Use IsGranted in SiteCredentialController

2025-08-26 18:21:02 +00:00 · 2024-03-23 23:36:33 +01:00 · 2024-03-23 23:36:33 +01:00 · 247894209c
commit 247894209c
parent 96cb024cf5
8 changed files with 158 additions and 28 deletions
--- a/src/Controller/SiteCredentialController.php
+++ b/src/Controller/SiteCredentialController.php
@ -4,6 +4,7 @@ namespace Wallabag\Controller;

 use Craue\ConfigBundle\Util\Config;
 use Doctrine\ORM\EntityManagerInterface;
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Component\Form\Form;
 use Symfony\Component\Form\FormInterface;
 use Symfony\Component\HttpFoundation\RedirectResponse;
@ -41,6 +42,7 @@ class SiteCredentialController extends AbstractController
     * Lists all User entities.
     *
     * @Route("/", name="site_credentials_index", methods={"GET"})
+     * @IsGranted("LIST_SITE_CREDENTIALS")
     */
    public function indexAction(SiteCredentialRepository $repository)
    {
@ -57,6 +59,7 @@ class SiteCredentialController extends AbstractController
     * Creates a new site credential entity.
     *
     * @Route("/new", name="site_credentials_new", methods={"GET", "POST"})
+     * @IsGranted("CREATE_SITE_CREDENTIALS")
     *
     * @return Response
     */
@ -94,6 +97,7 @@ class SiteCredentialController extends AbstractController
     * Displays a form to edit an existing site credential entity.
     *
     * @Route("/{id}/edit", name="site_credentials_edit", methods={"GET", "POST"})
+     * @IsGranted("EDIT", subject="siteCredential")
     *
     * @return Response
     */
@ -101,8 +105,6 @@ class SiteCredentialController extends AbstractController
    {
        $this->isSiteCredentialsEnabled();

-        $this->checkUserAction($siteCredential);
-
        $deleteForm = $this->createDeleteForm($siteCredential);
        $editForm = $this->createForm(SiteCredentialType::class, $siteCredential);
        $editForm->handleRequest($request);
@ -133,6 +135,7 @@ class SiteCredentialController extends AbstractController
     * Deletes a site credential entity.
     *
     * @Route("/{id}", name="site_credentials_delete", methods={"DELETE"})
+     * @IsGranted("DELETE", subject="siteCredential")
     *
     * @return RedirectResponse
     */
@ -140,8 +143,6 @@ class SiteCredentialController extends AbstractController
    {
        $this->isSiteCredentialsEnabled();

-        $this->checkUserAction($siteCredential);
-
        $form = $this->createDeleteForm($siteCredential);
        $form->handleRequest($request);

@ -183,16 +184,4 @@ class SiteCredentialController extends AbstractController
            ->getForm()
        ;
    }
-
-    /**
-     * Check if the logged user can manage the given site credential.
-     *
-     * @param SiteCredential $siteCredential The site credential entity
-     */
-    private function checkUserAction(SiteCredential $siteCredential)
-    {
-        if (null === $this->getUser() || $this->getUser()->getId() !== $siteCredential->getUser()->getId()) {
-            throw $this->createAccessDeniedException('You can not access this site credential.');
-        }
-    }
 }