Merge branch 'main' of https://github.com/MohcineProject/Wishlist-application

dd31259d · user · 00b332b8 · 8a07b911 · dd31259d · dd31259d
Commit dd31259d authored 2 months ago by user
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -25,7 +25,17 @@ security:
                secret: '%kernel.secret%'

    access_control:
+        # Allow access to /login without being authenticated
+        - { path: ^/login, allow_if: "1" }
+        
+        # Allow users who are admins to access the /admin path
        - { path: ^/admin, allow_if: "user and user.isAdmin() == true" }
+        
+        # Allow users who are not locked to access other pages
+        - { path: ^/.*, allow_if: "user and user.isLocked() != true" }
+        
+        # Allow all authenticated users to access other routes (outside /admin or /login)
+        - { path: ^/, allow_if: "user" }

 when@test:
    security:

--- a/src/Controller/WishlistController.php
+++ b/src/Controller/WishlistController.php
@@ -14,56 +14,54 @@ use Symfony\Component\Routing\Attribute\Route;
 #[Route('/wishlist')]
 final class WishlistController extends AbstractController
 {
+    // Method to display all wishlists for the currently logged-in user
    #[Route(name: 'app_wishlist_index', methods: ['GET'])]
    public function getWishLists(WishlistRepository $wishlistRepository): Response
    {
-        $user = $this->getUser() ; 
-
+        $user = $this->getUser(); // Get the currently authenticated user

        return $this->render('wishlist/index.html.twig', [
-            'wishlists' => $user->getWishlists()
+            'wishlists' => $user->getWishlists()->toArray() // Pass the user's wishlists to the template
        ]);
    }

+    // Method to create a new wishlist
    #[Route('/new', name: 'app_wishlist_new', methods: ['GET', 'POST'])]
    public function createWishlist(Request $request, EntityManagerInterface $entityManager): Response
    {
-        $wishlist = new Wishlist();
-        $form = $this->createForm(WishlistType::class, $wishlist);
-        $form->handleRequest($request);
+        $wishlist = new Wishlist(); // Create a new Wishlist entity
+        $form = $this->createForm(WishlistType::class, $wishlist); // Create a form for the Wishlist entity
+        $form->handleRequest($request); // Handle the form submission

        if ($form->isSubmitted() && $form->isValid()) {
-            $entityManager->persist($wishlist);
-            $entityManager->flush();
+            $entityManager->persist($wishlist); // Persist the new wishlist to the database
+            $entityManager->flush(); // Save changes to the database

-            return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER);
+            return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER); // Redirect to the wishlist index page
        }

        return $this->render('wishlist/new.html.twig', [
-            'wishlists' => $wishlist,
-            'form' => $form,
-        ]); 
-        
-
+            'wishlist' => $wishlist, // Pass the wishlist entity to the template
+            'form' => $form, // Pass the form to the template
+        ]);
    }

+    // Method to display a specific wishlist
    #[Route('/{id}', name: 'app_wishlist_show', methods: ['GET'])]
    public function show(Wishlist $wishlist): Response
    {
        return $this->render('wishlist/show.html.twig', [
-            'wishlist' => $wishlist,
+            'wishlist' => $wishlist, // Pass the wishlist entity to the template
        ]);
    }

+    // Method to edit an existing wishlist
    #[Route('/{id}/edit', name: 'app_wishlist_edit', methods: ['GET', 'POST'])]
    public function edit(Request $request, Wishlist $wishlist, EntityManagerInterface $entityManager): Response
    {
-        $wishlist->setName($request->get('name'));
-        $wishlist->setDeadline($request->get('deadline')) ; 
-        $entityManager->persist($wishlist);
-        $entityManager->flush();
-        return new Response('wishlist was modified successfully ', Response::HTTP_ACCEPTED) ;
-/*         $form = $this->createForm(WishlistType::class, $wishlist);
+       
+        
+        $form = $this->createForm(WishlistType::class, $wishlist);
        $form->handleRequest($request);

        if ($form->isSubmitted() && $form->isValid()) {
@@ -75,31 +73,20 @@ final class WishlistController extends AbstractController
        return $this->render('wishlist/edit.html.twig', [
            'wishlist' => $wishlist,
            'form' => $form,
-        ]); */
+        ]);
+        
    }

+    // Method to delete a wishlist
    #[Route('/{id}', name: 'app_wishlist_delete', methods: ['POST'])]
    public function delete(Request $request, Wishlist $wishlist, EntityManagerInterface $entityManager): Response
    {
+        // Validate the CSRF token before deleting the wishlist
        if ($this->isCsrfTokenValid('delete'.$wishlist->getId(), $request->getPayload()->getString('_token'))) {
-            $entityManager->remove($wishlist);
-            $entityManager->flush();
+            $entityManager->remove($wishlist); // Remove the wishlist from the database
+            $entityManager->flush(); // Save changes to the database
        }

-        return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER);
+        return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER); // Redirect to the wishlist index page
    }
-
-
-}
-
-
-/* 
-        $wishlist = new Wishlist();
-        $name = $request->get(key: 'name');
-        $wishlist->setName(name: $name); 
-        $deadline = $request->get('deadline') ; 
-        $wishlist->setDeadline($deadline);
-        $this->getUser()->addToAuthorWhishlists($wishlist);
-        $entityManager->persist($wishlist);
-        $entityManager->persist($this->getUser()) ;
-        $entityManager->flush(); */
\ No newline at end of file
+}
\ No newline at end of file