mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2026-03-13 01:17:45 +00:00
Merge branch 'ticket-app-master' into 2101-fix-vue-tsc-errors
This commit is contained in:
Boris Waaub
@@ -31,7 +31,8 @@ class LoadAddressesFRFromBANCommand extends Command
|
||||
{
|
||||
$this->setName('chill:main:address-ref-from-ban')
|
||||
->addArgument('departementNo', InputArgument::REQUIRED | InputArgument::IS_ARRAY, 'a list of departement numbers')
|
||||
->addOption('send-report-email', 's', InputOption::VALUE_REQUIRED, 'Email address where a list of unimported addresses can be send');
|
||||
->addOption('send-report-email', 's', InputOption::VALUE_REQUIRED, 'Email address where a list of unimported addresses can be send')
|
||||
->addOption('allow-remove-double-refid', 'd', InputOption::VALUE_NONE, 'Should the address importer be allowed to remove same refid in the source data, if any');
|
||||
}
|
||||
|
||||
protected function execute(InputInterface $input, OutputInterface $output): int
|
||||
@@ -40,7 +41,7 @@ class LoadAddressesFRFromBANCommand extends Command
|
||||
foreach ($input->getArgument('departementNo') as $departementNo) {
|
||||
$output->writeln('Import addresses for '.$departementNo);
|
||||
|
||||
$this->addressReferenceFromBAN->import($departementNo, $input->hasOption('send-report-email') ? $input->getOption('send-report-email') : null);
|
||||
$this->addressReferenceFromBAN->import($departementNo, $input->hasOption('send-report-email') ? $input->getOption('send-report-email') : null, allowRemoveDoubleRefId: $input->hasOption('allow-remove-double-refid') ? $input->getOption('allow-remove-double-refid') : false);
|
||||
}
|
||||
|
||||
return Command::SUCCESS;
|
||||
|
||||
@@ -48,7 +48,7 @@ class LoadAndUpdateLanguagesCommand extends Command
|
||||
/**
|
||||
* (non-PHPdoc).
|
||||
*
|
||||
* @see \Symfony\Component\Console\Command\Command::configure()
|
||||
* @see Command::configure()
|
||||
*/
|
||||
protected function configure()
|
||||
{
|
||||
@@ -73,7 +73,7 @@ class LoadAndUpdateLanguagesCommand extends Command
|
||||
/**
|
||||
* (non-PHPdoc).
|
||||
*
|
||||
* @see \Symfony\Component\Console\Command\Command::execute()
|
||||
* @see Command::execute()
|
||||
*/
|
||||
protected function execute(InputInterface $input, OutputInterface $output): int
|
||||
{
|
||||
|
||||
@@ -51,7 +51,7 @@ class LoadCountriesCommand extends Command
|
||||
/**
|
||||
* (non-PHPdoc).
|
||||
*
|
||||
* @see \Symfony\Component\Console\Command\Command::configure()
|
||||
* @see Command::configure()
|
||||
*/
|
||||
protected function configure()
|
||||
{
|
||||
@@ -61,7 +61,7 @@ class LoadCountriesCommand extends Command
|
||||
/**
|
||||
* (non-PHPdoc).
|
||||
*
|
||||
* @see \Symfony\Component\Console\Command\Command::execute()
|
||||
* @see Command::execute()
|
||||
*/
|
||||
protected function execute(InputInterface $input, OutputInterface $output): int
|
||||
{
|
||||
|
||||
@@ -20,7 +20,7 @@ class SearchableServicesCompilerPass implements CompilerPassInterface
|
||||
/**
|
||||
* (non-PHPdoc).
|
||||
*
|
||||
* @see \Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface::process()
|
||||
* @see CompilerPassInterface::process()
|
||||
*/
|
||||
public function process(ContainerBuilder $container)
|
||||
{
|
||||
|
||||
@@ -32,7 +32,7 @@ abstract class AbstractWidgetFactory implements WidgetFactoryInterface
|
||||
* Will create the definition by returning the definition from the `services.yml`
|
||||
* file (or `services.xml` or `what-you-want.yml`).
|
||||
*
|
||||
* @see \Chill\MainBundle\DependencyInjection\Widget\Factory\WidgetFactoryInterface::createDefinition()
|
||||
* @see WidgetFactoryInterface::createDefinition()
|
||||
*/
|
||||
public function createDefinition(ContainerBuilder $containerBuilder, $place, $order, array $config)
|
||||
{
|
||||
|
||||
@@ -2,6 +2,10 @@
|
||||
<p>
|
||||
{{ 'This program is free software: you can redistribute it and/or modify it under the terms of the <strong>GNU Affero General Public License</strong>'|trans|raw }}
|
||||
<br/>
|
||||
{% if get_chill_version() %}
|
||||
{{ 'footer.Running chill version %version%'|trans({ '%version%': get_chill_version() }) }}
|
||||
{% endif %}
|
||||
<br/>
|
||||
<a name="bottom" class="btn text-white" href="https://gitea.champs-libres.be/Chill-project/manuals/releases" target="_blank">
|
||||
{{ 'User manual'|trans }}
|
||||
</a>
|
||||
|
||||
@@ -33,7 +33,7 @@ final readonly class ScopeResolverDispatcher
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Scope|iterable<Scope>|Scope|null
|
||||
* @return Scope|iterable<Scope>|null
|
||||
*/
|
||||
public function resolveScope(mixed $entity, ?array $options = []): iterable|Scope|null
|
||||
{
|
||||
|
||||
@@ -23,7 +23,7 @@ class AddressReferenceFromBAN
|
||||
private readonly AddressToReferenceMatcher $addressToReferenceMatcher,
|
||||
) {}
|
||||
|
||||
public function import(string $departementNo, ?string $sendAddressReportToEmail = null): void
|
||||
public function import(string $departementNo, ?string $sendAddressReportToEmail = null, ?bool $allowRemoveDoubleRefId = false): void
|
||||
{
|
||||
if (!is_numeric($departementNo)) {
|
||||
throw new \UnexpectedValueException('Could not parse this department number');
|
||||
@@ -96,7 +96,7 @@ class AddressReferenceFromBAN
|
||||
);
|
||||
}
|
||||
|
||||
$this->baseImporter->finalize(sendAddressReportToEmail: $sendAddressReportToEmail);
|
||||
$this->baseImporter->finalize(allowRemoveDoubleRefId: $allowRemoveDoubleRefId, sendAddressReportToEmail: $sendAddressReportToEmail);
|
||||
|
||||
$this->addressToReferenceMatcher->checkAddressesMatchingReferences();
|
||||
|
||||
|
||||
45
src/Bundle/ChillMainBundle/Service/VersionProvider.php
Normal file
45
src/Bundle/ChillMainBundle/Service/VersionProvider.php
Normal file
@@ -0,0 +1,45 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
/*
|
||||
* Chill is a software for social workers
|
||||
*
|
||||
* For the full copyright and license information, please view
|
||||
* the LICENSE file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Chill\MainBundle\Service;
|
||||
|
||||
use Composer\InstalledVersions;
|
||||
|
||||
readonly class VersionProvider
|
||||
{
|
||||
public function __construct(private string $packageName) {}
|
||||
|
||||
public function getVersion(): string
|
||||
{
|
||||
try {
|
||||
$version = InstalledVersions::getPrettyVersion($this->packageName);
|
||||
|
||||
if (null === $version) {
|
||||
return 'unknown';
|
||||
}
|
||||
|
||||
return $version;
|
||||
} catch (\OutOfBoundsException) {
|
||||
return 'unknown';
|
||||
}
|
||||
}
|
||||
|
||||
public function getFormattedVersion(): string
|
||||
{
|
||||
$version = $this->getVersion();
|
||||
|
||||
if ('unknown' === $version) {
|
||||
return 'Version unavailable';
|
||||
}
|
||||
|
||||
return $version;
|
||||
}
|
||||
}
|
||||
@@ -23,7 +23,7 @@ class CancelStaleWorkflowCronJob implements CronJobInterface
|
||||
{
|
||||
public const KEY = 'remove-stale-workflow';
|
||||
|
||||
public const KEEP_INTERVAL = 'P90D';
|
||||
public const KEEP_INTERVAL = 'P180D';
|
||||
|
||||
private const LAST_CANCELED_WORKFLOW = 'last-canceled-workflow-id';
|
||||
|
||||
|
||||
@@ -0,0 +1,35 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
/*
|
||||
* Chill is a software for social workers
|
||||
*
|
||||
* For the full copyright and license information, please view
|
||||
* the LICENSE file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Chill\MainBundle\Templating;
|
||||
|
||||
use Chill\MainBundle\Service\VersionProvider;
|
||||
use Twig\Extension\AbstractExtension;
|
||||
use Twig\TwigFunction;
|
||||
|
||||
class VersionRenderExtension extends AbstractExtension
|
||||
{
|
||||
public function __construct(
|
||||
private readonly VersionProvider $versionProvider,
|
||||
) {}
|
||||
|
||||
public function getFunctions(): array
|
||||
{
|
||||
return [
|
||||
new TwigFunction('get_chill_version', $this->getChillVersion(...)),
|
||||
];
|
||||
}
|
||||
|
||||
public function getChillVersion(): string
|
||||
{
|
||||
return $this->versionProvider->getFormattedVersion();
|
||||
}
|
||||
}
|
||||
@@ -42,14 +42,14 @@ class CancelStaleWorkflowHandlerTest extends TestCase
|
||||
{
|
||||
use ProphecyTrait;
|
||||
|
||||
public function testWorkflowWithOneStepOlderThan90DaysIsCanceled(): void
|
||||
public function testWorkflowWithOneStepOlderThan180DaysIsCanceled(): void
|
||||
{
|
||||
$clock = new MockClock('2024-01-01');
|
||||
$daysAgos = new \DateTimeImmutable('2023-09-01');
|
||||
$daysAgos = new \DateTimeImmutable('2023-06-01');
|
||||
|
||||
$workflow = new EntityWorkflow();
