From 50a4eba89581cdb640ce1f524006b86ba6f87e95 Mon Sep 17 00:00:00 2001 From: matheu Date: Wed, 9 Aug 2023 23:34:53 -0300 Subject: [PATCH 1/5] Added privileges and access - access: register admin only with 'ROLE_NORMAL_USER' - privilege: normal user (crud) {'update':'edit', 'read':'show'} - assess: public access to home - privilege: admin (crud) {'create':'new', 'read':'show', 'update':'edit', 'delete':'delete'} --- config/packages/security.yaml | 5 +++-- src/Controller/HomeController.php | 9 ++++---- src/Controller/LoginController.php | 2 +- src/Controller/RegistrationController.php | 2 +- templates/home/index.html.twig | 26 +++++++++++++++++------ templates/login/login.html.twig | 12 ++--------- 6 files changed, 31 insertions(+), 25 deletions(-) diff --git a/config/packages/security.yaml b/config/packages/security.yaml index e12cd46..f5e11dd 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -35,8 +35,9 @@ security: # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: - # - { path: ^/admin, roles: ROLE_ADMIN } - - { path: ^/home, roles: ROLE_NORMAL_USER } + - { path: ^/(new|delete), roles: ROLE_ADMIN } + - { path: ^/(edit|register/admin), roles: ROLE_NORMAL_USER } + - { path: ^/(home|show), roles: PUBLIC_ACCESS } when@test: security: diff --git a/src/Controller/HomeController.php b/src/Controller/HomeController.php index d24fc7c..8d3ab67 100644 --- a/src/Controller/HomeController.php +++ b/src/Controller/HomeController.php @@ -12,10 +12,9 @@ use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Security\Http\Attribute\IsGranted; -#[Route('/home')] class HomeController extends AbstractController { - #[Route('/', name: 'app_home_index', methods: ['GET'])] + #[Route(['/home', '/'], name: 'app_home_index', methods: ['GET'])] public function index(ProdutoRepository $produtoRepository): Response { return $this->render('home/index.html.twig', [ @@ -43,7 +42,7 @@ public function new(Request $request, EntityManagerInterface $entityManager): Re ]); } - #[Route('/{id}', name: 'app_home_show', methods: ['GET'])] + #[Route('/show/{id}', name: 'app_home_show', methods: ['GET'])] public function show(Produto $produto): Response { return $this->render('home/show.html.twig', [ @@ -51,7 +50,7 @@ public function show(Produto $produto): Response ]); } - #[Route('/{id}/edit', name: 'app_home_edit', methods: ['GET', 'POST'])] + #[Route('/edit/{id}', name: 'app_home_edit', methods: ['GET', 'POST'])] public function edit(Request $request, Produto $produto, EntityManagerInterface $entityManager): Response { $form = $this->createForm(ProdutoType::class, $produto); @@ -69,7 +68,7 @@ public function edit(Request $request, Produto $produto, EntityManagerInterface ]); } - #[Route('/{id}', name: 'app_home_delete', methods: ['POST'])] + #[Route('/delete/{id}', name: 'app_home_delete', methods: ['POST'])] public function delete(Request $request, Produto $produto, EntityManagerInterface $entityManager): Response { if ($this->isCsrfTokenValid('delete'.$produto->getId(), $request->request->get('_token'))) { diff --git a/src/Controller/LoginController.php b/src/Controller/LoginController.php index efec1af..019233a 100644 --- a/src/Controller/LoginController.php +++ b/src/Controller/LoginController.php @@ -9,7 +9,7 @@ class LoginController extends AbstractController { - #[Route(path:['/', 'login'], name: 'app_login')] + #[Route(path: 'login', name: 'app_login')] public function login(AuthenticationUtils $authenticationUtils): Response { // get the login error if there is one diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php index d7165d4..3bbd0c5 100644 --- a/src/Controller/RegistrationController.php +++ b/src/Controller/RegistrationController.php @@ -27,7 +27,7 @@ public function __construct(EmailVerifier $emailVerifier) $this->emailVerifier = $emailVerifier; } - #[Route('/register', name: 'app_register')] + #[Route('/register/{role}', name: 'app_register')] public function register(Request $request, UserPasswordHasherInterface $userPasswordHasher, EntityManagerInterface $entityManager): Response { $user = new User(); diff --git a/templates/home/index.html.twig b/templates/home/index.html.twig index 1c75dd4..cee66a9 100644 --- a/templates/home/index.html.twig +++ b/templates/home/index.html.twig @@ -4,14 +4,17 @@ {% block body %} + +

Produto index

{% if app.user %}
- You are logged in as {{ app.user.userIdentifier }}, Logout + You are logged in as {{ app.user.userIdentifier }}, Logout?
+ {% else %} + Register to more privileges:
+ {% endif %} -

Produto index

- @@ -30,8 +33,14 @@ {% else %} @@ -43,7 +52,12 @@
{{ produto.amount }} {{ produto.datetime ? produto.datetime|date('Y-m-d H:i:s') : '' }} - show - edit +
+ + {% if app.user %} + {% if app.user.roles.0 in ["ROLE_NORMAL_USER", "ROLE_ADMIN"] %} + + {% endif %} + {% endif %} +
{% if app.user %} - + {% if app.user.roles.0 == "ROLE_ADMIN" %} + + {% elseif app.user.roles.0 == "ROLE_NORMAL_USER" %} + you can become admin for more privileges:
+ + {% endif %} {% endif %} {% endblock %} diff --git a/templates/login/login.html.twig b/templates/login/login.html.twig index d47136a..df1c14f 100644 --- a/templates/login/login.html.twig +++ b/templates/login/login.html.twig @@ -19,12 +19,6 @@
{{ error.messageKey|trans(error.messageData, 'security') }}
{% endif %} - {% if app.user %} -
- You are logged in as {{ app.user.userIdentifier }}, Logout -
- {% endif %} -

