boris/tonehaus
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f77f3a9e4064cea60bd38009dabed44d261227f5
tonehaus/src/Controller/ReviewController.php
boris f77f3a9e40
All checks were successful
CI (Gitea) / php-tests (push) Successful in 10m5s
Details
CI (Gitea) / docker-image (push) Successful in 2m22s
Details
its 7am i havent slept i have no idea
2025-11-28 06:40:10 +00:00

99 lines
3.3 KiB
PHP
Raw Blame History

<?php
namespace App\Controller;
use App\Entity\Review;
use App\Form\ReviewType;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Security\Http\Attribute\IsGranted;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
/**
* ReviewController wires up CRUD routes for reviews and keeps users inside the album-focused flow.
*/
#[Route('/reviews')]
class ReviewController extends AbstractController
{
/**
* Maintains backwards compatibility by redirecting to the dashboard.
*/
#[Route('', name: 'review_index', methods: ['GET'])]
public function index(): Response
{
return $this->redirectToRoute('account_dashboard');
}
/**
* Nudges users back to the album flow so new reviews always start from a specific album.
*/
#[Route('/new', name: 'review_new', methods: ['GET', 'POST'])]
#[IsGranted('ROLE_USER')]
public function create(Request $request): Response
{
$albumId = (string) $request->query->get('album_id', '');
if ($albumId !== '') {
return $this->redirectToRoute('album_show', ['id' => $albumId]);
}
$this->addFlash('info', 'Select an album first.');
return $this->redirectToRoute('album_search');
}
/**
* Shows a read-only page for a single review.
*/
#[Route('/{id}', name: 'review_show', requirements: ['id' => '\\d+'], methods: ['GET'])]
public function show(Review $review): Response
{
return $this->render('review/show.html.twig', [
'review' => $review,
]);
}
/**
* Handles review edits by running the voter, binding the form, and saving valid updates.
*/
#[Route('/{id}/edit', name: 'review_edit', requirements: ['id' => '\\d+'], methods: ['GET', 'POST'])]
#[IsGranted('ROLE_USER')]
public function edit(Request $request, Review $review, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('REVIEW_EDIT', $review);
$form = $this->createForm(ReviewType::class, $review);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$em->flush();
$this->addFlash('success', 'Review updated.');
return $this->redirectToRoute('review_show', ['id' => $review->getId()]);
}
return $this->render('review/edit.html.twig', [
'form' => $form->createView(),
'review' => $review,
]);
}
/**
* Deletes a review after both the CSRF token and voter checks pass.
*/
#[Route('/{id}/delete', name: 'review_delete', requirements: ['id' => '\\d+'], methods: ['POST'])]
#[IsGranted('ROLE_USER')]
public function delete(Request $request, Review $review, EntityManagerInterface $em): RedirectResponse
{
$this->denyAccessUnlessGranted('REVIEW_DELETE', $review);
if ($this->isCsrfTokenValid('delete_review_' . $review->getId(), (string) $request->request->get('_token'))) {
$em->remove($review);
$em->flush();
$this->addFlash('success', 'Review deleted.');
}
return $this->redirectToRoute('account_dashboard');
}
}
Reference in New Issue View Git Blame Copy Permalink