Merge branch 'master' of https://gitlab.com/tykayn1/fanzine-log
This commit is contained in:
commit
7efd697c83
@ -67,6 +67,10 @@ class FestivalController extends Controller {
|
||||
*/
|
||||
public function showAction( Festival $festival ) {
|
||||
$deleteForm = $this->createDeleteForm( $festival );
|
||||
if ( $festival->getUser()->getId() !== $this->getUser()->getId() ) {
|
||||
|
||||
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
|
||||
}
|
||||
|
||||
return $this->render( 'festival/show.html.twig',
|
||||
[
|
||||
|
@ -3,9 +3,9 @@
|
||||
namespace AppBundle\Controller;
|
||||
|
||||
use AppBundle\Entity\ProductCategory;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
|
||||
/**
|
||||
@ -85,7 +85,12 @@ class ProductCategoryController extends Controller {
|
||||
* @Method({"GET", "POST"})
|
||||
*/
|
||||
public function editAction( Request $request, ProductCategory $productCategory ) {
|
||||
if ( ! $productCategory->hasUser( $this->getUser()->getId() ) ) {
|
||||
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
|
||||
}
|
||||
|
||||
$deleteForm = $this->createDeleteForm( $productCategory );
|
||||
$currentUser = $this->getUser();
|
||||
$productCategory->setUsers( [ $currentUser ] );
|
||||
$editForm = $this->createForm( 'AppBundle\Form\ProductCategoryType', $productCategory );
|
||||
$editForm->handleRequest( $request );
|
||||
@ -115,6 +120,9 @@ class ProductCategoryController extends Controller {
|
||||
$form->handleRequest( $request );
|
||||
|
||||
if ( $form->isSubmitted() && $form->isValid() ) {
|
||||
if ( ! $productCategory->hasUser( $this->getUser()->getId() ) ) {
|
||||
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
|
||||
}
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
$em->remove( $productCategory );
|
||||
$em->flush();
|
||||
|
@ -3,32 +3,32 @@
|
||||
namespace AppBundle\Controller;
|
||||
|
||||
use AppBundle\Entity\Product;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;use Symfony\Component\HttpFoundation\Request;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
|
||||
/**
|
||||
* Product controller.
|
||||
*
|
||||
* @Route("product")
|
||||
*/
|
||||
class ProductController extends Controller
|
||||
{
|
||||
class ProductController extends Controller {
|
||||
/**
|
||||
* Lists all product entities.
|
||||
*
|
||||
* @Route("/", name="product_index")
|
||||
* @Method("GET")
|
||||
*/
|
||||
public function indexAction()
|
||||
{
|
||||
public function indexAction() {
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
|
||||
$products = $em->getRepository( 'AppBundle:Product' )->findByUser( $this->getUser() );
|
||||
|
||||
return $this->render('product/index.html.twig', array(
|
||||
return $this->render( 'product/index.html.twig',
|
||||
[
|
||||
'products' => $products,
|
||||
));
|
||||
] );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -37,8 +37,7 @@ class ProductController extends Controller
|
||||
* @Route("/new", name="product_new")
|
||||
* @Method({"GET", "POST"})
|
||||
*/
|
||||
public function newAction(Request $request)
|
||||
{
|
||||
public function newAction( Request $request ) {
|
||||
$product = new Product();
|
||||
$product->setUser( $this->getUser() );
|
||||
$form = $this->createForm( 'AppBundle\Form\ProductType', $product );
|
||||
@ -49,13 +48,14 @@ class ProductController extends Controller
|
||||
$em->persist( $product );
|
||||
$em->flush();
|
||||
|
||||
return $this->redirectToRoute('product_show', array('id' => $product->getId()));
|
||||
return $this->redirectToRoute( 'product_show', [ 'id' => $product->getId() ] );
|
||||
}
|
||||
|
||||
return $this->render('product/new.html.twig', array(
|
||||
return $this->render( 'product/new.html.twig',
|
||||
[
|
||||
'product' => $product,
|
||||
'form' => $form->createView(),
|
||||
));
|
||||
] );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -64,14 +64,18 @@ class ProductController extends Controller
|
||||
* @Route("/{id}", name="product_show")
|
||||
* @Method("GET")
|
||||
*/
|
||||
public function showAction(Product $product)
|
||||
{
|
||||
public function showAction( Product $product ) {
|
||||
$deleteForm = $this->createDeleteForm( $product );
|
||||
if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {
|
||||
|
||||
return $this->render('product/show.html.twig', array(
|
||||
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
|
||||
