ltbxd-actorle/src/Controller/GameController.php

<?php

declare(strict_types=1);

namespace App\Controller;

use App\Entity\Game;
use App\Entity\User;
use App\Repository\GameRepository;
use App\Provider\GameGridProvider;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;

class GameController extends AbstractController
{
    #[Route('/game/start', name: 'app_game_start', methods: ['POST'])]
    public function start(
        Request $request,
        GameGridProvider $generator,
        GameRepository $gameRepository,
    ): Response {
        $this->validateCsrfToken('game_start', $request);

        /** @var User|null $user */
        $user = $this->getUser();

        // Check no game already in progress
        if ($user) {
            $existing = $gameRepository->findActiveForUser($user);
        } else {
            $gameId = $request->getSession()->get('current_game_id');
            $existing = $gameId ? $gameRepository->find($gameId) : null;
            if ($existing && $existing->getStatus() !== Game::STATUS_IN_PROGRESS) {
                $existing = null;
            }
        }

        if ($existing) {
            return $this->redirectToRoute('app_homepage');
        }

        // Build config from form parameters
        $config = [];

        if ($user && $request->request->getBoolean('watched_only')) {
            $config['watchedOnly'] = true;
        }

        $hintTypes = [];
        if ($request->request->getBoolean('hint_film', true)) {
            $hintTypes[] = 'film';
        }
        if ($request->request->getBoolean('hint_character', true)) {
            $hintTypes[] = 'character';
        }
        if ($request->request->getBoolean('hint_award', true)) {
            $hintTypes[] = 'award';
        }
        if (empty($hintTypes)) {
            $hintTypes = ['film', 'character', 'award'];
        }
        $config['hintTypes'] = $hintTypes;

        /** @var list<string> $awardTypeIds */
        $awardTypeIds = $request->request->all('award_types');
        if (!empty($awardTypeIds) && in_array('award', $hintTypes)) {
            $config['awardTypeIds'] = array_map('intval', $awardTypeIds);
        }

        $game = $generator->generate($user, $config);

        if ($game === null) {
            $this->addFlash('error', 'Impossible de générer une grille avec ces paramètres. Essayez avec des critères moins restrictifs.');
            return $this->redirectToRoute('app_homepage');
        }

        if (!$user) {
            $request->getSession()->set('current_game_id', $game->getId());
        }

        return $this->redirectToRoute('app_homepage');
    }

    #[Route('/game/{id}/abandon', name: 'app_game_abandon', methods: ['POST'])]
    public function abandon(
        Game $game,
        Request $request,
        EntityManagerInterface $em,
    ): Response {
        $this->validateCsrfToken('game_abandon', $request);

        /** @var User|null $user */
        $user = $this->getUser();

        // Verify ownership
        if ($user) {
            if ($game->getUser() !== $user) {
                throw $this->createAccessDeniedException();
            }
        } else {
            $sessionGameId = $request->getSession()->get('current_game_id');
            if ($game->getId() !== $sessionGameId) {
                throw $this->createAccessDeniedException();
            }
        }

        $game->abandon();
        $em->flush();

        if (!$user) {
            $request->getSession()->remove('current_game_id');
        }

        return $this->redirectToRoute('app_homepage');
    }

    private function validateCsrfToken(string $tokenId, Request $request): void
    {
        $token = $request->request->get('_token');
        if (!$this->isCsrfTokenValid($tokenId, $token)) {
            throw $this->createAccessDeniedException('Invalid CSRF token.');
        }
    }
}