feat(sites) : API CRUD + rattachement User<->Site + admin (ticket 2/4)
Exposition de Site via API Platform (5 operations RBAC sites.view/sites.manage), relation User.sites (M2M user_site EAGER) + User.currentSite (M2O nullable, ON DELETE SET NULL). Endpoint PATCH /api/me/current-site via ressource virtuelle + processor (SiteNotAuthorizedException → 403). UserRbacProcessor etendu avec gardes post-persist : auto-reset si currentSite retire, auto-select premier site si null + sites non vide. Page /admin/sites (DataTable + drawer creation/edition + modale suppression). UserRbacDrawer etendu avec section "Sites autorises". Colonne "Sites" ajoutee dans la table /admin/users (liste des noms separes par virgule). Sidebar entree Sites (module: sites, permission: sites.view). Refactor adresse : split full_address en street + complement (nullable) + getter computed Site::getFullAddress() multi-lignes. Migration ALTER dediee pour compat devs ayant deja joue le ticket 1. Fixtures avec vraies adresses (Chatellerault/Fontenet/Pommevic). Doctrine : inversedBy synchrone User.sites <-> Site.users pour maintenir la collection inverse en memoire. User::switchCurrentSite() porte la garde domaine (throw SiteNotAuthorizedException), aligne sur Role::ensureDeletable. Helper skipIfSitesModuleDisabled centralise dans AbstractApiTestCase. Tests : 182/182 (182/182 aussi module desactive, 2 skipped). 29 nouveaux tests PHPUnit (CRUD API, switch currentSite, cascade DB, /api/me enrichi, extension /rbac, gardes structurelles fullAddress/currentSite ignores, anti-cycle Site.users). 11 tests Vitest sur la validation hex couleur. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -4,22 +4,63 @@ declare(strict_types=1);
|
||||
|
||||
namespace App\Module\Sites\Domain\Entity;
|
||||
|
||||
use ApiPlatform\Metadata\ApiResource;
|
||||
use ApiPlatform\Metadata\Delete;
|
||||
use ApiPlatform\Metadata\Get;
|
||||
use ApiPlatform\Metadata\GetCollection;
|
||||
use ApiPlatform\Metadata\Patch;
|
||||
use ApiPlatform\Metadata\Post;
|
||||
use App\Module\Core\Domain\Entity\User;
|
||||
use App\Module\Sites\Infrastructure\Doctrine\DoctrineSiteRepository;
|
||||
use DateTimeImmutable;
|
||||
use Doctrine\Common\Collections\ArrayCollection;
|
||||
use Doctrine\Common\Collections\Collection;
|
||||
use Doctrine\DBAL\Types\Types;
|
||||
use Doctrine\ORM\Mapping as ORM;
|
||||
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
|
||||
use Symfony\Component\Serializer\Attribute\Groups;
|
||||
use Symfony\Component\Validator\Constraints as Assert;
|
||||
|
||||
/**
|
||||
* Site physique (usine / etablissement) appartenant a l'instance Coltura.
|
||||
*
|
||||
* Brique fondatrice du module Sites : cette entite n'est pas exposee par
|
||||
* une ressource API Platform dans ce ticket (ticket 1/4). Elle sert de socle
|
||||
* de donnees aux tickets suivants (rattachement utilisateurs, affichage
|
||||
* navbar, etc.). Aucune dependance dure depuis le module Core : la table
|
||||
* est creee meme si le module est desactive (voir migration dediee).
|
||||
* Adresse decomposee en champs structures (rue, complement, CP, ville) pour
|
||||
* permettre des recherches/tris fins ulterieurs et eviter les divergences
|
||||
* entre champs duplique. La methode `getFullAddress()` fournit la version
|
||||
* concatenee multi-lignes pour les usages d'affichage.
