Merge branch 'master' into 'issue378_normalize_requestor'

# Conflicts: # CHANGELOG.md
2025-08-21 23:23:51 +00:00 · 2022-02-11 14:31:53 +00:00
parent 861abe708b 83f8402081
commit e157624479
58 changed files with 598 additions and 431 deletions
--- a/src/Bundle/ChillPersonBundle/Controller/AccompanyingCourseWorkController.php
+++ b/src/Bundle/ChillPersonBundle/Controller/AccompanyingCourseWorkController.php
@@ -15,6 +15,7 @@ use Chill\MainBundle\Pagination\PaginatorFactory;
 use Chill\PersonBundle\Entity\AccompanyingPeriod;
 use Chill\PersonBundle\Entity\AccompanyingPeriod\AccompanyingPeriodWork;
 use Chill\PersonBundle\Repository\AccompanyingPeriod\AccompanyingPeriodWorkRepository;
+use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodWorkVoter;
 use Psr\Log\LoggerInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\Form\Extension\Core\Type\SubmitType;
@@ -23,7 +24,7 @@ use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Serializer\SerializerInterface;
-use Symfony\Component\Translation\TranslatorInterface;
+use Symfony\Contracts\Translation\TranslatorInterface;

 class AccompanyingCourseWorkController extends AbstractController
 {
@@ -60,7 +61,7 @@ class AccompanyingCourseWorkController extends AbstractController
     */
    public function createWork(AccompanyingPeriod $period): Response
    {
-        // TODO ACL
+        $this->denyAccessUnlessGranted(AccompanyingPeriodWorkVoter::CREATE, $period);

        if ($period->getSocialIssues()->count() === 0) {
            $this->addFlash(
@@ -93,7 +94,8 @@ class AccompanyingCourseWorkController extends AbstractController
     */
    public function deleteWork(AccompanyingPeriodWork $work, Request $request): Response
    {
-        // TODO ACL
+        $this->denyAccessUnlessGranted(AccompanyingPeriodWorkVoter::UPDATE, $work);
+
        $em = $this->getDoctrine()->getManager();

        $form = $this->createDeleteForm($work->getId());
@@ -138,7 +140,8 @@ class AccompanyingCourseWorkController extends AbstractController
     */
    public function editWork(AccompanyingPeriodWork $work): Response
    {
-        // TODO ACL
+        $this->denyAccessUnlessGranted(AccompanyingPeriodWorkVoter::UPDATE, $work);
+
        $json = $this->serializer->normalize($work, 'json', ['groups' => ['read']]);

        return $this->render('@ChillPerson/AccompanyingCourseWork/edit.html.twig', [
@@ -157,13 +160,13 @@ class AccompanyingCourseWorkController extends AbstractController
     */
    public function listWorkByAccompanyingPeriod(AccompanyingPeriod $period): Response
    {
-        // TODO ACL
+        $this->denyAccessUnlessGranted(AccompanyingPeriodWorkVoter::SEE, $period);
+
        $totalItems = $this->workRepository->countByAccompanyingPeriod($period);
        $paginator = $this->paginator->create($totalItems);

-        $works = $this->workRepository->findByAccompanyingPeriod(
+        $works = $this->workRepository->findByAccompanyingPeriodOpenFirst(
            $period,
-            ['startDate' => 'DESC', 'endDate' => 'DESC'],
            $paginator->getItemsPerPage(),
            $paginator->getCurrentPageFirstItemNumber()
        );
--- a/src/Bundle/ChillPersonBundle/Controller/HouseholdApiController.php
+++ b/src/Bundle/ChillPersonBundle/Controller/HouseholdApiController.php
@@ -50,7 +50,6 @@ class HouseholdApiController extends ApiController
     */
    public function getHouseholdByAddressReference(AddressReference $addressReference): Response
    {
-        // TODO ACL
        $this->denyAccessUnlessGranted('ROLE_USER');

        $total = $this->householdACLAwareRepository->countByAddressReference($addressReference);
--- a/src/Bundle/ChillPersonBundle/Controller/PersonController.php
+++ b/src/Bundle/ChillPersonBundle/Controller/PersonController.php
@@ -224,6 +224,8 @@ final class PersonController extends AbstractController
                'label' => 'Add the person',
            ])->add('createPeriod', SubmitType::class, [
                'label' => 'Add the person and create an accompanying period',
+            ])->add('createHousehold', SubmitType::class, [
+                'label' => 'Add the person and create a household',
            ]);

        $form->handleRequest($request);
@@ -252,6 +254,12 @@ final class PersonController extends AbstractController
                    ]);
                }

+                if ($form->get('createHousehold')->isClicked()) {
+                    return $this->redirectToRoute('chill_person_household_members_editor', [
+                        'persons' => [$person->getId()],
+                    ]);
+                }
+
                return $this->redirectToRoute(
                    'chill_person_general_edit',
                    ['person_id' => $person->getId()]