diff options
-rw-r--r-- | src/Wallabag/CoreBundle/Controller/WallabagRestController.php | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/WallabagRestController.php b/src/Wallabag/CoreBundle/Controller/WallabagRestController.php index 612c59d1..3e25fe49 100644 --- a/src/Wallabag/CoreBundle/Controller/WallabagRestController.php +++ b/src/Wallabag/CoreBundle/Controller/WallabagRestController.php | |||
@@ -40,7 +40,11 @@ class WallabagRestController extends Controller | |||
40 | /** | 40 | /** |
41 | * Retrieve salt for a giver user. | 41 | * Retrieve salt for a giver user. |
42 | * | 42 | * |
43 | * @ApiDoc() | 43 | * @ApiDoc( |
44 | * parameters={ | ||
45 | * {"name"="username", "dataType"="string", "required"=true, "description"="username"} | ||
46 | * } | ||
47 | * ) | ||
44 | * @return array | 48 | * @return array |
45 | */ | 49 | */ |
46 | public function getSaltAction($username) | 50 | public function getSaltAction($username) |
@@ -87,7 +91,7 @@ class WallabagRestController extends Controller | |||
87 | ->getRepository('WallabagCoreBundle:Entry') | 91 | ->getRepository('WallabagCoreBundle:Entry') |
88 | ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order); | 92 | ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order); |
89 | 93 | ||
90 | if (!($entries)) { | 94 | if (!$entries) { |
91 | throw $this->createNotFoundException(); | 95 | throw $this->createNotFoundException(); |
92 | } | 96 | } |
93 | 97 | ||
@@ -109,7 +113,7 @@ class WallabagRestController extends Controller | |||
109 | public function getEntryAction(Entry $entry) | 113 | public function getEntryAction(Entry $entry) |
110 | { | 114 | { |
111 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 115 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
112 | throw $this->createAccessDeniedException(); | 116 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
113 | } | 117 | } |
114 | 118 | ||
115 | $json = $this->get('serializer')->serialize($entry, 'json'); | 119 | $json = $this->get('serializer')->serialize($entry, 'json'); |
@@ -172,7 +176,7 @@ class WallabagRestController extends Controller | |||
172 | public function patchEntriesAction(Entry $entry, Request $request) | 176 | public function patchEntriesAction(Entry $entry, Request $request) |
173 | { | 177 | { |
174 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 178 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
175 | throw $this->createAccessDeniedException(); | 179 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
176 | } | 180 | } |
177 | 181 | ||
178 | $title = $request->request->get("title"); | 182 | $title = $request->request->get("title"); |
@@ -217,7 +221,7 @@ class WallabagRestController extends Controller | |||
217 | public function deleteEntriesAction(Entry $entry) | 221 | public function deleteEntriesAction(Entry $entry) |
218 | { | 222 | { |
219 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 223 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
220 | throw $this->createAccessDeniedException(); | 224 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
221 | } | 225 | } |
222 | 226 | ||
223 | $em = $this->getDoctrine()->getManager(); | 227 | $em = $this->getDoctrine()->getManager(); |
@@ -241,7 +245,7 @@ class WallabagRestController extends Controller | |||
241 | public function getEntriesTagsAction(Entry $entry) | 245 | public function getEntriesTagsAction(Entry $entry) |
242 | { | 246 | { |
243 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 247 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
244 | throw $this->createAccessDeniedException(); | 248 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
245 | } | 249 | } |
246 | 250 | ||
247 | $json = $this->get('serializer')->serialize($entry->getTags(), 'json'); | 251 | $json = $this->get('serializer')->serialize($entry->getTags(), 'json'); |
@@ -264,7 +268,7 @@ class WallabagRestController extends Controller | |||
264 | public function postEntriesTagsAction(Request $request, Entry $entry) | 268 | public function postEntriesTagsAction(Request $request, Entry $entry) |
265 | { | 269 | { |
266 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 270 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
267 | throw $this->createAccessDeniedException(); | 271 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
268 | } | 272 | } |
269 | 273 | ||
270 | $tags = $request->request->get('tags', ''); | 274 | $tags = $request->request->get('tags', ''); |
@@ -294,7 +298,7 @@ class WallabagRestController extends Controller | |||
294 | public function deleteEntriesTagsAction(Entry $entry, Tag $tag) | 298 | public function deleteEntriesTagsAction(Entry $entry, Tag $tag) |
295 | { | 299 | { |
296 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { | 300 | if ($entry->getUser()->getId() != $this->getUser()->getId()) { |
297 | throw $this->createAccessDeniedException(); | 301 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
298 | } | 302 | } |
299 | 303 | ||
300 | $entry->removeTag($tag); | 304 | $entry->removeTag($tag); |
@@ -331,7 +335,7 @@ class WallabagRestController extends Controller | |||
331 | public function deleteTagAction(Tag $tag) | 335 | public function deleteTagAction(Tag $tag) |
332 | { | 336 | { |
333 | if ($tag->getUser()->getId() != $this->getUser()->getId()) { | 337 | if ($tag->getUser()->getId() != $this->getUser()->getId()) { |
334 | throw $this->createAccessDeniedException(); | 338 | throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$tag->getUser()->getId().', logged user id: '.$this->getUser()->getId()); |
335 | } | 339 | } |
336 | 340 | ||
337 | $em = $this->getDoctrine()->getManager(); | 341 | $em = $this->getDoctrine()->getManager(); |