aboutsummaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2016-12-09 16:47:50 +0100
committerJeremy Benoist <jeremy.benoist@gmail.com>2017-06-20 16:03:13 +0200
commitfc6d92c63dc5629a9e005628e416e0ecf4daa6ed (patch)
tree0c71a36d6b07df22e20dff7fcafb4d6d1c074292 /src
parentf92fcb53ca78cc8822962e676b0db117e1a08aa5 (diff)
downloadwallabag-fc6d92c63dc5629a9e005628e416e0ecf4daa6ed.tar.gz
wallabag-fc6d92c63dc5629a9e005628e416e0ecf4daa6ed.tar.zst
wallabag-fc6d92c63dc5629a9e005628e416e0ecf4daa6ed.zip
Update route & user verification
Diffstat (limited to 'src')
-rw-r--r--src/Wallabag/CoreBundle/Controller/SiteCredentialController.php36
-rw-r--r--src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php3
-rw-r--r--src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml6
-rw-r--r--src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig2
-rw-r--r--src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig4
-rw-r--r--src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig2
6 files changed, 34 insertions, 19 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
index e7e43800..429f529a 100644
--- a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
+++ b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php
@@ -11,20 +11,22 @@ use Wallabag\CoreBundle\Entity\SiteCredential;
11 11
12/** 12/**
13 * SiteCredential controller. 13 * SiteCredential controller.
14 *
15 * @Route("/site-credentials")
14 */ 16 */
15class SiteCredentialController extends Controller 17class SiteCredentialController extends Controller
16{ 18{
17 /** 19 /**
18 * Lists all User entities. 20 * Lists all User entities.
19 * 21 *
20 * @Route("/site-credential", name="site_credential_index") 22 * @Route("/", name="site_credentials_index")
21 * @Method("GET") 23 * @Method("GET")
22 */ 24 */
23 public function indexAction() 25 public function indexAction()
24 { 26 {
25 $em = $this->getDoctrine()->getManager(); 27 $em = $this->getDoctrine()->getManager();
26 28
27 $credentials = $em->getRepository('WallabagCoreBundle:SiteCredential')->findAll(); 29 $credentials = $em->getRepository('WallabagCoreBundle:SiteCredential')->findByUser($this->getUser());
28 30
29 return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', array( 31 return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', array(
30 'credentials' => $credentials, 32 'credentials' => $credentials,
@@ -34,7 +36,7 @@ class SiteCredentialController extends Controller
34 /** 36 /**
35 * Creates a new site credential entity. 37 * Creates a new site credential entity.
36 * 38 *
37 * @Route("/site-credential/new", name="site_credential_new") 39 * @Route("/new", name="site_credentials_new")
38 * @Method({"GET", "POST"}) 40 * @Method({"GET", "POST"})
39 */ 41 */
40 public function newAction(Request $request) 42 public function newAction(Request $request)
@@ -54,7 +56,7 @@ class SiteCredentialController extends Controller
54 $this->get('translator')->trans('flashes.site_credential.notice.added', ['%host%' => $credential->getHost()]) 56 $this->get('translator')->trans('flashes.site_credential.notice.added', ['%host%' => $credential->getHost()])
55 ); 57 );
56 58
57 return $this->redirectToRoute('site_credential_edit', array('id' => $credential->getId())); 59 return $this->redirectToRoute('site_credentials_edit', array('id' => $credential->getId()));
58 } 60 }
59 61
60 return $this->render('WallabagCoreBundle:SiteCredential:new.html.twig', array( 62 return $this->render('WallabagCoreBundle:SiteCredential:new.html.twig', array(
@@ -66,11 +68,13 @@ class SiteCredentialController extends Controller
66 /** 68 /**
67 * Displays a form to edit an existing site credential entity. 69 * Displays a form to edit an existing site credential entity.
