diff --git a/src/Module/TimeTracking/Domain/Entity/TimeEntry.php b/src/Module/TimeTracking/Domain/Entity/TimeEntry.php index 5da02ee..f386dc1 100644 --- a/src/Module/TimeTracking/Domain/Entity/TimeEntry.php +++ b/src/Module/TimeTracking/Domain/Entity/TimeEntry.php @@ -48,9 +48,9 @@ use Symfony\Component\Serializer\Attribute\Groups; security: "is_granted('time-tracking.entries.view')", ), new Get(security: "is_granted('time-tracking.entries.view')"), - new Post(security: "is_granted('time-tracking.entries.view')"), - new Patch(security: "is_granted('ROLE_ADMIN') or (is_granted('time-tracking.entries.view') and object.getUser() == user)"), - new Delete(security: "is_granted('ROLE_ADMIN') or (is_granted('time-tracking.entries.view') and object.getUser() == user)"), + new Post(security: "is_granted('time-tracking.entries.manage')"), + new Patch(security: "is_granted('ROLE_ADMIN') or (is_granted('time-tracking.entries.manage') and object.getUser() == user)"), + new Delete(security: "is_granted('ROLE_ADMIN') or (is_granted('time-tracking.entries.manage') and object.getUser() == user)"), ], normalizationContext: ['groups' => ['time_entry:read']], denormalizationContext: ['groups' => ['time_entry:write']], diff --git a/src/Module/TimeTracking/TimeTrackingModule.php b/src/Module/TimeTracking/TimeTrackingModule.php index d7982d0..f9ac475 100644 --- a/src/Module/TimeTracking/TimeTrackingModule.php +++ b/src/Module/TimeTracking/TimeTrackingModule.php @@ -26,15 +26,13 @@ final class TimeTrackingModule implements ModuleInterface /** * Permissions RBAC fin du Module TimeTracking (2.1). * - * Additif : alimente le catalogue RBAC. La sécurité des opérations API - * reste en ROLE_USER (non recâblée ici). - * * @return list */ public static function permissions(): array { return [ ['code' => 'time-tracking.entries.view', 'label' => 'Voir les saisies de temps'], + ['code' => 'time-tracking.entries.manage', 'label' => 'Gérer les saisies de temps'], ['code' => 'time-tracking.entries.export', 'label' => 'Exporter les saisies de temps'], ]; }