From 617473f6a5c9b6e61984e72a443b769c2b1d3a71 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julien=20Fastr=C3=A9?= <julien.fastre@champs-libres.coop>
Date: Thu, 14 Apr 2022 01:36:01 +0200
Subject: [PATCH] notification - grant access by key - temporarily disable
 email verification due to character escaping in email

---
 .../ChillMainBundle/Controller/NotificationController.php    | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/Bundle/ChillMainBundle/Controller/NotificationController.php b/src/Bundle/ChillMainBundle/Controller/NotificationController.php
index f40c85ffb..d717f01eb 100644
--- a/src/Bundle/ChillMainBundle/Controller/NotificationController.php
+++ b/src/Bundle/ChillMainBundle/Controller/NotificationController.php
@@ -171,7 +171,7 @@ class NotificationController extends AbstractController
             throw new AccessDeniedHttpException('You must be authenticated and a user to create a notification');
         }
 
-        foreach (['accessKey', 'email'] as $param) {
+        foreach (['accessKey'/*, 'email'*/] as $param) {
             if (!$request->query->has($param)) {
                 throw new BadRequestHttpException("Missing {$param} parameter");
             }
@@ -181,10 +181,13 @@ class NotificationController extends AbstractController
             throw new AccessDeniedHttpException('access key is invalid');
         }
 
+        /*
+         desactivated due to escaped '&' in email links
         if (!in_array($request->query->get('email'), $notification->getAddressesEmails(), true)) {
             return (new Response('The email address is no more associated with this notification'))
                 ->setStatusCode(Response::HTTP_FORBIDDEN);
         }
+         */
 
         $notification->addAddressee($this->security->getUser());