diff options
author | Jérémy Benoist <j0k3r@users.noreply.github.com> | 2017-11-22 15:11:25 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-22 15:11:25 +0100 |
commit | f818f64145fa929c399277b665a84a87f31bbacd (patch) | |
tree | 6f0d8fad8c3e59237afb40cd8a4a272705006357 | |
parent | d3d0defabc8224172b59c85db66c2d4e6bc3f06b (diff) | |
parent | ef2b4041fb3791554e93b4180777adbfdcf9afa2 (diff) | |
download | wallabag-f818f64145fa929c399277b665a84a87f31bbacd.tar.gz wallabag-f818f64145fa929c399277b665a84a87f31bbacd.tar.zst wallabag-f818f64145fa929c399277b665a84a87f31bbacd.zip |
Merge pull request #3431 from wallabag/disable-site-credentials
Disable controller access if feature disabled
-rw-r--r-- | src/Wallabag/CoreBundle/Controller/SiteCredentialController.php | 18 | ||||
-rw-r--r-- | tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php | 14 |
2 files changed, 32 insertions, 0 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php index fa2066dc..548de744 100644 --- a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php +++ b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php | |||
@@ -24,6 +24,8 @@ class SiteCredentialController extends Controller | |||
24 | */ | 24 | */ |
25 | public function indexAction() | 25 | public function indexAction() |
26 | { | 26 | { |
27 | $this->isSiteCredentialsEnabled(); | ||
28 | |||
27 | $credentials = $this->get('wallabag_core.site_credential_repository')->findByUser($this->getUser()); | 29 | $credentials = $this->get('wallabag_core.site_credential_repository')->findByUser($this->getUser()); |
28 | 30 | ||
29 | return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', [ | 31 | return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', [ |
@@ -43,6 +45,8 @@ class SiteCredentialController extends Controller | |||
43 | */ | 45 | */ |
44 | public function newAction(Request $request) | 46 | public function newAction(Request $request) |
45 | { | 47 | { |
48 | $this->isSiteCredentialsEnabled(); | ||
49 | |||
46 | $credential = new SiteCredential($this->getUser()); | 50 | $credential = new SiteCredential($this->getUser()); |
47 | 51 | ||
48 | $form = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $credential); | 52 | $form = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $credential); |
@@ -83,6 +87,8 @@ class SiteCredentialController extends Controller | |||
83 | */ | 87 | */ |
84 | public function editAction(Request $request, SiteCredential $siteCredential) | 88 | public function editAction(Request $request, SiteCredential $siteCredential) |
85 | { | 89 | { |
90 | $this->isSiteCredentialsEnabled(); | ||
91 | |||
86 | $this->checkUserAction($siteCredential); | 92 | $this->checkUserAction($siteCredential); |
87 | 93 | ||
88 | $deleteForm = $this->createDeleteForm($siteCredential); | 94 | $deleteForm = $this->createDeleteForm($siteCredential); |
@@ -125,6 +131,8 @@ class SiteCredentialController extends Controller | |||
125 | */ | 131 | */ |
126 | public function deleteAction(Request $request, SiteCredential $siteCredential) | 132 | public function deleteAction(Request $request, SiteCredential $siteCredential) |
127 | { | 133 | { |
134 | $this->isSiteCredentialsEnabled(); | ||
135 | |||
128 | $this->checkUserAction($siteCredential); | 136 | $this->checkUserAction($siteCredential); |
129 | 137 | ||
130 | $form = $this->createDeleteForm($siteCredential); | 138 | $form = $this->createDeleteForm($siteCredential); |
@@ -145,6 +153,16 @@ class SiteCredentialController extends Controller | |||
145 | } | 153 | } |
146 | 154 | ||
147 | /** | 155 | /** |
156 | * Throw a 404 if the feature is disabled. | ||
157 | */ | ||
158 | private function isSiteCredentialsEnabled() | ||
159 | { | ||
160 | if (!$this->get('craue_config')->get('restricted_access')) { | ||
161 | throw $this->createNotFoundException('Feature "restricted_access" is disabled, controllers too.'); | ||
162 | } | ||
163 | } | ||
164 | |||
165 | /** | ||
148 | * Creates a form to delete a site credential entity. | 166 | * Creates a form to delete a site credential entity. |
149 | * | 167 | * |
150 | * @param SiteCredential $siteCredential The site credential entity | 168 | * @param SiteCredential $siteCredential The site credential entity |
diff --git a/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php b/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php index 87ea2867..f5074403 100644 --- a/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php +++ b/tests/Wallabag/CoreBundle/Controller/SiteCredentialControllerTest.php | |||
@@ -8,6 +8,20 @@ use Wallabag\CoreBundle\Entity\SiteCredential; | |||
8 | 8 | ||
9 | class SiteCredentialControllerTest extends WallabagCoreTestCase | 9 | class SiteCredentialControllerTest extends WallabagCoreTestCase |
10 | { | 10 | { |
11 | public function testAccessDeniedBecauseFeatureDisabled() | ||
12 | { | ||
13 | $this->logInAs('admin'); | ||
14 | $client = $this->getClient(); | ||
15 | |||
16 | $client->getContainer()->get('craue_config')->set('restricted_access', 0); | ||
17 | |||
18 | $client->request('GET', '/site-credentials/'); | ||
19 | |||
20 | $this->assertSame(404, $client->getResponse()->getStatusCode()); | ||
21 | |||
22 | $client->getContainer()->get('craue_config')->set('restricted_access', 1); | ||
23 | } | ||
24 | |||
11 | public function testListSiteCredential() | 25 | public function testListSiteCredential() |
12 | { | 26 | { |
13 | $this->logInAs('admin'); | 27 | $this->logInAs('admin'); |