restreinte des index si on est pas ROLE_ADMIN
This commit is contained in:
Tykayn
tykayn
parent
b79fc2ac9f
commit
20611e96c2
|
|
@ -63,7 +63,7 @@
|
|||
.horizontal-land {
|
||||
overflow-x: auto;
|
||||
overflow-y: hidden;
|
||||
//width: 100%;
|
||||
width: 100%;
|
||||
height: 75vh;
|
||||
background: #ccc;
|
||||
padding: 0.5rem;
|
||||
|
|
|
|||
|
|
@ -53,3 +53,7 @@ form {
|
|||
.btn-remove-all {
|
||||
color: white;
|
||||
}
|
||||
|
||||
.btn-create {
|
||||
min-width: 10rem;
|
||||
}
|
||||
|
|
@ -730,17 +730,7 @@ progress {
|
|||
}
|
||||
}
|
||||
|
||||
@media (min-width: 1400px) {
|
||||
|
||||
.container-xxl,
|
||||
.container-xl,
|
||||
.container-lg,
|
||||
.container-md,
|
||||
.container-sm,
|
||||
.container {
|
||||
max-width: 1320px;
|
||||
}
|
||||
}
|
||||
@media (min-width: 1400px) {}
|
||||
|
||||
.row {
|
||||
--bs-gutter-x: 1.5rem;
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ body {
|
|||
|
||||
.main-container-box {
|
||||
padding-left: 5rem;
|
||||
padding-bottom: 10rem;
|
||||
}
|
||||
|
||||
#wrapper {
|
||||
|
|
|
|||
|
|
@ -17,8 +17,18 @@ final class FestivalController extends AbstractController
|
|||
#[Route(name: 'app_festival_index', methods: ['GET'])]
|
||||
public function index(FestivalRepository $festivalRepository): Response
|
||||
{
|
||||
$userFound = $this->getUser();
|
||||
|
||||
if ($this->isGranted('ROLE_ADMIN')) {
|
||||
$festivals = $festivalRepository->findAll();
|
||||
} else {
|
||||
if (!$userFound) {
|
||||
throw $this->createAccessDeniedException('Vous devez être connecté pour voir les festivals.');
|
||||
}
|
||||
$festivals = $festivalRepository->findBy(['user' => $userFound]);
|
||||
}
|
||||
return $this->render('festival/index.html.twig', [
|
||||
'festivals' => $festivalRepository->findAll(),
|
||||
'festivals' => $festivals,
|
||||
]);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,8 +17,20 @@ final class GroupOfProductsController extends AbstractController
|
|||
#[Route(name: 'app_group_of_products_index', methods: ['GET'])]
|
||||
public function index(GroupOfProductsRepository $groupOfProductsRepository): Response
|
||||
{
|
||||
$userFound = $this->getUser();
|
||||
$userFound = $this->getUser();
|
||||
|
||||
if ($this->isGranted('ROLE_ADMIN')) {
|
||||
$groupOfProducts = $groupOfProductsRepository->findAll();
|
||||
} else {
|
||||
if (!$userFound) {
|
||||
throw $this->createAccessDeniedException('Vous devez être connecté pour voir les groupes de produits.');
|
||||
}
|
||||
$groupOfProducts = $groupOfProductsRepository->findBy(['user' => $userFound]);
|
||||
}
|
||||
|
||||
return $this->render('group_of_products/index.html.twig', [
|
||||
'group_of_products' => $groupOfProductsRepository->findAll(),
|
||||
'group_of_products' => $groupOfProducts,
|
||||
]);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,8 +17,18 @@ final class ProductController extends AbstractController
|
|||
#[Route(name: 'app_product_index', methods: ['GET'])]
|
||||
public function index(ProductRepository $productRepository): Response
|
||||
{
|
||||
$userFound = $this->getUser();
|
||||
|
||||
if ($this->isGranted('ROLE_ADMIN')) {
|
||||
$products = $productRepository->findAll();
|
||||
} else {
|
||||
if (!$userFound) {
|
||||
throw $this->createAccessDeniedException('Vous devez être connecté pour voir les produits.');
|
||||
}
|
||||
$products = $productRepository->findBy(['user' => $userFound]);
|
||||
}
|
||||
return $this->render('product/index.html.twig', [
|
||||
'products' => $productRepository->findAll(),
|
||||
'products' => $products,
|
||||
]);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -61,7 +61,10 @@ final class SellingController extends AbstractController
|
|||
public function edit(Request $request, Selling $selling, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
$userFound = $this->getUser();
|
||||
if (!$userFound || $selling->getUser() !== $userFound) {
|
||||
if (!$userFound || !$this->isGranted('ROLE_ADMIN')) {
|
||||
throw $this->createAccessDeniedException('Vous devez être administrateur pour modifier une vente.');
|
||||
}
|
||||
elseif (!$userFound || $selling->getUser() !== $userFound) {
|
||||
throw $this->createAccessDeniedException('Vous n\'êtes pas autorisé à modifier cette vente.');
|
||||
}
|
||||
|
||||
|
|
@ -83,6 +86,10 @@ final class SellingController extends AbstractController
|
|||
#[Route('/{id}', name: 'app_selling_delete', methods: ['POST'])]
|
||||
public function delete(Request $request, Selling $selling, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
|
||||
if (!$this->isGranted('ROLE_ADMIN')) {
|
||||
throw $this->createAccessDeniedException('Vous devez être administrateur pour supprimer une vente.');
|
||||
}
|
||||
if ($this->isCsrfTokenValid('delete'.$selling->getId(), $request->getPayload()->getString('_token'))) {
|
||||
$entityManager->remove($selling);
|
||||
$entityManager->flush();
|
||||
|
|
|
|||
|
|
@ -3,8 +3,9 @@
|
|||
