From d2c4ef23175c3746ec58a8ddf4d9ff6e642e82ec Mon Sep 17 00:00:00 2001 From: =?utf8?q?Rapha=C3=ABl=20Gertz?= Date: Thu, 29 Feb 2024 15:11:13 +0100 Subject: [PATCH] Replace dropped calls with checker, factory and security replacements --- Controller/SnippetController.php | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/Controller/SnippetController.php b/Controller/SnippetController.php index b70ec21..0c9bc3d 100644 --- a/Controller/SnippetController.php +++ b/Controller/SnippetController.php @@ -28,8 +28,11 @@ class SnippetController extends DefaultController { * @throws \RuntimeException When user has not at least guest role */ public function add(Request $request) { - //Prevent non-guest to access here - $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + //Without guest role + if (!$this->checker->isGranted('ROLE_GUEST')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + } //Create SnippetType form $form = $this->container->get('form.factory')->createNamed( @@ -53,8 +56,11 @@ class SnippetController extends DefaultController { //Prevent creating snippet for other user unless admin if ($form->get('user')->getData() !== $this->getUser()) { - //Prevent non-admin to access here - $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + //Without admin role + if (!$this->checker->isGranted('ROLE_ADMIN')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + } } //Handle invalid form @@ -166,8 +172,11 @@ class SnippetController extends DefaultController { * @throws \RuntimeException When user has not at least guest role */ public function edit(Request $request, $id) { - //Prevent non-guest to access here - $this->denyAccessUnlessGranted('ROLE_GUEST', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + //Without guest role + if (!$this->checker->isGranted('ROLE_GUEST')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Guest')])); + } //Get doctrine $doctrine = $this->getDoctrine(); @@ -199,8 +208,11 @@ class SnippetController extends DefaultController { //Prevent creating snippet for other user unless admin if ($form->get('user')->getData() !== $this->getUser()) { - //Prevent non-admin to access here - $this->denyAccessUnlessGranted('ROLE_ADMIN', null, $this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + //Without admin role + if (!$this->checker->isGranted('ROLE_ADMIN')) { + //Throw 403 + throw $this->createAccessDeniedException($this->translator->trans('Unable to access this page without role %role%!', ['%role%' => $this->translator->trans('Admin')])); + } } //Handle invalid form -- 2.41.1