|
||||
*
|
||||
* Expose en API Platform pour l'administration CRUD avec RBAC :
|
||||
* - lecture (GET list / item) : requiert la permission `sites.view`
|
||||
* - ecriture (POST / PATCH / DELETE) : requiert la permission `sites.manage`
|
||||
*
|
||||
* Egalement embarque dans la reponse `/api/me` (groupe `me:read`) pour que
|
||||
* le frontend connaisse les sites autorises et le site courant de l'user.
|
||||
*/
|
||||
#[ApiResource(
|
||||
operations: [
|
||||
new GetCollection(
|
||||
normalizationContext: ['groups' => ['site:read']],
|
||||
security: "is_granted('sites.view')",
|
||||
),
|
||||
new Get(
|
||||
normalizationContext: ['groups' => ['site:read']],
|
||||
security: "is_granted('sites.view')",
|
||||
),
|
||||
new Post(
|
||||
normalizationContext: ['groups' => ['site:read']],
|
||||
denormalizationContext: ['groups' => ['site:write']],
|
||||
security: "is_granted('sites.manage')",
|
||||
),
|
||||
new Patch(
|
||||
normalizationContext: ['groups' => ['site:read']],
|
||||
denormalizationContext: ['groups' => ['site:write']],
|
||||
security: "is_granted('sites.manage')",
|
||||
),
|
||||
new Delete(security: "is_granted('sites.manage')"),
|
||||
],
|
||||
normalizationContext: ['groups' => ['site:read']],
|
||||
denormalizationContext: ['groups' => ['site:write']],
|
||||
)]
|
||||
#[ORM\Entity(repositoryClass: DoctrineSiteRepository::class)]
|
||||
#[ORM\Table(name: 'site')]
|
||||
#[ORM\UniqueConstraint(name: 'uniq_site_name', columns: ['name'])]
|
||||
@@ -30,17 +71,27 @@ class Site
|
||||
#[ORM\Id]
|
||||
#[ORM\GeneratedValue]
|
||||
#[ORM\Column]
|
||||
#[Groups(['site:read', 'me:read'])]
|
||||
private ?int $id = null;
|
||||
|
||||
#[ORM\Column(length: 100)]
|
||||
#[Assert\NotBlank(message: 'Le nom du site est requis.')]
|
||||
#[Assert\Length(max: 100, maxMessage: 'Le nom du site ne peut pas depasser {{ limit }} caracteres.')]
|
||||
#[Groups(['site:read', 'site:write', 'me:read'])]
|
||||
private string $name;
|
||||
|
||||
#[ORM\Column(length: 100)]
|
||||
#[Assert\NotBlank(message: 'La ville du site est requise.')]
|
||||
#[Assert\Length(max: 100, maxMessage: 'La ville ne peut pas depasser {{ limit }} caracteres.')]
|
||||
private string $city;
|
||||
// Premiere ligne d'adresse : numero + voie. Requise.
|
||||
#[ORM\Column(length: 255)]
|
||||
#[Assert\NotBlank(message: 'La rue est requise.')]
|
||||
#[Assert\Length(max: 255, maxMessage: 'La rue ne peut pas depasser {{ limit }} caracteres.')]
|
||||
#[Groups(['site:read', 'site:write', 'me:read'])]
|
||||
private string $street;
|
||||
|
||||
// Complement d'adresse optionnel : batiment, escalier, BP, etc.
|
||||
#[ORM\Column(length: 255, nullable: true)]
|
||||
#[Assert\Length(max: 255, maxMessage: 'Le complement ne peut pas depasser {{ limit }} caracteres.')]
|
||||
#[Groups(['site:read', 'site:write', 'me:read'])]
|
||||
private ?string $complement = null;
|
||||
|
||||
// Colonne mappee sur le snake_case PostgreSQL (convention projet : noms de
|
||||
// colonnes en minuscules dans le SQL brut). Le format est contraint au
|
||||
@@ -52,50 +103,71 @@ class Site
|
||||
pattern: '/^\d{5}$/',
|
||||
message: 'Le code postal doit etre compose de 5 chiffres (format FR).',
|
||||
)]
|
||||
#[Groups(['site:read', 'site:write', 'me:read'])]
|
||||
private string $postalCode;
|
||||
|
||||
#[ORM\Column(length: 100)]
|
||||
#[Assert\NotBlank(message: 'La ville du site est requise.')]
