Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-06-07 18:44:08 +00:00
Code Issues Actions Projects Releases Wiki Activity

voter fixes

Browse Source
This commit is contained in:
Julie Lenaerts 2021-11-22 10:19:14 +01:00
parent 9e75c7e9b2
commit 2c74e268d3
5 changed files with 25 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Bundle/ChillActivityBundle/Resources/views/Activity/listAccompanyingCourse.html.twig
View File

@ -20,6 +20,7 @@
{% include 'ChillActivityBundle:Activity:list.html.twig' with {'context': 'accompanyingCourse'} %} {% include 'ChillActivityBundle:Activity:list.html.twig' with {'context': 'accompanyingCourse'} %}
{% if is_granted('CHILL_ACTIVITY_CREATE', accompanyingCourse) %}
<ul class="record_actions sticky-form-buttons"> <ul class="record_actions sticky-form-buttons">
<li> <li>
<a href="{{ path('chill_activity_activity_new', {'person_id': person_id, 'accompanying_period_id': accompanying_course_id}) }}" class="btn btn-create"> <a href="{{ path('chill_activity_activity_new', {'person_id': person_id, 'accompanying_period_id': accompanying_course_id}) }}" class="btn btn-create">
@ -27,5 +28,6 @@
</a> </a>
</li> </li>
</ul> </ul>
{% endif %}
{% endblock %} {% endblock %}

13
src/Bundle/ChillActivityBundle/Security/Authorization/ActivityVoter.php
View File

@ -91,11 +91,6 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
return false; return false;
} }
} elseif ($subject->getAccompanyingPeriod() instanceof AccompanyingPeriod) { } elseif ($subject->getAccompanyingPeriod() instanceof AccompanyingPeriod) {
if (AccompanyingPeriod::STEP_CLOSED === $subject->getAccompanyingPeriod->getStep()) {
if (\in_array($attribute, [self::UPDATE, self::CREATE, self::DELETE])) {
return false;
}
}
if (!$this->security->isGranted(AccompanyingPeriodVoter::SEE, $subject->getAccompanyingPeriod())) { if (!$this->security->isGranted(AccompanyingPeriodVoter::SEE, $subject->getAccompanyingPeriod())) {
return false; return false;
} }
@ -104,6 +99,14 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
} }
} }
if ($subject instanceof AccompanyingPeriod) {
if (AccompanyingPeriod::STEP_CLOSED === $subject->getStep()) {
if (\in_array($attribute, [self::UPDATE, self::CREATE, self::DELETE])) {
return false;
}
}
}
return $this->voterHelper->voteOnAttribute($attribute, $subject, $token); return $this->voterHelper->voteOnAttribute($attribute, $subject, $token);
} }

4
src/Bundle/ChillDocStoreBundle/Security/Authorization/AccompanyingCourseDocumentVoter.php
View File

@ -76,8 +76,8 @@ class AccompanyingCourseDocumentVoter extends AbstractChillVoter implements Prov
return false; return false;
} }
if ($subject instanceof AccompanyingCourseDocument) { if ($subject instanceof AccompanyingPeriod) {
if (AccompanyingPeriod::STEP_CLOSED === $subject->getCourse()->getStep()) { if (AccompanyingPeriod::STEP_CLOSED === $subject->getStep()) {
if (\in_array($attribute, [self::UPDATE, self::CREATE, self::DELETE])) { if (\in_array($attribute, [self::UPDATE, self::CREATE, self::DELETE])) {
return false; return false;
} }

7
src/Bundle/ChillPersonBundle/Controller/AccompanyingCourseController.php
View File

@ -180,25 +180,22 @@ class AccompanyingCourseController extends Controller
if ($form->isSubmitted() && $form->isValid()) { if ($form->isSubmitted() && $form->isValid()) {
$em = $this->getDoctrine()->getManager(); $em = $this->getDoctrine()->getManager();
$em->persist($accompanyingCourse);
$workflow = $this->registry->get($accompanyingCourse); $workflow = $this->registry->get($accompanyingCourse);
if ($workflow->can($accompanyingCourse, 'close')) { if ($workflow->can($accompanyingCourse, 'close')) {
$errors = $this->validator->validate($accompanyingCourse, null, [$accompanyingCourse::STEP_CLOSED]); $errors = $this->validator->validate($accompanyingCourse, null, [$accompanyingCourse::STEP_CLOSED]);
if( count($errors) > 0 ){ if (count($errors) > 0) {
return $this->json($errors, 422); return $this->json($errors, 422);
} }
$workflow->apply($accompanyingCourse, 'close'); $workflow->apply($accompanyingCourse, 'close');
$em->persist($accompanyingCourse);
}
$em->flush(); $em->flush();
return $this->redirectToRoute('chill_person_accompanying_course_index', [ return $this->redirectToRoute('chill_person_accompanying_course_index', [
'accompanying_period_id' => $accompanyingCourse->getId() 'accompanying_period_id' => $accompanyingCourse->getId()
]); ]);
}
} }
return $this->render('@ChillPerson/AccompanyingCourse/close.html.twig', [ return $this->render('@ChillPerson/AccompanyingCourse/close.html.twig', [

6
src/Bundle/ChillTaskBundle/Security/Authorization/TaskVoter.php
View File

@ -112,14 +112,16 @@ final class TaskVoter extends AbstractChillVoter implements ProvideRoleHierarchy
if (!$this->accessDecisionManager->decide($token, [AccompanyingPeriodVoter::SEE], $period)) { if (!$this->accessDecisionManager->decide($token, [AccompanyingPeriodVoter::SEE], $period)) {
return false; return false;
} }
}
}
if (AccompanyingPeriod::STEP_CLOSED === $subject->getCourse()->getStep()) { if ($subject instanceof AccompanyingPeriod) {
if (AccompanyingPeriod::STEP_CLOSED === $subject->getStep()) {
if (\in_array($attribute, [self::UPDATE, self::CREATE_COURSE, self::DELETE])) { if (\in_array($attribute, [self::UPDATE, self::CREATE_COURSE, self::DELETE])) {
return false; return false;
} }
} }
} }
}
// do regular check. // do regular check.
return $this->voter->voteOnAttribute($attribute, $subject, $token); return $this->voter->voteOnAttribute($attribute, $subject, $token);