diff --git a/src/Bundle/ChillMainBundle/CRUD/Routing/CRUDRoutesLoader.php b/src/Bundle/ChillMainBundle/CRUD/Routing/CRUDRoutesLoader.php index 32068e518..8cbf81c5a 100644 --- a/src/Bundle/ChillMainBundle/CRUD/Routing/CRUDRoutesLoader.php +++ b/src/Bundle/ChillMainBundle/CRUD/Routing/CRUDRoutesLoader.php @@ -183,48 +183,12 @@ class CRUDRoutesLoader extends Loader $methods = \array_keys(\array_filter($action['methods'], function($value, $key) { return $value; }, ARRAY_FILTER_USE_BOTH)); - $route = new Route($path, $defaults, $requirements); - $route->setMethods($methods); - - $collection->add('chill_api_single_'.$crudConfig['name'].'_'.$name, $route); - } - - return $collection; - } - - /** - * Load routes for api multi - * - * @param $crudConfig - * @return RouteCollection - */ - protected function loadApiMultiConfig(array $crudConfig): RouteCollection - { - $collection = new RouteCollection(); - $controller ='csapi_'.$crudConfig['name'].'_controller'; - - foreach ($crudConfig['actions'] as $name => $action) { - // filter only on single actions - $singleCollection = $action['single-collection'] ?? $name === '_index' ? 'collection' : NULL; - if ('single' === $singleCollection) { - continue; + if (count($methods) === 0) { + throw new \RuntimeException("The api configuration named \"{$crudConfig['name']}\", action \"{$name}\", ". + "does not have any allowed methods. You should remove this action from the config ". + "or allow, at least, one method"); } - $defaults = [ - '_controller' => $controller.':'.($action['controller_action'] ?? '_entity' === $name ? 'entityApi' : $name.'Api') - ]; - - // path are rewritten - // if name === 'default', we rewrite it to nothing :-) - $localName = '_entity' === $name ? '' : '/'.$name; - $localPath = $action['path'] ?? '/{id}'.$localName.'.{_format}'; - $path = $crudConfig['base_path'].$localPath; - - $requirements = $action['requirements'] ?? [ '{id}' => '\d+' ]; - - $methods = \array_keys(\array_filter($action['methods'], function($value, $key) { return $value; }, - ARRAY_FILTER_USE_BOTH)); - $route = new Route($path, $defaults, $requirements); $route->setMethods($methods); diff --git a/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php b/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php index 0d6346c01..8851ad6d6 100644 --- a/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php +++ b/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php @@ -476,7 +476,6 @@ class ChillPersonExtension extends Extension implements PrependExtensionInterfac 'class' => \Chill\PersonBundle\Entity\SocialWork\SocialIssue::class, 'name' => 'social_work_social_issue', 'base_path' => '/api/1.0/person/social-work/social-issue', -// 'controller' => \Chill\PersonBundle\Controller\OpeningApiController::class, 'base_role' => 'ROLE_USER', 'actions' => [ '_index' => [ @@ -493,6 +492,25 @@ class ChillPersonExtension extends Extension implements PrependExtensionInterfac ], ] ], + [ + 'class' => \Chill\PersonBundle\Entity\Person::class, + 'name' => 'person', + 'base_path' => '/api/1.0/person/person', + 'base_role' => \Chill\PersonBundle\Security\Authorization\PersonVoter::SEE, + 'actions' => [ + '_entity' => [ + 'methods' => [ + Request::METHOD_GET => true, + Request::METHOD_HEAD => true + ], + 'roles' => [ + Request::METHOD_GET => \Chill\PersonBundle\Security\Authorization\PersonVoter::SEE, + Request::METHOD_HEAD => \Chill\PersonBundle\Security\Authorization\PersonVoter::SEE, + + ] + ], + ] + ], ] ]); } diff --git a/src/Bundle/ChillPersonBundle/Tests/Controller/PersonApiControllerTest.php b/src/Bundle/ChillPersonBundle/Tests/Controller/PersonApiControllerTest.php new file mode 100644 index 000000000..d261f4294 --- /dev/null +++ b/src/Bundle/ChillPersonBundle/Tests/Controller/PersonApiControllerTest.php @@ -0,0 +1,83 @@ +getClientAuthenticated(); + + $client->request(Request::METHOD_GET, "/api/1.0/person/person/{$personId}.json"); + $response = $client->getResponse(); + + $this->assertEquals(403, $response->getStatusCode()); + } + + /** + * @dataProvider dataGetPersonFromCenterA + */ + public function testPersonGet($personId): void + { + $client = $this->getClientAuthenticated(); + + $client->request(Request::METHOD_GET, "/api/1.0/person/person/{$personId}.json"); + $response = $client->getResponse(); + + $this->assertResponseIsSuccessful(); + + $data = \json_decode($client->getResponse()->getContent(), true); + + $this->assertArrayHasKey('type', $data); + $this->assertArrayHasKey('id', $data); + $this->assertEquals('person', $data['type']); + $this->assertEquals($personId, $data['id']); + } + + public function dataGetPersonFromCenterA(): \Iterator + { + self::bootKernel(); + $em = self::$container->get(EntityManagerInterface::class); + $personIds= $em->createQuery("SELECT p.id FROM ".Person::class." p ". + "JOIN p.center c ". + "WHERE c.name = :center") + ->setParameter('center', 'Center A') + ->setMaxResults(100) + ->getScalarResult() + ; + + \shuffle($personIds); + + yield \array_pop($personIds); + yield \array_pop($personIds); + } + + public function dataGetPersonFromCenterB(): \Iterator + { + self::bootKernel(); + $em = self::$container->get(EntityManagerInterface::class); + $personIds= $em->createQuery("SELECT p.id FROM ".Person::class." p ". + "JOIN p.center c ". + "WHERE c.name = :center") + ->setParameter('center', 'Center B') + ->setMaxResults(100) + ->getScalarResult() + ; + + \shuffle($personIds); + + yield \array_pop($personIds); + yield \array_pop($personIds); + } +} diff --git a/src/Bundle/ChillPersonBundle/chill.api.specs.yaml b/src/Bundle/ChillPersonBundle/chill.api.specs.yaml index a5636d93e..111c55b32 100644 --- a/src/Bundle/ChillPersonBundle/chill.api.specs.yaml +++ b/src/Bundle/ChillPersonBundle/chill.api.specs.yaml @@ -178,6 +178,30 @@ components: readOnly: true paths: + /1.0/person/person/{id}.json: + get: + tags: + - person + summary: Get a single person + parameters: + - name: id + in: path + required: true + description: The person's id + schema: + type: integer + format: integer + minimum: 1 + responses: + 200: + description: "OK" + content: + application/json: + schema: + $ref: "#/components/schemas/Person" + 403: + description: "Unauthorized" + /1.0/person/social-work/social-issue.json: get: tags: