From b001f7ecd850d74889b231df58e7482f7447b2b7 Mon Sep 17 00:00:00 2001 From: "aurian.jault" Date: Wed, 12 Jun 2024 14:06:31 +0200 Subject: [PATCH 1/3] Adding roles and redirect on logout --- config/packages/security.yaml | 8 +++--- migrations/Version20240612112105.php | 35 +++++++++++++++++++++++ src/Controller/RegistrationController.php | 1 + src/Entity/Profil.php | 12 ++++---- src/Repository/TagsRepository.php | 2 +- 5 files changed, 47 insertions(+), 11 deletions(-) create mode 100644 migrations/Version20240612112105.php diff --git a/config/packages/security.yaml b/config/packages/security.yaml index 288ddbd..73a0545 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -22,8 +22,7 @@ security: enable_csrf: true logout: path: app_logout - # where to redirect after logout - # target: app_any_route + target: /login # activate different ways to authenticate # https://symfony.com/doc/current/security.html#the-firewall @@ -34,8 +33,9 @@ security: # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: - # - { path: ^/admin, roles: ROLE_ADMIN } - # - { path: ^/profile, roles: ROLE_USER } + #- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY } + #- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } + #- { path: ^/logout, role: ROLE_USER} when@test: security: diff --git a/migrations/Version20240612112105.php b/migrations/Version20240612112105.php new file mode 100644 index 0000000..451d975 --- /dev/null +++ b/migrations/Version20240612112105.php @@ -0,0 +1,35 @@ +addSql('ALTER TABLE profil ADD COLUMN roles CLOB DEFAULT NULL'); + } + + public function down(Schema $schema): void + { + // this down() migration is auto-generated, please modify it to your needs + $this->addSql('CREATE TEMPORARY TABLE __temp__profil AS SELECT id, name, description, password FROM profil'); + $this->addSql('DROP TABLE profil'); + $this->addSql('CREATE TABLE profil (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, name VARCHAR(255) DEFAULT NULL, description VARCHAR(255) DEFAULT NULL, password VARCHAR(255) DEFAULT NULL)'); + $this->addSql('INSERT INTO profil (id, name, description, password) SELECT id, name, description, password FROM __temp__profil'); + $this->addSql('DROP TABLE __temp__profil'); + } +} diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php index 8c26f0b..e0138c4 100644 --- a/src/Controller/RegistrationController.php +++ b/src/Controller/RegistrationController.php @@ -29,6 +29,7 @@ class RegistrationController extends AbstractController $form->get('plainPassword')->getData() ) ); + $user->setRoles(['ROLE_USER']); $entityManager->persist($user); $entityManager->flush(); diff --git a/src/Entity/Profil.php b/src/Entity/Profil.php index 4647d0e..18a493d 100644 --- a/src/Entity/Profil.php +++ b/src/Entity/Profil.php @@ -19,6 +19,7 @@ class Profil implements UserInterface, PasswordAuthenticatedUserInterface #[ORM\Column] private ?int $id = null; + #[ORM\Column(type: 'json', nullable: true)] private array $roles = []; #[ORM\Column(length: 255, nullable: true)] @@ -184,7 +185,7 @@ class Profil implements UserInterface, PasswordAuthenticatedUserInterface { $roles = $this->roles; // guarantee every user at least has ROLE_USER - $roles[] = 'ROLE_USER'; + // $roles[] = 'ROLE_USER'; return array_unique($roles); } @@ -192,17 +193,16 @@ class Profil implements UserInterface, PasswordAuthenticatedUserInterface public function setRoles(array $roles): self { $this->roles = $roles; - return $this; } - public function eraseCredentials(): void + public function getUserIdentifier(): string { - // TODO: Implement eraseCredentials() method. + return $this->name; } - public function getUserIdentifier(): string + public function eraseCredentials(): void { - return $this->name; + // TODO: Implement eraseCredentials() method. } } diff --git a/src/Repository/TagsRepository.php b/src/Repository/TagsRepository.php index 5116b48..01f3452 100644 --- a/src/Repository/TagsRepository.php +++ b/src/Repository/TagsRepository.php @@ -9,7 +9,7 @@ use Doctrine\Persistence\ManagerRegistry; /** * @extends ServiceEntityRepository */ -class agsRepository extends ServiceEntityRepository +class TagsRepository extends ServiceEntityRepository { public function __construct(ManagerRegistry $registry) { From 2981f73c0a29191fa2a35e88d781f308cd7d6258 Mon Sep 17 00:00:00 2001 From: "aurian.jault" Date: Wed, 12 Jun 2024 17:06:21 +0200 Subject: [PATCH 2/3] changed database --- migrations/Version20240612121601.php | 35 +++++++++++++++++++++++++++ var/data.db | Bin 98304 -> 102400 bytes 2 files changed, 35 insertions(+) create mode 100644 migrations/Version20240612121601.php diff --git a/migrations/Version20240612121601.php b/migrations/Version20240612121601.php new file mode 100644 index 0000000..f40fbff --- /dev/null +++ b/migrations/Version20240612121601.php @@ -0,0 +1,35 @@ +addSql('ALTER TABLE profil ADD COLUMN roles CLOB DEFAULT NULL'); + } + + public function down(Schema $schema): void + { + // this down() migration is auto-generated, please modify it to your needs + $this->addSql('CREATE TEMPORARY TABLE __temp__profil AS SELECT id, name, description, password FROM profil'); + $this->addSql('DROP TABLE profil'); + $this->addSql('CREATE TABLE profil (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, name VARCHAR(255) DEFAULT NULL, description VARCHAR(255) DEFAULT NULL, password VARCHAR(255) DEFAULT NULL)'); + $this->addSql('INSERT INTO profil (id, name, description, password) SELECT id, name, description, password FROM __temp__profil'); + $this->addSql('DROP TABLE __temp__profil'); + } +} diff --git a/var/data.db b/var/data.db index 2101675596f80503dc060017c70bb9f6c4522bdc..61ef3a948e79536598657d7354d0396fddf29262 100644 GIT binary patch delta 427 zcmZo@U~5>wHbGjDpMilv5{O|yc%qK6Fh7G{)&*9e5F`I@kc1@v?