|
||||
$workflow->setWorkflowName('dummy_workflow');
|
||||
$workflow->setCreatedAt(new \DateTimeImmutable('2023-09-01'));
|
||||
$workflow->setCreatedAt(new \DateTimeImmutable('2023-06-01'));
|
||||
$workflow->setStep('step1', new WorkflowTransitionContextDTO($workflow), 'to_step1', $daysAgos, new User());
|
||||
|
||||
$em = $this->prophesize(EntityManagerInterface::class);
|
||||
@@ -94,7 +94,7 @@ class CancelStaleWorkflowHandlerTest extends TestCase
|
||||
|
||||
$workflow = new EntityWorkflow();
|
||||
$workflow->setWorkflowName('dummy_workflow');
|
||||
$workflow->setCreatedAt(new \DateTimeImmutable('2023-09-01'));
|
||||
$workflow->setCreatedAt(new \DateTimeImmutable('2023-06-01'));
|
||||
|
||||
$em = $this->prophesize(EntityManagerInterface::class);
|
||||
$em->flush()->shouldBeCalled();
|
||||
|
||||
@@ -15,7 +15,9 @@ use Chill\MainBundle\Entity\Notification;
|
||||
use Chill\MainBundle\Entity\User;
|
||||
use Chill\MainBundle\Entity\UserGroup;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflow;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflowSignatureStateEnum;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflowStep;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflowStepSignature;
|
||||
use Chill\MainBundle\Workflow\EntityWorkflowHandlerInterface;
|
||||
use Chill\MainBundle\Workflow\EntityWorkflowManager;
|
||||
use Chill\MainBundle\Workflow\EventSubscriber\NotificationOnTransition;
|
||||
@@ -87,7 +89,7 @@ final class NotificationOnTransitionTest extends TestCase
|
||||
->willReturn([]);
|
||||
|
||||
$registry = $this->prophesize(Registry::class);
|
||||
$registry->get(Argument::type(EntityWorkflow::class), Argument::type('string'))
|
||||
$registry->get(Argument::type(EntityWorkflow::class), Argument::any())
|
||||
->willReturn($workflow);
|
||||
|
||||
$security = $this->prophesize(Security::class);
|
||||
@@ -111,4 +113,74 @@ final class NotificationOnTransitionTest extends TestCase
|
||||
|
||||
$notificationOnTransition->onCompletedSendNotification($event);
|
||||
}
|
||||
|
||||
public function testOnCompleteDoNotSendNotificationIfStepCreatedByPreviousSignature(): void
|
||||
{
|
||||
$dest = new User();
|
||||
$currentUser = new User();
|
||||
$workflowProphecy = $this->prophesize(WorkflowInterface::class);
|
||||
$workflow = $workflowProphecy->reveal();
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$entityWorkflow
|
||||
->setWorkflowName('workflow_name')
|
||||
->setRelatedEntityClass(\stdClass::class)
|
||||
->setRelatedEntityId(1);
|
||||
// force an id to entityWorkflow:
|
||||
$reflection = new \ReflectionClass($entityWorkflow);
|
||||
$id = $reflection->getProperty('id');
|
||||
$id->setValue($entityWorkflow, 1);
|
||||
|
||||
$previousStep = new EntityWorkflowStep();
|
||||
$previousStep->addSignature($signature = new EntityWorkflowStepSignature($previousStep, $dest));
|
||||
$signature->setState(EntityWorkflowSignatureStateEnum::SIGNED);
|
||||
|
||||
$currentStep = new EntityWorkflowStep();
|
||||
$currentStep->addDestUser($dest);
|
||||
$currentStep->setCurrentStep('to_state');
|
||||
|
||||
$entityWorkflow->addStep($previousStep);
|
||||
$entityWorkflow->addStep($currentStep);
|
||||
|
||||
$em = $this->prophesize(EntityManagerInterface::class);
|
||||
|
||||
// we check that NO notification has been persisted for $dest
|
||||
$em->persist(Argument::that(
|
||||
fn ($notificationCandidate) => $notificationCandidate instanceof Notification && $notificationCandidate->getAddressees()->contains($dest)
|
||||
))->shouldNotBeCalled();
|
||||
|
||||
$engine = $this->prophesize(\Twig\Environment::class);
|
||||
$engine->render(Argument::type('string'), Argument::type('array'))
|
||||
->willReturn('dummy text');
|
||||
|
||||
$extractor = $this->prophesize(MetadataExtractor::class);
|
||||
$extractor->buildArrayPresentationForPlace(Argument::type(EntityWorkflow::class), Argument::any())
|
||||
->willReturn([]);
|
||||
$extractor->buildArrayPresentationForWorkflow(Argument::any())
|
||||
->willReturn([]);
|
||||
|
||||
$registry = $this->prophesize(Registry::class);
|
||||
$registry->get(Argument::type(EntityWorkflow::class), Argument::any())
|
||||
->willReturn($workflow);
|
||||
|
||||
$security = $this->prophesize(Security::class);
|
||||
$security->getUser()->willReturn(null);
|
||||
|
||||
$entityWorkflowHandler = $this->prophesize(EntityWorkflowHandlerInterface::class);
|
||||
$entityWorkflowHandler->getEntityTitle($entityWorkflow)->willReturn('workflow title');
|
||||
$entityWorkflowManager = $this->prophesize(EntityWorkflowManager::class);
|
||||
$entityWorkflowManager->getHandler($entityWorkflow)->willReturn($entityWorkflowHandler->reveal());
|
||||
|
||||
$notificationOnTransition = new NotificationOnTransition(
|
||||
$em->reveal(),
|
||||
$engine->reveal(),
|
||||
$extractor->reveal(),
|
||||
$security->reveal(),
|
||||
$registry->reveal(),
|
||||
$entityWorkflowManager->reveal(),
|
||||
);
|
||||
|
||||
$event = new Event($entityWorkflow, new Marking(), new Transition('dummy_transition', ['from_state'], ['to_state']), $workflow);
|
||||
|
||||
