diff options
| author | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2015-03-05 19:34:30 +0100 |
|---|---|---|
| committer | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2015-03-06 21:09:15 +0100 |
| commit | efad7e53a1e881dd686c003b624b429ee1e5b52e (patch) | |
| tree | 8358c088812862a678f2de5fe478a2e1b2551e05 /src/Wallabag/CoreBundle/Controller/WallabagRestController.php | |
| parent | 2ab8cb681608d5887e0b6a92fcafff600a435e55 (diff) | |
| download | wallabag-efad7e53a1e881dd686c003b624b429ee1e5b52e.tar.gz wallabag-efad7e53a1e881dd686c003b624b429ee1e5b52e.tar.zst wallabag-efad7e53a1e881dd686c003b624b429ee1e5b52e.zip | |
add more log on AccessDeniedException
Diffstat (limited to 'src/Wallabag/CoreBundle/Controller/WallabagRestController.php')
| -rw-r--r-- | src/Wallabag/CoreBundle/Controller/WallabagRestController.php | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/WallabagRestController.php b/src/Wallabag/CoreBundle/Controller/WallabagRestController.php index 612c59d1..3e25fe49 100644 --- a/src/Wallabag/CoreBundle/Controller/WallabagRestController.php +++ b/src/Wallabag/CoreBundle/Controller/WallabagRestController.php | |||
| @@ -40,7 +40,11 @@ class WallabagRestController extends Controller | |||
| 40 | /** | 40 | /** |
| 41 | * Retrieve salt for a giver user. | 41 | * Retrieve salt for a giver user. |
| 42 | * | 42 | * |
| 43 | * @ApiDoc() | 43 | * @ApiDoc( |
| 44 | * parameters={ | ||
| 45 | * {"name"="username", "dataType"="string", "required"=true, "description"="username"} | ||
| 46 | * } | ||
| 47 | * ) | ||
| 44 | * @return array | 48 | * @return array |
| 45 | */ | 49 | */ |
| 46 | public function getSaltAction($username) | 50 | public function getSaltAction($username) |
| @@ -87,7 +91,7 @@ class WallabagRestController extends Controller | |||
| 87 | ->getRepository('WallabagCoreBundle:Entry') | 91 | ->getRepository('WallabagCoreBundle:Entry') |
| 88 | ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order); | 92 | ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order); |
| 89 | 93 | ||
| 90 | if (!($entries)) { | 94 | if (!$entries) { |
| 91 | throw $this->createNotFoundException(); | 95 | throw $this->createNotFoundException(); |
| 92 | } | 96 | } |
| 93 | 97 | ||
| @@ -109,7 +113,7 @@ class WallabagRestController extends Controller | |||
| 109 | public function getEntryAction(Entry $entry) | 113 | public function getEntryAction(Entry $entry) |
| 110 | { | 114 | { |
| 111 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 115 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
| 112 | throw $this->createAccessDeniedException(); | 116 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
| 113 | } | 117 | } |
| 114 | 118 | ||
| 115 | $json = $this->get('serializer')->serialize($entry, 'json'); | 119 | $json = $this->get('serializer')->serialize($entry, 'json'); |
| @@ -172,7 +176,7 @@ class WallabagRestController extends Controller | |||
| 172 | public function patchEntriesAction(Entry $entry, Request $request) | 176 | public function patchEntriesAction(Entry $entry, Request $request) |
| 173 | { | 177 | { |
| 174 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 178 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
| 175 | throw $this->createAccessDeniedException(); | 179 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
| 176 | } | 180 | } |
| 177 | 181 | ||
| 178 | $title = $request->request->get("title"); | 182 | $title = $request->request->get("title"); |
| @@ -217,7 +221,7 @@ class WallabagRestController extends Controller | |||
| 217 | public function deleteEntriesAction(Entry $entry) | 221 | public function deleteEntriesAction(Entry $entry) |
| 218 | { | 222 | { |
| 219 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 223 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
| 220 | throw $this->createAccessDeniedException(); | 224 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
| 221 | } | 225 | } |
| 222 | 226 | ||
| 223 | $em = $this->getDoctrine()->getManager(); | 227 | $em = $this->getDoctrine()->getManager(); |
| @@ -241,7 +245,7 @@ class WallabagRestController extends Controller | |||
| 241 | public function getEntriesTagsAction(Entry $entry) | 245 | public function getEntriesTagsAction(Entry $entry) |
| 242 | { | 246 | { |
| 243 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 247 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
| 244 | throw $this->createAccessDeniedException(); | 248 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
| 245 | } | 249 | } |
| 246 | 250 | ||
| 247 | $json = $this->get('serializer')->serialize($entry->getTags(), 'json'); | 251 | $json = $this->get('serializer')->serialize($entry->getTags(), 'json'); |
| @@ -264,7 +268,7 @@ class WallabagRestController extends Controller | |||
| 264 | public function postEntriesTagsAction(Request $request, Entry $entry) | 268 | public function postEntriesTagsAction(Request $request, Entry $entry) |
| 265 | { | 269 | { |
| 266 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 270 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
| 267 | throw $this->createAccessDeniedException(); | 271 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
| 268 | } | 272 | } |
| 269 | 273 | ||
| 270 | $tags = $request->request->get('tags', ''); | 274 | $tags = $request->request->get('tags', ''); |
| @@ -294,7 +298,7 @@ class WallabagRestController extends Controller | |||
| 294 | public function deleteEntriesTagsAction(Entry $entry, Tag $tag) | 298 | public function deleteEntriesTagsAction(Entry $entry, Tag $tag) |
| 295 | { | 299 | { |
| 296 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 300 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
| 297 | throw $this->createAccessDeniedException(); | 301 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
| 298 | } | 302 | } |
| 299 | 303 | ||
| 300 | $entry->removeTag($tag); | 304 | $entry->removeTag($tag); |
| @@ -331,7 +335,7 @@ class WallabagRestController extends Controller | |||
| 331 | public function deleteTagAction(Tag $tag) | 335 | public function deleteTagAction(Tag $tag) |
| 332 | { | 336 | { |
| 333 | if ($tag->getUser()->getId() != $this->getUser()->getId()) { | 337 | if ($tag->getUser()->getId() != $this->getUser()->getId()) { |
| 334 | throw $this->createAccessDeniedException(); | 338 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$tag->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
| 335 | } | 339 | } |
| 336 | 340 | ||
| 337 | $em = $this->getDoctrine()->getManager(); | 341 | $em = $this->getDoctrine()->getManager(); |