mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-06-07 18:44:08 +00:00
Implement security checks for menu options
The changes in this commit add security checks before displaying menu options for creating new objects on Accompanying Period.
This commit is contained in:
parent
cc0030c1cd
commit
90bfd87ec6
GPG Key ID:
BDE2190974723FCB
@ -1,12 +1,27 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
declare(strict_types=1);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Chill is a software for social workers
|
||||||
|
*
|
||||||
|
* For the full copyright and license information, please view
|
||||||
|
* the LICENSE file that was distributed with this source code.
|
||||||
|
*/
|
||||||
|
|
||||||
namespace Chill\ActivityBundle\Menu;
|
namespace Chill\ActivityBundle\Menu;
|
||||||
|
|
||||||
|
use Chill\ActivityBundle\Security\Authorization\ActivityVoter;
|
||||||
use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
|
use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
|
||||||
use Knp\Menu\MenuItem;
|
use Knp\Menu\MenuItem;
|
||||||
|
use Symfony\Component\Security\Core\Security;
|
||||||
|
|
||||||
class AccompanyingCourseQuickMenuBuilder implements LocalMenuBuilderInterface
|
class AccompanyingCourseQuickMenuBuilder implements LocalMenuBuilderInterface
|
||||||
{
|
{
|
||||||
|
public function __construct(private Security $security)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
public static function getMenuIds(): array
|
public static function getMenuIds(): array
|
||||||
{
|
{
|
||||||
return ['accompanying_course_quick_menu'];
|
return ['accompanying_course_quick_menu'];
|
||||||
@ -17,19 +32,20 @@ class AccompanyingCourseQuickMenuBuilder implements LocalMenuBuilderInterface
|
|||||||
/** @var \Chill\PersonBundle\Entity\AccompanyingPeriod $accompanyingCourse */
|
/** @var \Chill\PersonBundle\Entity\AccompanyingPeriod $accompanyingCourse */
|
||||||
$accompanyingCourse = $parameters['accompanying-course'];
|
$accompanyingCourse = $parameters['accompanying-course'];
|
||||||
|
|
||||||
$menu
|
if ($this->security->isGranted(ActivityVoter::CREATE, $accompanyingCourse)) {
|
||||||
->addChild('Create a new activity in accompanying course', [
|
$menu
|
||||||
'route' => 'chill_activity_activity_new',
|
->addChild('Create a new activity in accompanying course', [
|
||||||
'routeParameters' => [
|
'route' => 'chill_activity_activity_new',
|
||||||
// 'activityType_id' => '',
|
'routeParameters' => [
|
||||||
'accompanying_period_id' => $accompanyingCourse->getId()
|
// 'activityType_id' => '',
|
||||||
]
|
'accompanying_period_id' => $accompanyingCourse->getId(),
|
||||||
])
|
],
|
||||||
->setExtras([
|
])
|
||||||
'order' => 10,
|
->setExtras([
|
||||||
'icon' => 'plus'
|
'order' => 10,
|
||||||
])
|
'icon' => 'plus',
|
||||||
;
|
])
|
||||||
|
;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,12 +1,27 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
declare(strict_types=1);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Chill is a software for social workers
|
||||||
|
*
|
||||||
|
* For the full copyright and license information, please view
|
||||||
|
* the LICENSE file that was distributed with this source code.
