From 84bea4151bea472e23e4e6b2e01f09bcae5a066a Mon Sep 17 00:00:00 2001
From: Julio <gugli100@gmail.com>
Date: Thu, 7 Oct 2021 14:22:20 +0200
Subject: [PATCH] Session: Fix my sessions access.

---
 src/CoreBundle/Entity/SessionRelCourse.php | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/src/CoreBundle/Entity/SessionRelCourse.php b/src/CoreBundle/Entity/SessionRelCourse.php
index 09c463a96e..333f874765 100644
--- a/src/CoreBundle/Entity/SessionRelCourse.php
+++ b/src/CoreBundle/Entity/SessionRelCourse.php
@@ -32,7 +32,7 @@ use Symfony\Component\Serializer\Annotation\Groups;
 #[ApiResource(
     collectionOperations: [
         'get' => [
-            'security' => "is_granted('ROLE_ADMIN')",
+            'security' => "is_granted('ROLE_USER')",
         ],
         'post' => [
             'security' => "is_granted('ROLE_ADMIN')",
@@ -40,15 +40,12 @@ use Symfony\Component\Serializer\Annotation\Groups;
     ],
     itemOperations: [
         'get' => [
-            'security' => "is_granted('ROLE_ADMIN')",
+            'security' => "is_granted('ROLE_ADMIN') or is_granted('VIEW', object)",
         ],
         'put' => [
             'security' => "is_granted('ROLE_ADMIN')",
         ],
     ],
-    attributes: [
-        'security' => "is_granted('ROLE_ADMIN')",
-    ],
     denormalizationContext: [
         'groups' => ['session_rel_course:write'],
     ],