diff options
Diffstat (limited to 'src/Wallabag/CoreBundle/Controller')
-rw-r--r-- | src/Wallabag/CoreBundle/Controller/SiteCredentialController.php | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php index e7e43800..429f529a 100644 --- a/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php +++ b/src/Wallabag/CoreBundle/Controller/SiteCredentialController.php | |||
@@ -11,20 +11,22 @@ use Wallabag\CoreBundle\Entity\SiteCredential; | |||
11 | 11 | ||
12 | /** | 12 | /** |
13 | * SiteCredential controller. | 13 | * SiteCredential controller. |
14 | * | ||
15 | * @Route("/site-credentials") | ||
14 | */ | 16 | */ |
15 | class SiteCredentialController extends Controller | 17 | class SiteCredentialController extends Controller |
16 | { | 18 | { |
17 | /** | 19 | /** |
18 | * Lists all User entities. | 20 | * Lists all User entities. |
19 | * | 21 | * |
20 | * @Route("/site-credential", name="site_credential_index") | 22 | * @Route("/", name="site_credentials_index") |
21 | * @Method("GET") | 23 | * @Method("GET") |
22 | */ | 24 | */ |
23 | public function indexAction() | 25 | public function indexAction() |
24 | { | 26 | { |
25 | $em = $this->getDoctrine()->getManager(); | 27 | $em = $this->getDoctrine()->getManager(); |
26 | 28 | ||
27 | $credentials = $em->getRepository('WallabagCoreBundle:SiteCredential')->findAll(); | 29 | $credentials = $em->getRepository('WallabagCoreBundle:SiteCredential')->findByUser($this->getUser()); |
28 | 30 | ||
29 | return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', array( | 31 | return $this->render('WallabagCoreBundle:SiteCredential:index.html.twig', array( |
30 | 'credentials' => $credentials, | 32 | 'credentials' => $credentials, |
@@ -34,7 +36,7 @@ class SiteCredentialController extends Controller | |||
34 | /** | 36 | /** |
35 | * Creates a new site credential entity. | 37 | * Creates a new site credential entity. |
36 | * | 38 | * |
37 | * @Route("/site-credential/new", name="site_credential_new") | 39 | * @Route("/new", name="site_credentials_new") |
38 | * @Method({"GET", "POST"}) | 40 | * @Method({"GET", "POST"}) |
39 | */ | 41 | */ |
40 | public function newAction(Request $request) | 42 | public function newAction(Request $request) |
@@ -54,7 +56,7 @@ class SiteCredentialController extends Controller | |||
54 | $this->get('translator')->trans('flashes.site_credential.notice.added', ['%host%' => $credential->getHost()]) | 56 | $this->get('translator')->trans('flashes.site_credential.notice.added', ['%host%' => $credential->getHost()]) |
55 | ); | 57 | ); |
56 | 58 | ||
57 | return $this->redirectToRoute('site_credential_edit', array('id' => $credential->getId())); | 59 | return $this->redirectToRoute('site_credentials_edit', array('id' => $credential->getId())); |
58 | } | 60 | } |
59 | 61 | ||
60 | return $this->render('WallabagCoreBundle:SiteCredential:new.html.twig', array( | 62 | return $this->render('WallabagCoreBundle:SiteCredential:new.html.twig', array( |
@@ -66,11 +68,13 @@ class SiteCredentialController extends Controller | |||
66 | /** | 68 | /** |
67 | * Displays a form to edit an existing site credential entity. | 69 | * Displays a form to edit an existing site credential entity. |
68 | * | 70 | * |
69 | * @Route("/site-credential/{id}/edit", name="site_credential_edit") | 71 | * @Route("/{id}/edit", name="site_credentials_edit") |
70 | * @Method({"GET", "POST"}) | 72 | * @Method({"GET", "POST"}) |
71 | */ | 73 | */ |
72 | public function editAction(Request $request, SiteCredential $siteCredential) | 74 | public function editAction(Request $request, SiteCredential $siteCredential) |
73 | { | 75 | { |
76 | $this->checkUserAction($siteCredential); | ||
