tykayn
/
caisse-bliss
mirror of https://forge.chapril.org/tykayn/caisse-bliss.git
1
0
Fork 0
Code Issues Releases Activity

restreinte des index si on est pas ROLE_ADMIN

This commit is contained in:
Tykayn 2025-02-26 18:19:05 +01:00 committed by tykayn
parent b79fc2ac9f
commit 20611e96c2
16 changed files with 116 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
assets/styles/pages/_dashboard.scss
View File

@ -63,7 +63,7 @@
.horizontal-land { .horizontal-land {
overflow-x: auto; overflow-x: auto;
overflow-y: hidden; overflow-y: hidden;
//width: 100%; width: 100%;
height: 75vh; height: 75vh;
background: #ccc; background: #ccc;
padding: 0.5rem; padding: 0.5rem;

4
assets/styles/pages/_forms.scss
View File

@ -53,3 +53,7 @@ form {
.btn-remove-all { .btn-remove-all {
color: white; color: white;
} }
.btn-create {
min-width: 10rem;
}

12
assets/styles/pages/_portfolio.scss
View File

@ -730,17 +730,7 @@ progress {
} }
} }
@media (min-width: 1400px) { @media (min-width: 1400px) {}
.container-xxl,
.container-xl,
.container-lg,
.container-md,
.container-sm,
.container {
max-width: 1320px;
}
}
.row { .row {
--bs-gutter-x: 1.5rem; --bs-gutter-x: 1.5rem;

1
assets/styles/pages/global.scss
View File

@ -12,6 +12,7 @@ body {
.main-container-box { .main-container-box {
padding-left: 5rem; padding-left: 5rem;
padding-bottom: 10rem;
} }
#wrapper { #wrapper {

12
src/Controller/FestivalController.php
View File

@ -17,8 +17,18 @@ final class FestivalController extends AbstractController
#[Route(name: 'app_festival_index', methods: ['GET'])] #[Route(name: 'app_festival_index', methods: ['GET'])]
public function index(FestivalRepository $festivalRepository): Response public function index(FestivalRepository $festivalRepository): Response
{ {
$userFound = $this->getUser();
if ($this->isGranted('ROLE_ADMIN')) {
$festivals = $festivalRepository->findAll();
} else {
if (!$userFound) {
throw $this->createAccessDeniedException('Vous devez être connecté pour voir les festivals.');
}
$festivals = $festivalRepository->findBy(['user' => $userFound]);
}
return $this->render('festival/index.html.twig', [ return $this->render('festival/index.html.twig', [
'festivals' => $festivalRepository->findAll(), 'festivals' => $festivals,
]); ]);
} }

14
src/Controller/GroupOfProductsController.php
View File

@ -17,8 +17,20 @@ final class GroupOfProductsController extends AbstractController
#[Route(name: 'app_group_of_products_index', methods: ['GET'])] #[Route(name: 'app_group_of_products_index', methods: ['GET'])]
public function index(GroupOfProductsRepository $groupOfProductsRepository): Response public function index(GroupOfProductsRepository $groupOfProductsRepository): Response
{ {
$userFound = $this->getUser();
$userFound = $this->getUser();
if ($this->isGranted('ROLE_ADMIN')) {
$groupOfProducts = $groupOfProductsRepository->findAll();
} else {
if (!$userFound) {
throw $this->createAccessDeniedException('Vous devez être connecté pour voir les groupes de produits.');
}
$groupOfProducts = $groupOfProductsRepository->findBy(['user' => $userFound]);
}
return $this->render('group_of_products/index.html.twig', [ return $this->render('group_of_products/index.html.twig', [
'group_of_products' => $groupOfProductsRepository->findAll(), 'group_of_products' => $groupOfProducts,
]); ]);
} }

12
src/Controller/ProductController.php
View File

@ -17,8 +17,18 @@ final class ProductController extends AbstractController
#[Route(name: 'app_product_index', methods: ['GET'])] #[Route(name: 'app_product_index', methods: ['GET'])]
public function index(ProductRepository $productRepository): Response public function index(ProductRepository $productRepository): Response
{ {
$userFound = $this->getUser();
if ($this->isGranted('ROLE_ADMIN')) {
$products = $productRepository->findAll();
} else {
if (!$userFound) {
throw $this->createAccessDeniedException('Vous devez être connecté pour voir les produits.');
}
$products = $productRepository->findBy(['user' => $userFound]);
}
return $this->render('product/index.html.twig', [ return $this->render('product/index.html.twig', [
'products' => $productRepository->findAll(), 'products' => $products,
]); ]);
} }

