AccompanyingPeriodResource: add ACL

2025-06-07 18:44:08 +00:00 · 2022-01-10 23:12:52 +01:00 · 2022-01-10 23:12:52 +01:00 · 7564c2fde1
commit 7564c2fde1
parent 2c4d06371c
2 changed files with 10 additions and 5 deletions
--- a/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php
+++ b/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php
@ -14,6 +14,7 @@ namespace Chill\PersonBundle\DependencyInjection;
 use Chill\MainBundle\DependencyInjection\MissingBundleException;
 use Chill\MainBundle\Security\Authorization\ChillExportVoter;
 use Chill\PersonBundle\Doctrine\DQL\AddressPart;
+use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodResourceVoter;
 use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodVoter;
 use Chill\PersonBundle\Security\Authorization\PersonVoter;
 use Exception;
@ -425,11 +426,10 @@ class ChillPersonExtension extends Extension implements PrependExtensionInterfac
                                Request::METHOD_PATCH => true,
                                Request::METHOD_HEAD => false,
                                Request::METHOD_DELETE => false,
-                            ], /*
-                            'roles' => [
-                                //Request::METHOD_PATCH => \Chill\PersonBundle\Security\Authorization\AccompanyingPeriodVoter::SEE
                            ],
-    */
+                            'roles' => [
+                                Request::METHOD_PATCH => AccompanyingPeriodResourceVoter::EDIT,
+                            ],
                        ],
                    ],
                ],
--- a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodResourceVoter.php
+++ b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodResourceVoter.php
@ -23,6 +23,11 @@ class AccompanyingPeriodResourceVoter extends Voter

    private AccessDecisionManagerInterface $accessDecisionManager;

+    public function __construct(AccessDecisionManagerInterface $accessDecisionManager)
+    {
+        $this->accessDecisionManager = $accessDecisionManager;
+    }
+
    protected function supports($attribute, $subject)
    {
        return $subject instanceof Resource && self::EDIT === $attribute;
@ -35,7 +40,7 @@ class AccompanyingPeriodResourceVoter extends Voter
            case self::EDIT:
                return $this->accessDecisionManager->decide(
                    $token,
-                    AccompanyingPeriodVoter::EDIT,
+                    [AccompanyingPeriodVoter::EDIT],
                    $subject->getAccompanyingPeriod()
                );