Merge branch 'main' of https://github.com/MohcineProject/Wishlist-application

config/packages/security.yaml

@@ -25,7 +25,17 @@ security:
                 secret: '%kernel.secret%'
 
     access_control:
+        # Allow access to /login without being authenticated
+        - { path: ^/login, allow_if: "1" }
+        
+        # Allow users who are admins to access the /admin path
         - { path: ^/admin, allow_if: "user and user.isAdmin() == true" }
+        
+        # Allow users who are not locked to access other pages
+        - { path: ^/.*, allow_if: "user and user.isLocked() != true" }
+        
+        # Allow all authenticated users to access other routes (outside /admin or /login)
+        - { path: ^/, allow_if: "user" }
 
 when@test:
     security:

src/Controller/WishlistController.php

@@ -14,56 +14,54 @@ use Symfony\Component\Routing\Attribute\Route;
 #[Route('/wishlist')]
 final class WishlistController extends AbstractController
 {
+    // Method to display all wishlists for the currently logged-in user
     #[Route(name: 'app_wishlist_index', methods: ['GET'])]
     public function getWishLists(WishlistRepository $wishlistRepository): Response
     {
-        $user = $this->getUser() ; 
-
+        $user = $this->getUser(); // Get the currently authenticated user
 
         return $this->render('wishlist/index.html.twig', [
-            'wishlists' => $user->getWishlists()
+            'wishlists' => $user->getWishlists()->toArray() // Pass the user's wishlists to the template
         ]);
     }
 
+    // Method to create a new wishlist
     #[Route('/new', name: 'app_wishlist_new', methods: ['GET', 'POST'])]
     public function createWishlist(Request $request, EntityManagerInterface $entityManager): Response
     {
-        $wishlist = new Wishlist();
-        $form = $this->createForm(WishlistType::class, $wishlist);
-        $form->handleRequest($request);
+        $wishlist = new Wishlist(); // Create a new Wishlist entity
+        $form = $this->createForm(WishlistType::class, $wishlist); // Create a form for the Wishlist entity
+        $form->handleRequest($request); // Handle the form submission
 
         if ($form->isSubmitted() && $form->isValid()) {
-            $entityManager->persist($wishlist);
-            $entityManager->flush();
+            $entityManager->persist($wishlist); // Persist the new wishlist to the database
+            $entityManager->flush(); // Save changes to the database
 
-            return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER);
+            return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER); // Redirect to the wishlist index page
         }
 
         return $this->render('wishlist/new.html.twig', [
-            'wishlists' => $wishlist,
-            'form' => $form,
-        ]); 
-        
-
+            'wishlist' => $wishlist, // Pass the wishlist entity to the template
+            'form' => $form, // Pass the form to the template
+        ]);
     }
 
+    // Method to display a specific wishlist
     #[Route('/{id}', name: 'app_wishlist_show', methods: ['GET'])]
     public function show(Wishlist $wishlist): Response
     {
         return $this->render('wishlist/show.html.twig', [
-            'wishlist' => $wishlist,
+            'wishlist' => $wishlist, // Pass the wishlist entity to the template
         ]);
     }
 
+    // Method to edit an existing wishlist
     #[Route('/{id}/edit', name: 'app_wishlist_edit', methods: ['GET', 'POST'])]
     public function edit(Request $request, Wishlist $wishlist, EntityManagerInterface $entityManager): Response
     {
-        $wishlist->setName($request->get('name'));
-        $wishlist->setDeadline($request->get('deadline')) ; 
-        $entityManager->persist($wishlist);
-        $entityManager->flush();
-        return new Response('wishlist was modified successfully ', Response::HTTP_ACCEPTED) ;
-/*         $form = $this->createForm(WishlistType::class, $wishlist);
+       
+        
+        $form = $this->createForm(WishlistType::class, $wishlist);
         $form->handleRequest($request);
 
         if ($form->isSubmitted() && $form->isValid()) {
@@ -75,31 +73,20 @@ final class WishlistController extends AbstractController
         return $this->render('wishlist/edit.html.twig', [
             'wishlist' => $wishlist,
             'form' => $form,
-        ]); */
+        ]);
+        
     }
 
+    // Method to delete a wishlist
     #[Route('/{id}', name: 'app_wishlist_delete', methods: ['POST'])]
     public function delete(Request $request, Wishlist $wishlist, EntityManagerInterface $entityManager): Response
     {
+        // Validate the CSRF token before deleting the wishlist
         if ($this->isCsrfTokenValid('delete'.$wishlist->getId(), $request->getPayload()->getString('_token'))) {
-            $entityManager->remove($wishlist);
-            $entityManager->flush();
+            $entityManager->remove($wishlist); // Remove the wishlist from the database
+            $entityManager->flush(); // Save changes to the database
         }
 
-        return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER);
+        return $this->redirectToRoute('app_wishlist_index', [], Response::HTTP_SEE_OTHER); // Redirect to the wishlist index page
     }
-
-
+}
\ No newline at end of file
-}
-
-
-/* 
-        $wishlist = new Wishlist();
-        $name = $request->get(key: 'name');
-        $wishlist->setName(name: $name); 
-        $deadline = $request->get('deadline') ; 
-        $wishlist->setDeadline($deadline);
-        $this->getUser()->addToAuthorWhishlists($wishlist);
-        $entityManager->persist($wishlist);
-        $entityManager->persist($this->getUser()) ;
-        $entityManager->flush(); */
\ No newline at end of file