$notificationOnTransition->onCompletedSendNotification($event);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -11,9 +11,6 @@ declare(strict_types=1);
|
||||
|
||||
namespace Chill\MainBundle\Tests\Workflow\Helper;
|
||||
|
||||
use Chill\DocStoreBundle\Entity\StoredObject;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflowAttachment;
|
||||
use Chill\MainBundle\Repository\Workflow\EntityWorkflowAttachmentRepository;
|
||||
use Chill\MainBundle\Workflow\Helper\WorkflowRelatedEntityPermissionHelper;
|
||||
use Chill\MainBundle\Entity\User;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflow;
|
||||
@@ -269,217 +266,7 @@ class WorkflowRelatedEntityPermissionHelperTest extends TestCase
|
||||
$entityWorkflowManager = $this->prophesize(EntityWorkflowManager::class);
|
||||
$entityWorkflowManager->findByRelatedEntity(Argument::type('object'))->willReturn($entityWorkflows);
|
||||
|
||||
$repository = $this->prophesize(EntityWorkflowAttachmentRepository::class);
|
||||
$repository->findByStoredObject(Argument::type(StoredObject::class))->willReturn([]);
|
||||
|
||||
return new WorkflowRelatedEntityPermissionHelper($security->reveal(), $entityWorkflowManager->reveal(), $repository->reveal(), $this->buildRegistry(), new MockClock($atDateTime ?? new \DateTimeImmutable()));
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider provideDataAllowedByWorkflowReadOperationByAttachment
|
||||
*
|
||||
* @param list<EntityWorkflow> $entityWorkflows
|
||||
*/
|
||||
public function testAllowedByWorkflowReadByAttachment(
|
||||
array $entityWorkflows,
|
||||
User $user,
|
||||
string $expected,
|
||||
?\DateTimeImmutable $atDate,
|
||||
string $message,
|
||||
): void {
|
||||
// all entities must have this workflow name, so we are ok to set it here
|
||||
foreach ($entityWorkflows as $entityWorkflow) {
|
||||
$entityWorkflow->setWorkflowName('dummy');
|
||||
}
|
||||
$helper = $this->buildHelperForAttachment($entityWorkflows, $user, $atDate);
|
||||
|
||||
self::assertEquals($expected, $helper->isAllowedByWorkflowForReadOperation(new StoredObject()), $message);
|
||||
}
|
||||
|
||||
public static function provideDataAllowedByWorkflowReadOperationByAttachment(): iterable
|
||||
{
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
yield [[$entityWorkflow], new User(), WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'abstain because the user is not present as a dest user'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
yield [[$entityWorkflow], $user, WorkflowRelatedEntityPermissionHelper::FORCE_GRANT, new \DateTimeImmutable(),
|
||||
'force grant because the user is a current user'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
yield [[$entityWorkflow], $user, WorkflowRelatedEntityPermissionHelper::FORCE_GRANT, new \DateTimeImmutable(),
|
||||
'force grant because the user was a previous user'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futurePersonSignatures[] = new Person();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
yield [[$entityWorkflow], new User(), WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'Abstain: there is a signature for person, but the attachment is not concerned'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider provideDataAllowedByWorkflowWriteOperationByAttachment
|
||||
*
|
||||
* @param list<EntityWorkflow> $entityWorkflows
|
||||
*/
|
||||
public function testAllowedByWorkflowWriteByAttachment(
|
||||
array $entityWorkflows,
|
||||
User $user,
|
||||
string $expected,
|
||||
?\DateTimeImmutable $atDate,
|
||||
string $message,
|
||||
): void {
|
||||
// all entities must have this workflow name, so we are ok to set it here
|
||||
foreach ($entityWorkflows as $entityWorkflow) {
|
||||
$entityWorkflow->setWorkflowName('dummy');
|
||||
}
|
||||
$helper = $this->buildHelperForAttachment($entityWorkflows, $user, $atDate);
|
||||
|
||||
self::assertEquals($expected, $helper->isAllowedByWorkflowForWriteOperation(new StoredObject()), $message);
|
||||
}
|
||||
|
||||
public static function provideDataAllowedByWorkflowWriteOperationByAttachment(): iterable
|
||||
{
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
yield [[], new User(), WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'abstain because there is no workflow'];
|
||||
|
||||
yield [[$entityWorkflow], new User(), WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'abstain because the user is not present as a dest user (and attachment)'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
yield [[$entityWorkflow], $user, WorkflowRelatedEntityPermissionHelper::FORCE_GRANT, new \DateTimeImmutable(),
|
||||
'force grant because the user is a current user'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
yield [[$entityWorkflow], $user, WorkflowRelatedEntityPermissionHelper::FORCE_GRANT, new \DateTimeImmutable(),
|
||||
'force grant because the user was a previous user'];
|
||||
|
||||
yield [[$entityWorkflow], new User(), WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'abstain because the user was not a previous user'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$entityWorkflow->setStep('final_positive', $dto, 'to_final_positive', new \DateTimeImmutable(), new User());
