diff --git a/config/packages/security.yaml b/config/packages/security.yaml index 7c33053..dfae12e 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -49,10 +49,16 @@ security: # https://symfony.com/doc/current/security/impersonating_user.html # switch_user: true + role_hierarchy: + ROLE_ADMIN: ROLE_ADMIN + ROLE_EMPLOYEE: ROLE_EMPLOYEE + ROLE_USER: ROLE_USER # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: - # - { path: ^/admin, roles: ROLE_ADMIN } + - { path: ^/login, roles: PUBLIC_ACCESS } + - { path: ^/register, roles: PUBLIC_ACCESS } + - { path: ^/, roles: IS_AUTHENTICATED_FULLY } # - { path: ^/profile, roles: ROLE_USER } when@test: diff --git a/src/Controller/AnnouncementController.php b/src/Controller/AnnouncementController.php index 150595b..7736b78 100644 --- a/src/Controller/AnnouncementController.php +++ b/src/Controller/AnnouncementController.php @@ -11,6 +11,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\Attribute\Route; +use Symfony\Component\Security\Http\Attribute\IsGranted; #[Route('/announcement', name: 'app_announcement')] class AnnouncementController extends AbstractController @@ -22,6 +23,7 @@ class AnnouncementController extends AbstractController { } #[Route('/add', name: '_add')] + #[IsGranted('ROLE_ADMIN')] public function addAnnouncement(Request $request): Response { $announcement = new Announcement(); @@ -56,6 +58,7 @@ class AnnouncementController extends AbstractController } #[Route('/update/{id}', name: '_update')] + #[IsGranted('ROLE_ADMIN')] public function update(int $id, Request $request): Response { $announcement = $this->announcementRepository->find($id); @@ -77,6 +80,7 @@ class AnnouncementController extends AbstractController } #[Route('/delete/{id}', name: '_delete')] + #[IsGranted('ROLE_ADMIN')] public function delete(int $id): Response { $announcement = $this->announcementRepository->find($id); diff --git a/src/Controller/CompanyController.php b/src/Controller/CompanyController.php index 0ddeb19..55cfd87 100644 --- a/src/Controller/CompanyController.php +++ b/src/Controller/CompanyController.php @@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\Attribute\Route; +use Symfony\Component\Security\Http\Attribute\IsGranted; #[Route('/company')] final class CompanyController extends AbstractController @@ -23,6 +24,7 @@ final class CompanyController extends AbstractController } #[Route('/new', name: 'app_company_new', methods: ['GET', 'POST'])] + #[IsGranted('ROLE_ADMIN')] public function new(Request $request, EntityManagerInterface $entityManager): Response { $company = new Company(); @@ -51,6 +53,7 @@ final class CompanyController extends AbstractController } #[Route('/{id}/edit', name: 'app_company_edit', methods: ['GET', 'POST'])] + #[IsGranted('ROLE_ADMIN')] public function edit(Request $request, Company $company, EntityManagerInterface $entityManager): Response { $form = $this->createForm(CompanyType::class, $company); diff --git a/src/Controller/FAQController.php b/src/Controller/FAQController.php index fbba2aa..3164551 100644 --- a/src/Controller/FAQController.php +++ b/src/Controller/FAQController.php @@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\Attribute\Route; +use Symfony\Component\Security\Http\Attribute\IsGranted; #[Route('/faq')] final class FAQController extends AbstractController @@ -23,6 +24,7 @@ final class FAQController extends AbstractController } #[Route('/new', name: 'app_faq_new', methods: ['GET', 'POST'])] + #[IsGranted('ROLE_ADMIN')] public function new(Request $request, EntityManagerInterface $entityManager): Response { $fAQ = new FAQ(); @@ -51,6 +53,7 @@ final class FAQController extends AbstractController } #[Route('/{id}/edit', name: 'app_faq_edit', methods: ['GET', 'POST'])] + #[IsGranted('ROLE_ADMIN')] public function edit(Request $request, FAQ $fAQ, EntityManagerInterface $entityManager): Response { $form = $this->createForm(FAQType::class, $fAQ); @@ -69,6 +72,7 @@ final class FAQController extends AbstractController } #[Route('/{id}', name: 'app_faq_delete', methods: ['POST'])] + #[IsGranted('ROLE_ADMIN')] public function delete(Request $request, FAQ $fAQ, EntityManagerInterface $entityManager): Response { if ($this->isCsrfTokenValid('delete'.$fAQ->getId(), $request->getPayload()->getString('_token'))) { diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php index 50e84c2..c3a9ccb 100644 --- a/src/Controller/RegistrationController.php +++ b/src/Controller/RegistrationController.php @@ -17,7 +17,7 @@ use Symfony\Component\Routing\Attribute\Route; #[Route('/register', name: 'app_register')] class RegistrationController extends AbstractController { - #[Route('/intern', name: '_intern')] + #[Route('/', name: '_intern')] public function register(Request $request, UserPasswordHasherInterface $userPasswordHasher, Security $security, EntityManagerInterface $entityManager): Response { $user = new Intern(); diff --git a/src/Controller/SkillController.php b/src/Controller/SkillController.php index 2d2adac..914e64c 100644 --- a/src/Controller/SkillController.php +++ b/src/Controller/SkillController.php @@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\Attribute\Route; +use Symfony\Component\Security\Http\Attribute\IsGranted; #[Route('/skill')] final class SkillController extends AbstractController @@ -23,6 +24,7 @@ final class SkillController extends AbstractController } #[Route('/new', name: 'app_skill_new', methods: ['GET', 'POST'])] + #[IsGranted('ROLE_ADMIN')] public function new(Request $request, EntityManagerInterface $entityManager): Response { $skill = new Skill(); @@ -51,6 +53,7 @@ final class SkillController extends AbstractController } #[Route('/{id}/edit', name: 'app_skill_edit', methods: ['GET', 'POST'])] + #[IsGranted('ROLE_ADMIN')] public function edit(Request $request, Skill $skill, EntityManagerInterface $entityManager): Response { $form = $this->createForm(SkillType::class, $skill); @@ -69,6 +72,7 @@ final class SkillController extends AbstractController } #[Route('/{id}', name: 'app_skill_delete', methods: ['POST'])] + #[IsGranted('ROLE_ADMIN')] public function delete(Request $request, Skill $skill, EntityManagerInterface $entityManager): Response { if ($this->isCsrfTokenValid('delete'.$skill->getId(), $request->getPayload()->getString('_token'))) {