Séparation des routes en fonction des droits des utilisateurs pour question 16
This commit is contained in:
parent
7e6a8e51f4
commit
cc57aa9b3f
|
@ -0,0 +1,17 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project version="4">
|
||||
<component name="DataSourceManagerImpl" format="xml" multifile-model="true">
|
||||
<data-source source="LOCAL" name="data" uuid="2009cfca-b65a-4260-817e-545a8421e084">
|
||||
<driver-ref>sqlite.xerial</driver-ref>
|
||||
<synchronize>true</synchronize>
|
||||
<jdbc-driver>org.sqlite.JDBC</jdbc-driver>
|
||||
<jdbc-url>jdbc:sqlite:\\wsl$\Ubuntu\home\ziani\ProjetCC\dev\cc34\var\data.db</jdbc-url>
|
||||
<working-dir>$ProjectFileDir$</working-dir>
|
||||
<libraries>
|
||||
<library>
|
||||
<url>file://$APPLICATION_CONFIG_DIR$/jdbc-drivers/Xerial SQLiteJDBC/3.39.2/sqlite-jdbc-3.39.2.jar</url>
|
||||
</library>
|
||||
</libraries>
|
||||
</data-source>
|
||||
</component>
|
||||
</project>
|
|
@ -99,3 +99,9 @@ symfony console doctrine:fixtures:load
|
|||
```bash
|
||||
symfony console doctrine:fixtures:load
|
||||
```
|
||||
|
||||
### Question 16
|
||||
```bash
|
||||
symfony console make:controller InstructeurController
|
||||
symfony console make:controller ApprentiController
|
||||
```
|
|
@ -0,0 +1,45 @@
|
|||
<?php
|
||||
|
||||
namespace App\Controller;
|
||||
|
||||
use App\Entity\Atelier;
|
||||
use App\Repository\AtelierRepository;
|
||||
use App\Services\MarkdownAtelier;
|
||||
use Doctrine\Persistence\ManagerRegistry;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Routing\Annotation\Route;
|
||||
|
||||
#[IsGranted('ROLE_APPRENTI')]
|
||||
#[Route('/apprenti')]
|
||||
class ApprentiController extends AbstractController
|
||||
{
|
||||
#[Route('/atelier/{id}/inscrire', name: 'app_atelier_inscription', methods: ['POST'])]
|
||||
public function inscription(Request $request, Atelier $atelier, ManagerRegistry $doctrine): Response
|
||||
{
|
||||
$entityManager = $doctrine->getManager();
|
||||
$atelier->addEleve($this->getUser());
|
||||
$entityManager->flush();
|
||||
return $this->redirectToRoute('app_atelier_show', ["id"=>$atelier->getId()], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
|
||||
#[Route('/atelier/{id}/desinscrire', name: 'app_atelier_desinscrire', methods: ['POST'])]
|
||||
public function desinscrire(Request $request, Atelier $atelier, ManagerRegistry $doctrine): Response
|
||||
{
|
||||
$entityManager = $doctrine->getManager();
|
||||
$atelier->removeEleve($this->getUser());
|
||||
$entityManager->flush();
|
||||
return $this->redirectToRoute('app_atelier_show', ["id"=>$atelier->getId()], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
|
||||
#[Route('/', name: 'app_atelier_inscrit', methods: ['GET'])]
|
||||
public function index_inscrit(AtelierRepository $atelierRepository, MarkdownAtelier $markdown): Response
|
||||
{
|
||||
$ateliers = $this->getUser()->getFormationsSuivies()->toArray();
|
||||
return $this->render('atelier/index_inscrit.html.twig', [
|
||||
'ateliers' => $markdown->parseArray($ateliers),
|
||||
]);
|
||||
}
|
||||
}
|
|
@ -24,47 +24,6 @@ class AtelierController extends AbstractController
|
|||
]);
|
||||
}
|
||||
|
||||
#[IsGranted('ROLE_INSTRUCTEUR')]
|
||||
#[Route('/byme', name: 'app_atelier_by_me', methods: ['GET'])]
|
||||
public function index_created_by_user(AtelierRepository $atelierRepository, MarkdownAtelier $markdown): Response
|
||||
{
|
||||
$ateliers = $atelierRepository->findBy(['instructeur' => $this->getUser()]);
|
||||
return $this->render('atelier/index.html.twig', [
|
||||
'ateliers' => $markdown->parseArray($ateliers),
|
||||
]);
|
||||
}
|
||||
|
||||
#[IsGranted('ROLE_APPRENTI')]
|
||||
#[Route('/inscrit', name: 'app_atelier_inscrit', methods: ['GET'])]
