Session: Fix my sessions access.

5 years ago · 84bea4151b
parent b5d40eb6c7
commit 84bea4151b
1 changed files with 2 additions and 5 deletions
--- a/src/CoreBundle/Entity/SessionRelCourse.php
+++ b/src/CoreBundle/Entity/SessionRelCourse.php
@ -32,7 +32,7 @@ use Symfony\Component\Serializer\Annotation\Groups;
 #[ApiResource(
    collectionOperations: [
        'get' => [
-            'security' => "is_granted('ROLE_ADMIN')",
+            'security' => "is_granted('ROLE_USER')",
        ],
        'post' => [
            'security' => "is_granted('ROLE_ADMIN')",
@ -40,15 +40,12 @@ use Symfony\Component\Serializer\Annotation\Groups;
    ],
    itemOperations: [
        'get' => [
-            'security' => "is_granted('ROLE_ADMIN')",
+            'security' => "is_granted('ROLE_ADMIN') or is_granted('VIEW', object)",
        ],
        'put' => [
            'security' => "is_granted('ROLE_ADMIN')",
        ],
    ],
-    attributes: [
-        'security' => "is_granted('ROLE_ADMIN')",
-    ],
    denormalizationContext: [
        'groups' => ['session_rel_course:write'],
    ],