diff options
author | Jeremy Benoist <jeremy.benoist@gmail.com> | 2016-12-09 16:47:50 +0100 |
---|---|---|
committer | Jeremy Benoist <jeremy.benoist@gmail.com> | 2017-06-20 16:03:13 +0200 |
commit | fc6d92c63dc5629a9e005628e416e0ecf4daa6ed (patch) | |
tree | 0c71a36d6b07df22e20dff7fcafb4d6d1c074292 /src | |
parent | f92fcb53ca78cc8822962e676b0db117e1a08aa5 (diff) | |
download | wallabag-fc6d92c63dc5629a9e005628e416e0ecf4daa6ed.tar.gz wallabag-fc6d92c63dc5629a9e005628e416e0ecf4daa6ed.tar.zst wallabag-fc6d92c63dc5629a9e005628e416e0ecf4daa6ed.zip |
Update route & user verification
Diffstat (limited to 'src')
6 files changed, 34 insertions, 19 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php index e7e43800..429f529a 100644 --- a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php +++ b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php | |||
@@ -11,20 +11,22 @@ use Wallabag\CoreBundle\Entity\SiteCredential; | |||
11 | 11 | ||
12 | /** | 12 | /** |
13 | * SiteCredential controller. | 13 | * SiteCredential controller. |
14 | * | ||
15 | * @Route("/site-credentials") | ||
14 | */ | 16 | */ |
15 | class SiteCredentialController extends Controller | 17 | class SiteCredentialController extends Controller |
16 | { | 18 | { |
17 | /** | 19 | /** |
18 | * Lists all User entities. | 20 | * Lists all User entities. |
19 | * | 21 | * |
20 | * @Route("/site-credential", name="site_credential_index") | 22 | * @Route("/", name="site_credentials_index") |
21 | * @Method("GET") | 23 | * @Method("GET") |
22 | */ | 24 | */ |
23 | public function indexAction() | 25 | public function indexAction() |
24 | { | 26 | { |
25 | $em = $this->getDoctrine()->getManager(); | 27 | $em = $this->getDoctrine()->getManager(); |
26 | 28 | ||
27 | $credentials = $em->getRepository('WallabagCoreBundle:SiteCredential')->findAll(); | 29 | $credentials = $em->getRepository('WallabagCoreBundle:SiteCredential')->findByUser($this->getUser()); |
28 | 30 | ||
29 | return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', array( | 31 | return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', array( |
30 | 'credentials' => $credentials, | 32 | 'credentials' => $credentials, |
@@ -34,7 +36,7 @@ class SiteCredentialController extends Controller | |||
34 | /** | 36 | /** |
35 | * Creates a new site credential entity. | 37 | * Creates a new site credential entity. |
36 | * | 38 | * |
37 | * @Route("/site-credential/new", name="site_credential_new") | 39 | * @Route("/new", name="site_credentials_new") |
38 | * @Method({"GET", "POST"}) | 40 | * @Method({"GET", "POST"}) |
39 | */ | 41 | */ |
40 | public function newAction(Request $request) | 42 | public function newAction(Request $request) |
@@ -54,7 +56,7 @@ class SiteCredentialController extends Controller | |||
54 | $this->get('translator')->trans('flashes.site_credential.notice.added', ['%host%' => $credential->getHost()]) | 56 | $this->get('translator')->trans('flashes.site_credential.notice.added', ['%host%' => $credential->getHost()]) |
55 | ); | 57 | ); |
56 | 58 | ||
57 | return $this->redirectToRoute('site_credential_edit', array('id' => $credential->getId())); | 59 | return $this->redirectToRoute('site_credentials_edit', array('id' => $credential->getId())); |
58 | } | 60 | } |
59 | 61 | ||
60 | return $this->render('WallabagCoreBundle:SiteCredential:new.html.twig', array( | 62 | return $this->render('WallabagCoreBundle:SiteCredential:new.html.twig', array( |
@@ -66,11 +68,13 @@ class SiteCredentialController extends Controller | |||
66 | /** | 68 | /** |
67 | * Displays a form to edit an existing site credential entity. | 69 | * Displays a form to edit an existing site credential entity. |
68 | * | 70 | * |
69 | * @Route("/site-credential/{id}/edit", name="site_credential_edit") | 71 | * @Route("/{id}/edit", name="site_credentials_edit") |
70 | * @Method({"GET", "POST"}) | 72 | * @Method({"GET", "POST"}) |
71 | */ | 73 | */ |
72 | public function editAction(Request $request, SiteCredential $siteCredential) | 74 | public function editAction(Request $request, SiteCredential $siteCredential) |
73 | { | 75 | { |
76 | $this->checkUserAction($siteCredential); | ||
77 | |||
74 | $deleteForm = $this->createDeleteForm($siteCredential); | 78 | $deleteForm = $this->createDeleteForm($siteCredential); |
75 | $editForm = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $siteCredential); | 79 | $editForm = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $siteCredential); |
76 | $editForm->handleRequest($request); | 80 | $editForm->handleRequest($request); |