|
||||
$entityWorkflow->getCurrentStep()->setIsFinal(true);
|
||||
|
||||
yield [[$entityWorkflow], $user, WorkflowRelatedEntityPermissionHelper::FORCE_DENIED, new \DateTimeImmutable(),
|
||||
'force denied: user was a previous user, but it is finalized positive'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable());
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$entityWorkflow->setStep('final_negative', $dto, 'to_final_negative', new \DateTimeImmutable());
|
||||
$entityWorkflow->getCurrentStep()->setIsFinal(true);
|
||||
|
||||
yield [[$entityWorkflow], $user, WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'abstain: user was a previous user, it is finalized, but finalized negative'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futurePersonSignatures[] = new Person();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
$signature = $entityWorkflow->getCurrentStep()->getSignatures()->first();
|
||||
$signature->setState(EntityWorkflowSignatureStateEnum::SIGNED)->setStateDate(new \DateTimeImmutable());
|
||||
|
||||
yield [[$entityWorkflow], new User(), WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'abstain: there is a signature, but not on the attachment'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futurePersonSignatures[] = new Person();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
|
||||
yield [[$entityWorkflow], new User(), WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'abstain: there is a signature, but the signature is not on the attachment'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futurePersonSignatures[] = new Person();
|
||||
$entityWorkflow->setStep('test', $dto, 'to_test', new \DateTimeImmutable(), new User());
|
||||
$signature = $entityWorkflow->getCurrentStep()->getSignatures()->first();
|
||||
$signature->setState(EntityWorkflowSignatureStateEnum::SIGNED)->setStateDate(new \DateTimeImmutable());
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$entityWorkflow->setStep('final_negative', $dto, 'to_final_negative', new \DateTimeImmutable(), new User());
|
||||
$entityWorkflow->getCurrentStep()->setIsFinal(true);
|
||||
|
||||
yield [[$entityWorkflow], $user, WorkflowRelatedEntityPermissionHelper::ABSTAIN, new \DateTimeImmutable(),
|
||||
'abstain: there is a signature on a canceled workflow'];
|
||||
|
||||
$entityWorkflow = new EntityWorkflow();
|
||||
$dto = new WorkflowTransitionContextDTO($entityWorkflow);
|
||||
$dto->futureDestUsers[] = $user = new User();
|
||||
$entityWorkflow->setStep('sent_external', $dto, 'to_sent_external', new \DateTimeImmutable(), $user);
|
||||
|
||||
yield [[$entityWorkflow], $user, WorkflowRelatedEntityPermissionHelper::FORCE_DENIED, new \DateTimeImmutable(),
|
||||
'force denied: the workflow is sent to an external user'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param list<EntityWorkflow> $entityWorkflows
|
||||
*/
|
||||
private function buildHelperForAttachment(array $entityWorkflows, User $user, ?\DateTimeImmutable $atDateTime): WorkflowRelatedEntityPermissionHelper
|
||||
{
|
||||
$security = $this->prophesize(Security::class);
|
||||
$security->getUser()->willReturn($user);
|
||||
|
||||
$entityWorkflowManager = $this->prophesize(EntityWorkflowManager::class);
|
||||
$entityWorkflowManager->findByRelatedEntity(Argument::type('object'))->shouldNotBeCalled();
|
||||
|
||||
$repository = $this->prophesize(EntityWorkflowAttachmentRepository::class);
|
||||
$attachments = [];
|
||||
foreach ($entityWorkflows as $entityWorkflow) {
|
||||
$attachments[] = new EntityWorkflowAttachment('dummy', ['id' => 1], $entityWorkflow, new StoredObject());
|
||||
}
|
||||
$repository->findByStoredObject(Argument::type(StoredObject::class))->willReturn($attachments);
|
||||
|
||||
return new WorkflowRelatedEntityPermissionHelper($security->reveal(), $entityWorkflowManager->reveal(), $repository->reveal(), $this->buildRegistry(), new MockClock($atDateTime ?? new \DateTimeImmutable()));
|
||||
return new WorkflowRelatedEntityPermissionHelper($security->reveal(), $entityWorkflowManager->reveal(), $this->buildRegistry(), new MockClock($atDateTime ?? new \DateTimeImmutable()));
|
||||
}
|
||||
|
||||
private static function buildRegistry(): Registry
|
||||
|
||||
@@ -103,7 +103,10 @@ class NotificationOnTransition implements EventSubscriberInterface
|
||||
|
||||
foreach ($dests as $subscriber) {
|
||||
if (
|
||||
// prevent to send a notification to the one who created the step
|
||||
$this->security->getUser() === $subscriber
|
||||
// prevent to send a notification if the user applyied a signature on the previous step
|
||||
|| $this->isStepCreatedByPreviousSignature($entityWorkflow, $subscriber)
|
||||
) {
|
||||
continue;
|
||||
}
|
||||
@@ -131,4 +134,31 @@ class NotificationOnTransition implements EventSubscriberInterface
|
||||
$this->entityManager->persist($notification);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the current step in the workflow was created by a previous signature of the specified user.
