
  1859.     public function filterIncludedSubscriptions($loggedUser)
  1860.     {
  1861.         $includedSubscriptions $loggedUser->getIncludedSubscriptions();
  1862.         $includedSubsNotUsed = [];
  1863.         foreach ($includedSubscriptions as $sub) {
  1864.             $user $sub->getUser();
  1865.             if (empty($user)) {
  1866.                 $includedSubsNotUsed[] = $sub;
  1867.             }
  1868.         }
  1869.         return [
  1870.             'includedSubs' => $includedSubscriptions,
  1871.             'includedSubsNotUsed' => $includedSubsNotUsed
  1872.         ];
  1873.     }
  1874.     /**
  1875.      * @Route("/dashboard/user", name="dashboard-user-create", methods={"POST"})
  1876.      */
  1877.     public function dashboardCreateUserAction(Request $requestUserHandler $userHandlerPermissionService $permissionProvider)
  1878.     {
  1879.         $loggedUser $this->getUser();
  1880.         if (!$loggedUser) {
  1881.             throw new UnauthorizedHttpException('Not authorized.');
  1882.         }
  1883.         $permissionProvider->checkPermissions('management'$loggedUser);
  1884.         $clinic $loggedUser->getClinic();
  1885.         if (is_null($clinic)) {
  1886.             throw new BadRequestHttpException('No clinic ID registered.');
  1887.         }
  1888.         $superuser $clinic->getSuperuser();
  1889.         $content json_decode($request->getContent());
  1890.         $form $this->createForm(ManageUserCreateType::class);
  1891.         $form->submit((array)$content);
  1892.         if (!$form->isValid()) {
  1893.             $errors = [];
  1894.             foreach ($form->getErrors(deeptrueflattentrue) as $error) {
  1895.                 $errors[] = $error->getMessage();
  1896.             }
  1897.             throw new BadRequestHttpException(json_encode($errors));
  1898.         }
  1899.         $payload json_decode($request->getContent(), true);
  1900.         $response = new Response();
  1901.         $stripeResponse $userHandler->addOneExtraLicence($superuser$payload);
  1902.         return $response->setContent(json_encode($stripeResponse));
  1903.     }
  1904.     /**
  1905.      * @Route("/dashboard/users", name="dashboard-users-create", methods={"POST"})
  1906.      */
  1907.     public function dashboardCreateUsersAction(
  1908.         Request $request,
  1909.         UserHandler $userHandler,
  1910.         PermissionService $permissionProvider,
  1911.         FreeTrialService $freeTrialService,
  1912.         TrycareService $trycareService
  1913.     ) {
  1914.         $loggedUser $this->getUser();
  1915.         if (!$loggedUser) {
  1916.             throw new UnauthorizedHttpException('Not authorized.');
  1917.         }
  1918.         $permissionProvider->checkPermissions('manager'$loggedUser);
  1919.         $clinic $loggedUser->getClinic();
  1920.         if (is_null($clinic)) {
  1921.             throw new BadRequestHttpException('No clinic ID registered.');
  1922.         }
  1923.         $data json_decode($request->getContent());
  1924.         $userBlocks $data->userBlocks;
  1925.         foreach ($userBlocks as $block) {
  1926.             $form $this->createForm(ManageUserCreateType::class);
  1927.             $userHandler->validateUsersInputs($block$form);
  1928.         }
  1929.         $superuser $clinic->getSuperuser();
  1930.         $includedSubsResult = [];
  1931.         $stripeResponse = [];
  1932.         $response = new Response();
  1933.         //if superuser is free trial. create new included subs for additional users.
