Refactor SavedExport permissions and voter logic

Revised SavedExportVoter to improve consistency and streamline permission checks. Updated tests, controller logic, and templates to align with new voter structure and attributes. Fixed typos in permission constants and added checks for delete/edit actions in the UI.
2025-09-28 17:44:58 +00:00 · 2025-04-18 14:09:13 +02:00
parent edeb8edbea
commit 0f6b10aa0a
4 changed files with 40 additions and 22 deletions
--- a/src/Bundle/ChillMainBundle/Tests/Security/Authorization/SavedExportVoterTest.php
+++ b/src/Bundle/ChillMainBundle/Tests/Security/Authorization/SavedExportVoterTest.php
@@ -22,7 +22,6 @@ use Prophecy\Argument;
 use Prophecy\PhpUnit\ProphecyTrait;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
-use Symfony\Component\Security\Core\Security;

 /**
 * @internal
@@ -36,18 +35,14 @@ class SavedExportVoterTest extends TestCase
    /**
     * @dataProvider voteProvider
     */
-    public function testVote(string $attribute, SavedExport $savedExport, User $user, $expectedResult, ?bool $isGranted = null): void
+    public function testVote(string $attribute, mixed $savedExport, User $user, $expectedResult, ?bool $isGranted = null): void
    {
-        $security = $this->prophesize(Security::class);
-        if (null !== $isGranted) {
-            $security->isGranted(Argument::any(), Argument::any())->willReturn($isGranted);
-        }
-
        $export = $this->prophesize(ExportInterface::class);
        $exportManager = $this->prophesize(ExportManager::class);
-        $exportManager->getExport($savedExport->getExportAlias())->willReturn($export->reveal());
+        $exportManager->getExport('dummy_export')->willReturn($export->reveal());
+        $exportManager->isGrantedForElement(Argument::any())->willReturn($isGranted);

-        $voter = new SavedExportVoter($exportManager->reveal(), $security->reveal());
+        $voter = new SavedExportVoter($exportManager->reveal());
        $token = new UsernamePasswordToken($user, 'default', ['ROLE_USER']);

        self::assertEquals($expectedResult, $voter->vote($token, $savedExport, [$attribute]));
@@ -66,6 +61,25 @@ class SavedExportVoterTest extends TestCase
        $savedExport->setExportAlias('dummy_export');
        $savedExport->setUser($userA);

+        // abstain
+        foreach ($alls as $attribute) {
+            yield [
+                $attribute,
+                new \stdClass(),
+                $userA,
+                VoterInterface::ACCESS_ABSTAIN,
+                true,
+            ];
+        }
+
+        yield [
+            'dummy',
+            $savedExport,
+            $userA,
+            VoterInterface::ACCESS_ABSTAIN,
+            false,
+        ];
+
        foreach ($alls as $attribute) {
            yield [
                $attribute,