From 353884f58f25ceb44d97256a51520b9c8537ca83 Mon Sep 17 00:00:00 2001
From: barillote <etebarillot@gmail.com>
Date: Thu, 28 Nov 2024 14:43:09 +0100
Subject: [PATCH] backup role

---
 config/packages/security.yaml             | 8 +++++++-
 src/Controller/AnnouncementController.php | 4 ++++
 src/Controller/CompanyController.php      | 3 +++
 src/Controller/FAQController.php          | 4 ++++
 src/Controller/RegistrationController.php | 2 +-
 src/Controller/SkillController.php        | 4 ++++
 6 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 7c33053..dfae12e 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -49,10 +49,16 @@ security:
             # https://symfony.com/doc/current/security/impersonating_user.html
             # switch_user: true
 
+    role_hierarchy:
+        ROLE_ADMIN: ROLE_ADMIN
+        ROLE_EMPLOYEE: ROLE_EMPLOYEE
+        ROLE_USER: ROLE_USER
     # Easy way to control access for large sections of your site
     # Note: Only the *first* access control that matches will be used
     access_control:
-        # - { path: ^/admin, roles: ROLE_ADMIN }
+         - { path: ^/login, roles: PUBLIC_ACCESS }
+         - { path: ^/register, roles: PUBLIC_ACCESS }
+         - { path: ^/, roles: IS_AUTHENTICATED_FULLY }
         # - { path: ^/profile, roles: ROLE_USER }
 
 when@test:
diff --git a/src/Controller/AnnouncementController.php b/src/Controller/AnnouncementController.php
index 150595b..7736b78 100644
--- a/src/Controller/AnnouncementController.php
+++ b/src/Controller/AnnouncementController.php
@@ -11,6 +11,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[Route('/announcement', name: 'app_announcement')]
 class AnnouncementController extends AbstractController
@@ -22,6 +23,7 @@ class AnnouncementController extends AbstractController
     {
     }
     #[Route('/add', name: '_add')]
+    #[IsGranted('ROLE_ADMIN')]
     public function addAnnouncement(Request $request): Response
     {
         $announcement = new Announcement();
@@ -56,6 +58,7 @@ class AnnouncementController extends AbstractController
     }
 
     #[Route('/update/{id}', name: '_update')]
+    #[IsGranted('ROLE_ADMIN')]
     public function update(int $id, Request $request): Response
     {
         $announcement = $this->announcementRepository->find($id);
@@ -77,6 +80,7 @@ class AnnouncementController extends AbstractController
     }
 
     #[Route('/delete/{id}', name: '_delete')]
+    #[IsGranted('ROLE_ADMIN')]
     public function delete(int $id): Response
     {
         $announcement = $this->announcementRepository->find($id);
diff --git a/src/Controller/CompanyController.php b/src/Controller/CompanyController.php
index 0ddeb19..55cfd87 100644
--- a/src/Controller/CompanyController.php
+++ b/src/Controller/CompanyController.php
@@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[Route('/company')]
 final class CompanyController extends AbstractController
@@ -23,6 +24,7 @@ final class CompanyController extends AbstractController
     }
 
     #[Route('/new', name: 'app_company_new', methods: ['GET', 'POST'])]
+    #[IsGranted('ROLE_ADMIN')]
     public function new(Request $request, EntityManagerInterface $entityManager): Response
     {
         $company = new Company();
@@ -51,6 +53,7 @@ final class CompanyController extends AbstractController
     }
 
     #[Route('/{id}/edit', name: 'app_company_edit', methods: ['GET', 'POST'])]
+    #[IsGranted('ROLE_ADMIN')]
     public function edit(Request $request, Company $company, EntityManagerInterface $entityManager): Response
     {
         $form = $this->createForm(CompanyType::class, $company);
diff --git a/src/Controller/FAQController.php b/src/Controller/FAQController.php
index fbba2aa..3164551 100644
--- a/src/Controller/FAQController.php
+++ b/src/Controller/FAQController.php
@@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[Route('/faq')]
 final class FAQController extends AbstractController
@@ -23,6 +24,7 @@ final class FAQController extends AbstractController
     }
 
     #[Route('/new', name: 'app_faq_new', methods: ['GET', 'POST'])]
+    #[IsGranted('ROLE_ADMIN')]
     public function new(Request $request, EntityManagerInterface $entityManager): Response
     {
         $fAQ = new FAQ();
@@ -51,6 +53,7 @@ final class FAQController extends AbstractController
     }
 
     #[Route('/{id}/edit', name: 'app_faq_edit', methods: ['GET', 'POST'])]
+    #[IsGranted('ROLE_ADMIN')]
     public function edit(Request $request, FAQ $fAQ, EntityManagerInterface $entityManager): Response
     {
         $form = $this->createForm(FAQType::class, $fAQ);
@@ -69,6 +72,7 @@ final class FAQController extends AbstractController
     }
 
     #[Route('/{id}', name: 'app_faq_delete', methods: ['POST'])]
+    #[IsGranted('ROLE_ADMIN')]
     public function delete(Request $request, FAQ $fAQ, EntityManagerInterface $entityManager): Response
     {
         if ($this->isCsrfTokenValid('delete'.$fAQ->getId(), $request->getPayload()->getString('_token'))) {
diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php
index 50e84c2..c3a9ccb 100644
--- a/src/Controller/RegistrationController.php
+++ b/src/Controller/RegistrationController.php
@@ -17,7 +17,7 @@ use Symfony\Component\Routing\Attribute\Route;
 #[Route('/register', name: 'app_register')]
 class RegistrationController extends AbstractController
 {
-    #[Route('/intern', name: '_intern')]
+    #[Route('/', name: '_intern')]
     public function register(Request $request, UserPasswordHasherInterface $userPasswordHasher, Security $security, EntityManagerInterface $entityManager): Response
     {
         $user = new Intern();
diff --git a/src/Controller/SkillController.php b/src/Controller/SkillController.php
index 2d2adac..914e64c 100644
--- a/src/Controller/SkillController.php
+++ b/src/Controller/SkillController.php
@@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
 #[Route('/skill')]
 final class SkillController extends AbstractController
@@ -23,6 +24,7 @@ final class SkillController extends AbstractController
     }
 
     #[Route('/new', name: 'app_skill_new', methods: ['GET', 'POST'])]
+    #[IsGranted('ROLE_ADMIN')]
     public function new(Request $request, EntityManagerInterface $entityManager): Response
     {
         $skill = new Skill();
@@ -51,6 +53,7 @@ final class SkillController extends AbstractController
     }
 
     #[Route('/{id}/edit', name: 'app_skill_edit', methods: ['GET', 'POST'])]
+    #[IsGranted('ROLE_ADMIN')]
     public function edit(Request $request, Skill $skill, EntityManagerInterface $entityManager): Response
     {
         $form = $this->createForm(SkillType::class, $skill);
@@ -69,6 +72,7 @@ final class SkillController extends AbstractController
     }
 
     #[Route('/{id}', name: 'app_skill_delete', methods: ['POST'])]
+    #[IsGranted('ROLE_ADMIN')]
     public function delete(Request $request, Skill $skill, EntityManagerInterface $entityManager): Response
     {
         if ($this->isCsrfTokenValid('delete'.$skill->getId(), $request->getPayload()->getString('_token'))) {