diff options
Diffstat (limited to 'src/Wallabag/CoreBundle/Controller/ConfigController.php')
-rw-r--r-- | src/Wallabag/CoreBundle/Controller/ConfigController.php | 48 |
1 files changed, 44 insertions, 4 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 75a9af0b..f1e212d9 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php | |||
@@ -108,7 +108,21 @@ class ConfigController extends Controller | |||
108 | 108 | ||
109 | // handle tagging rule | 109 | // handle tagging rule |
110 | $taggingRule = new TaggingRule(); | 110 | $taggingRule = new TaggingRule(); |
111 | $newTaggingRule = $this->createForm(TaggingRuleType::class, $taggingRule, ['action' => $this->generateUrl('config').'#set5']); | 111 | $action = $this->generateUrl('config').'#set5'; |
112 | |||
113 | if ($request->query->has('tagging-rule')) { | ||
114 | $taggingRule = $this->getDoctrine() | ||
115 | ->getRepository('WallabagCoreBundle:TaggingRule') | ||
116 | ->find($request->query->get('tagging-rule')); | ||
117 | |||
118 | if ($this->getUser()->getId() !== $taggingRule->getConfig()->getUser()->getId()) { | ||
119 | return $this->redirect($action); | ||
120 | } | ||
121 | |||
122 | $action = $this->generateUrl('config').'?tagging-rule='.$taggingRule->getId().'#set5'; | ||
123 | } | ||
124 | |||
125 | $newTaggingRule = $this->createForm(TaggingRuleType::class, $taggingRule, ['action' => $action]); | ||
112 | $newTaggingRule->handleRequest($request); | 126 | $newTaggingRule->handleRequest($request); |
113 | 127 | ||
114 | if ($newTaggingRule->isValid()) { | 128 | if ($newTaggingRule->isValid()) { |
@@ -205,9 +219,7 @@ class ConfigController extends Controller | |||
205 | */ | 219 | */ |
206 | public function deleteTaggingRuleAction(TaggingRule $rule) | 220 | public function deleteTaggingRuleAction(TaggingRule $rule) |
207 | { | 221 | { |
208 | if ($this->getUser()->getId() != $rule->getConfig()->getUser()->getId()) { | 222 | $this->validateRuleAction($rule); |
209 | throw $this->createAccessDeniedException('You can not access this tagging rule.'); | ||
210 | } | ||
211 | 223 | ||
212 | $em = $this->getDoctrine()->getManager(); | 224 | $em = $this->getDoctrine()->getManager(); |
213 | $em->remove($rule); | 225 | $em->remove($rule); |
@@ -222,6 +234,34 @@ class ConfigController extends Controller | |||
222 | } | 234 | } |
223 | 235 | ||
224 | /** | 236 | /** |
237 | * Edit a tagging rule. | ||
238 | * | ||
239 | * @param TaggingRule $rule | ||
240 | * | ||
241 | * @Route("/tagging-rule/edit/{id}", requirements={"id" = "\d+"}, name="edit_tagging_rule") | ||
242 | * | ||
243 | * @return RedirectResponse | ||
244 | */ | ||
245 | public function editTaggingRuleAction(TaggingRule $rule) | ||
246 | { | ||
247 | $this->validateRuleAction($rule); | ||
248 | |||
249 | return $this->redirect($this->generateUrl('config').'?tagging-rule='.$rule->getId().'#set5'); | ||
250 | } | ||
251 | |||
252 | /** | ||
253 | * Validate that a rule can be edited/deleted by the current user. | ||
254 | * | ||
255 | * @param TaggingRule $rule | ||
256 | */ | ||
257 | private function validateRuleAction(TaggingRule $rule) | ||
258 | { | ||
259 | if ($this->getUser()->getId() != $rule->getConfig()->getUser()->getId()) { | ||
260 | throw $this->createAccessDeniedException('You can not access this tagging rule.'); | ||
261 | } | ||
262 | } | ||
263 | |||
264 | /** | ||
225 | * Retrieve config for the current user. | 265 | * Retrieve config for the current user. |
226 | * If no config were found, create a new one. | 266 | * If no config were found, create a new one. |
227 | * | 267 | * |