From 62c78e650f5dd4b411fd661dac5059e31224c027 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julien=20Fastr=C3=A9?= <julien.fastre@champs-libres.coop>
Date: Fri, 11 Feb 2022 17:20:26 +0100
Subject: [PATCH] fix access denied when updating a work

---
 .../Security/Authorization/AccompanyingPeriodWorkVoter.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkVoter.php b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkVoter.php
index 039baafaa..93b726b0c 100644
--- a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkVoter.php
+++ b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodWorkVoter.php
@@ -58,6 +58,11 @@ class AccompanyingPeriodWorkVoter extends Voter
                 case self::SEE:
                     return $this->security->isGranted(AccompanyingPeriodVoter::SEE_DETAILS, $subject->getAccompanyingPeriod());
 
+                case self::CREATE:
+                case self::UPDATE:
+                    return $this->security->isGranted(AccompanyingPeriodVoter::EDIT, $subject->getAccompanyingPeriod());
+
+
                 default:
                     throw new UnexpectedValueException("attribute {$attribute} is not supported");
             }
@@ -79,6 +84,6 @@ class AccompanyingPeriodWorkVoter extends Voter
 
     private function getRoles(): array
     {
-        return [self::SEE];
+        return [self::SEE, self::CREATE, self::UPDATE];
     }
 }