*/
public function indexAction()
{
- $clients = $this->getDoctrine()->getRepository('WallabagApiBundle:Client')->findAll();
+ $clients = $this->getDoctrine()->getRepository('WallabagApiBundle:Client')->findByUser($this->getUser()->getId());
return $this->render('@WallabagCore/themes/common/Developer/index.html.twig', [
'clients' => $clients,
public function createClientAction(Request $request)
{
$em = $this->getDoctrine()->getManager();
- $client = new Client();
+ $client = new Client($this->getUser());
$clientForm = $this->createForm(ClientType::class, $client);
$clientForm->handleRequest($request);
- if ($clientForm->isValid()) {
+ if ($clientForm->isSubmitted() && $clientForm->isValid()) {
$client->setAllowedGrantTypes(['token', 'authorization_code', 'password', 'refresh_token']);
$em->persist($client);
$em->flush();
*/
public function deleteClientAction(Client $client)
{
+ if (null === $this->getUser() || $client->getUser()->getId() != $this->getUser()->getId()) {
+ throw $this->createAccessDeniedException('You can not access this client.');
+ }
+
$em = $this->getDoctrine()->getManager();
$em->remove($client);
$em->flush();
projects / github / wallabag / wallabag.git / blobdiff