68 * 70 *
69 * @Route("/site-credential/{id}/edit", name="site_credential_edit") 71 * @Route("/{id}/edit", name="site_credentials_edit")
70 * @Method({"GET", "POST"}) 72 * @Method({"GET", "POST"})
71 */ 73 */
72 public function editAction(Request $request, SiteCredential $siteCredential) 74 public function editAction(Request $request, SiteCredential $siteCredential)
73 { 75 {
76 $this->checkUserAction($siteCredential);
77
74 $deleteForm = $this->createDeleteForm($siteCredential); 78 $deleteForm = $this->createDeleteForm($siteCredential);
75 $editForm = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $siteCredential); 79 $editForm = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $siteCredential);
76 $editForm->handleRequest($request); 80 $editForm->handleRequest($request);
@@ -85,7 +89,7 @@ class SiteCredentialController extends Controller
85 $this->get('translator')->trans('flashes.site_credential.notice.updated', ['%host%' => $siteCredential->getHost()]) 89 $this->get('translator')->trans('flashes.site_credential.notice.updated', ['%host%' => $siteCredential->getHost()])
86 ); 90 );
87 91
88 return $this->redirectToRoute('site_credential_edit', array('id' => $siteCredential->getId())); 92 return $this->redirectToRoute('site_credentials_edit', array('id' => $siteCredential->getId()));
89 } 93 }
90 94
91 return $this->render('WallabagCoreBundle:SiteCredential:edit.html.twig', array( 95 return $this->render('WallabagCoreBundle:SiteCredential:edit.html.twig', array(
@@ -98,11 +102,13 @@ class SiteCredentialController extends Controller
98 /** 102 /**
99 * Deletes a site credential entity. 103 * Deletes a site credential entity.
100 * 104 *
101 * @Route("/site-credential/{id}", name="site_credential_delete") 105 * @Route("/{id}", name="site_credentials_delete")
102 * @Method("DELETE") 106 * @Method("DELETE")
103 */ 107 */
104 public function deleteAction(Request $request, SiteCredential $siteCredential) 108 public function deleteAction(Request $request, SiteCredential $siteCredential)
105 { 109 {
110 $this->checkUserAction($siteCredential);
111
106 $form = $this->createDeleteForm($siteCredential); 112 $form = $this->createDeleteForm($siteCredential);
107 $form->handleRequest($request); 113 $form->handleRequest($request);
108 114
@@ -117,7 +123,7 @@ class SiteCredentialController extends Controller
117 $em->flush(); 123 $em->flush();
118 } 124 }
119 125
120 return $this->redirectToRoute('site_credential_index'); 126 return $this->redirectToRoute('site_credentials_index');
121 } 127 }
122 128
123 /** 129 /**
@@ -130,9 +136,21 @@ class SiteCredentialController extends Controller
130 private function createDeleteForm(SiteCredential $siteCredential) 136 private function createDeleteForm(SiteCredential $siteCredential)
131 { 137 {
132 return $this->createFormBuilder() 138 return $this->createFormBuilder()
133 ->setAction($this->generateUrl('site_credential_delete', array('id' => $siteCredential->getId()))) 139 ->setAction($this->generateUrl('site_credentials_delete', array('id' => $siteCredential->getId())))
134 ->setMethod('DELETE') 140 ->setMethod('DELETE')
135 ->getForm() 141 ->getForm()
136 ; 142 ;
137 } 143 }
144
145 /**
146 * Check if the logged user can manage the given site credential.
147 *
148 * @param SiteCredential $siteCredential The site credential entity
149 */
150 private function checkUserAction(SiteCredential $siteCredential)
151 {
152 if (null === $this->getUser() || $this->getUser()->getId() != $siteCredential->getUser()->getId()) {
153 throw $this->createAccessDeniedException('You can not access this site credential.');
154 }
155 }
138} 156}
diff --git a/src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php b/src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php
index 501b4439..88aee6d5 100644
--- a/src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php
+++ b/src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php
@@ -4,9 +4,6 @@ namespace Wallabag\CoreBundle\Repository;
4 4
5/** 5/**
6 * SiteCredentialRepository. 6 * SiteCredentialRepository.
7 *
8 * This class was generated by the Doctrine ORM. Add your own custom
9 * repository methods below.
10 */ 7 */
11class SiteCredentialRepository extends \Doctrine\ORM\EntityRepository 8class SiteCredentialRepository extends \Doctrine\ORM\EntityRepository
12{ 9{
diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml
index e37abfd3..17eaf015 100644
--- a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml
+++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml
@@ -514,7 +514,7 @@ user:
514 twofactor_label: "Double authentification" 514 twofactor_label: "Double authentification"
515 save: "Sauvegarder" 515 save: "Sauvegarder"
516 delete: "Supprimer" 516 delete: "Supprimer"
517 delete_confirm: "Voulez-vous vraiment ?" 517 delete_confirm: "Êtes-vous sur ?"
