feat(transport) : permissions carriers + sidebar (ERP-153)

Socle RBAC du module Transport (M4 § 5) :
- TransportModule::permissions() declare transport.carriers.{view,manage,archive}
- RbacSeeder::MATRIX (§ 5.2) : Bureau (view+manage), Commerciale (view) ;
  Compta/Usine aucun acces ; archive admin seul
- config/sidebar.php : section Transport + item /carriers (gate transport.carriers.view)
- i18n sidebar.transport.{section,carriers}
- 3 miroirs RBAC alignes : sidebar.php, personas.ts (user-full), SeedE2ECommand.php
- TransportModuleTest : garde-fou sur le jeu de permissions

composer.json

@@ -24,6 +24,7 @@
         "symfony/expression-language": "8.0.*",
         "symfony/flex": "^2",
         "symfony/framework-bundle": "8.0.*",
+        "symfony/http-client": "8.0.*",
         "symfony/intl": "8.0.*",
         "symfony/mime": "8.0.*",
         "symfony/monolog-bundle": "^4.0",
@@ -95,7 +96,6 @@
         "doctrine/doctrine-fixtures-bundle": "^4.3",
         "friendsofphp/php-cs-fixer": "^3.94",
         "phpunit/phpunit": "^13.0",
-        "symfony/browser-kit": "8.0.*",
-        "symfony/http-client": "8.0.*"
+        "symfony/browser-kit": "8.0.*"
     }
 }

composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "2dc5db01e7f5d6aecd5956749b21a092",
+    "content-hash": "b029c1484227c926d39dfd3ae5cb0699",
     "packages": [
         {
             "name": "api-platform/doctrine-common",
@@ -5412,6 +5412,180 @@
             ],
             "time": "2026-03-30T15:14:47+00:00"
         },
+        {
+            "name": "symfony/http-client",
+            "version": "v8.0.13",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/symfony/http-client.git",
+                "reference": "c7f40f9103233630167c25c9a4570acf805fdade"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/symfony/http-client/zipball/c7f40f9103233630167c25c9a4570acf805fdade",
+                "reference": "c7f40f9103233630167c25c9a4570acf805fdade",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=8.4",
+                "psr/log": "^1|^2|^3",
+                "symfony/http-client-contracts": "~3.4.4|^3.5.2",
+                "symfony/service-contracts": "^2.5|^3"
+            },
+            "conflict": {
+                "amphp/amp": "<3",
+                "php-http/discovery": "<1.15"
+            },
+            "provide": {
+                "php-http/async-client-implementation": "*",
+                "php-http/client-implementation": "*",
+                "psr/http-client-implementation": "1.0",
+                "symfony/http-client-implementation": "3.0"
+            },
+            "require-dev": {
+                "amphp/http-client": "^5.3.2",
+                "amphp/http-tunnel": "^2.0",
+                "guzzlehttp/promises": "^1.4|^2.0",
+                "nyholm/psr7": "^1.0",
+                "php-http/httplug": "^1.0|^2.0",
+                "psr/http-client": "^1.0",
+                "symfony/cache": "^7.4|^8.0",
+                "symfony/dependency-injection": "^7.4|^8.0",
+                "symfony/http-kernel": "^7.4|^8.0",
+                "symfony/messenger": "^7.4|^8.0",
+                "symfony/process": "^7.4|^8.0",
+                "symfony/rate-limiter": "^7.4|^8.0",
+                "symfony/stopwatch": "^7.4|^8.0"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Symfony\\Component\\HttpClient\\": ""
+                },
+                "exclude-from-classmap": [
+                    "/Tests/"
+                ]
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Nicolas Grekas",
+                    "email": "p@tchwork.com"
+                },
+                {
+                    "name": "Symfony Community",
+                    "homepage": "https://symfony.com/contributors"
+                }
+            ],
+            "description": "Provides powerful methods to fetch HTTP resources synchronously or asynchronously",
+            "homepage": "https://symfony.com",
+            "keywords": [
+                "http"
+            ],
+            "support": {
+                "source": "https://github.com/symfony/http-client/tree/v8.0.13"
+            },
+            "funding": [
+                {
+                    "url": "https://symfony.com/sponsor",
+                    "type": "custom"
+                },
+                {
+                    "url": "https://github.com/fabpot",
+                    "type": "github"
+                },
+                {
+                    "url": "https://github.com/nicolas-grekas",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2026-05-24T09:58:02+00:00"
+        },
+        {
+            "name": "symfony/http-client-contracts",
+            "version": "v3.6.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/symfony/http-client-contracts.git",
+                "reference": "75d7043853a42837e68111812f4d964b01e5101c"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/symfony/http-client-contracts/zipball/75d7043853a42837e68111812f4d964b01e5101c",
+                "reference": "75d7043853a42837e68111812f4d964b01e5101c",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=8.1"
+            },
+            "type": "library",
+            "extra": {
+                "thanks": {
+                    "url": "https://github.com/symfony/contracts",
+                    "name": "symfony/contracts"
+                },
+                "branch-alias": {
+                    "dev-main": "3.6-dev"
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "Symfony\\Contracts\\HttpClient\\": ""
+                },
+                "exclude-from-classmap": [
+                    "/Test/"
+                ]
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Nicolas Grekas",
+                    "email": "p@tchwork.com"
+                },
+                {
+                    "name": "Symfony Community",
+                    "homepage": "https://symfony.com/contributors"
+                }
+            ],
+            "description": "Generic abstractions related to HTTP clients",
+            "homepage": "https://symfony.com",
+            "keywords": [
+                "abstractions",
+                "contracts",
+                "decoupling",
+                "interfaces",
+                "interoperability",
+                "standards"
+            ],
+            "support": {
+                "source": "https://github.com/symfony/http-client-contracts/tree/v3.6.0"
+            },
+            "funding": [
+                {
+                    "url": "https://symfony.com/sponsor",
+                    "type": "custom"
+                },
+                {
+                    "url": "https://github.com/fabpot",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2025-04-29T11:18:49+00:00"
+        },
         {
             "name": "symfony/http-foundation",
             "version": "v8.0.8",
@@ -11785,180 +11959,6 @@
             ],
             "time": "2026-03-30T15:14:47+00:00"
         },
-        {
-            "name": "symfony/http-client",
-            "version": "v8.0.8",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/symfony/http-client.git",
-                "reference": "356e43d6994ae9d7761fd404d40f78691deabe0e"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/http-client/zipball/356e43d6994ae9d7761fd404d40f78691deabe0e",
-                "reference": "356e43d6994ae9d7761fd404d40f78691deabe0e",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=8.4",
-                "psr/log": "^1|^2|^3",
-                "symfony/http-client-contracts": "~3.4.4|^3.5.2",
-                "symfony/service-contracts": "^2.5|^3"
-            },
-            "conflict": {
-                "amphp/amp": "<3",
-                "php-http/discovery": "<1.15"
-            },
-            "provide": {
-                "php-http/async-client-implementation": "*",
-                "php-http/client-implementation": "*",
-                "psr/http-client-implementation": "1.0",
-                "symfony/http-client-implementation": "3.0"
-            },
-            "require-dev": {
-                "amphp/http-client": "^5.3.2",
-                "amphp/http-tunnel": "^2.0",
-                "guzzlehttp/promises": "^1.4|^2.0",
-                "nyholm/psr7": "^1.0",
-                "php-http/httplug": "^1.0|^2.0",
-                "psr/http-client": "^1.0",
-                "symfony/cache": "^7.4|^8.0",
-                "symfony/dependency-injection": "^7.4|^8.0",
-                "symfony/http-kernel": "^7.4|^8.0",
-                "symfony/messenger": "^7.4|^8.0",
-                "symfony/process": "^7.4|^8.0",
-                "symfony/rate-limiter": "^7.4|^8.0",
-                "symfony/stopwatch": "^7.4|^8.0"
-            },
-            "type": "library",
-            "autoload": {
-                "psr-4": {
-                    "Symfony\\Component\\HttpClient\\": ""
-                },
-                "exclude-from-classmap": [
-                    "/Tests/"
-                ]
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Nicolas Grekas",
-                    "email": "p@tchwork.com"
-                },
-                {
-                    "name": "Symfony Community",
-                    "homepage": "https://symfony.com/contributors"
-                }
-            ],
-            "description": "Provides powerful methods to fetch HTTP resources synchronously or asynchronously",
-            "homepage": "https://symfony.com",
-            "keywords": [
-                "http"
-            ],
-            "support": {
-                "source": "https://github.com/symfony/http-client/tree/v8.0.8"
-            },
-            "funding": [
-                {
-                    "url": "https://symfony.com/sponsor",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://github.com/fabpot",
-                    "type": "github"
-                },
-                {
-                    "url": "https://github.com/nicolas-grekas",
-                    "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
-                    "type": "tidelift"
-                }
-            ],
-            "time": "2026-03-30T15:14:47+00:00"
-        },
-        {
-            "name": "symfony/http-client-contracts",
-            "version": "v3.6.0",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/symfony/http-client-contracts.git",
-                "reference": "75d7043853a42837e68111812f4d964b01e5101c"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/http-client-contracts/zipball/75d7043853a42837e68111812f4d964b01e5101c",
-                "reference": "75d7043853a42837e68111812f4d964b01e5101c",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=8.1"
-            },
-            "type": "library",
-            "extra": {
-                "thanks": {
-                    "url": "https://github.com/symfony/contracts",
-                    "name": "symfony/contracts"
-                },
-                "branch-alias": {
-                    "dev-main": "3.6-dev"
-                }
-            },
-            "autoload": {
-                "psr-4": {
-                    "Symfony\\Contracts\\HttpClient\\": ""
-                },
-                "exclude-from-classmap": [
-                    "/Test/"
-                ]
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Nicolas Grekas",
-                    "email": "p@tchwork.com"
-                },
-                {
-                    "name": "Symfony Community",
-                    "homepage": "https://symfony.com/contributors"
-                }
-            ],
-            "description": "Generic abstractions related to HTTP clients",
-            "homepage": "https://symfony.com",
-            "keywords": [
-                "abstractions",
-                "contracts",
-                "decoupling",
-                "interfaces",
-                "interoperability",
-                "standards"
-            ],
-            "support": {
-                "source": "https://github.com/symfony/http-client-contracts/tree/v3.6.0"
-            },
-            "funding": [
-                {
-                    "url": "https://symfony.com/sponsor",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://github.com/fabpot",
-                    "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
-                    "type": "tidelift"
-                }
-            ],
-            "time": "2025-04-29T11:18:49+00:00"
-        },
         {
             "name": "symfony/process",
             "version": "v8.0.8",

