From 402ce86330c2daa0b8da712d8c27e435fc213c0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julien=20Fastr=C3=A9?= Date: Fri, 3 Jul 2015 22:33:29 +0200 Subject: [PATCH] improve activity controller & rendering --- Controller/ActivityController.php | 63 ++++++++++++++++--- DataFixtures/ORM/LoadReportACL.php | 2 +- .../migrations/Version20150701091248.php | 2 +- Resources/views/Activity/edit.html.twig | 2 +- Resources/views/Activity/show.html.twig | 4 +- 5 files changed, 58 insertions(+), 15 deletions(-) diff --git a/Controller/ActivityController.php b/Controller/ActivityController.php index fe9d171b7..3e0c9e696 100644 --- a/Controller/ActivityController.php +++ b/Controller/ActivityController.php @@ -61,18 +61,23 @@ class ActivityController extends Controller $em = $this->getDoctrine()->getManager(); $person = $em->getRepository('ChillPersonBundle:Person')->find($person_id); - /**if ($person === NULL) { + if ($person === NULL) { throw $this->createNotFoundException('person not found'); - }*/ + } $this->denyAccessUnlessGranted('CHILL_PERSON_SEE', $person); $entity = new Activity(); + $entity->setPerson($person); $form = $this->createCreateForm($entity, $person); $form->handleRequest($request); if ($form->isValid()) { $em = $this->getDoctrine()->getManager(); + + $this->denyAccessUnlessGranted('CHILL_ACTIVITY_CREATE', $entity, + 'creation of this activity not allowed'); + $em->persist($entity); $em->flush(); @@ -95,13 +100,15 @@ class ActivityController extends Controller * * @return \Symfony\Component\Form\Form The form */ - private function createCreateForm(Activity $entity, Person $person) + private function createCreateForm(Activity $entity) { $form = $this->createForm('chill_activitybundle_activity', $entity, array( - 'action' => $this->generateUrl('chill_activity_activity_create', ['person_id' => $person->getId()]), + 'action' => $this->generateUrl('chill_activity_activity_create', [ + 'person_id' => $entity->getPerson()->getId(), + ]), 'method' => 'POST', - 'center' => $person->getCenter(), + 'center' => $entity->getCenter(), 'role' => new Role('CHILL_ACTIVITY_CREATE') ) ); @@ -120,10 +127,19 @@ class ActivityController extends Controller $em = $this->getDoctrine()->getManager(); $person = $em->getRepository('ChillPersonBundle:Person')->find($person_id); + if ($person === NULL){ + throw $this->createNotFoundException('Person not found'); + } + + $this->denyAccessUnlessGranted('CHILL_PERSON_SEE', $person); + $entity = new Activity(); - $entity->setUser($this->get('security.context')->getToken()->getUser()); + $entity->setUser($this->get('security.token_storage')->getToken()->getUser()); + $entity->setPerson($person); $entity->setDate(new \DateTime('now')); + $this->denyAccessUnlessGranted('CHILL_ACTIVITY_CREATE', $entity); + $form = $this->createCreateForm($entity, $person); return $this->render('ChillActivityBundle:Activity:new.html.twig', array( @@ -141,16 +157,25 @@ class ActivityController extends Controller { $em = $this->getDoctrine()->getManager(); $person = $em->getRepository('ChillPersonBundle:Person')->find($person_id); + + if (!$person) { + throw $this->createNotFoundException('person not found'); + } + + $this->denyAccessUnlessGranted('CHILL_PERSON_SEE', $person); $entity = $em->getRepository('ChillActivityBundle:Activity')->find($id); if (!$entity) { throw $this->createNotFoundException('Unable to find Activity entity.'); } + + $this->denyAccessUnlessGranted('CHILL_ACTIVITY_SEE', $entity); $deleteForm = $this->createDeleteForm($id, $person); return $this->render('ChillActivityBundle:Activity:show.html.twig', array( + 'person' => $person, 'entity' => $entity, 'delete_form' => $deleteForm->createView(), )); @@ -164,21 +189,29 @@ class ActivityController extends Controller { $em = $this->getDoctrine()->getManager(); $person = $em->getRepository('ChillPersonBundle:Person')->find($person_id); + + if (!$person) { + throw $this->createNotFoundException('person not found'); + } + + $this->denyAccessUnlessGranted('CHILL_PERSON_SEE', $person); $entity = $em->getRepository('ChillActivityBundle:Activity')->find($id); if (!$entity) { throw $this->createNotFoundException('Unable to find Activity entity.'); } + + $this->denyAccessUnlessGranted('CHILL_ACTIVITY_UPDATE', $entity); $editForm = $this->createEditForm($entity); - $deleteForm = $this->createDeleteForm($id); + $deleteForm = $this->createDeleteForm($id, $person); return $this->render('ChillActivityBundle:Activity:edit.html.twig', array( 'entity' => $entity, 'edit_form' => $editForm->createView(), 'delete_form' => $deleteForm->createView(), - 'person' => $$person + 'person' => $person )); } @@ -191,9 +224,15 @@ class ActivityController extends Controller */ private function createEditForm(Activity $entity) { - $form = $this->createForm(new ActivityType(), $entity, array( - 'action' => $this->generateUrl('chill_activity_activity_update', array('id' => $entity->getId())), + $form = $this->createForm('chill_activitybundle_activity', $entity, array( + 'action' => $this->generateUrl('chill_activity_activity_update', + array( + 'id' => $entity->getId(), + 'person_id' => $entity->getPerson()->getId() + )), 'method' => 'PUT', + 'center' => $entity->getCenter(), + 'role' => new Role('CHILL_ACTIVITY_UPDATE') )); $form->add('submit', 'submit', array('label' => 'Update')); @@ -213,6 +252,8 @@ class ActivityController extends Controller if (!$entity) { throw $this->createNotFoundException('Unable to find Activity entity.'); } + + $this->denyAccessUnlessGranted('CHILL_ACTIVITY_UPDATE', $entity); $deleteForm = $this->createDeleteForm($id); $editForm = $this->createEditForm($entity); @@ -246,6 +287,8 @@ class ActivityController extends Controller if (!$entity) { throw $this->createNotFoundException('Unable to find Activity entity.'); } + + $this->denyAccessUnlessGranted('CHILL_ACTIVITY_UPDATE', $entity); $em->remove($entity); $em->flush(); diff --git a/DataFixtures/ORM/LoadReportACL.php b/DataFixtures/ORM/LoadReportACL.php index b20f29b97..e9d2d3092 100644 --- a/DataFixtures/ORM/LoadReportACL.php +++ b/DataFixtures/ORM/LoadReportACL.php @@ -36,7 +36,7 @@ class LoadActivitytACL extends AbstractFixture implements OrderedFixtureInterfac { public function getOrder() { - return 17999; + return 16000; } diff --git a/Resources/migrations/Version20150701091248.php b/Resources/migrations/Version20150701091248.php index 18573b82e..3dcabea2f 100644 --- a/Resources/migrations/Version20150701091248.php +++ b/Resources/migrations/Version20150701091248.php @@ -42,7 +42,7 @@ class Version20150701091248 extends AbstractMigration $this->addSql('CREATE SEQUENCE ActivityReason_id_seq INCREMENT BY 1 MINVALUE 1 START 1'); $this->addSql('CREATE SEQUENCE ActivityReasonCategory_id_seq INCREMENT BY 1 MINVALUE 1 START 1'); $this->addSql('CREATE SEQUENCE ActivityType_id_seq INCREMENT BY 1 MINVALUE 1 START 1'); - $this->addSql('CREATE TABLE Activity (id INT NOT NULL, user_id INT DEFAULT NULL, scope_id INT DEFAULT NULL, reason_id INT DEFAULT NULL, type_id INT DEFAULT NULL, person_id INT DEFAULT NULL, date TIMESTAMP(0) WITHOUT TIME ZONE NOT NULL, durationTime TIME(0) WITHOUT TIME ZONE NOT NULL, remark TEXT NOT NULL, attendee BOOLEAN NOT NULL, PRIMARY KEY(id))'); + $this->addSql('CREATE TABLE Activity (id INT NOT NULL, user_id INT DEFAULT NULL, scope_id INT DEFAULT NULL, reason_id INT DEFAULT NULL, type_id INT DEFAULT NULL, person_id INT DEFAULT NULL, date TIMESTAMP(0) WITHOUT TIME ZONE NOT NULL, durationTime TIME(0) WITHOUT TIME ZONE NOT NULL, remark TEXT NOT NULL, attendee BOOLEAN, PRIMARY KEY(id))'); $this->addSql('CREATE INDEX IDX_55026B0CA76ED395 ON Activity (user_id)'); $this->addSql('CREATE INDEX IDX_55026B0C682B5931 ON Activity (scope_id)'); $this->addSql('CREATE INDEX IDX_55026B0C59BB1592 ON Activity (reason_id)'); diff --git a/Resources/views/Activity/edit.html.twig b/Resources/views/Activity/edit.html.twig index 4c04aae3b..34eda0653 100644 --- a/Resources/views/Activity/edit.html.twig +++ b/Resources/views/Activity/edit.html.twig @@ -27,7 +27,7 @@