MALIO-DEV/Lesstime
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 32 Wiki Activity

Migration modular monolith DDD (0.1 → 3.3) (#17)
Auto Tag Develop / tag (push) Successful in 9s
Details

Browse Source 
## Migration modular monolith DDD — Lesstime (0.1 → 3.3)

Cette MR regroupe l'intégralité de la refonte en monolithe modulaire (strangler progressif, additif). Elle remplace les MR stackées de Phase 1 (#12–#16), désormais incluses ici.

**Ne pas merger avant validation fonctionnelle** : branche destinée à être testée telle quelle.

### Périmètre — 9 modules sous `src/Module/`
| Phase | Module | Contenu |
|------|--------|---------|
| 0.1 | (socle) | infrastructure modulaire, `ModuleInterface`, mapping Doctrine par module |
| 0.2 | (socle front) | auto-détection des layers Nuxt sous `frontend/modules/*` |
| 1.1 | **Core** | Identité (User/Auth), Notifications, Notifier |
| 1.2 | Core | RBAC fin (permissions `module.resource.action`, sidebar gated) |
| 1.3 | Core | Audit log (`#[Auditable]`, listener, provider DBAL) |
| 2.1 | **TimeTracking** | TimeEntry + MCP + export |
| 2.2 | **ProjectManagement** | cœur métier Projets/Tâches + 38 MCP tools |
| 2.3 | **Absence** | demandes, soldes, policies, justificatifs |
| 2.4 | **Directory** | Clients (migrés) + **Prospects** (nouveau, conversion → Client) |
| 2.5 | **Mail** | intégration IMAP OVH + liens tâches |
| 2.6 | **Integration** | Gitea / BookStack / Zimbra / Share |
| 3.1 | **Reporting** | rapports transverses (DBAL read-only, 0 import inter-module) |
| 3.2 | **ClientPortal** | portail client (ROLE_CLIENT cloisonné, tickets, notifications) |
| 3.3 | (finition) | nettoyage legacy — `src/Entity` vide, app 100% modulaire |

### Architecture
- Découplage inter-modules par **contrats** (`UserInterface`, `ProjectInterface`, `TaskInterface`, `TaskTagInterface`, `ClientInterface`, `ClientTicketInterface`, `LeaveProfileInterface`) + `resolve_target_entities` 100% modulaire (aucune cible legacy).
- Repositories : interface `Domain/Repository` + implémentation `Infrastructure/Doctrine`, bindées.
- Reporting en DBAL read-only pur (aucun import d'entité d'un autre module).
- Chaque migration de module : déplacement à comportement préservé (API publique et noms d'outils MCP inchangés), migrations **additives** uniquement (zéro destructif).

### Sécurité
- ROLE_CLIENT cloisonné : un utilisateur client n'accède qu'à `/portal` et à ses propres tickets (filtrés par `allowedProjects`), interdit sur toute l'API interne.
- Correctif : interdiction pour un client de créer un lien vers le partage SMB (upload uniquement).

### QA non-régression (branche reconstruite from scratch)
- Migrations from scratch + fixtures : OK.
- Compilation dev + prod : OK.
- **180 tests PHPUnit verts**, php-cs-fixer clean, ~96 routes, **66 outils MCP** tous sous `App\Module\*`.
- Smoke test runtime multi-rôles (admin / ROLE_USER / ROLE_CLIENT) : 44 vérifications HTTP, **0 écart**, cloisonnement client étanche.
- Build Nuxt OK, 9 layers, 0 import legacy résiduel.

### Points à arbitrer (hors périmètre de cette migration)
- Durcissement MCP/IDOR pré-existant (`userId` explicite sans scoping sur certains tools TimeTracking/Absence/TaskDocument) — ticket dédié recommandé.
- Validation fonctionnelle de **Prospect** et **ClientPortal** (conçus depuis les specs disque).
- **Harmonisation visuelle Malio finale** (3.3) — finition esthétique inter-modules laissée au PO.

---

## ⚠️ Déploiement / migration des données — à ne pas oublier

### 1. Resynchroniser les séquences PostgreSQL après tout import/restore de dump
Si la prod (ou tout environnement) est **montée depuis un dump** (`pg_restore` / `COPY`), les lignes sont chargées avec leurs `id` explicites **sans avancer les séquences** → au premier `INSERT` : `duplicate key value violates unique constraint "..._pkey"` (constaté en local sur `notification`, `task`, `time_entry`…).

À lancer **juste après chaque restore/import** :

```sql
DO $$
DECLARE r RECORD; maxid BIGINT; seq TEXT;
BEGIN
  FOR r IN SELECT table_name, column_name FROM information_schema.columns WHERE table_schema='public'
  LOOP
    seq := pg_get_serial_sequence(quote_ident(r.table_name), r.column_name);
    IF seq IS NOT NULL THEN
      EXECUTE format('SELECT COALESCE(MAX(%I),0) FROM %I', r.column_name, r.table_name) INTO maxid;
      PERFORM setval(seq, GREATEST(maxid,1), maxid > 0);
    END IF;
  END LOOP;
END $$;
```

> Ne concerne **pas** une prod qui tourne déjà (séquences avancées organiquement) — uniquement le cas restore/import. Idempotent, sans risque.

### 2. Fix dénormalisation des collections typées-contrat (code, inclus dans la branche)
Les relations **to-many** typées par une interface `Shared\Domain\Contract\*` (`TimeEntry::tags` → `TaskTagInterface`, `Task::collaborators` → `UserInterface`) étaient **indénormalisables par API Platform** (mono-valué OK via IRI, collection KO) → **tout POST/PATCH portant une telle collection renvoyait 400/500**. Corrigé par un dénormaliseur générique `ContractRelationDenormalizer` (réutilise `resolve_target_entities`, zéro couplage par-entité) + test fonctionnel de non-régression.

