oss/wallabag
oss/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-08-01 17:38:38 +00:00
Code Wiki Activity

Add IsGranted to AnnotationRestController

Browse source
This commit is contained in:
Yassine Guedidi 2025-03-11 00:45:00 +01:00
parent e3dc63f739
commit f9676270f2
1 changed files with 7 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

17
src/Controller/Api/AnnotationRestController.php
View file

@ -4,6 +4,7 @@ namespace Wallabag\Controller\Api;
use Nelmio\ApiDocBundle\Annotation\Operation; use Nelmio\ApiDocBundle\Annotation\Operation;
use OpenApi\Annotations as OA; use OpenApi\Annotations as OA;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Routing\Annotation\Route;
@ -35,13 +36,12 @@ class AnnotationRestController extends WallabagRestController
* ) * )
* *
* @Route("/api/annotations/{entry}.{_format}", name="api_get_annotations", methods={"GET"}, defaults={"_format": "json"}) * @Route("/api/annotations/{entry}.{_format}", name="api_get_annotations", methods={"GET"}, defaults={"_format": "json"})
* @IsGranted("LIST_ANNOTATIONS", subject="entry")
* *
* @return Response * @return Response
*/ */
public function getAnnotationsAction(Entry $entry) public function getAnnotationsAction(Entry $entry)
{ {
$this->validateAuthentication();
return $this->forward('Wallabag\Controller\AnnotationController::getAnnotationsAction', [ return $this->forward('Wallabag\Controller\AnnotationController::getAnnotationsAction', [
'entry' => $entry, 'entry' => $entry,
]); ]);
@ -101,13 +101,12 @@ class AnnotationRestController extends WallabagRestController
* ) * )
* *
* @Route("/api/annotations/{entry}.{_format}", name="api_post_annotation", methods={"POST"}, defaults={"_format": "json"}) * @Route("/api/annotations/{entry}.{_format}", name="api_post_annotation", methods={"POST"}, defaults={"_format": "json"})
* @IsGranted("CREATE_ANNOTATIONS", subject="entry")
* *
* @return Response * @return Response
*/ */
public function postAnnotationAction(Request $request, Entry $entry) public function postAnnotationAction(Request $request, Entry $entry)
{ {
$this->validateAuthentication();
return $this->forward('Wallabag\Controller\AnnotationController::postAnnotationAction', [ return $this->forward('Wallabag\Controller\AnnotationController::postAnnotationAction', [
'request' => $request, 'request' => $request,
'entry' => $entry, 'entry' => $entry,
@ -137,13 +136,12 @@ class AnnotationRestController extends WallabagRestController
* ) * )
* *
* @Route("/api/annotations/{annotation}.{_format}", name="api_put_annotation", methods={"PUT"}, defaults={"_format": "json"}) * @Route("/api/annotations/{annotation}.{_format}", name="api_put_annotation", methods={"PUT"}, defaults={"_format": "json"})
* @IsGranted("EDIT", subject="annotation")
* *
* @return Response * @return Response
*/ */
public function putAnnotationAction(int $annotation, Request $request) public function putAnnotationAction(Annotation $annotation, Request $request)
{ {
$this->validateAuthentication();
return $this->forward('Wallabag\Controller\AnnotationController::putAnnotationAction', [ return $this->forward('Wallabag\Controller\AnnotationController::putAnnotationAction', [
'annotation' => $annotation, 'annotation' => $annotation,
'request' => $request, 'request' => $request,
@ -173,13 +171,12 @@ class AnnotationRestController extends WallabagRestController
* ) * )
* *
* @Route("/api/annotations/{annotation}.{_format}", name="api_delete_annotation", methods={"DELETE"}, defaults={"_format": "json"}) * @Route("/api/annotations/{annotation}.{_format}", name="api_delete_annotation", methods={"DELETE"}, defaults={"_format": "json"})
* @IsGranted("DELETE", subject="annotation")
* *
* @return Response * @return Response
*/ */
public function deleteAnnotationAction(int $annotation) public function deleteAnnotationAction(Annotation $annotation)
{ {
$this->validateAuthentication();
return $this->forward('Wallabag\Controller\AnnotationController::deleteAnnotationAction', [ return $this->forward('Wallabag\Controller\AnnotationController::deleteAnnotationAction', [
'annotation' => $annotation, 'annotation' => $annotation,
]); ]);