This commit is contained in:
Kayn Ty 2018-05-04 15:27:41 +00:00
commit 7efd697c83
5 changed files with 263 additions and 222 deletions

View File

@ -23,7 +23,7 @@ class FestivalController extends Controller {
public function indexAction() { public function indexAction() {
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$festivals = $em->getRepository( 'AppBundle:Festival' )->findByUser($this->getUser() ); $festivals = $em->getRepository( 'AppBundle:Festival' )->findByUser( $this->getUser() );
return $this->render( 'festival/index.html.twig', return $this->render( 'festival/index.html.twig',
[ [
@ -40,7 +40,7 @@ class FestivalController extends Controller {
public function newAction( Request $request ) { public function newAction( Request $request ) {
$festival = new Festival(); $festival = new Festival();
$festival->setUser( $this->getUser() ); $festival->setUser( $this->getUser() );
$festival->setDateCreation(new \DateTime()); $festival->setDateCreation( new \DateTime() );
$form = $this->createForm( 'AppBundle\Form\FestivalType', $festival ); $form = $this->createForm( 'AppBundle\Form\FestivalType', $festival );
$form->handleRequest( $request ); $form->handleRequest( $request );
@ -67,6 +67,10 @@ class FestivalController extends Controller {
*/ */
public function showAction( Festival $festival ) { public function showAction( Festival $festival ) {
$deleteForm = $this->createDeleteForm( $festival ); $deleteForm = $this->createDeleteForm( $festival );
if ( $festival->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
return $this->render( 'festival/show.html.twig', return $this->render( 'festival/show.html.twig',
[ [

View File

@ -3,9 +3,9 @@
namespace AppBundle\Controller; namespace AppBundle\Controller;
use AppBundle\Entity\ProductCategory; use AppBundle\Entity\ProductCategory;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
/** /**
@ -85,7 +85,12 @@ class ProductCategoryController extends Controller {
* @Method({"GET", "POST"}) * @Method({"GET", "POST"})
*/ */
public function editAction( Request $request, ProductCategory $productCategory ) { public function editAction( Request $request, ProductCategory $productCategory ) {
if ( ! $productCategory->hasUser( $this->getUser()->getId() ) ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$deleteForm = $this->createDeleteForm( $productCategory ); $deleteForm = $this->createDeleteForm( $productCategory );
$currentUser = $this->getUser();
$productCategory->setUsers( [ $currentUser ] ); $productCategory->setUsers( [ $currentUser ] );
$editForm = $this->createForm( 'AppBundle\Form\ProductCategoryType', $productCategory ); $editForm = $this->createForm( 'AppBundle\Form\ProductCategoryType', $productCategory );
$editForm->handleRequest( $request ); $editForm->handleRequest( $request );
@ -115,6 +120,9 @@ class ProductCategoryController extends Controller {
$form->handleRequest( $request ); $form->handleRequest( $request );
if ( $form->isSubmitted() && $form->isValid() ) { if ( $form->isSubmitted() && $form->isValid() ) {
if ( ! $productCategory->hasUser( $this->getUser()->getId() ) ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$em->remove( $productCategory ); $em->remove( $productCategory );
$em->flush(); $em->flush();