|
||||
*
|
||||
* This method retrieves the current step of the workflow and its preceding step. It iterates through
|
||||
* the signatures of the preceding step to verify if the provided user is the signer of any of those
|
||||
* signatures. Returns true if the user matches any signer; otherwise, returns false.
|
||||
*
|
||||
* @param EntityWorkflow $entityWorkflow the workflow entity containing the current step and its details
|
||||
* @param User $user the user to check against the signatures of the previous step in the workflow
|
||||
*
|
||||
* @return bool true if the specified user created the step via a previous signature, false otherwise
|
||||
*/
|
||||
private function isStepCreatedByPreviousSignature(EntityWorkflow $entityWorkflow, User $user): bool
|
||||
{
|
||||
$step = $entityWorkflow->getCurrentStepChained();
|
||||
$previous = $step->getPrevious();
|
||||
|
||||
|
||||
foreach ($previous->getSignatures() as $signature) {
|
||||
if ($signature->getSigner() === $user) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -11,12 +11,9 @@ declare(strict_types=1);
|
||||
|
||||
namespace Chill\MainBundle\Workflow\Helper;
|
||||
|
||||
use Chill\DocStoreBundle\Entity\StoredObject;
|
||||
use Chill\MainBundle\Entity\User;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflow;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflowAttachment;
|
||||
use Chill\MainBundle\Entity\Workflow\EntityWorkflowSignatureStateEnum;
|
||||
use Chill\MainBundle\Repository\Workflow\EntityWorkflowAttachmentRepository;
|
||||
use Chill\MainBundle\Workflow\EntityWorkflowManager;
|
||||
use Symfony\Component\Clock\ClockInterface;
|
||||
use Symfony\Component\Security\Core\Security;
|
||||
@@ -52,48 +49,28 @@ use Symfony\Component\Workflow\Registry;
|
||||
* the workflow denys write operations;
|
||||
* - if there is no case above and the user is involved in the workflow (is part of the current step, of a step before), the user is granted;
|
||||
*/
|
||||
class WorkflowRelatedEntityPermissionHelper
|
||||
final readonly class WorkflowRelatedEntityPermissionHelper implements WorkflowRelatedEntityPermissionHelperInterface
|
||||
{
|
||||
public const FORCE_GRANT = 'FORCE_GRANT';
|
||||
public const FORCE_DENIED = 'FORCE_DENIED';
|
||||
public const ABSTAIN = 'ABSTAIN';
|
||||
|
||||
public function __construct(
|
||||
private readonly Security $security,
|
||||
private readonly EntityWorkflowManager $entityWorkflowManager,
|
||||
private readonly EntityWorkflowAttachmentRepository $entityWorkflowAttachmentRepository,
|
||||
private readonly Registry $registry,
|
||||
private readonly ClockInterface $clock,
|
||||
private Security $security,
|
||||
private EntityWorkflowManager $entityWorkflowManager,
|
||||
private Registry $registry,
|
||||
private ClockInterface $clock,
|
||||
) {}
|
||||
|
||||
/**
|
||||
* @param object $entity The entity may be an
|
||||
* @param object $entity The entity may be an object that is a related entity of a workflow, or an EntityWorkflow itself
|
||||
*
|
||||
* @return 'FORCE_GRANT'|'FORCE_DENIED'|'ABSTAIN'
|
||||
*/
|
||||
public function isAllowedByWorkflowForReadOperation(object $entity): string
|
||||
{
|
||||
if ($entity instanceof StoredObject) {
|
||||
$attachments = $this->entityWorkflowAttachmentRepository->findByStoredObject($entity);
|
||||
$entityWorkflows = array_map(static fn (EntityWorkflowAttachment $attachment) => $attachment->getEntityWorkflow(), $attachments);
|
||||
$isAttached = true;
|
||||
} else {
|
||||
$entityWorkflows = $this->entityWorkflowManager->findByRelatedEntity($entity);
|
||||
$isAttached = false;
|
||||
}
|
||||
|
||||
if ([] === $entityWorkflows) {
|
||||
return self::ABSTAIN;
|
||||
}
|
||||
$entityWorkflows = $entity instanceof EntityWorkflow ? [$entity] : $this->entityWorkflowManager->findByRelatedEntity($entity);
|
||||
|
||||
if ($this->isUserInvolvedInAWorkflow($entityWorkflows)) {
|
||||
return self::FORCE_GRANT;
|
||||
}
|
||||
|
||||
if ($isAttached) {
|
||||
return self::ABSTAIN;
|
||||
}
|
||||
|
||||
// give a view permission if there is a Person signature pending, or in the 12 hours following
|
||||
// the signature last state
|
||||
foreach ($entityWorkflows as $workflow) {
|
||||
@@ -117,24 +94,20 @@ class WorkflowRelatedEntityPermissionHelper
|
||||
}
|
||||
|
||||
/**
|
||||
* @param object $entity the entity may be an object which is the related entity of a workflow
|
||||
*
|
||||
* @return 'FORCE_GRANT'|'FORCE_DENIED'|'ABSTAIN'
|
||||
*/
|
||||
public function isAllowedByWorkflowForWriteOperation(object $entity): string
|
||||
{
|
||||
if ($entity instanceof StoredObject) {
|
||||
$attachments = $this->entityWorkflowAttachmentRepository->findByStoredObject($entity);
