Validation of confidential toggle added to accompanyingPeriod validator

This commit is contained in:
Julie Lenaerts 2022-02-15 14:22:41 +01:00
parent 385664e2bc
commit 4e83e7905a
5 changed files with 35 additions and 15 deletions

View File

@ -327,19 +327,19 @@ final class AccompanyingCourseApiController extends ApiController
public function toggleConfidentialApi(AccompanyingPeriod $accompanyingCourse, $id, Request $request)
{
if ($request->getMethod() == 'POST') {
$this->denyAccessUnlessGranted(AccompanyingPeriodVoter::TOGGLE_CONFIDENTIAL, $accompanyingCourse);
if (null != $accompanyingCourse->getUser() && $this->getUser() == $accompanyingCourse->getUser()) {
$accompanyingCourse->setConfidential(!$accompanyingCourse->isConfidential());
$this->getDoctrine()->getManager()->flush();
} else {
if ($accompanyingCourse->getUser() == null) {
throw new ValidationException("The parcours must have a referrer to be set to confidential");
}
throw new ValidationException("Only the referrer can set a parcours to confidential");
}
}
$errors = $this->validator->validate($accompanyingCourse);
if ($errors->count() > 0) {
return $this->json($errors, 422);
} else {
$this->getDoctrine()->getManager()->flush();
}
}
return $this->json($accompanyingCourse->isConfidential(), Response::HTTP_OK, [], ['groups' => ['read']]);
}

View File

@ -336,9 +336,6 @@ class AccompanyingPeriod implements
* @ORM\ManyToOne(targetEntity=User::class)
* @ORM\JoinColumn(nullable=true)
* @Groups({"read", "write", "docgen:read"})
* @Assert\Expression("!this.isConfidential() or (this.isConfidential() and value != null)",
* groups={AccompanyingPeriod::STEP_CONFIRMED},
* message="Referrer cannot be null for a confidential parcours")
*/
private ?User $user = null;

View File

@ -20,6 +20,10 @@ class AccompanyingPeriodValidity extends Constraint
{
public $messageSocialIssueCannotBeDeleted = 'The social %name% issue cannot be deleted because it is associated with an activity or an action';
public $messageReferrerIsCurrentUser = 'Only the referrer can change the confidentiality of a parcours';
public $messageReferrerIsNull = 'A confidential parcours must have a referrer';
public function getTargets()
{
return self::CLASS_CONSTRAINT;

View File

@ -15,6 +15,7 @@ use Chill\ActivityBundle\Repository\ActivityRepository;
use Chill\PersonBundle\Entity\AccompanyingPeriod;
use Chill\PersonBundle\Entity\SocialWork\SocialIssue;
use Chill\PersonBundle\Templating\Entity\SocialIssueRender;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;
use Symfony\Component\Validator\Exception\UnexpectedTypeException;
@ -28,10 +29,13 @@ class AccompanyingPeriodValidityValidator extends ConstraintValidator
private SocialIssueRender $socialIssueRender;
public function __construct(ActivityRepository $activityRepository, SocialIssueRender $socialIssueRender)
private TokenStorageInterface $token;
public function __construct(ActivityRepository $activityRepository, SocialIssueRender $socialIssueRender, TokenStorageInterface $token)
{
$this->activityRepository = $activityRepository;
$this->socialIssueRender = $socialIssueRender;
$this->token = $token;
}
public function validate($period, Constraint $constraint)
@ -44,6 +48,7 @@ class AccompanyingPeriodValidityValidator extends ConstraintValidator
throw new UnexpectedValueException($period, AccompanyingPeriod::class);
}
/** Check if a social issue can be deleted (is not linked to an action or activity within the parcours) */
$socialIssues = [];
$activities = $this->activityRepository->findBy(['accompanyingPeriod' => $period]);
@ -87,5 +92,19 @@ class AccompanyingPeriodValidityValidator extends ConstraintValidator
->addViolation();
}
}
/** Check if confidentiality and intensity can be toggled */
$user = $period->getUser();
$currentUser = $this->token->getToken()->getUser();
if ($user && ($user != $currentUser) && $period->isConfidential() == true) {
$this->context->buildViolation($constraint->messageReferrerIsCurrentUser)
->addViolation();
}
if ($user == null && $period->isConfidential() == true) {
$this->context->buildViolation($constraint->messageReferrerIsNull)
->addViolation();
}
}
}

View File

@ -51,8 +51,8 @@ household_membership:
A course must contains at least one social issue: 'Un parcours doit être associé à au moins une problématique sociale'
A course must be associated to at least one scope: 'Un parcours doit être associé à au moins un service'
The social %name% issue cannot be deleted because it is associated with an activity or an action: 'La problématique sociale "%name%" ne peut pas être supprimée car elle est associée à une activité ou une action'
Referrer cannot be null for a confidential parcours: 'Un parcours confidentiel doit avoir un référent'
Only the referrer can set a parcours to confidential: 'Seul le référent peut modifier la confidentialité'
A confidential parcours must have a referrer: 'Un parcours confidentiel doit avoir un référent'
Only the referrer can change the confidentiality of a parcours: 'Seul le référent peut modifier la confidentialité'
# resource
You must associate at least one entity: Associez un usager, un tiers ou indiquez une description libre