config/modules.php

@@ -6,6 +6,7 @@ use App\Module\Commercial\CommercialModule;
 use App\Module\Core\CoreModule;
 use App\Module\Sites\SitesModule;
 use App\Module\Technique\TechniqueModule;
+use App\Module\Transport\TransportModule;
 
 return [
     CoreModule::class,
@@ -13,4 +14,5 @@ return [
     SitesModule::class,
     CatalogModule::class,
     TechniqueModule::class,
+    TransportModule::class,
 ];

config/packages/api_platform.yaml

@@ -12,6 +12,9 @@ api_platform:
             # Resources virtuelles (sans entite Doctrine) declarees via #[ApiResource]
             # en dehors de Domain/Entity : AuditLogResource, etc.
             - '%kernel.project_dir%/src/Module/Core/Infrastructure/ApiPlatform/Resource'
+            # Entites techniques partagees portant un #[ApiResource]
+            # (UploadedDocument — infra upload generique ERP-154).
+            - '%kernel.project_dir%/src/Shared/Domain/Entity'
     formats:
         jsonld: ['application/ld+json']
         json: ['application/json']

config/packages/doctrine.yaml

@@ -8,16 +8,24 @@ doctrine:
             default:
                 url: '%env(resolve:DATABASE_URL)%'
                 profiling_collect_backtrace: '%kernel.debug%'
-                # Exclut `audit_log` de toute operation de comparaison de schema
-                # (doctrine:schema:update, schema:validate, diff de migrations...).
-                # Cette table n'a volontairement aucune entite mappee : elle est
-                # append-only via DBAL brut (AuditLogWriter) pour eviter la
-                # recursion du listener Doctrine. Sans ce filtre, schema:update
-                # la considere comme "orpheline" et genere un `DROP TABLE
-                # audit_log` qui casse la base de test apres chaque
-                # `make test-db-setup`. La creation / suppression de la table
-                # reste pilotee par les migrations (cf. Version20260420202749).
-                schema_filter: '~^(?!audit_log$).+~'
+                # Exclut certaines tables de toute operation de comparaison de
+                # schema (doctrine:schema:update, schema:validate, diff de
+                # migrations...). Ces tables n'ont volontairement aucune entite
+                # mappee :
+                #  - `audit_log` : append-only via DBAL brut (AuditLogWriter) pour
+                #    eviter la recursion du listener Doctrine.
+                #  - `qualimat_carrier` / `qualimat_sync_log` : referentiel
+                #    transporteurs synchronise en DBAL brut (upsert `ON CONFLICT`)
+                #    par `app:qualimat:sync`, hors ORM.
+                #  - `idtf_product` / `idtf_sync_log` : referentiel codes IDTF
+                #    synchronise en DBAL brut par `app:idtf:sync`, hors ORM.
+                # Sans ce filtre, schema:update les considere comme "orphelines" et
+                # genere un `DROP TABLE` qui casse la base de test apres chaque
+                # `make test-db-setup` (la migration les a creees, schema:update les
+                # supprime juste apres). Creation / suppression restent pilotees par
+                # les migrations (audit_log : Version20260420202749 ; qualimat :
+                # Version20260612150000 ; idtf : Version20260612160000).
+                schema_filter: '~^(?!(?:audit_log|qualimat_carrier|qualimat_sync_log|idtf_product|idtf_sync_log)$).+~'
             audit:
                 url: '%env(resolve:DATABASE_URL)%'
     orm:
@@ -42,6 +50,16 @@ doctrine:
             # Shared sans importer la classe concrete du module Catalog (regle n°1).
             App\Shared\Domain\Contract\CategoryInterface: App\Module\Catalog\Domain\Entity\Category
         mappings:
+            # Mapping des entites techniques partagees (src/Shared/Domain/Entity).
+            # Premier occupant : UploadedDocument (infra upload generique ERP-154).
+            # Necessaire car les entites Shared ne sont pas couvertes par
+            # l'auto_mapping (qui ne cible que les bundles).
+            Shared:
+                type: attribute
+                is_bundle: false
+                dir: '%kernel.project_dir%/src/Shared/Domain/Entity'
+                prefix: 'App\Shared\Domain\Entity'
+                alias: Shared
             Core:
                 type: attribute
                 is_bundle: false

config/packages/doctrine_migrations.yaml

@@ -2,4 +2,5 @@ doctrine_migrations:
     migrations_paths:
         'DoctrineMigrations': '%kernel.project_dir%/migrations'
         'App\Module\Core\Infrastructure\Doctrine\Migrations': '%kernel.project_dir%/src/Module/Core/Infrastructure/Doctrine/Migrations'
+        'App\Module\Transport\Infrastructure\Doctrine\Migrations': '%kernel.project_dir%/src/Module/Transport/Infrastructure/Doctrine/Migrations'
     enable_profiler: false

config/packages/http_client.yaml

@@ -0,0 +1,13 @@
+# Active le composant HTTP Client (symfony/http-client) et enregistre
+# l'autowiring de HttpClientInterface. Utilise par les commandes de
+# synchronisation de referentiels externes (QUALIMAT, IDTF...).
+#
+# User-Agent navigateur neutre : les sources (qualimat.org sous WordPress/WAF,
+# icrt-idtf.com) filtrent souvent les UA de bibliotheque/vides ; un UA de type
+# navigateur evite les blocages anti-bot sans reveler l'application.
+framework:
+    http_client:
+        default_options:
+            timeout: 30
+            headers:
+                User-Agent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36'

config/sidebar.php

@@ -78,6 +78,23 @@ return [
             ],
         ],
     ],
+    // Section "Transport" (M4, ERP-153) : pole logistique, porte le repertoire
+    // transporteurs. L'item est gate par `transport.carriers.view` ; la section
+    // disparait automatiquement (SidebarProvider) si le module `transport` est
+    // desactive ou si l'user n'a pas la permission (Compta / Usine).
+    [
+        'label' => 'sidebar.transport.section',
+        'icon'  => 'mdi:truck-outline',
+        'items' => [
+            [
+                'label'      => 'sidebar.transport.carriers',
+                'to'         => '/carriers',
+                'icon'       => 'mdi:truck-outline',
+                'module'     => 'transport',
+                'permission' => 'transport.carriers.view',
+            ],
+        ],
+    ],
     // Section "Administration" : regroupe toutes les pages de configuration
     // applicative (RBAC, users, sites, audit log).
     //

config/version.yaml

@@ -1,2 +1,2 @@
 parameters:
-    app.version: '0.1.120'
+    app.version: '0.1.126'

frontend/i18n/locales/fr.json

@@ -34,6 +34,10 @@
             "section": "Technique",
             "providers": "Répertoire prestataires"
         },
+        "transport": {
+            "section": "Transport",
+            "carriers": "Répertoire transporteurs"
+        },
         "core": {
             "roles": "Gestion des rôles",
             "users": "Utilisateurs",

frontend/modules/commercial/pages/clients/[id]/edit.vue

@@ -157,12 +157,16 @@
                 <!-- Onglet Contact -->
                 <template #contact>
                     <div class="mt-12 flex flex-col gap-6">
+                        <!-- ERP-172 : poubelle visible seulement s'il reste un AUTRE bloc deja
+                             enregistre (id en base) — cf. isRowRemovable. Empeche de supprimer un
+                             bloc tant que rien n'est sauvegarde, et de supprimer son dernier
+                             bloc enregistre. -->
                         <ClientContactBlock
                             v-for="(contact, index) in contacts"
                             :key="contact.id ?? `new-${index}`"
                             :model-value="contact"
                             :title="t('commercial.clients.form.contact.title', { n: index + 1 })"
-                            :removable="contacts.length > 1"
+                            :removable="isRowRemovable(contacts, index)"
                             :readonly="businessReadonly"
                             :errors="contactErrors[index]"
                             @update:model-value="(v) => contacts[index] = v"
@@ -199,7 +203,7 @@
                             :site-options="siteOptions"
                             :contact-options="contactOptions"
                             :country-options="countryOptions"
-                            :removable="addresses.length > 1"
+                            :removable="isRowRemovable(addresses, index)"
                             :readonly="businessReadonly"
                             :errors="addressErrors[index]"
                             @update:model-value="(v) => addresses[index] = v"
@@ -304,7 +308,7 @@
                             class="relative bg-white py-4 pl-[28px] pr-[60px] shadow-[0_4px_4px_0_rgba(0,0,0,0.25)]"
                         >
                             <MalioButtonIcon
-                                v-if="!accountingReadonly && visibleRibs.length > 1"
+                                v-if="!accountingReadonly && isRowRemovable(visibleRibs, index)"
                                 icon="mdi:delete-outline"
                                 variant="ghost"
                                 button-class="absolute top-3 right-3"
@@ -440,6 +444,7 @@ import {
     type RibFormDraft,
 } from '~/modules/commercial/types/clientForm'
 import { extractApiErrorMessage } from '~/shared/utils/api'
+import { isRowRemovable, removeCollectionRow } from '~/shared/utils/collectionRow'
 import { readHistoryTab } from '~/shared/utils/historyTab'
 
 // Masques de saisie (la normalisation finale reste serveur).
@@ -490,10 +495,6 @@ const contacts = ref<ContactFormDraft[]>([])
 const addresses = ref<AddressFormDraft[]>([])
 const ribs = ref<RibFormDraft[]>([])
 
