backup role
This commit is contained in:
parent
91ad1eeae5
commit
353884f58f
@ -49,10 +49,16 @@ security:
|
||||
# https://symfony.com/doc/current/security/impersonating_user.html
|
||||
# switch_user: true
|
||||
|
||||
role_hierarchy:
|
||||
ROLE_ADMIN: ROLE_ADMIN
|
||||
ROLE_EMPLOYEE: ROLE_EMPLOYEE
|
||||
ROLE_USER: ROLE_USER
|
||||
# Easy way to control access for large sections of your site
|
||||
# Note: Only the *first* access control that matches will be used
|
||||
access_control:
|
||||
# - { path: ^/admin, roles: ROLE_ADMIN }
|
||||
- { path: ^/login, roles: PUBLIC_ACCESS }
|
||||
- { path: ^/register, roles: PUBLIC_ACCESS }
|
||||
- { path: ^/, roles: IS_AUTHENTICATED_FULLY }
|
||||
# - { path: ^/profile, roles: ROLE_USER }
|
||||
|
||||
when@test:
|
||||
|
||||
@ -11,6 +11,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Routing\Attribute\Route;
|
||||
use Symfony\Component\Security\Http\Attribute\IsGranted;
|
||||
|
||||
#[Route('/announcement', name: 'app_announcement')]
|
||||
class AnnouncementController extends AbstractController
|
||||
@ -22,6 +23,7 @@ class AnnouncementController extends AbstractController
|
||||
{
|
||||
}
|
||||
#[Route('/add', name: '_add')]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function addAnnouncement(Request $request): Response
|
||||
{
|
||||
$announcement = new Announcement();
|
||||
@ -56,6 +58,7 @@ class AnnouncementController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/update/{id}', name: '_update')]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function update(int $id, Request $request): Response
|
||||
{
|
||||
$announcement = $this->announcementRepository->find($id);
|
||||
@ -77,6 +80,7 @@ class AnnouncementController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/delete/{id}', name: '_delete')]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function delete(int $id): Response
|
||||
{
|
||||
$announcement = $this->announcementRepository->find($id);
|
||||
|
||||
@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Routing\Attribute\Route;
|
||||
use Symfony\Component\Security\Http\Attribute\IsGranted;
|
||||
|
||||
#[Route('/company')]
|
||||
final class CompanyController extends AbstractController
|
||||
@ -23,6 +24,7 @@ final class CompanyController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/new', name: 'app_company_new', methods: ['GET', 'POST'])]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function new(Request $request, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
$company = new Company();
|
||||
@ -51,6 +53,7 @@ final class CompanyController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/{id}/edit', name: 'app_company_edit', methods: ['GET', 'POST'])]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function edit(Request $request, Company $company, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
$form = $this->createForm(CompanyType::class, $company);
|
||||
|
||||
@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Routing\Attribute\Route;
|
||||
use Symfony\Component\Security\Http\Attribute\IsGranted;
|
||||
|
||||
#[Route('/faq')]
|
||||
final class FAQController extends AbstractController
|
||||
@ -23,6 +24,7 @@ final class FAQController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/new', name: 'app_faq_new', methods: ['GET', 'POST'])]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function new(Request $request, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
$fAQ = new FAQ();
|
||||
@ -51,6 +53,7 @@ final class FAQController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/{id}/edit', name: 'app_faq_edit', methods: ['GET', 'POST'])]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function edit(Request $request, FAQ $fAQ, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
$form = $this->createForm(FAQType::class, $fAQ);
|
||||
@ -69,6 +72,7 @@ final class FAQController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/{id}', name: 'app_faq_delete', methods: ['POST'])]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function delete(Request $request, FAQ $fAQ, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
if ($this->isCsrfTokenValid('delete'.$fAQ->getId(), $request->getPayload()->getString('_token'))) {
|
||||
|
||||
@ -17,7 +17,7 @@ use Symfony\Component\Routing\Attribute\Route;
|
||||
#[Route('/register', name: 'app_register')]
|
||||
class RegistrationController extends AbstractController
|
||||
{
|
||||
#[Route('/intern', name: '_intern')]
|
||||
#[Route('/', name: '_intern')]
|
||||
public function register(Request $request, UserPasswordHasherInterface $userPasswordHasher, Security $security, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
$user = new Intern();
|
||||
|
||||
@ -10,6 +10,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Routing\Attribute\Route;
|
||||
use Symfony\Component\Security\Http\Attribute\IsGranted;
|
||||
|
||||
#[Route('/skill')]
|
||||
final class SkillController extends AbstractController
|
||||
@ -23,6 +24,7 @@ final class SkillController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/new', name: 'app_skill_new', methods: ['GET', 'POST'])]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function new(Request $request, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
$skill = new Skill();
|
||||
@ -51,6 +53,7 @@ final class SkillController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/{id}/edit', name: 'app_skill_edit', methods: ['GET', 'POST'])]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function edit(Request $request, Skill $skill, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
$form = $this->createForm(SkillType::class, $skill);
|
||||
@ -69,6 +72,7 @@ final class SkillController extends AbstractController
|
||||
}
|
||||
|
||||
#[Route('/{id}', name: 'app_skill_delete', methods: ['POST'])]
|
||||
#[IsGranted('ROLE_ADMIN')]
|
||||
public function delete(Request $request, Skill $skill, EntityManagerInterface $entityManager): Response
|
||||
{
|
||||
if ($this->isCsrfTokenValid('delete'.$skill->getId(), $request->getPayload()->getString('_token'))) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user