From b1d6303afe14e66d4de7dd048d30b9c2dc385b83 Mon Sep 17 00:00:00 2001
From: matthieu <matthieu@yuno.malio.fr>
Date: Wed, 20 May 2026 00:07:23 +0200
Subject: [PATCH] feat(mail) : MailFoldersListController - GET
 /api/mail/folders (arbre BDD + unreadCount)

- lit la BDD (pas l'IMAP live), retourne l'arbre des dossiers avec metadata
- securite via MailAccessChecker : ROLE_USER/ADMIN, refus ROLE_CLIENT pur
- tests fonctionnels 401/403/200

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .../Mail/MailFoldersListController.php        | 42 ++++++++++++++++
 .../Mail/MailFoldersControllerTest.php        | 50 +++++++++++++++++++
 2 files changed, 92 insertions(+)
 create mode 100644 src/Controller/Mail/MailFoldersListController.php
 create mode 100644 tests/Functional/Controller/Mail/MailFoldersControllerTest.php

diff --git a/src/Controller/Mail/MailFoldersListController.php b/src/Controller/Mail/MailFoldersListController.php
new file mode 100644
index 0000000..879ac19
--- /dev/null
+++ b/src/Controller/Mail/MailFoldersListController.php
@@ -0,0 +1,42 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Controller\Mail;
+
+use App\Repository\MailFolderRepository;
+use App\Security\MailAccessChecker;
+use DateTimeInterface;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
+
+#[Route('/api/mail/folders', name: 'mail_folders_list', methods: ['GET'], priority: 1)]
+#[IsGranted('IS_AUTHENTICATED_FULLY')]
+class MailFoldersListController extends AbstractController
+{
+    public function __construct(
+        private readonly MailFolderRepository $folderRepository,
+        private readonly MailAccessChecker $accessChecker,
+    ) {}
+
+    public function __invoke(): JsonResponse
+    {
+        $this->accessChecker->ensureCanAccessMail($this->getUser());
+
+        $folders = $this->folderRepository->findAllOrderedByPath();
+
+        $data = array_map(static fn ($folder) => [
+            'id'           => $folder->getId(),
+            'path'         => $folder->getPath(),
+            'displayName'  => $folder->getDisplayName(),
+            'parentPath'   => $folder->getParentPath(),
+            'unreadCount'  => $folder->getUnreadCount(),
+            'totalCount'   => $folder->getTotalCount(),
+            'lastSyncedAt' => $folder->getLastSyncedAt()?->format(DateTimeInterface::ATOM),
+        ], $folders);
+
+        return $this->json($data);
+    }
+}
diff --git a/tests/Functional/Controller/Mail/MailFoldersControllerTest.php b/tests/Functional/Controller/Mail/MailFoldersControllerTest.php
new file mode 100644
index 0000000..520942c
--- /dev/null
+++ b/tests/Functional/Controller/Mail/MailFoldersControllerTest.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Functional\Controller\Mail;
+
+use App\Entity\User;
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+
+/**
+ * @internal
+ */
+class MailFoldersControllerTest extends WebTestCase
+{
+    public function testListFoldersReturns401WhenNotAuthenticated(): void
+    {
+        $client = static::createClient();
+        $client->request('GET', '/api/mail/folders');
+
+        self::assertResponseStatusCodeSame(401);
+    }
+
+    public function testListFoldersReturns403ForRoleClient(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $clientUser = $em->getRepository(User::class)->findOneBy(['username' => 'client-liot']);
+        $client->loginUser($clientUser);
+        $client->request('GET', '/api/mail/folders');
+
+        self::assertResponseStatusCodeSame(403);
+    }
+
+    public function testListFoldersReturns200ForRoleUser(): void
+    {
+        $client    = static::createClient();
+        $container = static::getContainer();
+        $em        = $container->get('doctrine.orm.entity_manager');
+
+        $user = $em->getRepository(User::class)->findOneBy(['username' => 'alice']);
+        $client->loginUser($user);
+        $client->request('GET', '/api/mail/folders');
+
+        self::assertResponseIsSuccessful();
+        $data = json_decode($client->getResponse()->getContent(), true);
+        self::assertIsArray($data);
+    }
+}