CS

[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Controller / EntryController.php

diff --git a/src/Wallabag/CoreBundle/Controller/EntryController.php b/src/Wallabag/CoreBundle/Controller/EntryController.php
index 5378486ae458d5a68208368ba503db89b0c4d099..7fd982c903e82e66f0789125bedd62ffba616d5e 100644 (file)
--- a/src/Wallabag/CoreBundle/Controller/EntryController.php
+++ b/src/Wallabag/CoreBundle/Controller/EntryController.php
@@ -7,23 +7,22 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller;
 use Symfony\Component\HttpFoundation\Request;
 use Wallabag\CoreBundle\Entity\Entry;
 use Wallabag\CoreBundle\Service\Extractor;
-use Wallabag\CoreBundle\Helper\Url;
+use Wallabag\CoreBundle\Form\Type\EntryType;
 
 class EntryController extends Controller
 {
     /**
-     * @param  Request                                    $request
+     * @param Request $request
+     *
      * @Route("/new", name="new_entry")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function addEntryAction(Request $request)
     {
         $entry = new Entry($this->getUser());
 
-        $form = $this->createFormBuilder($entry)
-            ->add('url', 'url')
-            ->add('save', 'submit')
-            ->getForm();
+        $form = $this->createForm(new EntryType(), $entry);
 
         $form->handleRequest($request);
 
@@ -51,9 +50,10 @@ class EntryController extends Controller
     }
 
     /**
-     * Shows unread entries for current user
+     * Shows unread entries for current user.
      *
      * @Route("/unread", name="unread")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function showUnreadAction()
@@ -70,9 +70,10 @@ class EntryController extends Controller
     }
 
     /**
-     * Shows read entries for current user
+     * Shows read entries for current user.
      *
      * @Route("/archive", name="archive")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function showArchiveAction()
@@ -89,9 +90,10 @@ class EntryController extends Controller
     }
 
     /**
-     * Shows starred entries for current user
+     * Shows starred entries for current user.
      *
      * @Route("/starred", name="starred")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function showStarredAction()
@@ -108,14 +110,18 @@ class EntryController extends Controller
     }
 
     /**
-     * Shows entry content
+     * Shows entry content.
+     *
+     * @param Entry $entry
      *
-     * @param  Entry                                      $entry
      * @Route("/view/{id}", requirements={"id" = "\d+"}, name="view")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function viewAction(Entry $entry)
     {
+        $this->checkUserAction($entry);
+
         return $this->render(
             'WallabagCoreBundle:Entry:entry.html.twig',
             array('entry' => $entry)
@@ -123,15 +129,19 @@ class EntryController extends Controller
     }
 
     /**
-     * Changes read status for an entry
+     * Changes read status for an entry.
+     *
+     * @param Request $request
+     * @param Entry   $entry
      *
-     * @param  Request                                            $request
-     * @param  Entry                                              $entry
      * @Route("/archive/{id}", requirements={"id" = "\d+"}, name="archive_entry")
+     *
      * @return \Symfony\Component\HttpFoundation\RedirectResponse
      */
     public function toggleArchiveAction(Request $request, Entry $entry)
     {
+        $this->checkUserAction($entry);
+
         $entry->toggleArchive();
         $this->getDoctrine()->getManager()->flush();
 
@@ -144,15 +154,19 @@ class EntryController extends Controller
     }
 
     /**
-     * Changes favorite status for an entry
+     * Changes favorite status for an entry.
+     *
+     * @param Request $request
+     * @param Entry   $entry
      *
-     * @param  Request                                            $request
-     * @param  Entry                                              $entry
      * @Route("/star/{id}", requirements={"id" = "\d+"}, name="star_entry")
+     *
      * @return \Symfony\Component\HttpFoundation\RedirectResponse
      */
     public function toggleStarAction(Request $request, Entry $entry)
     {
+        $this->checkUserAction($entry);
+
         $entry->toggleStar();
         $this->getDoctrine()->getManager()->flush();
 
@@ -165,18 +179,21 @@ class EntryController extends Controller
     }
 
     /**
-     * Deletes entry
+     * Deletes entry.
+     *
+     * @param Request $request
+     * @param Entry   $entry
      *
-     * @param  Request                                            $request
-     * @param  Entry                                              $entry
      * @Route("/delete/{id}", requirements={"id" = "\d+"}, name="delete_entry")
+     *
      * @return \Symfony\Component\HttpFoundation\RedirectResponse
      */
     public function deleteEntryAction(Request $request, Entry $entry)
     {
+        $this->checkUserAction($entry);
+
         $em = $this->getDoctrine()->getManager();
-        $entry->setDeleted(1);
-        $em->persist($entry);
+        $em->remove($entry);
         $em->flush();
 
         $this->get('session')->getFlashBag()->add(
@@ -186,4 +203,16 @@ class EntryController extends Controller
 
         return $this->redirect($request->headers->get('referer'));
     }
+
+    /**
+     * Check if the logged user can manage the given entry.
+     *
+     * @param Entry $entry
+     */
+    private function checkUserAction(Entry $entry)
+    {
+        if ($this->getUser()->getId() != $entry->getUser()->getId()) {
+            throw $this->createAccessDeniedException('You can not use this entry.');
+        }
+    }
 }