107 lines
4.1 KiB
PHP
107 lines
4.1 KiB
PHP
<?php
|
|
|
|
namespace App\Controller;
|
|
|
|
use App\Entity\Vehicle;
|
|
use App\Form\VehicleType;
|
|
use App\Repository\VehicleRepository;
|
|
use Doctrine\ORM\EntityManagerInterface;
|
|
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
use Symfony\Component\Routing\Attribute\Route;
|
|
|
|
#[Route('/vehicle')]
|
|
final class VehicleController extends AbstractController
|
|
{
|
|
#[Route(name: 'app_vehicle_index', methods: ['GET'])]
|
|
public function index(VehicleRepository $vehicleRepository): Response
|
|
{
|
|
// Admin peut voir tous les véhicules, chauffagiste ne peut voir que ses véhicules
|
|
$vehicles = $this->isGranted('ROLE_CHAUFFAGISTE')
|
|
? $vehicleRepository->findByUser($this->getUser()) // Filtre les véhicules par utilisateur
|
|
: $vehicleRepository->findAll(); // Les admins voient tout
|
|
|
|
return $this->render('vehicle/index.html.twig', [
|
|
'vehicles' => $vehicles,
|
|
]);
|
|
}
|
|
|
|
#[Route('/new', name: 'app_vehicle_new', methods: ['GET', 'POST'])]
|
|
public function new(Request $request, EntityManagerInterface $entityManager): Response
|
|
{
|
|
$vehicle = new Vehicle();
|
|
$form = $this->createForm(VehicleType::class, $vehicle);
|
|
$form->handleRequest($request);
|
|
|
|
if ($form->isSubmitted() && $form->isValid()) {
|
|
// Si l'utilisateur est un chauffagiste, on associe le véhicule à lui
|
|
if ($this->isGranted('ROLE_CHAUFFAGISTE')) {
|
|
$vehicle->setUser($this->getUser());
|
|
}
|
|
|
|
$entityManager->persist($vehicle);
|
|
$entityManager->flush();
|
|
|
|
return $this->redirectToRoute('app_vehicle_index', [], Response::HTTP_SEE_OTHER);
|
|
}
|
|
|
|
return $this->render('vehicle/new.html.twig', [
|
|
'vehicle' => $vehicle,
|
|
'form' => $form,
|
|
]);
|
|
}
|
|
|
|
#[Route('/{id}', name: 'app_vehicle_show', methods: ['GET'])]
|
|
public function show(Vehicle $vehicle): Response
|
|
{
|
|
// Si l'utilisateur est un chauffagiste et essaie de voir un véhicule d'un autre chauffagiste, on bloque
|
|
if ($this->isGranted('ROLE_CHAUFFAGISTE') && $vehicle->getUser() !== $this->getUser()) {
|
|
throw $this->createAccessDeniedException('Vous ne pouvez pas voir ce véhicule.');
|
|
}
|
|
|
|
return $this->render('vehicle/show.html.twig', [
|
|
'vehicle' => $vehicle,
|
|
]);
|
|
}
|
|
|
|
#[Route('/{id}/edit', name: 'app_vehicle_edit', methods: ['GET', 'POST'])]
|
|
public function edit(Request $request, Vehicle $vehicle, EntityManagerInterface $entityManager): Response
|
|
{
|
|
// Vérifier si un chauffagiste essaie de modifier un véhicule d'un autre chauffagiste
|
|
if ($this->isGranted('ROLE_CHAUFFAGISTE') && $vehicle->getUser() !== $this->getUser()) {
|
|
throw $this->createAccessDeniedException('Vous ne pouvez pas modifier ce véhicule.');
|
|
}
|
|
|
|
$form = $this->createForm(VehicleType::class, $vehicle);
|
|
$form->handleRequest($request);
|
|
|
|
if ($form->isSubmitted() && $form->isValid()) {
|
|
$entityManager->flush();
|
|
|
|
return $this->redirectToRoute('app_vehicle_index', [], Response::HTTP_SEE_OTHER);
|
|
}
|
|
|
|
return $this->render('vehicle/edit.html.twig', [
|
|
'vehicle' => $vehicle,
|
|
'form' => $form,
|
|
]);
|
|
}
|
|
|
|
#[Route('/{id}', name: 'app_vehicle_delete', methods: ['POST'])]
|
|
public function delete(Request $request, Vehicle $vehicle, EntityManagerInterface $entityManager): Response
|
|
{
|
|
// Vérification de sécurité : un chauffagiste ne peut supprimer un véhicule d'un autre chauffagiste
|
|
if ($this->isGranted('ROLE_CHAUFFAGISTE') && $vehicle->getUser() !== $this->getUser()) {
|
|
throw $this->createAccessDeniedException('Vous ne pouvez pas supprimer ce véhicule.');
|
|
}
|
|
|
|
if ($this->isCsrfTokenValid('delete'.$vehicle->getId(), $request->get('csrf_token'))) {
|
|
$entityManager->remove($vehicle);
|
|
$entityManager->flush();
|
|
}
|
|
|
|
return $this->redirectToRoute('app_vehicle_index', [], Response::HTTP_SEE_OTHER);
|
|
}
|
|
}
|