]> Raphaƫl G. Git Repositories - userbundle/blobdiff - Controller/UserController.php
Replace hardcoded role by configurable key
[userbundle] / Controller / UserController.php
index 3f3b5bfa99cc84fc14e367018ba4de4626ae1f0e..22ce0f8052f5d9166f057379237fdd4bcdf7971a 100644 (file)
@@ -37,7 +37,7 @@ class UserController extends AbstractController {
         */
        public function index(Request $request): Response {
                //Without admin
         */
        public function index(Request $request): Response {
                //Without admin
-               if (!$this->checker->isGranted($this->config['default']['admin'])) {
+               if (!$this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))) {
                        //Throw 403
                        throw $this->createAccessDeniedException($this->translator->trans('Unable to list users', [], $this->alias));
                }
                        //Throw 403
                        throw $this->createAccessDeniedException($this->translator->trans('Unable to list users', [], $this->alias));
                }
@@ -140,7 +140,7 @@ class UserController extends AbstractController {
                }
 
                //Prevent access when not admin, user is not guest and not currently logged user
                }
 
                //Prevent access when not admin, user is not guest and not currently logged user
-               if (!$this->checker->isGranted($this->config['default']['admin']) && $user != $this->security->getUser() || !$this->checker->isGranted('IS_AUTHENTICATED_FULLY')) {
+               if (!$this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin'])) && $user != $this->security->getUser() || !$this->checker->isGranted('IS_AUTHENTICATED_FULLY')) {
                        //Throw access denied
                        //XXX: prevent slugger reverse engineering by not displaying decoded mail
                        throw $this->createAccessDeniedException($this->translator->trans('Unable to access user', [], $this->alias));
                        //Throw access denied
                        //XXX: prevent slugger reverse engineering by not displaying decoded mail
                        throw $this->createAccessDeniedException($this->translator->trans('Unable to access user', [], $this->alias));
@@ -155,17 +155,17 @@ class UserController extends AbstractController {
                        //Set civility default
                        'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']),
                        //Disable mail
                        //Set civility default
                        'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']),
                        //Disable mail
-                       'mail' => $this->checker->isGranted('ROLE_ADMIN'),
+                       'mail' => $this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin'])),
                        //Disable password
                        'password' => false,
                        //Set method
                        'method' => 'POST',
                        //Set domain
                        'translation_domain' => $this->alias
                        //Disable password
                        'password' => false,
                        //Set method
                        'method' => 'POST',
                        //Set domain
                        'translation_domain' => $this->alias
-               ]+($this->checker->isGranted($this->config['default']['admin'])?$this->config['edit']['admin']:$this->config['edit']['field']));
+               ]+($this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))?$this->config['edit']['admin']:$this->config['edit']['field']));
 
                //With admin role
 
                //With admin role
-               if ($this->checker->isGranted($this->config['default']['admin'])) {
+               if ($this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))) {
                        //Create the EditType form and give the proper parameters
                        $reset = $this->factory->create($this->config['edit']['view']['reset'], $user, [
                                //Set action to edit route name and context
                        //Create the EditType form and give the proper parameters
                        $reset = $this->factory->create($this->config['edit']['view']['reset'], $user, [
                                //Set action to edit route name and context
@@ -238,7 +238,7 @@ class UserController extends AbstractController {
                        }
                //Without admin role
                //XXX: prefer a reset on login to force user unspam action
                        }
                //Without admin role
                //XXX: prefer a reset on login to force user unspam action
-               } elseif (!$this->checker->isGranted($this->config['default']['admin'])) {
+               } elseif (!$this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))) {
                        //Add notice
                        $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure', [], $this->alias));
                }
                        //Add notice
                        $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure', [], $this->alias));
                }
@@ -586,7 +586,7 @@ class UserController extends AbstractController {
                        'method' => 'POST',
                        //Set domain
                        'translation_domain' => $this->alias
                        'method' => 'POST',
                        //Set domain
                        'translation_domain' => $this->alias
-               ]+($this->checker->isGranted($this->config['default']['admin'])?$this->config['register']['admin']:$this->config['register']['field']));
+               ]+($this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))?$this->config['register']['admin']:$this->config['register']['field']));
 
                //With post method
                if ($request->isMethod('POST')) {
 
                //With post method
                if ($request->isMethod('POST')) {