aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--src/Wallabag/CoreBundle/Controller/WallabagRestController.php22
1 files changed, 13 insertions, 9 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/WallabagRestController.php b/src/Wallabag/CoreBundle/Controller/WallabagRestController.php
index 612c59d1..3e25fe49 100644
--- a/src/Wallabag/CoreBundle/Controller/WallabagRestController.php
+++ b/src/Wallabag/CoreBundle/Controller/WallabagRestController.php
@@ -40,7 +40,11 @@ class WallabagRestController extends Controller
40 /** 40 /**
41 * Retrieve salt for a giver user. 41 * Retrieve salt for a giver user.
42 * 42 *
43 * @ApiDoc() 43 * @ApiDoc(
44 * parameters={
45 * {"name"="username", "dataType"="string", "required"=true, "description"="username"}
46 * }
47 * )
44 * @return array 48 * @return array
45 */ 49 */
46 public function getSaltAction($username) 50 public function getSaltAction($username)
@@ -87,7 +91,7 @@ class WallabagRestController extends Controller
87 ->getRepository('WallabagCoreBundle:Entry') 91 ->getRepository('WallabagCoreBundle:Entry')
88 ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order); 92 ->findEntries($this->getUser()->getId(), $isArchived, $isStarred, $sort, $order);
89 93
90 if (!($entries)) { 94 if (!$entries) {
91 throw $this->createNotFoundException(); 95 throw $this->createNotFoundException();
92 } 96 }
93 97
@@ -109,7 +113,7 @@ class WallabagRestController extends Controller
109 public function getEntryAction(Entry $entry) 113 public function getEntryAction(Entry $entry)
110 { 114 {
111 if ($entry->getUser()->getId() != $this->getUser()->getId()) { 115 if ($entry->getUser()->getId() != $this->getUser()->getId()) {
112 throw $this->createAccessDeniedException(); 116 throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId());
113 } 117 }
114 118
115 $json = $this->get('serializer')->serialize($entry, 'json'); 119 $json = $this->get('serializer')->serialize($entry, 'json');
@@ -172,7 +176,7 @@ class WallabagRestController extends Controller
172 public function patchEntriesAction(Entry $entry, Request $request) 176 public function patchEntriesAction(Entry $entry, Request $request)
173 { 177 {
174 if ($entry->getUser()->getId() != $this->getUser()->getId()) { 178 if ($entry->getUser()->getId() != $this->getUser()->getId()) {
175 throw $this->createAccessDeniedException(); 179 throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId());
176 } 180 }
177 181
178 $title = $request->request->get("title"); 182 $title = $request->request->get("title");
@@ -217,7 +221,7 @@ class WallabagRestController extends Controller
217 public function deleteEntriesAction(Entry $entry) 221 public function deleteEntriesAction(Entry $entry)
218 { 222 {
219 if ($entry->getUser()->getId() != $this->getUser()->getId()) { 223 if ($entry->getUser()->getId() != $this->getUser()->getId()) {
220 throw $this->createAccessDeniedException(); 224 throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId());
221 } 225 }
222 226
223 $em = $this->getDoctrine()->getManager(); 227 $em = $this->getDoctrine()->getManager();
@@ -241,7 +245,7 @@ class WallabagRestController extends Controller
241 public function getEntriesTagsAction(Entry $entry) 245 public function getEntriesTagsAction(Entry $entry)
242 { 246 {
243 if ($entry->getUser()->getId() != $this->getUser()->getId()) { 247 if ($entry->getUser()->getId() != $this->getUser()->getId()) {
244 throw $this->createAccessDeniedException(); 248 throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId());
245 } 249 }
246 250
247 $json = $this->get('serializer')->serialize($entry->getTags(), 'json'); 251 $json = $this->get('serializer')->serialize($entry->getTags(), 'json');
@@ -264,7 +268,7 @@ class WallabagRestController extends Controller
264 public function postEntriesTagsAction(Request $request, Entry $entry) 268 public function postEntriesTagsAction(Request $request, Entry $entry)
265 { 269 {
266 if ($entry->getUser()->getId() != $this->getUser()->getId()) { 270 if ($entry->getUser()->getId() != $this->getUser()->getId()) {
267 throw $this->createAccessDeniedException(); 271 throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId());
268 } 272 }
269 273
270 $tags = $request->request->get('tags', ''); 274 $tags = $request->request->get('tags', '');
@@ -294,7 +298,7 @@ class WallabagRestController extends Controller
294 public function deleteEntriesTagsAction(Entry $entry, Tag $tag) 298 public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
295 { 299 {
296 if ($entry->getUser()->getId() != $this->getUser()->getId()) { 300 if ($entry->getUser()->getId() != $this->getUser()->getId()) {
297 throw $this->createAccessDeniedException(); 301 throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$entry->getUser()->getId().', logged user id: '.$this->getUser()->getId());
298 } 302 }
299 303
300 $entry->removeTag($tag); 304 $entry->removeTag($tag);
@@ -331,7 +335,7 @@ class WallabagRestController extends Controller
331 public function deleteTagAction(Tag $tag) 335 public function deleteTagAction(Tag $tag)
332 { 336 {
333 if ($tag->getUser()->getId() != $this->getUser()->getId()) { 337 if ($tag->getUser()->getId() != $this->getUser()->getId()) {
334 throw $this->createAccessDeniedException(); 338 throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$tag->getUser()->getId().', logged user id: '.$this->getUser()->getId());
335 } 339 }
336 340
337 $em = $this->getDoctrine()->getManager(); 341 $em = $this->getDoctrine()->getManager();