From: Jérémy Benoist <j0k3r@users.noreply.github.com>
Date: Sat, 25 Nov 2017 11:28:41 +0000 (+0100)
Subject: Merge pull request #3401 from aaa2000/migration-initial
X-Git-Tag: 2.3.0~14
X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=ceff312db8354049d97c2a84889cd7f56d37fd99;hp=f4e7a0df0e5917c51889f95e049eda2f81a8416e;p=github%2Fwallabag%2Fwallabag.git

Merge pull request #3401 from aaa2000/migration-initial

Add an initial doctrine migration
---

diff --git a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
index fa2066dc..548de744 100644
--- a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
+++ b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
@@ -24,6 +24,8 @@ class SiteCredentialController extends Controller
      */
     public function indexAction()
     {
+        $this->isSiteCredentialsEnabled();
+
         $credentials = $this->get('wallabag_core.site_credential_repository')->findByUser($this->getUser());
 
         return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', [
@@ -43,6 +45,8 @@ class SiteCredentialController extends Controller
      */
     public function newAction(Request $request)
     {
+        $this->isSiteCredentialsEnabled();
+
         $credential = new SiteCredential($this->getUser());
 
         $form = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $credential);
@@ -83,6 +87,8 @@ class SiteCredentialController extends Controller
      */
     public function editAction(Request $request, SiteCredential $siteCredential)
     {
+        $this->isSiteCredentialsEnabled();
+
         $this->checkUserAction($siteCredential);
 
         $deleteForm = $this->createDeleteForm($siteCredential);
@@ -125,6 +131,8 @@ class SiteCredentialController extends Controller
      */
     public function deleteAction(Request $request, SiteCredential $siteCredential)
     {
+        $this->isSiteCredentialsEnabled();
+
         $this->checkUserAction($siteCredential);
 
         $form = $this->createDeleteForm($siteCredential);
@@ -144,6 +152,16 @@ class SiteCredentialController extends Controller
         return $this->redirectToRoute('site_credentials_index');
     }
 
+    /**
+     * Throw a 404 if the feature is disabled.
+     */
+    private function isSiteCredentialsEnabled()
+    {
+        if (!$this->get('craue_config')->get('restricted_access')) {
+            throw $this->createNotFoundException('Feature "restricted_access" is disabled, controllers too.');
+        }
+    }
+
     /**
      * Creates a form to delete a site credential entity.
      *
diff --git a/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php b/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php
index 87ea2867..f5074403 100644
--- a/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php
+++ b/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php
@@ -8,6 +8,20 @@ use Wallabag\CoreBundle\Entity\SiteCredential;
 
 class SiteCredentialControllerTest extends WallabagCoreTestCase
 {
+    public function testAccessDeniedBecauseFeatureDisabled()
+    {
+        $this->logInAs('admin');
+        $client = $this->getClient();
+
+        $client->getContainer()->get('craue_config')->set('restricted_access', 0);
+
+        $client->request('GET', '/site-credentials/');
+
+        $this->assertSame(404, $client->getResponse()->getStatusCode());
+
+        $client->getContainer()->get('craue_config')->set('restricted_access', 1);
+    }
+
     public function testListSiteCredential()
     {
         $this->logInAs('admin');