}
|
||||
|
||||
return $this->render( 'product/show.html.twig',
|
||||
[
|
||||
'product' => $product,
|
||||
'delete_form' => $deleteForm->createView(),
|
||||
));
|
||||
] );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -80,8 +84,13 @@ class ProductController extends Controller
|
||||
* @Route("/{id}/edit", name="product_edit")
|
||||
* @Method({"GET", "POST"})
|
||||
*/
|
||||
public function editAction(Request $request, Product $product)
|
||||
{
|
||||
public function editAction( Request $request, Product $product ) {
|
||||
|
||||
if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {
|
||||
|
||||
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
|
||||
}
|
||||
|
||||
$deleteForm = $this->createDeleteForm( $product );
|
||||
$editForm = $this->createForm( 'AppBundle\Form\ProductType', $product );
|
||||
$editForm->handleRequest( $request );
|
||||
@ -89,14 +98,15 @@ class ProductController extends Controller
|
||||
if ( $editForm->isSubmitted() && $editForm->isValid() ) {
|
||||
$this->getDoctrine()->getManager()->flush();
|
||||
|
||||
return $this->redirectToRoute('product_edit', array('id' => $product->getId()));
|
||||
return $this->redirectToRoute( 'product_edit', [ 'id' => $product->getId() ] );
|
||||
}
|
||||
|
||||
return $this->render('product/edit.html.twig', array(
|
||||
return $this->render( 'product/edit.html.twig',
|
||||
[
|
||||
'product' => $product,
|
||||
'edit_form' => $editForm->createView(),
|
||||
'delete_form' => $deleteForm->createView(),
|
||||
));
|
||||
] );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -105,12 +115,15 @@ class ProductController extends Controller
|
||||
* @Route("/{id}", name="product_delete")
|
||||
* @Method("DELETE")
|
||||
*/
|
||||
public function deleteAction(Request $request, Product $product)
|
||||
{
|
||||
public function deleteAction( Request $request, Product $product ) {
|
||||
$form = $this->createDeleteForm( $product );
|
||||
$form->handleRequest( $request );
|
||||
|
||||
if ( $form->isSubmitted() && $form->isValid() ) {
|
||||
if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {
|
||||
|
||||
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
|
||||
}
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
$em->remove( $product );
|
||||
$em->flush();
|
||||
@ -126,12 +139,10 @@ class ProductController extends Controller
|
||||
*
|
||||
* @return \Symfony\Component\Form\Form The form
|
||||
*/
|
||||
private function createDeleteForm(Product $product)
|
||||
{
|
||||
private function createDeleteForm( Product $product ) {
|
||||
return $this->createFormBuilder()
|
||||
->setAction($this->generateUrl('product_delete', array('id' => $product->getId())))
|
||||
->setAction( $this->generateUrl( 'product_delete', [ 'id' => $product->getId() ] ) )
|
||||
->setMethod( 'DELETE' )
|
||||
->getForm()
|
||||
;
|
||||
->getForm();
|
||||
}
|
||||
}
|
||||
|
@ -3,32 +3,32 @@
|
||||
namespace AppBundle\Controller;
|
||||
|
||||
use AppBundle\Entity\SellRecord;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;use Symfony\Component\HttpFoundation\Request;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
|
||||
/**
|
||||
* Sellrecord controller.
|
||||
*
|
||||
* @Route("sellrecord")
|
||||
*/
|
||||
class SellRecordController extends Controller
|
||||
{
|
||||
class SellRecordController extends Controller {
|
||||
/**
|
||||
* Lists all sellRecord entities.
|
||||
*
|
||||
* @Route("/", name="sellrecord_index")
|
||||
* @Method("GET")
|
||||
*/
|
||||
public function indexAction()
|
||||
{
|
||||
public function indexAction() {
|
||||
$em = $this->getDoctrine()->getManager();
|
||||
|
||||
$sellRecords = $em->getRepository( 'AppBundle:SellRecord' )->findByUser( $this->getUser() );
|
||||
|
||||
return $this->render('sellrecord/index.html.twig', array(
|
||||
return $this->render( 'sellrecord/index.html.twig',
|
||||
[
|
||||
'sellRecords' => $sellRecords,
|
||||
));
|
||||
] );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -37,8 +37,7 @@ class SellRecordController extends Controller
|
||||
* @Route("/new", name="sellrecord_new")
|
||||
* @Method({"GET", "POST"})
|
||||
*/
|
||||
public function newAction(Request $request)
|
||||
{
|
||||
public function newAction( Request $request ) {
|
||||
$sellRecord = new Sellrecord();
|
||||
$sellRecord->setUser( $this->getUser() );
|
||||