|
||||
public function index_inscrit(AtelierRepository $atelierRepository, MarkdownAtelier $markdown): Response
|
||||
{
|
||||
$ateliers = $this->getUser()->getFormationsSuivies()->toArray();
|
||||
return $this->render('atelier/index_inscrit.html.twig', [
|
||||
'ateliers' => $markdown->parseArray($ateliers),
|
||||
]);
|
||||
}
|
||||
|
||||
#[IsGranted('ROLE_INSTRUCTEUR')]
|
||||
#[Route('/new', name: 'app_atelier_new', methods: ['GET', 'POST'])]
|
||||
public function new(Request $request, AtelierRepository $atelierRepository): Response
|
||||
{
|
||||
$atelier = new Atelier();
|
||||
$atelier->setInstructeur($this->getUser());
|
||||
$form = $this->createForm(AtelierType::class, $atelier);
|
||||
$form->handleRequest($request);
|
||||
|
||||
if ($form->isSubmitted() && $form->isValid()) {
|
||||
$atelierRepository->save($atelier, true);
|
||||
|
||||
return $this->redirectToRoute('app_atelier_index', [], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
|
||||
return $this->renderForm('atelier/new.html.twig', [
|
||||
'atelier' => $atelier,
|
||||
'form' => $form,
|
||||
]);
|
||||
}
|
||||
|
||||
#[Route('/{id}', name: 'app_atelier_show', methods: ['GET'])]
|
||||
public function show(Atelier $atelier, MarkdownAtelier $markdownAtelier): Response
|
||||
{
|
||||
|
@ -73,61 +32,4 @@ class AtelierController extends AbstractController
|
|||
'inscrit' => $atelier->getEleves()->contains($this->getUser()),
|
||||
]);
|
||||
}
|
||||
|
||||
#[IsGranted('ROLE_INSTRUCTEUR')]
|
||||
#[Route('/{id}/edit', name: 'app_atelier_edit', methods: ['GET', 'POST'])]
|
||||
public function edit(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
|
||||
{
|
||||
if ($atelier->getInstructeur() !== $this->getUser()) {
|
||||
return $this->render("error.html.twig", [], new Response(null, Response::HTTP_FORBIDDEN));
|
||||
}
|
||||
|
||||
$form = $this->createForm(AtelierType::class, $atelier);
|
||||
$form->handleRequest($request);
|
||||
|
||||
if ($form->isSubmitted() && $form->isValid()) {
|
||||
$atelierRepository->save($atelier, true);
|
||||
|
||||
return $this->redirectToRoute('app_atelier_index', [], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
|
||||
return $this->renderForm('atelier/edit.html.twig', [
|
||||
'atelier' => $atelier,
|
||||
'form' => $form,
|
||||
]);
|
||||
}
|
||||
|
||||
#[IsGranted('ROLE_INSTRUCTEUR')]
|
||||
#[Route('/{id}', name: 'app_atelier_delete', methods: ['POST'])]
|
||||
public function delete(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
|
||||
{
|
||||
if ($atelier->getInstructeur() !== $this->getUser()) {
|
||||
return $this->render("error.html.twig", [], new Response(null, Response::HTTP_FORBIDDEN));
|
||||
}
|
||||
|
||||
if ($this->isCsrfTokenValid('delete' . $atelier->getId(), $request->request->get('_token'))) {
|
||||
$atelierRepository->remove($atelier, true);
|
||||
}
|
||||
|
||||
return $this->redirectToRoute('app_atelier_index', [], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
|
||||
#[IsGranted('ROLE_APPRENTI')]
|
||||
#[Route('/{id}/inscrire', name: 'app_atelier_inscription', methods: ['POST'])]
|
||||
public function inscription(Request $request, Atelier $atelier, ManagerRegistry $doctrine): Response
|
||||
{
|
||||
$entityManager = $doctrine->getManager();
|
||||
$atelier->addEleve($this->getUser());
|
||||
$entityManager->flush();
|
||||
return $this->redirectToRoute('app_atelier_show', ["id"=>$atelier->getId()], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
#[IsGranted('ROLE_APPRENTI')]
|
||||
#[Route('/{id}/desinscrire', name: 'app_atelier_desinscrire', methods: ['POST'])]
|
||||
public function desinscrire(Request $request, Atelier $atelier, ManagerRegistry $doctrine): Response
|
||||
{
|
||||
