feat(share) : endpoints de configuration admin (GET/PUT settings/share)

tests/Functional/Controller/ShareSettingsTest.php

@@ -0,0 +1,54 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Functional\Controller;
+
+use App\Entity\User;
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+
+/**
+ * @internal
+ */
+class ShareSettingsTest extends WebTestCase
+{
+    public function testGetSettingsReturns401WhenNotAuthenticated(): void
+    {
+        $client = static::createClient();
+        $client->request('GET', '/api/settings/share');
+
+        self::assertResponseStatusCodeSame(401);
+    }
+
+    public function testGetSettingsReturns403ForRoleUser(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $user = $em->getRepository(User::class)->findOneBy(['username' => 'alice']);
+        $client->loginUser($user);
+
+        $client->request('GET', '/api/settings/share');
+
+        self::assertResponseStatusCodeSame(403);
+    }
+
+    public function testAdminCanReadSettingsWithoutPasswordLeak(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $admin = $em->getRepository(User::class)->findOneBy(['username' => 'admin']);
+        $client->loginUser($admin);
+
+        $client->request('GET', '/api/settings/share');
+
+        self::assertResponseIsSuccessful();
+        $data = json_decode($client->getResponse()->getContent(), true);
+        self::assertArrayHasKey('hasPassword', $data);
+        self::assertArrayNotHasKey('password', $data);
+        self::assertArrayNotHasKey('encryptedPassword', $data);
+    }
+}