$form = $this->createForm( 'AppBundle\Form\SellRecordType', $sellRecord );
|
||||
@ -49,13 +48,14 @@ class SellRecordController extends Controller
|
||||
$em->persist( $sellRecord );
|
||||
$em->flush();
|
||||
|
||||
return $this->redirectToRoute('sellrecord_show', array('date' => $sellRecord->getDate()));
|
||||
return $this->redirectToRoute( 'sellrecord_show', [ 'date' => $sellRecord->getDate() ] );
|
||||
}
|
||||
|
||||
return $this->render('sellrecord/new.html.twig', array(
|
||||
return $this->render( 'sellrecord/new.html.twig',
|
||||
[
|
||||
'sellRecord' => $sellRecord,
|
||||
'form' => $form->createView(),
|
||||
));
|
||||
] );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -64,14 +64,17 @@ class SellRecordController extends Controller
|
||||
* @Route("/{date}", name="sellrecord_show")
|
||||
* @Method("GET")
|
||||
*/
|
||||
public function showAction(SellRecord $sellRecord)
|
||||
{
|
||||
public function showAction( SellRecord $sellRecord ) {
|
||||
$deleteForm = $this->createDeleteForm( $sellRecord );
|
||||
if ( ! $sellRecord->getUser() == $this->getUser()->getId() ) {
|
||||
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
|
||||
}
|
||||
|
||||
return $this->render('sellrecord/show.html.twig', array(
|
||||
return $this->render( 'sellrecord/show.html.twig',
|
||||
[
|
||||
'sellRecord' => $sellRecord,
|
||||
'delete_form' => $deleteForm->createView(),
|
||||
));
|
||||
] );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -80,8 +83,10 @@ class SellRecordController extends Controller
|
||||
* @Route("/{date}/edit", name="sellrecord_edit")
|
||||
* @Method({"GET", "POST"})
|
||||
*/
|
||||
public function editAction(Request $request, SellRecord $sellRecord)
|
||||
{
|
||||
public function editAction( Request $request, SellRecord $sellRecord ) {
|
||||
if ( ! $sellRecord->getUser() == $this->getUser()->getId() ) {
|
||||
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
|
||||
}
|
||||
$deleteForm = $this->createDeleteForm( $sellRecord );
|
||||
$editForm = $this->createForm( 'AppBundle\Form\SellRecordType', $sellRecord );
|
||||
$editForm->handleRequest( $request );
|
||||
@ -89,14 +94,15 @@ class SellRecordController extends Controller
|
||||
if ( $editForm->isSubmitted() && $editForm->isValid() ) {
|
||||
$this->getDoctrine()->getManager()->flush();
|
||||
|
||||
return $this->redirectToRoute('sellrecord_edit', array('date' => $sellRecord->getDate()));
|
||||
return $this->redirectToRoute( 'sellrecord_edit', [ 'date' => $sellRecord->getDate() ] );
|
||||
}
|
||||
|
||||
return $this->render('sellrecord/edit.html.twig', array(
|
||||
return $this->render( 'sellrecord/edit.html.twig',
|
||||
[
|
||||
'sellRecord' => $sellRecord,
|
||||
'edit_form' => $editForm->createView(),
|
||||
'delete_form' => $deleteForm->createView(),
|
||||
));
|
||||
] );
|
||||
}
|
||||
|
||||
/**
|
||||
@ -105,8 +111,7 @@ class SellRecordController extends Controller
|
||||
* @Route("/{date}", name="sellrecord_delete")
|
||||
* @Method("DELETE")
|
||||
*/
|
||||
public function deleteAction(Request $request, SellRecord $sellRecord)
|
||||
{
|
||||
public function deleteAction( Request $request, SellRecord $sellRecord ) {
|
||||
$form = $this->createDeleteForm( $sellRecord );
|
||||
$form->handleRequest( $request );
|
||||
|
||||
@ -126,12 +131,10 @@ class SellRecordController extends Controller
|
||||
*
|
||||
* @return \Symfony\Component\Form\Form The form
|
||||
*/
|
||||
private function createDeleteForm(SellRecord $sellRecord)
|
||||
{
|
||||
private function createDeleteForm( SellRecord $sellRecord ) {
|
||||
return $this->createFormBuilder()
|
||||
->setAction($this->generateUrl('sellrecord_delete', array('date' => $sellRecord->getDate())))
|
||||
->setAction( $this->generateUrl( 'sellrecord_delete', [ 'date' => $sellRecord->getDate() ] ) )
|
||||
->setMethod( 'DELETE' )
|
||||
->getForm()
|
||||
;
|
||||
->getForm();
|
||||
}
|
||||
}
|
||||
|
@ -34,6 +34,21 @@ class ProductCategory {
|
||||
return $this->getName() . ' (' . count( $this->getProducts() ) . ' produits)';
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $userId
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function hasUser( $userId ) {
|
||||
foreach ( $this->getUsers() as $user ) {
|
||||
if ( $user->getId() === $userId ) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return mixed
|
||||
*/
|
||||
|
Loading…
Reference in New Issue
Block a user