-// Ids des sous-ressources existantes supprimees (DELETE differe au « Valider »).
-const removedContactIds = ref<number[]>([])
-const removedAddressIds = ref<number[]>([])
-const removedRibIds = ref<number[]>([])
 
 const mainSubmitting = ref(false)
 const tabSubmitting = ref(false)
@@ -754,32 +755,31 @@ function addContact(): void {
     if (canAddContact.value) contacts.value.push(emptyContact())
 }
 
+// ERP-172 : DELETE immediat de la sous-ressource a la confirmation de la modale
+// (et non plus differe au « Enregistrer »). Bloc jamais persiste (id null) : retrait
+// local. Echec serveur : bloc conserve + erreur remontee.
 function askRemoveContact(index: number): void {
-    askConfirm(t('commercial.clients.form.confirmDelete.contact'), () => {
-        const removed = contacts.value[index]
-        if (removed?.id != null) removedContactIds.value.push(removed.id)
-        contacts.value.splice(index, 1)
-        contactErrors.value.splice(index, 1)
-        // Garde au moins un bloc visible (cf. amorce a l'hydratation).
-        if (contacts.value.length === 0) contacts.value.push(emptyContact())
-    })
+    askConfirm(t('commercial.clients.form.confirmDelete.contact'), () => removeCollectionRow({
+        rows: contacts.value,
+        errors: contactErrors.value,
+        index,
+        endpoint: '/client_contacts',
+        deleteRow: url => api.delete(url, {}, { toast: false }),
+        makeEmpty: emptyContact,
+        onError: showError,
+    }))
 }
 
 /**
- * Valide l'onglet Contact : DELETE des contacts retires (existants), puis
- * POST/PATCH des blocs restants sur la sous-ressource. Strictement scope a la
- * collection contacts (endpoints client_contact dedies).
+ * Valide l'onglet Contact : POST/PATCH des blocs restants sur la sous-ressource.
+ * Strictement scope a la collection contacts (endpoints client_contact dedies). La
+ * suppression est traitee a part, en DELETE immediat (askRemoveContact, ERP-172).
  */
 async function submitContacts(): Promise<void> {
     if (businessReadonly.value || tabSubmitting.value) return
     tabSubmitting.value = true
     contactErrors.value = []
     try {
-        for (const id of removedContactIds.value) {
-            await api.delete(`/client_contacts/${id}`, {}, { toast: false })
-        }
-        removedContactIds.value = []
-
         // RG-1.14 : au moins un contact requis. Si l'onglet ne contient QUE des
         // amorces neuves vides (ex. tous les contacts existants supprimes), on ne
         // les skippe pas -> le back renvoie la 422 RG-1.05 « prénom ou nom
@@ -836,14 +836,15 @@ function addAddress(): void {
 }
 
 function askRemoveAddress(index: number): void {
-    askConfirm(t('commercial.clients.form.confirmDelete.address'), () => {
-        const removed = addresses.value[index]
-        if (removed?.id != null) removedAddressIds.value.push(removed.id)
-        addresses.value.splice(index, 1)
-        addressErrors.value.splice(index, 1)
-        // Garde au moins un bloc visible (cf. amorce a l'hydratation).
-        if (addresses.value.length === 0) addresses.value.push(emptyAddress())
-    })
+    askConfirm(t('commercial.clients.form.confirmDelete.address'), () => removeCollectionRow({
+        rows: addresses.value,
+        errors: addressErrors.value,
+        index,
+        endpoint: '/client_addresses',
+        deleteRow: url => api.delete(url, {}, { toast: false }),
+        makeEmpty: emptyAddress,
+        onError: showError,
+    }))
 }
 
 function onAddressDegraded(): void {
@@ -855,17 +856,12 @@ function onAddressDegraded(): void {
     })
 }
 
-/** Valide l'onglet Adresse : DELETE des adresses retirees puis POST/PATCH. */
+/** Valide l'onglet Adresse : POST/PATCH des blocs restants (suppression en DELETE immediat, ERP-172). */
 async function submitAddresses(): Promise<void> {
     if (businessReadonly.value || tabSubmitting.value) return
     tabSubmitting.value = true
     addressErrors.value = []
     try {
-        for (const id of removedAddressIds.value) {
-            await api.delete(`/client_addresses/${id}`, {}, { toast: false })
-        }
-        removedAddressIds.value = []
-
         // On tente TOUS les blocs d'adresse (collecte des erreurs par index, ERP-110).
         const hasError = await submitRows(
             addresses.value,
@@ -937,29 +933,32 @@ function addRib(): void {
     if (canAddRib.value) ribs.value.push(emptyRib())
 }
 
+// ERP-172 : DELETE immediat du RIB. Le back refuse la suppression du dernier RIB
+// d'une LCR (RG-1.13) -> 409 remonte via showError (message back), bloc conserve.
 function askRemoveRib(index: number): void {
-    askConfirm(t('commercial.clients.form.confirmDelete.rib'), () => {
-        const removed = ribs.value[index]
-        if (removed?.id != null) removedRibIds.value.push(removed.id)
-        ribs.value.splice(index, 1)
-        ribErrors.value.splice(index, 1)
-        // Garde au moins un bloc RIB visible (cf. amorce a l'hydratation).
-        if (ribs.value.length === 0) ribs.value.push(emptyRib())
-    })
+    askConfirm(t('commercial.clients.form.confirmDelete.rib'), () => removeCollectionRow({
+        rows: ribs.value,
+        errors: ribErrors.value,
+        index,
+        endpoint: '/client_ribs',
+        deleteRow: url => api.delete(url, {}, { toast: false }),
+        makeEmpty: emptyRib,
+        onError: showError,
+    }))
 }
 
 /**
  * Valide l'onglet Comptabilite : POST/PATCH des RIB sur la sous-ressource PUIS
  * PATCH des scalaires (groupe client:write:accounting, exige accounting.manage cote
- * back) PUIS DELETE des RIB explicitement retires. Les RIB crees d'abord : le back
- * valide RG-1.13 (LCR => au moins un RIB persiste) sur le PATCH scalaires.
+ * back). Les RIB crees d'abord : le back valide RG-1.13 (LCR => au moins un RIB
+ * persiste) sur le PATCH scalaires.
  *
+ * ERP-172 : la suppression d'un RIB est traitee en DELETE immediat (askRemoveRib),
+ * plus de DELETE differe ici.
  * ERP-121 : les RIB ne sont (re)soumis QUE sous LCR — hors-LCR ce sont des
  * coordonnees dormantes conservees telles quelles, masquees a l'ecran et jamais
- * re-ecrites. `removedRibIds` ne contient plus que les suppressions EXPLICITES
- * (corbeille d'un bloc, toujours sous LCR), plus l'auto-suppression au changement
- * de type de reglement. Aucun champ main/information dans le payload (mode strict
- * RG-1.28 : sinon 403 sur tout le payload).
+ * re-ecrites. Aucun champ main/information dans le payload (mode strict RG-1.28 :
+ * sinon 403 sur tout le payload).
  */
 async function submitAccounting(): Promise<void> {
     if (accountingReadonly.value || tabSubmitting.value) return
@@ -1013,14 +1012,6 @@ async function submitAccounting(): Promise<void> {
             return
         }
 
-        // 3) DELETE des RIB explicitement retires (corbeille d'un bloc) : APRES le
-        // PATCH scalaires (le guard back refuse la suppression du dernier RIB d'une
-        // LCR). ERP-121 : plus aucune suppression automatique au passage hors-LCR.
-        for (const id of removedRibIds.value) {
-            await api.delete(`/client_ribs/${id}`, {}, { toast: false })
-        }
-        removedRibIds.value = []
-
         toast.success({ title: t('commercial.clients.toast.updateSuccess') })
     }
     catch (e) {

frontend/modules/commercial/pages/clients/new.vue

@@ -156,12 +156,16 @@
             <!-- Onglet Contact -->
             <template #contact>
                 <div class="mt-12 flex flex-col gap-6">
+                    <!-- ERP-172 : poubelle visible seulement s'il reste un AUTRE bloc deja
+                         enregistre (id en base) — cf. isRowRemovable. Empeche de supprimer un
+                         bloc tant que rien n'est sauvegarde, et de supprimer son dernier
+                         bloc enregistre. -->
                     <ClientContactBlock
                         v-for="(contact, index) in contacts"
                         :key="index"
                         :model-value="contact"
                         :title="t('commercial.clients.form.contact.title', { n: index + 1 })"
-                        :removable="index > 0"
+                        :removable="isRowRemovable(contacts, index)"
                         :readonly="isValidated('contact')"
                         :errors="contactErrors[index]"
                         @update:model-value="(v) => contacts[index] = v"
@@ -198,7 +202,7 @@
                         :site-options="referentials.sites.value"
                         :contact-options="contactOptions"
                         :country-options="countryOptions"
-                        :removable="index > 0"
+                        :removable="isRowRemovable(addresses, index)"
                         :readonly="isValidated('address')"
                         :errors="addressErrors[index]"
                         @update:model-value="(v) => addresses[index] = v"
@@ -303,7 +307,7 @@
                     >
                         <!-- ariaLabel via v-bind objet (prop camelCase ; aria-* serait un attribut HTML). -->
                         <MalioButtonIcon
-                            v-if="!accountingReadonly && visibleRibs.length > 1"
+                            v-if="!accountingReadonly && isRowRemovable(visibleRibs, index)"
                             icon="mdi:delete-outline"
                             variant="ghost"
                             button-class="absolute top-3 right-3"
@@ -417,6 +421,7 @@ import {
     type RibFormDraft,
 } from '~/modules/commercial/types/clientForm'
 import { extractApiErrorMessage } from '~/shared/utils/api'
+import { isRowRemovable } from '~/shared/utils/collectionRow'
 