View File

@ -3,32 +3,32 @@
namespace AppBundle\Controller; namespace AppBundle\Controller;
use AppBundle\Entity\Product; use AppBundle\Entity\Product;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;use Symfony\Component\HttpFoundation\Request; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
/** /**
* Product controller. * Product controller.
* *
* @Route("product") * @Route("product")
*/ */
class ProductController extends Controller class ProductController extends Controller {
{
/** /**
* Lists all product entities. * Lists all product entities.
* *
* @Route("/", name="product_index") * @Route("/", name="product_index")
* @Method("GET") * @Method("GET")
*/ */
public function indexAction() public function indexAction() {
{
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$products = $em->getRepository('AppBundle:Product')->findByUser($this->getUser() ); $products = $em->getRepository( 'AppBundle:Product' )->findByUser( $this->getUser() );
return $this->render('product/index.html.twig', array( return $this->render( 'product/index.html.twig',
[
'products' => $products, 'products' => $products,
)); ] );
} }
/** /**
@ -37,25 +37,25 @@ class ProductController extends Controller
* @Route("/new", name="product_new") * @Route("/new", name="product_new")
* @Method({"GET", "POST"}) * @Method({"GET", "POST"})
*/ */
public function newAction(Request $request) public function newAction( Request $request ) {
{
$product = new Product(); $product = new Product();
$product->setUser($this->getUser()); $product->setUser( $this->getUser() );
$form = $this->createForm('AppBundle\Form\ProductType', $product); $form = $this->createForm( 'AppBundle\Form\ProductType', $product );
$form->handleRequest($request); $form->handleRequest( $request );
if ($form->isSubmitted() && $form->isValid()) { if ( $form->isSubmitted() && $form->isValid() ) {
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$em->persist($product); $em->persist( $product );
$em->flush(); $em->flush();
return $this->redirectToRoute('product_show', array('id' => $product->getId())); return $this->redirectToRoute( 'product_show', [ 'id' => $product->getId() ] );
} }
return $this->render('product/new.html.twig', array( return $this->render( 'product/new.html.twig',
[
'product' => $product, 'product' => $product,
'form' => $form->createView(), 'form' => $form->createView(),
)); ] );
} }
/** /**
@ -64,14 +64,18 @@ class ProductController extends Controller
* @Route("/{id}", name="product_show") * @Route("/{id}", name="product_show")
* @Method("GET") * @Method("GET")
*/ */
public function showAction(Product $product) public function showAction( Product $product ) {
{ $deleteForm = $this->createDeleteForm( $product );
$deleteForm = $this->createDeleteForm($product); if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {
return $this->render('product/show.html.twig', array( $this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
return $this->render( 'product/show.html.twig',
[
'product' => $product, 'product' => $product,
'delete_form' => $deleteForm->createView(), 'delete_form' => $deleteForm->createView(),
)); ] );
} }
/** /**
@ -80,23 +84,29 @@ class ProductController extends Controller
* @Route("/{id}/edit", name="product_edit") * @Route("/{id}/edit", name="product_edit")
* @Method({"GET", "POST"}) * @Method({"GET", "POST"})
*/ */
public function editAction(Request $request, Product $product) public function editAction( Request $request, Product $product ) {
{
$deleteForm = $this->createDeleteForm($product);
$editForm = $this->createForm('AppBundle\Form\ProductType', $product);
$editForm->handleRequest($request);
if ($editForm->isSubmitted() && $editForm->isValid()) { if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {
$this->getDoctrine()->getManager()->flush();
return $this->redirectToRoute('product_edit', array('id' => $product->getId())); $this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
} }
return $this->render('product/edit.html.twig', array( $deleteForm = $this->createDeleteForm( $product );
$editForm = $this->createForm( 'AppBundle\Form\ProductType', $product );
$editForm->handleRequest( $request );
if ( $editForm->isSubmitted() && $editForm->isValid() ) {
$this->getDoctrine()->getManager()->flush();
return $this->redirectToRoute( 'product_edit', [ 'id' => $product->getId() ] );
}
return $this->render( 'product/edit.html.twig',
[
'product' => $product, 'product' => $product,
'edit_form' => $editForm->createView(), 'edit_form' => $editForm->createView(),
'delete_form' => $deleteForm->createView(), 'delete_form' => $deleteForm->createView(),
)); ] );
} }
/** /**
@ -105,18 +115,21 @@ class ProductController extends Controller
* @Route("/{id}", name="product_delete") * @Route("/{id}", name="product_delete")
* @Method("DELETE") * @Method("DELETE")
*/ */
public function deleteAction(Request $request, Product $product) public function deleteAction( Request $request, Product $product ) {
{ $form = $this->createDeleteForm( $product );
$form = $this->createDeleteForm($product); $form->handleRequest( $request );
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) { if ( $form->isSubmitted() && $form->isValid() ) {
if ( $product->getUser()->getId() !== $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$em->remove($product); $em->remove( $product );
$em->flush(); $em->flush();
} }
return $this->redirectToRoute('product_index'); return $this->redirectToRoute( 'product_index' );
} }
/** /**
@ -126,12 +139,10 @@ class ProductController extends Controller
* *
* @return \Symfony\Component\Form\Form The form * @return \Symfony\Component\Form\Form The form
*/ */
private function createDeleteForm(Product $product) private function createDeleteForm( Product $product ) {
{
return $this->createFormBuilder() return $this->createFormBuilder()
->setAction($this->generateUrl('product_delete', array('id' => $product->getId()))) ->setAction( $this->generateUrl( 'product_delete', [ 'id' => $product->getId() ] ) )
->setMethod('DELETE') ->setMethod( 'DELETE' )
->getForm() ->getForm();
;
} }
} }

