ardent/Snips
1
0
Fork 0
Code Issues 5 Pull Requests 1 Packages Projects Releases Wiki Activity

Secure the twig renderer template loader

Browse Source
This commit is contained in:
Tim
2025-05-11 00:37:50 +02:00
parent 6adc8c4a69
commit e3549f722a
2 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/Service/SnipParser/Twig/SnipTwigExtension.php
View File

@ -48,8 +48,13 @@ class SnipTwigExtension extends AbstractExtension
private function snipsByTag(string $tag): array
{
// Todo: get 'context' user from the snip it is called from
$user = $this->security->getUser();
if ($user === null) {
return [];
}
$request = new SnipFilterRequest(SnipFilterRequest::VISIBILITY_ALL, tag: $tag);
$snips = $this->snipRepo->findByRequest($this->security->getUser(), $request);
$snips = $this->snipRepo->findByRequest($user, $request);
return array_map(fn(Snip $snip) => [
'id' => $snip->getId(),
'name' => $snip->getName(),