diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 730a51d59c5f378a09e2851542bc18acce65cccc..e8608e366d558d2bfd380de1419fb0a6242e437c 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -25,8 +25,17 @@ security:
secret: '%kernel.secret%'
access_control:
- - { path: ^/admin, allow_if: "user and user.isAdmin == true" }
- - { path: ^/*, allow_if: "user and user.isLocked != true" }
+ # Allow access to /login without being authenticated
+ - { path: ^/login, allow_if: "1" }
+
+ # Allow users who are admins to access the /admin path
+ - { path: ^/admin, allow_if: "user and user.isAdmin() == true" }
+
+ # Allow users who are not locked to access other pages
+ - { path: ^/.*, allow_if: "user and user.isLocked() != true" }
+
+ # Allow all authenticated users to access other routes (outside /admin or /login)
+ - { path: ^/, allow_if: "user" }
when@test:
security:
diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php
index 46f72b7833b2f63c6981725a44e6c4017a8d6d27..43867d81832ed79066e2ce02306a8bda7a4a6538 100644
--- a/src/Controller/RegistrationController.php
+++ b/src/Controller/RegistrationController.php
@@ -22,7 +22,7 @@ class RegistrationController extends AbstractController
if ($form->isSubmitted() && $form->isValid()) {
// Hacher le mot de passe
- $hashedPassword = $passwordHasher->hashPassword($user, $form->get('plainPassword')->getData());
+ $hashedPassword = $passwordHasher->hashPassword($user, $form->get('password')->getData());
$user->setPassword($hashedPassword);
// Sauvegarder l'utilisateur
diff --git a/src/Controller/WishlistController.php b/src/Controller/WishlistController.php
index 7e1d571ad2b47914f1667103dbf12cc6a7ec0576..e7442f82f3af926c38b4f018fee36523765035f0 100644
--- a/src/Controller/WishlistController.php
+++ b/src/Controller/WishlistController.php
@@ -14,56 +14,54 @@ use Symfony\Component\Routing\Attribute\Route;
#[Route('/wishlist')]
final class WishlistController extends AbstractController
{
+ // Method to display all wishlists for the currently logged-in user
#[Route(name: 'app_wishlist_index', methods: ['GET'])]
public function getWishLists(WishlistRepository $wishlistRepository): Response
{
- $user = $this->getUser() ;
-
+ $user = $this->getUser(); // Get the currently authenticated user
return $this->render('wishlist/index.html.twig', [
- 'wishlists' => $user->getWishlists()->toArray()
+ 'wishlists' => $user->getWishlists()->toArray() // Pass the user's wishlists to the template
]);
}
+ // Method to create a new wishlist
#[Route('/new', name: 'app_wishlist_new', methods: ['GET', 'POST'])]
public function createWishlist(Request $request, EntityManagerInterface $entityManager): Response
{
- $wishlist = new Wishlist();
- $form = $this->createForm(WishlistType::class, $wishlist);
- $form->handleRequest($request);
+ $wishlist = new Wishlist(); // Create a new Wishlist entity
+ $form = $this->createForm(WishlistType::class, $wishlist); // Create a form for the Wishlist entity
+ $form->handleRequest($request); // Handle the form submission
if ($form->isSubmitted() && $form->isValid()) {
- $entityManager->persist($wishlist);
- $entityManager->flush();
+ $entityManager->persist($wishlist); // Persist the new wishlist to the database
+ $entityManager->flush(); // Save changes to the database
- return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER);
+ return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER); // Redirect to the wishlist index page
}
return $this->render('wishlist/new.html.twig', [
- 'wishlist' => $wishlist,
- 'form' => $form,
- ]);
-
-
+ 'wishlist' => $wishlist, // Pass the wishlist entity to the template
+ 'form' => $form, // Pass the form to the template
+ ]);
}
+ // Method to display a specific wishlist
#[Route('/{id}', name: 'app_wishlist_show', methods: ['GET'])]
public function show(Wishlist $wishlist): Response
{
return $this->render('wishlist/show.html.twig', [
- 'wishlist' => $wishlist,
+ 'wishlist' => $wishlist, // Pass the wishlist entity to the template
]);
}
+ // Method to edit an existing wishlist
#[Route('/{id}/edit', name: 'app_wishlist_edit', methods: ['GET', 'POST'])]
public function edit(Request $request, Wishlist $wishlist, EntityManagerInterface $entityManager): Response
{
- $wishlist->setName($request->get('name'));
- $wishlist->setDeadline($request->get('deadline')) ;
- $entityManager->persist($wishlist);
- $entityManager->flush();
- return new Response('wishlist was modified successfully ', Response::HTTP_ACCEPTED) ;
-/* $form = $this->createForm(WishlistType::class, $wishlist);
+
+
+ $form = $this->createForm(WishlistType::class, $wishlist);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
@@ -75,31 +73,20 @@ final class WishlistController extends AbstractController
return $this->render('wishlist/edit.html.twig', [
'wishlist' => $wishlist,
'form' => $form,
- ]); */
+ ]);
+
}
+ // Method to delete a wishlist
#[Route('/{id}', name: 'app_wishlist_delete', methods: ['POST'])]
public function delete(Request $request, Wishlist $wishlist, EntityManagerInterface $entityManager): Response
{
+ // Validate the CSRF token before deleting the wishlist
if ($this->isCsrfTokenValid('delete'.$wishlist->getId(), $request->getPayload()->getString('_token'))) {
- $entityManager->remove($wishlist);
- $entityManager->flush();
+ $entityManager->remove($wishlist); // Remove the wishlist from the database
+ $entityManager->flush(); // Save changes to the database
}
- return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER);
+ return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER); // Redirect to the wishlist index page
}
-
-
-}
-
-
-/*
- $wishlist = new Wishlist();
- $name = $request->get(key: 'name');
- $wishlist->setName(name: $name);
- $deadline = $request->get('deadline') ;
- $wishlist->setDeadline($deadline);
- $this->getUser()->addToAuthorWhishlists($wishlist);
- $entityManager->persist($wishlist);
- $entityManager->persist($this->getUser()) ;
- $entityManager->flush(); */
\ No newline at end of file
+}
\ No newline at end of file