9
src/Controller/SellingController.php
View File

@ -61,7 +61,10 @@ final class SellingController extends AbstractController
public function edit(Request $request, Selling $selling, EntityManagerInterface $entityManager): Response public function edit(Request $request, Selling $selling, EntityManagerInterface $entityManager): Response
{ {
$userFound = $this->getUser(); $userFound = $this->getUser();
if (!$userFound || $selling->getUser() !== $userFound) { if (!$userFound || !$this->isGranted('ROLE_ADMIN')) {
throw $this->createAccessDeniedException('Vous devez être administrateur pour modifier une vente.');
}
elseif (!$userFound || $selling->getUser() !== $userFound) {
throw $this->createAccessDeniedException('Vous n\'êtes pas autorisé à modifier cette vente.'); throw $this->createAccessDeniedException('Vous n\'êtes pas autorisé à modifier cette vente.');
} }
@ -83,6 +86,10 @@ final class SellingController extends AbstractController
#[Route('/{id}', name: 'app_selling_delete', methods: ['POST'])] #[Route('/{id}', name: 'app_selling_delete', methods: ['POST'])]
public function delete(Request $request, Selling $selling, EntityManagerInterface $entityManager): Response public function delete(Request $request, Selling $selling, EntityManagerInterface $entityManager): Response
{ {
if (!$this->isGranted('ROLE_ADMIN')) {
throw $this->createAccessDeniedException('Vous devez être administrateur pour supprimer une vente.');
}
if ($this->isCsrfTokenValid('delete'.$selling->getId(), $request->getPayload()->getString('_token'))) { if ($this->isCsrfTokenValid('delete'.$selling->getId(), $request->getPayload()->getString('_token'))) {
$entityManager->remove($selling); $entityManager->remove($selling);
$entityManager->flush(); $entityManager->flush();

5
templates/expense/index.html.twig
View File

@ -3,8 +3,9 @@
{% block title %}Expense index{% endblock %} {% block title %}Expense index{% endblock %}
{% block body %} {% block body %}
<h1>Expense index</h1> <h1>Index des dépenses</h1>
<a href="{{ path('app_expense_new') }}"class="btn btn-primary btn-create" >Créer</a>
<table class="table"> <table class="table">
<thead> <thead>
<tr> <tr>
@ -33,5 +34,5 @@
</tbody> </tbody>
</table> </table>
<a href="{{ path('app_expense_new') }}">Create new</a> <a href="{{ path('app_expense_new') }}"class="btn btn-primary btn-create" >Créer</a>
{% endblock %} {% endblock %}

4
templates/festival/index.html.twig
View File

@ -3,7 +3,7 @@
{% block title %}Festival index{% endblock %} {% block title %}Festival index{% endblock %}
{% block body %} {% block body %}
<h1>Festival index</h1> <h1>Index des Festivals</h1>
<table class="table"> <table class="table">
<thead> <thead>
@ -56,5 +56,5 @@
</tbody> </tbody>
</table> </table>
<a href="{{ path('app_festival_new') }}">Create new</a> <a href="{{ path('app_festival_new') }}"class="btn btn-primary btn-create" >Créer</a>
{% endblock %} {% endblock %}

5
templates/group_of_products/index.html.twig
View File

@ -3,8 +3,9 @@
{% block title %}GroupOfProducts index{% endblock %} {% block title %}GroupOfProducts index{% endblock %}
{% block body %} {% block body %}
<h1>GroupOfProducts index</h1> <h1>Index des groupes de produits (ou catégories)</h1>
<a href="{{ path('app_group_of_products_new') }}"class="btn btn-primary btn-create" >Créer</a>
<table class="table"> <table class="table">
<thead> <thead>
<tr> <tr>
@ -31,5 +32,5 @@
</tbody> </tbody>
</table> </table>
<a href="{{ path('app_group_of_products_new') }}">Create new</a> <a href="{{ path('app_group_of_products_new') }}"class="btn btn-primary btn-create" >Créer</a>
{% endblock %} {% endblock %}