View File

@ -3,32 +3,32 @@
namespace AppBundle\Controller; namespace AppBundle\Controller;
use AppBundle\Entity\SellRecord; use AppBundle\Entity\SellRecord;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;use Symfony\Component\HttpFoundation\Request; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
/** /**
* Sellrecord controller. * Sellrecord controller.
* *
* @Route("sellrecord") * @Route("sellrecord")
*/ */
class SellRecordController extends Controller class SellRecordController extends Controller {
{
/** /**
* Lists all sellRecord entities. * Lists all sellRecord entities.
* *
* @Route("/", name="sellrecord_index") * @Route("/", name="sellrecord_index")
* @Method("GET") * @Method("GET")
*/ */
public function indexAction() public function indexAction() {
{
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$sellRecords = $em->getRepository('AppBundle:SellRecord')->findByUser($this->getUser() ); $sellRecords = $em->getRepository( 'AppBundle:SellRecord' )->findByUser( $this->getUser() );
return $this->render('sellrecord/index.html.twig', array( return $this->render( 'sellrecord/index.html.twig',
[
'sellRecords' => $sellRecords, 'sellRecords' => $sellRecords,
)); ] );
} }
/** /**
@ -37,25 +37,25 @@ class SellRecordController extends Controller
* @Route("/new", name="sellrecord_new") * @Route("/new", name="sellrecord_new")
* @Method({"GET", "POST"}) * @Method({"GET", "POST"})
*/ */
public function newAction(Request $request) public function newAction( Request $request ) {
{
$sellRecord = new Sellrecord(); $sellRecord = new Sellrecord();
$sellRecord->setUser($this->getUser()); $sellRecord->setUser( $this->getUser() );
$form = $this->createForm('AppBundle\Form\SellRecordType', $sellRecord); $form = $this->createForm( 'AppBundle\Form\SellRecordType', $sellRecord );
$form->handleRequest($request); $form->handleRequest( $request );
if ($form->isSubmitted() && $form->isValid()) { if ( $form->isSubmitted() && $form->isValid() ) {
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$em->persist($sellRecord); $em->persist( $sellRecord );
$em->flush(); $em->flush();
return $this->redirectToRoute('sellrecord_show', array('date' => $sellRecord->getDate())); return $this->redirectToRoute( 'sellrecord_show', [ 'date' => $sellRecord->getDate() ] );
} }
return $this->render('sellrecord/new.html.twig', array( return $this->render( 'sellrecord/new.html.twig',
[
'sellRecord' => $sellRecord, 'sellRecord' => $sellRecord,
'form' => $form->createView(), 'form' => $form->createView(),
)); ] );
} }
/** /**
@ -64,14 +64,17 @@ class SellRecordController extends Controller
* @Route("/{date}", name="sellrecord_show") * @Route("/{date}", name="sellrecord_show")
* @Method("GET") * @Method("GET")
*/ */
public function showAction(SellRecord $sellRecord) public function showAction( SellRecord $sellRecord ) {
{ $deleteForm = $this->createDeleteForm( $sellRecord );
$deleteForm = $this->createDeleteForm($sellRecord); if ( ! $sellRecord->getUser() == $this->getUser()->getId() ) {
$this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
}
return $this->render('sellrecord/show.html.twig', array( return $this->render( 'sellrecord/show.html.twig',
[
'sellRecord' => $sellRecord, 'sellRecord' => $sellRecord,
'delete_form' => $deleteForm->createView(), 'delete_form' => $deleteForm->createView(),
)); ] );
} }
/** /**
@ -80,23 +83,26 @@ class SellRecordController extends Controller
