Conversation
|
|
||
| public function userConfirm(User $user, string $token): Response | ||
| { | ||
| if ($user->getConfirmationToken() === $token) { |
There was a problem hiding this comment.
Please check permission: $this->denyAccessUnlessGranted('PERMISSION_SFS_USER_ADMIN_USERS_CONFIRM', $user);
There was a problem hiding this comment.
Should I check if the user has RolesAdminInterface or is it not necessary in this case?
| ROLE_SFS_USER_ADMIN_ADMINISTRATORS_RW: | ||
| - ROLE_SFS_USER_ADMIN_ADMINISTRATORS_RO | ||
| - PERMISSION_SFS_USER_ADMIN_USERS_PROMOTE | ||
| - PERMISSION_SFS_USER_ADMIN_USERS_CONFIRM |
There was a problem hiding this comment.
Those roles should be inherited by ROLE_SFS_USER_ADMIN_USERS_RW
|
|
||
| public function userConfirm(string $user): Response | ||
| { | ||
| $user = $this->userManager->findUserBy(['id' => $user]); |
There was a problem hiding this comment.
For PHPStan insert /** @var User|ConfirmableInterface $user */
| PERMISSION_SFS_USER_ADMIN_HISTORY_LIST: | ||
| - ROLE_ADMIN_ACCESS_HISTORY_LIST No newline at end of file | ||
| - ROLE_ADMIN_ACCESS_HISTORY_LIST | ||
| PERMISSION_SFS_USER_ADMIN_USERS_CONFIRM: |
There was a problem hiding this comment.
This is to support deprecated roles, those ones are new, so we don't need to add them as old format
| 'ROLE_ADMIN_INVITATIONS_LIST' => 'PERMISSION_SFS_USER_ADMIN_INVITATIONS_LIST', | ||
| 'ROLE_ADMIN_INVITATIONS_DETAILS' => 'PERMISSION_SFS_USER_ADMIN_INVITATIONS_DETAILS', | ||
| 'ROLE_ADMIN_ACCESS_HISTORY_LIST' => 'PERMISSION_SFS_USER_ADMIN_HISTORY_LIST', | ||
| 'ROLE_ADMIN_USERS_CONFIRM' => 'PERMISSION_SFS_USER_ADMIN_USERS_CONFIRM', |
There was a problem hiding this comment.
This is to support deprecated roles, those ones are new, so we don't need to add them as old format
2 participants
No description provided.