tykayn
/
caisse-bliss
mirror of https://forge.chapril.org/tykayn/caisse-bliss.git
1
0
Fork 0
Code Issues Releases Activity

separate things of user in forms

This commit is contained in:
Kayn Ty 2018-05-24 11:07:20 +02:00
parent 19144377fe
commit 3159adcdca
No known key found for this signature in database
GPG Key ID: 55B09AA0ED327CD3
4 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/AppBundle/Controller/FestivalController.php
View File

@ -21,9 +21,8 @@ class FestivalController extends Controller {
* @Method("GET") * @Method("GET")
*/ */
public function indexAction() { public function indexAction() {
$em = $this->getDoctrine()->getManager();
$festivals = $em->getRepository( 'AppBundle:Festival' )->findByUser( $this->getUser() ); $festivals = $this->getUser()->getFestivals();
return $this->render( 'festival/index.html.twig', return $this->render( 'festival/index.html.twig',
[ [

4
src/AppBundle/Controller/ProductCategoryController.php
View File

@ -21,7 +21,6 @@ class ProductCategoryController extends Controller {
* @Method("GET") * @Method("GET")
*/ */
public function indexAction() { public function indexAction() {
$em = $this->getDoctrine()->getManager();
$currentUser = $this->getUser(); $currentUser = $this->getUser();
$productCategories = $currentUser->getCategories(); $productCategories = $currentUser->getCategories();
@ -69,6 +68,9 @@ class ProductCategoryController extends Controller {
* @Method("GET") * @Method("GET")
*/ */
public function showAction( ProductCategory $productCategory ) { public function showAction( ProductCategory $productCategory ) {
if ( $productCategory->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$deleteForm = $this->createDeleteForm( $productCategory ); $deleteForm = $this->createDeleteForm( $productCategory );
return $this->render( 'productcategory/show.html.twig', return $this->render( 'productcategory/show.html.twig',

6
src/AppBundle/Controller/ProductController.php
View File

@ -21,9 +21,8 @@ class ProductController extends Controller {
* @Method("GET") * @Method("GET")
*/ */
public function indexAction() { public function indexAction() {
$em = $this->getDoctrine()->getManager();
$products = $em->getRepository( 'AppBundle:Product' )->findByUser( $this->getUser() ); $products = $this->getUser()->getProducts();
return $this->render( 'product/index.html.twig', return $this->render( 'product/index.html.twig',
[ [
@ -65,6 +64,9 @@ class ProductController extends Controller {
* @Method("GET") * @Method("GET")
*/ */
public function showAction( Product $product ) { public function showAction( Product $product ) {
if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$deleteForm = $this->createDeleteForm( $product ); $deleteForm = $this->createDeleteForm( $product );
if ( $product->getUser()->getId() !== $this->getUser()->getId() ) { if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {

6
src/AppBundle/Controller/SellRecordController.php
View File

@ -21,9 +21,8 @@ class SellRecordController extends Controller {
* @Method("GET") * @Method("GET")
*/ */
public function indexAction() { public function indexAction() {
$em = $this->getDoctrine()->getManager();
$sellRecords = $em->getRepository( 'AppBundle:SellRecord' )->findByUser( $this->getUser() ); $sellRecords = $this->getUser()->getProductsSold();
return $this->render( 'sellrecord/index.html.twig', return $this->render( 'sellrecord/index.html.twig',
[ [
@ -65,6 +64,9 @@ class SellRecordController extends Controller {
* @Method("GET") * @Method("GET")
*/ */
public function showAction( SellRecord $sellRecord ) { public function showAction( SellRecord $sellRecord ) {
if ( $sellRecord->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$deleteForm = $this->createDeleteForm( $sellRecord ); $deleteForm = $this->createDeleteForm( $sellRecord );
if ( ! $sellRecord->getUser() == $this->getUser()->getId() ) { if ( ! $sellRecord->getUser() == $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' ); $this->denyAccessUnlessGranted( 'ROLE_ADMIN' );