Commit 03239114 authored by Moreau Elise's avatar Moreau Elise
Browse files

check if userIs is set in session

parent 1215fde1
......@@ -95,7 +95,7 @@ body, html {
}
#list {
overflow:scroll;
overflow:scroll;
grid-row:2/5;
grid-column: 1/5;
}
......
......@@ -14,13 +14,21 @@ class AddUserGroupAction extends GroupAction
*/
protected function action(): Response
{
if(!isset($_SESSION['userId'])){
$this->flash->addMessage('login', 'Please log in or sign up.');
return $this->response
->withHeader('Location', '/login')
->withStatus(302);
}
$groupId = (int) $this->resolveArg('id');
$group = $this->groupRepository->find($groupId);
if (!isset($group)) {
throw new GroupNotFoundException();
}
$currentUser = $this->userRepository->find($_SESSION['userId']);
if ($group->hasUser($_SESSION['userId'])){
return $this->response
......
......@@ -15,8 +15,16 @@ class CreateGroupAction extends GroupAction
protected function action(): Response
{
$parsedRequestBody = (array)$this->request->getParsedBody();
$currentUser = $this->em->getRepository('App\Domain\User\User')->find($_SESSION['userId']);
if(!isset($_SESSION['userId'])){
$this->flash->addMessage('login', 'Please log in or sign up.');
return $this->response
->withHeader('Location', '/login')
->withStatus(302);
}
$currentUser = $this->em->getRepository('App\Domain\User\User')->find($_SESSION['userId']);
$groupname = $parsedRequestBody['name'];
$description = $parsedRequestBody['description'];
$private = isset($parsedRequestBody['private']) ? 1 : 0;
......
......@@ -14,6 +14,14 @@ class DeleteGroupAction extends GroupAction
*/
protected function action(): Response
{
if(!isset($_SESSION['userId'])){
$this->flash->addMessage('login', 'Please log in or sign up.');
return $this->response
->withHeader('Location', '/login')
->withStatus(302);
}
$groupId = (int) $this->resolveArg('id');
$group = $this->groupRepository->find($groupId);
......
......@@ -12,12 +12,16 @@ class ListGroupsAction extends GroupAction
*/
protected function action(): Response
{
$query = $this->em->createQueryBuilder();
$query->select('g')
->from('App\Domain\Group\Group', 'g')
->where('g.private = 0')
->orWhere(':user_id MEMBER OF g.users')
->from('App\Domain\Group\Group', 'g')
->where('g.private = 0');
if(isset($_SESSION['userId'])){
$query->orWhere(':user_id MEMBER OF g.users')
->setParameters(array(':user_id' => $_SESSION['userId']));
}
$groups = $query->getQuery()->getResult();
......
......@@ -12,7 +12,15 @@ class ViewModifyGroupForm extends GroupAction
* {@inheritdoc}
*/
protected function action(): Response
{
{
if(!isset($_SESSION['userId'])){
$this->flash->addMessage('login', 'Please log in or sign up.');
return $this->response
->withHeader('Location', '/login')
->withStatus(302);
}
$parsedRequestBody = (array)$this->request->getParsedBody();
$groupId = (int) $this->resolveArg('id');
......
......@@ -20,7 +20,11 @@ class LogInUserAction extends UserAction
$user = $this->userRepository->findOneBy(array('username' => $username));
if (!isset($user)) {
throw new UserNotFoundException();
$this->flash->addMessage('signup', 'Please sign up.');
return $this->response
->withHeader('Location', '/signup')
->withStatus(302);
}
if (!password_verify($password, $user->getPassword())) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment