confidential toggle rights

src/Bundle/ChillPersonBundle/Resources/public/vuejs/AccompanyingCourse/api.js

@@ -48,6 +48,7 @@ const whoami = () => {
       });
 };
 
+
 export {
    whoami,
    getSocialIssues,

src/Bundle/ChillPersonBundle/Resources/public/vuejs/AccompanyingCourse/components/Banner/ToggleFlags.vue

@@ -21,6 +21,7 @@
 
 <script>
 import { mapState } from 'vuex';
+
 export default {
    name: "ToggleFlags",
    computed: {
@@ -28,6 +29,7 @@ export default {
          intensity: state => state.accompanyingCourse.intensity,
          emergency: state => state.accompanyingCourse.emergency,
          confidential: state => state.accompanyingCourse.confidential,
+         permissions: state => state.permissions,
       }),
       isRegular() {
          return (this.intensity === 'regular') ? true : false;
@@ -37,7 +39,7 @@ export default {
       },
       isConfidential() {
          return (this.confidential) ? true : false;
-      }
+      },
    },
    methods: {
       toggleIntensity() {
@@ -73,16 +75,15 @@ export default {
             });
       },
       toggleConfidential() {
-         this.$store.dispatch('toggleConfidential', (!this.isConfidential))
-            .catch(({name, violations}) => {
-               if (name === 'ValidationException' || name === 'AccessException') {
-                  violations.forEach((violation) => this.$toast.open({message: violation}));
-               } else {
-                  this.$toast.open({message: 'An error occurred'})
-               }
-            });
-      }
-   }
+         this.$store.dispatch('fetchPermissions').then(() => {
+           if (!this.$store.getters.canTogglePermission) {
+             this.$toast.open({message: "Seul le référent peut modifier la confidentialité"});
+           } else {
+             this.$store.dispatch('toggleConfidential', (!this.isConfidential));
+           }
+         });
+      },
+   },
 }
 </script>
 

src/Bundle/ChillPersonBundle/Resources/public/vuejs/AccompanyingCourse/store/index.js

@@ -37,6 +37,7 @@ let initPromise = Promise.all([scopesPromise, accompanyingCoursePromise])
             referrersSuggested: [],
             // all the users available
             users: [],
+            permissions: {}
          },
          getters: {
             isParticipationValid(state) {
@@ -70,7 +71,14 @@ let initPromise = Promise.all([scopesPromise, accompanyingCoursePromise])
                   return true;
                }
                return false;
-            }
+            },
+            canTogglePermission(state) {
+               if (state.permissions.roles) {
+                  return state.permissions.roles['CHILL_PERSON_ACCOMPANYING_PERIOD_TOGGLE_CONFIDENTIAL'];
+               }
+
+               return false;
+            },
          },
          mutations: {
             catchError(state, error) {
@@ -201,6 +209,10 @@ let initPromise = Promise.all([scopesPromise, accompanyingCoursePromise])
                   return u;
                });
             },
+            setPermissions(state, permissions) {
+               state.permissions = permissions;
+               // console.log('permissions', state.permissions);
+            },
             updateLocation(state, r) {
                //console.log('### mutation: set location attributes', r);
                state.accompanyingCourse.locationStatus = r.locationStatus;
@@ -625,6 +637,33 @@ let initPromise = Promise.all([scopesPromise, accompanyingCoursePromise])
                let users = await getUsers();
                commit('setUsers', users);
             },
+            /**
+             * By adding more roles to body['roles'], more permissions can be checked.
+             */
+            fetchPermissions({commit}) {
+               const url = '/api/1.0/main/permissions/info.json';
+               const body = {
+                  "object": {
+                     "type": "accompanying_period",
+                     "id": id
+                   },
+                   "class": "Chill\\PersonBundle\\Entity\\AccompanyingPeriod",
+                   "roles": [
+                      "CHILL_PERSON_ACCOMPANYING_PERIOD_TOGGLE_CONFIDENTIAL"
+                     ]
+               }
+
+               return makeFetch('POST', url, body)
+                  .then((response) => {
+                     commit('setPermissions', response);
+
+                     return Promise.resolve();
+                  })
+                  .catch((error) => {
+                     commit('catchError', error);
+                     throw error;
+                  })
+            },
             updateLocation({ commit, dispatch }, payload) {
                //console.log('## action: updateLocation', payload.locationStatusTo);
                const url = `/api/1.0/person/accompanying-course/${payload.targetId}.json`;
@@ -642,12 +681,12 @@ let initPromise = Promise.all([scopesPromise, accompanyingCoursePromise])
                Object.assign(body, location);
                makeFetch('PATCH', url, body)
                   .then((response) => {
-                        commit('updateLocation', {
-                           location: response.location,
-                           locationStatus: response.locationStatus,
-                           personLocation: response.personLocation
-                        });
-                        dispatch('fetchReferrersSuggested');
+                     commit('updateLocation', {
+                        location: response.location,
+                        locationStatus: response.locationStatus,
+                        personLocation: response.personLocation
+                     });
+                     dispatch('fetchReferrersSuggested');
                   })
                   .catch((error) => {
                      commit('catchError', error);