---------

Co-authored-by: Matthieu <contact@malio.fr>
Reviewed-on: #17
This commit was merged in pull request #17.
This commit is contained in:
THOLOT DECHENE Matthieu
2026-06-23 13:50:42 +00:00
parent d0a49322e1
commit 8313c759c6
622 changed files with 24802 additions and 2864 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/Functional/Controller/Mail/MailFoldersControllerTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Functional\Controller\Mail;
use App\Entity\User;
use App\Module\Core\Domain\Entity\User;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
tests/Functional/Controller/Mail/MailMessagesControllerTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Functional\Controller\Mail;
use App\Entity\User;
use App\Module\Core\Domain\Entity\User;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
tests/Functional/Controller/Mail/MailSettingsControllerTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Functional\Controller\Mail;
use App\Entity\User;
use App\Module\Core\Domain\Entity\User;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
tests/Functional/Controller/Mail/MailSyncTriggerControllerTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Functional\Controller\Mail;
use App\Entity\User;
use App\Module\Core\Domain\Entity\User;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
tests/Functional/Controller/Mail/MailTaskIntegrationControllerTest.php
+5 -5
View File
@@ -4,11 +4,11 @@ declare(strict_types=1);
namespace App\Tests\Functional\Controller\Mail;
use App\Entity\MailFolder;
use App\Entity\MailMessage;
use App\Entity\Project;
use App\Entity\Task;
use App\Entity\User;
use App\Module\Core\Domain\Entity\User;
use App\Module\Mail\Domain\Entity\MailFolder;
use App\Module\Mail\Domain\Entity\MailMessage;
use App\Module\ProjectManagement\Domain\Entity\Project;
use App\Module\ProjectManagement\Domain\Entity\Task;
use DateTimeImmutable;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
tests/Functional/Controller/ShareBrowseTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Functional\Controller;
use App\Entity\User;
use App\Module\Core\Domain\Entity\User;
use Symfony\Bundle\FrameworkBundle\KernelBrowser;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
tests/Functional/Controller/ShareSearchTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Functional\Controller;
use App\Entity\User;
use App\Module\Core\Domain\Entity\User;
use Symfony\Bundle\FrameworkBundle\KernelBrowser;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
tests/Functional/Controller/ShareSettingsTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Functional\Controller;
use App\Entity\User;
use App\Module\Core\Domain\Entity\User;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
tests/Functional/EventListener/TaskNotificationListenerTest.php
+6 -6
View File
@@ -4,10 +4,10 @@ declare(strict_types=1);
namespace App\Tests\Functional\EventListener;
use App\Entity\Project;
use App\Entity\Task;
use App\Entity\User;
use App\Repository\NotificationRepository;
use App\Module\Core\Domain\Entity\User;
use App\Module\Core\Infrastructure\Doctrine\DoctrineNotificationRepository;
use App\Module\ProjectManagement\Domain\Entity\Project;
use App\Module\ProjectManagement\Domain\Entity\Task;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
@@ -19,7 +19,7 @@ use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
class TaskNotificationListenerTest extends KernelTestCase
{
private EntityManagerInterface $em;
private NotificationRepository $notifications;
private DoctrineNotificationRepository $notifications;
private TokenStorageInterface $tokenStorage;
private Project $project;
private User $actor;
@@ -31,7 +31,7 @@ class TaskNotificationListenerTest extends KernelTestCase
self::bootKernel();
$c = self::getContainer();
$this->em = $c->get(EntityManagerInterface::class);
$this->notifications = $c->get(NotificationRepository::class);
$this->notifications = $c->get(DoctrineNotificationRepository::class);
$this->tokenStorage = $c->get(TokenStorageInterface::class);
$project = $this->em->getRepository(Project::class)->findOneBy([]);
tests/Functional/Mcp/AbsenceRequestLifecycleTest.php
+23 -23
View File
@@ -4,19 +4,19 @@ declare(strict_types=1);
namespace App\Tests\Functional\Mcp;
use App\Entity\AbsenceBalance;
use App\Entity\AbsencePolicy;
use App\Entity\User;
use App\Enum\AbsenceType;
use App\Mcp\Tool\Absence\CancelAbsenceRequestTool;
use App\Mcp\Tool\Absence\CreateAbsenceRequestTool;
use App\Mcp\Tool\Absence\ReviewAbsenceRequestTool;
use App\Repository\AbsenceBalanceRepository;
use App\Repository\AbsencePolicyRepository;
use App\Repository\AbsenceRequestRepository;
use App\Repository\UserRepository;
use App\Service\AbsenceBalanceService;
use App\Service\AbsenceDayCalculator;
use App\Module\Absence\Application\Service\AbsenceBalanceService;
use App\Module\Absence\Domain\Entity\AbsenceBalance;
use App\Module\Absence\Domain\Entity\AbsencePolicy;
use App\Module\Absence\Domain\Enum\AbsenceType;
use App\Module\Absence\Domain\Service\AbsenceDayCalculator;
use App\Module\Absence\Infrastructure\Doctrine\DoctrineAbsenceBalanceRepository;
use App\Module\Absence\Infrastructure\Doctrine\DoctrineAbsencePolicyRepository;
use App\Module\Absence\Infrastructure\Doctrine\DoctrineAbsenceRequestRepository;
use App\Module\Absence\Infrastructure\Mcp\Tool\CancelAbsenceRequestTool;
use App\Module\Absence\Infrastructure\Mcp\Tool\CreateAbsenceRequestTool;
use App\Module\Absence\Infrastructure\Mcp\Tool\ReviewAbsenceRequestTool;
use App\Module\Core\Domain\Entity\User;
use App\Module\Core\Infrastructure\Doctrine\DoctrineUserRepository;
use Doctrine\ORM\EntityManagerInterface;
use InvalidArgumentException;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
@@ -93,7 +93,7 @@ class AbsenceRequestLifecycleTest extends KernelTestCase
self::assertSame(5.0, (float) $data['countedDays']);
self::assertSame($this->employee->getId(), $data['user']['id']);
$balance = self::getContainer()->get(AbsenceBalanceRepository::class)
$balance = self::getContainer()->get(DoctrineAbsenceBalanceRepository::class)
->findOneForPeriod($this->employee, AbsenceType::PaidLeave, '2026-2027')
;
self::assertNotNull($balance);
@@ -113,7 +113,7 @@ class AbsenceRequestLifecycleTest extends KernelTestCase
self::assertSame('approved', $data['status']);
self::assertSame($this->admin->getId(), $data['reviewedBy']['id']);
$balance = self::getContainer()->get(AbsenceBalanceRepository::class)
$balance = self::getContainer()->get(DoctrineAbsenceBalanceRepository::class)
->findOneForPeriod($this->employee, AbsenceType::PaidLeave, '2026-2027')
;
self::assertSame(0.0, $balance->getPending());
@@ -128,7 +128,7 @@ class AbsenceRequestLifecycleTest extends KernelTestCase
);
// Shrink the entitlement below the 5 requested days.
$balance = self::getContainer()->get(AbsenceBalanceRepository::class)
$balance = self::getContainer()->get(DoctrineAbsenceBalanceRepository::class)
->findOneForPeriod($this->employee, AbsenceType::PaidLeave, '2026-2027')
;
$balance->setAcquired(2.0);
@@ -158,7 +158,7 @@ class AbsenceRequestLifecycleTest extends KernelTestCase
$data = json_decode(($this->cancelTool($this->admin))($created['id']), true);
self::assertSame('cancelled', $data['status']);
$balance = self::getContainer()->get(AbsenceBalanceRepository::class)
$balance = self::getContainer()->get(DoctrineAbsenceBalanceRepository::class)
->findOneForPeriod($this->employee, AbsenceType::PaidLeave, '2026-2027')
;
self::assertSame(0.0, $balance->getTaken());
@@ -195,7 +195,7 @@ class AbsenceRequestLifecycleTest extends KernelTestCase
);
self::assertSame('pending', $data['status']);
$balance = self::getContainer()->get(AbsenceBalanceRepository::class)
$balance = self::getContainer()->get(DoctrineAbsenceBalanceRepository::class)
->findOneForPeriod($this->employee, AbsenceType::Bereavement, '2026')
;
self::assertNull($balance, 'Bereavement must not create or touch any balance.');
@@ -216,9 +216,9 @@ class AbsenceRequestLifecycleTest extends KernelTestCase
return new CreateAbsenceRequestTool(
$c->get(EntityManagerInterface::class),
$c->get(UserRepository::class),
$c->get(AbsencePolicyRepository::class),
$c->get(AbsenceRequestRepository::class),
$c->get(DoctrineUserRepository::class),
$c->get(DoctrineAbsencePolicyRepository::class),
$c->get(DoctrineAbsenceRequestRepository::class),
$c->get(AbsenceDayCalculator::class),
$c->get(AbsenceBalanceService::class),
$this->securityFor($actor),
@@ -231,7 +231,7 @@ class AbsenceRequestLifecycleTest extends KernelTestCase
return new ReviewAbsenceRequestTool(
$c->get(EntityManagerInterface::class),
$c->get(AbsenceRequestRepository::class),
$c->get(DoctrineAbsenceRequestRepository::class),
$c->get(AbsenceBalanceService::class),
$this->securityFor($actor),
);
@@ -243,7 +243,7 @@ class AbsenceRequestLifecycleTest extends KernelTestCase
return new CancelAbsenceRequestTool(
$c->get(EntityManagerInterface::class),
$c->get(AbsenceRequestRepository::class),
$c->get(DoctrineAbsenceRequestRepository::class),
$c->get(AbsenceBalanceService::class),
$this->securityFor($actor),
);
tests/Functional/Module/Core/AuditListenerTest.php
+108
View File
@@ -0,0 +1,108 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Core;
use App\Module\Core\Domain\Entity\User;
use Doctrine\DBAL\Connection;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
/**
* @internal
*/
final class AuditListenerTest extends KernelTestCase
{
private EntityManagerInterface $em;
private Connection $auditConnection;
protected function setUp(): void
{
self::bootKernel();
$container = self::getContainer();
$this->em = $container->get(EntityManagerInterface::class);