77 | |||
74 | $deleteForm = $this->createDeleteForm($siteCredential); | 78 | $deleteForm = $this->createDeleteForm($siteCredential); |
75 | $editForm = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $siteCredential); | 79 | $editForm = $this->createForm('Wallabag\CoreBundle\Form\Type\SiteCredentialType', $siteCredential); |
76 | $editForm->handleRequest($request); | 80 | $editForm->handleRequest($request); |
@@ -85,7 +89,7 @@ class SiteCredentialController extends Controller | |||
85 | $this->get('translator')->trans('flashes.site_credential.notice.updated', ['%host%' => $siteCredential->getHost()]) | 89 | $this->get('translator')->trans('flashes.site_credential.notice.updated', ['%host%' => $siteCredential->getHost()]) |
86 | ); | 90 | ); |
87 | 91 | ||
88 | return $this->redirectToRoute('site_credential_edit', array('id' => $siteCredential->getId())); | 92 | return $this->redirectToRoute('site_credentials_edit', array('id' => $siteCredential->getId())); |
89 | } | 93 | } |
90 | 94 | ||
91 | return $this->render('WallabagCoreBundle:SiteCredential:edit.html.twig', array( | 95 | return $this->render('WallabagCoreBundle:SiteCredential:edit.html.twig', array( |
@@ -98,11 +102,13 @@ class SiteCredentialController extends Controller | |||
98 | /** | 102 | /** |
99 | * Deletes a site credential entity. | 103 | * Deletes a site credential entity. |
100 | * | 104 | * |
101 | * @Route("/site-credential/{id}", name="site_credential_delete") | 105 | * @Route("/{id}", name="site_credentials_delete") |
102 | * @Method("DELETE") | 106 | * @Method("DELETE") |
103 | */ | 107 | */ |
104 | public function deleteAction(Request $request, SiteCredential $siteCredential) | 108 | public function deleteAction(Request $request, SiteCredential $siteCredential) |
105 | { | 109 | { |
110 | $this->checkUserAction($siteCredential); | ||
111 | |||
106 | $form = $this->createDeleteForm($siteCredential); | 112 | $form = $this->createDeleteForm($siteCredential); |
107 | $form->handleRequest($request); | 113 | $form->handleRequest($request); |
108 | 114 | ||
@@ -117,7 +123,7 @@ class SiteCredentialController extends Controller | |||
117 | $em->flush(); | 123 | $em->flush(); |
118 | } | 124 | } |
119 | 125 | ||
120 | return $this->redirectToRoute('site_credential_index'); | 126 | return $this->redirectToRoute('site_credentials_index'); |
121 | } | 127 | } |
122 | 128 | ||
123 | /** | 129 | /** |
@@ -130,9 +136,21 @@ class SiteCredentialController extends Controller | |||
130 | private function createDeleteForm(SiteCredential $siteCredential) | 136 | private function createDeleteForm(SiteCredential $siteCredential) |
131 | { | 137 | { |
132 | return $this->createFormBuilder() | 138 | return $this->createFormBuilder() |
133 | ->setAction($this->generateUrl('site_credential_delete', array('id' => $siteCredential->getId()))) | 139 | ->setAction($this->generateUrl('site_credentials_delete', array('id' => $siteCredential->getId()))) |
134 | ->setMethod('DELETE') | 140 | ->setMethod('DELETE') |
135 | ->getForm() | 141 | ->getForm() |
136 | ; | 142 | ; |
137 | } | 143 | } |
144 | |||
145 | /** | ||
146 | * Check if the logged user can manage the given site credential. | ||
147 | * | ||
148 | * @param SiteCredential $siteCredential The site credential entity | ||
149 | */ | ||
150 | private function checkUserAction(SiteCredential $siteCredential) | ||
151 | { | ||
152 | if (null === $this->getUser() || $this->getUser()->getId() != $siteCredential->getUser()->getId()) { | ||
153 | throw $this->createAccessDeniedException('You can not access this site credential.'); | ||
154 | } | ||
155 | } | ||
138 | } | 156 | } |