MALIO-DEV/Coltura
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(sites) : decouple module Sites via SiteInterface + leaks groupes user:list

Browse Source 
- Introduit Shared/Domain/Contract/SiteInterface que Site implemente
- SiteAwareInterface + User.php typent contre SiteInterface (plus d'import
  direct Core -> Sites, respect regle CLAUDE.md 138)
- Exception SiteNotAuthorizedException deplacee dans Shared/, alias
  retrocompat dans le module
- Retire `sites` et `currentSite` des groupes `user:list` et `user:rbac:write`
  (info leak via /api/users, escalade core.users.manage -> sites.manage)
- User::$sites et User::$currentSite en fetch LAZY (N+1 sur /api/users paginee)
This commit is contained in:
Matthieu
2026-04-20 16:46:27 +02:00
parent 296befe187
commit fd5d3fe36f
7 changed files with 109 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Module/Sites/Domain/Entity/Site.php
View File

@@ -12,6 +12,7 @@ use ApiPlatform\Metadata\Patch;
use ApiPlatform\Metadata\Post;
use App\Module\Core\Domain\Entity\User;
use App\Module\Sites\Infrastructure\Doctrine\DoctrineSiteRepository;
use App\Shared\Domain\Contract\SiteInterface;
use DateTimeImmutable;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\Common\Collections\Collection;
@@ -66,7 +67,7 @@ use Symfony\Component\Validator\Constraints as Assert;
#[ORM\UniqueConstraint(name: 'uniq_site_name', columns: ['name'])]
#[ORM\HasLifecycleCallbacks]
#[UniqueEntity(fields: ['name'], message: 'Un site avec ce nom existe deja.')]
class Site
class Site implements SiteInterface
{
#[ORM\Id]
#[ORM\GeneratedValue]