$this->auditConnection = $container->get('doctrine.dbal.audit_connection');
// Clean slate for deterministic assertions: these tests are not wrapped
// in a rolled-back transaction, so remove any leftover rows from a
// previous run before each test.
$this->em->getConnection()->executeStatement("DELETE FROM \"user\" WHERE username LIKE 'audit\\_%'");
$this->auditConnection->executeStatement('DELETE FROM audit_log');
}
protected function tearDown(): void
{
parent::tearDown();
unset($this->em, $this->auditConnection);
}
public function testCreateUserIsAudited(): void
{
$user = $this->makeUser('audit_create_user');
$this->em->persist($user);
$this->em->flush();
$rows = $this->fetchLogs('core.User', (string) $user->getId());
self::assertCount(1, $rows);
self::assertSame('create', $rows[0]['action']);
$changes = json_decode((string) $rows[0]['changes'], true);
self::assertArrayHasKey('username', $changes);
self::assertArrayNotHasKey('password', $changes, 'password must be excluded via #[AuditIgnore]');
self::assertArrayNotHasKey('apiToken', $changes, 'apiToken must be excluded via #[AuditIgnore]');
}
public function testUpdateUserIsAuditedWithDiff(): void
{
$user = $this->makeUser('audit_update_user');
$this->em->persist($user);
$this->em->flush();
$this->auditConnection->executeStatement('DELETE FROM audit_log');
$user->setFirstName('Changed');
$this->em->flush();
$rows = $this->fetchLogs('core.User', (string) $user->getId());
self::assertCount(1, $rows);
self::assertSame('update', $rows[0]['action']);
$changes = json_decode((string) $rows[0]['changes'], true);
self::assertArrayHasKey('firstName', $changes);
self::assertSame('Changed', $changes['firstName']['new']);
}
public function testDeleteUserIsAudited(): void
{
$user = $this->makeUser('audit_delete_user');
$this->em->persist($user);
$this->em->flush();
$id = (string) $user->getId();
$this->auditConnection->executeStatement('DELETE FROM audit_log');
$this->em->remove($user);
$this->em->flush();
$rows = $this->fetchLogs('core.User', $id);
self::assertCount(1, $rows);
self::assertSame('delete', $rows[0]['action']);
}
private function makeUser(string $username): User
{
$user = new User();
$user->setUsername($username);
$user->setPassword('hashed-secret');
$user->setRoles(['ROLE_USER']);
return $user;
}
/**
* @return list<array<string, mixed>>
*/
private function fetchLogs(string $entityType, string $entityId): array
{
return $this->auditConnection->fetchAllAssociative(
'SELECT action, changes FROM audit_log WHERE entity_type = :t AND entity_id = :id ORDER BY performed_at ASC',
['t' => $entityType, 'id' => $entityId],
);
}
}
tests/Functional/Module/Core/AuditLogApiTest.php
+140
View File
@@ -0,0 +1,140 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Core;
use App\Module\Core\Domain\Entity\User;
use Doctrine\DBAL\Connection;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\KernelBrowser;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
use Symfony\Component\Uid\Uuid;
/**
* @internal
*/
final class AuditLogApiTest extends WebTestCase
{
public function testGetCollectionRequiresAuthentication(): void
{
$client = self::createClient();
$this->seedAuditLog();
$client->request('GET', '/api/audit-logs');
self::assertResponseStatusCodeSame(401);
}
public function testUserWithoutPermissionIsForbidden(): void
{
$client = self::createClient();
$this->seedAuditLog();
$this->loginUser($client, 'alice');
$client->request('GET', '/api/audit-logs');
self::assertResponseStatusCodeSame(403);
}
public function testAdminCanListAuditLogs(): void
{
$client = self::createClient();
$this->seedAuditLog();
$this->loginUser($client, 'admin');
$client->request('GET', '/api/audit-logs');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertArrayHasKey('member', $data);
self::assertArrayHasKey('totalItems', $data);
self::assertGreaterThanOrEqual(3, $data['totalItems']);
}
public function testFilterByActionReturnsOnlyMatchingEntries(): void
{
$client = self::createClient();
$this->seedAuditLog();
$this->loginUser($client, 'admin');
$client->request('GET', '/api/audit-logs?action=update');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertNotEmpty($data['member']);
foreach ($data['member'] as $entry) {
self::assertSame('update', $entry['action']);
}
}
public function testFilterByEntityType(): void
{
$client = self::createClient();
$this->seedAuditLog();
$this->loginUser($client, 'admin');
$client->request('GET', '/api/audit-logs?entity_type=core.User');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertNotEmpty($data['member']);
foreach ($data['member'] as $entry) {
self::assertSame('core.User', $entry['entityType']);
}
}
public function testInvalidActionFilterIsRejected(): void
{
$client = self::createClient();
$this->seedAuditLog();
$this->loginUser($client, 'admin');
$client->request('GET', '/api/audit-logs?action=bogus');
self::assertResponseStatusCodeSame(400);
}
/**
* Insert deterministic audit rows directly through the audit connection.
*
* The table audit_log has no ORM entity (written via raw DBAL), so we
* clean and seed it via the dedicated connection. These tests are not
* wrapped in a rolled-back transaction, hence the upfront DELETE.
*/
private function seedAuditLog(): void
{
/** @var Connection $audit */
$audit = self::getContainer()->get('doctrine.dbal.audit_connection');
$audit->executeStatement('DELETE FROM audit_log');
$rows = [
['core.User', 'create', '{"username":"seed-create"}'],
['core.User', 'update', '{"firstName":{"old":"a","new":"b"}}'],
['core.Role', 'delete', '{}'],
];
$performedAt = '2026-04-22 10:00:00';
foreach ($rows as $i => [$entityType, $action, $changes]) {
$audit->insert('audit_log', [
'id' => Uuid::v7()->toRfc4122(),
'entity_type' => $entityType,
'entity_id' => (string) ($i + 1),
'action' => $action,
'changes' => $changes,
'performed_by' => 'admin',
'performed_at' => $performedAt,
'ip_address' => '127.0.0.1',
'request_id' => 'req-'.$i,
]);
}
}
private function loginUser(KernelBrowser $client, string $username): void
{
$em = self::getContainer()->get(EntityManagerInterface::class);
$user = $em->getRepository(User::class)->findOneBy(['username' => $username]);
self::assertInstanceOf(User::class, $user);
$client->loginUser($user);
}
}
tests/Functional/Module/Core/NotifierTest.php
+35
View File
@@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Core;
use App\Module\Core\Domain\Entity\User;
use App\Shared\Domain\Contract\NotifierInterface;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
/**
* @internal
*/
final class NotifierTest extends KernelTestCase
{
public function testNotifyPersistsANotificationForTheUser(): void
{
self::bootKernel();
$em = self::getContainer()->get(EntityManagerInterface::class);
$notifier = self::getContainer()->get(NotifierInterface::class);
$user = $em->getRepository(User::class)->findOneBy(['username' => 'alice']);
self::assertNotNull($user);
$title = 'Titre-'.uniqid('', true);
$notifier->notify($user, 'task_assigned', $title, 'Message');
$count = (int) $em->createQuery(
'SELECT COUNT(n.id) FROM App\Module\Core\Domain\Entity\Notification n WHERE n.user = :u AND n.title = :t'
)->setParameter('u', $user)->setParameter('t', $title)->getSingleScalarResult();
self::assertSame(1, $count);
}
}
tests/Functional/Module/Core/RoleApiTest.php
+79
View File
@@ -0,0 +1,79 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Core;
use App\Module\Core\Domain\Entity\Role;
use App\Module\Core\Domain\Entity\User;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\KernelBrowser;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
* @internal
*/
final class RoleApiTest extends WebTestCase
{
public function testGetCollectionRequiresAuthentication(): void
{
$client = self::createClient();
$client->request('GET', '/api/roles');
self::assertResponseStatusCodeSame(401);
}
public function testAdminCanListRoles(): void
{
$client = self::createClient();
$this->loginAdmin($client);
$client->request('GET', '/api/roles');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertArrayHasKey('member', $data);
}
public function testAdminCanCreateRole(): void
{
$client = self::createClient();
$this->loginAdmin($client);
$code = 'bureau_'.uniqid();
$client->request('POST', '/api/roles', server: [
'CONTENT_TYPE' => 'application/ld+json',
], content: json_encode(['code' => $code, 'label' => 'Bureau']));
self::assertResponseStatusCodeSame(201);
$data = json_decode($client->getResponse()->getContent(), true);
self::assertSame($code, $data['code']);
self::assertSame('Bureau', $data['label']);
self::assertFalse($data['isSystem']);
}
public function testDeletingSystemRoleIsForbidden(): void
{
$client = self::createClient();
$em = self::getContainer()->get(EntityManagerInterface::class);
$systemRole = new Role('sys_'.uniqid(), 'System role', 'Rôle système', true);
$em->persist($systemRole);
$em->flush();
$id = $systemRole->getId();
$this->loginAdmin($client);
$client->request('DELETE', '/api/roles/'.$id);
self::assertResponseStatusCodeSame(403);
}
private function loginAdmin(KernelBrowser $client): void
{
$em = self::getContainer()->get(EntityManagerInterface::class);
$user = $em->getRepository(User::class)->findOneBy(['username' => 'admin']);
self::assertInstanceOf(User::class, $user);
$client->loginUser($user);
}
}
tests/Functional/Module/Core/SeedRbacCommandTest.php
+35
View File
@@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Core;
use App\Module\Core\Domain\Repository\RoleRepositoryInterface;
use App\Module\Core\Domain\Security\SystemRoles;
use Symfony\Bundle\FrameworkBundle\Console\Application;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
use Symfony\Component\Console\Tester\CommandTester;
/**
* @internal