Please sign in

@@ -52,10 +46,8 @@ - Register -
- forgot password -
+ Register + forgot password {% endblock %} From 9be99838c53a36ead49ddc2fa7b38e0fc72febae Mon Sep 17 00:00:00 2001 From: matheu Date: Wed, 9 Aug 2023 23:39:38 -0300 Subject: [PATCH 2/5] Modified style --- README.md | 1 + assets/styles/global.scss | 5 +++++ assets/styles/login/app.scss | 5 +---- templates/base.html.twig | 5 +++++ 4 files changed, 12 insertions(+), 4 deletions(-) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..e0f6fe8 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +# STUDIES diff --git a/assets/styles/global.scss b/assets/styles/global.scss index d6e8951..3fe63d0 100644 --- a/assets/styles/global.scss +++ b/assets/styles/global.scss @@ -22,3 +22,8 @@ $primary: darken(#428bca, 20%); background-image: url("../images_to_images/images/quadro-poster-paisagem-04-detalhes-abaixo-para-imprimir.jpg"); } +.left-end { + display: flex; + justify-content: end; +} + diff --git a/assets/styles/login/app.scss b/assets/styles/login/app.scss index aed33d9..8b13789 100644 --- a/assets/styles/login/app.scss +++ b/assets/styles/login/app.scss @@ -1,4 +1 @@ -.forgot { - display: flex; - justify-content: end; -} + diff --git a/templates/base.html.twig b/templates/base.html.twig index 528d317..ec1b774 100644 --- a/templates/base.html.twig +++ b/templates/base.html.twig @@ -3,6 +3,11 @@ + {% block metas %} + + + + {% endblock %} {% block title %}Welcome!{% endblock %} {% block stylesheets %} From d4c238e1f50a374082156cf49762e4bb94999e3d Mon Sep 17 00:00:00 2001 From: matheu Date: Wed, 9 Aug 2023 23:41:46 -0300 Subject: [PATCH 3/5] Added symfony workflow --- .github/workflows/symfony.yml | 48 +++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 .github/workflows/symfony.yml diff --git a/.github/workflows/symfony.yml b/.github/workflows/symfony.yml new file mode 100644 index 0000000..8b78297 --- /dev/null +++ b/.github/workflows/symfony.yml @@ -0,0 +1,48 @@ + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +name: Symfony + +on: + push: + branches: [ "master" ] + pull_request: + branches: [ "master" ] + +permissions: + contents: read + +jobs: + symfony-tests: + runs-on: ubuntu-latest + steps: + # To automatically get bug fixes and new Php versions for shivammathur/setup-php, + # change this to (see https://github.com/shivammathur/setup-php#bookmark-versioning): + # uses: shivammathur/setup-php@v2 + - uses: shivammathur/setup-php@2cb9b829437ee246e9b3cac53555a39208ca6d28 + with: + php-version: '8.0' + - uses: actions/checkout@v3 + - name: Copy .env.test.local + run: php -r "file_exists('.env.test.local') || copy('.env.test', '.env.test.local');" + - name: Cache Composer packages + id: composer-cache + uses: actions/cache@v3 + with: + path: vendor + key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} + restore-keys: | + ${{ runner.os }}-php- + - name: Install Dependencies + run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist + - name: Create Database + run: | + mkdir -p data + touch data/database.sqlite + - name: Execute tests (Unit and Feature tests) via PHPUnit + env: + DATABASE_URL: sqlite:///%kernel.project_dir%/data/database.sqlite + run: vendor/bin/phpunit From 1b29b592055b961a66c98a07b1e7078ff0641eff Mon Sep 17 00:00:00 2001 From: Matheus Vieira Date: Thu, 10 Aug 2023 21:23:25 -0300 Subject: [PATCH 4/5] Update symfony.yml --- .github/workflows/symfony.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/symfony.yml b/.github/workflows/symfony.yml index 8b78297..db25d71 100644 --- a/.github/workflows/symfony.yml +++ b/.github/workflows/symfony.yml @@ -37,7 +37,9 @@ jobs: restore-keys: | ${{ runner.os }}-php- - name: Install Dependencies - run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist + run: | + composer update + composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist - name: Create Database run: | mkdir -p data From 4eeb8e541856adb68390d644d79c2b6c61f749e5 Mon Sep 17 00:00:00 2001 From: Matheus Vieira Date: Thu, 10 Aug 2023 21:25:35 -0300 Subject: [PATCH 5/5] Update symfony.yml --- .github/workflows/symfony.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/symfony.yml b/.github/workflows/symfony.yml index db25d71..c426dc2 100644 --- a/.github/workflows/symfony.yml +++ b/.github/workflows/symfony.yml @@ -24,7 +24,7 @@ jobs: # uses: shivammathur/setup-php@v2 - uses: shivammathur/setup-php@2cb9b829437ee246e9b3cac53555a39208ca6d28 with: - php-version: '8.0' + php-version: '8.2' - uses: actions/checkout@v3 - name: Copy .env.test.local run: php -r "file_exists('.env.test.local') || copy('.env.test', '.env.test.local');"