From ea06ee4cfe2cfa68991344ad8551ca61d63c44f4 Mon Sep 17 00:00:00 2001
From: rem <remi.arnal@etu.uca.fr>
Date: Fri, 14 Jun 2024 10:28:03 +0200
Subject: [PATCH] fix update just if ressource is owned by user

---
 src/Controller/PostController.php |   8 +++++++-
 var/data.db                       | Bin 114688 -> 114688 bytes
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/Controller/PostController.php b/src/Controller/PostController.php
index e4c6795..55087ea 100644
--- a/src/Controller/PostController.php
+++ b/src/Controller/PostController.php
@@ -11,7 +11,6 @@ use App\Entity\Post;
 use App\Form\Type\PostType;
 use App\Form\CommentType;
 use App\Form\Type\SimpleSearchType;
-use phpDocumentor\Reflection\DocBlock\Tags\Return_;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 
 class PostController extends AbstractController
@@ -100,6 +99,13 @@ class PostController extends AbstractController
         $post = $this->em->getRepository(Post::class)->find($id);
         $form = $this->createForm(PostType::class, $post);
 
+        if ($this->getUser() !== $post->getProfil())
+        {
+            return $this->redirectToRoute('display_post', [
+                'id' => $id
+            ]);
+        }
+
         $form->handleRequest($request);
         if ($form->isSubmitted() && $form->isValid()) {
             //$dateNow = new DateTime();
diff --git a/var/data.db b/var/data.db
index eee60a9d072da0c80f0b999b278b4efb9ae2da78..30fbbfc2e3d6b26690c4671d7483f82db2e377d8 100644
GIT binary patch
delta 55
zcmZo@U~gz(pCHX>HBrWy(W)_FYXal4ezvI$OjDWCH#T-MvCqn2;$q<Ro<469qcW3%
L;`W1+80~cd+>sEn

delta 52
zcmZo@U~gz(pCHX>IZ?)$(XugNYXal4ezxfhOw*atH#T-NvCm3l;$q-*pFU?2qw@BH
IlNjxF0kDw}YXATM