*/
final class SeedRbacCommandTest extends KernelTestCase
{
public function testSeedsSystemRolesIdempotently(): void
{
$kernel = self::bootKernel();
$app = new Application($kernel);
$tester = new CommandTester($app->find('app:seed-rbac'));
$tester->execute([]);
$tester->assertCommandIsSuccessful();
$tester->execute([]); // idempotent
$tester->assertCommandIsSuccessful();
$repo = self::getContainer()->get(RoleRepositoryInterface::class);
$admin = $repo->findByCode(SystemRoles::ADMIN_CODE);
self::assertNotNull($admin);
self::assertTrue($admin->isSystem());
self::assertNotNull($repo->findByCode(SystemRoles::USER_CODE));
}
}
tests/Functional/Module/Core/SyncPermissionsCommandTest.php
+29
View File
@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Core;
use App\Module\Core\Domain\Repository\PermissionRepositoryInterface;
use Symfony\Bundle\FrameworkBundle\Console\Application;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
use Symfony\Component\Console\Tester\CommandTester;
/**
* @internal
*/
final class SyncPermissionsCommandTest extends KernelTestCase
{
public function testSyncCreatesCorePermissions(): void
{
$kernel = self::bootKernel();
$app = new Application($kernel);
$tester = new CommandTester($app->find('app:sync-permissions'));
$tester->execute([]);
$tester->assertCommandIsSuccessful();
$repo = self::getContainer()->get(PermissionRepositoryInterface::class);
self::assertNotNull($repo->findByCode('core.users.manage'));
self::assertContains('core.roles.manage', $repo->findAllCodes());
}
}
tests/Functional/Module/Core/UserRbacApiTest.php
+134
View File
@@ -0,0 +1,134 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Core;
use App\Module\Core\Domain\Entity\Permission;
use App\Module\Core\Domain\Entity\Role;
use App\Module\Core\Domain\Entity\User;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\KernelBrowser;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
* @internal
*/
final class UserRbacApiTest extends WebTestCase
{
public function testAdminCanReadUserRbac(): void
{
$client = self::createClient();
$this->loginAdmin($client);
$aliceId = $this->userId('alice');
$client->request('GET', '/api/users/'.$aliceId.'/rbac');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertArrayHasKey('rbacRoles', $data);
self::assertArrayHasKey('directPermissions', $data);
self::assertArrayHasKey('effectivePermissions', $data);
}
public function testRbacRequiresAuthentication(): void
{
$client = self::createClient();
$aliceId = $this->userId('alice');
$client->request('GET', '/api/users/'.$aliceId.'/rbac');
self::assertResponseStatusCodeSame(401);
}
public function testAdminCanAssignRoleViaPatch(): void
{
$client = self::createClient();
$em = self::getContainer()->get(EntityManagerInterface::class);
$roleCode = 'reviewer_'.uniqid();
$role = new Role($roleCode, 'Reviewer');
$em->persist($role);
$target = $this->createUser($em, 'rbac-assign-'.uniqid());
$em->flush();
$roleId = $role->getId();
$targetId = $target->getId();
$this->loginAdmin($client);
$client->request('PATCH', '/api/users/'.$targetId.'/rbac', server: [
'CONTENT_TYPE' => 'application/merge-patch+json',
], content: json_encode(['rbacRoles' => ['/api/roles/'.$roleId]]));
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertCount(1, $data['rbacRoles']);
$em->clear();
$reloaded = $em->getRepository(User::class)->find($targetId);
self::assertCount(1, $reloaded->getRbacRoles());
self::assertSame($roleCode, $reloaded->getRbacRoles()->first()->getCode());
}
public function testPartialPatchDoesNotWipeOtherCollection(): void
{
$client = self::createClient();
$em = self::getContainer()->get(EntityManagerInterface::class);
$permission = $em->getRepository(Permission::class)->findOneBy(['code' => 'core.users.view']);
self::assertInstanceOf(Permission::class, $permission);
$role = new Role('auditor_'.uniqid(), 'Auditor');
$em->persist($role);
// Dedicated user pre-loaded with a direct permission.
$target = $this->createUser($em, 'rbac-partial-'.uniqid());
$target->addDirectPermission($permission);
$em->flush();
$roleId = $role->getId();
$targetId = $target->getId();
$this->loginAdmin($client);
// PATCH only rbacRoles — directPermissions is absent from the payload.
$client->request('PATCH', '/api/users/'.$targetId.'/rbac', server: [
'CONTENT_TYPE' => 'application/merge-patch+json',
], content: json_encode(['rbacRoles' => ['/api/roles/'.$roleId]]));
self::assertResponseIsSuccessful();
$em->clear();
$reloaded = $em->getRepository(User::class)->find($targetId);
self::assertCount(1, $reloaded->getRbacRoles(), 'Role should have been assigned');
self::assertCount(1, $reloaded->getDirectPermissions(), 'Direct permission must not be wiped by a partial PATCH');
}
private function createUser(EntityManagerInterface $em, string $username): User
{
$user = new User();
$user->setUsername($username);
$user->setPassword('x');
$user->setRoles(['ROLE_USER']);
$em->persist($user);
return $user;
}
private function loginAdmin(KernelBrowser $client): void
{
$em = self::getContainer()->get(EntityManagerInterface::class);
$user = $em->getRepository(User::class)->findOneBy(['username' => 'admin']);
self::assertInstanceOf(User::class, $user);
$client->loginUser($user);
}
private function userId(string $username): int
{
$em = self::getContainer()->get(EntityManagerInterface::class);
$user = $em->getRepository(User::class)->findOneBy(['username' => $username]);
self::assertInstanceOf(User::class, $user);
return $user->getId();
}
}
tests/Functional/Module/Directory/ProspectConversionTest.php
+74
View File
@@ -0,0 +1,74 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Directory;
use ApiPlatform\Metadata\Post;
use App\Module\Directory\Domain\Entity\Prospect;
use App\Module\Directory\Domain\Enum\ProspectStatus;
use App\Module\Directory\Infrastructure\ApiPlatform\State\ConvertProspectProcessor;
use App\Module\Directory\Infrastructure\Doctrine\DoctrineProspectRepository;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
/**
* @internal
*/
class ProspectConversionTest extends KernelTestCase
{
private EntityManagerInterface $em;
protected function setUp(): void
{
self::bootKernel();
$this->em = self::getContainer()->get(EntityManagerInterface::class);
}
public function testConvertCreatesClientAndFlagsProspectWon(): void
{
$prospect = new Prospect();
$prospect->setName('Lead Test');
$prospect->setCompany('Lead Company '.uniqid());
$prospect->setEmail('lead@example.com');
$prospect->setPhone('06 00 00 00 00');
$prospect->setStatus(ProspectStatus::Qualified);
$this->em->persist($prospect);
$this->em->flush();
$result = $this->processor()->process($prospect, new Post(), ['id' => $prospect->getId()]);
self::assertSame(ProspectStatus::Won, $result->getStatus());
$client = $result->getConvertedClient();
self::assertNotNull($client);
self::assertSame($prospect->getCompany(), $client->getName());
}
public function testConvertIsIdempotent(): void
{
$prospect = new Prospect();
$prospect->setName('Idempotent Lead');
$prospect->setStatus(ProspectStatus::New);
$this->em->persist($prospect);
$this->em->flush();
$processor = $this->processor();
$first = $processor->process($prospect, new Post(), ['id' => $prospect->getId()]);
$clientId = $first->getConvertedClient()?->getId();
$second = $processor->process($prospect, new Post(), ['id' => $prospect->getId()]);
self::assertNotNull($clientId);
self::assertSame($clientId, $second->getConvertedClient()?->getId());
}
private function processor(): ConvertProspectProcessor
{
$c = self::getContainer();
return new ConvertProspectProcessor(
$c->get(EntityManagerInterface::class),
$c->get(DoctrineProspectRepository::class),
);
}
}
tests/Functional/Module/ProjectManagement/TaskTimestampableTest.php
+102
View File
@@ -0,0 +1,102 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\ProjectManagement;
use App\Module\ProjectManagement\Domain\Entity\Project;
use App\Module\ProjectManagement\Domain\Entity\Task;
use DateTimeImmutable;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
/**
* Task adopts TimestampableBlamableTrait (LST-65 slice 3).
* Verifies the TimestampableBlamableSubscriber populates created_at on
* persist and refreshes updated_at on update.
*
* @internal
*/
final class TaskTimestampableTest extends KernelTestCase
{
private EntityManagerInterface $em;
protected function setUp(): void
{
self::bootKernel();
$this->em = self::getContainer()->get(EntityManagerInterface::class);
$this->em->getConnection()->executeStatement("DELETE FROM task WHERE title = 'ts-test-task'");
}
protected function tearDown(): void
{
$this->em->getConnection()->executeStatement("DELETE FROM task WHERE title = 'ts-test-task'");
parent::tearDown();
unset($this->em);
}
public function testCreatedAtIsSetOnPersist(): void
{
$task = $this->makeTask();
$this->em->persist($task);
$this->em->flush();
self::assertInstanceOf(DateTimeImmutable::class, $task->getCreatedAt(), 'createdAt must be set after flush');
self::assertInstanceOf(DateTimeImmutable::class, $task->getUpdatedAt(), 'updatedAt must be set after flush');
$taskId = $task->getId();
$this->em->clear();
$reloaded = $this->em->getRepository(Task::class)->find($taskId);
self::assertNotNull($reloaded);
self::assertNotNull($reloaded->getCreatedAt(), 'created_at must be persisted in DB');
}
public function testUpdatedAtIsRefreshedOnUpdate(): void
{
$task = $this->makeTask();
$this->em->persist($task);
$this->em->flush();
$taskId = $task->getId();
$initialUpdatedAt = $task->getUpdatedAt();
self::assertNotNull($initialUpdatedAt);
// Backdate the persisted value so the preUpdate refresh is observable
// even within the same second.
$this->em->getConnection()->executeStatement(
