From 2a0e0a47d853937702d235bdb91df0ca0e3116b6 Mon Sep 17 00:00:00 2001 From: Kevin Decherf Date: Sat, 29 Dec 2018 20:42:41 +0100 Subject: TagRestController: rewrite delete actions to only retrieve tags related to the user Fixes #3815 Signed-off-by: Kevin Decherf --- .../ApiBundle/Controller/TagRestController.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'src/Wallabag/ApiBundle') diff --git a/src/Wallabag/ApiBundle/Controller/TagRestController.php b/src/Wallabag/ApiBundle/Controller/TagRestController.php index c6d6df6a..f3498f55 100644 --- a/src/Wallabag/ApiBundle/Controller/TagRestController.php +++ b/src/Wallabag/ApiBundle/Controller/TagRestController.php @@ -46,12 +46,14 @@ class TagRestController extends WallabagRestController $this->validateAuthentication(); $label = $request->get('tag', ''); - $tag = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findOneByLabel($label); + $tags = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findByLabelsAndUser([$label], $this->getUser()->getId()); - if (empty($tag)) { + if (empty($tags)) { throw $this->createNotFoundException('Tag not found'); } + $tag = $tags[0]; + $this->getDoctrine() ->getRepository('WallabagCoreBundle:Entry') ->removeTag($this->getUser()->getId(), $tag); @@ -80,15 +82,7 @@ class TagRestController extends WallabagRestController $tagsLabels = $request->get('tags', ''); - $tags = []; - - foreach (explode(',', $tagsLabels) as $tagLabel) { - $tagEntity = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findOneByLabel($tagLabel); - - if (!empty($tagEntity)) { - $tags[] = $tagEntity; - } - } + $tags = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findByLabelsAndUser(explode(',', $tagsLabels), $this->getUser()->getId()); if (empty($tags)) { throw $this->createNotFoundException('Tags not found'); @@ -120,6 +114,12 @@ class TagRestController extends WallabagRestController { $this->validateAuthentication(); + $tagFromDb = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findByLabelsAndUser([$tag->getLabel()], $this->getUser()->getId()); + + if (empty($tagFromDb)) { + throw $this->createNotFoundException('Tag not found'); + } + $this->getDoctrine() ->getRepository('WallabagCoreBundle:Entry') ->removeTag($this->getUser()->getId(), $tag); -- cgit v1.2.3