From 032391141da9e1c32a48f0a88b6083f891e57e93 Mon Sep 17 00:00:00 2001
From: Moreau Elise <moreau.elise13@gmail.com>
Date: Sat, 31 Oct 2020 11:25:00 +0100
Subject: [PATCH] check if userIs is set in session
---
public/assets/css/general.css | 2 +-
src/Application/Actions/Group/AddUserGroupAction.php | 10 +++++++++-
src/Application/Actions/Group/CreateGroupAction.php | 10 +++++++++-
src/Application/Actions/Group/DeleteGroupAction.php | 8 ++++++++
src/Application/Actions/Group/ListGroupsAction.php | 10 +++++++---
src/Application/Actions/Group/ViewModifyGroupForm.php | 10 +++++++++-
src/Application/Actions/User/LogInUserAction.php | 6 +++++-
7 files changed, 48 insertions(+), 8 deletions(-)
diff --git a/public/assets/css/general.css b/public/assets/css/general.css
index 5480be2..1ab3e5e 100644
--- a/public/assets/css/general.css
+++ b/public/assets/css/general.css
@@ -95,7 +95,7 @@ body, html {
}
#list {
- overflow:scroll;
+ overflow:scroll;
grid-row:2/5;
grid-column: 1/5;
}
diff --git a/src/Application/Actions/Group/AddUserGroupAction.php b/src/Application/Actions/Group/AddUserGroupAction.php
index c278acd..1a7fe7b 100755
--- a/src/Application/Actions/Group/AddUserGroupAction.php
+++ b/src/Application/Actions/Group/AddUserGroupAction.php
@@ -14,13 +14,21 @@ class AddUserGroupAction extends GroupAction
*/
protected function action(): Response
{
+ if(!isset($_SESSION['userId'])){
+ $this->flash->addMessage('login', 'Please log in or sign up.');
+
+ return $this->response
+ ->withHeader('Location', '/login')
+ ->withStatus(302);
+ }
+
$groupId = (int) $this->resolveArg('id');
$group = $this->groupRepository->find($groupId);
if (!isset($group)) {
throw new GroupNotFoundException();
}
-
+
$currentUser = $this->userRepository->find($_SESSION['userId']);
if ($group->hasUser($_SESSION['userId'])){
return $this->response
diff --git a/src/Application/Actions/Group/CreateGroupAction.php b/src/Application/Actions/Group/CreateGroupAction.php
index c43bcbd..058a3cd 100755
--- a/src/Application/Actions/Group/CreateGroupAction.php
+++ b/src/Application/Actions/Group/CreateGroupAction.php
@@ -15,8 +15,16 @@ class CreateGroupAction extends GroupAction
protected function action(): Response
{
$parsedRequestBody = (array)$this->request->getParsedBody();
- $currentUser = $this->em->getRepository('App\Domain\User\User')->find($_SESSION['userId']);
+ if(!isset($_SESSION['userId'])){
+ $this->flash->addMessage('login', 'Please log in or sign up.');
+
+ return $this->response
+ ->withHeader('Location', '/login')
+ ->withStatus(302);
+ }
+
+ $currentUser = $this->em->getRepository('App\Domain\User\User')->find($_SESSION['userId']);
$groupname = $parsedRequestBody['name'];
$description = $parsedRequestBody['description'];
$private = isset($parsedRequestBody['private']) ? 1 : 0;
diff --git a/src/Application/Actions/Group/DeleteGroupAction.php b/src/Application/Actions/Group/DeleteGroupAction.php
index ef6ccdd..e080aa2 100755
--- a/src/Application/Actions/Group/DeleteGroupAction.php
+++ b/src/Application/Actions/Group/DeleteGroupAction.php
@@ -14,6 +14,14 @@ class DeleteGroupAction extends GroupAction
*/
protected function action(): Response
{
+ if(!isset($_SESSION['userId'])){
+ $this->flash->addMessage('login', 'Please log in or sign up.');
+
+ return $this->response
+ ->withHeader('Location', '/login')
+ ->withStatus(302);
+ }
+
$groupId = (int) $this->resolveArg('id');
$group = $this->groupRepository->find($groupId);
diff --git a/src/Application/Actions/Group/ListGroupsAction.php b/src/Application/Actions/Group/ListGroupsAction.php
index 6708292..7ed27ea 100755
--- a/src/Application/Actions/Group/ListGroupsAction.php
+++ b/src/Application/Actions/Group/ListGroupsAction.php
@@ -12,12 +12,16 @@ class ListGroupsAction extends GroupAction
*/
protected function action(): Response
{
+
$query = $this->em->createQueryBuilder();
$query->select('g')
- ->from('App\Domain\Group\Group', 'g')
- ->where('g.private = 0')
- ->orWhere(':user_id MEMBER OF g.users')
+ ->from('App\Domain\Group\Group', 'g')
+ ->where('g.private = 0');
+
+ if(isset($_SESSION['userId'])){
+ $query->orWhere(':user_id MEMBER OF g.users')
->setParameters(array(':user_id' => $_SESSION['userId']));
+ }
$groups = $query->getQuery()->getResult();
diff --git a/src/Application/Actions/Group/ViewModifyGroupForm.php b/src/Application/Actions/Group/ViewModifyGroupForm.php
index 9136da7..e961c83 100644
--- a/src/Application/Actions/Group/ViewModifyGroupForm.php
+++ b/src/Application/Actions/Group/ViewModifyGroupForm.php
@@ -12,7 +12,15 @@ class ViewModifyGroupForm extends GroupAction
* {@inheritdoc}
*/
protected function action(): Response
- {
+ {
+ if(!isset($_SESSION['userId'])){
+ $this->flash->addMessage('login', 'Please log in or sign up.');
+
+ return $this->response
+ ->withHeader('Location', '/login')
+ ->withStatus(302);
+ }
+
$parsedRequestBody = (array)$this->request->getParsedBody();
$groupId = (int) $this->resolveArg('id');
diff --git a/src/Application/Actions/User/LogInUserAction.php b/src/Application/Actions/User/LogInUserAction.php
index 63e2e73..69a1c05 100644
--- a/src/Application/Actions/User/LogInUserAction.php
+++ b/src/Application/Actions/User/LogInUserAction.php
@@ -20,7 +20,11 @@ class LogInUserAction extends UserAction
$user = $this->userRepository->findOneBy(array('username' => $username));
if (!isset($user)) {
- throw new UserNotFoundException();
+ $this->flash->addMessage('signup', 'Please sign up.');
+
+ return $this->response
+ ->withHeader('Location', '/signup')
+ ->withStatus(302);
}
if (!password_verify($password, $user->getPassword())) {
--
GitLab