diff --git a/src/Bundle/ChillDocStoreBundle/Security/Authorization/StoredObjectVoters/AccompanyingPeriodWorkEvaluationStoredObjectVoter.php b/src/Bundle/ChillDocStoreBundle/Security/Authorization/StoredObjectVoters/AccompanyingPeriodWorkEvaluationDocumentStoredObjectVoter.php similarity index 74% rename from src/Bundle/ChillDocStoreBundle/Security/Authorization/StoredObjectVoters/AccompanyingPeriodWorkEvaluationStoredObjectVoter.php rename to src/Bundle/ChillDocStoreBundle/Security/Authorization/StoredObjectVoters/AccompanyingPeriodWorkEvaluationDocumentStoredObjectVoter.php index 7ba7e276e..d9eb4a843 100644 --- a/src/Bundle/ChillDocStoreBundle/Security/Authorization/StoredObjectVoters/AccompanyingPeriodWorkEvaluationStoredObjectVoter.php +++ b/src/Bundle/ChillDocStoreBundle/Security/Authorization/StoredObjectVoters/AccompanyingPeriodWorkEvaluationDocumentStoredObjectVoter.php @@ -14,15 +14,15 @@ namespace Chill\DocStoreBundle\Security\Authorization\StoredObjectVoters; use Chill\DocStoreBundle\Repository\AssociatedEntityToStoredObjectInterface; use Chill\DocStoreBundle\Security\Authorization\StoredObjectRoleEnum; use Chill\DocStoreBundle\Service\WorkflowDocumentService; -use Chill\PersonBundle\Entity\AccompanyingPeriod\AccompanyingPeriodWork; -use Chill\PersonBundle\Repository\AccompanyingPeriod\AccompanyingPeriodWorkRepository; -use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodWorkVoter; +use Chill\PersonBundle\Entity\AccompanyingPeriod\AccompanyingPeriodWorkEvaluationDocument; +use Chill\PersonBundle\Repository\AccompanyingPeriod\AccompanyingPeriodWorkEvaluationDocumentRepository; +use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodWorkEvaluationDocumentVoter; use Symfony\Component\Security\Core\Security; -class AccompanyingPeriodWorkEvaluationStoredObjectVoter extends AbstractStoredObjectVoter +class AccompanyingPeriodWorkEvaluationDocumentStoredObjectVoter extends AbstractStoredObjectVoter { public function __construct( - private readonly AccompanyingPeriodWorkRepository $repository, + private readonly AccompanyingPeriodWorkEvaluationDocumentRepository $repository, Security $security, WorkflowDocumentService $workflowDocumentService ) { @@ -36,14 +36,14 @@ class AccompanyingPeriodWorkEvaluationStoredObjectVoter extends AbstractStoredOb protected function getClass(): string { - return AccompanyingPeriodWork::class; + return AccompanyingPeriodWorkEvaluationDocument::class; } protected function attributeToRole(StoredObjectRoleEnum $attribute): string { return match ($attribute) { - StoredObjectRoleEnum::SEE => AccompanyingPeriodWorkVoter::SEE, - StoredObjectRoleEnum::EDIT => AccompanyingPeriodWorkVoter::UPDATE, + StoredObjectRoleEnum::SEE => AccompanyingPeriodWorkEvaluationDocumentVoter::SEE, + StoredObjectRoleEnum::EDIT => AccompanyingPeriodWorkEvaluationDocumentVoter::SEE_AND_EDIT, }; } diff --git a/src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriod/AccompanyingPeriodWorkEvaluationDocumentRepository.php b/src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriod/AccompanyingPeriodWorkEvaluationDocumentRepository.php index 59bb3f915..5da541cf8 100644 --- a/src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriod/AccompanyingPeriodWorkEvaluationDocumentRepository.php +++ b/src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriod/AccompanyingPeriodWorkEvaluationDocumentRepository.php @@ -11,14 +11,18 @@ declare(strict_types=1); namespace Chill\PersonBundle\Repository\AccompanyingPeriod; +use Chill\DocStoreBundle\Entity\StoredObject; +use Chill\DocStoreBundle\Repository\AssociatedEntityToStoredObjectInterface; +use Chill\PersonBundle\Entity\AccompanyingPeriod\AccompanyingPeriodWork; use Chill\PersonBundle\Entity\AccompanyingPeriod\AccompanyingPeriodWorkEvaluationDocument; use Doctrine\ORM\EntityManagerInterface; use Doctrine\ORM\EntityRepository; +use Doctrine\ORM\NonUniqueResultException; use Doctrine\Persistence\ObjectRepository; -class AccompanyingPeriodWorkEvaluationDocumentRepository implements ObjectRepository +readonly class AccompanyingPeriodWorkEvaluationDocumentRepository implements ObjectRepository, AssociatedEntityToStoredObjectInterface { - private readonly EntityRepository $repository; + private EntityRepository $repository; public function __construct(EntityManagerInterface $em) { @@ -58,4 +62,18 @@ class AccompanyingPeriodWorkEvaluationDocumentRepository implements ObjectReposi { return AccompanyingPeriodWorkEvaluationDocument::class; } + + /** + * @throws NonUniqueResultException + */ + public function findAssociatedEntityToStoredObject(StoredObject $storedObject): ?AccompanyingPeriodWorkEvaluationDocument + { + $qb = $this->repository->createQueryBuilder('acpwed'); + $query = $qb + ->where('acpwed.storedObject = :storedObject') + ->setParameter('storedObject', $storedObject) + ->getQuery(); + + return $query->getOneOrNullResult(); + } } diff --git a/src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriod/AccompanyingPeriodWorkRepository.php b/src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriod/AccompanyingPeriodWorkRepository.php index 324c3c176..95b995e74 100644 --- a/src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriod/AccompanyingPeriodWorkRepository.php +++ b/src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriod/AccompanyingPeriodWorkRepository.php @@ -11,8 +11,6 @@ declare(strict_types=1); namespace Chill\PersonBundle\Repository\AccompanyingPeriod; -use Chill\DocStoreBundle\Entity\StoredObject; -use Chill\DocStoreBundle\Repository\AssociatedEntityToStoredObjectInterface; use Chill\MainBundle\Entity\User; use Chill\PersonBundle\Entity\AccompanyingPeriod; use Chill\PersonBundle\Entity\AccompanyingPeriod\AccompanyingPeriodWork; @@ -24,7 +22,7 @@ use Doctrine\ORM\Query\ResultSetMappingBuilder; use Doctrine\ORM\QueryBuilder; use Doctrine\Persistence\ObjectRepository; -final readonly class AccompanyingPeriodWorkRepository implements ObjectRepository, AssociatedEntityToStoredObjectInterface +final readonly class AccompanyingPeriodWorkRepository implements ObjectRepository { private EntityRepository $repository; @@ -253,17 +251,4 @@ final readonly class AccompanyingPeriodWorkRepository implements ObjectRepositor return $qb; } - - public function findAssociatedEntityToStoredObject(StoredObject $storedObject): ?AccompanyingPeriodWork - { - $qb = $this->repository->createQueryBuilder('acpw'); - $query = $qb - ->join('acpw.accompanyingPeriodWorkEvaluations', 'acpwe') - ->join('acpwe.documents', 'acpwed') - ->where('acpwed.storedObject = :storedObject') - ->setParameter('storedObject', $storedObject) - ->getQuery(); - - return $query->getOneOrNullResult(); - } } diff --git a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkEvaluationDocumentVoter.php b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkEvaluationDocumentVoter.php index 97ca84a13..0e9f4201c 100644 --- a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkEvaluationDocumentVoter.php +++ b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkEvaluationDocumentVoter.php @@ -24,13 +24,14 @@ use Symfony\Component\Security\Core\Authorization\Voter\Voter; class AccompanyingPeriodWorkEvaluationDocumentVoter extends Voter { final public const SEE = 'CHILL_MAIN_ACCOMPANYING_PERIOD_WORK_EVALUATION_DOCUMENT_SHOW'; + final public const SEE_AND_EDIT = 'CHILL_MAIN_ACCOMPANYING_PERIOD_WORK_EVALUATION_DOCUMENT_EDIT'; public function __construct(private readonly AccessDecisionManagerInterface $accessDecisionManager) {} public function supports($attribute, $subject): bool { return $subject instanceof AccompanyingPeriodWorkEvaluationDocument - && self::SEE === $attribute; + && (self::SEE === $attribute || self::SEE_AND_EDIT === $attribute); } /** @@ -47,6 +48,11 @@ class AccompanyingPeriodWorkEvaluationDocumentVoter extends Voter [AccompanyingPeriodWorkEvaluationVoter::SEE], $subject->getAccompanyingPeriodWorkEvaluation() ), + self::SEE_AND_EDIT => $this->accessDecisionManager->decide( + $token, + [AccompanyingPeriodWorkEvaluationVoter::SEE_AND_EDIT], + $subject->getAccompanyingPeriodWorkEvaluation() + ), default => throw new \UnexpectedValueException("The attribute {$attribute} is not supported"), }; } diff --git a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkEvaluationVoter.php b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkEvaluationVoter.php index ce5faca8d..bea63018c 100644 --- a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkEvaluationVoter.php +++ b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkEvaluationVoter.php @@ -21,11 +21,14 @@ class AccompanyingPeriodWorkEvaluationVoter extends Voter implements ChillVoterI { final public const ALL = [ self::SEE, + self::SEE_AND_EDIT, self::STATS, ]; final public const SEE = 'CHILL_MAIN_ACCOMPANYING_PERIOD_WORK_EVALUATION_SHOW'; + final public const SEE_AND_EDIT = 'CHILL_MAIN_ACCOMPANYING_PERIOD_WORK_EVALUATION_EDIT'; + final public const STATS = 'CHILL_MAIN_ACCOMPANYING_PERIOD_WORK_EVALUATION_STATS'; public function __construct(private readonly Security $security) {} @@ -45,6 +48,7 @@ class AccompanyingPeriodWorkEvaluationVoter extends Voter implements ChillVoterI return match ($attribute) { self::STATS => $this->security->isGranted(AccompanyingPeriodVoter::STATS, $subject), self::SEE => $this->security->isGranted(AccompanyingPeriodWorkVoter::SEE, $subject->getAccompanyingPeriodWork()), + self::SEE_AND_EDIT => $this->security->isGranted(AccompanyingPeriodWorkVoter::UPDATE, $subject->getAccompanyingPeriodWork()), default => throw new \UnexpectedValueException("attribute {$attribute} is not supported"), }; }