X-Git-Url: https://git.rapsys.eu/airbundle/blobdiff_plain/abe596a222241e0bd164244bb71ebcfa828d1c71..836d4b8cc091d5815e3f6dffe05532ac7137440d:/Controller/SnippetController.php?ds=sidebyside diff --git a/Controller/SnippetController.php b/Controller/SnippetController.php index b70ec21..acb0b96 100644 --- a/Controller/SnippetController.php +++ b/Controller/SnippetController.php @@ -19,7 +19,7 @@ class SnippetController extends DefaultController { /** * Add snippet * - * @desc Persist snippet in database + * Persist snippet in database * * @param Request $request The request instance * @@ -28,8 +28,11 @@ class SnippetController extends DefaultController { * @throws \RuntimeException When user has not at least guest role */ public function add(Request $request) { - //Prevent non-guest to access here - $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + //Without guest role + if (!$this->checker->isGranted('ROLE_GUEST')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + } //Create SnippetType form $form = $this->container->get('form.factory')->createNamed( @@ -42,7 +45,7 @@ class SnippetController extends DefaultController { //Set options [ //Set the action - 'action' => $this->generateUrl('rapsys_air_snippet_add', ['location' => $request->get('location')]), + 'action' => $this->generateUrl('rapsysair_snippet_add', ['location' => $request->get('location')]), //Set the form attribute 'attr' => [] ] @@ -53,8 +56,11 @@ class SnippetController extends DefaultController { //Prevent creating snippet for other user unless admin if ($form->get('user')->getData() !== $this->getUser()) { - //Prevent non-admin to access here - $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + //Without admin role + if (!$this->checker->isGranted('ROLE_ADMIN')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + } } //Handle invalid form @@ -132,7 +138,7 @@ class SnippetController extends DefaultController { unset($route['_route'], $route['_controller']); //Check if snippet view route - if ($name == 'rapsys_air_user_view' && !empty($route['id'])) { + if ($name == 'rapsysair_user_view' && !empty($route['id'])) { //Replace id $route['id'] = $snippet->getUser()->getId(); //Other routes @@ -151,13 +157,13 @@ class SnippetController extends DefaultController { } //Redirect to cleanup the form - return $this->redirectToRoute('rapsys_air', ['snippet' => $snippet->getId()]); + return $this->redirectToRoute('rapsysair', ['snippet' => $snippet->getId()]); } /** * Edit snippet * - * @desc Persist snippet in database + * Persist snippet in database * * @param Request $request The request instance * @@ -166,8 +172,11 @@ class SnippetController extends DefaultController { * @throws \RuntimeException When user has not at least guest role */ public function edit(Request $request, $id) { - //Prevent non-guest to access here - $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + //Without guest role + if (!$this->checker->isGranted('ROLE_GUEST')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + } //Get doctrine $doctrine = $this->getDoctrine(); @@ -188,7 +197,7 @@ class SnippetController extends DefaultController { //Set options [ //Set the action - 'action' => $this->generateUrl('rapsys_air_snippet_edit', ['id' => $id]), + 'action' => $this->generateUrl('rapsysair_snippet_edit', ['id' => $id]), //Set the form attribute 'attr' => [] ] @@ -199,8 +208,11 @@ class SnippetController extends DefaultController { //Prevent creating snippet for other user unless admin if ($form->get('user')->getData() !== $this->getUser()) { - //Prevent non-admin to access here - $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + //Without admin role + if (!$this->checker->isGranted('ROLE_ADMIN')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + } } //Handle invalid form @@ -310,7 +322,7 @@ class SnippetController extends DefaultController { unset($route['_route'], $route['_controller']); //Check if snippet view route - if ($name == 'rapsys_air_user_view' && !empty($route['id'])) { + if ($name == 'rapsysair_user_view' && !empty($route['id'])) { //Replace id $route['id'] = $snippet->getUser()->getId(); //Other routes @@ -329,6 +341,6 @@ class SnippetController extends DefaultController { } //Redirect to cleanup the form - return $this->redirectToRoute('rapsys_air', ['snippet' => $snippet->getId()]); + return $this->redirectToRoute('rapsysair', ['snippet' => $snippet->getId()]); } }