|
||||
#[Assert\Length(max: 100, maxMessage: 'La ville ne peut pas depasser {{ limit }} caracteres.')]
|
||||
#[Groups(['site:read', 'site:write', 'me:read'])]
|
||||
private string $city;
|
||||
|
||||
// Couleur d'identification visuelle du site au format hex #RRGGBB (7 chars
|
||||
// incluant le diese). Utilisee plus tard par la navbar (ticket 3) pour
|
||||
// distinguer les sites d'un coup d'oeil.
|
||||
// incluant le diese). Utilisee par la navbar (ticket 3) pour distinguer
|
||||
// les sites d'un coup d'oeil.
|
||||
#[ORM\Column(length: 7)]
|
||||
#[Assert\NotBlank(message: 'La couleur est requise.')]
|
||||
#[Assert\Regex(
|
||||
pattern: '/^#[0-9A-Fa-f]{6}$/',
|
||||
message: 'La couleur doit etre un code hex de 7 caracteres au format #RRGGBB.',
|
||||
)]
|
||||
#[Groups(['site:read', 'site:write', 'me:read'])]
|
||||
private string $color;
|
||||
|
||||
// Champ TEXT volontaire : l'adresse complete peut courir sur plusieurs
|
||||
// lignes (voie + complement + mention particuliere). Borne haute a 500
|
||||
// caracteres : une adresse francaise complete tient tres largement dans
|
||||
// cette enveloppe, et la limite applicative protege contre les payloads
|
||||
// anormalement volumineux envoyes par un client (garde DoS basique).
|
||||
#[ORM\Column(name: 'full_address', type: Types::TEXT)]
|
||||
#[Assert\NotBlank(message: 'L\'adresse complete est requise.')]
|
||||
#[Assert\Length(max: 500, maxMessage: 'L\'adresse complete ne peut pas depasser {{ limit }} caracteres.')]
|
||||
private string $fullAddress;
|
||||
|
||||
// createdAt / updatedAt volontairement exclus du groupe `me:read` :
|
||||
// le payload `/api/me` doit rester leger, ces metadonnees ne sont utiles
|
||||
// qu'a l'admin (exposees uniquement via `site:read` sur /api/sites).
|
||||
#[ORM\Column(name: 'created_at', type: Types::DATETIME_IMMUTABLE)]
|
||||
#[Groups(['site:read'])]
|
||||
private DateTimeImmutable $createdAt;
|
||||
|
||||
#[ORM\Column(name: 'updated_at', type: Types::DATETIME_IMMUTABLE)]
|
||||
#[Groups(['site:read'])]
|
||||
private DateTimeImmutable $updatedAt;
|
||||
|
||||
/**
|
||||
* Collection inverse des users rattaches a ce site.
|
||||
*
|
||||
* Volontairement SANS `#[Groups]` : la collection n'est jamais exposee via
|
||||
* l'API pour deux raisons :
|
||||
* - eviter une boucle de serialisation infinie User → sites → users → ...
|
||||
* si un jour un developpeur ajoute `me:read` ici par megarde ;
|
||||
* - l'inverse n'a de valeur qu'en interne (compter les users d'un site,
|
||||
* iterer en test de cascade).
