feat(mail) : MailSettings ApiResource singleton (GET/PATCH /api/mail/configuration)

- ApiResource MailSettings expose les operations Get + Patch sur /api/mail/configuration - Provider + Processor relient le DTO a l'entite MailConfiguration (singleton) - password en write-only (jamais retourne) + hasPassword en lecture - chiffrement password via TokenEncryptor (sodium) - securite ROLE_ADMIN sur les deux operations Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 00:06:01 +02:00
parent 696b40ca80
commit 62e0bf5f11
4 changed files with 312 additions and 0 deletions
--- a/tests/Functional/Controller/Mail/MailSettingsControllerTest.php
+++ b/tests/Functional/Controller/Mail/MailSettingsControllerTest.php
@@ -0,0 +1,121 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Functional\Controller\Mail;
+
+use App\Entity\User;
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+
+/**
+ * @internal
+ */
+class MailSettingsControllerTest extends WebTestCase
+{
+    public function testGetConfigurationReturns401WhenNotAuthenticated(): void
+    {
+        $client = static::createClient();
+        $client->request('GET', '/api/mail/configuration');
+
+        self::assertResponseStatusCodeSame(401);
+    }
+
+    public function testGetConfigurationReturns403ForRoleUser(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $user = $em->getRepository(User::class)->findOneBy(['username' => 'alice']);
+        $client->loginUser($user);
+        $client->request('GET', '/api/mail/configuration');
+
+        self::assertResponseStatusCodeSame(403);
+    }
+
+    public function testGetConfigurationReturns200ForAdmin(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $admin = $em->getRepository(User::class)->findOneBy(['username' => 'admin']);
+        $client->loginUser($admin);
+        $client->request('GET', '/api/mail/configuration');
+
+        self::assertResponseIsSuccessful();
+        $data = json_decode($client->getResponse()->getContent(), true);
+
+        self::assertArrayNotHasKey('password', $data);
+        self::assertArrayNotHasKey('encryptedPassword', $data);
+        self::assertArrayHasKey('hasPassword', $data);
+        self::assertArrayHasKey('imapHost', $data);
+        self::assertArrayHasKey('enabled', $data);
+    }
+
+    public function testPatchConfigurationReturns403ForRoleUser(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $user = $em->getRepository(User::class)->findOneBy(['username' => 'alice']);
+        $client->loginUser($user);
+        $client->request(
+            'PATCH',
+            '/api/mail/configuration',
+            [],
+            [],
+            ['CONTENT_TYPE' => 'application/merge-patch+json'],
+            json_encode(['enabled' => false])
+        );
+
+        self::assertResponseStatusCodeSame(403);
+    }
+
+    public function testPatchConfigurationUpdatesFieldsForAdmin(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $admin = $em->getRepository(User::class)->findOneBy(['username' => 'admin']);
+        $client->loginUser($admin);
+        $client->request(
+            'PATCH',
+            '/api/mail/configuration',
+            [],
+            [],
+            ['CONTENT_TYPE' => 'application/merge-patch+json'],
+            json_encode(['imapHost' => 'imap.example.com', 'enabled' => false])
+        );
+
+        self::assertResponseIsSuccessful();
+        $data = json_decode($client->getResponse()->getContent(), true);
+        self::assertSame('imap.example.com', $data['imapHost']);
+        self::assertArrayNotHasKey('password', $data);
+    }
+
+    public function testPatchConfigurationWithPasswordEncryptsIt(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $admin = $em->getRepository(User::class)->findOneBy(['username' => 'admin']);
+        $client->loginUser($admin);
+        $client->request(
+            'PATCH',
+            '/api/mail/configuration',
+            [],
+            [],
+            ['CONTENT_TYPE' => 'application/merge-patch+json'],
+            json_encode(['password' => 'secret123'])
+        );
+
+        self::assertResponseIsSuccessful();
+        $data = json_decode($client->getResponse()->getContent(), true);
+        self::assertTrue($data['hasPassword']);
+        self::assertArrayNotHasKey('password', $data);
+    }
+}