6
templates/logged/history.html.twig
View File

@ -132,10 +132,16 @@
{{ vente.sum }} {{ vente.sum }}
</td> </td>
<td> <td>
{% if is_granted('ROLE_ADMIN') %}
<a href="{{ path('app_selling_delete',{id: vente.id }) }}" <a href="{{ path('app_selling_delete',{id: vente.id }) }}"
class="btn btn-warning pull-right"> class="btn btn-warning pull-right">
<i class="fa fa-trash"></i> <i class="fa fa-trash"></i>
</a> </a>
{% endif %}
<a href="{{ path('app_selling_show', {id: vente.id}) }}"
class="btn btn-primary pull-right">
<i class="fa fa-eye"></i>
</a>
</td> </td>
</tr> {% endfor %} </tr> {% endfor %}
</tbody> </tbody>

5
templates/product/index.html.twig
View File

@ -5,7 +5,8 @@
{% block body %} {% block body %}
<h1>Product index</h1> <h1>Index des produits</h1>
<a href="{{ path('app_product_new') }}"class="btn btn-primary btn-create" >Créer</a>
<table class="table"> <table class="table">
<thead> <thead>
@ -47,5 +48,5 @@
</tbody> </tbody>
</table> </table>
<a href="{{ path('app_product_new') }}">Create new</a> <a href="{{ path('app_product_new') }}"class="btn btn-primary btn-create" >Créer</a>
{% endblock %} {% endblock %}

2
templates/selling/index.html.twig
View File

@ -35,5 +35,5 @@
</tbody> </tbody>
</table> </table>
<a href="{{ path('app_selling_new') }}">Create new</a> <a href="{{ path('app_selling_new') }}"class="btn btn-primary btn-create" >Créer</a>
{% endblock %} {% endblock %}

46
templates/selling/show.html.twig
View File

@ -17,18 +17,56 @@
</tr> </tr>
<tr> <tr>
<th>Sum</th> <th>Sum</th>
<td>{{ selling.sum }}</td> <td>{{ selling.sum }}</td>
</tr> </tr>
<tr> <tr>
<th>Reduction</th> <th>Reduction</th>
<td>{{ selling.reduction }}</td> <td>{{ selling.reduction }} €</td>
</tr>
<tr>
<th>Date</th>
<td>{{ selling.date ? selling.date|date('Y-m-d H:i:s') : '' }}</td>
</tr>
<tr>
<th>Comment</th>
<td>{{ selling.note }}</td>
</tr>
<tr>
<th>Festival</th>
<td>
{% if selling.festival %}
<a href="{{ path('app_festival_show', {'id': selling.festival.id}) }}">
{{ selling.festival.name }},
{{ selling.festival.dateStart|date('d/m/Y') }} - {{ selling.festival.dateEnd|date('d/m/Y') }}
</a>
{% else %}
Aucun festival associé
{% endif %}
</td>
</tr>
<tr>
<th>Products</th>
<td>
<ul>
{% for product in selling.products %}
<li>
<a href="{{ path('app_product_show', {'id': product.id}) }}">
{{ product.name }}
</a>
</li>
{% endfor %}
</ul>
</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<a href="{{ path('app_selling_index') }}">back to list</a> <a class="btn btn-default" href="{{ path('app_selling_index') }}">back to list</a>
<a href="{{ path('app_selling_edit', {'id': selling.id}) }}">edit</a> <a class="btn btn-primary" href="{{ path('app_selling_edit', {'id': selling.id}) }}">edit</a>
{% if is_granted('ROLE_ADMIN') %}
{{ include('selling/_delete_form.html.twig') }} {{ include('selling/_delete_form.html.twig') }}
{% endif %}
{% endblock %} {% endblock %}

2
templates/serie_festival/index.html.twig
View File

@ -35,5 +35,5 @@
</tbody> </tbody>
</table> </table>
<a href="{{ path('app_serie_festival_new') }}">Create new</a> <a href="{{ path('app_serie_festival_new') }}"class="btn btn-primary btn-create" >Créer</a>
{% endblock %} {% endblock %}