redirectToRoute('account_dashboard'); } /** * Nudges users back to the album flow so new reviews always start from a specific album. */ #[Route('/new', name: 'review_new', methods: ['GET', 'POST'])] #[IsGranted('ROLE_USER')] public function create(Request $request): Response { $albumId = (string) $request->query->get('album_id', ''); if ($albumId !== '') { return $this->redirectToRoute('album_show', ['id' => $albumId]); } $this->addFlash('info', 'Select an album first.'); return $this->redirectToRoute('album_search'); } /** * Shows a read-only page for a single review. */ #[Route('/{id}', name: 'review_show', requirements: ['id' => '\\d+'], methods: ['GET'])] public function show(Review $review): Response { return $this->render('review/show.html.twig', [ 'review' => $review, ]); } /** * Handles review edits by running the voter, binding the form, and saving valid updates. */ #[Route('/{id}/edit', name: 'review_edit', requirements: ['id' => '\\d+'], methods: ['GET', 'POST'])] #[IsGranted('ROLE_USER')] public function edit(Request $request, Review $review, EntityManagerInterface $em): Response { $this->denyAccessUnlessGranted('REVIEW_EDIT', $review); $form = $this->createForm(ReviewType::class, $review); $form->handleRequest($request); if ($form->isSubmitted() && $form->isValid()) { $em->flush(); $this->addFlash('success', 'Review updated.'); return $this->redirectToRoute('review_show', ['id' => $review->getId()]); } return $this->render('review/edit.html.twig', [ 'form' => $form->createView(), 'review' => $review, ]); } /** * Deletes a review after both the CSRF token and voter checks pass. */ #[Route('/{id}/delete', name: 'review_delete', requirements: ['id' => '\\d+'], methods: ['POST'])] #[IsGranted('ROLE_USER')] public function delete(Request $request, Review $review, EntityManagerInterface $em): RedirectResponse { $this->denyAccessUnlessGranted('REVIEW_DELETE', $review); if ($this->isCsrfTokenValid('delete_review_' . $review->getId(), (string) $request->request->get('_token'))) { $em->remove($review); $em->flush(); $this->addFlash('success', 'Review deleted.'); } return $this->redirectToRoute('account_dashboard'); } }