~R2${CpDJyg(ik ze+>iwKK`1Gg$4Xf4os5|$g9X08W{qSfvJ&!k%_K>nXaLcf}x3(p_!G5Im_gI@@^bV z{L2~mukbJ5EGRIWpGAi`mT~e8eFaXKKBmoA^tBZjxi{-~PXxk�V6gu1-8Vvk%`F8RA;@QvR%YB>Mk#jny9LHh~jg5s|9NQfV z7^kyLpI*jjz5RL#;{isl#spq=aY;$WX6fm7${6?a=qMEB=cE=ZIQ#fJP46pbECc}4 CfpUQW delta 1015 zcmYMz&u`mg7zc2hrcN80y5-ke4XHtNCy<@Qj+2N>6F0FFC$W<`aS~~wu46l~<2bS7 zB({*!a^f(-pod;|fN}&0u>w6HbqI0dgwP};{s=A;VuHg+i#J|9uk^mp;iK>KO7GF9 z(9sce@8;$j003Ky{cOGT@!Qy-MG6O!*&%iQEm8G1DYBjk!|^mUD*^-3!# z+75?UDXcHHhh^I_m{kbax$>^L&Zy&K4Mk0BwS8O`%xMuzO{^SBi?TMy99d}QlS*mI zi(MvWculw6OEI#Z#-h1ic?AOAe6C$b^u6rNL~x4eV`8N*+cV1(>V}Mv-3jS(CAN(# z%@O9-5~b!Oxlgp?wJCvQ;!MyF*Vh%@w6xLg{J&8%eAU4R)!5J_v>}f-2Db$ zS?mr>7N6C;Vm;bUksLp^)S|7VRb41R5ODMVaDFf<)?%9RWVD+in?>73dadNNEH_e8 ztxsyRp4p(;OujrOyl7g+&3R*dJ2@el+%g2bys#A6@*SR}<2qw=Qk^XGrBbP?wyPp* zqoQohN^#cGM5ULP+AW>3Is9m9NR+KioY<&P$h8Pnp3t&M z4Y;bv4EnRNgorJMDmTz(p`29XdWj@l>IDe6v2ZML;@Cbk6NG`$7^C`JtqOwI=#Jcd zC&g->!ggc*lsi*0cubKyM5CF>w0ms3&k9+A1|eX3AxWmQD4&WOja-o$Cv?3i7&c>& zOqZ8s(;4QnZZB&XRCXX~baO)W`JAGRP+OwPWcb;yI$!1f+BrMeI6H`(4I_)gg9C5_ zgP#De0eisuxA14-SJr-9yYu3oq4z>>tQ@ZX5quiF5B(bW4LS|TOOKaY;8!34d=Knh wy#4|BdEnyjyWkJt>BGC=JE3DL9K5l;4Zhzy{pmyS;pzR4z|O_fDG09o3vD7Z<^TWy From 7b87376a578fd6f85aec8d3666a4a26f51c5299b Mon Sep 17 00:00:00 2001 From: "aurian.jault" Date: Wed, 12 Jun 2024 18:43:46 +0200 Subject: [PATCH 3/3] adding redirections --- config/packages/security.yaml | 1 + src/Controller/PostController.php | 7 ++++--- templates/post/all.html.twig | 2 +- var/data.db | Bin 102400 -> 126976 bytes 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/config/packages/security.yaml b/config/packages/security.yaml index 6a613e0..a5f1925 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -21,6 +21,7 @@ security: login_path: app_login check_path: app_login enable_csrf: true + default_target_path: all post logout: path: app_logout target: /login diff --git a/src/Controller/PostController.php b/src/Controller/PostController.php index 7548d15..50f58ab 100644 --- a/src/Controller/PostController.php +++ b/src/Controller/PostController.php @@ -21,7 +21,7 @@ class PostController extends AbstractController } # DEBUG: Ne doit pas être laissé en production. - #[Route('/post/all', name: 'all post', methods: ['GET'])] + #[Route('/', name: 'all post', methods: ['GET'])] public function getAllPost(): Response { $posts = $this->em->getRepository(Post::class)->findAll(); @@ -52,6 +52,8 @@ class PostController extends AbstractController #[Route('/post/new/', name: 'add_post', methods: ['GET', 'POST'])] public function addPost(Request $request): Response { + $this->denyAccessUnlessGranted('IS_AUTHENTICATED'); + $post = new Post(); $form = $this->createForm(PostType::class, $post); @@ -65,8 +67,7 @@ class PostController extends AbstractController $this->em->persist($post); $this->em->flush(); - - return new Response($user->getUserIdentifier()); + return $this->redirectToRoute('display post', ['id' => $post->getId()]); } return $this->render('post/new.html.twig', [ diff --git a/templates/post/all.html.twig b/templates/post/all.html.twig index 13180f2..1aa738b 100644 --- a/templates/post/all.html.twig +++ b/templates/post/all.html.twig @@ -1,5 +1,5 @@

All website posts

- +Créer un nouveau post {% for post in posts %}
Id: {{ post.id }} diff --git a/var/data.db b/var/data.db index 61ef3a948e79536598657d7354d0396fddf29262..7f6fd3395bfc79c9d691dcfcd354a3f621b2ce63 100644 GIT binary patch literal 126976 zcmeI5Uu;}gUdLx_$Byl!({7tJq0pQ}m7Gx>ug8wWSc08mE=2h#&>4UJ?H#Bzu)=&Irolx{evYt(5m8kH7ih4sh3mfbm|?YQmND# z{5yw#@#9q-^u;gmJKc8N?eI)${Py3Skj9yxNSm|KuWrrxJ_(Qj36KB@kN^pg011!) z36KB@kie5C@N>hb(P>ZS+o{Z7;fW6tAOR8}0TLhq5+DH*AOR8}0TLjACr;p@kGc($XL?Jds=Y}fIB^+WCXIGCK6ygV_Jo6O;7Vp?8ZnwYtin^d{WS93F0FVFV9 zlm03_OiWMAO;1lv#63(*tBJX*)6-Wk=lX^qRZr%#ROavT#0LqG011!)36KB@kN^pg z011!)36Q{X5*X{f^_4dYdfw{2HTbi372-Vsx&Duv{`nvQ5+DH*AOR8}0TLhq5+DH* zAORA1jtNBf|NkhJ`R~k+o?|g78VQg936KB@kN^pg011!)36KB@ydVTl_Vk`f*Ihs8 zA4>P0P1ilQVpoUd{(oNoe?d%uVv+y}kN^pg011!)36KB@kN^q1umo8Dzp$#O;3Pl- zBtQZrKmsH{0wh2JBtQZ$5CQpr^PR~2i%5Jf^OMZ~Wd1YrZ_&#a2m(bV0TLhq5+DH* zAOR8}0TLhq5+H%+hQJ$A>i=RNo_?VhPp|jj>F3jO{l7o+Pbt*?KhFF|=3g`aj2C>6 z011!)36KB@kN^pg011!)36KB@JUawV^rq9p{pR_EdG0gMz2>>6uQxq7%)kHt?5LA7 zB>@s30TLhq5+DH*AOR8}0TLjA$0fk;|35A{o<{;CKmsH{0wh2JBtQZrKmsH{0?!Ts z*8k6rt~gT?AOR8}0TLhq5+DH*AOR8}0TOsz0<8ZZmmJR{0TLhq5+DH*AOR8}0TLhq z5+H$Rhk$(lKb`qJg&#ghfCNZ@1W14cNPq-LfCNZ@1W14cj+wxR!vm?ase30z^Py*3 z&YP2aZ|0`n{Als^^@WMmxydWHue|%qAAGpBGUa|ldsAy4eIvJZH@ABCz5IJSd++X4 zmP#Kiu1#LKvo^nK{mO;4)urObjqAm=3%B_9|BhL)9G(P7fCNZ@1W14cNPq-LfCNZ@ z1fBu`-v9p;Aae*3AOR8}0TLhq5+DH*AOR8}0TMW70<8a!SpgiL1W14cNPq-LfCNZ@ z1W14cNPq;M0s+?lPXRKAAOR8}0TLhq5+DH*AOR8}0TLjAV{Q|0wh2JBtQZrKmsH{0wh2J$4r3r z|1m3o!;=6BkN^pg011!)36KB@kN^pgz*8V_I`hA&;enr~Ui$OQADw>f)Zd)CHT>hD zZx5Y6xjFdn13w-3gT8<0|6ZT&{jc7e=|4@+q`pkOga7y-0TLhq5+DH*c$NuR!~G-E z=hDAnJ7vAQxbV?Nex^8gZEAAi^8A&#iK)p#-SvZwz}oUp71oOR^`cr_Stx#_j%un_ zS5(qmT{MSwIeUL_aA4%zx%8)2U~N`)(jqw+YWBRIpI<5-(F2BDFTPt`Q!A_MYURe# z(wLG7ZP?`_K6!s_aXG(sQ@vNb8P6bTo*h$#)s^e(YkBmjuDy3iSaof6t+@E^ik#gN zK&=(871xR@h2nKHJ9QCKiLeXBr6PzF^4AObg`%0>f;3$-f-J5qt}o`7mTs!W<>lhS zBH(o!|H{Jb{N-!