"UPDATE task SET updated_at = '2000-01-01 00:00:00' WHERE id = :id",
['id' => $taskId],
);
$this->em->clear();
/** @var Task $managed */
$managed = $this->em->getRepository(Task::class)->find($taskId);
self::assertSame('2000-01-01 00:00:00', $managed->getUpdatedAt()?->format('Y-m-d H:i:s'));
$managed->setDescription('changed description');
$this->em->flush();
$this->em->clear();
/** @var Task $reloaded */
$reloaded = $this->em->getRepository(Task::class)->find($taskId);
self::assertNotNull($reloaded->getUpdatedAt());
self::assertNotSame(
'2000-01-01 00:00:00',
$reloaded->getUpdatedAt()->format('Y-m-d H:i:s'),
'updated_at must be refreshed and persisted on UPDATE',
);
}
private function makeTask(): Task
{
$project = $this->em->getRepository(Project::class)->findOneBy([]);
self::assertNotNull($project, 'Les fixtures doivent fournir au moins un projet.');
$task = new Task();
$task->setNumber(random_int(100000, 999999));
$task->setTitle('ts-test-task');
$task->setProject($project);
return $task;
}
}
tests/Functional/Module/Reporting/ReportingApiTest.php
+96
View File
@@ -0,0 +1,96 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\Reporting;
use App\Module\Core\Domain\Entity\User;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\KernelBrowser;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
* @internal
*/
final class ReportingApiTest extends WebTestCase
{
public function testGetCollectionRequiresAuthentication(): void
{
$client = self::createClient();
$client->request('GET', '/api/reports/time-per-project?from=2026-01-01&to=2027-01-01');
self::assertResponseStatusCodeSame(401);
}
public function testAdminCanListTimePerProject(): void
{
$client = self::createClient();
$this->loginUser($client, 'admin');
$client->request('GET', '/api/reports/time-per-project?from=2026-01-01&to=2027-01-01');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertArrayHasKey('member', $data);
// Le rapport est non pagine : la structure hydra expose tout de meme un
// tableau `member`. Si des projets ont du temps logge, chaque membre
// porte au minimum projectId et hours.
foreach ($data['member'] as $row) {
self::assertArrayHasKey('projectId', $row);
self::assertArrayHasKey('hours', $row);
self::assertIsInt($row['projectId']);
}
}
public function testValidProjectIdFilterIsAccepted(): void
{
$client = self::createClient();
$this->loginUser($client, 'admin');
// projectId arrive en chaine ("1") : la validation doit l'accepter (200),
// garde-fou contre une regression de type-juggling sur le filtre entier.
$client->request('GET', '/api/reports/time-per-project?from=2026-01-01&to=2027-01-01&projectId=1');
self::assertResponseIsSuccessful();
}
public function testInvalidProjectIdFilterIsRejected(): void
{
$client = self::createClient();
$this->loginUser($client, 'admin');
$client->request('GET', '/api/reports/time-per-project?projectId=abc');
self::assertResponseStatusCodeSame(400);
}
public function testInvalidDateFilterIsRejected(): void
{
$client = self::createClient();
$this->loginUser($client, 'admin');
$client->request('GET', '/api/reports/time-per-project?from=not-a-date');
self::assertResponseStatusCodeSame(400);
}
public function testUserWithoutPermissionIsForbidden(): void
{
$client = self::createClient();
$this->loginUser($client, 'alice');
$client->request('GET', '/api/reports/time-per-project?from=2026-01-01&to=2027-01-01');
self::assertResponseStatusCodeSame(403);
}
private function loginUser(KernelBrowser $client, string $username): void
{
$em = self::getContainer()->get(EntityManagerInterface::class);
$user = $em->getRepository(User::class)->findOneBy(['username' => $username]);
self::assertInstanceOf(User::class, $user);
$client->loginUser($user);
}
}
tests/Functional/Module/TimeTracking/TimeEntryTimestampableTest.php
+111
View File
@@ -0,0 +1,111 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Module\TimeTracking;
use App\Module\Core\Domain\Entity\User;
use App\Module\TimeTracking\Domain\Entity\TimeEntry;
use DateTimeImmutable;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
/**
* TimeEntry is the first adopter of TimestampableBlamableTrait.
* Verifies the TimestampableBlamableSubscriber populates created_at on
* persist and refreshes updated_at on update.
*
* @internal
*/
final class TimeEntryTimestampableTest extends KernelTestCase
{
private EntityManagerInterface $em;
protected function setUp(): void
{
self::bootKernel();
$this->em = self::getContainer()->get(EntityManagerInterface::class);
// Clean slate for deterministic assertions: these tests are not wrapped
// in a rolled-back transaction.
$this->em->getConnection()->executeStatement("DELETE FROM time_entry WHERE title = 'ts-test-entry'");
$this->em->getConnection()->executeStatement("DELETE FROM \"user\" WHERE username = 'ts_test_user'");
}
protected function tearDown(): void
{
$this->em->getConnection()->executeStatement("DELETE FROM time_entry WHERE title = 'ts-test-entry'");
$this->em->getConnection()->executeStatement("DELETE FROM \"user\" WHERE username = 'ts_test_user'");
parent::tearDown();
unset($this->em);
}
public function testCreatedAtIsSetOnPersist(): void
{
$entry = $this->makeEntry();
$this->em->persist($entry);
$this->em->flush();
self::assertInstanceOf(DateTimeImmutable::class, $entry->getCreatedAt(), 'createdAt must be set after flush');
self::assertInstanceOf(DateTimeImmutable::class, $entry->getUpdatedAt(), 'updatedAt must be set after flush');
// Confirm it was actually persisted to the DB, not just the in-memory object.
$this->em->clear();
$reloaded = $this->em->getRepository(TimeEntry::class)->find($entry->getId());
self::assertNotNull($reloaded);
self::assertNotNull($reloaded->getCreatedAt(), 'created_at must be persisted in DB');
}
public function testUpdatedAtIsRefreshedOnUpdate(): void
{
$entry = $this->makeEntry();
$this->em->persist($entry);
$this->em->flush();
$entryId = $entry->getId();
$initialUpdatedAt = $entry->getUpdatedAt();
self::assertNotNull($initialUpdatedAt);
// Force a distinguishable timestamp by backdating the persisted value,
// so the preUpdate refresh is observable even within the same second.
$this->em->getConnection()->executeStatement(
"UPDATE time_entry SET updated_at = '2000-01-01 00:00:00' WHERE id = :id",
['id' => $entryId],
);
$this->em->clear();
/** @var TimeEntry $managed */
$managed = $this->em->getRepository(TimeEntry::class)->find($entryId);
self::assertSame('2000-01-01 00:00:00', $managed->getUpdatedAt()?->format('Y-m-d H:i:s'));
// Mutate a tracked field and flush -> preUpdate must refresh updated_at.
$managed->setTitle('ts-test-entry');
$managed->setDescription('changed description');
$this->em->flush();
$this->em->clear();
/** @var TimeEntry $reloaded */
$reloaded = $this->em->getRepository(TimeEntry::class)->find($entryId);
self::assertNotNull($reloaded->getUpdatedAt());
self::assertNotSame(
'2000-01-01 00:00:00',
$reloaded->getUpdatedAt()->format('Y-m-d H:i:s'),
'updated_at must be refreshed and persisted on UPDATE',
);
}
private function makeEntry(): TimeEntry
{
$user = new User();
$user->setUsername('ts_test_user');
$user->setPassword('hashed-secret');
$user->setRoles(['ROLE_USER']);
$this->em->persist($user);
$entry = new TimeEntry();
$entry->setUser($user);
$entry->setTitle('ts-test-entry');
$entry->setStartedAt(new DateTimeImmutable());
return $entry;
}
}
tests/Functional/Shared/ModulesEndpointTest.php
+34
View File
@@ -0,0 +1,34 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Shared;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
* @internal
*/
final class ModulesEndpointTest extends WebTestCase
{
public function testModulesEndpointIsPublicAndReturnsModulesKey(): void
{
$client = self::createClient();
$client->request('GET', '/api/modules');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertArrayHasKey('modules', $data);
self::assertIsArray($data['modules']);
}
public function testCoreModuleIsActive(): void
{
$client = self::createClient();
$client->request('GET', '/api/modules');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertContains('core', $data['modules']);
}
}
tests/Functional/Shared/SidebarEndpointTest.php
+69
View File
@@ -0,0 +1,69 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Shared;
use App\Module\Core\Domain\Entity\User;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
* @internal
*/
final class SidebarEndpointTest extends WebTestCase
{
public function testSidebarRequiresAuthentication(): void
{
$client = self::createClient();
$client->request('GET', '/api/sidebar');
self::assertResponseStatusCodeSame(401);
}
public function testSidebarReturnsSectionsForAuthenticatedUser(): void
{
$client = self::createClient();
$em = self::getContainer()->get('doctrine.orm.entity_manager');
$user = $em->getRepository(User::class)->findOneBy(['username' => 'alice']);
$client->loginUser($user);
$client->request('GET', '/api/sidebar');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertArrayHasKey('sections', $data);
self::assertArrayHasKey('disabledRoutes', $data);
self::assertNotEmpty($data['sections']);
}
public function testAdminSectionHiddenForNonAdmin(): void
{
$client = self::createClient();
$em = self::getContainer()->get('doctrine.orm.entity_manager');
$user = $em->getRepository(User::class)->findOneBy(['username' => 'alice']); // ROLE_USER
$client->loginUser($user);
$client->request('GET', '/api/sidebar');
$data = json_decode($client->getResponse()->getContent(), true);
$labels = array_column($data['sections'], 'label');
self::assertNotContains('sidebar.admin.section', $labels);
}
public function testAdminSectionVisibleForAdmin(): void
{
$client = self::createClient();