{% block title %}Expense index{% endblock %}
|
||||
|
||||
{% block body %}
|
||||
<h1>Expense index</h1>
|
||||
<h1>Index des dépenses</h1>
|
||||
|
||||
<a href="{{ path('app_expense_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
<table class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
|
|
@ -33,5 +34,5 @@
|
|||
</tbody>
|
||||
</table>
|
||||
|
||||
<a href="{{ path('app_expense_new') }}">Create new</a>
|
||||
<a href="{{ path('app_expense_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
{% block title %}Festival index{% endblock %}
|
||||
|
||||
{% block body %}
|
||||
<h1>Festival index</h1>
|
||||
<h1>Index des Festivals</h1>
|
||||
|
||||
<table class="table">
|
||||
<thead>
|
||||
|
|
@ -56,5 +56,5 @@
|
|||
</tbody>
|
||||
</table>
|
||||
|
||||
<a href="{{ path('app_festival_new') }}">Create new</a>
|
||||
<a href="{{ path('app_festival_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -3,8 +3,9 @@
|
|||
{% block title %}GroupOfProducts index{% endblock %}
|
||||
|
||||
{% block body %}
|
||||
<h1>GroupOfProducts index</h1>
|
||||
<h1>Index des groupes de produits (ou catégories)</h1>
|
||||
|
||||
<a href="{{ path('app_group_of_products_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
<table class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
|
|
@ -31,5 +32,5 @@
|
|||
</tbody>
|
||||
</table>
|
||||
|
||||
<a href="{{ path('app_group_of_products_new') }}">Create new</a>
|
||||
<a href="{{ path('app_group_of_products_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -132,9 +132,15 @@
|
|||
{{ vente.sum }}
|
||||
</td>
|
||||
<td>
|
||||
<a href="{{ path('app_selling_delete',{id: vente.id }) }}"
|
||||
class="btn btn-warning pull-right">
|
||||
<i class="fa fa-trash"></i>
|
||||
{% if is_granted('ROLE_ADMIN') %}
|
||||
<a href="{{ path('app_selling_delete',{id: vente.id }) }}"
|
||||
class="btn btn-warning pull-right">
|
||||
<i class="fa fa-trash"></i>
|
||||
</a>
|
||||
{% endif %}
|
||||
<a href="{{ path('app_selling_show', {id: vente.id}) }}"
|
||||
class="btn btn-primary pull-right">
|
||||
<i class="fa fa-eye"></i>
|
||||
</a>
|
||||
</td>
|
||||
</tr> {% endfor %}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,8 @@
|
|||
{% block body %}
|
||||
|
||||
|
||||
<h1>Product index</h1>
|
||||
<h1>Index des produits</h1>
|
||||
<a href="{{ path('app_product_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
|
||||
<table class="table">
|
||||
<thead>
|
||||
|
|
@ -47,5 +48,5 @@
|
|||
</tbody>
|
||||
</table>
|
||||
|
||||
<a href="{{ path('app_product_new') }}">Create new</a>
|
||||
<a href="{{ path('app_product_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -35,5 +35,5 @@
|
|||
</tbody>
|
||||
</table>
|
||||
|
||||
<a href="{{ path('app_selling_new') }}">Create new</a>
|
||||
<a href="{{ path('app_selling_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -17,18 +17,56 @@
|
|||
</tr>
|
||||
<tr>
|
||||
<th>Sum</th>
|
||||
<td>{{ selling.sum }}</td>
|
||||
<td>{{ selling.sum }} €</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Reduction</th>
|
||||
<td>{{ selling.reduction }}</td>
|
||||
<td>{{ selling.reduction }} €</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Date</th>
|
||||
<td>{{ selling.date ? selling.date|date('Y-m-d H:i:s') : '' }}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Comment</th>
|
||||
<td>{{ selling.note }}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Festival</th>
|
||||
<td>
|
||||
{% if selling.festival %}
|
||||
<a href="{{ path('app_festival_show', {'id': selling.festival.id}) }}">
|
||||
{{ selling.festival.name }},
|
||||
{{ selling.festival.dateStart|date('d/m/Y') }} - {{ selling.festival.dateEnd|date('d/m/Y') }}
|
||||
</a>
|
||||
{% else %}
|
||||
Aucun festival associé
|
||||
{% endif %}
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Products</th>
|
||||
<td>
|
||||
<ul>
|
||||
{% for product in selling.products %}
|
||||
<li>
|
||||
<a href="{{ path('app_product_show', {'id': product.id}) }}">
|
||||
{{ product.name }}
|
||||
</a>
|
||||
</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<a href="{{ path('app_selling_index') }}">back to list</a>
|
||||
<a class="btn btn-default" href="{{ path('app_selling_index') }}">back to list</a>
|
||||
|
||||
<a href="{{ path('app_selling_edit', {'id': selling.id}) }}">edit</a>
|
||||
<a class="btn btn-primary" href="{{ path('app_selling_edit', {'id': selling.id}) }}">edit</a>
|
||||
|
||||
{% if is_granted('ROLE_ADMIN') %}
|
||||
{{ include('selling/_delete_form.html.twig') }}
|
||||
{% endif %}
|
||||
|
||||
{{ include('selling/_delete_form.html.twig') }}
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -35,5 +35,5 @@
|
|||
</tbody>
|
||||
</table>
|
||||
|
||||
<a href="{{ path('app_serie_festival_new') }}">Create new</a>
|
||||
<a href="{{ path('app_serie_festival_new') }}"class="btn btn-primary btn-create" >Créer</a>
|
||||
{% endblock %}
|
||||
|
|
|
|||
Loading…
Reference in New Issue