|
||||
*
|
||||
* @var Collection<int, User>
|
||||
*/
|
||||
#[ORM\ManyToMany(targetEntity: User::class, mappedBy: 'sites')]
|
||||
private Collection $users;
|
||||
|
||||
public function __construct(
|
||||
string $name,
|
||||
string $city,
|
||||
string $street,
|
||||
?string $complement,
|
||||
string $postalCode,
|
||||
string $city,
|
||||
string $color,
|
||||
string $fullAddress,
|
||||
) {
|
||||
$this->name = $name;
|
||||
$this->city = $city;
|
||||
$this->postalCode = $postalCode;
|
||||
$this->color = $color;
|
||||
$this->fullAddress = $fullAddress;
|
||||
$now = new DateTimeImmutable();
|
||||
$this->createdAt = $now;
|
||||
$this->updatedAt = $now;
|
||||
$this->name = $name;
|
||||
$this->street = $street;
|
||||
$this->complement = $complement;
|
||||
$this->postalCode = $postalCode;
|
||||
$this->city = $city;
|
||||
$this->color = $color;
|
||||
$now = new DateTimeImmutable();
|
||||
$this->createdAt = $now;
|
||||
$this->updatedAt = $now;
|
||||
$this->users = new ArrayCollection();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -125,14 +197,26 @@ class Site
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function getCity(): string
|
||||
public function getStreet(): string
|
||||
{
|
||||
return $this->city;
|
||||
return $this->street;
|
||||
}
|
||||
|
||||
public function setCity(string $city): static
|
||||
public function setStreet(string $street): static
|
||||
{
|
||||
$this->city = $city;
|
||||
$this->street = $street;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function getComplement(): ?string
|
||||
{
|
||||
return $this->complement;
|
||||
}
|
||||
|
||||
public function setComplement(?string $complement): static
|
||||
{
|
||||
$this->complement = $complement;
|
||||
|
||||
return $this;
|
||||
}
|
||||
@@ -149,6 +233,18 @@ class Site
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function getCity(): string
|
||||
{
|
||||
return $this->city;
|
||||
}
|
||||
|
||||
public function setCity(string $city): static
|
||||
{
|
||||
$this->city = $city;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function getColor(): string
|
||||
{
|
||||
return $this->color;
|
||||
@@ -161,16 +257,26 @@ class Site
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Adresse complete reconstituee : street, [complement,] {CP} {ville},
|
||||
* separes par des sauts de ligne. Methode pure, jamais persistee.
|
||||
*
|
||||
* Expose en lecture API (groupes site:read + me:read) pour que les
|
||||
* consommateurs (frontend, exports PDF) recoivent une adresse prete a
|
||||
* afficher sans dupliquer la logique de concatenation cote client.
|
||||
*/
|
||||
#[Groups(['site:read', 'me:read'])]
|
||||
public function getFullAddress(): string
|
||||
{
|
||||
return $this->fullAddress;
|
||||
}
|
||||
$lines = [$this->street];
|
||||
|
||||
public function setFullAddress(string $fullAddress): static
|
||||
{
|
||||
$this->fullAddress = $fullAddress;
|
||||
if (null !== $this->complement && '' !== trim($this->complement)) {
|
||||
$lines[] = $this->complement;
|
||||
}
|
||||
|
||||
return $this;
|
||||
$lines[] = sprintf('%s %s', $this->postalCode, $this->city);
|
||||
|
||||
return implode("\n", $lines);
|
||||
}
|
||||
|
||||
public function getCreatedAt(): DateTimeImmutable
|
||||
@@ -182,4 +288,39 @@ class Site
|
||||
{
|
||||
return $this->updatedAt;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Collection<int, User>
|
||||
*/
|
||||
public function getUsers(): Collection
|
||||
{
|
||||
return $this->users;
|
||||
}
|
||||
|
||||
/**
|
||||
* Synchronise la collection inverse cote Site quand User::addSite est
|
||||
* appele. Idempotent. Ne re-appelle pas $user->addSite($this) pour
|
||||
* eviter une recursion infinie : User::addSite est le point d'entree
|
||||
* unique de la mutation.
|
||||
*
|
||||
* @internal Appele uniquement par User::addSite()
|
||||
*/
|
||||
public function addUser(User $user): static
|
||||
{
|
||||
if (!$this->users->contains($user)) {
|
||||
$this->users->add($user);
|
||||
}
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @internal Appele uniquement par User::removeSite()
|
||||
*/
|
||||
public function removeUser(User $user): static
|
||||
{
|
||||
$this->users->removeElement($user);
|
||||
|
||||
return $this;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user