@@ -85,7 +89,7 @@ class SiteCredentialController extends Controller | |||
85 | $this->get('translator')->trans('flashes.site_credential.notice.updated', ['%host%' => $siteCredential->getHost()]) | 89 | $this->get('translator')->trans('flashes.site_credential.notice.updated', ['%host%' => $siteCredential->getHost()]) |
86 | ); | 90 | ); |
87 | 91 | ||
88 | return $this->redirectToRoute('site_credential_edit', array('id' => $siteCredential->getId())); | 92 | return $this->redirectToRoute('site_credentials_edit', array('id' => $siteCredential->getId())); |
89 | } | 93 | } |
90 | 94 | ||
91 | return $this->render('WallabagCoreBundle:SiteCredential:edit.html.twig', array( | 95 | return $this->render('WallabagCoreBundle:SiteCredential:edit.html.twig', array( |
@@ -98,11 +102,13 @@ class SiteCredentialController extends Controller | |||
98 | /** | 102 | /** |
99 | * Deletes a site credential entity. | 103 | * Deletes a site credential entity. |
100 | * | 104 | * |
101 | * @Route("/site-credential/{id}", name="site_credential_delete") | 105 | * @Route("/{id}", name="site_credentials_delete") |
102 | * @Method("DELETE") | 106 | * @Method("DELETE") |
103 | */ | 107 | */ |
104 | public function deleteAction(Request $request, SiteCredential $siteCredential) | 108 | public function deleteAction(Request $request, SiteCredential $siteCredential) |
105 | { | 109 | { |
110 | $this->checkUserAction($siteCredential); | ||
111 | |||
106 | $form = $this->createDeleteForm($siteCredential); | 112 | $form = $this->createDeleteForm($siteCredential); |
107 | $form->handleRequest($request); | 113 | $form->handleRequest($request); |
108 | 114 | ||
@@ -117,7 +123,7 @@ class SiteCredentialController extends Controller | |||
117 | $em->flush(); | 123 | $em->flush(); |
118 | } | 124 | } |
119 | 125 | ||
120 | return $this->redirectToRoute('site_credential_index'); | 126 | return $this->redirectToRoute('site_credentials_index'); |
121 | } | 127 | } |
122 | 128 | ||
123 | /** | 129 | /** |
@@ -130,9 +136,21 @@ class SiteCredentialController extends Controller | |||
130 | private function createDeleteForm(SiteCredential $siteCredential) | 136 | private function createDeleteForm(SiteCredential $siteCredential) |
131 | { | 137 | { |
132 | return $this->createFormBuilder() | 138 | return $this->createFormBuilder() |
133 | ->setAction($this->generateUrl('site_credential_delete', array('id' => $siteCredential->getId()))) | 139 | ->setAction($this->generateUrl('site_credentials_delete', array('id' => $siteCredential->getId()))) |
134 | ->setMethod('DELETE') | 140 | ->setMethod('DELETE') |
135 | ->getForm() | 141 | ->getForm() |
136 | ; | 142 | ; |
137 | } | 143 | } |
144 | |||
145 | /** | ||
146 | * Check if the logged user can manage the given site credential. | ||
147 | * | ||
148 | * @param SiteCredential $siteCredential The site credential entity | ||
149 | */ | ||
150 | private function checkUserAction(SiteCredential $siteCredential) | ||
151 | { | ||
152 | if (null === $this->getUser() || $this->getUser()->getId() != $siteCredential->getUser()->getId()) { | ||
153 | throw $this->createAccessDeniedException('You can not access this site credential.'); | ||
154 | } | ||
155 | } | ||
138 | } | 156 | } |
diff --git a/src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php b/src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php index 501b4439..88aee6d5 100644 --- a/src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php +++ b/src/Wallabag/CoreBundle/Repository/SiteCredentialRepository.php | |||
@@ -4,9 +4,6 @@ namespace Wallabag\CoreBundle\Repository; | |||
4 | 4 | ||
5 | /** | 5 | /** |
6 | * SiteCredentialRepository. | 6 | * SiteCredentialRepository. |
7 | * | ||
8 | * This class was generated by the Doctrine ORM. Add your own custom | ||
9 | * repository methods below. | ||
10 | */ | 7 | */ |
11 | class SiteCredentialRepository extends \Doctrine\ORM\EntityRepository | 8 | class SiteCredentialRepository extends \Doctrine\ORM\EntityRepository |
12 | { | 9 | { |
diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml index e37abfd3..17eaf015 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml | |||
@@ -514,7 +514,7 @@ user: | |||
514 | twofactor_label: "Double authentification" | 514 | twofactor_label: "Double authentification" |
515 | save: "Sauvegarder" | 515 | save: "Sauvegarder" |
516 | delete: "Supprimer" | 516 | delete: "Supprimer" |
517 | delete_confirm: "Voulez-vous vraiment ?" | 517 | delete_confirm: "Êtes-vous sur ?" |
518 | back_to_list: "Revenir à la liste" | 518 | back_to_list: "Revenir à la liste" |
519 | search: | 519 | search: |
