Rumen Panchev
Reputation: 498
How to deny acces for other users in Symfony?
I have the following function in my Controller:
/**
* @Route("/incomes/show/{id}", name="incomes_show")
*/
public function listIncomesAction($id)
{
$user = $this->getDoctrine()->getRepository('AppBundle:User')->find($id);
$userIncomes = $user->getIncomes();
return $this->render('incomes/show.user.incomes.html.twig', array(
'incomes' => $userIncomes
));
}
}
It is working perfectly, but i want to denied acces for other users i. e only the current logged in user have access to his list of incomes. Now when i change the id in the URL, it opens the other users incomes.
Upvotes: 0
Views: 44
Answers (1)
scoolnico
Reputation: 3135
Did you try like this ?
/**
* @Route("/incomes/show", name="incomes_show")
*/
public function listIncomesAction()
{
$user = $this->getUser();
$userIncomes = $user->getIncomes();
return $this->render('incomes/show.user.incomes.html.twig', array(
'incomes' => $userIncomes
));
}
Upvotes: 2
Related Questions
- Symfony, constraint for User
- How to setup access control for the user in symfony?
- Deny access to ROLE_ADMIN symfony
- How to restrict login to already logged Users in Symfony2
- restrict access to login symfony depending on the role
- Deny access if user is not confirmed on Symfony
- Prevent user from logging in in Symfony
- How to forbid access for authorised users in Symfony2?
- How can i restrict acces in my page? Symfony2
- How to prevent blocked user from logging in Symfony2?