X-Git-Url: https://git.rapsys.eu/userbundle/blobdiff_plain/10322ae4af3fb083421e618c6c8f4b8dc0575126..7661a6732bd1e2a1cd5213b678a611eaade37efc:/Controller/UserController.php?ds=inline diff --git a/Controller/UserController.php b/Controller/UserController.php index 3f3b5bf..22ce0f8 100644 --- a/Controller/UserController.php +++ b/Controller/UserController.php @@ -37,7 +37,7 @@ class UserController extends AbstractController { */ public function index(Request $request): Response { //Without admin - if (!$this->checker->isGranted($this->config['default']['admin'])) { + if (!$this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))) { //Throw 403 throw $this->createAccessDeniedException($this->translator->trans('Unable to list users', [], $this->alias)); } @@ -140,7 +140,7 @@ class UserController extends AbstractController { } //Prevent access when not admin, user is not guest and not currently logged user - if (!$this->checker->isGranted($this->config['default']['admin']) && $user != $this->security->getUser() || !$this->checker->isGranted('IS_AUTHENTICATED_FULLY')) { + if (!$this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin'])) && $user != $this->security->getUser() || !$this->checker->isGranted('IS_AUTHENTICATED_FULLY')) { //Throw access denied //XXX: prevent slugger reverse engineering by not displaying decoded mail throw $this->createAccessDeniedException($this->translator->trans('Unable to access user', [], $this->alias)); @@ -155,17 +155,17 @@ class UserController extends AbstractController { //Set civility default 'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']), //Disable mail - 'mail' => $this->checker->isGranted('ROLE_ADMIN'), + 'mail' => $this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin'])), //Disable password 'password' => false, //Set method 'method' => 'POST', //Set domain 'translation_domain' => $this->alias - ]+($this->checker->isGranted($this->config['default']['admin'])?$this->config['edit']['admin']:$this->config['edit']['field'])); + ]+($this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))?$this->config['edit']['admin']:$this->config['edit']['field'])); //With admin role - if ($this->checker->isGranted($this->config['default']['admin'])) { + if ($this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))) { //Create the EditType form and give the proper parameters $reset = $this->factory->create($this->config['edit']['view']['reset'], $user, [ //Set action to edit route name and context @@ -238,7 +238,7 @@ class UserController extends AbstractController { } //Without admin role //XXX: prefer a reset on login to force user unspam action - } elseif (!$this->checker->isGranted($this->config['default']['admin'])) { + } elseif (!$this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))) { //Add notice $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure', [], $this->alias)); } @@ -586,7 +586,7 @@ class UserController extends AbstractController { 'method' => 'POST', //Set domain 'translation_domain' => $this->alias - ]+($this->checker->isGranted($this->config['default']['admin'])?$this->config['register']['admin']:$this->config['register']['field'])); + ]+($this->checker->isGranted('ROLE_'.strtoupper($this->config['default']['admin']))?$this->config['register']['admin']:$this->config['register']['field'])); //With post method if ($request->isMethod('POST')) {