Commit Graph

96 Commits

Author SHA1 Message Date
edeb8edbea Add role-based access controls for export functionality
Introduced `CHILL_MAIN_COMPOSE_EXPORT` and `CHILL_MAIN_GENERATE_SAVED_EXPORT` roles for managing export creation and execution permissions. Updated access checks, menu routing, and templates to align with the new roles. Added a migration to extend existing permission groups with the `CHILL_MAIN_COMPOSE_EXPORT` role.
2025-04-17 17:34:09 +02:00
fc8e3789e0 Refactor SavedExportVoter to improve export permission check
Revised the permission logic in `canUserGenerate` to enhance clarity and maintainability. Replaced nested condition with early return and updated the export permission check to use `isGrantedForElement`.
2025-04-17 15:47:38 +02:00
420dd4f868 Add SHARE permission to SavedExportVoter with tests
Introduced the SHARE attribute and updated SavedExportVoter to handle it. Added new functionality to check if a SavedExport is shared with a specific user and included corresponding unit tests for both the voter and entity behaviors.
2025-04-14 10:59:47 +02:00
3d9b9ea672 Layout of saved export page 2025-04-14 10:59:31 +02:00
9f12b42961 saved export: add form to share the export 2025-04-14 10:59:09 +02:00
c9c29b9105 Add ExportGenerationVoter and integrate it into StoredObjectVoter
Introduced ExportGenerationVoter to handle specific view permissions for ExportGeneration entities. Updated ExportGenerationStoredObjectVoter to delegate permission checks to the new voter using Symfony's security system. This improves separation of concerns and reusability of authorization logic.
2025-03-13 17:53:10 +01:00
70ca4acafb Add voter for ExportGeneration stored object authorization
Introduces `ExportGenerationStoredObjectVoter` to handle permissions for stored objects linked to export generations. Implements entity association retrieval in `ExportGenerationRepository` by adhering to `AssociatedEntityToStoredObjectInterface`.
2025-03-13 17:23:05 +01:00
7aca08c89e Allow to remove the canceled workflow to be deleted, if canceled
- OP#812
- https://champs-libres.openproject.com/work_packages/812
2024-11-06 17:10:48 +01:00
479651b31e Add a list of user groups in User menu, and implements the feature to add / remove users 2024-10-01 18:49:51 +02:00
cfce531754 Add reject functionality for workflow signatures
Implemented the ability to reject workflow signatures by adding necessary templates, routes, and authorization checks. Updated the `WorkflowSignatureCancelController` to handle rejection and modified existing templates and translations to support the new feature.
2024-09-25 11:31:27 +02:00
83121c2a83 Implement signature cancellation feature
Added functionality to cancel signatures in workflow, including controller, view, and tests. Updated translations and adjusted templates to support and display cancellation actions.
2024-09-25 10:58:53 +02:00
5a5d259d18 Add duplicate workflow prevention in MetadataExtractor
Integrate DuplicateEntityWorkflowFinder to prevent creating workflows for entities with existing opened or positive final workflows. Updated EntityWorkflowVoter to implement the same check before allowing creation. Removed unnecessary blank workflow parameter from Twig template.
2024-09-24 14:25:00 +02:00
cf2fe1bba7 Add guards and tests for entity workflow transitions
Introduced EntityWorkflowGuardUnsignedTransition to block transitions with pending signatures. Implemented a new center resolver and added comprehensive unit tests for verifying transition rules and permissions.
2024-09-24 11:08:22 +02:00
4696332a46 Create a voter for applying all transitions on all workflow's steps
This voter checks that the related entity's centers is reachable by the user.
2024-09-16 14:42:37 +02:00
9f1afb8423 Add access controls and permissions for signature steps
Implemented a Voter to enforce permissions on signature steps, ensuring only authorized users can sign steps. Updated relevant controllers and templates to reflect these permissions, and added corresponding tests to validate the changes.
