Skip to content

Commit

Permalink
Use denyAccessUnlessGranted method
Browse files Browse the repository at this point in the history
  • Loading branch information
@emodric
emodric committed Jan 30, 2017
1 parent 26f137a commit 8ebed08
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 84 deletions.
7 changes: 1 addition & 6 deletions Controller/Admin/RelatedContentController.php
View file
Expand Up @@ -5,7 +5,6 @@
use Netgen\TagsBundle\API\Repository\Values\Tags\Tag;
use Pagerfanta\Adapter\AdapterInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;

class RelatedContentController extends Controller
{
Expand Down Expand Up @@ -45,15 +44,11 @@ public function setPagerLimit($pagerLimit)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $tag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function relatedContentAction(Request $request, Tag $tag)
{
if (!$this->isGranted('ez:tags:read')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:read');

$currentPage = (int)$request->query->get('page');
$pager = $this->createPager($this->adapter, $currentPage, $this->pagerLimit, $tag);
Expand Down
13 changes: 2 additions & 11 deletions Controller/Admin/SynonymController.php
View file
Expand Up @@ -6,7 +6,6 @@
use Netgen\TagsBundle\Form\Type\LanguageSelectType;
use Netgen\TagsBundle\Form\Type\SynonymCreateType;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Translation\TranslatorInterface;

class SynonymController extends Controller
Expand Down Expand Up @@ -40,15 +39,11 @@ public function __construct(TagsService $tagsService, TranslatorInterface $trans
* @param \Symfony\Component\HttpFoundation\Request $request
* @param int|string $mainTagId
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
*/
public function addSynonymSelectAction(Request $request, $mainTagId)
{
if (!$this->isGranted('ez:tags:addsynonym')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:addsynonym');

$form = $this->createForm(
LanguageSelectType::class,
Expand Down Expand Up @@ -86,15 +81,11 @@ public function addSynonymSelectAction(Request $request, $mainTagId)
* @param int|string $mainTagId
* @param string $languageCode
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function addSynonymAction(Request $request, $mainTagId, $languageCode)
{
if (!$this->isGranted('ez:tags:addsynonym')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:addsynonym');

$synonymCreateStruct = $this->tagsService->newSynonymCreateStruct($mainTagId, $languageCode);

Expand Down
73 changes: 12 additions & 61 deletions Controller/Admin/TagController.php
View file
Expand Up @@ -20,7 +20,6 @@
use Symfony\Component\HttpFoundation\Request;
use eZ\Publish\API\Repository\Values\Content\Query;
use eZ\Publish\API\Repository\Values\Content\Query\Criterion;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Translation\TranslatorInterface;

class TagController extends Controller
Expand Down Expand Up @@ -79,15 +78,11 @@ public function __construct(
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $tag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function showTagAction(Request $request, Tag $tag = null)
{
if (!$this->isGranted('ez:tags:read')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:read');

$data = array();

Expand Down Expand Up @@ -132,15 +127,11 @@ public function showTagAction(Request $request, Tag $tag = null)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $parentTag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
*/
public function addTagSelectAction(Request $request, Tag $parentTag = null)
{
if (!$this->isGranted('ez:tags:add', $parentTag)) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:add', $parentTag);

$form = $this->createForm(
LanguageSelectType::class,
Expand Down Expand Up @@ -178,15 +169,11 @@ public function addTagSelectAction(Request $request, Tag $parentTag = null)
* @param string $languageCode
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $parentTag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
*/
public function addTagAction(Request $request, $languageCode, Tag $parentTag = null)
{
if (!$this->isGranted('ez:tags:add', $parentTag)) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:add', $parentTag);

$tagCreateStruct = $this->tagsService->newTagCreateStruct(
$parentTag ? $parentTag->id : 0,
Expand Down Expand Up @@ -227,15 +214,11 @@ public function addTagAction(Request $request, $languageCode, Tag $parentTag = n
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $tag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
*/
public function updateTagSelectAction(Request $request, Tag $tag)
{
if (!$this->isGranted('ez:tags:edit' . ($tag->isSynonym() ? 'synonym' : ''))) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:edit' . ($tag->isSynonym() ? 'synonym' : ''));