|
||||
$entityWorkflows = array_map(static fn (EntityWorkflowAttachment $attachment) => $attachment->getEntityWorkflow(), $attachments);
|
||||
$isAttached = true;
|
||||
} else {
|
||||
$entityWorkflows = $this->entityWorkflowManager->findByRelatedEntity($entity);
|
||||
$isAttached = false;
|
||||
}
|
||||
$entityWorkflows = $entity instanceof EntityWorkflow ? [$entity] : $this->entityWorkflowManager->findByRelatedEntity($entity);
|
||||
|
||||
if ([] === $entityWorkflows) {
|
||||
return self::ABSTAIN;
|
||||
}
|
||||
|
||||
// if a workflow is finalized positive, anyone is allowed to edit the document anymore
|
||||
|
||||
// if a workflow is finalized positive or isSentExternal, no one is allowed to edit the document anymore
|
||||
foreach ($entityWorkflows as $entityWorkflow) {
|
||||
$workflow = $this->registry->get($entityWorkflow, $entityWorkflow->getWorkflowName());
|
||||
$marking = $workflow->getMarkingStore()->getMarking($entityWorkflow);
|
||||
@@ -147,39 +120,64 @@ class WorkflowRelatedEntityPermissionHelper
|
||||
// the workflow is final, and final positive, or is sentExternal, so we stop here.
|
||||
return self::FORCE_DENIED;
|
||||
}
|
||||
if (
|
||||
// if not finalized positive
|
||||
$entityWorkflow->isFinal() && !($placeMetadata['isFinalPositive'] ?? false)
|
||||
) {
|
||||
return self::ABSTAIN;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$runningWorkflows = array_filter($entityWorkflows, fn (EntityWorkflow $ew) => !$ew->isFinal());
|
||||
// if there is a signature on a **running workflow**, no one is allowed edit anymore, except if the workflow is canceled
|
||||
foreach ($entityWorkflows as $entityWorkflow) {
|
||||
// if the workflow is canceled, we ignore it
|
||||
$isFinalNegative = false;
|
||||
if ($entityWorkflow->isFinal()) {
|
||||
$workflow = $this->registry->get($entityWorkflow, $entityWorkflow->getWorkflowName());
|
||||
$marking = $workflow->getMarkingStore()->getMarking($entityWorkflow);
|
||||
foreach ($marking->getPlaces() as $place => $int) {
|
||||
$placeMetadata = $workflow->getMetadataStore()->getPlaceMetadata($place);
|
||||
if (isset($placeMetadata['isFinalPositive']) && false === $placeMetadata['isFinalPositive']) {
|
||||
$isFinalNegative = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($isFinalNegative) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// if there is a signature on a **running workflow**, no one is allowed edit the workflow anymore
|
||||
if (!$isAttached) {
|
||||
foreach ($runningWorkflows as $entityWorkflow) {
|
||||
foreach ($entityWorkflow->getSteps() as $step) {
|
||||
foreach ($step->getSignatures() as $signature) {
|
||||
if (EntityWorkflowSignatureStateEnum::SIGNED === $signature->getState()) {
|
||||
return self::FORCE_DENIED;
|
||||
}
|
||||
foreach ($entityWorkflow->getSteps() as $step) {
|
||||
foreach ($step->getSignatures() as $signature) {
|
||||
if (EntityWorkflowSignatureStateEnum::SIGNED === $signature->getState()) {
|
||||
return self::FORCE_DENIED;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// if all workflows are finalized negative (= canceled), we should abstain
|
||||
$runningWorkflows = [];
|
||||
foreach ($entityWorkflows as $entityWorkflow) {
|
||||
$isFinalNegative = false;
|
||||
if ($entityWorkflow->isFinal()) {
|
||||
$workflow = $this->registry->get($entityWorkflow, $entityWorkflow->getWorkflowName());
|
||||
$marking = $workflow->getMarkingStore()->getMarking($entityWorkflow);
|
||||
foreach ($marking->getPlaces() as $place => $int) {
|
||||
$placeMetadata = $workflow->getMetadataStore()->getPlaceMetadata($place);
|
||||
if (isset($placeMetadata['isFinalPositive']) && false === $placeMetadata['isFinalPositive']) {
|
||||
$isFinalNegative = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!$isFinalNegative) {
|
||||
$runningWorkflows[] = $entityWorkflow;
|
||||
}
|
||||
}
|
||||
|
||||
if ([] === $runningWorkflows) {
|
||||
return self::ABSTAIN;
|
||||
}
|
||||
|
||||
// allow only the users involved
|
||||
if ($this->isUserInvolvedInAWorkflow($runningWorkflows)) {
|
||||
return self::FORCE_GRANT;
|
||||
}
|
||||
|
||||
if ($isAttached) {
|
||||
return self::ABSTAIN;
|
||||
}
|
||||
|
||||
return self::FORCE_DENIED;
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,63 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
/*
|
||||
* Chill is a software for social workers
|
||||
*
|
||||
* For the full copyright and license information, please view
|
||||
* the LICENSE file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Chill\MainBundle\Workflow\Helper;
|
||||
|
||||
/**
|
||||
* Helper to give supplementary permissions to a related entity.
