X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=src%2FWallabag%2FCoreBundle%2FController%2FSiteCredentialController.php;h=51bc1d94ae13dc9d897baaaf17683c50175bc927;hb=7a4c375ebfae5aa43c663b1084acfb68f61b30b8;hp=98781dab0f84a071e09b4621b0e960ffb6fdb218;hpb=80784b782becfaa297e6d9cbb0584e27739cffc8;p=github%2Fwallabag%2Fwallabag.git

diff --git a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
index 98781dab..51bc1d94 100644
--- a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
+++ b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
@@ -2,12 +2,11 @@
 
 namespace Wallabag\CoreBundle\Controller;
 
-use Symfony\Component\HttpFoundation\Request;
 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
-use Wallabag\UserBundle\Entity\User;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Routing\Annotation\Route;
 use Wallabag\CoreBundle\Entity\SiteCredential;
+use Wallabag\UserBundle\Entity\User;
 
 /**
  * SiteCredential controller.
@@ -19,11 +18,12 @@ class SiteCredentialController extends Controller
     /**
      * Lists all User entities.
      *
-     * @Route("/", name="site_credentials_index")
-     * @Method("GET")
+     * @Route("/", name="site_credentials_index", methods={"GET"})
      */
     public function indexAction()
     {
+        $this->isSiteCredentialsEnabled();
+
         $credentials = $this->get('wallabag_core.site_credential_repository')->findByUser($this->getUser());
 
         return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', [
@@ -34,8 +34,7 @@ class SiteCredentialController extends Controller
     /**
      * Creates a new site credential entity.
      *
-     * @Route("/new", name="site_credentials_new")
-     * @Method({"GET", "POST"})
+     * @Route("/new", name="site_credentials_new", methods={"GET", "POST"})
      *
      * @param Request $request
      *
@@ -43,6 +42,8 @@ class SiteCredentialController extends Controller
      */
     public function newAction(Request $request)
     {
+        $this->isSiteCredentialsEnabled();
+
         $credential = new SiteCredential($this->getUser());
 
         $form = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $credential);
@@ -73,8 +74,7 @@ class SiteCredentialController extends Controller
     /**
      * Displays a form to edit an existing site credential entity.
      *
-     * @Route("/{id}/edit", name="site_credentials_edit")
-     * @Method({"GET", "POST"})
+     * @Route("/{id}/edit", name="site_credentials_edit", methods={"GET", "POST"})
      *
      * @param Request        $request
      * @param SiteCredential $siteCredential
@@ -83,6 +83,8 @@ class SiteCredentialController extends Controller
      */
     public function editAction(Request $request, SiteCredential $siteCredential)
     {
+        $this->isSiteCredentialsEnabled();
+
         $this->checkUserAction($siteCredential);
 
         $deleteForm = $this->createDeleteForm($siteCredential);
@@ -115,8 +117,7 @@ class SiteCredentialController extends Controller
     /**
      * Deletes a site credential entity.
      *
-     * @Route("/{id}", name="site_credentials_delete")
-     * @Method("DELETE")
+     * @Route("/{id}", name="site_credentials_delete", methods={"DELETE"})
      *
      * @param Request        $request
      * @param SiteCredential $siteCredential
@@ -125,6 +126,8 @@ class SiteCredentialController extends Controller
      */
     public function deleteAction(Request $request, SiteCredential $siteCredential)
     {
+        $this->isSiteCredentialsEnabled();
+
         $this->checkUserAction($siteCredential);
 
         $form = $this->createDeleteForm($siteCredential);
@@ -144,6 +147,16 @@ class SiteCredentialController extends Controller
         return $this->redirectToRoute('site_credentials_index');
     }
 
+    /**
+     * Throw a 404 if the feature is disabled.
+     */
+    private function isSiteCredentialsEnabled()
+    {
+        if (!$this->get('craue_config')->get('restricted_access')) {
+            throw $this->createNotFoundException('Feature "restricted_access" is disabled, controllers too.');
+        }
+    }
+
     /**
      * Creates a form to delete a site credential entity.
      *
@@ -167,7 +180,7 @@ class SiteCredentialController extends Controller
      */
     private function checkUserAction(SiteCredential $siteCredential)
     {
-        if (null === $this->getUser() || $this->getUser()->getId() != $siteCredential->getUser()->getId()) {
+        if (null === $this->getUser() || $this->getUser()->getId() !== $siteCredential->getUser()->getId()) {
             throw $this->createAccessDeniedException('You can not access this site credential.');
         }
     }