2024-09-13 17:04:57 +02:00
313fb9ffdf PHP CS Fixer updated (3.63.1 -> v3.64.0) 2024-09-04 14:38:56 +02:00
bb848746d5 Merge branch 'upgrade-sf5' into signature-app-master 2024-08-28 13:23:12 +02:00
c1cf27c42d Refactor workflow handlers and update comments
Changes include class refactoring for Workflow handlers, using `readonly` and better indentation in constructors for better readability. In addition, outdated comments are removed. Also, entity workflow handlers now implement the EntityWorkflowHandlerInterface type for better type safety.
2024-07-10 10:40:18 +02:00
84f515d451 Merge remote-tracking branch 'origin/master' into upgrade-sf5 2024-05-28 14:16:01 +02:00
56d173046d fix phpstan, cs, and rector rules 2024-05-28 12:54:56 +02:00
dddb6d66bc php cs fixes after merge 2024-05-22 16:44:02 +02:00
9ce1788a14 phpstan en rector fixes 2024-05-22 16:42:47 +02:00
ed3e0f889e Rector changes + namespace changes 2024-04-23 17:43:23 +02:00
f889d67e94 fixes after merge of master into upgrade-sf4 2024-02-12 22:31:16 +01:00
036fe8d6f8 upgrade php-cs 3.49 2024-02-07 10:43:53 +01:00
27ce322690 upgrade php-cs-fixer to 3.47.0 2024-01-22 12:14:39 +01:00
3c8e59e088 php cs fixes after updating php cs fixer 2024-01-10 10:31:25 +01:00
bc2041cbdd apply more cs rules for php-cs 2023-10-17 13:27:03 +02:00
6b8d6b76ba Upgrade code from 146 to new standards 2023-10-16 18:04:40 +02:00
cd9611a669 Remove unused dependency on DefaultVoter (+ fix when throwing an exception) 2023-09-13 10:12:04 +02:00
d3b68f8f8f AuthorizationHelper: compare center and scope based on id, not on equality
For an unknown reason, in some circumstances, the use of the `===` comparator does not work when comparing Center instances and Scope instances. Then, we compare them based on the id.
2023-09-13 10:08:44 +02:00
d2323e91ca new cs rule: single_line_empty_body
Rule is added to the last version of php-cs-fixer
2023-09-12 15:58:59 +02:00
e72df84442 DX: rector corrections 2023-09-01 11:08:13 +02:00
7c58880139 Remove usage of deprecated Role class 2023-08-31 17:08:18 +02:00
023a29cb78 apply rector rules: php up to php82 2023-07-19 23:19:50 +02:00
224c2c74e8 Merge remote-tracking branch 'origin/master' into rector/rules-up-to-php80
Conflicts:
	src/Bundle/ChillActivityBundle/Controller/ActivityController.php
	src/Bundle/ChillActivityBundle/Export/Aggregator/ACPAggregators/DateAggregator.php
	src/Bundle/ChillActivityBundle/Menu/PersonMenuBuilder.php
	src/Bundle/ChillActivityBundle/Repository/ActivityACLAwareRepository.php
	src/Bundle/ChillActivityBundle/Service/DocGenerator/ActivityContext.php
	src/Bundle/ChillCalendarBundle/Command/MapAndSubscribeUserCalendarCommand.php
	src/Bundle/ChillCalendarBundle/RemoteCalendar/Connector/MSGraph/MSGraphUserRepository.php
	src/Bundle/ChillDocStoreBundle/Controller/DocumentAccompanyingCourseController.php
	src/Bundle/ChillDocStoreBundle/Controller/DocumentPersonController.php
	src/Bundle/ChillDocStoreBundle/Repository/PersonDocumentACLAwareRepository.php
	src/Bundle/ChillEventBundle/Search/EventSearch.php
	src/Bundle/ChillMainBundle/Controller/ExportController.php
	src/Bundle/ChillMainBundle/Controller/PermissionsGroupController.php