$entityManager = $doctrine->getManager();
|
||||
$atelier->removeEleve($this->getUser());
|
||||
$entityManager->flush();
|
||||
return $this->redirectToRoute('app_atelier_show', ["id"=>$atelier->getId()], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,83 @@
|
|||
<?php
|
||||
|
||||
namespace App\Controller;
|
||||
|
||||
use App\Entity\Atelier;
|
||||
use App\Form\AtelierType;
|
||||
use App\Repository\AtelierRepository;
|
||||
use App\Services\MarkdownAtelier;
|
||||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Routing\Annotation\Route;
|
||||
|
||||
#[IsGranted('ROLE_INSTRUCTEUR')]
|
||||
#[Route('/instructeur')]
|
||||
class InstructeurController extends AbstractController
|
||||
{
|
||||
#[Route('/', name: 'app_atelier_by_me', methods: ['GET'])]
|
||||
public function index_created_by_user(AtelierRepository $atelierRepository, MarkdownAtelier $markdown): Response
|
||||
{
|
||||
$ateliers = $atelierRepository->findBy(['instructeur' => $this->getUser()]);
|
||||
return $this->render('atelier/index.html.twig', [
|
||||
'ateliers' => $markdown->parseArray($ateliers),
|
||||
]);
|
||||
}
|
||||
|
||||
#[Route('/atelier/new', name: 'app_atelier_new', methods: ['GET', 'POST'])]
|
||||
public function new(Request $request, AtelierRepository $atelierRepository): Response
|
||||
{
|
||||
$atelier = new Atelier();
|
||||
$atelier->setInstructeur($this->getUser());
|
||||
$form = $this->createForm(AtelierType::class, $atelier);
|
||||
$form->handleRequest($request);
|
||||
|
||||
if ($form->isSubmitted() && $form->isValid()) {
|
||||
$atelierRepository->save($atelier, true);
|
||||
|
||||
return $this->redirectToRoute('app_atelier_index', [], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
|
||||
return $this->renderForm('atelier/new.html.twig', [
|
||||
'atelier' => $atelier,
|
||||
'form' => $form,
|
||||
]);
|
||||
}
|
||||
|
||||
#[Route('/atelier/{id}/edit', name: 'app_atelier_edit', methods: ['GET', 'POST'])]
|
||||
public function edit(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
|
||||
{
|
||||
if ($atelier->getInstructeur() !== $this->getUser()) {
|
||||
return $this->render("error.html.twig", [], new Response(null, Response::HTTP_FORBIDDEN));
|
||||
}
|
||||
|
||||
$form = $this->createForm(AtelierType::class, $atelier);
|
||||
$form->handleRequest($request);
|
||||
|
||||
if ($form->isSubmitted() && $form->isValid()) {
|
||||
$atelierRepository->save($atelier, true);
|
||||
|
||||
return $this->redirectToRoute('app_atelier_index', [], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
|
||||
return $this->renderForm('atelier/edit.html.twig', [
|
||||
'atelier' => $atelier,
|
||||
'form' => $form,
|
||||
]);
|
||||
}
|
||||
|
||||
#[Route('/atelier/{id}', name: 'app_atelier_delete', methods: ['POST'])]
|
||||
public function delete(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
|
||||
{
|
||||
if ($atelier->getInstructeur() !== $this->getUser()) {
|
||||
return $this->render("error.html.twig", [], new Response(null, Response::HTTP_FORBIDDEN));
|
||||
}
|
||||
|
||||
if ($this->isCsrfTokenValid('delete' . $atelier->getId(), $request->request->get('_token'))) {
|
||||
$atelierRepository->remove($atelier, true);
|
||||
}
|
||||
|
||||
return $this->redirectToRoute('app_atelier_index', [], Response::HTTP_SEE_OTHER);
|
||||
}
|
||||
}
|
|
@ -14,7 +14,7 @@ use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
|
|||
use Symfony\Component\Routing\Annotation\Route;
|
||||
|
||||
#[IsGranted('ROLE_ADMINISTRATEUR')]
|
||||
#[Route('/user')]
|
||||
#[Route('/admin/user')]
|
||||
class UserController extends AbstractController
|
||||
{
|
||||
#[Route('/', name: 'app_user_index', methods: ['GET'])]
|
||||
|
|
Loading…
Reference in New Issue