$em = self::getContainer()->get('doctrine.orm.entity_manager');
$user = $em->getRepository(User::class)->findOneBy(['username' => 'admin']); // ROLE_ADMIN
$client->loginUser($user);
$client->request('GET', '/api/sidebar');
$data = json_decode($client->getResponse()->getContent(), true);
$labels = array_column($data['sections'], 'label');
self::assertContains('sidebar.admin.section', $labels);
}
}
tests/Module/Directory/ConvertProspectProcessorTest.php
+67
View File
@@ -0,0 +1,67 @@
<?php
declare(strict_types=1);
namespace App\Tests\Module\Directory;
use ApiPlatform\Metadata\Post;
use App\Module\Directory\Domain\Entity\Address;
use App\Module\Directory\Domain\Entity\CommercialReport;
use App\Module\Directory\Domain\Entity\Contact;
use App\Module\Directory\Domain\Entity\Prospect;
use App\Module\Directory\Domain\Enum\ReportType;
use App\Module\Directory\Infrastructure\ApiPlatform\State\ConvertProspectProcessor;
use DateTimeImmutable;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
/**
* @internal
*/
final class ConvertProspectProcessorTest extends KernelTestCase
{
public function testConvertReassignsContactsAddressesAndReports(): void
{
self::bootKernel();
/** @var EntityManagerInterface $em */
$em = self::getContainer()->get(EntityManagerInterface::class);
$prospect = new Prospect();
$prospect->setName('Atelier Test');
$prospect->setCompany('Atelier Test SARL');
$em->persist($prospect);
$contact = new Contact()->setLastName('Durand')->setProspect($prospect);
$address = new Address()->setCity('Niort')->setProspect($prospect);
$report = new CommercialReport()
->setSubject('Premier contact')
->setOccurredAt(new DateTimeImmutable('2026-06-01'))
->setType(ReportType::Call)
->setProspect($prospect)
;
$em->persist($contact);
$em->persist($address);
$em->persist($report);
$em->flush();
$processor = self::getContainer()->get(ConvertProspectProcessor::class);
$operation = new Post();
$processor->process($prospect, $operation, ['id' => $prospect->getId()]);
$em->refresh($contact);
$em->refresh($address);
$em->refresh($report);
$client = $prospect->getConvertedClient();
self::assertNotNull($client, 'Prospect should be converted to a client');
// Invariants (pas de counts absolus) : chaque sous-entité pointe vers le client, plus vers le prospect.
self::assertSame($client->getId(), $contact->getClient()?->getId());
self::assertNull($contact->getProspect());
self::assertSame($client->getId(), $address->getClient()?->getId());
self::assertNull($address->getProspect());
self::assertSame($client->getId(), $report->getClient()?->getId());
self::assertNull($report->getProspect());
}
}
tests/Module/Directory/Domain/Enum/ReportTypeTest.php
+23
View File
@@ -0,0 +1,23 @@
<?php
declare(strict_types=1);
namespace App\Tests\Module\Directory\Domain\Enum;
use App\Module\Directory\Domain\Enum\ReportType;
use PHPUnit\Framework\TestCase;
/**
* @internal
*/
final class ReportTypeTest extends TestCase
{
public function testValuesAndLabels(): void
{
self::assertSame('call', ReportType::Call->value);
self::assertSame('Appel', ReportType::Call->label());
self::assertSame('Rendez-vous', ReportType::Meeting->label());
self::assertSame('Email', ReportType::Email->label());
self::assertSame('Note', ReportType::Note->label());
}
}
tests/Unit/Mail/ImapMailProviderTest.php
+7 -7
View File
@@ -4,11 +4,11 @@ declare(strict_types=1);
namespace App\Tests\Unit\Mail;
use App\Entity\MailConfiguration;
use App\Mail\Exception\MailProviderException;
use App\Mail\ImapMailProvider;
use App\Repository\MailConfigurationRepository;
use App\Service\TokenEncryptor;
use App\Module\Mail\Domain\Entity\MailConfiguration;
use App\Module\Mail\Domain\Exception\MailProviderException;
use App\Module\Mail\Domain\Repository\MailConfigurationRepositoryInterface;
use App\Module\Mail\Infrastructure\Imap\ImapMailProvider;
use App\Shared\Infrastructure\Service\TokenEncryptor;
use PHPUnit\Framework\TestCase;
use Psr\Log\NullLogger;
@@ -22,7 +22,7 @@ class ImapMailProviderTest extends TestCase
$config = new MailConfiguration();
$config->setEnabled(false);
$repo = $this->createMock(MailConfigurationRepository::class);
$repo = $this->createMock(MailConfigurationRepositoryInterface::class);
$repo->method('findSingleton')->willReturn($config);
$provider = new ImapMailProvider($repo, $this->makeEncryptor(), new NullLogger());
@@ -33,7 +33,7 @@ class ImapMailProviderTest extends TestCase
public function testThrowsWhenConfigMissing(): void
{
$repo = $this->createMock(MailConfigurationRepository::class);
$repo = $this->createMock(MailConfigurationRepositoryInterface::class);
$repo->method('findSingleton')->willReturn(null);
$provider = new ImapMailProvider($repo, $this->makeEncryptor(), new NullLogger());
tests/Unit/Mail/MailSyncReportTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Unit\Mail;
use App\Mail\Dto\MailSyncReport;
use App\Module\Mail\Application\Dto\MailSyncReport;
use DateTimeImmutable;
use PHPUnit\Framework\TestCase;
tests/Unit/Mail/MimeHeaderDecoderTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Unit\Mail;
use App\Mail\MimeHeaderDecoder;
use App\Module\Mail\Infrastructure\Imap\MimeHeaderDecoder;
use PHPUnit\Framework\TestCase;
/**
tests/Unit/Mcp/CoercingSchemaGeneratorTest.php
+2 -2
View File
@@ -5,8 +5,8 @@ declare(strict_types=1);
namespace App\Tests\Unit\Mcp;
use App\Mcp\Schema\CoercingSchemaGenerator;
use App\Mcp\Tool\Task\CreateTaskTool;
use App\Mcp\Tool\Task\ListTasksTool;
use App\Module\ProjectManagement\Infrastructure\Mcp\Tool\Task\CreateTaskTool;
use App\Module\ProjectManagement\Infrastructure\Mcp\Tool\Task\ListTasksTool;
use PHPUnit\Framework\TestCase;
use ReflectionMethod;
tests/Unit/Module/Core/CoreModuleTest.php
+43
View File
@@ -0,0 +1,43 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Module\Core;
use App\Module\Core\CoreModule;
use App\Shared\Domain\Module\ModuleInterface;
use PHPUnit\Framework\TestCase;
/**
* @internal
*/
final class CoreModuleTest extends TestCase
{
public function testItIsAModule(): void
{
self::assertInstanceOf(ModuleInterface::class, new CoreModule());
}
public function testIdentity(): void
{
self::assertSame('core', CoreModule::id());
self::assertTrue(CoreModule::isRequired());
self::assertNotSame('', CoreModule::label());
}
public function testPermissionsAreWellFormed(): void
{
foreach (CoreModule::permissions() as $permission) {
self::assertArrayHasKey('code', $permission);
self::assertArrayHasKey('label', $permission);
}
}
public function testPermissionsExposeAuditLogView(): void
{
$codes = array_column(CoreModule::permissions(), 'code');
self::assertCount(6, $codes);
self::assertContains('core.audit_log.view', $codes);
}
}
tests/Unit/Module/Core/Domain/Entity/PermissionTest.php
+58
View File
@@ -0,0 +1,58 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Module\Core\Domain\Entity;
use App\Module\Core\Domain\Entity\Permission;
use InvalidArgumentException;
use PHPUnit\Framework\TestCase;
/**
* @internal
*/
final class PermissionTest extends TestCase
{
public function testValidConstruction(): void
{
$p = new Permission('core.users.view', 'Voir les utilisateurs', 'core');
self::assertSame('core.users.view', $p->getCode());
self::assertSame('Voir les utilisateurs', $p->getLabel());
self::assertSame('core', $p->getModule());
self::assertFalse($p->isOrphan());
}
public function testCodeMustContainADot(): void
{
$this->expectException(InvalidArgumentException::class);
new Permission('coreusersview', 'x', 'core');
}
public function testCodeCannotBeEmpty(): void
{
$this->expectException(InvalidArgumentException::class);
new Permission('', 'x', 'core');
}
public function testLabelCannotBeEmpty(): void
{
$this->expectException(InvalidArgumentException::class);
new Permission('core.users.view', '', 'core');
}
public function testModuleCannotBeEmpty(): void
{
$this->expectException(InvalidArgumentException::class);
new Permission('core.users.view', 'x', '');
}
public function testMarkOrphanAndRevive(): void
{
$p = new Permission('core.users.view', 'Voir', 'core');
$p->markOrphan();
self::assertTrue($p->isOrphan());
$p->revive('Voir maj', 'core');
self::assertFalse($p->isOrphan());
self::assertSame('Voir maj', $p->getLabel());
}
}
tests/Unit/Module/Core/Domain/Entity/RoleTest.php
+58
View File
@@ -0,0 +1,58 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Module\Core\Domain\Entity;
use App\Module\Core\Domain\Entity\Permission;
use App\Module\Core\Domain\Entity\Role;
use App\Module\Core\Domain\Exception\SystemRoleDeletionException;
use InvalidArgumentException;
use PHPUnit\Framework\TestCase;
/**
* @internal
*/
final class RoleTest extends TestCase
{
public function testValidConstruction(): void
{
$r = new Role('bureau', 'Bureau');
self::assertSame('bureau', $r->getCode());
self::assertSame('Bureau', $r->getLabel());
self::assertFalse($r->isSystem());
self::assertCount(0, $r->getPermissions());
}
public function testCodeMustBeSnakeCase(): void
{
$this->expectException(InvalidArgumentException::class);
new Role('Bureau Commercial', 'x');
}
public function testAddRemovePermission(): void
{
$r = new Role('bureau', 'Bureau');
$p = new Permission('core.users.view', 'Voir', 'core');
$r->addPermission($p);
self::assertCount(1, $r->getPermissions());
$r->addPermission($p); // idempotent
self::assertCount(1, $r->getPermissions());
$r->removePermission($p);
self::assertCount(0, $r->getPermissions());
}
public function testSystemRoleCannotBeDeleted(): void
{
$r = new Role('admin', 'Administrateur', null, true);
$this->expectException(SystemRoleDeletionException::class);
$r->ensureDeletable();
}
public function testNonSystemRoleIsDeletable(): void
{
$r = new Role('bureau', 'Bureau');
$r->ensureDeletable();
