2727namespace PrestaShopBundle \Controller \Admin ;
2828
2929use Product ;
30+ use PrestaShopBundle \Security \Annotation \AdminSecurity ;
3031use Symfony \Component \HttpFoundation \JsonResponse ;
3132use Symfony \Component \HttpFoundation \Request ;
3233
@@ -38,7 +39,9 @@ class AttributeController extends FrameworkBundleAdminController
3839 /**
3940 * get All Attributes as json.
4041 *
41- * @return string
42+ * @AdminSecurity("is_granted(['read'], 'ADMINPRODUCTS_')")
43+ *
44+ * @return JsonResponse
4245 */
4346 public function getAllAttributesAction ()
4447 {
@@ -79,9 +82,11 @@ public function getAllAttributesAction()
7982 /**
8083 * Attributes generator.
8184 *
85+ * @AdminSecurity("is_granted(['create', 'update'], 'ADMINPRODUCTS_')")
86+ *
8287 * @param Request $request The request
8388 *
84- * @return string
89+ * @return JsonResponse
8590 */
8691 public function attributesGeneratorAction (Request $ request )
8792 {
@@ -195,10 +200,12 @@ public function ensureProductHasDefaultCombination(Product $product, array $comb
195200 /**
196201 * Delete a product attribute.
197202 *
203+ * @AdminSecurity("is_granted(['delete'], 'ADMINPRODUCTS_')")
204+ *
198205 * @param int $idProduct The product ID
199206 * @param Request $request The request
200207 *
201- * @return string
208+ * @return JsonResponse
202209 */
203210 public function deleteAttributeAction ($ idProduct , Request $ request )
204211 {
@@ -230,10 +237,12 @@ public function deleteAttributeAction($idProduct, Request $request)
230237 /**
231238 * Delete all product attributes.
232239 *
240+ * @AdminSecurity("is_granted(['delete'], 'ADMINPRODUCTS_')")
241+ *
233242 * @param int $idProduct The product ID
234243 * @param Request $request The request
235244 *
236- * @return string
245+ * @return JsonResponse
237246 */
238247 public function deleteAllAttributeAction ($ idProduct , Request $ request )
239248 {
@@ -268,10 +277,12 @@ public function deleteAllAttributeAction($idProduct, Request $request)
268277 /**
269278 * get the images form for a product combinations.
270279 *
280+ * @AdminSecurity("is_granted(['read'], 'ADMINPRODUCTS_')")
281+ *
271282 * @param int $idProduct The product id
272283 * @param Request $request The request
273284 *
274- * @return string Json
285+ * @return JsonResponse
275286 */
276287 public function getFormImagesAction ($ idProduct , Request $ request )
277288 {
0 commit comments