From c73beef3aff5d73111f675b19dc13e0fbeb20909 Mon Sep 17 00:00:00 2001 From: Julie Lenaerts Date: Wed, 7 Jun 2023 13:25:48 +0200 Subject: [PATCH 1/5] FIX [rights][household] check rights to be able to create a parcours from within household --- .../views/Household/accompanying_period.html.twig | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/Bundle/ChillPersonBundle/Resources/views/Household/accompanying_period.html.twig b/src/Bundle/ChillPersonBundle/Resources/views/Household/accompanying_period.html.twig index acd251735..e71559585 100644 --- a/src/Bundle/ChillPersonBundle/Resources/views/Household/accompanying_period.html.twig +++ b/src/Bundle/ChillPersonBundle/Resources/views/Household/accompanying_period.html.twig @@ -41,12 +41,14 @@ {# TODO: add ACL to check if user is allowed to edit household? #} -
  • - - {{ 'Create an accompanying period'|trans }} - -
    • + {% if is_granted('CHILL_PERSON_HOUSEHOLD_EDIT', household) %} +
  • + + {{ 'Create an accompanying period'|trans }} + +
    • + {% endif %} From 520d5ab6d4698874bfae1d78510fb4ef735b152c Mon Sep 17 00:00:00 2001 From: Julie Lenaerts Date: Wed, 7 Jun 2023 13:30:53 +0200 Subject: [PATCH 2/5] FIX [rights][menu] dont show menu item parcours if user doesn't have the proper rights --- .../Menu/HouseholdMenuBuilder.php | 22 +++++++++++++------ 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php b/src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php index 074c27027..65b751bc2 100644 --- a/src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php +++ b/src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php @@ -12,7 +12,9 @@ declare(strict_types=1); namespace Chill\PersonBundle\Menu; use Chill\MainBundle\Routing\LocalMenuBuilderInterface; +use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodVoter; use Knp\Menu\MenuItem; +use Symfony\Component\Security\Core\Security; use Symfony\Contracts\Translation\TranslatorInterface; class HouseholdMenuBuilder implements LocalMenuBuilderInterface @@ -22,9 +24,12 @@ class HouseholdMenuBuilder implements LocalMenuBuilderInterface */ protected $translator; - public function __construct(TranslatorInterface $translator) + private Security $security; + + public function __construct(TranslatorInterface $translator, Security $security) { $this->translator = $translator; + $this->security = $security; } public function buildMenu($menuId, MenuItem $menu, array $parameters): void @@ -53,12 +58,15 @@ class HouseholdMenuBuilder implements LocalMenuBuilderInterface ], ]) ->setExtras(['order' => 17]); - $menu->addChild($this->translator->trans('household.Accompanying period'), [ - 'route' => 'chill_person_household_accompanying_period', - 'routeParameters' => [ - 'household_id' => $household->getId(), - ], ]) - ->setExtras(['order' => 20]); + if ($this->security->isGranted(AccompanyingPeriodVoter::SEE, $parameters['household'])) + { + $menu->addChild($this->translator->trans('household.Accompanying period'), [ + 'route' => 'chill_person_household_accompanying_period', + 'routeParameters' => [ + 'household_id' => $household->getId(), + ],]) + ->setExtras(['order' => 20]); + } $menu->addChild($this->translator->trans('household.Addresses'), [ 'route' => 'chill_person_household_addresses', From 23ee29ab0de50ed8447d2cceb812b0d83fcabb90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julien=20Fastr=C3=A9?= Date: Wed, 7 Jun 2023 11:39:19 +0000 Subject: [PATCH 3/5] Apply 1 suggestion(s) to 1 file(s) --- .../Resources/views/Household/accompanying_period.html.twig | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Bundle/ChillPersonBundle/Resources/views/Household/accompanying_period.html.twig b/src/Bundle/ChillPersonBundle/Resources/views/Household/accompanying_period.html.twig index e71559585..c734eee8e 100644 --- a/src/Bundle/ChillPersonBundle/Resources/views/Household/accompanying_period.html.twig +++ b/src/Bundle/ChillPersonBundle/Resources/views/Household/accompanying_period.html.twig @@ -40,7 +40,6 @@ {{ 'Household summary'|trans }} - {# TODO: add ACL to check if user is allowed to edit household? #} {% if is_granted('CHILL_PERSON_HOUSEHOLD_EDIT', household) %}
  • Date: Wed, 7 Jun 2023 17:39:28 +0200 Subject: [PATCH 4/5] FIX [php-cs-fixer] --- src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php b/src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php index 65b751bc2..13291bdd1 100644 --- a/src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php +++ b/src/Bundle/ChillPersonBundle/Menu/HouseholdMenuBuilder.php @@ -58,8 +58,7 @@ class HouseholdMenuBuilder implements LocalMenuBuilderInterface ], ]) ->setExtras(['order' => 17]); - if ($this->security->isGranted(AccompanyingPeriodVoter::SEE, $parameters['household'])) - { + if ($this->security->isGranted(AccompanyingPeriodVoter::SEE, $parameters['household'])) { $menu->addChild($this->translator->trans('household.Accompanying period'), [ 'route' => 'chill_person_household_accompanying_period', 'routeParameters' => [ From f5b71a0c413a92a76081c49b9023c97231bbf46e Mon Sep 17 00:00:00 2001 From: Julie Lenaerts Date: Wed, 7 Jun 2023 17:47:23 +0200 Subject: [PATCH 5/5] DX [changie] entry added --- .changes/unreleased/Security-20230607-174702.yaml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .changes/unreleased/Security-20230607-174702.yaml diff --git a/.changes/unreleased/Security-20230607-174702.yaml b/.changes/unreleased/Security-20230607-174702.yaml new file mode 100644 index 000000000..ecdc1d191 --- /dev/null +++ b/.changes/unreleased/Security-20230607-174702.yaml @@ -0,0 +1,7 @@ +kind: Security +body: Rights are checked for display of 'accompanying period' tab in household menu. + Rights are also checked for creation of 'accompanying period' from within household + context +time: 2023-06-07T17:47:02.488819553+02:00 +custom: + Issue: "105"