self::assertFalse($r->isSystem());
}
}
tests/Unit/Module/Core/Infrastructure/Security/PermissionVoterTest.php
+53
View File
@@ -0,0 +1,53 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Module\Core\Infrastructure\Security;
use App\Module\Core\Domain\Entity\Permission;
use App\Module\Core\Domain\Entity\Role;
use App\Module\Core\Domain\Entity\User;
use App\Module\Core\Infrastructure\Security\PermissionVoter;
use PHPUnit\Framework\TestCase;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
/**
* @internal
*/
final class PermissionVoterTest extends TestCase
{
public function testAbstainsOnNonRbacAttributes(): void
{
$voter = new PermissionVoter();
$user = new User();
self::assertSame(VoterInterface::ACCESS_ABSTAIN, $voter->vote($this->token($user), null, ['ROLE_ADMIN']));
self::assertSame(VoterInterface::ACCESS_ABSTAIN, $voter->vote($this->token($user), null, ['IS_AUTHENTICATED_FULLY']));
}
public function testGrantsWhenUserHasPermissionViaRole(): void
{
$voter = new PermissionVoter();
$role = new Role('bureau', 'Bureau');
$role->addPermission(new Permission('core.users.view', 'Voir', 'core'));
$user = new User();
$user->addRbacRole($role);
self::assertSame(VoterInterface::ACCESS_GRANTED, $voter->vote($this->token($user), null, ['core.users.view']));
self::assertSame(VoterInterface::ACCESS_DENIED, $voter->vote($this->token($user), null, ['core.users.manage']));
}
public function testAdminBypassesViaRole(): void
{
$voter = new PermissionVoter();
$user = new User();
$user->setRoles(['ROLE_ADMIN']);
self::assertSame(VoterInterface::ACCESS_GRANTED, $voter->vote($this->token($user), null, ['core.users.manage']));
}
private function token(User $user): UsernamePasswordToken
{
return new UsernamePasswordToken($user, 'main', $user->getRoles());
}
}
tests/Unit/Repository/MailConfigurationRepositoryTest.php
+4 -4
View File
@@ -4,8 +4,8 @@ declare(strict_types=1);
namespace App\Tests\Unit\Repository;
use App\Entity\MailConfiguration;
use App\Repository\MailConfigurationRepository;
use App\Module\Mail\Domain\Entity\MailConfiguration;
use App\Module\Mail\Infrastructure\Doctrine\DoctrineMailConfigurationRepository;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
@@ -14,14 +14,14 @@ use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
*/
class MailConfigurationRepositoryTest extends KernelTestCase
{
private MailConfigurationRepository $repository;
private DoctrineMailConfigurationRepository $repository;
private EntityManagerInterface $em;
protected function setUp(): void
{
self::bootKernel();
$container = static::getContainer();
$this->repository = $container->get(MailConfigurationRepository::class);
$this->repository = $container->get(DoctrineMailConfigurationRepository::class);
$this->em = $container->get('doctrine.orm.entity_manager');
$this->em->getConnection()->executeStatement('TRUNCATE TABLE mail_configuration RESTART IDENTITY CASCADE');
}
tests/Unit/Service/AbsenceDayCalculatorTest.php
+3 -3
View File
@@ -4,9 +4,9 @@ declare(strict_types=1);
namespace App\Tests\Unit\Service;
use App\Enum\HalfDay;
use App\Service\AbsenceDayCalculator;
use App\Service\PublicHolidayProvider;
use App\Module\Absence\Domain\Enum\HalfDay;
use App\Module\Absence\Domain\Service\AbsenceDayCalculator;
use App\Module\Absence\Domain\Service\PublicHolidayProvider;
use DateTimeImmutable;
use PHPUnit\Framework\TestCase;
tests/Unit/Service/MailSyncServiceTest.php
+20 -20
View File
@@ -4,14 +4,14 @@ declare(strict_types=1);
namespace App\Tests\Unit\Service;
use App\Entity\MailConfiguration;
use App\Entity\MailFolder;
use App\Mail\Dto\MailFolderDto;
use App\Mail\MailProviderInterface;
use App\Repository\MailConfigurationRepository;
use App\Repository\MailFolderRepository;
use App\Repository\MailMessageRepository;
use App\Service\MailSyncService;
use App\Module\Mail\Application\Dto\MailFolderDto;
use App\Module\Mail\Application\Service\MailSyncService;
use App\Module\Mail\Domain\Entity\MailConfiguration;
use App\Module\Mail\Domain\Entity\MailFolder;
use App\Module\Mail\Domain\Provider\MailProviderInterface;
use App\Module\Mail\Domain\Repository\MailConfigurationRepositoryInterface;
use App\Module\Mail\Domain\Repository\MailFolderRepositoryInterface;
use App\Module\Mail\Domain\Repository\MailMessageRepositoryInterface;
use Doctrine\ORM\EntityManagerInterface;
use Doctrine\Persistence\ManagerRegistry;
use PHPUnit\Framework\TestCase;
@@ -29,12 +29,12 @@ class MailSyncServiceTest extends TestCase
$config = new MailConfiguration();
$config->setEnabled(false);
$configRepo = $this->createMock(MailConfigurationRepository::class);
$configRepo = $this->createMock(MailConfigurationRepositoryInterface::class);
$configRepo->method('findSingleton')->willReturn($config);
$provider = $this->createMock(MailProviderInterface::class);
$folderRepo = $this->createMock(MailFolderRepository::class);
$messageRepo = $this->createMock(MailMessageRepository::class);
$folderRepo = $this->createMock(MailFolderRepositoryInterface::class);
$messageRepo = $this->createMock(MailMessageRepositoryInterface::class);
$em = $this->createMock(EntityManagerInterface::class);
$lockFactory = $this->makeLockFactory();
@@ -62,12 +62,12 @@ class MailSyncServiceTest extends TestCase
$config = new MailConfiguration();
$config->setEnabled(true);
$configRepo = $this->createMock(MailConfigurationRepository::class);
$configRepo = $this->createMock(MailConfigurationRepositoryInterface::class);
$configRepo->method('findSingleton')->willReturn($config);
$provider = $this->createMock(MailProviderInterface::class);
$folderRepo = $this->createMock(MailFolderRepository::class);
$messageRepo = $this->createMock(MailMessageRepository::class);
$folderRepo = $this->createMock(MailFolderRepositoryInterface::class);
$messageRepo = $this->createMock(MailMessageRepositoryInterface::class);
$em = $this->createMock(EntityManagerInterface::class);
$lockFactory = $this->makeLockFactory(false);
@@ -93,7 +93,7 @@ class MailSyncServiceTest extends TestCase
$config = new MailConfiguration();
$config->setEnabled(true);
$configRepo = $this->createMock(MailConfigurationRepository::class);
$configRepo = $this->createMock(MailConfigurationRepositoryInterface::class);
$configRepo->method('findSingleton')->willReturn($config);
$folderDto = new MailFolderDto(
@@ -107,11 +107,11 @@ class MailSyncServiceTest extends TestCase
$provider = $this->createMock(MailProviderInterface::class);
$provider->method('listFolders')->willReturn([$folderDto]);
$folderRepo = $this->createMock(MailFolderRepository::class);
$folderRepo = $this->createMock(MailFolderRepositoryInterface::class);
$folderRepo->method('findByPath')->willReturn(null);
$folderRepo->method('findAllOrderedByPath')->willReturn([]);
$messageRepo = $this->createMock(MailMessageRepository::class);
$messageRepo = $this->createMock(MailMessageRepositoryInterface::class);
$em = $this->createMock(EntityManagerInterface::class);
$em->expects(self::once())->method('persist');
$em->expects(self::once())->method('flush');
@@ -137,13 +137,13 @@ class MailSyncServiceTest extends TestCase
$config = new MailConfiguration();
$config->setEnabled(true);
$configRepo = $this->createMock(MailConfigurationRepository::class);
$configRepo = $this->createMock(MailConfigurationRepositoryInterface::class);
$configRepo->method('findSingleton')->willReturn($config);
$folder = new MailFolder();
$folder->setPath('INBOX');
$messageRepo = $this->createMock(MailMessageRepository::class);
$messageRepo = $this->createMock(MailMessageRepositoryInterface::class);
$messageRepo->method('findMaxUidInFolder')->willReturn(10);
$messageRepo->method('findAllUidsByFolder')->willReturn([1, 2, 3, 4, 5, 6, 7, 8, 9, 10]);
$messageRepo->method('findLastNByFolder')->willReturn([]);
@@ -151,7 +151,7 @@ class MailSyncServiceTest extends TestCase
$provider = $this->createMock(MailProviderInterface::class);
$provider->method('listMessages')->willReturn([]);
$folderRepo = $this->createMock(MailFolderRepository::class);
$folderRepo = $this->createMock(MailFolderRepositoryInterface::class);
$em = $this->createMock(EntityManagerInterface::class);
$em->expects(self::never())->method('remove');
tests/Unit/Service/PublicHolidayProviderTest.php
+1 -1
View File
@@ -4,7 +4,7 @@ declare(strict_types=1);
namespace App\Tests\Unit\Service;
use App\Service\PublicHolidayProvider;
use App\Module\Absence\Domain\Service\PublicHolidayProvider;
use DateTimeImmutable;
use PHPUnit\Framework\TestCase;
tests/Unit/Service/SharePathResolverTest.php
+2 -2
View File
@@ -4,8 +4,8 @@ declare(strict_types=1);
namespace App\Tests\Unit\Service;
use App\Service\Share\Exception\InvalidPathException;
use App\Service\Share\SharePathResolver;
use App\Module\Integration\Domain\Exception\InvalidPathException;
use App\Module\Integration\Domain\Service\SharePathResolver;
use PHPUnit\Framework\TestCase;
/**
tests/Unit/Shared/Database/ColumnCommentsCatalogTest.php
+33
View File
@@ -0,0 +1,33 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Shared\Database;
use App\Shared\Infrastructure\Database\ColumnCommentsCatalog;
use PHPUnit\Framework\TestCase;
/**
* @internal
*/
final class ColumnCommentsCatalogTest extends TestCase
{
public function testTimestampableBlamableCommentsCoverFourColumns(): void
{
$sql = ColumnCommentsCatalog::timestampableBlamableComments('task');
self::assertCount(4, $sql);
self::assertSame(
"COMMENT ON COLUMN task.created_at IS 'Date de creation (UTC). Rempli automatiquement (Timestampable).'",
$sql[0],
);
self::assertStringContainsString('COMMENT ON COLUMN task.created_by IS', $sql[2]);
}
public function testTableNameIsInterpolatedForEveryColumn(): void
{
foreach (ColumnCommentsCatalog::timestampableBlamableComments('time_entry') as $statement) {