* @Route("/{date}/edit", name="sellrecord_edit") * @Route("/{date}/edit", name="sellrecord_edit")
* @Method({"GET", "POST"}) * @Method({"GET", "POST"})
*/ */
public function editAction(Request $request, SellRecord $sellRecord) public function editAction( Request $request, SellRecord $sellRecord ) {
{ if ( ! $sellRecord->getUser() == $this->getUser()->getId() ) {
$deleteForm = $this->createDeleteForm($sellRecord); $this->denyAccessUnlessGranted( 'ROLE_ADMIN' );
$editForm = $this->createForm('AppBundle\Form\SellRecordType', $sellRecord); }
$editForm->handleRequest($request); $deleteForm = $this->createDeleteForm( $sellRecord );
$editForm = $this->createForm( 'AppBundle\Form\SellRecordType', $sellRecord );
$editForm->handleRequest( $request );
if ($editForm->isSubmitted() && $editForm->isValid()) { if ( $editForm->isSubmitted() && $editForm->isValid() ) {
$this->getDoctrine()->getManager()->flush(); $this->getDoctrine()->getManager()->flush();
return $this->redirectToRoute('sellrecord_edit', array('date' => $sellRecord->getDate())); return $this->redirectToRoute( 'sellrecord_edit', [ 'date' => $sellRecord->getDate() ] );
} }
return $this->render('sellrecord/edit.html.twig', array( return $this->render( 'sellrecord/edit.html.twig',
[
'sellRecord' => $sellRecord, 'sellRecord' => $sellRecord,
'edit_form' => $editForm->createView(), 'edit_form' => $editForm->createView(),
'delete_form' => $deleteForm->createView(), 'delete_form' => $deleteForm->createView(),
)); ] );
} }
/** /**
@ -105,18 +111,17 @@ class SellRecordController extends Controller
* @Route("/{date}", name="sellrecord_delete") * @Route("/{date}", name="sellrecord_delete")
* @Method("DELETE") * @Method("DELETE")
*/ */
public function deleteAction(Request $request, SellRecord $sellRecord) public function deleteAction( Request $request, SellRecord $sellRecord ) {
{ $form = $this->createDeleteForm( $sellRecord );
$form = $this->createDeleteForm($sellRecord); $form->handleRequest( $request );
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) { if ( $form->isSubmitted() && $form->isValid() ) {
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$em->remove($sellRecord); $em->remove( $sellRecord );
$em->flush(); $em->flush();
} }
return $this->redirectToRoute('sellrecord_index'); return $this->redirectToRoute( 'sellrecord_index' );
} }
/** /**
@ -126,12 +131,10 @@ class SellRecordController extends Controller
* *
* @return \Symfony\Component\Form\Form The form * @return \Symfony\Component\Form\Form The form
*/ */
private function createDeleteForm(SellRecord $sellRecord) private function createDeleteForm( SellRecord $sellRecord ) {
{
return $this->createFormBuilder() return $this->createFormBuilder()
->setAction($this->generateUrl('sellrecord_delete', array('date' => $sellRecord->getDate()))) ->setAction( $this->generateUrl( 'sellrecord_delete', [ 'date' => $sellRecord->getDate() ] ) )
->setMethod('DELETE') ->setMethod( 'DELETE' )
->getForm() ->getForm();
;
} }
} }

View File

@ -34,6 +34,21 @@ class ProductCategory {
return $this->getName() . ' (' . count( $this->getProducts() ) . ' produits)'; return $this->getName() . ' (' . count( $this->getProducts() ) . ' produits)';
} }
/**
* @param $userId
*
* @return bool
*/
public function hasUser( $userId ) {
foreach ( $this->getUsers() as $user ) {
if ( $user->getId() === $userId ) {
return true;
}
}
return false;
}
/** /**
* @return mixed * @return mixed
*/ */