From: Jeremy Benoist <jeremy.benoist@gmail.com>
Date: Sat, 1 Oct 2016 15:24:24 +0000 (+0200)
Subject: Introduce validateRuleAction
X-Git-Tag: 2.1.0~11^2~1
X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=8799bde00dade0e6c3a98e009c90a14cf2e1adfe;p=github%2Fwallabag%2Fwallabag.git

Introduce validateRuleAction
---

diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php
index 28e33998..4dd4e40c 100644
--- a/src/Wallabag/CoreBundle/Controller/ConfigController.php
+++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php
@@ -219,9 +219,7 @@ class ConfigController extends Controller
      */
     public function deleteTaggingRuleAction(TaggingRule $rule)
     {
-        if ($this->getUser()->getId() != $rule->getConfig()->getUser()->getId()) {
-            throw $this->createAccessDeniedException('You can not access this tagging rule.');
-        }
+        $this->validateRuleAction($rule);
 
         $em = $this->getDoctrine()->getManager();
         $em->remove($rule);
@@ -245,12 +243,22 @@ class ConfigController extends Controller
      * @return RedirectResponse
      */
     public function editTaggingRuleAction(TaggingRule $rule)
+    {
+        $this->validateRuleAction($rule);
+
+        return $this->redirect($this->generateUrl('config').'?tagging-rule='.$rule->getId().'#set5');
+    }
+
+    /**
+     * Validate that a rule can be edited/deleted by the current user
+     *
+     * @param  TaggingRule $rule
+     */
+    private function validateRuleAction(TaggingRule $rule)
     {
         if ($this->getUser()->getId() != $rule->getConfig()->getUser()->getId()) {
             throw $this->createAccessDeniedException('You can not access this tagging rule.');
         }
-
-        return $this->redirect($this->generateUrl('config').'?tagging-rule='.$rule->getId().'#set5');
     }
 
     /**