MALIO-DEV/Lesstime
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 32 Wiki Activity

feat(share) : endpoints de configuration admin (GET/PUT settings/share)

Browse Source
This commit is contained in:
Matthieu
2026-06-03 17:09:05 +02:00
parent f9428f5c5d
commit 8c66e73e8d
4 changed files with 200 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/ApiResource/ShareSettings.php
+57
View File
@@ -0,0 +1,57 @@
<?php
declare(strict_types=1);
namespace App\ApiResource;
use ApiPlatform\Metadata\ApiResource;
use ApiPlatform\Metadata\Get;
use ApiPlatform\Metadata\Put;
use App\State\ShareSettingsProcessor;
use App\State\ShareSettingsProvider;
use Symfony\Component\Serializer\Attribute\Groups;
#[ApiResource(
operations: [
new Get(
uriTemplate: '/settings/share',
normalizationContext: ['groups' => ['share_settings:read']],
provider: ShareSettingsProvider::class,
security: "is_granted('ROLE_ADMIN')",
),
new Put(
uriTemplate: '/settings/share',
denormalizationContext: ['groups' => ['share_settings:write']],
normalizationContext: ['groups' => ['share_settings:read']],
provider: ShareSettingsProvider::class,
processor: ShareSettingsProcessor::class,
security: "is_granted('ROLE_ADMIN')",
),
],
)]
final class ShareSettings
{
#[Groups(['share_settings:read', 'share_settings:write'])]
public ?string $host = null;
#[Groups(['share_settings:read', 'share_settings:write'])]
public ?string $shareName = null;
#[Groups(['share_settings:read', 'share_settings:write'])]
public ?string $basePath = null;
#[Groups(['share_settings:read', 'share_settings:write'])]
public ?string $domain = null;
#[Groups(['share_settings:read', 'share_settings:write'])]
public ?string $username = null;
#[Groups(['share_settings:write'])]
public ?string $password = null;
#[Groups(['share_settings:read', 'share_settings:write'])]
public bool $enabled = false;
#[Groups(['share_settings:read'])]
public bool $hasPassword = false;
}
src/State/ShareSettingsProcessor.php
+54
View File
@@ -0,0 +1,54 @@
<?php
declare(strict_types=1);
namespace App\State;
use ApiPlatform\Metadata\Operation;
use ApiPlatform\State\ProcessorInterface;
use App\ApiResource\ShareSettings;
use App\Entity\ShareConfiguration;
use App\Repository\ShareConfigurationRepository;
use App\Service\TokenEncryptor;
use Doctrine\ORM\EntityManagerInterface;
final readonly class ShareSettingsProcessor implements ProcessorInterface
{
public function __construct(
private EntityManagerInterface $em,
private ShareConfigurationRepository $configRepository,
private TokenEncryptor $tokenEncryptor,
) {}
public function process(mixed $data, Operation $operation, array $uriVariables = [], array $context = []): ShareSettings
{
assert($data instanceof ShareSettings);
$config = $this->configRepository->findSingleton() ?? new ShareConfiguration();
$config->setHost($data->host);
$config->setShareName($data->shareName);
$config->setBasePath($data->basePath);
$config->setDomain($data->domain);
$config->setUsername($data->username);
$config->setEnabled($data->enabled);
if (null !== $data->password && '' !== $data->password) {
$config->setEncryptedPassword($this->tokenEncryptor->encrypt($data->password));
}
$this->em->persist($config);
$this->em->flush();
$result = new ShareSettings();
$result->host = $config->getHost();
$result->shareName = $config->getShareName();
$result->basePath = $config->getBasePath();
$result->domain = $config->getDomain();
$result->username = $config->getUsername();
$result->enabled = $config->isEnabled();
$result->hasPassword = $config->hasPassword();
return $result;
}
}
src/State/ShareSettingsProvider.php
+35
View File
@@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
namespace App\State;
use ApiPlatform\Metadata\Operation;
use ApiPlatform\State\ProviderInterface;
use App\ApiResource\ShareSettings;
use App\Repository\ShareConfigurationRepository;
final readonly class ShareSettingsProvider implements ProviderInterface
{
public function __construct(
private ShareConfigurationRepository $configRepository,
) {}
public function provide(Operation $operation, array $uriVariables = [], array $context = []): ShareSettings
{
$config = $this->configRepository->findSingleton();
$dto = new ShareSettings();
if (null !== $config) {
$dto->host = $config->getHost();
$dto->shareName = $config->getShareName();
$dto->basePath = $config->getBasePath();
$dto->domain = $config->getDomain();
$dto->username = $config->getUsername();
$dto->enabled = $config->isEnabled();
$dto->hasPassword = $config->hasPassword();
}
return $dto;
}
}
tests/Functional/Controller/ShareSettingsTest.php
+54
View File
@@ -0,0 +1,54 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Controller;
use App\Entity\User;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
/**
* @internal
*/
class ShareSettingsTest extends WebTestCase
{
public function testGetSettingsReturns401WhenNotAuthenticated(): void
{
$client = static::createClient();
$client->request('GET', '/api/settings/share');
self::assertResponseStatusCodeSame(401);
}
public function testGetSettingsReturns403ForRoleUser(): void
{
$client = static::createClient();
$container = static::getContainer();
$em = $container->get('doctrine.orm.entity_manager');
$user = $em->getRepository(User::class)->findOneBy(['username' => 'alice']);
$client->loginUser($user);
$client->request('GET', '/api/settings/share');
self::assertResponseStatusCodeSame(403);
}
public function testAdminCanReadSettingsWithoutPasswordLeak(): void
{
$client = static::createClient();
$container = static::getContainer();
$em = $container->get('doctrine.orm.entity_manager');
$admin = $em->getRepository(User::class)->findOneBy(['username' => 'admin']);
$client->loginUser($admin);
$client->request('GET', '/api/settings/share');
self::assertResponseIsSuccessful();
$data = json_decode($client->getResponse()->getContent(), true);
self::assertArrayHasKey('hasPassword', $data);
self::assertArrayNotHasKey('password', $data);
self::assertArrayNotHasKey('encryptedPassword', $data);
}
}