  1934.         if ($superuser->getSubscription()->getIsFreeTrial()) {
  1935.             $freeTrialService->createFreeTrialSubusers($userBlocks$superuser);
  1936.             $includedSubsResult = ['status' => 'OK'];
  1937.             return $response->setContent(json_encode(['stripe' => $stripeResponse'included' => $includedSubsResult]));
  1938.         }
  1939.         $isTrycareSubscription $superuser->getSubscription()->getIsTrycareMembership();
  1940.         // is trycare sub, we need to check if users to add do not exceed available add subs
  1941.         if ($isTrycareSubscription) {
  1942.             $maxSubs TrycareMembership::getAdditionalSubscriptionsAmount($superuser->getSubscription()->getTrycareMemberId());
  1943.             $subsInUse $superuser->getIncludedSubscriptions();
  1944.             if (count($subsInUse) >= $maxSubs) {
  1945.                 throw new BadRequestHttpException('No aditional user subscriptions available. Please contact support.');
  1946.             }
  1947.             $trycareService->createTrycareSubusers($userBlocks$superuser);
  1948.             $includedSubsResult = ['status' => 'OK'];
  1949.             return $response->setContent(json_encode(['stripe' => $stripeResponse'included' => $includedSubsResult]));
  1950.         }
  1951.         $emptyIncludedSubscriptions array_values($userHandler->getFreeIncludedSubscriptions($superuser));
  1952.         if (count($emptyIncludedSubscriptions) > 0) {
  1953.             $includedUserBlocks array_splice($userBlocks0count($emptyIncludedSubscriptions));
  1954.             $customers $userHandler->createSubusersFromBlocks($includedUserBlocks$superuser);
  1955.             foreach ($customers as $index => $customer) {
  1956.                 $customerId $customer->getId();
  1957.                 $userHandler->attachCustomerToSubscription(
  1958.                     $emptyIncludedSubscriptions[$index],
  1959.                     $customer,
  1960.                     ' is being attached a customer',
  1961.                     "customer ID: $customerId"
  1962.                 );
  1963.             }
  1964.             $superuser->setSubusers([...$superuser->getSubusers(), ...$customers]);
  1965.             $superuser->save();
  1966.             $includedSubsResult = ['status' => 'OK'];
  1967.         }
  1968.         //if there are still users in the block means that the number of included subscriptions available wasn't enough
  1969.         if (count($userBlocks) > && !$isTrycareSubscription) {
  1970.             $stripeResponse $userHandler->addExtraLicences($superusercount($userBlocks), $userBlocks);
  1971.         }
  1972.         return $response->setContent(json_encode(['stripe' => $stripeResponse'included' => $includedSubsResult]));
  1973.     }
  1974.     /**
  1975.      * @Route("/dashboard/user/{id}", name="dashboard-users-delete", methods={"DELETE"})
  1976.      */
  1977.     public function dashboardDeleteUserAction($idRequest $requestCustomerProviderInterface $customerProviderPermissionService $permissionProviderUserHandler $userHandler)
  1978.     {
  1979.         $loggedUser $this->getUser();
  1980.         if (!$loggedUser) {
  1981.             throw new UnauthorizedHttpException('Not authorized.');
  1982.         }
  1983.         $permissionProvider->checkPermissions('management'$loggedUser);
  1984.         $user $customerProvider->getById($id);
  1985.         if ($user->getTypeOfUser() === 'superuser') {
  1986.             throw new BadRequestHttpException('Superusers cannot be deleted');
  1987.         }
  1988.         $userClinic $user->getClinic();
  1989.         $loggedUserClinic $loggedUser->getClinic();
  1990.         if (is_null($userClinic) || is_null($loggedUserClinic)) {
  1991.             throw new BadRequestHttpException('No clinic ID registered.');
  1992.         }
  1993.         if ($userClinic->getId() !== $loggedUserClinic->getId()) {
  1994.             throw new BadRequestHttpException('You can only unsubscribe a user from your practice.');
  1995.         }
  1996.         $superuser $userClinic->getSuperuser();
  1997.         $userHandler->handleSubuserRemoval($user$superuser);
  1998.         $response = new Response();
  1999.         return $response->setContent(json_encode(['message' => 'OK']));
  2000.     }
  2001.     /**
  2002.      * @Route("/dashboard/user/{id}", name="dashboard-users-update", methods={"PUT"})
  2003.      */
  2004.     public function dashboardUpdateUserAction($idRequest $requestCustomerProviderInterface $customerProviderPermissionService $permissionProvider)
  2005.     {
  2006.         $loggedUser $this->getUser();
  2007.         if (!$loggedUser) {
  2008.             throw new UnauthorizedHttpException('Not authorized.');
