adapt UI and controller for Person without centers

src/Bundle/ChillPersonBundle/Security/Authorization/PersonVoter.php

@@ -23,16 +23,12 @@ use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
 use Chill\MainBundle\Entity\User;
 use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
 use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
+use Chill\MainBundle\Security\Resolver\CenterResolverDispatcher;
 use Chill\PersonBundle\Entity\Person;
 use Chill\MainBundle\Entity\Center;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Role\Role;
 
-/**
- * 
- *
- * @author Julien Fastré <julien.fastre@champs-libres.coop>
- */
 class PersonVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface
 {
     const CREATE = 'CHILL_PERSON_CREATE';
@@ -41,18 +37,19 @@ class PersonVoter extends AbstractChillVoter implements ProvideRoleHierarchyInte
     const STATS  = 'CHILL_PERSON_STATS';
     const LISTS  = 'CHILL_PERSON_LISTS';
     const DUPLICATE = 'CHILL_PERSON_DUPLICATE';
-    
-    /**
-     *
-     * @var AuthorizationHelper
-     */
-    protected $helper;
-    
-    public function __construct(AuthorizationHelper $helper)
-    {
+
+    protected AuthorizationHelper $helper;
+
+    protected CenterResolverDispatcher $centerResolverDispatcher;
+
+    public function __construct(
+        AuthorizationHelper $helper,
+        CenterResolverDispatcher $centerResolverDispatcher
+    ) {
         $this->helper = $helper;
+        $this->centerResolverDispatcher = $centerResolverDispatcher;
     }
-    
+
     protected function supports($attribute, $subject)
     {
         if ($subject instanceof Person) {
@@ -69,23 +66,30 @@ class PersonVoter extends AbstractChillVoter implements ProvideRoleHierarchyInte
             return false;
         }
     }
-    
+
     protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
     {
         if (!$token->getUser() instanceof User) {
             return false;
         }
-        
+
         if ($subject === null) {
-            $centers = $this->helper->getReachableCenters($token->getUser(), 
+            $centers = $this->helper->getReachableCenters($token->getUser(),
                 new Role($attribute));
-            
+
             return count($centers) > 0;
         }
-        
+
+        $center = $this->centerResolverDispatcher->resolveCenter($subject);
+
+        if (NULL === $center && $subject instanceof Person) {
+            // person without any center are seen by everybody
+            return true;
+        }
+
         return $this->helper->userHasAccess($token->getUser(), $subject, $attribute);
     }
-    
+
     private function getAttributes()
     {
         return array(self::CREATE, self::UPDATE, self::SEE, self::STATS, self::LISTS, self::DUPLICATE);
@@ -100,7 +104,7 @@ class PersonVoter extends AbstractChillVoter implements ProvideRoleHierarchyInte
     {
         return $this->getAttributes();
     }
-    
+
     public function getRolesWithHierarchy()
     {
         return [ 'Person' => $this->getRoles() ];