thisfro/pflaenz.li-Symfony
Archived
1
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases 3 Wiki Activity

Throw error if the offer is not yours

Browse source
This commit is contained in:
Jannis Portmann 2021-05-09 17:53:41 +02:00
parent 9fac9e6607
commit a0576fc1cd
1 changed files with 28 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/Controller/OfferController.php
View file

@ -13,6 +13,7 @@ use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Symfony\Component\Routing\Annotation\Route;
use Twig\Environment;
@ -86,7 +87,8 @@ class OfferController extends AbstractController
{
$form = $this->createForm(OfferingFormType::class, $offer);
$user = $this->getUser();
if ($offer->getByUser() === $user)
{
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
@ -115,4 +117,7 @@ class OfferController extends AbstractController
'offer_form' => $form->createView(),
]);
}
throw new HttpException(403, "No permisison");
}
}