tykayn/caisse-bliss
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

restrict user on deletion

Browse Source
This commit is contained in:
Kayn Ty 2018-05-09 09:50:06 +02:00
parent 772d9e4f4a
commit 2187d9ab7a
5 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Resources/views/default/login-choices.html.twig
View File

@ -57,7 +57,7 @@
btn-success btn-success
{% else %} {% else %}
btn-default btn-default
{% endif %}" href="{{ path('festival_index') }}" {% endif %}" href='{{ path('festival_index') }}'
data-toggle="tab"> data-toggle="tab">
<i class="fa fa-th-large"></i> <i class="fa fa-th-large"></i>
Festivals Festivals

4
src/AppBundle/Controller/FestivalController.php
View File

@ -68,7 +68,6 @@ class FestivalController extends Controller {
public function showAction( Festival $festival ) { public function showAction( Festival $festival ) {
$deleteForm = $this->createDeleteForm( $festival ); $deleteForm = $this->createDeleteForm( $festival );
if ( $festival->getUser()->getId() !== $this->getUser()->getId() ) { if ( $festival->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' ); $this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
} }
@ -111,6 +110,9 @@ class FestivalController extends Controller {
* @Method("DELETE") * @Method("DELETE")
*/ */
public function deleteAction( Request $request, Festival $festival ) { public function deleteAction( Request $request, Festival $festival ) {
if ( $festival->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$form = $this->createDeleteForm( $festival ); $form = $this->createDeleteForm( $festival );
$form->handleRequest( $request ); $form->handleRequest( $request );

3
src/AppBundle/Controller/ProductCategoryController.php
View File

@ -116,6 +116,9 @@ class ProductCategoryController extends Controller {
* @Method("DELETE") * @Method("DELETE")
*/ */
public function deleteAction( Request $request, ProductCategory $productCategory ) { public function deleteAction( Request $request, ProductCategory $productCategory ) {
if ( $productCategory->hasUser( $this->getUser()->getId() ) ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$form = $this->createDeleteForm( $productCategory ); $form = $this->createDeleteForm( $productCategory );
$form->handleRequest( $request ); $form->handleRequest( $request );

3
src/AppBundle/Controller/ProductController.php
View File

@ -116,6 +116,9 @@ class ProductController extends Controller {
* @Method("DELETE") * @Method("DELETE")
*/ */
public function deleteAction( Request $request, Product $product ) { public function deleteAction( Request $request, Product $product ) {
if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$form = $this->createDeleteForm( $product ); $form = $this->createDeleteForm( $product );
$form->handleRequest( $request ); $form->handleRequest( $request );

3
src/AppBundle/Controller/SellRecordController.php
View File

@ -112,6 +112,9 @@ class SellRecordController extends Controller {
* @Method("DELETE") * @Method("DELETE")
*/ */
public function deleteAction( Request $request, SellRecord $sellRecord ) { public function deleteAction( Request $request, SellRecord $sellRecord ) {
if ( $sellRecord->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$form = $this->createDeleteForm( $sellRecord ); $form = $this->createDeleteForm( $sellRecord );
$form->handleRequest( $request ); $form->handleRequest( $request );