 // Masques de saisie (la normalisation finale reste serveur).
 const SIREN_MASK = '#########'

frontend/modules/commercial/pages/suppliers/[id]/edit.vue

@@ -126,12 +126,16 @@
                 <!-- Onglet Contacts -->
                 <template #contacts>
                     <div class="mt-12 flex flex-col gap-6">
+                        <!-- ERP-172 : poubelle visible seulement s'il reste un AUTRE bloc deja
+                             enregistre (id en base) — cf. isRowRemovable. Empeche de supprimer un
+                             bloc tant que rien n'est sauvegarde, et de supprimer son dernier
+                             bloc enregistre. -->
                         <SupplierContactBlock
                             v-for="(contact, index) in contacts"
                             :key="contact.id ?? `new-${index}`"
                             :model-value="contact"
                             :title="t('commercial.suppliers.form.contact.title', { n: index + 1 })"
-                            :removable="contacts.length > 1"
+                            :removable="isRowRemovable(contacts, index)"
                             :readonly="businessReadonly"
                             :errors="contactErrors[index]"
                             @update:model-value="(v) => contacts[index] = v"
@@ -168,7 +172,7 @@
                             :site-options="siteOptions"
                             :contact-options="contactOptions"
                             :country-options="countryOptions"
-                            :removable="addresses.length > 1"
+                            :removable="isRowRemovable(addresses, index)"
                             :readonly="businessReadonly"
                             :errors="addressErrors[index]"
                             @update:model-value="(v) => addresses[index] = v"
@@ -273,7 +277,7 @@
                             class="relative bg-white py-4 pl-[28px] pr-[60px] shadow-[0_4px_4px_0_rgba(0,0,0,0.25)]"
                         >
                             <MalioButtonIcon
-                                v-if="!accountingReadonly && visibleRibs.length > 1"
+                                v-if="!accountingReadonly && isRowRemovable(visibleRibs, index)"
                                 icon="mdi:delete-outline"
                                 variant="ghost"
                                 button-class="absolute top-3 right-3"
@@ -407,6 +411,7 @@ import {
     type SupplierRibFormDraft,
 } from '~/modules/commercial/types/supplierForm'
 import { extractApiErrorMessage } from '~/shared/utils/api'
+import { isRowRemovable, removeCollectionRow } from '~/shared/utils/collectionRow'
 import { readHistoryTab } from '~/shared/utils/historyTab'
 
 // Masques de saisie (la normalisation finale reste serveur).
@@ -456,10 +461,6 @@ const contacts = ref<SupplierContactFormDraft[]>([])
 const addresses = ref<SupplierAddressFormDraft[]>([])
 const ribs = ref<SupplierRibFormDraft[]>([])
 
-// Ids des sous-ressources existantes supprimees (DELETE differe au « Valider »).
-const removedContactIds = ref<number[]>([])
-const removedAddressIds = ref<number[]>([])
-const removedRibIds = ref<number[]>([])
 
 const mainSubmitting = ref(false)
 const tabSubmitting = ref(false)
@@ -653,32 +654,31 @@ function addContact(): void {
     if (canAddContact.value) contacts.value.push(emptyContact())
 }
 
+// ERP-172 : DELETE immediat de la sous-ressource a la confirmation de la modale
+// (et non plus differe au « Enregistrer »). Bloc jamais persiste (id null) : retrait
+// local. Echec serveur : bloc conserve + erreur remontee.
 function askRemoveContact(index: number): void {
-    askConfirm(t('commercial.suppliers.form.confirmDelete.contact'), () => {
-        const removed = contacts.value[index]
-        if (removed?.id != null) removedContactIds.value.push(removed.id)
-        contacts.value.splice(index, 1)
-        contactErrors.value.splice(index, 1)
-        // Garde au moins un bloc visible (cf. amorce a l'hydratation).
-        if (contacts.value.length === 0) contacts.value.push(emptyContact())
-    })
+    askConfirm(t('commercial.suppliers.form.confirmDelete.contact'), () => removeCollectionRow({
+        rows: contacts.value,
+        errors: contactErrors.value,
+        index,
+        endpoint: '/supplier_contacts',
+        deleteRow: url => api.delete(url, {}, { toast: false }),
+        makeEmpty: emptyContact,
+        onError: showError,
+    }))
 }
 
 /**
- * Valide l'onglet Contacts : DELETE des contacts retires (existants), puis
- * POST/PATCH des blocs restants sur la sous-ressource. Strictement scope a la
- * collection contacts (endpoints supplier_contact dedies).
+ * Valide l'onglet Contacts : POST/PATCH des blocs restants sur la sous-ressource.
+ * Strictement scope a la collection contacts (endpoints supplier_contact dedies).
+ * La suppression est traitee a part, en DELETE immediat (askRemoveContact, ERP-172).
  */
 async function submitContacts(): Promise<void> {
     if (businessReadonly.value || tabSubmitting.value) return
     tabSubmitting.value = true
     contactErrors.value = []
     try {
-        for (const id of removedContactIds.value) {
-            await api.delete(`/supplier_contacts/${id}`, {}, { toast: false })
-        }
-        removedContactIds.value = []
-
         // RG-2.13 : au moins un contact requis. Si l'onglet ne contient QUE des
         // amorces neuves vides, on les soumet -> 422 RG-2.04 inline (nom OU prenom).
         const hasSubmittableContact = contacts.value.some(c => c.id !== null || !isContactBlank(c))
@@ -726,14 +726,15 @@ function addAddress(): void {
 }
 
 function askRemoveAddress(index: number): void {
-    askConfirm(t('commercial.suppliers.form.confirmDelete.address'), () => {
-        const removed = addresses.value[index]
-        if (removed?.id != null) removedAddressIds.value.push(removed.id)
-        addresses.value.splice(index, 1)
-        addressErrors.value.splice(index, 1)
-        // Garde au moins un bloc visible (cf. amorce a l'hydratation).
-        if (addresses.value.length === 0) addresses.value.push(emptyAddress())
-    })
+    askConfirm(t('commercial.suppliers.form.confirmDelete.address'), () => removeCollectionRow({
+        rows: addresses.value,
+        errors: addressErrors.value,
+        index,
+        endpoint: '/supplier_addresses',
+        deleteRow: url => api.delete(url, {}, { toast: false }),
+        makeEmpty: emptyAddress,
+        onError: showError,
+    }))
 }
 
 function onAddressDegraded(): void {
@@ -745,17 +746,12 @@ function onAddressDegraded(): void {
     })
 }
 
-/** Valide l'onglet Adresses : DELETE des adresses retirees puis POST/PATCH. */
+/** Valide l'onglet Adresses : POST/PATCH des blocs restants (suppression en DELETE immediat, ERP-172). */
 async function submitAddresses(): Promise<void> {
     if (businessReadonly.value || tabSubmitting.value) return
     tabSubmitting.value = true
     addressErrors.value = []
     try {
-        for (const id of removedAddressIds.value) {
-            await api.delete(`/supplier_addresses/${id}`, {}, { toast: false })
-        }
-        removedAddressIds.value = []
-
         const hasError = await submitRows(
             addresses.value,
             addressErrors,
@@ -826,15 +822,18 @@ function addRib(): void {
     if (canAddRib.value) ribs.value.push(emptyRib())
 }
 
+// ERP-172 : DELETE immediat du RIB. Le back refuse la suppression du dernier RIB
+// d'une LCR (RG-2.08) -> 409 remonte via showError (message back), bloc conserve.
 function askRemoveRib(index: number): void {
-    askConfirm(t('commercial.suppliers.form.confirmDelete.rib'), () => {
-        const removed = ribs.value[index]
-        if (removed?.id != null) removedRibIds.value.push(removed.id)
-        ribs.value.splice(index, 1)
-        ribErrors.value.splice(index, 1)
-        // Garde au moins un bloc RIB visible (cf. amorce a l'hydratation).
-        if (ribs.value.length === 0) ribs.value.push(emptyRib())
-    })
+    askConfirm(t('commercial.suppliers.form.confirmDelete.rib'), () => removeCollectionRow({
+        rows: ribs.value,
+        errors: ribErrors.value,
+        index,
+        endpoint: '/supplier_ribs',
+        deleteRow: url => api.delete(url, {}, { toast: false }),
+        makeEmpty: emptyRib,
+        onError: showError,
+    }))
 }
 
 /**
@@ -843,11 +842,12 @@ function askRemoveRib(index: number): void {
  * cote back) PUIS DELETE des RIB explicitement retires. Les RIB crees d'abord : le
  * back valide RG-2.08 (LCR => au moins un RIB persiste) sur le PATCH scalaires.
  *
+ * ERP-172 : la suppression d'un RIB est traitee en DELETE immediat (askRemoveRib),
+ * plus de DELETE differe ici.
  * ERP-121 : les RIB ne sont (re)soumis QUE sous LCR — hors-LCR ce sont des
  * coordonnees dormantes conservees telles quelles, masquees a l'ecran et jamais
- * re-ecrites. `removedRibIds` ne contient plus que les suppressions EXPLICITES
- * (corbeille d'un bloc, toujours sous LCR). Aucun champ main/information dans le
- * payload (mode strict RG-2.16 : sinon 403 sur tout le payload).
+ * re-ecrites. Aucun champ main/information dans le payload (mode strict RG-2.16 :
+ * sinon 403 sur tout le payload).
  */
 async function submitAccounting(): Promise<void> {
     if (accountingReadonly.value || tabSubmitting.value) return
@@ -897,14 +897,6 @@ async function submitAccounting(): Promise<void> {
             return
         }
 
