Ajout d'une contrainte qui empeche un instructeur de supprimer/modifier un atelier qu'il n'a pas crée pour la question 10
This commit is contained in:
parent
024bbc5d55
commit
2d049fb031
|
@ -133,9 +133,10 @@
|
||||||
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/exporter" />
|
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/exporter" />
|
||||||
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/code-unit-reverse-lookup" />
|
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/code-unit-reverse-lookup" />
|
||||||
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/webpack-encore-bundle" />
|
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/webpack-encore-bundle" />
|
||||||
<excludeFolder url="file://$MODULE_DIR$/vendor/fakerphp/faker" />
|
|
||||||
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/doctrine-fixtures-bundle" />
|
|
||||||
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/data-fixtures" />
|
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/data-fixtures" />
|
||||||
|
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/doctrine-fixtures-bundle" />
|
||||||
|
<excludeFolder url="file://$MODULE_DIR$/vendor/fakerphp/faker" />
|
||||||
|
<excludeFolder url="file://$MODULE_DIR$/vendor/cebe/markdown" />
|
||||||
</content>
|
</content>
|
||||||
<orderEntry type="inheritedJdk" />
|
<orderEntry type="inheritedJdk" />
|
||||||
<orderEntry type="sourceFolder" forTests="false" />
|
<orderEntry type="sourceFolder" forTests="false" />
|
||||||
|
|
|
@ -143,6 +143,7 @@
|
||||||
<path value="$PROJECT_DIR$/vendor/fakerphp/faker" />
|
<path value="$PROJECT_DIR$/vendor/fakerphp/faker" />
|
||||||
<path value="$PROJECT_DIR$/vendor/doctrine/doctrine-fixtures-bundle" />
|
<path value="$PROJECT_DIR$/vendor/doctrine/doctrine-fixtures-bundle" />
|
||||||
<path value="$PROJECT_DIR$/vendor/doctrine/data-fixtures" />
|
<path value="$PROJECT_DIR$/vendor/doctrine/data-fixtures" />
|
||||||
|
<path value="$PROJECT_DIR$/vendor/cebe/markdown" />
|
||||||
</include_path>
|
</include_path>
|
||||||
</component>
|
</component>
|
||||||
<component name="PhpProjectSharedConfiguration" php_language_level="8.1" />
|
<component name="PhpProjectSharedConfiguration" php_language_level="8.1" />
|
||||||
|
|
|
@ -56,6 +56,10 @@ class AtelierController extends AbstractController
|
||||||
#[Route('/{id}/edit', name: 'app_atelier_edit', methods: ['GET', 'POST'])]
|
#[Route('/{id}/edit', name: 'app_atelier_edit', methods: ['GET', 'POST'])]
|
||||||
public function edit(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
|
public function edit(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
|
||||||
{
|
{
|
||||||
|
if ($atelier->getInstructeur() !== $this->getUser()) {
|
||||||
|
return $this->render("error.html.twig", [], new Response(null, Response::HTTP_FORBIDDEN));
|
||||||
|
}
|
||||||
|
|
||||||
$form = $this->createForm(AtelierType::class, $atelier);
|
$form = $this->createForm(AtelierType::class, $atelier);
|
||||||
$form->handleRequest($request);
|
$form->handleRequest($request);
|
||||||
|
|
||||||
|
@ -75,6 +79,10 @@ class AtelierController extends AbstractController
|
||||||
#[Route('/{id}', name: 'app_atelier_delete', methods: ['POST'])]
|
#[Route('/{id}', name: 'app_atelier_delete', methods: ['POST'])]
|
||||||
public function delete(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
|
public function delete(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
|
||||||
{
|
{
|
||||||
|
if ($atelier->getInstructeur() !== $this->getUser()) {
|
||||||
|
return $this->render("error.html.twig", [], new Response(null, Response::HTTP_FORBIDDEN));
|
||||||
|
}
|
||||||
|
|
||||||
if ($this->isCsrfTokenValid('delete' . $atelier->getId(), $request->request->get('_token'))) {
|
if ($this->isCsrfTokenValid('delete' . $atelier->getId(), $request->request->get('_token'))) {
|
||||||
$atelierRepository->remove($atelier, true);
|
$atelierRepository->remove($atelier, true);
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
{% extends 'base.html.twig' %}
|
||||||
|
|
||||||
|
{% block title %}Hello PagesController!{% endblock %}
|
||||||
|
|
||||||
|
{% block body %}
|
||||||
|
<h1>Vous n'avez pas le droit de faire ceci !</h1>
|
||||||
|
{% endblock %}
|
Loading…
Reference in New Issue