From 23406ca3f12303759ecb46974d6bcb22fb0e037b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 24 Oct 2016 21:56:28 +0200 Subject: [PATCH] Added relation between API Client and User Fix #2062 --- .../Version20161024212538.php | 47 +++++++++++++++++++ .../Controller/DeveloperController.php | 8 +++- src/Wallabag/ApiBundle/Entity/Client.php | 17 ++++++- src/Wallabag/UserBundle/Entity/User.php | 26 ++++++++++ 4 files changed, 95 insertions(+), 3 deletions(-) create mode 100644 app/DoctrineMigrations/Version20161024212538.php diff --git a/app/DoctrineMigrations/Version20161024212538.php b/app/DoctrineMigrations/Version20161024212538.php new file mode 100644 index 00000000..75973b33 --- /dev/null +++ b/app/DoctrineMigrations/Version20161024212538.php @@ -0,0 +1,47 @@ +container = $container; + } + + private function getTable($tableName) + { + return $this->container->getParameter('database_table_prefix') . $tableName; + } + + /** + * @param Schema $schema + */ + public function up(Schema $schema) + { + $this->skipIf($this->connection->getDatabasePlatform()->getName() == 'sqlite', 'Migration can only be executed safely on \'mysql\' or \'postgresql\'.'); + + $this->addSql('ALTER TABLE '.$this->getTable('oauth2_clients').' ADD CONSTRAINT FK_clients_user_clients FOREIGN KEY (user_id) REFERENCES '.$this->getTable('user').' (id) ON DELETE CASCADE'); + } + + /** + * @param Schema $schema + */ + public function down(Schema $schema) + { + + } +} diff --git a/src/Wallabag/ApiBundle/Controller/DeveloperController.php b/src/Wallabag/ApiBundle/Controller/DeveloperController.php index 5a36a260..550c0608 100644 --- a/src/Wallabag/ApiBundle/Controller/DeveloperController.php +++ b/src/Wallabag/ApiBundle/Controller/DeveloperController.php @@ -19,7 +19,7 @@ class DeveloperController extends Controller */ public function indexAction() { - $clients = $this->getDoctrine()->getRepository('WallabagApiBundle:Client')->findAll(); + $clients = $this->getDoctrine()->getRepository('WallabagApiBundle:Client')->findByUser($this->getUser()->getId()); return $this->render('@WallabagCore/themes/common/Developer/index.html.twig', [ 'clients' => $clients, @@ -38,7 +38,7 @@ class DeveloperController extends Controller public function createClientAction(Request $request) { $em = $this->getDoctrine()->getManager(); - $client = new Client(); + $client = new Client($this->getUser()); $clientForm = $this->createForm(ClientType::class, $client); $clientForm->handleRequest($request); @@ -75,6 +75,10 @@ class DeveloperController extends Controller */ public function deleteClientAction(Client $client) { + if (null === $this->getUser() || $client->getUser()->getId() != $this->getUser()->getId()) { + throw $this->createAccessDeniedException('You can not access this client.'); + } + $em = $this->getDoctrine()->getManager(); $em->remove($client); $em->flush(); diff --git a/src/Wallabag/ApiBundle/Entity/Client.php b/src/Wallabag/ApiBundle/Entity/Client.php index f7898ac8..427a4c7f 100644 --- a/src/Wallabag/ApiBundle/Entity/Client.php +++ b/src/Wallabag/ApiBundle/Entity/Client.php @@ -4,6 +4,7 @@ namespace Wallabag\ApiBundle\Entity; use Doctrine\ORM\Mapping as ORM; use FOS\OAuthServerBundle\Entity\Client as BaseClient; +use Wallabag\UserBundle\Entity\User; /** * @ORM\Table("oauth2_clients") @@ -35,9 +36,15 @@ class Client extends BaseClient */ protected $accessTokens; - public function __construct() + /** + * @ORM\ManyToOne(targetEntity="Wallabag\UserBundle\Entity\User", inversedBy="clients") + */ + private $user; + + public function __construct(User $user) { parent::__construct(); + $this->user = $user; } /** @@ -63,4 +70,12 @@ class Client extends BaseClient return $this; } + + /** + * @return User + */ + public function getUser() + { + return $this->user; + } } diff --git a/src/Wallabag/UserBundle/Entity/User.php b/src/Wallabag/UserBundle/Entity/User.php index d98ae76a..3a167de7 100644 --- a/src/Wallabag/UserBundle/Entity/User.php +++ b/src/Wallabag/UserBundle/Entity/User.php @@ -11,6 +11,7 @@ use JMS\Serializer\Annotation\ExclusionPolicy; use JMS\Serializer\Annotation\Expose; use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; use Symfony\Component\Security\Core\User\UserInterface; +use Wallabag\ApiBundle\Entity\Client; use Wallabag\CoreBundle\Entity\Config; use Wallabag\CoreBundle\Entity\Entry; @@ -84,6 +85,11 @@ class User extends BaseUser implements TwoFactorInterface, TrustedComputerInterf */ private $trusted; + /** + * @ORM\OneToMany(targetEntity="Wallabag\ApiBundle\Entity\Client", mappedBy="user", cascade={"remove"}) + */ + protected $clients; + public function __construct() { parent::__construct(); @@ -240,4 +246,24 @@ class User extends BaseUser implements TwoFactorInterface, TrustedComputerInterf return false; } + + /** + * @param Client $client + * + * @return User + */ + public function addClient(Client $client) + { + $this->clients[] = $client; + + return $this; + } + + /** + * @return ArrayCollection + */ + public function getClients() + { + return $this->clients; + } } -- 2.41.0