-        // 3) DELETE des RIB explicitement retires (corbeille d'un bloc) : APRES le
-        // PATCH scalaires (le guard back refuse la suppression du dernier RIB d'une
-        // LCR). ERP-121 : plus aucune suppression automatique au passage hors-LCR.
-        for (const id of removedRibIds.value) {
-            await api.delete(`/supplier_ribs/${id}`, {}, { toast: false })
-        }
-        removedRibIds.value = []
-
         toast.success({ title: t('commercial.suppliers.toast.updateSuccess') })
     }
     catch (e) {

frontend/modules/commercial/pages/suppliers/new.vue

@@ -121,12 +121,16 @@
             <!-- Onglet Contacts -->
             <template #contacts>
                 <div class="mt-12 flex flex-col gap-6">
+                    <!-- ERP-172 : poubelle visible seulement s'il reste un AUTRE bloc deja
+                         enregistre (id en base) — cf. isRowRemovable. Empeche de supprimer un
+                         bloc tant que rien n'est sauvegarde, et de supprimer son dernier
+                         bloc enregistre. -->
                     <SupplierContactBlock
                         v-for="(contact, index) in contacts"
                         :key="index"
                         :model-value="contact"
                         :title="t('commercial.suppliers.form.contact.title', { n: index + 1 })"
-                        :removable="index > 0"
+                        :removable="isRowRemovable(contacts, index)"
                         :readonly="isValidated('contacts')"
                         :errors="contactErrors[index]"
                         @update:model-value="(v) => contacts[index] = v"
@@ -163,7 +167,7 @@
                         :site-options="referentials.sites.value"
                         :contact-options="contactOptions"
                         :country-options="countryOptions"
-                        :removable="index > 0"
+                        :removable="isRowRemovable(addresses, index)"
                         :readonly="isValidated('addresses')"
                         :errors="addressErrors[index]"
                         @update:model-value="(v) => addresses[index] = v"
@@ -267,7 +271,7 @@
                         class="relative bg-white py-4 pl-[28px] pr-[60px] shadow-[0_4px_4px_0_rgba(0,0,0,0.25)]"
                     >
                         <MalioButtonIcon
-                            v-if="!accountingReadonly && visibleRibs.length > 1"
+                            v-if="!accountingReadonly && isRowRemovable(visibleRibs, index)"
                             icon="mdi:delete-outline"
                             variant="ghost"
                             button-class="absolute top-3 right-3"
@@ -380,6 +384,7 @@ import {
     type SupplierRibFormDraft,
 } from '~/modules/commercial/types/supplierForm'
 import { extractApiErrorMessage } from '~/shared/utils/api'
+import { isRowRemovable } from '~/shared/utils/collectionRow'
 
 // Masques de saisie (la normalisation finale reste serveur).
 const SIREN_MASK = '#########'

frontend/modules/technique/composables/useProviderForm.ts

@@ -1,6 +1,7 @@
 import { computed, reactive, ref, type Ref } from 'vue'
 import { useFormErrors } from '~/shared/composables/useFormErrors'
-import { mapViolationsToRecord } from '~/shared/utils/api'
+import { extractApiErrorMessage, mapViolationsToRecord } from '~/shared/utils/api'
+import { removeCollectionRow } from '~/shared/utils/collectionRow'
 import {
     emptyProviderAccounting,
     emptyProviderAddress,
@@ -73,6 +74,16 @@ export function useProviderForm() {
     // Erreurs de validation par champ (ERP-101) du formulaire principal.
     const mainErrors = useFormErrors()
 
+    // ERP-172 : remontee d'erreur 409/422 lors d'une suppression immediate de
+    // sous-ressource (message back affiche en toast dedie — pas de mapping inline,
+    // le bloc est en cours de retrait). Ex. dernier RIB d'une LCR -> 409.
+    function notifyRemovalError(error: unknown): void {
+        toast.error({
+            title: t('technique.providers.toast.error'),
+            message: extractApiErrorMessage((error as { data?: unknown })?.data) || t('technique.providers.toast.error'),
+        })
+    }
+
     // ── Etat du prestataire cree ────────────────────────────────────────────
     const providerId = ref<number | null>(null)
     const mainLocked = ref(false)
@@ -317,9 +328,18 @@ export function useProviderForm() {
         }
     }
 
-    function removeContact(index: number): void {
-        contacts.value.splice(index, 1)
-        contactErrors.value.splice(index, 1)
+    // ERP-172 : DELETE immediat du contact existant (sous-ressource) a la
+    // confirmation de la modale. Bloc jamais persiste (id null) : retrait local.
+    async function removeContact(index: number): Promise<void> {
+        await removeCollectionRow({
+            rows: contacts.value,
+            errors: contactErrors.value,
+            index,
+            endpoint: '/provider_contacts',
+            deleteRow: url => api.delete(url, {}, { toast: false }),
+            makeEmpty: emptyProviderContact,
+            onError: notifyRemovalError,
+        })
     }
 
     /**
@@ -387,9 +407,17 @@ export function useProviderForm() {
         }
     }
 
-    function removeAddress(index: number): void {
-        addresses.value.splice(index, 1)
-        addressErrors.value.splice(index, 1)
+    // ERP-172 : DELETE immediat de l'adresse existante (sous-ressource).
+    async function removeAddress(index: number): Promise<void> {
+        await removeCollectionRow({
+            rows: addresses.value,
+            errors: addressErrors.value,
+            index,
+            endpoint: '/provider_addresses',
+            deleteRow: url => api.delete(url, {}, { toast: false }),
+            makeEmpty: emptyProviderAddress,
+            onError: notifyRemovalError,
+        })
     }
 
     /**
@@ -479,13 +507,18 @@ export function useProviderForm() {
         }
     }
 
-    function removeRib(index: number): void {
-        ribs.value.splice(index, 1)
-        ribErrors.value.splice(index, 1)
-        // Garde au moins un bloc RIB visible (sous LCR).
-        if (ribs.value.length === 0) {
-            ribs.value.push(emptyProviderRib())
-        }
+    // ERP-172 : DELETE immediat du RIB existant. Le back peut refuser la suppression
+    // du dernier RIB d'une LCR -> 409 remonte via notifyRemovalError, bloc conserve.
+    async function removeRib(index: number): Promise<void> {
+        await removeCollectionRow({
+            rows: ribs.value,
+            errors: ribErrors.value,
+            index,
+            endpoint: '/provider_ribs',
+            deleteRow: url => api.delete(url, {}, { toast: false }),
+            makeEmpty: emptyProviderRib,
+            onError: notifyRemovalError,
+        })
     }
 
     /**

frontend/modules/technique/pages/providers/[id]/edit.vue

@@ -62,11 +62,15 @@
                 <!-- Onglet Contact -->
                 <template #contact>
                     <div class="mt-12 flex flex-col gap-6">
+                        <!-- ERP-172 : poubelle visible seulement s'il reste un AUTRE bloc deja
+                             enregistre (id en base) — cf. isRowRemovable. Empeche de supprimer un
+                             bloc tant que rien n'est sauvegarde, et de supprimer son dernier
+                             bloc enregistre. -->
                         <ProviderContactBlock
                             v-for="(contact, index) in contacts"
                             :key="index"
                             :model-value="contact"
-                            :removable="index > 0"
+                            :removable="isRowRemovable(contacts, index)"
                             :readonly="businessReadonly"
                             :errors="contactErrors[index]"
                             @update:model-value="(v) => contacts[index] = v"
@@ -102,7 +106,7 @@
                             :site-options="referentials.sites.value"
                             :contact-options="contactOptions"
                             :country-options="countryOptions"
-                            :removable="index > 0"
+                            :removable="isRowRemovable(addresses, index)"
                             :readonly="businessReadonly"
                             :errors="addressErrors[index]"
                             @update:model-value="(v) => addresses[index] = v"
@@ -206,7 +210,7 @@
                             class="relative bg-white py-4 pl-[28px] pr-[60px] shadow-[0_4px_4px_0_rgba(0,0,0,0.25)]"
                         >
                             <MalioButtonIcon
-                                v-if="!accountingReadonly && visibleRibs.length > 1"
+                                v-if="!accountingReadonly && isRowRemovable(visibleRibs, index)"
                                 icon="mdi:delete-outline"
                                 variant="ghost"
                                 button-class="absolute top-3 right-3"
@@ -308,6 +312,7 @@ import {
     emptyProviderRib,
 } from '~/modules/technique/types/providerForm'
 import { extractApiErrorMessage } from '~/shared/utils/api'
+import { isRowRemovable } from '~/shared/utils/collectionRow'
 
 // Masque SIREN : 9 chiffres (la normalisation finale reste serveur).
 const SIREN_MASK = '#########'

frontend/modules/technique/pages/providers/new.vue

@@ -63,11 +63,15 @@
             <!-- Onglet Contact : saisie multi-contacts (blocs ajoutables). -->
             <template #contact>
                 <div class="mt-12 flex flex-col gap-6">
+                    <!-- ERP-172 : poubelle visible seulement s'il reste un AUTRE bloc deja
+                         enregistre (id en base) — cf. isRowRemovable. Empeche de supprimer un
+                         bloc tant que rien n'est sauvegarde, et de supprimer son dernier
+                         bloc enregistre. -->
                     <ProviderContactBlock
                         v-for="(contact, index) in contacts"
                         :key="index"
                         :model-value="contact"
-                        :removable="index > 0"
+                        :removable="isRowRemovable(contacts, index)"
                         :readonly="isValidated('contact')"
                         :errors="contactErrors[index]"
                         @update:model-value="(v) => contacts[index] = v"
@@ -102,7 +106,7 @@
                         :site-options="referentials.sites.value"
                         :contact-options="contactOptions"
                         :country-options="countryOptions"
-                        :removable="index > 0"
+                        :removable="isRowRemovable(addresses, index)"
                         :readonly="isValidated('address')"
                         :errors="addressErrors[index]"
                         @update:model-value="(v) => addresses[index] = v"
@@ -206,7 +210,7 @@
                         class="relative bg-white py-4 pl-[28px] pr-[60px] shadow-[0_4px_4px_0_rgba(0,0,0,0.25)]"
                     >
                         <MalioButtonIcon
-                            v-if="!accountingReadonly && visibleRibs.length > 1"
+                            v-if="!accountingReadonly && isRowRemovable(visibleRibs, index)"
                             icon="mdi:delete-outline"
                             variant="ghost"
                             button-class="absolute top-3 right-3"
@@ -292,6 +296,7 @@ import {
     isRibRequiredForPaymentType,
 } from '~/modules/technique/utils/forms/providerAccounting'
 import { extractApiErrorMessage } from '~/shared/utils/api'
+import { isRowRemovable } from '~/shared/utils/collectionRow'
 
