This commit eliminates antiquated security checks in the StoredObjectVoter class. Specifically, it removes a chunk of commented out code that checked for certain attributes on the token and also the import for DavTokenAuthenticationEventSubscriber class which is no longer needed. This results in code cleanup and prevents future confusion.
The PdfSignedMessageHandler has been updated to handle pdf signed messages: the content is now stored within the object. Also, a PdfSignedMessageHandlerTest has been created to ensure the correct functionality of the updated handler.
Added new interface, EntityWorkflowWithStoredObjectHandlerInterface, which provides methods to handle workflows associated with stored objects. Two classes, AccompanyingPeriodWorkEvaluationDocumentWorkflowHandler and AccompanyingCourseDocumentWorkflowHandler, have been updated to implement this new interface. The EntityWorkflowManager class has also been updated to handle workflows associated with stored objects.
- the workflow controller add a context to each transition;
- the state of the entity workflow is applyied using a dedicated marking store
- the method EntityWorkflow::step use the context to associate the new step with the future destination user, cc users and email. This makes the step consistent at every step.
- this allow to remove some logic which was processed in eventSubscribers,
- as counterpart, each workflow must specify a dedicated marking_store:
```yaml
framework:
workflows:
vendee_internal:
# ...
marking_store:
service: Chill\MainBundle\Workflow\EntityWorkflowMarkingStore
```
Using the workflow handlers we return the workflow that is attached to an object
so that within the workflowDocumentService we can then check whether this workflow blocks
the edition of a document.
Added a new class, PdfSignedMessage, to handle received signed PDF messages. Also, added a serializer for this class, PdfSignedMessageSerializer, for use with messaging. Furthermore, comment documentation has been added to RequestPdfSignMessage and its serializer for better clarity. Updated unit tests are also included.
This update introduces a new serializer class for request messages (from messenger component). New features-includes encoding and decoding of request messages and handling unexpected value exceptions. A new test class for the serializer and it also adds functionality to process signature requests in the controller.
The voter was not checking the correct permissions to\ establish whether a user can see/edit a storedObject\
The right to see/edit an AccompanyingPeriodWork has to\
be checked.
For reusability an AbstractStoredObjectVoter was created and a StoredObjectVoterInterface.
A WorkflowDocumentService checks whether the StoredObject is involved in a workflow.
A WorkflowDocumentService was created that can be injected\
in context-specific StoredObject voters that need to check whether\
the document in question is attached to a workflow.
A separate AccompanyingCourseDocumentStoredObjectVoter was\
created to handle the specific access to a Stored object\
related to an Accompanying Course Document.
Instead of manually injecting services into StoredObjectVoter\
config is added to automatically tag each service that implements\
StoredObjectVoterInterface.php
