addMandatoryAuthentication($controllers); $controllers->before(function (Request $request) use ($app) { $app['firewall']->requireNotGuest(); }); $controllers->get('/record/{base_id}/{record_id}/', 'controller.prod.share:shareRecord') ->before(function (Request $request) use ($app) { $app['firewall']->requireRightOnSbas(\phrasea::sbasFromBas($app, $request->attributes->get('base_id')), 'bas_chupub'); }) ->bind('share_record'); return $controllers; } /** * Share a record * * @param Application $app * @param Request $request * @param integer $base_id * @param integer $record_id * @return Response */ public function shareRecord(Application $app, Request $request, $base_id, $record_id) { $record = new \record_adapter($app, \phrasea::sbasFromBas($app, $base_id), $record_id); if (!$app['acl']->get($app['authentication']->getUser())->has_access_to_subdef($record, 'preview')) { $app->abort(403); } return new Response($app['twig']->render('prod/Share/record.html.twig', [ 'record' => $record, ])); } }