|
||||||
|
*/
|
||||||
|
|
||||||
namespace Chill\CalendarBundle\Menu;
|
namespace Chill\CalendarBundle\Menu;
|
||||||
|
|
||||||
|
use Chill\CalendarBundle\Security\Voter\CalendarVoter;
|
||||||
use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
|
use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
|
||||||
use Knp\Menu\MenuItem;
|
use Knp\Menu\MenuItem;
|
||||||
|
use Symfony\Component\Security\Core\Security;
|
||||||
|
|
||||||
class AccompanyingCourseQuickMenuBuilder implements LocalMenuBuilderInterface
|
class AccompanyingCourseQuickMenuBuilder implements LocalMenuBuilderInterface
|
||||||
{
|
{
|
||||||
|
public function __construct(private Security $security)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
public static function getMenuIds(): array
|
public static function getMenuIds(): array
|
||||||
{
|
{
|
||||||
return ['accompanying_course_quick_menu'];
|
return ['accompanying_course_quick_menu'];
|
||||||
@ -17,18 +32,19 @@ class AccompanyingCourseQuickMenuBuilder implements LocalMenuBuilderInterface
|
|||||||
/** @var \Chill\PersonBundle\Entity\AccompanyingPeriod $accompanyingCourse */
|
/** @var \Chill\PersonBundle\Entity\AccompanyingPeriod $accompanyingCourse */
|
||||||
$accompanyingCourse = $parameters['accompanying-course'];
|
$accompanyingCourse = $parameters['accompanying-course'];
|
||||||
|
|
||||||
$menu
|
if ($this->security->isGranted(CalendarVoter::CREATE, $accompanyingCourse)) {
|
||||||
->addChild('Create a new calendar in accompanying course', [
|
$menu
|
||||||
'route' => 'chill_calendar_calendar_new',
|
->addChild('Create a new calendar in accompanying course', [
|
||||||
'routeParameters' => [
|
'route' => 'chill_calendar_calendar_new',
|
||||||
//'accompanying_course_id' => $accompanyingCourse->getId()
|
'routeParameters' => [
|
||||||
]
|
'accompanying_period_id' => $accompanyingCourse->getId(),
|
||||||
])
|
],
|
||||||
->setExtras([
|
])
|
||||||
'order' => 20,
|
->setExtras([
|
||||||
'icon' => 'plus'
|
'order' => 20,
|
||||||
])
|
'icon' => 'plus',
|
||||||
;
|
])
|
||||||
|
;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,14 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
declare(strict_types=1);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Chill is a software for social workers
|
||||||
|
*
|
||||||
|
* For the full copyright and license information, please view
|
||||||
|
* the LICENSE file that was distributed with this source code.
|
||||||
|
*/
|
||||||
|
|
||||||
namespace Chill\PersonBundle\Menu;
|
namespace Chill\PersonBundle\Menu;
|
||||||
|
|
||||||
use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
|
use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
|
||||||
@ -7,13 +16,10 @@ use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodVoter;
|
|||||||
use Knp\Menu\MenuItem;
|
use Knp\Menu\MenuItem;
|
||||||
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
|
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
|
||||||
|
|
||||||
class PersonQuickMenuBuilder implements LocalMenuBuilderInterface
|
final readonly class PersonQuickMenuBuilder implements LocalMenuBuilderInterface
|
||||||
{
|
{
|
||||||
private AuthorizationCheckerInterface $authorizationChecker;
|
public function __construct(private AuthorizationCheckerInterface $authorizationChecker)
|
||||||
|
|
||||||
public function __construct(AuthorizationCheckerInterface $authorizationChecker)
|
|
||||||
{
|
{
|
||||||
$this->authorizationChecker = $authorizationChecker;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function getMenuIds(): array
|
public static function getMenuIds(): array
|
||||||
@ -28,18 +34,18 @@ class PersonQuickMenuBuilder implements LocalMenuBuilderInterface
|
|||||||
|
|
||||||
if ($this->authorizationChecker->isGranted(AccompanyingPeriodVoter::CREATE, $person)) {
|
if ($this->authorizationChecker->isGranted(AccompanyingPeriodVoter::CREATE, $person)) {
|
||||||
$menu->addChild(
|
$menu->addChild(
|
||||||
'Create Accompanying Course', [
|
'Create Accompanying Course',
|
||||||
|
[
|
||||||
'route' => 'chill_person_accompanying_course_new',
|
'route' => 'chill_person_accompanying_course_new',
|
||||||
'routeParameters' => [
|
'routeParameters' => [
|
||||||
'person_id' => [ $person->getId() ],
|
'person_id' => [$person->getId()],
|
||||||
],
|
],
|
||||||
]
|
]
|
||||||
)
|
)
|
||||||
->setExtras([
|
->setExtras([
|
||||||
'order' => 10,
|
'order' => 10,
|
||||||
'icon' => 'plus'
|
'icon' => 'plus',
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user