tristan
d137828919
Exposition de Site via API Platform (5 operations RBAC sites.view/sites.manage), relation User.sites (M2M user_site EAGER) + User.currentSite (M2O nullable, ON DELETE SET NULL). Endpoint PATCH /api/me/current-site via ressource virtuelle + processor (SiteNotAuthorizedException → 403). UserRbacProcessor etendu avec gardes post-persist : auto-reset si currentSite retire, auto-select premier site si null + sites non vide. Page /admin/sites (DataTable + drawer creation/edition + modale suppression). UserRbacDrawer etendu avec section "Sites autorises". Colonne "Sites" ajoutee dans la table /admin/users (liste des noms separes par virgule). Sidebar entree Sites (module: sites, permission: sites.view). Refactor adresse : split full_address en street + complement (nullable) + getter computed Site::getFullAddress() multi-lignes. Migration ALTER dediee pour compat devs ayant deja joue le ticket 1. Fixtures avec vraies adresses (Chatellerault/Fontenet/Pommevic). Doctrine : inversedBy synchrone User.sites <-> Site.users pour maintenir la collection inverse en memoire. User::switchCurrentSite() porte la garde domaine (throw SiteNotAuthorizedException), aligne sur Role::ensureDeletable. Helper skipIfSitesModuleDisabled centralise dans AbstractApiTestCase. Tests : 182/182 (182/182 aussi module desactive, 2 skipped). 29 nouveaux tests PHPUnit (CRUD API, switch currentSite, cascade DB, /api/me enrichi, extension /rbac, gardes structurelles fullAddress/currentSite ignores, anti-cycle Site.users). 11 tests Vitest sur la validation hex couleur. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
79 lines
2.6 KiB
PHP
79 lines
2.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
/*
|
|
* Sidebar configuration.
|
|
*
|
|
* This file defines the sidebar sections displayed in the frontend.
|
|
* Each item references the module that owns it via the `module` key.
|
|
* Items whose module is not active (see config/modules.php) are filtered out.
|
|
* Items may also declare a `permission` key (RBAC permission code) : the item
|
|
* is hidden from users who do not hold that permission.
|
|
*
|
|
* This config is decoupled from the modules themselves: you can freely
|
|
* move an item from one section to another without touching the module code.
|
|
*
|
|
* Label keys are i18n keys resolved by the frontend (see frontend/i18n/locales/).
|
|
*/
|
|
|
|
return [
|
|
[
|
|
'label' => 'sidebar.general.section',
|
|
'icon' => 'mdi:view-dashboard-outline',
|
|
'items' => [
|
|
[
|
|
'label' => 'sidebar.general.dashboard',
|
|
'to' => '/',
|
|
'icon' => 'mdi:view-dashboard-outline',
|
|
'module' => 'core',
|
|
],
|
|
[
|
|
'label' => 'sidebar.general.admin',
|
|
'to' => '/admin',
|
|
'icon' => 'mdi:cog-outline',
|
|
'module' => 'core',
|
|
],
|
|
[
|
|
'label' => 'sidebar.core.roles',
|
|
'to' => '/admin/roles',
|
|
'icon' => 'mdi:shield-account-outline',
|
|
'module' => 'core',
|
|
'permission' => 'core.roles.view',
|
|
],
|
|
[
|
|
'label' => 'sidebar.core.users',
|
|
'to' => '/admin/users',
|
|
'icon' => 'mdi:account-group-outline',
|
|
'module' => 'core',
|
|
'permission' => 'core.users.view',
|
|
],
|
|
[
|
|
'label' => 'sidebar.core.sites',
|
|
'to' => '/admin/sites',
|
|
'icon' => 'mdi:domain',
|
|
'module' => 'sites',
|
|
'permission' => 'sites.view',
|
|
],
|
|
[
|
|
'label' => 'sidebar.general.logout',
|
|
'to' => '/logout',
|
|
'icon' => 'mdi:logout',
|
|
'module' => 'core',
|
|
],
|
|
],
|
|
],
|
|
[
|
|
'label' => 'sidebar.commercial.section',
|
|
'icon' => 'mdi:account-arrow-left-outline',
|
|
'items' => [
|
|
[
|
|
'label' => 'sidebar.commercial.suppliers',
|
|
'to' => '/suppliers',
|
|
'icon' => 'mdi:account-arrow-left-outline',
|
|
'module' => 'commercial',
|
|
],
|
|
],
|
|
],
|
|
];
|