Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-06-07 18:44:08 +00:00
Code Issues Actions Projects Releases Wiki Activity

Fix #552: Return AccessDeniedException when trying to access a document and user is not logged in.

Browse Source
This commit is contained in:
Pol Dellaiera 2022-04-19 15:45:47 +02:00
parent c757fa068a
commit 7048f670ed
No known key found for this signature in database
GPG Key ID: D476DFE9C67467CA
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/Bundle/ChillWopiBundle/src/Controller/Test.php → src/Bundle/ChillWopiBundle/src/Controller/Editor.php
View File

@ -18,6 +18,7 @@ use Chill\DocStoreBundle\Entity\StoredObject;
use Chill\WopiBundle\Service\Controller\ResponderInterface;
use Exception;
use loophp\psr17\Psr17Interface;
use Symfony\Component\Finder\Exception\AccessDeniedException;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
@ -28,7 +29,7 @@ use Symfony\Component\Security\Core\Security;
* @internal
* @coversNothing
*/
final class Test
final class Editor
{
private DocumentManagerInterface $documentManager;
@ -64,6 +65,10 @@ final class Test
public function __invoke(string $fileId): Response
{
if (null === $user = $this->security->getUser()->getUsername()) {
throw new AccessDeniedException('You must be logged in to access to this resource.');
}
$configuration = $this->wopiConfiguration->jsonSerialize();
/** @var StoredObject $storedObject */
$storedObject = $this->documentManager->findByDocumentId($fileId);
@ -77,7 +82,7 @@ final class Test
}
$configuration['favIconUrl'] = '';
$configuration['access_token'] = $this->security->getUser()->getUsername();
$configuration['access_token'] = $user;
$configuration['server'] = $this
->psr17