self::assertStringContainsString('COMMENT ON COLUMN time_entry.', $statement);
}
}
}
tests/Unit/Shared/Doctrine/TimestampableBlamableSubscriberTest.php
+132
View File
@@ -0,0 +1,132 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Shared\Doctrine;
use App\Shared\Application\CurrentUserProviderInterface;
use App\Shared\Domain\Contract\BlamableInterface;
use App\Shared\Domain\Contract\TimestampableInterface;
use App\Shared\Domain\Contract\UserInterface;
use App\Shared\Domain\Trait\TimestampableBlamableTrait;
use App\Shared\Infrastructure\Doctrine\TimestampableBlamableSubscriber;
use DateTimeImmutable;
use PHPUnit\Framework\TestCase;
use stdClass;
/**
* @internal
*/
final class TimestampableBlamableSubscriberTest extends TestCase
{
public function testApplyOnCreateSetsTimestampsAndAuthor(): void
{
$user = $this->makeUser(7);
$subscriber = new TimestampableBlamableSubscriber($this->providerReturning($user));
$entity = $this->makeEntity();
$subscriber->applyOnCreate($entity);
self::assertInstanceOf(DateTimeImmutable::class, $entity->getCreatedAt());
self::assertInstanceOf(DateTimeImmutable::class, $entity->getUpdatedAt());
self::assertSame($user, $entity->getCreatedBy());
self::assertSame($user, $entity->getUpdatedBy());
}
public function testApplyOnUpdateLeavesCreatedUntouched(): void
{
$creator = $this->makeUser(1);
$editor = $this->makeUser(2);
$entity = $this->makeEntity();
new TimestampableBlamableSubscriber($this->providerReturning($creator))->applyOnCreate($entity);
$createdAt = $entity->getCreatedAt();
new TimestampableBlamableSubscriber($this->providerReturning($editor))->applyOnUpdate($entity);
self::assertSame($createdAt, $entity->getCreatedAt());
self::assertSame($creator, $entity->getCreatedBy());
self::assertSame($editor, $entity->getUpdatedBy());
}
public function testApplyOnCreateIgnoresNonTimestampableEntities(): void
{
$subscriber = new TimestampableBlamableSubscriber($this->providerReturning(null));
// Must not throw.
$subscriber->applyOnCreate(new stdClass());
$this->addToAssertionCount(1);
}
private function providerReturning(?UserInterface $user): CurrentUserProviderInterface
{
return new class($user) implements CurrentUserProviderInterface {
public function __construct(private ?UserInterface $user) {}
public function getCurrentUser(): ?UserInterface
{
return $this->user;
}
};
}
private function makeUser(int $id): UserInterface
{
return new class($id) implements UserInterface {
public function __construct(private int $id) {}
public function getId(): ?int
{
return $this->id;
}
public function getUserIdentifier(): string
{
return 'user-'.$this->id;
}
public function getUsername(): ?string
{
return 'user-'.$this->id;
}
/** @return list<string> */
public function getRoles(): array
{
return ['ROLE_USER'];
}
public function getFirstName(): ?string
{
return null;
}
public function getLastName(): ?string
{
return null;
}
public function getAvatarUrl(): ?string
{
return null;
}
public function getIsEmployee(): bool
{
return false;
}
public function getEffectivePermissions(): array
{
return [];
}
};
}
private function makeEntity(): object
{
return new class implements TimestampableInterface, BlamableInterface {
use TimestampableBlamableTrait;
};
}
}
tests/Unit/Shared/Module/ModuleRegistryPermissionsTest.php
+29
View File
@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Shared\Module;
use App\Module\Core\CoreModule;
use App\Shared\Domain\Module\ModuleRegistry;
use PHPUnit\Framework\TestCase;
/**
* @internal
*/
final class ModuleRegistryPermissionsTest extends TestCase
{
public function testAggregatesPermissionsWithModuleId(): void
{
$perms = ModuleRegistry::permissions([CoreModule::class]);
self::assertNotEmpty($perms);
foreach ($perms as $perm) {
self::assertArrayHasKey('code', $perm);
self::assertArrayHasKey('label', $perm);
self::assertArrayHasKey('module', $perm);
self::assertSame('core', $perm['module']);
self::assertStringStartsWith('core.', $perm['code']);
}
}
}
tests/Unit/Shared/Module/ModuleRegistryTest.php
+81
View File
@@ -0,0 +1,81 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Shared\Module;
use App\Shared\Domain\Module\ModuleInterface;
use App\Shared\Domain\Module\ModuleRegistry;
use PHPUnit\Framework\TestCase;
use stdClass;
/**
* @internal
*/
final class ModuleRegistryTest extends TestCase
{
public function testIdsExtractsDeclaredModuleIds(): void
{
$classes = [FakeAlphaModule::class, FakeBetaModule::class];
self::assertSame(['alpha', 'beta'], ModuleRegistry::ids($classes));
}
public function testIdsIgnoresClassesNotImplementingModuleInterface(): void
{
$classes = [FakeAlphaModule::class, stdClass::class];
self::assertSame(['alpha'], ModuleRegistry::ids($classes));
}
public function testIdsReturnsEmptyArrayForNoModules(): void
{
self::assertSame([], ModuleRegistry::ids([]));
}
}
final class FakeAlphaModule implements ModuleInterface
{
public static function id(): string
{
return 'alpha';
}
public static function label(): string
{
return 'Alpha';
}
public static function isRequired(): bool
{
return false;
}
public static function permissions(): array
{
return [];
}
}
final class FakeBetaModule implements ModuleInterface
{
public static function id(): string
{
return 'beta';
}
public static function label(): string
{
return 'Beta';
}
public static function isRequired(): bool
{
return true;
}
public static function permissions(): array
{
return [];
}
}
tests/Unit/Shared/Sidebar/SidebarFilterTest.php
+130
View File
@@ -0,0 +1,130 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Shared\Sidebar;
use App\Shared\Domain\Sidebar\SidebarFilter;
use PHPUnit\Framework\TestCase;
/**
* @internal
*/
final class SidebarFilterTest extends TestCase
{
public function testItemWithoutModuleIsAlwaysVisible(): void
{
$sections = [
['label' => 'sidebar.core.section', 'icon' => 'mdi:home', 'items' => [
['label' => 'sidebar.core.dashboard', 'to' => '/', 'icon' => 'mdi:view-dashboard'],
]],
];
$result = SidebarFilter::filter($sections, [], ['ROLE_USER']);
self::assertCount(1, $result['sections']);
self::assertSame('/', $result['sections'][0]['items'][0]['to']);
self::assertSame([], $result['disabledRoutes']);
self::assertArrayNotHasKey('module', $result['sections'][0]['items'][0]);
}
public function testItemWithInactiveModuleIsHiddenAndRouteDisabled(): void
{
$sections = [
['label' => 'sidebar.tt.section', 'icon' => 'mdi:clock', 'items' => [
['label' => 'sidebar.tt.timesheet', 'to' => '/time-tracking', 'icon' => 'mdi:clock', 'module' => 'time_tracking'],
]],
];
$result = SidebarFilter::filter($sections, [], ['ROLE_USER']);
self::assertSame([], $result['sections']);
self::assertSame(['/time-tracking'], $result['disabledRoutes']);
}
public function testItemWithActiveModuleIsVisible(): void
{
$sections = [
['label' => 'sidebar.tt.section', 'icon' => 'mdi:clock', 'items' => [
['label' => 'sidebar.tt.timesheet', 'to' => '/time-tracking', 'icon' => 'mdi:clock', 'module' => 'time_tracking'],
]],
];
$result = SidebarFilter::filter($sections, ['time_tracking'], ['ROLE_USER']);
self::assertCount(1, $result['sections']);
self::assertSame('/time-tracking', $result['sections'][0]['items'][0]['to']);
self::assertSame([], $result['disabledRoutes']);
}
public function testSectionWithRolesIsHiddenWhenRoleMissing(): void
{
$sections = [
['label' => 'sidebar.admin.section', 'icon' => 'mdi:cog', 'roles' => ['ROLE_ADMIN'], 'items' => [
['label' => 'sidebar.admin.admin', 'to' => '/admin', 'icon' => 'mdi:cog'],
]],
];
$result = SidebarFilter::filter($sections, [], ['ROLE_USER']);
self::assertSame([], $result['sections']);
// Filtrage par rôle => PAS de disabledRoutes (réservé au filtrage par module).
self::assertSame([], $result['disabledRoutes']);
}
public function testSectionWithRolesIsVisibleWhenRolePresent(): void
{
$sections = [
['label' => 'sidebar.admin.section', 'icon' => 'mdi:cog', 'roles' => ['ROLE_ADMIN'], 'items' => [
['label' => 'sidebar.admin.admin', 'to' => '/admin', 'icon' => 'mdi:cog'],
]],
];
$result = SidebarFilter::filter($sections, [], ['ROLE_USER', 'ROLE_ADMIN']);
self::assertCount(1, $result['sections']);
self::assertSame('/admin', $result['sections'][0]['items'][0]['to']);
self::assertArrayNotHasKey('roles', $result['sections'][0]);
}
public function testItemWithRolesIsHiddenWhenRoleMissing(): void
{
$sections = [
['label' => 'sidebar.hr.section', 'icon' => 'mdi:calendar', 'items' => [
['label' => 'sidebar.hr.teamAbsences', 'to' => '/team-absences', 'icon' => 'mdi:account-group', 'roles' => ['ROLE_ADMIN']],
['label' => 'sidebar.hr.x', 'to' => '/x', 'icon' => 'mdi:x'],
]],
];
$result = SidebarFilter::filter($sections, [], ['ROLE_USER']);
self::assertCount(1, $result['sections']);
self::assertCount(1, $result['sections'][0]['items']);
self::assertSame('/x', $result['sections'][0]['items'][0]['to']);
self::assertArrayNotHasKey('roles', $result['sections'][0]['items'][0]);
}
public function testItemHiddenWhenPermissionMissing(): void
{
$sections = [[
'label' => 's', 'icon' => 'i',
'items' => [
['label' => 'a', 'to' => '/a', 'icon' => 'i', 'permission' => 'core.users.view'],
['label' => 'b', 'to' => '/b', 'icon' => 'i'],
],
]];
$out = SidebarFilter::filter($sections, [], [], []);
self::assertCount(1, $out['sections'][0]['items']);
self::assertSame('/b', $out['sections'][0]['items'][0]['to']);
}
public function testItemVisibleWhenPermissionGranted(): void
{
$sections = [[
'label' => 's', 'icon' => 'i',
'items' => [['label' => 'a', 'to' => '/a', 'icon' => 'i', 'permission' => 'core.users.view']],
]];
$out = SidebarFilter::filter($sections, [], [], ['core.users.view']);
self::assertCount(1, $out['sections'][0]['items']);
}
}