518 back_to_list: "Revenir à la liste" 518 back_to_list: "Revenir à la liste"
519 search: 519 search:
520 placeholder: "Filtrer par nom d’utilisateur ou email" 520 placeholder: "Filtrer par nom d’utilisateur ou email"
@@ -523,7 +523,7 @@ site_credential:
523 page_title: Gestion des accès aux sites 523 page_title: Gestion des accès aux sites
524 new_site_credential: Créer un accès à un site 524 new_site_credential: Créer un accès à un site
525 edit_site_credential: Éditer l'accès d'un site 525 edit_site_credential: Éditer l'accès d'un site
526 description: "Ici vous pouvez gérer les accès aux différents sites. Ces accès permettent de récupérer des contenus sur des sites qui requiert une authentification ou un paywall" 526 description: "Ici vous pouvez gérer les accès aux différents sites. Ces accès permettent de récupérer des contenus sur des sites qui requièrent une authentification ou un paywall"
527 list: 527 list:
528 actions: Actions 528 actions: Actions
529 edit_action: Éditer 529 edit_action: Éditer
@@ -536,7 +536,7 @@ site_credential:
536 password_label: 'Mot de passe' 536 password_label: 'Mot de passe'
537 save: "Sauvegarder" 537 save: "Sauvegarder"
538 delete: "Supprimer" 538 delete: "Supprimer"
539 delete_confirm: "Voulez-vous vraiment ?" 539 delete_confirm: "Êtes-vous sur ?"
540 back_to_list: "Revenir à la liste" 540 back_to_list: "Revenir à la liste"
541 541
542error: 542error:
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig
index 8448f17e..882be430 100644
--- a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig
@@ -49,7 +49,7 @@
49 <button onclick="return confirm('{{ 'site_credential.form.delete_confirm'|trans|escape('js') }}')" type="submit" class="btn waves-effect waves-light red">{{ 'site_credential.form.delete'|trans }}</button> 49 <button onclick="return confirm('{{ 'site_credential.form.delete_confirm'|trans|escape('js') }}')" type="submit" class="btn waves-effect waves-light red">{{ 'site_credential.form.delete'|trans }}</button>
50 {{ form_end(delete_form) }} 50 {{ form_end(delete_form) }}
51 </p> 51 </p>
52 <p><a class="waves-effect waves-light btn blue-grey" href="{{ path('site_credential_index') }}">{{ 'site_credential.form.back_to_list'|trans }}</a></p> 52 <p><a class="waves-effect waves-light btn blue-grey" href="{{ path('site_credentials_index') }}">{{ 'site_credential.form.back_to_list'|trans }}</a></p>
53 </div> 53 </div>
54 </div> 54 </div>
55 </div> 55 </div>
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig
index fda60b31..c128bceb 100644
--- a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig
@@ -25,7 +25,7 @@
25 <td>{{ credential.host }}</td> 25 <td>{{ credential.host }}</td>
26 <td>{{ credential.username }}</td> 26 <td>{{ credential.username }}</td>
27 <td> 27 <td>
28 <a href="{{ path('site_credential_edit', { 'id': credential.id }) }}">{{ 'site_credential.list.edit_action'|trans }}</a> 28 <a href="{{ path('site_credentials_edit', { 'id': credential.id }) }}">{{ 'site_credential.list.edit_action'|trans }}</a>
29 </td> 29 </td>
30 </tr> 30 </tr>
31 {% endfor %} 31 {% endfor %}
@@ -33,7 +33,7 @@
33 </table> 33 </table>
34 <br /> 34 <br />
35 <p> 35 <p>
36 <a href="{{ path('site_credential_new') }}" class="waves-effect waves-light btn">{{ 'site_credential.list.create_new_one'|trans }}</a> 36 <a href="{{ path('site_credentials_new') }}" class="waves-effect waves-light btn">{{ 'site_credential.list.create_new_one'|trans }}</a>
37 </p> 37 </p>
38 </div> 38 </div>
39 </div> 39 </div>
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig
index bf713902..3c008cde 100644
--- a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig
@@ -42,7 +42,7 @@
42 {{ form_widget(form.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} 42 {{ form_widget(form.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }}
43 {{ form_rest(form) }} 43 {{ form_rest(form) }}
44 </form> 44 </form>
45 <p><a class="waves-effect waves-light btn blue-grey" href="{{ path('site_credential_index') }}">{{ 'site_credential.form.back_to_list'|trans }}</a></p> 45 <p><a class="waves-effect waves-light btn blue-grey" href="{{ path('site_credentials_index') }}">{{ 'site_credential.form.back_to_list'|trans }}</a></p>
46 </div> 46 </div>
47 </div> 47 </div>
48 </div> 48 </div>