Cadoles
/
ninegate
20
0
Fork 0
Code Issues 29 Pull Requests Projects 1 Releases Wiki Activity

fix role_admin route edispatcher/test

This commit is contained in:
Pierre Cadeot 2020-12-16 13:33:23 +04:00
parent f974047a61
commit 81520d0d7d
1 changed files with 22 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/ninegate-1.0/src/Cadoles/EdispatcherBundle/Controller/ApiController.php
View File

@ -69,16 +69,28 @@ class ApiController extends Controller
// Récupération UID
$username = \phpCAS::getUser();
$attributes = \phpCAS::getAttributes();
return $this->render('CadolesEdispatcherBundle:Test:test.html.twig',[
'useheader' => true,
'usemenu' => false,
'usesidebar' => false,
'attributes' => $attributes,
'groups' => $groups,
'username' => $username,
'datasource' => $datasource,
]);
if(isset($attributes[$this->getParameter('user_attr_cas_username')]))
$login = $attributes[$this->getParameter('user_attr_cas_username')];
$user=$em->getRepository('CadolesCoreBundle:User')->findOneBy(["username"=>$login]);
if(!$user) {
$output["error"]="user does not exist";
return new Response(json_encode($output), 400);
}
$roles=($user?$user->getRoles():["ROLE_ANONYME"]);
if (in_array("ROLE_ADMIN",$roles)) {
return $this->render('CadolesEdispatcherBundle:Test:test.html.twig',[
'useheader' => true,
'usemenu' => false,
'usesidebar' => false,
'attributes' => $attributes,
'groups' => $groups,
'username' => $username,
'datasource' => $datasource,
]);
} else {
$output["error"]="access not granted";
return new Response(json_encode($output), 403);
}
}