 // Masque SIREN : 9 chiffres (la normalisation finale reste serveur).
 const SIREN_MASK = '#########'

frontend/modules/transport/nuxt.config.ts

@@ -0,0 +1 @@
+export default defineNuxtConfig({})

frontend/shared/utils/__tests__/collectionRow.test.ts

@@ -0,0 +1,121 @@
+import { describe, it, expect, vi } from 'vitest'
+import { removeCollectionRow, isRowRemovable, type DeletableRow } from '../collectionRow'
+
+/**
+ * Tests de `removeCollectionRow` — suppression d'une ligne de collection
+ * (contact / adresse / RIB) avec DELETE immediat de la sous-ressource existante
+ * (ERP-172). Coeur de logique mutualise par les 3 modules (Client / Fournisseur /
+ * Prestataire) : un seul comportement teste ici couvre les 9 cas (3 modules x 3
+ * blocs).
+ */
+interface Row extends DeletableRow {
+    label?: string
+}
+
+function makeEmpty(): Row {
+    return { id: null, label: '' }
+}
+
+describe('removeCollectionRow', () => {
+    it('emet un DELETE sur la sous-ressource quand le bloc est existant (id non null)', async () => {
+        const rows: Row[] = [{ id: 10, label: 'A' }, { id: 11, label: 'B' }]
+        const errors: Record<string, string>[] = [{}, {}]
+        const deleteRow = vi.fn().mockResolvedValue(undefined)
+        const onError = vi.fn()
+
+        const removed = await removeCollectionRow({
+            rows, errors, index: 0,
+            endpoint: '/client_contacts',
+            deleteRow, makeEmpty, onError,
+        })
+
+        expect(deleteRow).toHaveBeenCalledOnce()
+        expect(deleteRow).toHaveBeenCalledWith('/client_contacts/10')
+        expect(removed).toBe(true)
+        expect(rows).toEqual([{ id: 11, label: 'B' }])
+        expect(errors).toHaveLength(1)
+        expect(onError).not.toHaveBeenCalled()
+    })
+
+    it('ne fait AUCUN appel reseau pour un bloc jamais persiste (id null) — retrait local', async () => {
+        const rows: Row[] = [{ id: 10, label: 'A' }, { id: null, label: 'brouillon' }]
+        const errors: Record<string, string>[] = [{}, {}]
+        const deleteRow = vi.fn().mockResolvedValue(undefined)
+        const onError = vi.fn()
+
+        const removed = await removeCollectionRow({
+            rows, errors, index: 1,
+            endpoint: '/client_contacts',
+            deleteRow, makeEmpty, onError,
+        })
+
+        expect(deleteRow).not.toHaveBeenCalled()
+        expect(removed).toBe(true)
+        expect(rows).toEqual([{ id: 10, label: 'A' }])
+    })
+
+    it('conserve le bloc et remonte l\'erreur si le DELETE serveur echoue (ex. 409 dernier RIB LCR)', async () => {
+        const rows: Row[] = [{ id: 10, label: 'A' }, { id: 11, label: 'B' }]
+        const errors: Record<string, string>[] = [{}, {}]
+        const error = { response: { status: 409 } }
+        const deleteRow = vi.fn().mockRejectedValue(error)
+        const onError = vi.fn()
+
+        const removed = await removeCollectionRow({
+            rows, errors, index: 0,
+            endpoint: '/client_ribs',
+            deleteRow, makeEmpty, onError,
+        })
+
+        expect(removed).toBe(false)
+        expect(onError).toHaveBeenCalledWith(error)
+        // Bloc NON retire : la suppression n'a pas ete confirmee par le serveur.
+        expect(rows).toEqual([{ id: 10, label: 'A' }, { id: 11, label: 'B' }])
+        expect(errors).toHaveLength(2)
+    })
+
+    it('garde au moins un bloc visible apres retrait du dernier (amorce vide)', async () => {
+        const rows: Row[] = [{ id: 10, label: 'A' }]
+        const errors: Record<string, string>[] = [{}]
+        const deleteRow = vi.fn().mockResolvedValue(undefined)
+
+        await removeCollectionRow({
+            rows, errors, index: 0,
+            endpoint: '/client_contacts',
+            deleteRow, makeEmpty, onError: vi.fn(),
+        })
+
+        expect(rows).toEqual([{ id: null, label: '' }])
+    })
+})
+
+/**
+ * Tests de `isRowRemovable` — la poubelle d'un bloc n'apparait que s'il reste un
+ * AUTRE bloc deja enregistre (id en base). Empeche de supprimer un bloc tant que
+ * rien n'est sauvegarde, et de supprimer son dernier bloc enregistre (ERP-172).
+ */
+describe('isRowRemovable', () => {
+    it('faux quand aucun autre bloc n\'est enregistre (que des brouillons)', () => {
+        const rows: Row[] = [{ id: null, label: 'brouillon 1' }, { id: null, label: 'brouillon 2' }]
+        expect(isRowRemovable(rows, 0)).toBe(false)
+        expect(isRowRemovable(rows, 1)).toBe(false)
+    })
+
+    it('faux pour le seul bloc enregistre (un brouillon a cote ne compte pas)', () => {
+        const rows: Row[] = [{ id: 10, label: 'enregistre' }, { id: null, label: 'brouillon' }]
+        // Le bloc enregistre ne peut pas etre supprime : aucun AUTRE bloc enregistre.
+        expect(isRowRemovable(rows, 0)).toBe(false)
+        // Le brouillon peut etre jete : il reste le bloc enregistre id=10.
+        expect(isRowRemovable(rows, 1)).toBe(true)
+    })
+
+    it('vrai pour chaque bloc des qu\'au moins deux sont enregistres', () => {
+        const rows: Row[] = [{ id: 10, label: 'A' }, { id: 11, label: 'B' }]
+        expect(isRowRemovable(rows, 0)).toBe(true)
+        expect(isRowRemovable(rows, 1)).toBe(true)
+    })
+
+    it('faux pour un unique bloc', () => {
+        expect(isRowRemovable([{ id: 10, label: 'A' }], 0)).toBe(false)
+    })
+})

frontend/shared/utils/collectionRow.ts

@@ -0,0 +1,79 @@
+/** Ligne de collection supprimable (contact / adresse / RIB). */
+export interface DeletableRow {
+    id?: number | null
+}
+
+/**
+ * Indique si le bloc d'index `index` peut afficher sa poubelle (ERP-172).
+ *
+ * Regle metier : on ne peut supprimer un bloc QUE s'il reste au moins un AUTRE
+ * bloc deja enregistre (`id` non null, donc persiste en base). Consequences :
+ *  - tant que rien n'est enregistre -> aucune poubelle (pas de suppression d'un
+ *    simple brouillon saisi mais pas valide) ;
+ *  - on peut jeter un brouillon non enregistre s'il reste un bloc enregistre ;
+ *  - on ne peut jamais supprimer son dernier bloc enregistre.
+ */
+export function isRowRemovable<T extends DeletableRow>(rows: T[], index: number): boolean {
+    return rows.some((row, i) => i !== index && row.id != null)
+}
+
+/** Options de {@link removeCollectionRow}. */
+export interface RemoveCollectionRowOptions<T extends DeletableRow> {
+    /** Tableau reactif des brouillons (passer le `.value` de la ref). */
+    rows: T[]
+    /** Tableau reactif des erreurs par ligne, aligne sur l'index (passer le `.value`). */
+    errors: Record<string, string>[]
+    /** Index de la ligne a retirer. */
+    index: number
+    /** Endpoint de la sous-ressource SANS id (ex: '/client_contacts'). */
+    endpoint: string
+    /** Suppression serveur : DOIT rejeter en cas d'echec (ex: url => api.delete(url, {}, { toast: false })). */
+    deleteRow: (url: string) => Promise<unknown>
+    /** Fabrique d'un bloc vide pour garder au moins un bloc visible apres retrait. */
+    makeEmpty: () => T
+    /** Remontee d'erreur 409/422 mappee proprement (message back, pas de toast fourre-tout). */
+    onError: (error: unknown) => void
+}
+
+/**
+ * Retire une ligne de collection (contact / adresse / RIB) sur les ecrans de
+ * MODIFICATION, avec DELETE immediat de la sous-ressource (ERP-172). Comportement
+ * aligne sur les 3 modules (Client / Fournisseur / Prestataire) :
+ *
+ *  - Bloc jamais persiste (`id` null) : simple retrait local, aucun appel reseau.
+ *  - Bloc existant (`id` non null) : DELETE `/endpoint/{id}` AVANT le retrait du
+ *    tableau. On ne retire le bloc QUE si le serveur a confirme — sinon le bloc
+ *    reste affiche et l'erreur est remontee via `onError` (ex. dernier RIB d'une
+ *    LCR -> 409 back, RG-x.08).
+ *
+ * Etat purement local : `rows`/`errors` sont les `.value` des refs (proxies
+ * reactifs), le `splice` declenche donc la reactivite.
+ *
+ * @returns `true` si la ligne a ete retiree (suppression confirmee ou bloc local),
+ *          `false` si la suppression serveur a echoue (bloc conserve).
+ */
+export async function removeCollectionRow<T extends DeletableRow>(
+    options: RemoveCollectionRowOptions<T>,
+): Promise<boolean> {
+    const { rows, errors, index, endpoint, deleteRow, makeEmpty, onError } = options
+    const removed = rows[index]
+
+    // Bloc existant : suppression serveur d'abord, retrait local seulement si OK.
+    if (removed?.id != null) {
+        try {
+            await deleteRow(`${endpoint}/${removed.id}`)
+        }
+        catch (error) {
+            onError(error)
+            return false
+        }
+    }
+
+    rows.splice(index, 1)
+    errors.splice(index, 1)
+    // Garde au moins un bloc visible (cf. amorce a l'hydratation).
+    if (rows.length === 0) {
+        rows.push(makeEmpty())
+    }
+    return true
+}

frontend/tests/e2e/_fixtures/personas.ts

@@ -95,6 +95,13 @@ export const personas: Record<PersonaKey, Persona> = {
             'technique.providers.accounting.view',
             'technique.providers.accounting.manage',
             'technique.providers.archive',
+            // Transport — Repertoire transporteurs (M4, ERP-153). Meme logique :
+            // mappe sur le persona "tout", pas de nouveau persona (regle ABSOLUE
+            // n°7). transport.carriers.view n'ajoute pas de lien dans la section
+            // Administration, donc expectedAdminLinks reste inchange.
+            'transport.carriers.view',
+            'transport.carriers.manage',
+            'transport.carriers.archive',
         ],
         expectedAdminLinks: ['users', 'roles', 'sites', 'categories', 'audit-log'],
     },

makefile

@@ -250,6 +250,22 @@ sync-permissions:
 seed-rbac:
 	$(SYMFONY_CONSOLE) --no-interaction app:seed-rbac
 
