From 2a0e0a47d853937702d235bdb91df0ca0e3116b6 Mon Sep 17 00:00:00 2001 From: Kevin Decherf Date: Sat, 29 Dec 2018 20:42:41 +0100 Subject: TagRestController: rewrite delete actions to only retrieve tags related to the user Fixes #3815 Signed-off-by: Kevin Decherf --- .../ApiBundle/Controller/TagRestController.php | 22 +++++++++++----------- .../CoreBundle/Repository/TagRepository.php | 17 +++++++++++++++++ 2 files changed, 28 insertions(+), 11 deletions(-) diff --git a/src/Wallabag/ApiBundle/Controller/TagRestController.php b/src/Wallabag/ApiBundle/Controller/TagRestController.php index c6d6df6a..f3498f55 100644 --- a/src/Wallabag/ApiBundle/Controller/TagRestController.php +++ b/src/Wallabag/ApiBundle/Controller/TagRestController.php @@ -46,12 +46,14 @@ class TagRestController extends WallabagRestController $this->validateAuthentication(); $label = $request->get('tag', ''); - $tag = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findOneByLabel($label); + $tags = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findByLabelsAndUser([$label], $this->getUser()->getId()); - if (empty($tag)) { + if (empty($tags)) { throw $this->createNotFoundException('Tag not found'); } + $tag = $tags[0]; + $this->getDoctrine() ->getRepository('WallabagCoreBundle:Entry') ->removeTag($this->getUser()->getId(), $tag); @@ -80,15 +82,7 @@ class TagRestController extends WallabagRestController $tagsLabels = $request->get('tags', ''); - $tags = []; - - foreach (explode(',', $tagsLabels) as $tagLabel) { - $tagEntity = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findOneByLabel($tagLabel); - - if (!empty($tagEntity)) { - $tags[] = $tagEntity; - } - } + $tags = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findByLabelsAndUser(explode(',', $tagsLabels), $this->getUser()->getId()); if (empty($tags)) { throw $this->createNotFoundException('Tags not found'); @@ -120,6 +114,12 @@ class TagRestController extends WallabagRestController { $this->validateAuthentication(); + $tagFromDb = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findByLabelsAndUser([$tag->getLabel()], $this->getUser()->getId()); + + if (empty($tagFromDb)) { + throw $this->createNotFoundException('Tag not found'); + } + $this->getDoctrine() ->getRepository('WallabagCoreBundle:Entry') ->removeTag($this->getUser()->getId(), $tag); diff --git a/src/Wallabag/CoreBundle/Repository/TagRepository.php b/src/Wallabag/CoreBundle/Repository/TagRepository.php index bd2d9f97..8464a6a5 100644 --- a/src/Wallabag/CoreBundle/Repository/TagRepository.php +++ b/src/Wallabag/CoreBundle/Repository/TagRepository.php @@ -75,6 +75,23 @@ class TagRepository extends EntityRepository ->getArrayResult(); } + public function findByLabelsAndUser($labels, $userId) + { + $qb = $this->getQueryBuilderByUser($userId) + ->select('t.id'); + + $ids = $qb->andWhere($qb->expr()->in('t.label', $labels)) + ->getQuery() + ->getArrayResult(); + + $tags = []; + foreach ($ids as $id) { + $tags[] = $this->find($id); + } + + return $tags; + } + /** * Used only in test case to get a tag for our entry. * -- cgit v1.2.3