From 3a44d42168319e284bc6992e0d344fe2b6284f4c Mon Sep 17 00:00:00 2001
From: Jannis Portmann <jannis@thisfro.ch>
Date: Sun, 16 May 2021 15:33:53 +0200
Subject: [PATCH] add flash only if correct user and redirect then

---
 src/Controller/OfferController.php | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/Controller/OfferController.php b/src/Controller/OfferController.php
index 49d260a..b1a1d67 100644
--- a/src/Controller/OfferController.php
+++ b/src/Controller/OfferController.php
@@ -130,12 +130,14 @@ class OfferController extends AbstractController
         {
                 $this->entityManager->remove($offer);
                 $this->entityManager->flush();
-            } 
+                $this->addFlash(
+                    'success','Successfully removed offer!'
+                );
+    
+                return $this->redirectToRoute('user_page');    
+        } 
 
-            $this->addFlash(
-                'success','Successfully removed offer!'
-            );
-            
-            return $this->redirectToRoute('user_page');
-        }
+        throw new HttpException(403, "No permission");
+        
+    }
 }