+# Synchronise le referentiel des transporteurs QUALIMAT (ERP-39) : upsert sur
+# le SIRET + soft-delete des absents + journal. Idempotent (refresh complet),
+# prevu pour un cron quotidien.
+# Options : --dry-run (analyse sans ecriture), --file=<chemin.json> (source
+# locale au lieu de l'API), --ppp=<n> (taille de page API, defaut 10000).
+qualimat-sync:
+	$(SYMFONY_CONSOLE) --no-interaction app:qualimat:sync
+
+# Synchronise le referentiel des codes IDTF (ERP-149) depuis l'export Excel
+# icrt-idtf.com : upsert sur (schema, idtf_number) + soft-delete + journal.
+# Idempotent (refresh complet).
+# Options : --schema=road|water (defaut road), --dry-run (analyse sans
+# ecriture), --file=<chemin.xlsx> (source locale au lieu du telechargement).
+idtf-sync:
+	$(SYMFONY_CONSOLE) --no-interaction app:idtf:sync
+
 # Attention, supprime votre bdd local
 db-reset:
 	$(DOCKER_COMPOSE) down -v

migrations/Version20260612160000.php

@@ -0,0 +1,120 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * ERP-149 (Module Transport) : referentiel des codes IDTF (regimes de nettoyage
+ * transport).
+ *
+ * Tables alimentees par la commande `app:idtf:sync` (parsing de l'export Excel
+ * icrt-idtf.com, upsert sur (schema, idtf_number) + soft-delete + journal).
+ * Aucune FK cross-module : migration au namespace racine `DoctrineMigrations`.
+ */
+final class Version20260612160000 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return 'ERP-149 : tables idtf_product + idtf_sync_log (referentiel codes IDTF, synchro console depuis l\'export Excel).';
+    }
+
+    public function up(Schema $schema): void
+    {
+        $this->addSql(<<<'SQL'
+            CREATE TABLE idtf_product (
+                id BIGINT GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+                idtf_number INTEGER NOT NULL,
+                schema VARCHAR(8) NOT NULL,
+                product_group VARCHAR(255) DEFAULT NULL,
+                name TEXT NOT NULL,
+                cleaning_regime VARCHAR(64) NOT NULL,
+                important_requirements TEXT DEFAULT NULL,
+                mandatory_date DATE DEFAULT NULL,
+                related_products TEXT DEFAULT NULL,
+                formula VARCHAR(255) DEFAULT NULL,
+                eural_code VARCHAR(64) DEFAULT NULL,
+                cas_numbers JSONB DEFAULT '[]' NOT NULL,
+                footnotes TEXT DEFAULT NULL,
+                source_export_date DATE NOT NULL,
+                is_active BOOLEAN DEFAULT TRUE NOT NULL,
+                last_synced_at TIMESTAMP(6) WITHOUT TIME ZONE NOT NULL,
+                PRIMARY KEY (id),
+                CONSTRAINT uq_idtf_product_schema_number UNIQUE (schema, idtf_number),
+                CONSTRAINT chk_idtf_product_schema CHECK (schema IN ('road', 'water'))
+            )
+            SQL);
+        $this->addSql('CREATE INDEX idx_idtf_product_active ON idtf_product (schema, is_active)');
+
+        $this->comment('idtf_product', '_table', "Referentiel des codes IDTF (marchandise + regime de nettoyage transport), synchronise depuis l'export Excel icrt-idtf.com.");
+        $this->comment('idtf_product', 'id', 'Cle technique auto-incrementee.');
+        $this->comment('idtf_product', 'idtf_number', 'Numero IDTF de la marchandise (identifiant metier source). Unique par schema.');
+        $this->comment('idtf_product', 'schema', "Mode de transport / schema IDTF : 'road' (routier) ou 'water' (fluvial). Discriminant d'unicite avec idtf_number.");
+        $this->comment('idtf_product', 'product_group', "Groupe de produit (colonne Product Group de l'export). Nullable.");
+        $this->comment('idtf_product', 'name', "Nom de la marchandise (libelle FR de l'export).");
+        $this->comment('idtf_product', 'cleaning_regime', 'Regime de nettoyage minimal exige (A, B, C, Interdit, ...).');
+        $this->comment('idtf_product', 'important_requirements', 'Exigences importantes associees. Nullable.');
+        $this->comment('idtf_product', 'mandatory_date', "Date d'application obligatoire du regime (convertie depuis dd-mm-yyyy). Nullable.");
+        $this->comment('idtf_product', 'related_products', 'Produits apparentes (texte libre). Nullable.');
+        $this->comment('idtf_product', 'formula', 'Formule chimique de la marchandise. Nullable.');
+        $this->comment('idtf_product', 'eural_code', 'Code EURAL (dechet) associe. Nullable.');
+        $this->comment('idtf_product', 'cas_numbers', 'Liste des numeros CAS (JSONB), eclatee depuis la cellule "Numero CAS" separee par ";". Tableau vide si absent.');
+        $this->comment('idtf_product', 'footnotes', "Annotations / notes de bas de page de l'export. Nullable.");
+        $this->comment('idtf_product', 'source_export_date', 'Date d\'export du fichier source (preambule "Export date:").');
+        $this->comment('idtf_product', 'is_active', 'Faux = ligne absente du dernier export (soft-delete). Toute ligne non revue par le dernier run passe a FALSE.');
+        $this->comment('idtf_product', 'last_synced_at', 'Horodatage du run de synchro ayant vu cette ligne en dernier (soft-delete : last_synced_at < run courant).');
+
+        $this->addSql(<<<'SQL'
+            CREATE TABLE idtf_sync_log (
+                id BIGINT GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+                schema VARCHAR(8) NOT NULL,
+                export_date DATE NOT NULL,
+                rows_total INT NOT NULL,
+                rows_upserted INT NOT NULL,
+                rows_deactivated INT NOT NULL,
+                created_at TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW() NOT NULL,
+                PRIMARY KEY (id)
+            )
+            SQL);
+
+        $this->comment('idtf_sync_log', '_table', 'Journal des synchronisations IDTF (une ligne par run de la commande app:idtf:sync).');
+        $this->comment('idtf_sync_log', 'id', 'Cle technique auto-incrementee.');
+        $this->comment('idtf_sync_log', 'schema', "Mode de transport synchronise : 'road' ou 'water'.");
+        $this->comment('idtf_sync_log', 'export_date', "Date d'export du fichier source traite par ce run.");
+        $this->comment('idtf_sync_log', 'rows_total', 'Nombre de lignes exploitables lues dans le fichier.');
+        $this->comment('idtf_sync_log', 'rows_upserted', 'Nombre de lignes inserees ou mises a jour.');
+        $this->comment('idtf_sync_log', 'rows_deactivated', 'Nombre de lignes passees a is_active=false (absentes de cet export).');
+        $this->comment('idtf_sync_log', 'created_at', 'Horodatage de fin du run (insertion du journal).');
+    }
+
+    public function down(Schema $schema): void
+    {
+        $this->addSql('DROP TABLE IF EXISTS idtf_sync_log');
+        $this->addSql('DROP TABLE IF EXISTS idtf_product');
+    }
+
+    /**
+     * Pose un COMMENT ON TABLE/COLUMN en dollar-quoting Postgres ($_$...$_$)
+     * pour eviter tout echappement d'apostrophes dans les descriptions.
+     */
+    private function comment(string $table, string $column, string $description): void
+    {
+        $quotedTable = '"'.str_replace('"', '""', $table).'"';
+
+        if ('_table' === $column) {
+            $this->addSql(sprintf('COMMENT ON TABLE %s IS $_$%s$_$', $quotedTable, $description));
+
+            return;
+        }
+
+        $this->addSql(sprintf(
+            'COMMENT ON COLUMN %s.%s IS $_$%s$_$',
+            $quotedTable,
+            '"'.str_replace('"', '""', $column).'"',
+            $description,
+        ));
+    }
+}

