The logic for checking 'see' and 'edit' permissions within the StoredObjectNormalizer has been updated. It now correctly refers to the value of the StoredObjectRoleEnum to check access rights.
The previous name, WorkflowDocumentService, was misleading as its functionality extends to all stored objects and not limited to documents. Therefore, it was renamed to WorkflowStoredObjectPermissionHelper. Consequently, all references to this service were updated throughout the codebase.
Introduces a locale requirement to the search route in the ChillMainBundle. This update specifies that a valid locale should consist of 1 to 3 lowercase alphabetic characters. This change will help constrain acceptable locale values.
The AccompanyingPeriodWorkEvaluationStoredObjectVoter has been updated to use the AccompanyingPeriodWorkEvaluationDocument-related classes instead of the AccompanyingPeriodWork classes. Additionally, a new voters class, AccompanyingPeriodWorkEvaluationDocumentVoter has been created. Changes are also made in the repository to find the associated entity in the AccompanyingPeriodWorkEvaluationDocument repository instead of the AccompanyingPeriodWork repository.
The existing StoredObjectVoter test logic was reworked to utilize UsernamePasswordToken and Security mock objects instead of defining its own token. This change improves the testing for different scenarios such as unsupported attributes and cases where role voters cannot see the stored object. Also, the redundancy in the test case provider was removed, which leads to cleaner and more maintainable code.
This commit eliminates antiquated security checks in the StoredObjectVoter class. Specifically, it removes a chunk of commented out code that checked for certain attributes on the token and also the import for DavTokenAuthenticationEventSubscriber class which is no longer needed. This results in code cleanup and prevents future confusion.
