/** * Activates the account. * * @param ActivateAccountDTO $activateAccountDTO */ public function __invoke(ActivateAccountDTO $activateAccountDTO) { if (!($user = $this->userReadRepository->findUserByUsernameAndActivationKey($activateAccountDTO->username, $activateAccountDTO->activationKey))) { throw new UserActivationException(); } if ($user->getPendingActivation()->isActivationExpired()) { $this->userWriteRepository->remove($user); throw new UserActivationException(); } $user->performStateTransition(User::STATE_APPROVED, $activateAccountDTO->activationKey); // the role needs to be added during approval since a non-approved user must not have any role in the system. // Furthermore it leads to technical issues when running the purger as the roles may cause a constraint violation // in the RDBMS. Therefore it's safer to add roles during the approval. $user->addRole($this->roleRepository->determineDefaultRole()); $this->userWriteRepository->save($user); }