Skip to content
Snippets Groups Projects
Commit b3c6e2ec authored by Camille Simiand's avatar Camille Simiand
Browse files

Replace capsule link and edition_link with hashed and salt passwords

Change my capsules page title
parent faa0a883
No related branches found
No related tags found
1 merge request!32tuleap-50-create-a-capsule-for-an-unexisting-project-in-the-legacy
......@@ -35,3 +35,4 @@ security:
access_control:
- { path: ^/(?!register|login|generate-captcha|verify/email|reset-password), roles: ROLE_USER }
- { path: ^/*/edition, roles: ROLE_EDITOR }
\ No newline at end of file
......@@ -7,6 +7,7 @@ use App\Form\CreateCapsuleFormType;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Routing\Annotation\Route;
class CapsuleController extends AbstractController
......@@ -25,7 +26,7 @@ class CapsuleController extends AbstractController
/**
* @Route("/create", name="create_capsule")
*/
public function new(Request $request): Response
public function new(Request $request, UserPasswordHasherInterface $password_hasher): Response
{
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_REMEMBERED');
......@@ -34,16 +35,20 @@ class CapsuleController extends AbstractController
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$capsulePass = $request->request->get('p');
// $capsulePass = $request->request->get('p');
$new_date_time = new \DateTime();
$video_url = $form->get('video_url')->getData();
$capsule_name = $form->get('name')->getData();
// $sanitized_capsule_name = $this->sanitize($capsule_name);
$capsule->setName($this->sanitize($form->get('name')->getData()));
$capsule->setVideoUrl($video_url);
$preview_link = password_hash($capsule_name, PASSWORD_BCRYPT);
$edition_link = $preview_link . '/edition';
$capsule->setName($capsule_name);
$capsule->setCreationAuthor($this->getUser());
$capsule->setCreationDate($new_date_time);
$capsule->setUpdatedDate($new_date_time);
$capsule->setEditionLink($video_url . '/?p=' . $capsulePass);
$capsule->setPreviewLink($preview_link);
$capsule->setEditionLink($edition_link);
$entityManager = $this->getDoctrine()->getManager();
$entityManager->persist($capsule);
......
......@@ -65,7 +65,7 @@ class Capsule
*
* @ORM\Column(name="link", type="string", length=255, nullable=false)
*/
private string $video_url;
private string $preview_link;
/**
*
......@@ -124,12 +124,12 @@ class Capsule
return $this;
}
public function getVideoUrl() {
return $this->video_url;
public function getPreviewLink() {
return $this->preview_link;
}
public function setVideoUrl(string $video_url) {
$this->video_url = $video_url;
public function setPreviewLink(string $preview_link) {
$this->preview_link = $preview_link;
return $this;
}
......
......@@ -27,6 +27,7 @@ class CreateCapsuleFormType extends AbstractType
'video_url',
UrlType::class,
[
'mapped' => false,
'constraints' => [new NotBlank(['message' => 'capsule.video_url.not_blank'])],
'label' => 'capsule.video_url'
])
......
......@@ -14,9 +14,9 @@
</div>
{{ form_start(capsuleCreationForm, {'attr': {novalidate: 'novalidate', 'class': 'd-flex flex-column justify-content-center'}}) }}
{{ form_row(capsuleCreationForm.name, {'row_attr': {'class' : 'form-group d-flex flex-column m-auto mb-4 col-6'}}) }}
{{ form_row(capsuleCreationForm.video_url, {'row_attr': {'class' : 'form-group d-flex flex-column m-auto mb-4 col-6'}}) }}
{{ form_row(capsuleCreationForm.save, {'row_attr': {'class' : 'form-group d-flex flex-column m-auto mb-5 col-2'}}) }}
{{ form_row(capsuleCreationForm.name, {'row_attr': {'class' : 'm-auto mb-4 col-6'}}) }}
{{ form_row(capsuleCreationForm.video_url, {'row_attr': {'class' : 'm-auto mb-4 col-6'}}) }}
{{ form_row(capsuleCreationForm.save, {'row_attr': {'class' : 'm-auto mb-5 col-2'}}) }}
{{ form_end(capsuleCreationForm) }}
</div>
......
{% extends 'layout.html.twig' %}
{% block title %}Hello CapsuleController!{% endblock %}
{% block title %}
{{ 'capsule.title'|trans }}
-
{{ parent() }}
{% endblock %}
{% block body %}
......
......@@ -41,6 +41,7 @@ email_reset_password:
greeting: Cheers!
capsule:
title: My capsules
create_capsule: Create a capsule
name: Name of the capsule
video_url: Youtube or Vimeo video URL
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment