ardent/Snips
1
0
Fork 0
Code Issues 5 Pull Requests 1 Packages Projects Releases Wiki Activity

Add Security for history

Browse Source
This commit is contained in:
Tim
2023-04-05 23:05:33 +02:00
parent 1f464220ee
commit ce456adf10
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Controller/HistoryController.php
View File

@ -3,6 +3,7 @@
namespace App\Controller;
use App\Entity\Snip;
use App\Security\Voter\SnipVoter;
use App\Service\SnipServiceFactory;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
@ -20,6 +21,8 @@ class HistoryController extends AbstractController
#[Route('/', name: '_index')]
public function index(Snip $snip): Response
{
$this->denyAccessUnlessGranted(SnipVoter::EDIT, $snip);
return $this->render('history/index.html.twig', [
'snip' => $snip,
'commits' => $this->snipServiceFactory->create($snip)->getRepo()->getAllCommits(),
@ -29,6 +32,8 @@ class HistoryController extends AbstractController
#[Route('/set/{commit}', name: '_set')]
public function set(Snip $snip, string $commit): Response
{
$this->denyAccessUnlessGranted(SnipVoter::EDIT, $snip);
$this->snipServiceFactory->create($snip)->getRepo()->checkout($commit);
$this->addFlash('success', 'Snip version set to ' . $commit);
return $this->redirectToRoute('snip_single', ['snip' => $snip->getId()]);