520 | placeholder: "Filtrer par nom d’utilisateur ou email" | 520 | placeholder: "Filtrer par nom d’utilisateur ou email" |
@@ -523,7 +523,7 @@ site_credential: | |||
523 | page_title: Gestion des accès aux sites | 523 | page_title: Gestion des accès aux sites |
524 | new_site_credential: Créer un accès à un site | 524 | new_site_credential: Créer un accès à un site |
525 | edit_site_credential: Éditer l'accès d'un site | 525 | edit_site_credential: Éditer l'accès d'un site |
526 | description: "Ici vous pouvez gérer les accès aux différents sites. Ces accès permettent de récupérer des contenus sur des sites qui requiert une authentification ou un paywall" | 526 | description: "Ici vous pouvez gérer les accès aux différents sites. Ces accès permettent de récupérer des contenus sur des sites qui requièrent une authentification ou un paywall" |
527 | list: | 527 | list: |
528 | actions: Actions | 528 | actions: Actions |
529 | edit_action: Éditer | 529 | edit_action: Éditer |
@@ -536,7 +536,7 @@ site_credential: | |||
536 | password_label: 'Mot de passe' | 536 | password_label: 'Mot de passe' |
537 | save: "Sauvegarder" | 537 | save: "Sauvegarder" |
538 | delete: "Supprimer" | 538 | delete: "Supprimer" |
539 | delete_confirm: "Voulez-vous vraiment ?" | 539 | delete_confirm: "Êtes-vous sur ?" |
540 | back_to_list: "Revenir à la liste" | 540 | back_to_list: "Revenir à la liste" |
541 | 541 | ||
542 | error: | 542 | error: |
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig index 8448f17e..882be430 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/edit.html.twig | |||
@@ -49,7 +49,7 @@ | |||
49 | <button onclick="return confirm('{{ 'site_credential.form.delete_confirm'|trans|escape('js') }}')" type="submit" class="btn waves-effect waves-light red">{{ 'site_credential.form.delete'|trans }}</button> | 49 | <button onclick="return confirm('{{ 'site_credential.form.delete_confirm'|trans|escape('js') }}')" type="submit" class="btn waves-effect waves-light red">{{ 'site_credential.form.delete'|trans }}</button> |
50 | {{ form_end(delete_form) }} | 50 | {{ form_end(delete_form) }} |
51 | </p> | 51 | </p> |
52 | <p><a class="waves-effect waves-light btn blue-grey" href="{{ path('site_credential_index') }}">{{ 'site_credential.form.back_to_list'|trans }}</a></p> | 52 | <p><a class="waves-effect waves-light btn blue-grey" href="{{ path('site_credentials_index') }}">{{ 'site_credential.form.back_to_list'|trans }}</a></p> |
53 | </div> | 53 | </div> |
54 | </div> | 54 | </div> |
55 | </div> | 55 | </div> |
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig index fda60b31..c128bceb 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/index.html.twig | |||
@@ -25,7 +25,7 @@ | |||
25 | <td>{{ credential.host }}</td> | 25 | <td>{{ credential.host }}</td> |
26 | <td>{{ credential.username }}</td> | 26 | <td>{{ credential.username }}</td> |
27 | <td> | 27 | <td> |
28 | <a href="{{ path('site_credential_edit', { 'id': credential.id }) }}">{{ 'site_credential.list.edit_action'|trans }}</a> | 28 | <a href="{{ path('site_credentials_edit', { 'id': credential.id }) }}">{{ 'site_credential.list.edit_action'|trans }}</a> |
29 | </td> | 29 | </td> |
30 | </tr> | 30 | </tr> |
31 | {% endfor %} | 31 | {% endfor %} |
@@ -33,7 +33,7 @@ | |||
33 | </table> | 33 | </table> |
34 | <br /> | 34 | <br /> |
35 | <p> | 35 | <p> |
36 | <a href="{{ path('site_credential_new') }}" class="waves-effect waves-light btn">{{ 'site_credential.list.create_new_one'|trans }}</a> | 36 | <a href="{{ path('site_credentials_new') }}" class="waves-effect waves-light btn">{{ 'site_credential.list.create_new_one'|trans }}</a> |
37 | </p> | 37 | </p> |
38 | </div> | 38 | </div> |
39 | </div> | 39 | </div> |
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig index bf713902..3c008cde 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/SiteCredential/new.html.twig | |||
@@ -42,7 +42,7 @@ | |||
42 | {{ form_widget(form.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} | 42 | {{ form_widget(form.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} |
43 | {{ form_rest(form) }} | 43 | {{ form_rest(form) }} |
44 | </form> | 44 | </form> |
45 | <p><a class="waves-effect waves-light btn blue-grey" href="{{ path('site_credential_index') }}">{{ 'site_credential.form.back_to_list'|trans }}</a></p> | 45 | <p><a class="waves-effect waves-light btn blue-grey" href="{{ path('site_credentials_index') }}">{{ 'site_credential.form.back_to_list'|trans }}</a></p> |
46 | </div> | 46 | </div> |
47 | </div> | 47 | </div> |
48 | </div> | 48 | </div> |