feat : add User CRUD with admin management

Add User API operations (GET, POST, PATCH, DELETE) with password hashing processor, frontend service, drawer and admin tab. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-09 23:39:22 +01:00
parent c7b1e62037
commit 81797e10c0
6 changed files with 340 additions and 6 deletions
--- a/src/Entity/User.php
+++ b/src/Entity/User.php
@@ -5,9 +5,14 @@ declare(strict_types=1);
 namespace App\Entity;

 use ApiPlatform\Metadata\ApiResource;
+use ApiPlatform\Metadata\Delete;
 use ApiPlatform\Metadata\Get;
+use ApiPlatform\Metadata\GetCollection;
+use ApiPlatform\Metadata\Patch;
+use ApiPlatform\Metadata\Post;
 use App\Repository\UserRepository;
 use App\State\MeProvider;
+use App\State\UserPasswordHasherProcessor;
 use DateTimeImmutable;
 use Doctrine\DBAL\Types\Types;
 use Doctrine\ORM\Mapping as ORM;
@@ -22,7 +27,17 @@ use Symfony\Component\Serializer\Attribute\Groups;
            provider: MeProvider::class,
            normalizationContext: ['groups' => ['me:read']],
        ),
+        new Get(
+            normalizationContext: ['groups' => ['user:list']],
+        ),
+        new GetCollection(
+            normalizationContext: ['groups' => ['user:list']],
+        ),
+        new Post(security: "is_granted('ROLE_ADMIN')", processor: UserPasswordHasherProcessor::class),
+        new Patch(security: "is_granted('ROLE_ADMIN')", processor: UserPasswordHasherProcessor::class),
+        new Delete(security: "is_granted('ROLE_ADMIN')"),
    ],
+    denormalizationContext: ['groups' => ['user:write']],
 )]
 #[ORM\Entity(repositoryClass: UserRepository::class)]
 #[ORM\Table(name: '`user`')]
@@ -31,19 +46,20 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface
    #[ORM\Id]
    #[ORM\GeneratedValue]
    #[ORM\Column]
-    #[Groups(['me:read'])]
+    #[Groups(['me:read', 'task:read', 'user:list'])]
    private ?int $id = null;

    #[ORM\Column(length: 180, unique: true)]
-    #[Groups(['me:read'])]
+    #[Groups(['me:read', 'task:read', 'user:list', 'user:write'])]
    private ?string $username = null;

    /** @var list<string> */
    #[ORM\Column]
-    #[Groups(['me:read'])]
+    #[Groups(['me:read', 'user:list', 'user:write'])]
    private array $roles = [];

    #[ORM\Column]
+    #[Groups(['user:write'])]
    private ?string $password = null;

    #[ORM\Column(type: Types::DATETIME_IMMUTABLE)]