Mirrors/Part-DB-server
2
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2026-03-04 14:35:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added permissions to control access to API and manage API tokens

Browse Source
This commit is contained in:
Jan Böhmer
2023-08-26 22:57:50 +02:00
parent be14fe548c
commit 8fe3f4cf5c
7 changed files with 60 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Controller/UserSettingsController.php
View File

@@ -406,6 +406,8 @@ class UserSettingsController extends AbstractController
#[Route('/api_token/create', name: 'user_api_token_create')]
public function addApiToken(Request $request, EntityManagerInterface $entityManager): Response
{
$this->denyAccessUnlessGranted('@api.manage_tokens');
$token = new ApiToken();
$token->setUser($this->getUser());