MALIO-DEV/Coltura
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

RBAC #345 - Voter Symfony + usePermissions composable #4

Closed
matthieu wants to merge 13 commits from feat/rbac-voter into feat/rbac-api
pull from: feat/rbac-voter
merge into: MALIO-DEV:feat/rbac-api
Conversation 0 Commits 13 Files Changed 30 +4632 -241
matthieu commented 2026-04-15 15:51:01 +00:00
Owner
Copy Link
No description provided.
matthieu added 13 commits 2026-04-15 15:51:01 +00:00
docs(core) : RBAC #345 - spec voter + usePermissions fd4ed25c63
feat(core) : RBAC #345 - add core.roles.view permission b7aa445cef
feat(core) : RBAC #345 - AdminHeadcountGuard domain service 4325b1d8a0
feat(core) : RBAC #345 - PermissionVoter symfony ab2f11d40d
feat(core) : RBAC #345 - UserProcessor DELETE guard ba5eb804f2 
Introduit AdminHeadcountGuardInterface pour permettre le mock en tests
unitaires, puis cree UserProcessor qui protege DELETE /api/users/{id}
contre la suppression du dernier administrateur via la garde domaine.
feat(core) : RBAC #345 - UserRbacProcessor last admin guard 80b63cd7d7
refactor(core) : RBAC #345 - replace ROLE_ADMIN placeholders with RBAC codes b05c10097f
feat(core) : RBAC #345 - expose effectivePermissions via /api/me d1e4402368 
- Ajoute #[Groups(['me:read'])] sur getEffectivePermissions() dans User.php
- Fixe la serialisation de isAdmin : le prefixe "is" etait strip par Symfony,
  expose desormais via le getter avec #[SerializedName('isAdmin')] + groups lecture,
  la propriete conserve uniquement le groupe d'ecriture user:rbac:write
- Cree MeApiTest avec 4 tests fonctionnels (isAdmin admin, permissions vides user,
  401 sans auth, effectivePermissions avec role portant une permission)
test(core) : RBAC #345 - functional coverage voter + last admin guard 6df4316950
feat(frontend) : RBAC #345 - usePermissions composable 45f40ed1b3 
Ajout de isAdmin et effectivePermissions dans UserData, creation du
composable usePermissions() (can/canAny/canAll) avec bypass admin.
build(core) : RBAC #345 - sync permissions in db-reset 91b2ae0c65
test(frontend) : RBAC #345 - vitest setup + usePermissions unit tests 6cc576f000
build(core) : RBAC #345 - nuxt-test and test-all makefile targets c1a620f593
matthieu closed this pull request 2026-04-16 14:47:31 +00:00

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
malio matthieu tristan
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MALIO-DEV/Coltura#4
Delete Branch "feat/rbac-voter"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?