&mpjLA3Yl#mU*3EC@w2(1{*mIjbjqmP|F~)gdcz6>*Sy|HG_sLP z4u@}^goT_*-%TuJI)5cUQ@FA)IXhikn3%mHO$QGd$H7*yaR965R_rRYm;GdCU|{6T zne?ZtiDgJC<}q?Pd|l8ySX3`fxMMR{94 z54IK6w%WHVxO4)xb3Xl>hlYv0OY5}$uEWG_4-F%p30CxeU;oHkZ>4V<8*19LuRjj8 zQ_=@sp6IZw10P;=tePIfnc4eq^bU-iKcD{Yfa$X}$<|R{M^CNyAKg+TDUPt1huUzv zi5_9XofZ`MbdIo5*PXVf5Rs) zrZRu{(qEqXzf*sGYI*n{hx3Eq8+_yB5AZf0BtQZrKmsH{0xvLuy|1HW$ffU{O>%jZ zfBET|;zVv{K0lRPn6GKy*UpyqHsr|K(*DSyoc`cBlG7hPPhBkQs*R+}q*U3xGu?(R zPR%dOZU3|Uk(D6ClhPHMryDA$M$mX(lUyFu5b4coI^RrV^GuI{#4}GTV(D6Cl zhDOa2>J2GFviC<{9T>^w(x2{`66EkGhu?XvBcDC|`6HJmn{Ihe6_!@#+fvUZ755JO0C9#Q0# z+^Xw!Z;-9O0^=P`-+Lu7-nrSyxvBZW^wjL!M1Ce;Y!+kDudf}l+k?%;ZaYp%YJF@J zZ0R6df4SR;lf~KTYcrF%j?-W1I%3?s`-r|9dL^Bm%k+;dk9Mn$I!42$R@nGRKUe3Sr)rjw{Qw#c!VR|M#Y&)W!5VKAz+}viE-N^uWm3v+4V#or?&f`taYl(?tHvqoNUvcKD3nL zjr_Q&SxU0i6Zs-}mfbU{|I>p%OyP$Q5+DH*AOR8}0TLjA=Yqg*zn&gUrDuQd#Nf%3 z!)uNGnmwj!$XPdS?I_ExHTD;)s<9tfcA!E>D<{N3-Licfn;>J#ZTy9j>=Z3rTMqn^ z?F4qUYT^7qmEEwU4^RL$CQ?23);2X))>%C<8G z5!6m&-?L3o069FXEGKA%{iJf}VGK-Ft4bBq@NwN5H8iH-kEU>fm4k9)ziOATw;`y;PY<0Qy6%Q$ zOD1fEs%BSh9m=#yT5Vf9m?e&(gWWM@G^VUNCJ_eXs->%)#uow385P8(ZC#ToY*sA? z$3{kcfG%(izbeYs_7*VuIFy>u#t4o5QWdx4Kyy%LShF3OyENE=7+ZQ=UB|rlbhs2PGI7zni$NkXum~ty;li&|Hq19Y%c!R|Y6XGqSc04O$-rPza=Y1 zV8*Tf_IDviJT%0_YJrV`MLaMXMiPjPK!Q%0#}vfC+7S88Y69KZz?xIDostLMSfytD znWZdlrx-1~L~fuH$A$@Dg3~W%q<2AgGb&=EWL@LvA<*0#k0V%T!+!L z)DAs*uzzi!!*OAU088Jlp*5y19m7{tFpM}g(A)u;$R-7hX$7&djP{^aPc(=5-G+9J z^x{E17jKFZqz8!EGAx-o-tgfc8~ct8D;YQSf8Xz<@WTfQkN^oBGl2(pdXTSv^N-I- zzPfB7ydWBx2yW7Z1=q7J2Z34~Dcr0^*n*oA?~lYFc7Nh;EnJL5=yY~;)vY5FlRU1K zWgs7@*^SQ;=8$qC0~}W-Qko!xyaoYgU-H-}3dG%;Y;;^Tz9UyHRjKi3aG?m1$WC_< z-BdKUD7~(ki6Q7(HRK(-9^&)ZQ;(|^i7CF^WQkvBWb))H(yln8GBMhh;4bkpEKBh5 z5xtR9+PW+u{Dl*SZV5}h$x%RFgM-t>n{}CEMN3yo-438-EB?4Iii3Soa+gg>$j39BVH#1uV${DP$4Fd!uDkShttA`#Le z=}~GPjE-4*fDgqXB>UQj4MBX9Yyk(dXJo)ARg6KZ8YU>0Cy|PVHrks?#4rG0*Z`Ci z*E&&xZL+$iVI-N-n9-U@Aa^f{Cba{-+YVwj%vbE8snhjPA^;Q4_j>HXxf~1A27JB#*Mf+;U+6tu-y6^!K2TaMAM8cT9@QYG8V>P#3 zBqgpXSa9Q|A4n;HyX-q>gsesixU$3OJcmb#xmDF6&| zX+}rpuq5jc>q0xQ5M@;=C{v}7X)gZ+4pdmeZN)zBPKXvRW>A-P8`X~xO#FtFj6O7m z11QAP$U%V^c5CuPnIFc$SOLhRn>uu4InrEKy|Fe)06ksRkWNz4$SaMHW0h=MlGa7a z5RZlnIZ%AlZJ`Rn8IjJQZ=}{R1TRW|FTi53`lIAihQZV;;BM6g-Tt;dEM_uhS)jFfQY)p^3)lsQG2(wYfQLw-`f3ogtD!Tc&dpZQArWu9gpg z05U0hKuGE{sobCxe^eGt149_P=s#KjH_!yzJD`MVMU}V29^YWV9Sss>p$M39 zR6!zQ)TC!)@1zsQF!BtS*+EDjom1&Uzckwt;In*gmu)F`r5tj1@U6sCz$Bh!abV#-FF zQJbdQFlUJ**uXNI0n0HypqDC41UC$<#-E6tnGFdsD%h_PRSqi^SQ|jeT8<1~Y)J14 z8mJhGv$4`qfjZ_Uqa+x0#z+AoJ|Ws}`QbP-J7 zZ>uR~eVe)49%4!}!XQ&ow-eHK$3F(}eLx6M+ ziw25Z{w86 z1EN!qv+(6F*8j&`>u`7yAc0N-5AO7`{znXu?2Gk3>wnh&tp8d6n>{_`=!*3}b|zW> z!xU`XJR!TZtp8d6v;JrO-&scR6$y~QGf3dUoj%t8tp9oapV$AR+k$!hpV$ARdwN*^ z%gx}d|9SnN*Z<|lz4#hDumAJ<|1((WaLOb=0tX2^xO0N_KkI+i|E&L6|MUKT-v7`0 z|2=#+f%pIO{(s*8&-?!mmJ57M0wnMp5qNN?pY=cMf7bu3|5^XD{%8Hq`k(bbzyHtg N|KsmTJo)ec|3BhuVO9VD delta 63 zcmZp8z}~QcZGto_KLZ1U