Update budget element voter and improve form handling in permissions group

The base class of BudgetElementVoter has been changed to Voter, and the form handling in PermissionsGroupController has been improved for better validation. In addition, minor changes were made for better menu building and service configuration was updated. Unnecessary date validation in AbstractElement has been removed as well.

src/Bundle/ChillBudgetBundle/Entity/AbstractElement.php

@@ -40,7 +40,6 @@ abstract class AbstractElement
     #[ORM\ManyToOne(targetEntity: Person::class)]
     private ?Person $person = null;
 
-    #[Assert\Date]
     #[ORM\Column(name: 'startDate', type: \Doctrine\DBAL\Types\Types::DATETIME_IMMUTABLE)]
     private \DateTimeImmutable $startDate;
 

src/Bundle/ChillBudgetBundle/Menu/HouseholdMenuBuilder.php

@@ -16,25 +16,26 @@ use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
 use Chill\PersonBundle\Entity\Household\Household;
 use Knp\Menu\MenuItem;
 use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Symfony\Component\Security\Core\Security;
 use Symfony\Contracts\Translation\TranslatorInterface;
 
-class HouseholdMenuBuilder implements LocalMenuBuilderInterface
+final readonly class HouseholdMenuBuilder implements LocalMenuBuilderInterface
 {
-    public function __construct(protected AuthorizationCheckerInterface $authorizationChecker, protected TranslatorInterface $translator) {}
+    public function __construct(private Security $security, private TranslatorInterface $translator) {}
 
     public function buildMenu($menuId, MenuItem $menu, array $parameters)
     {
         /** @var Household $household */
         $household = $parameters['household'];
 
-        // if ($this->authorizationChecker->isGranted(BudgetElementVoter::SHOW, $household)) {
-        $menu->addChild($this->translator->trans('household.Budget'), [
-            'route' => 'chill_budget_elements_household_index',
-            'routeParameters' => [
-                'id' => $household->getId(),
-            ], ])
-            ->setExtras(['order' => 19]);
-        // }
+        if ($this->security->isGranted(BudgetElementVoter::SEE, $household)) {
+            $menu->addChild($this->translator->trans('household.Budget'), [
+                'route' => 'chill_budget_elements_household_index',
+                'routeParameters' => [
+                    'id' => $household->getId(),
+                ], ])
+                ->setExtras(['order' => 19]);
+        }
     }
 
     public static function getMenuIds(): array

src/Bundle/ChillBudgetBundle/Security/Authorization/BudgetElementVoter.php

@@ -19,8 +19,9 @@ use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
 use Chill\PersonBundle\Entity\Household\Household;
 use Chill\PersonBundle\Entity\Person;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Voter;
 
-class BudgetElementVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface
+class BudgetElementVoter extends Voter implements ProvideRoleHierarchyInterface
 {
     final public const CREATE = 'CHILL_BUDGET_ELEMENT_CREATE';
 

src/Bundle/ChillBudgetBundle/config/services/security.yaml

@@ -1,5 +1,4 @@
 services:
     Chill\BudgetBundle\Security\Authorization\BudgetElementVoter:
         autowire: true
-        tags:
-            - { name: security.voter }
+        autoconfigure: true

src/Bundle/ChillMainBundle/Controller/PermissionsGroupController.php

@@ -49,7 +49,7 @@ final class PermissionsGroupController extends AbstractController
         private readonly RoleScopeRepository $roleScopeRepository,
     ) {}
 
-    #[\Symfony\Component\Routing\Annotation\Route(path: '/{_locale}/admin/permissionsgroup/{id}/add_link_role_scope', name: 'admin_permissionsgroup_add_role_scope', methods: ['PUT'])]
+    #[\Symfony\Component\Routing\Annotation\Route(path: '/{_locale}/admin/permissionsgroup/{id}/add_link_role_scope', name: 'admin_permissionsgroup_add_role_scope', methods: ['POST'])]
     public function addLinkRoleScopeAction(Request $request, int $id): Response
     {
         $permissionsGroup = $this->permissionsGroupRepository->find($id);
@@ -61,7 +61,9 @@ final class PermissionsGroupController extends AbstractController
         $form = $this->createAddRoleScopeForm($permissionsGroup);
         $form->handleRequest($request);
 
-        if ($form->isValid()) {
+        dump($form->isSubmitted());
+
+        if ($form->isSubmitted() && $form->isValid()) {
             $roleScope = $this->getPersistentRoleScopeBy(
                 $form['composed_role_scope']->getData()->getRole(),
                 $form['composed_role_scope']->getData()->getScope()
@@ -74,7 +76,7 @@ final class PermissionsGroupController extends AbstractController
                 $this->em->flush();
 
                 $this->addFlash(
-                    'notice',
+                    'success',
                     $this->translator->trans('The permissions have been added')
                 );
 
@@ -416,7 +418,6 @@ final class PermissionsGroupController extends AbstractController
                 'admin_permissionsgroup_add_role_scope',
                 ['id' => $permissionsGroup->getId()]
             ))
-            ->setMethod('PUT')
             ->add('composed_role_scope', ComposedRoleScopeType::class)
             ->add('submit', SubmitType::class, ['label' => 'Add permission'])
             ->getForm();