Internal: Use IS_AUTHENTICATED instead of IS_AUTHENTICATED_FULLY to check access (#5477)

1 year ago · 4dd2b0e3d5
parent 741161b261
commit 4dd2b0e3d5
3 changed files with 5 additions and 5 deletions
--- a/public/main/inc/lib/api.lib.php
+++ b/public/main/inc/lib/api.lib.php
@ -1138,7 +1138,7 @@ function api_protect_teacher_script()
 */
 function api_block_anonymous_users($printHeaders = true)
 {
-    $isAuth = Container::getAuthorizationChecker()->isGranted('IS_AUTHENTICATED_FULLY');
+    $isAuth = Container::getAuthorizationChecker()->isGranted('IS_AUTHENTICATED');

    if (false === $isAuth) {
        api_not_allowed($printHeaders);
@ -3516,7 +3516,7 @@ function api_is_allowed_to_session_edit($tutor = false, $coach = false)
 */
 function api_is_anonymous()
 {
-    return !Container::getAuthorizationChecker()->isGranted('IS_AUTHENTICATED_FULLY');
+    return !Container::getAuthorizationChecker()->isGranted('IS_AUTHENTICATED');
 }

 /**
--- a/src/CoreBundle/Resources/views/Course/about.html.twig
+++ b/src/CoreBundle/Resources/views/Course/about.html.twig
@ -103,7 +103,7 @@
                            {% if is_premium == false %}
                                <h5>{{ 'CourseSubscription'|trans }}</h5>
                                <div class="session-subscribe">
-                                    {% if not is_granted('IS_AUTHENTICATED_FULLY') %}
+                                    {% if not is_granted('IS_AUTHENTICATED') %}
                                        {% if 'allow_registration'|api_get_setting != 'false' %}
                                            <a href="{{ _p.web_main ~ 'auth/inscription.php' ~ redirect_to_session }}" class="btn btn--success btn-block btn-lg">
                                                <i class="fa fa-pencil" aria-hidden="true"></i> {{ 'SignUp'|trans }}
--- a/src/CoreBundle/Resources/views/Session/about.html.twig
+++ b/src/CoreBundle/Resources/views/Session/about.html.twig
@ -73,9 +73,9 @@
                            {% if is_premium == false %}
                                <h5>{{ 'CourseSubscription'|trans }}</h5>
                                <div class="session-subscribe">
-                                    {% if is_granted('IS_AUTHENTICATED_FULLY')  and not is_subscribed %}
+                                    {% if is_granted('IS_AUTHENTICATED')  and not is_subscribed %}
 {#                                        {{ subscribe_button }}#}
-                                    {% elseif not is_granted('IS_AUTHENTICATED_FULLY')  %}
+                                    {% elseif not is_granted('IS_AUTHENTICATED')  %}
                                        {% if 'allow_registration'|api_get_setting != 'false' %}
                                            <a href="{{ _p.web_main ~ 'auth/inscription.php' ~ redirect_to_session }}"
                                               class="btn btn--success btn-block btn-lg">