  2009.         }
  2010.         $permissionProvider->checkPermissions('management'$loggedUser);
  2011.         try {
  2012.             $customer $customerProvider->getById($id);
  2013.             if ($customer->getTypeOfUser() === 'superuser' && $loggedUser->getTypeOfUser() !== 'superuser') {
  2014.                 throw new AccessDeniedHttpException('You have no authorization.');
  2015.             }
  2016.             $payload json_decode($request->getContent(), true);
  2017.             $displayName $payload['displayName'];
  2018.             $customer->setDisplayName($displayName);
  2019.             $permissions $payload['permissions'];
  2020.             $isManager $payload['manager'];
  2021.             $editHSAllowed $permissions['headOffice']['editHS'];
  2022.             $editTeamHQAllowed $permissions['headOffice']['editTeamHQ'];
  2023.             $placeOrderAllowed $permissions['store']['placeOrder'];
  2024.             $customer->setTypeOfUser($isManager 'manager' 'subuser');
  2025.             $customer->setEditHSAllowed($editHSAllowed true false);
  2026.             $customer->setEditTeamHQAllowed($editTeamHQAllowed true false);
  2027.             $customer->setPlaceOrderAllowed($placeOrderAllowed true false);
  2028.             $customer->save();
  2029.             $response = new Response();
  2030.             return $response->setContent(json_encode(['message' => 'OK']));
  2031.         } catch (\Exception $e) {
  2032.             throw new BadRequestHttpException($e->getMessage());
  2033.         }
  2034.     }
  2035.     /**
  2036.      * @Route("/practice/users", name="get-users-practice", methods={"GET"})
  2037.      */
  2038.     public function getPracticeUsersAction(GeneralService $generalProvider)
  2039.     {
  2040.         $loggedUser $this->getUser();
  2041.         if (!$loggedUser) {
  2042.             throw new UnauthorizedHttpException('Not authorized.');
  2043.         }
  2044.         $clinic $loggedUser->getClinic();
  2045.         $users $generalProvider->getActiveUsersByClinic($clinic);
  2046.         $data = [];
  2047.         foreach ($users as $user) {
  2048.             $userData = [
  2049.                 'id' => $user->getId(),
  2050.                 'firstName' => $user->getFirstname(),
  2051.                 'lastName' => $user->getLastname(),
  2052.                 'displayName' => $user->getDisplayName(),
  2053.                 'email' => $user->getEmail(),
  2054.                 'createdAt' => $user->getCreationDate(),
  2055.             ];
  2056.             array_push($data$userData);
  2057.         }
  2058.         $response = new Response();
  2059.         $response->headers->set('Content-Type''application/json');
  2060.         $response->headers->set('Access-Control-Allow-Origin''*');
  2061.         $response->setContent(json_encode(['users' => $data]));
  2062.         return $response;
  2063.     }
  2064.     /**
  2065.      * @Route("/report/error", name="report-error", methods={"POST"})
  2066.      */
  2067.     public function reportErrorAction(Request $request)
  2068.     {
  2069.         $payload json_decode($request->getContent(), true);
  2070.         $error $payload['error'];
  2071.         \Pimcore\Log\Simple::log('front-end-report'$error);
  2072.         $response = new Response();
  2073.         return $response->setContent(json_encode(['message' => 'OK']));
  2074.     }
  2075.     /**
  2076.      * @Route("/help/{uid}", name="get-help", methods={"GET"})
  2077.      */
  2078.     public function getHelpAction($uidRequest $request)
  2079.     {
  2080.         $help DataObject\Help::getByUid($uid1);
  2081.         if (!$help) {
  2082.             throw new InvalidArgumentException('Invalid UID');
  2083.         }
  2084.         $data = [
  2085.             'title' => $help->getTitle(),
  2086.             'content' => $help->getContent()
  2087.         ];
  2088.         $response = new Response();
  2089.         $response->headers->set('Content-Type''application/json');
  2090.         $response->headers->set('Access-Control-Allow-Origin''*');
  2091.         $response->setContent(json_encode($data));
  2092.         return $response;
  2093.     }
  2094.     /**
  2095.      * @Route("/customer/agree-holiday-terms/", name="agree-holiday-terms", methods={"PUT"})
  2096.      */
  2097.     public function customerHolidayTermsAgreeAction()
  2098.     {
  2099.         $loggedUser $this->getUser();
  2100.         if (!$loggedUser) {
  2101.             throw new UnauthorizedHttpException('Not authorized.');
  2102.         }
  2103.         $loggedUser->setHolidaysTermsAgreed(true);
  2104.         $loggedUser->save();
  2105.         return new Response('OK'Response::HTTP_OK);
  2106.     }
  2107. }