10 Commits

Author	SHA1	Message	Date
Julien Fastré	e83307ca6d	Remove obsolete security checks in StoredObjectVoter ... This commit eliminates antiquated security checks in the StoredObjectVoter class. Specifically, it removes a chunk of commented out code that checked for certain attributes on the token and also the import for DavTokenAuthenticationEventSubscriber class which is no longer needed. This results in code cleanup and prevents future confusion.	2024-07-15 17:17:56 +02:00
Julie Lenaerts	21b79c1981	Php cs fixes	2024-07-04 11:39:02 +02:00
Julie Lenaerts	c19c597ba0	Fix checking of permissions within document_button_group	2024-07-02 12:50:44 +02:00
Julie Lenaerts	c06e76a0ee	Implement context-specific voters for all current entities that can be linked to a document ... For reusability an AbstractStoredObjectVoter was created and a StoredObjectVoterInterface. A WorkflowDocumentService checks whether the StoredObject is involved in a workflow.	2024-06-27 11:31:39 +02:00
Julie Lenaerts	2ce9810243	Use constructor property promotion ... In accordance with php8.1 use property promotion\ within the constructor method. Less clutter.	2024-06-27 11:31:39 +02:00
Julie Lenaerts	26b3d84d62	Add fall-back right for ROLE_ADMIN ... Within the StoredObjectVoter.php also the admin\ user should be able to edit documents as a fall-back	2024-06-27 11:31:39 +02:00
Julie Lenaerts	a0fead48e1	Refactorize StoredObjectVoter.php ... The StoredObjectVoter.php has been refactorized to handle context-specific voters.\ This way we can check if the context-specific voter should handle the authorization or not.\ If not, there is a simple fallback to check on the USER_ROLE.	2024-06-27 11:31:39 +02:00
Julien Fastré	4cff706306	Apply new CS rules on the webdav feature	2024-05-23 17:00:46 +02:00
Julien Fastré	8d44bb2c32	Dav: add some documentation on classes	2024-05-23 17:00:46 +02:00
Julien Fastré	a57e6c0cc9	Dav: Introduce access control inside de dav controller	2024-05-23 17:00:45 +02:00