Feature: do not show desactivated Scope in ScopePickerType

2025-08-20 14:43:49 +00:00 · 2022-10-10 20:33:45 +02:00
parent f74f67b5c6
commit 4834eadc18
2 changed files with 145 additions and 61 deletions
--- a/src/Bundle/ChillMainBundle/Form/Type/ScopePickerType.php
+++ b/src/Bundle/ChillMainBundle/Form/Type/ScopePickerType.php
@@ -15,9 +15,9 @@ use Chill\MainBundle\Entity\Center;
 use Chill\MainBundle\Entity\Scope;
 use Chill\MainBundle\Entity\User;
 use Chill\MainBundle\Form\DataMapper\ScopePickerDataMapper;
-use Chill\MainBundle\Repository\ScopeRepository;
 use Chill\MainBundle\Security\Authorization\AuthorizationHelperInterface;
-use Chill\MainBundle\Templating\TranslatableStringHelper;
+use Chill\MainBundle\Templating\TranslatableStringHelperInterface;
+use RuntimeException;
 use Symfony\Bridge\Doctrine\Form\Type\EntityType;
 use Symfony\Component\Form\AbstractType;
 use Symfony\Component\Form\Extension\Core\Type\HiddenType;
@@ -26,11 +26,9 @@ use Symfony\Component\Form\FormInterface;
 use Symfony\Component\Form\FormView;
 use Symfony\Component\OptionsResolver\Options;
 use Symfony\Component\OptionsResolver\OptionsResolver;
-use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Role\Role;
-use Symfony\Component\Security\Core\Security;

-use function array_map;
+use Symfony\Component\Security\Core\Security;
 use function count;

 /**
@@ -44,47 +42,37 @@ use function count;
 */
 class ScopePickerType extends AbstractType
 {
-    protected AuthorizationHelperInterface $authorizationHelper;
+    private AuthorizationHelperInterface $authorizationHelper;

-    /**
-     * @var ScopeRepository
-     */
-    protected $scopeRepository;
+    private Security $security;

-    protected Security $security;
-
-    /**
-     * @var TokenStorageInterface
-     */
-    protected $tokenStorage;
-
-    /**
-     * @var TranslatableStringHelper
-     */
-    protected $translatableStringHelper;
+    private TranslatableStringHelperInterface $translatableStringHelper;

    public function __construct(
        AuthorizationHelperInterface $authorizationHelper,
-        TokenStorageInterface $tokenStorage,
-        ScopeRepository $scopeRepository,
        Security $security,
-        TranslatableStringHelper $translatableStringHelper
+        TranslatableStringHelperInterface $translatableStringHelper
    ) {
        $this->authorizationHelper = $authorizationHelper;
-        $this->tokenStorage = $tokenStorage;
-        $this->scopeRepository = $scopeRepository;
        $this->security = $security;
        $this->translatableStringHelper = $translatableStringHelper;
    }

    public function buildForm(FormBuilderInterface $builder, array $options)
    {
-        $items = $this->authorizationHelper->getReachableScopes(
-            $this->security->getUser(),
-            $options['role'] instanceof Role ? $options['role']->getRole() : $options['role'],
-            $options['center']
+        $items = array_filter(
+            $this->authorizationHelper->getReachableScopes(
+                $this->security->getUser(),
+                $options['role'] instanceof Role ? $options['role']->getRole() : $options['role'],
+                $options['center']
+            ),
+            static function (Scope $s) { return $s->isActive(); }
        );

+        if (0 === count($items)) {
+            throw new RuntimeException('no scopes are reachable. This form should not be shown to user');
+        }
+
        if (1 !== count($items)) {
            $builder->add('scope', EntityType::class, [
                'class' => Scope::class,
@@ -123,35 +111,4 @@ class ScopePickerType extends AbstractType
            ->setRequired('role')
            ->setAllowedTypes('role', ['string', Role::class]);
    }
-
-    /**
-     * @param array|Center|Center[] $center
-     * @param string $role
-     *
-     * @return \Doctrine\ORM\QueryBuilder
-     */
-    protected function buildAccessibleScopeQuery($center, $role)
-    {
-        $roles = $this->authorizationHelper->getParentRoles($role);
-        $roles[] = $role;
-        $centers = $center instanceof Center ? [$center] : $center;
-
-        $qb = $this->scopeRepository->createQueryBuilder('s');
-        $qb
-          // jointure to center
-            ->join('s.roleScopes', 'rs')
-            ->join('rs.permissionsGroups', 'pg')
-            ->join('pg.groupCenters', 'gc')
-          // add center constraint
-            ->where($qb->expr()->in('IDENTITY(gc.center)', ':centers'))
-            ->setParameter('centers', array_map(static fn (Center $c) => $c->getId(), $centers))
-          // role constraints
-            ->andWhere($qb->expr()->in('rs.role', ':roles'))
-            ->setParameter('roles', $roles)
-          // user contraint
-            ->andWhere(':user MEMBER OF gc.users')
-            ->setParameter('user', $this->tokenStorage->getToken()->getUser());
-
-        return $qb;
-    }
 }