$form = $this->createForm(
LanguageSelectType::class,
Expand Down Expand Up @@ -275,15 +258,11 @@ public function updateTagSelectAction(Request $request, Tag $tag)
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $tag
* @param string $languageCode
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function updateTagAction(Request $request, Tag $tag, $languageCode)
{
if (!$this->isGranted('ez:tags:edit' . ($tag->isSynonym() ? 'synonym' : ''))) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:edit' . ($tag->isSynonym() ? 'synonym' : ''));

$tagUpdateStruct = $this->tagsService->newTagUpdateStruct();
$tagUpdateStruct->remoteId = $tag->remoteId;
Expand Down Expand Up @@ -330,15 +309,11 @@ public function updateTagAction(Request $request, Tag $tag, $languageCode)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $tag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
*/
public function deleteTagAction(Request $request, Tag $tag)
{
if (!$this->isGranted('ez:tags:delete' . ($tag->isSynonym() ? 'synonym' : ''))) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:delete' . ($tag->isSynonym() ? 'synonym' : ''));

if ($request->request->has('DeleteTagButton')) {
if (!$this->isCsrfTokenValid('eztags_admin', $request->request->get('_csrf_token'))) {
Expand Down Expand Up @@ -370,15 +345,11 @@ public function deleteTagAction(Request $request, Tag $tag)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $tag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
*/
public function mergeTagAction(Request $request, Tag $tag)
{
if (!$this->isGranted('ez:tags:merge')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:merge');

$form = $this->createForm(
TagMergeType::class,
Expand Down Expand Up @@ -425,15 +396,11 @@ public function mergeTagAction(Request $request, Tag $tag)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $tag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
*/
public function convertToSynonymAction(Request $request, Tag $tag)
{
if (!$this->isGranted('ez:tags:makesynonym')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:makesynonym');

$form = $this->createForm(
TagConvertType::class,
Expand Down Expand Up @@ -480,15 +447,11 @@ public function convertToSynonymAction(Request $request, Tag $tag)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $tag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
*/
public function translationAction(Request $request, Tag $tag)
{
if (!$this->isGranted('ez:tags:edit' . ($tag->isSynonym() ? 'synonym' : ''))) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:edit' . ($tag->isSynonym() ? 'synonym' : ''));

if (!$this->isCsrfTokenValid('eztags_admin', $request->request->get('_csrf_token'))) {
$this->addFlashMessage('errors', 'invalid_csrf_token');
Expand Down Expand Up @@ -608,15 +571,11 @@ public function childrenAction(Request $request, Tag $tag = null)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $parentTag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function moveTagsAction(Request $request, Tag $parentTag = null)
{
if (!$this->isGranted('ez:tags:edit')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:edit');

$tagIds = $request->request->has('Tags') ?
$request->request->get('Tags') :
Expand Down Expand Up @@ -678,15 +637,11 @@ public function moveTagsAction(Request $request, Tag $parentTag = null)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $parentTag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function copyTagsAction(Request $request, Tag $parentTag = null)
{
if (!$this->isGranted('ez:tags:read')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:read');

$tagIds = $request->request->has('Tags') ?
$request->request->get('Tags') :
Expand Down Expand Up @@ -748,15 +703,11 @@ public function copyTagsAction(Request $request, Tag $parentTag = null)
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \Netgen\TagsBundle\API\Repository\Values\Tags\Tag $parentTag
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function deleteTagsAction(Request $request, Tag $parentTag = null)
{
if (!$this->isGranted('ez:tags:delete')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:delete');

$tagIds = $request->request->has('Tags') ?
$request->request->get('Tags') :
Expand Down
7 changes: 1 addition & 6 deletions Controller/Admin/TreeController.php
View file
Expand Up @@ -5,7 +5,6 @@
use Netgen\TagsBundle\API\Repository\TagsService;
use Netgen\TagsBundle\API\Repository\Values\Tags\Tag;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Translation\TranslatorInterface;

Expand Down Expand Up @@ -83,15 +82,11 @@ public function __construct(
* @param int
* @param bool $isRoot
*
* @throws \Symfony\Component\Security\Core\Exception\AccessDeniedException
*
* @return \Symfony\Component\HttpFoundation\JsonResponse
*/
public function getChildrenAction(Tag $tag = null, $isRoot = false)
{
if (!$this->isGranted('ez:tags:read')) {
throw new AccessDeniedException();
}
$this->denyAccessUnlessGranted('ez:tags:read');

$result = array();

Expand Down

0 comments on commit 8ebed08

Please sign in to comment.