	src/Bundle/ChillMainBundle/Cron/CronManager.php
	src/Bundle/ChillMainBundle/Entity/CronJobExecution.php
	src/Bundle/ChillMainBundle/Export/ExportManager.php
	src/Bundle/ChillMainBundle/Form/Type/Export/PickCenterType.php
	src/Bundle/ChillMainBundle/Form/Type/Listing/FilterOrderType.php
	src/Bundle/ChillMainBundle/Repository/NotificationRepository.php
	src/Bundle/ChillMainBundle/Templating/Listing/FilterOrderHelper.php
	src/Bundle/ChillMainBundle/Templating/Listing/FilterOrderHelperBuilder.php
	src/Bundle/ChillMainBundle/Templating/Listing/FilterOrderHelperFactory.php
	src/Bundle/ChillPersonBundle/Controller/AccompanyingCourseWorkController.php
	src/Bundle/ChillPersonBundle/Controller/SocialWorkSocialActionApiController.php
	src/Bundle/ChillPersonBundle/Export/Aggregator/PersonAggregators/AgeAggregator.php
	src/Bundle/ChillPersonBundle/Export/Export/ListAccompanyingPeriod.php
	src/Bundle/ChillPersonBundle/Export/Export/ListHouseholdInPeriod.php
	src/Bundle/ChillPersonBundle/Repository/AccompanyingPeriodACLAwareRepository.php
	src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodVoter.php
	src/Bundle/ChillPersonBundle/Service/DocGenerator/AccompanyingPeriodContext.php
	src/Bundle/ChillPersonBundle/Service/DocGenerator/AccompanyingPeriodWorkEvaluationContext.php
	src/Bundle/ChillPersonBundle/Service/DocGenerator/PersonContext.php
	src/Bundle/ChillReportBundle/DataFixtures/ORM/LoadReports.php
	src/Bundle/ChillTaskBundle/Controller/SingleTaskController.php
2023-07-17 12:49:13 +02:00
dd344aed52 Implements right "see confidential course" on method findByPerson
Add unit tests for that
2023-07-04 15:59:39 +02:00
c35994203d fix phpstan issues 2023-04-28 22:55:01 +02:00
dde3002100 DX: apply rector rules up to php8.0 2023-04-28 22:30:33 +02:00
9918cf2d58 Fix: authorization helper won't send a list of center if an admin is authenticated 2023-04-24 15:50:27 +02:00
4db1ff405e fix new phpstan issues 2023-04-11 13:04:08 +02:00
841bdb0ebf fix issues from master 2023-04-11 11:43:01 +02:00
ef13833966 Fixed: [create person] handle case when the user has two differents groups in the same center
Fix https://gitlab.com/Chill-Projet/chill-bundles/-/issues/72
2023-04-11 10:16:09 +02:00
386d1e44d0 Fixed: [accompanying course document] fix access to accompanying course document
The entity AccompanyingCourseDocument didn't had any center associated with this entity. Implementing the interface `HasCenterInterface` fixed the problem.

Fix https://gitlab.com/Chill-Projet/chill-bundles/-/issues/83
2023-04-05 19:29:33 +02:00
584ac05b53 DX: fix phpstan errors 2023-02-04 01:19:34 +01:00
e7ac8aafe1 DX: Fix missing import for AuthorizationHelperForCurrentUserInterface 2023-01-11 16:16:48 +01:00
1585a73974 DX: [authorization helper] Create an authorization helper with current user already available
See https://gitlab.com/Chill-Projet/chill-bundles/-/issues/14
2022-12-21 17:25:22 +01:00
74673380aa Fixed: [calendar] refactor ACL on calendar 2022-11-28 12:22:58 +01:00
43791badd5 Feature: [saved export] Edit and delete saved exports 2022-11-08 19:24:22 +01:00
79e9906a05 Feature: [saved export] Générate a report from a saved export 2022-11-08 18:02:26 +01:00