X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=src%2FWallabag%2FCoreBundle%2FController%2FEntryController.php;h=8a8f3cd79ed76cecc5ad9dbdf6a69e6ac2158010;hb=2691cf04384239c546e141af6cc3c22b210dae58;hp=25f1871152d104b2f0e76d00c872888695ec5d5e;hpb=a8c90c5c1b60d0c258ce56f2a8e382859e70e8d3;p=github%2Fwallabag%2Fwallabag.git

diff --git a/src/Wallabag/CoreBundle/Controller/EntryController.php b/src/Wallabag/CoreBundle/Controller/EntryController.php
index 25f18711..8a8f3cd7 100644
--- a/src/Wallabag/CoreBundle/Controller/EntryController.php
+++ b/src/Wallabag/CoreBundle/Controller/EntryController.php
@@ -5,34 +5,28 @@ namespace Wallabag\CoreBundle\Controller;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
 use Symfony\Component\HttpFoundation\Request;
-use Wallabag\CoreBundle\Repository;
-use Wallabag\CoreBundle\Entity\Entries;
+use Wallabag\CoreBundle\Entity\Entry;
 use Wallabag\CoreBundle\Service\Extractor;
-use Wallabag\CoreBundle\Helper\Tools;
-use Wallabag\CoreBundle\Helper\Url;
+use Wallabag\CoreBundle\Form\Type\EntryType;
 
 class EntryController extends Controller
 {
-
     /**
      * @param Request $request
+     *
      * @Route("/new", name="new_entry")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function addEntryAction(Request $request)
     {
-        $entry = new Entries();
-        $entry->setUserId(1);
+        $entry = new Entry($this->getUser());
 
-        $form = $this->createFormBuilder($entry)
-            ->add('url', 'url')
-            ->add('save', 'submit')
-            ->getForm();
+        $form = $this->createForm(new EntryType(), $entry);
 
         $form->handleRequest($request);
 
         if ($form->isValid()) {
-
             $content = Extractor::extract($entry->getUrl());
 
             $entry->setTitle($content->getTitle());
@@ -59,14 +53,15 @@ class EntryController extends Controller
      * Shows unread entries for current user
      *
      * @Route("/unread", name="unread")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function showUnreadAction()
     {
-        $repository = $this->getDoctrine()->getRepository('WallabagCoreBundle:Entries');
-        // TODO don't give the user ID like this
         // TODO change pagination
-        $entries = $repository->findUnreadByUser(1, 0);
+        $entries = $this->getDoctrine()
+            ->getRepository('WallabagCoreBundle:Entry')
+            ->findUnreadByUser($this->getUser()->getId(), 0);
 
         return $this->render(
             'WallabagCoreBundle:Entry:entries.html.twig',
@@ -78,14 +73,15 @@ class EntryController extends Controller
      * Shows read entries for current user
      *
      * @Route("/archive", name="archive")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function showArchiveAction()
     {
-        $repository = $this->getDoctrine()->getRepository('WallabagCoreBundle:Entries');
-        // TODO don't give the user ID like this
         // TODO change pagination
-        $entries = $repository->findArchiveByUser(1, 0);
+        $entries = $this->getDoctrine()
+            ->getRepository('WallabagCoreBundle:Entry')
+            ->findArchiveByUser($this->getUser()->getId(), 0);
 
         return $this->render(
             'WallabagCoreBundle:Entry:entries.html.twig',
@@ -97,14 +93,15 @@ class EntryController extends Controller
      * Shows starred entries for current user
      *
      * @Route("/starred", name="starred")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
     public function showStarredAction()
     {
-        $repository = $this->getDoctrine()->getRepository('WallabagCoreBundle:Entries');
-        // TODO don't give the user ID like this
         // TODO change pagination
-        $entries = $repository->findStarredByUser(1, 0);
+        $entries = $this->getDoctrine()
+            ->getRepository('WallabagCoreBundle:Entry')
+            ->findStarredByUser($this->getUser()->getId(), 0);
 
         return $this->render(
             'WallabagCoreBundle:Entry:entries.html.twig',
@@ -115,12 +112,16 @@ class EntryController extends Controller
     /**
      * Shows entry content
      *
-     * @param Entries $entry
+     * @param Entry $entry
+     *
      * @Route("/view/{id}", requirements={"id" = "\d+"}, name="view")
+     *
      * @return \Symfony\Component\HttpFoundation\Response
      */
-    public function viewAction(Entries $entry)
+    public function viewAction(Entry $entry)
     {
+        $this->checkUserAction($entry);
+
         return $this->render(
             'WallabagCoreBundle:Entry:entry.html.twig',
             array('entry' => $entry)
@@ -131,12 +132,16 @@ class EntryController extends Controller
      * Changes read status for an entry
      *
      * @param Request $request
-     * @param Entries $entry
+     * @param Entry   $entry
+     *
      * @Route("/archive/{id}", requirements={"id" = "\d+"}, name="archive_entry")
+     *
      * @return \Symfony\Component\HttpFoundation\RedirectResponse
      */
-    public function toggleArchiveAction(Request $request, Entries $entry)
+    public function toggleArchiveAction(Request $request, Entry $entry)
     {
+        $this->checkUserAction($entry);
+
         $entry->toggleArchive();
         $this->getDoctrine()->getManager()->flush();
 
@@ -152,12 +157,16 @@ class EntryController extends Controller
      * Changes favorite status for an entry
      *
      * @param Request $request
-     * @param Entries $entry
+     * @param Entry   $entry
+     *
      * @Route("/star/{id}", requirements={"id" = "\d+"}, name="star_entry")
+     *
      * @return \Symfony\Component\HttpFoundation\RedirectResponse
      */
-    public function toggleStarAction(Request $request, Entries $entry)
+    public function toggleStarAction(Request $request, Entry $entry)
     {
+        $this->checkUserAction($entry);
+
         $entry->toggleStar();
         $this->getDoctrine()->getManager()->flush();
 
@@ -173,12 +182,16 @@ class EntryController extends Controller
      * Deletes entry
      *
      * @param Request $request
-     * @param Entries $entry
+     * @param Entry   $entry
+     *
      * @Route("/delete/{id}", requirements={"id" = "\d+"}, name="delete_entry")
+     *
      * @return \Symfony\Component\HttpFoundation\RedirectResponse
      */
-    public function deleteEntryAction(Request $request, Entries $entry)
+    public function deleteEntryAction(Request $request, Entry $entry)
     {
+        $this->checkUserAction($entry);
+
         $em = $this->getDoctrine()->getManager();
         $em->remove($entry);
         $em->flush();
@@ -190,4 +203,16 @@ class EntryController extends Controller
 
         return $this->redirect($request->headers->get('referer'));
     }
+
+    /**
+     * Check if the logged user can manage the given entry
+     *
+     * @param Entry $entry
+     */
+    private function checkUserAction(Entry $entry)
+    {
+        if ($this->getUser()->getId() != $entry->getUser()->getId()) {
+            throw $this->createAccessDeniedException('You can not use this entry.');
+        }
+    }
 }