|
||||
*
|
||||
* If a related entity is associated within a workflow, the logic of the workflow can give more permissions, or
|
||||
* remove some permissions.
|
||||
*
|
||||
* The methods of this helper return either:
|
||||
*
|
||||
* - FORCE_GRANT, which means that a permission can be given, even if it would be denied when the related
|
||||
* entity is not associated with a workflow;
|
||||
* - FORCE_DENIED, which means that a permission should be denied, even if it would be granted when the related entity
|
||||
* is not associated with a workflow
|
||||
* - ABSTAIN, if there is no workflow logic to add or remove permission
|
||||
*
|
||||
* For read operations:
|
||||
*
|
||||
* - if the user is involved in the workflow (is part of the current step, of a step before), the user is granted read
|
||||
* operation;
|
||||
* - if there is a pending signature for a person, the workflow grant access to the related entity;
|
||||
* - if there a signature applyied in less than 12 hours, the workflow grant access to the related entity. This allow to
|
||||
* show the related entity to the person during this time frame.
|
||||
*
|
||||
*
|
||||
* For write operation:
|
||||
*
|
||||
* - if the workflow is finalized "positive" (means "not canceled"), the workflow denys write operations;
|
||||
* - if there isn't any finalized "positive" workflow, and if there is a signature appliyed for a running workflow (not finalized nor canceled),
|
||||
* the workflow denys write operations;
|
||||
* - if there is no case above and the user is involved in the workflow (is part of the current step, of a step before), the user is granted;
|
||||
*/
|
||||
interface WorkflowRelatedEntityPermissionHelperInterface
|
||||
{
|
||||
public const FORCE_GRANT = 'FORCE_GRANT';
|
||||
public const FORCE_DENIED = 'FORCE_DENIED';
|
||||
public const ABSTAIN = 'ABSTAIN';
|
||||
|
||||
/**
|
||||
* @param object $entity The entity may be an object that is a related entity of a workflow, or an EntityWorkflow itself
|
||||
*
|
||||
* @return 'FORCE_GRANT'|'FORCE_DENIED'|'ABSTAIN'
|
||||
*/
|
||||
public function isAllowedByWorkflowForReadOperation(object $entity): string;
|
||||
|
||||
/**
|
||||
* @param object $entity the entity may be an object which is the related entity of a workflow
|
||||
*
|
||||
* @return 'FORCE_GRANT'|'FORCE_DENIED'|'ABSTAIN'
|
||||
*/
|
||||
public function isAllowedByWorkflowForWriteOperation(object $entity): string;
|
||||
}
|
||||
@@ -115,3 +115,7 @@ services:
|
||||
$vienEntityInfoProviders: !tagged_iterator chill_main.entity_info_provider
|
||||
|
||||
Chill\MainBundle\Action\User\UpdateProfile\UpdateProfileCommandHandler: ~
|
||||
|
||||
Chill\MainBundle\Service\VersionProvider:
|
||||
arguments:
|
||||
$packageName: 'chill-project/chill-bundles'
|
||||
|
||||
@@ -66,3 +66,7 @@ services:
|
||||
resource: './../../Templating/Listing'
|
||||
|
||||
Chill\MainBundle\Templating\Listing\FilterOrderHelperFactoryInterface: '@Chill\MainBundle\Templating\Listing\FilterOrderHelperFactory'
|
||||
|
||||
Chill\MainBundle\Templating\VersionRenderExtension:
|
||||
tags:
|
||||
- { name: twig.extension }
|
||||
|
||||
@@ -48,6 +48,9 @@ See: Voir
|
||||
Name: Nom
|
||||
Label: Nom
|
||||
|
||||
footer:
|
||||
Running chill version %version%: "Version de Chill: %version%"
|
||||
|
||||
user:
|
||||
current_user: Utilisateur courant
|
||||
profile:
|
||||
|
||||
Reference in New Issue
Block a user