feat(core) : add rbac role and permission entities with user relations

tests/Unit/Module/Core/Domain/Entity/PermissionTest.php

@@ -0,0 +1,58 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Unit\Module\Core\Domain\Entity;
+
+use App\Module\Core\Domain\Entity\Permission;
+use InvalidArgumentException;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * @internal
+ */
+final class PermissionTest extends TestCase
+{
+    public function testValidConstruction(): void
+    {
+        $p = new Permission('core.users.view', 'Voir les utilisateurs', 'core');
+        self::assertSame('core.users.view', $p->getCode());
+        self::assertSame('Voir les utilisateurs', $p->getLabel());
+        self::assertSame('core', $p->getModule());
+        self::assertFalse($p->isOrphan());
+    }
+
+    public function testCodeMustContainADot(): void
+    {
+        $this->expectException(InvalidArgumentException::class);
+        new Permission('coreusersview', 'x', 'core');
+    }
+
+    public function testCodeCannotBeEmpty(): void
+    {
+        $this->expectException(InvalidArgumentException::class);
+        new Permission('', 'x', 'core');
+    }
+
+    public function testLabelCannotBeEmpty(): void
+    {
+        $this->expectException(InvalidArgumentException::class);
+        new Permission('core.users.view', '', 'core');
+    }
+
+    public function testModuleCannotBeEmpty(): void
+    {
+        $this->expectException(InvalidArgumentException::class);
+        new Permission('core.users.view', 'x', '');
+    }
+
+    public function testMarkOrphanAndRevive(): void
+    {
+        $p = new Permission('core.users.view', 'Voir', 'core');
+        $p->markOrphan();
+        self::assertTrue($p->isOrphan());
+        $p->revive('Voir maj', 'core');
+        self::assertFalse($p->isOrphan());
+        self::assertSame('Voir maj', $p->getLabel());
+    }
+}

tests/Unit/Module/Core/Domain/Entity/RoleTest.php

@@ -0,0 +1,58 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Unit\Module\Core\Domain\Entity;
+
+use App\Module\Core\Domain\Entity\Permission;
+use App\Module\Core\Domain\Entity\Role;
+use App\Module\Core\Domain\Exception\SystemRoleDeletionException;
+use InvalidArgumentException;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * @internal
+ */
+final class RoleTest extends TestCase
+{
+    public function testValidConstruction(): void
+    {
+        $r = new Role('bureau', 'Bureau');
+        self::assertSame('bureau', $r->getCode());
+        self::assertSame('Bureau', $r->getLabel());
+        self::assertFalse($r->isSystem());
+        self::assertCount(0, $r->getPermissions());
+    }
+
+    public function testCodeMustBeSnakeCase(): void
+    {
+        $this->expectException(InvalidArgumentException::class);
+        new Role('Bureau Commercial', 'x');
+    }
+
+    public function testAddRemovePermission(): void
+    {
+        $r = new Role('bureau', 'Bureau');
+        $p = new Permission('core.users.view', 'Voir', 'core');
+        $r->addPermission($p);
+        self::assertCount(1, $r->getPermissions());
+        $r->addPermission($p); // idempotent
+        self::assertCount(1, $r->getPermissions());
+        $r->removePermission($p);
+        self::assertCount(0, $r->getPermissions());
+    }
+
+    public function testSystemRoleCannotBeDeleted(): void
+    {
+        $r = new Role('admin', 'Administrateur', null, true);
+        $this->expectException(SystemRoleDeletionException::class);
+        $r->ensureDeletable();
+    }
+
+    public function testNonSystemRoleIsDeletable(): void
+    {
+        $r = new Role('bureau', 'Bureau');
+        $r->ensureDeletable();
+        self::assertFalse($r->isSystem());
+    }
+}

tests/Unit/Shared/Doctrine/TimestampableBlamableSubscriberTest.php

@@ -115,6 +115,11 @@ final class TimestampableBlamableSubscriberTest extends TestCase
             {
                 return false;
             }
+
+            public function getEffectivePermissions(): array
+            {
+                return [];
+            }
         };
     }