mirror of
https://github.com/MarijnDoeve/TijdVoorDeTest.git
synced 2026-07-05 15:10:16 +02:00
281462fab8
* Added Gedmo stuff, fix translations * Add CSRF token validation across backoffice forms - Added CSRF validations to candidate correction, penalty, answer saving, and elimination forms. - Updated corresponding Twig templates to include CSRF token inputs. - Adjusted column count in `tab_result` template to maintain layout consistency. * Add unique index constraint for `quiz_candidate` with soft delete support - Updated migration to include a unique index on `quiz_candidate` table that excludes soft-deleted records. - Adjusted `QuizCandidate` entity to reflect the new unique constraint with `deleted_at` condition. * Add CSRF token validation for quiz-related actions - Added CSRF validation to `enableQuiz`, `clearQuiz`, `deleteQuiz`, `toggleCandidate`, and `prepareElimination` actions. - Updated Twig templates to replace links with POST forms to include CSRF tokens. - Set HTTP method restrictions for related endpoints to `POST`. * Fix unique index condition for `quiz_candidate` with soft deletes - Updated condition in unique index definition of `quiz_candidate` to add parentheses for clarity. - Adjusted related migration to reflect the revised condition. * Remove if for post an use methods in Route instead * Refactor CSRF token validation in backoffice controllers - Applied `#[IsCsrfTokenValid]` attribute for CSRF checks to simplify and standardize validation. - Removed manual `isCsrfTokenValid` calls and associated exception throwing. - Updated method signatures across affected endpoints to remove unnecessary `Request` dependency. - Ensured consistency in route HTTP method restrictions where applicable. * Add rector and phpstan * Add validation for answering incorrect quiz question - Added logic to prevent candidates from answering questions out of sequence in `QuizController`. - Updated Dutch translations to include the new error message. * Things
66 lines
2.4 KiB
PHP
66 lines
2.4 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Tvdt\Controller\Backoffice;
|
|
|
|
use Doctrine\ORM\EntityManagerInterface;
|
|
use Symfony\Component\HttpFoundation\RedirectResponse;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
use Symfony\Component\Routing\Attribute\Route;
|
|
use Symfony\Component\Routing\Requirement\Requirement;
|
|
use Symfony\Component\Security\Http\Attribute\IsCsrfTokenValid;
|
|
use Tvdt\Controller\AbstractController;
|
|
use Tvdt\Entity\Elimination;
|
|
use Tvdt\Entity\Quiz;
|
|
use Tvdt\Entity\Season;
|
|
use Tvdt\Factory\EliminationFactory;
|
|
|
|
final class PrepareEliminationController extends AbstractController
|
|
{
|
|
public function __construct(private readonly EliminationFactory $eliminationFactory, private readonly EntityManagerInterface $em) {}
|
|
|
|
#[IsCsrfTokenValid('prepare_elimination')]
|
|
#[Route(
|
|
'/backoffice/season/{seasonCode:season}/quiz/{quiz}/elimination/prepare',
|
|
name: 'tvdt_prepare_elimination',
|
|
requirements: ['seasonCode' => self::SEASON_CODE_REGEX, 'quiz' => Requirement::UUID],
|
|
methods: ['POST'],
|
|
)]
|
|
public function index(Season $season, Quiz $quiz): RedirectResponse
|
|
{
|
|
$elimination = $this->eliminationFactory->createEliminationFromQuiz($quiz);
|
|
|
|
return $this->redirectToRoute('tvdt_prepare_elimination_view', ['elimination' => $elimination->id]);
|
|
}
|
|
|
|
#[IsCsrfTokenValid('prepare_elimination', methods: ['POST'])]
|
|
#[Route(
|
|
'/backoffice/elimination/{elimination}',
|
|
name: 'tvdt_prepare_elimination_view',
|
|
requirements: ['elimination' => Requirement::UUID],
|
|
methods: ['GET', 'POST'],
|
|
)]
|
|
public function viewElimination(Elimination $elimination, Request $request): Response
|
|
{
|
|
if ($request->isMethod('POST')) {
|
|
$elimination->updateFromInputBag($request->request);
|
|
$this->em->flush();
|
|
|
|
if ($request->request->getBoolean('start')) {
|
|
return $this->redirectToRoute('tvdt_elimination', ['elimination' => $elimination->id]);
|
|
}
|
|
|
|
$this->addFlash('success', 'Elimination updated');
|
|
|
|
return $this->redirectToRoute('tvdt_prepare_elimination_view', ['elimination' => $elimination->id]);
|
|
}
|
|
|
|
return $this->render('backoffice/prepare_elimination/index.html.twig', [
|
|
'controller_name' => 'PrepareEliminationController',
|
|
'elimination' => $elimination,
|
|
]);
|
|
}
|
|
}
|