diff --git a/src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelper.php b/src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelper.php index 65e1cf688..9bb883317 100644 --- a/src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelper.php +++ b/src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelper.php @@ -63,7 +63,7 @@ class AuthorizationHelper implements AuthorizationHelperInterface * * @param User $user The user * @param array $centers a list of centers which are going to be filtered - * @param Center|string $role + * @param string $role */ public function filterReachableCenters(User $user, array $centers, $role): array { @@ -113,13 +113,14 @@ class AuthorizationHelper implements AuthorizationHelperInterface * Get reachable Centers for the given user, role, * and optionally Scope. * - * @return array|Center[] + * @return list
*/ public function getReachableCenters(UserInterface $user, string $role, ?Scope $scope = null): array { if ($role instanceof Role) { $role = $role->getRole(); } + /** @var array $centers */ $centers = []; foreach ($user->getGroupCenters() as $groupCenter) { @@ -129,13 +130,13 @@ class AuthorizationHelper implements AuthorizationHelperInterface //check that the role is in the reachable roles if ($this->isRoleReached($role, $roleScope->getRole())) { if (null === $scope) { - $centers[] = $groupCenter->getCenter(); + $centers[spl_object_hash($groupCenter->getCenter())] = $groupCenter->getCenter(); break; } if ($scope->getId() === $roleScope->getScope()->getId()) { - $centers[] = $groupCenter->getCenter(); + $centers[spl_object_hash($groupCenter->getCenter())] = $groupCenter->getCenter(); break; } @@ -143,7 +144,7 @@ class AuthorizationHelper implements AuthorizationHelperInterface } } - return $centers; + return array_values($centers); } /** @@ -194,7 +195,7 @@ class AuthorizationHelper implements AuthorizationHelperInterface * * @return array|Scope[] */ - public function getReachableScopes(UserInterface $user, string $role, $center): array + public function getReachableScopes(UserInterface $user, string $role, Center|array $center): array { if ($role instanceof Role) { $role = $role->getRole(); diff --git a/src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelperInterface.php b/src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelperInterface.php index f7c1f5b46..1176cf1fa 100644 --- a/src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelperInterface.php +++ b/src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelperInterface.php @@ -21,12 +21,12 @@ interface AuthorizationHelperInterface * Get reachable Centers for the given user, role, * and optionnaly Scope. * - * @return Center[] + * @return list
*/ public function getReachableCenters(UserInterface $user, string $role, ?Scope $scope = null): array; /** - * @param array|Center|Center[] $center + * @param Center|list
$center */ - public function getReachableScopes(UserInterface $user, string $role, $center): array; + public function getReachableScopes(UserInterface $user, string $role, Center|array $center): array; } diff --git a/src/Bundle/ChillPersonBundle/Controller/PersonController.php b/src/Bundle/ChillPersonBundle/Controller/PersonController.php index bb03a6b33..976f44703 100644 --- a/src/Bundle/ChillPersonBundle/Controller/PersonController.php +++ b/src/Bundle/ChillPersonBundle/Controller/PersonController.php @@ -11,6 +11,8 @@ declare(strict_types=1); namespace Chill\PersonBundle\Controller; +use Chill\MainBundle\Security\Authorization\AuthorizationHelper; +use Chill\MainBundle\Security\Authorization\AuthorizationHelperInterface; use Chill\PersonBundle\Config\ConfigPersonAltNamesHelper; use Chill\PersonBundle\Entity\Household\Household; use Chill\PersonBundle\Entity\Household\HouseholdMember; @@ -20,6 +22,7 @@ use Chill\PersonBundle\Form\PersonType; use Chill\PersonBundle\Privacy\PrivacyEvent; use Chill\PersonBundle\Repository\PersonRepository; use Chill\PersonBundle\Search\SimilarPersonMatcher; +use Chill\PersonBundle\Security\Authorization\PersonVoter; use DateTimeImmutable; use Doctrine\ORM\EntityManagerInterface; use Psr\Log\LoggerInterface; @@ -44,6 +47,8 @@ use function is_array; final class PersonController extends AbstractController { + private AuthorizationHelperInterface $authorizationHelper; + /** * @var ConfigPersonAltNamesHelper */ @@ -87,6 +92,7 @@ final class PersonController extends AbstractController private $validator; public function __construct( + AuthorizationHelperInterface $authorizationHelper, SimilarPersonMatcher $similarPersonMatcher, TranslatorInterface $translator, EventDispatcherInterface $eventDispatcher, @@ -97,6 +103,7 @@ final class PersonController extends AbstractController EntityManagerInterface $em, Security $security ) { + $this->authorizationHelper = $authorizationHelper; $this->similarPersonMatcher = $similarPersonMatcher; $this->translator = $translator; $this->eventDispatcher = $eventDispatcher; @@ -206,22 +213,15 @@ final class PersonController extends AbstractController * * The next post compare the data with previous one and, if yes, show a * review page if there are "alternate persons". - * - * @return Response|\Symfony\Component\HttpFoundation\RedirectResponse */ - public function newAction(Request $request) + public function newAction(Request $request): Response { $person = new Person(); - if ( - 1 === count($this->security->getUser() - ->getGroupCenters()) - ) { - $person->setCenter( - $this->security->getUser() - ->getGroupCenters()[0] - ->getCenter() - ); + $authorizedCenters =$this->authorizationHelper->getReachableCenters($this->getUser(), PersonVoter::CREATE); + + if (1 === count($authorizedCenters)) { + $person->setCenter($authorizedCenters[0]); } $form = $this->createForm(CreationPersonType::class, $person)