diff options
| author | Jérémy Benoist <j0k3r@users.noreply.github.com> | 2017-11-22 15:11:25 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-11-22 15:11:25 +0100 |
| commit | f818f64145fa929c399277b665a84a87f31bbacd (patch) | |
| tree | 6f0d8fad8c3e59237afb40cd8a4a272705006357 | |
| parent | d3d0defabc8224172b59c85db66c2d4e6bc3f06b (diff) | |
| parent | ef2b4041fb3791554e93b4180777adbfdcf9afa2 (diff) | |
| download | wallabag-f818f64145fa929c399277b665a84a87f31bbacd.tar.gz wallabag-f818f64145fa929c399277b665a84a87f31bbacd.tar.zst wallabag-f818f64145fa929c399277b665a84a87f31bbacd.zip | |
Merge pull request #3431 from wallabag/disable-site-credentials
Disable controller access if feature disabled
| -rw-r--r-- | src/Wallabag/CoreBundle/Controller/SiteCredentialController.php | 18 | ||||
| -rw-r--r-- | tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php | 14 |
2 files changed, 32 insertions, 0 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php index fa2066dc..548de744 100644 --- a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php +++ b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php | |||
| @@ -24,6 +24,8 @@ class SiteCredentialController extends Controller | |||
| 24 | */ | 24 | */ |
| 25 | public function indexAction() | 25 | public function indexAction() |
| 26 | { | 26 | { |
| 27 | $this->isSiteCredentialsEnabled(); | ||
| 28 | |||
| 27 | $credentials = $this->get('wallabag_core.site_credential_repository')->findByUser($this->getUser()); | 29 | $credentials = $this->get('wallabag_core.site_credential_repository')->findByUser($this->getUser()); |
| 28 | 30 | ||
| 29 | return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', [ | 31 | return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', [ |
| @@ -43,6 +45,8 @@ class SiteCredentialController extends Controller | |||
| 43 | */ | 45 | */ |
| 44 | public function newAction(Request $request) | 46 | public function newAction(Request $request) |
| 45 | { | 47 | { |
| 48 | $this->isSiteCredentialsEnabled(); | ||
| 49 | |||
| 46 | $credential = new SiteCredential($this->getUser()); | 50 | $credential = new SiteCredential($this->getUser()); |
| 47 | 51 | ||
| 48 | $form = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $credential); | 52 | $form = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $credential); |
| @@ -83,6 +87,8 @@ class SiteCredentialController extends Controller | |||
| 83 | */ | 87 | */ |
| 84 | public function editAction(Request $request, SiteCredential $siteCredential) | 88 | public function editAction(Request $request, SiteCredential $siteCredential) |
| 85 | { | 89 | { |
| 90 | $this->isSiteCredentialsEnabled(); | ||
| 91 | |||
| 86 | $this->checkUserAction($siteCredential); | 92 | $this->checkUserAction($siteCredential); |
| 87 | 93 | ||
| 88 | $deleteForm = $this->createDeleteForm($siteCredential); | 94 | $deleteForm = $this->createDeleteForm($siteCredential); |
| @@ -125,6 +131,8 @@ class SiteCredentialController extends Controller | |||
| 125 | */ | 131 | */ |
| 126 | public function deleteAction(Request $request, SiteCredential $siteCredential) | 132 | public function deleteAction(Request $request, SiteCredential $siteCredential) |
| 127 | { | 133 | { |
| 134 | $this->isSiteCredentialsEnabled(); | ||
| 135 | |||
| 128 | $this->checkUserAction($siteCredential); | 136 | $this->checkUserAction($siteCredential); |
| 129 | 137 | ||
| 130 | $form = $this->createDeleteForm($siteCredential); | 138 | $form = $this->createDeleteForm($siteCredential); |
| @@ -145,6 +153,16 @@ class SiteCredentialController extends Controller | |||
| 145 | } | 153 | } |
| 146 | 154 | ||
| 147 | /** | 155 | /** |
| 156 | * Throw a 404 if the feature is disabled. | ||
| 157 | */ | ||
| 158 | private function isSiteCredentialsEnabled() | ||
| 159 | { | ||
| 160 | if (!$this->get('craue_config')->get('restricted_access')) { | ||
| 161 | throw $this->createNotFoundException('Feature "restricted_access" is disabled, controllers too.'); | ||
| 162 | } | ||
| 163 | } | ||
| 164 | |||
| 165 | /** | ||
| 148 | * Creates a form to delete a site credential entity. | 166 | * Creates a form to delete a site credential entity. |
| 149 | * | 167 | * |
| 150 | * @param SiteCredential $siteCredential The site credential entity | 168 | * @param SiteCredential $siteCredential The site credential entity |
diff --git a/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php b/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php index 87ea2867..f5074403 100644 --- a/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php +++ b/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php | |||
| @@ -8,6 +8,20 @@ use Wallabag\CoreBundle\Entity\SiteCredential; | |||
| 8 | 8 | ||
| 9 | class SiteCredentialControllerTest extends WallabagCoreTestCase | 9 | class SiteCredentialControllerTest extends WallabagCoreTestCase |
| 10 | { | 10 | { |
| 11 | public function testAccessDeniedBecauseFeatureDisabled() | ||
| 12 | { | ||
| 13 | $this->logInAs('admin'); | ||
| 14 | $client = $this->getClient(); | ||
| 15 | |||
| 16 | $client->getContainer()->get('craue_config')->set('restricted_access', 0); | ||
| 17 | |||
| 18 | $client->request('GET', '/site-credentials/'); | ||
| 19 | |||
| 20 | $this->assertSame(404, $client->getResponse()->getStatusCode()); | ||
| 21 | |||
| 22 | $client->getContainer()->get('craue_config')->set('restricted_access', 1); | ||
| 23 | } | ||
| 24 | |||
| 11 | public function testListSiteCredential() | 25 | public function testListSiteCredential() |
| 12 | { | 26 | { |
| 13 | $this->logInAs('admin'); | 27 | $this->logInAs('admin'); |