nicolo/arcoa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Record deletion logic (maybe)

Browse Source
This commit is contained in:
Nicolò P.
2024-11-07 08:06:17 +01:00
parent 36185d0539
commit 3c2b804498
14 changed files with 197 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/Controller/BibliographyController.php
View File

@@ -6,19 +6,19 @@ use App\Entity\Bibliography;
use App\Entity\Collection;
use App\Entity\Collector;
use App\Form\BibliographyType;
//use App\Security\Voter\VocabVoter;
use App\Security\Voter\RecordVoter;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
//use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
class BibliographyController extends AbstractController
{
#[Route('/bibliography/{id<\d+>}', name: 'app_bibliography')]
public function index(Bibliography $bibliography, EntityManagerInterface $em): Response
{
$repo = $em->getRepository(Collection::class);
$collections = $repo->findAllByBibliography($bibliography->getId());
$repo = $em->getRepository(Collector::class);
@@ -71,15 +71,23 @@ class BibliographyController extends AbstractController
]);
}
/**
* @todo Permissions!
* @todo Permissions! Return JSON with 403 when AJAX
*/
#[Route('/bibliography/delete/{id<\d+>}', name: 'app_bibliography_del')]
public function delete(Bibliography $bibliography, EntityManagerInterface $em): Response
{
try {
$this->denyAccessUnlessGranted(RecordVoter::DELETE, $bibliography);
}
catch (AccessDeniedException) {
$this->addFlash('warning', 'You are not authorized to delete this record');
return $this->redirectToRoute('app_home');
}
$em->remove($bibliography);
$em->flush();
$this->addFlash('notice', 'Term deleted successfully');
$this->addFlash('notice', 'Record deleted successfully');
return $this->redirectToRoute('app_bibliography_landing');
}

21
src/Controller/CollectionController.php
View File

@@ -4,10 +4,12 @@ namespace App\Controller;
use App\Entity\Collection;
use App\Entity\Bibliography;
use App\Security\Voter\RecordVoter;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
class CollectionController extends AbstractController
{
@@ -40,4 +42,23 @@ class CollectionController extends AbstractController
'count' => $count,
]);
}
#[Route('/collection/delete/{id<\d+>}', name: 'app_collection_del')]
public function delete(Collection $collection, EntityManagerInterface $em): Response
{
try {
$this->denyAccessUnlessGranted(RecordVoter::DELETE, $collection);
}
catch (AccessDeniedException) {
$this->addFlash('warning', 'You are not authorized to delete this record');
return $this->redirectToRoute('app_home');
}
$em->remove($collection);
$em->flush();
$this->addFlash('notice', 'Record deleted successfully');
return $this->redirectToRoute('app_collection_landing');
}
}

21
src/Controller/CollectorController.php
View File

@@ -5,10 +5,12 @@ namespace App\Controller;
use App\Entity\Collector;
use App\Entity\Collection;
use App\Entity\Bibliography;
use App\Security\Voter\RecordVoter;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
class CollectorController extends AbstractController
{
@@ -40,4 +42,23 @@ class CollectorController extends AbstractController
'count' => $count,
]);
}
#[Route('/collector/delete/{id<\d+>}', name: 'app_collector_del')]
public function delete(Collector $collector, EntityManagerInterface $em): Response
{
try {
$this->denyAccessUnlessGranted(RecordVoter::DELETE, $collector);
}
catch (AccessDeniedException) {
$this->addFlash('warning', 'You are not authorized to delete this record');
return $this->redirectToRoute('app_home');
}
$em->remove($collector);
$em->flush();
$this->addFlash('notice', 'Record deleted successfully');
return $this->redirectToRoute('app_collector_landing');
}
}

3
src/Entity/Bibliography.php
View File

@@ -2,6 +2,7 @@
namespace App\Entity;
use App\RecordInterface;
use App\Repository\BibliographyRepository;
use DateTimeImmutable;
use Doctrine\ORM\Mapping as ORM;
@@ -11,7 +12,7 @@ use Doctrine\Common\Collections\Collection as DoctrineCollection;
#[ORM\Entity(repositoryClass: BibliographyRepository::class)]
#[ORM\Table(name: 'bibliography')]
class Bibliography
class Bibliography implements RecordInterface
{
#[ORM\Id]
#[ORM\GeneratedValue]

3
src/Entity/Collection.php
View File

@@ -2,6 +2,7 @@
namespace App\Entity;
use App\RecordInterface;
use App\Repository\CollectionRepository;
use DateTimeImmutable;
use Doctrine\ORM\Mapping as ORM;
@@ -11,7 +12,7 @@ use Doctrine\Common\Collections\Collection as DoctrineCollection;
#[ORM\Entity(repositoryClass: CollectionRepository::class)]
#[ORM\Table(name: 'collection')]
class Collection
class Collection implements RecordInterface
{
#[ORM\Id]
#[ORM\GeneratedValue]

3
src/Entity/Collector.php
View File

@@ -2,6 +2,7 @@
namespace App\Entity;
use App\RecordInterface;
use App\Repository\CollectorRepository;
use DateTimeImmutable;
use Doctrine\ORM\Mapping as ORM;
@@ -11,7 +12,7 @@ use Doctrine\Common\Collections\Collection as DoctrineCollection;
#[ORM\Entity(repositoryClass: CollectorRepository::class)]
#[ORM\Table(name: 'collector')]
class Collector
class Collector implements RecordInterface
{
#[ORM\Id]
#[ORM\GeneratedValue]

7
src/RecordInterface.php Normal file
View File

@@ -0,0 +1,7 @@
<?php
namespace App;
interface RecordInterface
{
}

48
src/Security/Voter/RecordVoter.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
namespace App\Security\Voter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
final class RecordVoter extends Voter
{
public const EDIT = 'RECORD_EDIT';
public const DELETE = 'RECORD_DELETE';
public const VIEW = 'RECORD_VIEW';
protected function supports(string $attribute, mixed $subject): bool
{
return in_array($attribute, [self::EDIT, self::VIEW, self::DELETE])
&& $subject instanceof \App\RecordInterface;
}
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
{
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
$roles = $user->getRoles();
// TODO: Better way to check roles?
switch ($attribute) {
case self::EDIT:
case self::DELETE:
return in_array('ROLE_ADMIN', $roles)
|| in_array('ROLE_REVISOR', $roles);
break;
case self::VIEW:
return ! in_array('ROLE_READER', $roles);
break;
}
return false;
}
}

4
src/Security/Voter/VocabVoter.php
View File

@@ -35,8 +35,8 @@ final class VocabVoter extends Voter
switch ($attribute) {
case self::EDIT:
case self::DELETE:
return in_array('ROLE_ADMIN', $roles)
|| in_array('ROLE_REVISOR', $roles);
return in_array('ROLE_ADMIN', $roles)
|| in_array('ROLE_REVISOR', $roles);
break;
case self::VIEW: