diff options
Diffstat (limited to 'src/Wallabag/ApiBundle/Controller/DeveloperController.php')
-rw-r--r-- | src/Wallabag/ApiBundle/Controller/DeveloperController.php | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/DeveloperController.php b/src/Wallabag/ApiBundle/Controller/DeveloperController.php index 5a36a260..9cb1b626 100644 --- a/src/Wallabag/ApiBundle/Controller/DeveloperController.php +++ b/src/Wallabag/ApiBundle/Controller/DeveloperController.php | |||
@@ -19,7 +19,7 @@ class DeveloperController extends Controller | |||
19 | */ | 19 | */ |
20 | public function indexAction() | 20 | public function indexAction() |
21 | { | 21 | { |
22 | $clients = $this->getDoctrine()->getRepository('WallabagApiBundle:Client')->findAll(); | 22 | $clients = $this->getDoctrine()->getRepository('WallabagApiBundle:Client')->findByUser($this->getUser()->getId()); |
23 | 23 | ||
24 | return $this->render('@WallabagCore/themes/common/Developer/index.html.twig', [ | 24 | return $this->render('@WallabagCore/themes/common/Developer/index.html.twig', [ |
25 | 'clients' => $clients, | 25 | 'clients' => $clients, |
@@ -38,11 +38,11 @@ class DeveloperController extends Controller | |||
38 | public function createClientAction(Request $request) | 38 | public function createClientAction(Request $request) |
39 | { | 39 | { |
40 | $em = $this->getDoctrine()->getManager(); | 40 | $em = $this->getDoctrine()->getManager(); |
41 | $client = new Client(); | 41 | $client = new Client($this->getUser()); |
42 | $clientForm = $this->createForm(ClientType::class, $client); | 42 | $clientForm = $this->createForm(ClientType::class, $client); |
43 | $clientForm->handleRequest($request); | 43 | $clientForm->handleRequest($request); |
44 | 44 | ||
45 | if ($clientForm->isValid()) { | 45 | if ($clientForm->isSubmitted() && $clientForm->isValid()) { |
46 | $client->setAllowedGrantTypes(['token', 'authorization_code', 'password', 'refresh_token']); | 46 | $client->setAllowedGrantTypes(['token', 'authorization_code', 'password', 'refresh_token']); |
47 | $em->persist($client); | 47 | $em->persist($client); |
48 | $em->flush(); | 48 | $em->flush(); |
@@ -75,6 +75,10 @@ class DeveloperController extends Controller | |||
75 | */ | 75 | */ |
76 | public function deleteClientAction(Client $client) | 76 | public function deleteClientAction(Client $client) |
77 | { | 77 | { |
78 | if (null === $this->getUser() || $client->getUser()->getId() != $this->getUser()->getId()) { | ||
79 | throw $this->createAccessDeniedException('You can not access this client.'); | ||
80 | } | ||
81 | |||
78 | $em = $this->getDoctrine()->getManager(); | 82 | $em = $this->getDoctrine()->getManager(); |
79 | $em->remove($client); | 83 | $em->remove($client); |
80 | $em->flush(); | 84 | $em->flush(); |