migrations/Version20260615130000.php

@@ -0,0 +1,86 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * ERP-154 — Infra d'upload de fichiers generique et reutilisable (src/Shared).
+ *
+ * Cree la table `uploaded_document` : reference technique d'un fichier televerse
+ * (PDF / image), gere par le service Shared\Infrastructure\Upload\FileUploader.
+ * La « Decharge » du M4 transporteurs en sera le premier consommateur, mais ce
+ * ticket ne touche AUCUN module : la table vit cote Shared.
+ *
+ * Caracteristiques :
+ *  - Document IMMUABLE : pas d'onglet edition, pas de updated_at / updated_by.
+ *    Seules les colonnes created_at (UTC, remplie par le FileUploader via
+ *    l'horloge injectee) et created_by (auteur HTTP, null hors HTTP) tracent
+ *    l'origine. C'est pourquoi l'entite Shared n'implemente PAS
+ *    Timestampable/Blamable (qui imposeraient les 4 colonnes).
+ *  - checksum sha256 (64 caracteres hex) : controle d'integrite + future
+ *    deduplication eventuelle (hors scope ici).
+ *
+ * Namespace racine `DoctrineMigrations` (regle ABSOLUE Starseed n°11) et non
+ * modulaire : la table porte une FK cross-module vers "user" (created_by). Le
+ * tri par version au sein du namespace racine garantit qu'elle joue APRES la
+ * creation de "user" sur base vide.
+ *
+ * Style DDL aligne sur le M1/M2/M3 : `INT GENERATED BY DEFAULT AS IDENTITY` et
+ * `TIMESTAMP(0) WITHOUT TIME ZONE` (mapping ORM `datetime_immutable`), pour que
+ * `schema:update --force` reste un no-op une fois l'entite mappee.
+ *
+ * COMMENT ON COLUMN inline (regle ABSOLUE n°12) : chaque colonne porte sa
+ * description ici. La table est aussi ajoutee a `ColumnCommentsCatalog` car
+ * l'entite UploadedDocument existe des ce ticket — `app:apply-column-comments`
+ * du `test-db-setup` rejoue donc ces COMMENT apres le `schema:update --force`.
+ */
+final class Version20260615130000 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return 'ERP-154 : table uploaded_document (infra upload generique Shared) — fichier televerse immuable, checksum sha256.';
+    }
+
+    public function up(Schema $schema): void
+    {
+        $this->addSql(<<<'SQL'
+            CREATE TABLE uploaded_document (
+                id INT GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+                original_filename VARCHAR(255) NOT NULL,
+                stored_path VARCHAR(512) NOT NULL,
+                mime_type VARCHAR(100) NOT NULL,
+                size_bytes INT NOT NULL,
+                checksum VARCHAR(64) NOT NULL,
+                created_at TIMESTAMP(0) WITHOUT TIME ZONE NOT NULL,
+                created_by INT DEFAULT NULL,
+                PRIMARY KEY (id),
+                CONSTRAINT fk_uploaded_document_created_by
+                    FOREIGN KEY (created_by) REFERENCES "user" (id) ON DELETE SET NULL
+            )
+            SQL);
+
+        // Postgres n'indexe pas automatiquement les colonnes de FK.
+        $this->addSql('CREATE INDEX idx_uploaded_document_created_by ON uploaded_document (created_by)');
+        // Recherche d'integrite / future deduplication par empreinte sha256.
+        $this->addSql('CREATE INDEX idx_uploaded_document_checksum ON uploaded_document (checksum)');
+
+        $this->addSql('COMMENT ON TABLE uploaded_document IS $_$Fichiers televerses (infra generique Shared, ERP-154) — documents immuables (PDF / images), 1er consommateur la Decharge M4.$_$');
+        $this->addSql('COMMENT ON COLUMN uploaded_document.id IS $_$Identifiant interne auto-incremente.$_$');
+        $this->addSql('COMMENT ON COLUMN uploaded_document.original_filename IS $_$Nom de fichier d origine fourni par le client (≤ 255) — metadonnee d affichage uniquement, jamais utilise pour le stockage disque.$_$');
+        $this->addSql('COMMENT ON COLUMN uploaded_document.stored_path IS $_$Chemin relatif du fichier sous var/uploads (ex: 2026/06/<hash>.pdf) — nom genere aleatoirement, jamais le nom client.$_$');
+        $this->addSql('COMMENT ON COLUMN uploaded_document.mime_type IS $_$Type MIME detecte SERVER-SIDE via getMimeType (jamais getClientMimeType, spoofable) — borne a la whitelist FileUploader (PDF + images).$_$');
+        $this->addSql('COMMENT ON COLUMN uploaded_document.size_bytes IS $_$Taille du fichier en octets — bornee par FileUploader::MAX_SIZE_BYTES.$_$');
+        $this->addSql('COMMENT ON COLUMN uploaded_document.checksum IS $_$Empreinte SHA-256 du contenu (64 caracteres hex) — controle d integrite + deduplication eventuelle (hors scope).$_$');
+        $this->addSql('COMMENT ON COLUMN uploaded_document.created_at IS $_$Horodatage UTC du televersement — rempli par FileUploader via l horloge injectee (pas via TimestampableBlamableSubscriber).$_$');
+        $this->addSql('COMMENT ON COLUMN uploaded_document.created_by IS $_$ID de l utilisateur ayant televerse le fichier — null hors HTTP (CLI, fixture). FK -> "user".id, ON DELETE SET NULL.$_$');
+    }
+
+    public function down(Schema $schema): void
+    {
+        $this->addSql('DROP TABLE IF EXISTS uploaded_document');
+    }
+}

src/Module/Core/Application/Rbac/RbacSeeder.php

@@ -51,9 +51,9 @@ final class RbacSeeder
      * Definition unique des 4 roles + matrice § 2.7. La cle est le code du role,
      * `label` le libelle FR affichable, `permissions` la liste des codes RBAC a
      * attacher (admin n'apparait pas car il bypass tout via isAdmin ;
-     * `commercial.clients.archive`, `commercial.suppliers.archive` et
-     * `technique.providers.archive` ne sont attaches a aucun role metier —
-     * admin seul).
+     * `commercial.clients.archive`, `commercial.suppliers.archive`,
+     * `technique.providers.archive` et `transport.carriers.archive` ne sont
+     * attaches a aucun role metier — admin seul).
      *
      * Cloisonnement par site des prestataires (M3 § 2.13) : la permission
      * `sites.bypass_scope` est attribuee par defaut a Bureau / Compta /
@@ -77,6 +77,9 @@ final class RbacSeeder
                 // Prestataires (M3 § 2.9, ERP-138) : view + manage (hors Comptabilite).
                 'technique.providers.view',
                 'technique.providers.manage',
+                // Transporteurs (M4 § 5.2, ERP-153) : view + manage (PAS archive -> admin seul).
+                'transport.carriers.view',
+                'transport.carriers.manage',
                 // Visibilite multi-site des prestataires (M3 § 2.13) : voit tous les sites.
                 'sites.bypass_scope',
                 // Lecture des referentiels transverses pour les selects client (ERP-102).
@@ -120,6 +123,9 @@ final class RbacSeeder
                 // (onglet Comptabilite masque/filtre pour la Commerciale).
                 'technique.providers.view',
                 'technique.providers.manage',
+                // Transporteurs (M4 § 5.2, ERP-153) : view seul (consultation « Tout »,
+                // ni manage ni archive pour la Commerciale).
+                'transport.carriers.view',
                 // Visibilite multi-site des prestataires (M3 § 2.13) : voit tous les sites.
                 'sites.bypass_scope',
                 // Lecture des referentiels transverses pour les selects client (ERP-102).

src/Module/Core/Infrastructure/Console/SeedE2ECommand.php

@@ -212,6 +212,11 @@ final class SeedE2ECommand extends Command
                     'technique.providers.accounting.view',
                     'technique.providers.accounting.manage',
                     'technique.providers.archive',
+                    // Transport — Repertoire transporteurs (M4, ERP-153). Meme
+                    // logique : mappe sur le persona "tout". Miroir de personas.ts.
+                    'transport.carriers.view',
+                    'transport.carriers.manage',
+                    'transport.carriers.archive',
                 ],
             ],
             [

src/Module/Transport/Application/Idtf/IdtfSheetParser.php

@@ -0,0 +1,219 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Transport\Application\Idtf;
+
+use RuntimeException;
+
+use function array_slice;
+
+/**
+ * Parsing pur d'une matrice (lignes/colonnes 0-indexees, telle que retournee
+ * par PhpSpreadsheet::toArray) de l'export Excel IDTF vers des lignes
+ * normalisees pretes a l'upsert. Sans dependance a PhpSpreadsheet : la matrice
+ * est un simple tableau, ce qui rend le parsing testable en isolation.
+ *
+ * Robuste au reordonnancement des colonnes (mapping par libelle normalise) et
+ * aux lignes de preambule (detection dynamique de la ligne d'en-tete). Voir
+ * ERP-149 § 2.
+ */
+final class IdtfSheetParser
+{
+    /**
+     * @param array<int, array<int, mixed>> $matrix
+     *
+     * @return array{exportDate: null|string, rows: list<array<string, mixed>>}
+     */
+    public static function parse(array $matrix): array
+    {
+        $exportDate  = self::extractExportDate($matrix);
+        $headerIndex = self::findHeaderIndex($matrix);
+
+        if (null === $headerIndex) {
+            throw new RuntimeException("Ligne d'en-tete introuvable (colonne 'Numero IDTF').");
+        }
+
+        $map = self::buildColumnMap($matrix[$headerIndex]);
+
+        if (!isset($map['idtf_number'])) {
+            throw new RuntimeException("Colonne 'Numero IDTF' introuvable dans l'en-tete.");
+        }
+
+        $rows = [];
+
+        foreach (array_slice($matrix, $headerIndex + 1) as $row) {
+            $idtf = trim((string) ($row[$map['idtf_number']] ?? ''));
+
+            // Ligne vide / non exploitable : pas d'identifiant numerique.
+            if ('' === $idtf || !ctype_digit($idtf)) {
+                continue;
+            }
+
+            $rows[] = [
+                'idtf_number'            => (int) $idtf,
+                'product_group'          => self::val($row, $map['product_group'] ?? null),
+                'name'                   => self::val($row, $map['name'] ?? null) ?? '',
+                'cleaning_regime'        => self::val($row, $map['cleaning_regime'] ?? null) ?? '',
+                'important_requirements' => self::val($row, $map['important_requirements'] ?? null),
+                'mandatory_date'         => self::parseDate(self::val($row, $map['mandatory_date'] ?? null)),
+                'related_products'       => self::val($row, $map['related_products'] ?? null),
+                'formula'                => self::val($row, $map['formula'] ?? null),
+                'eural_code'             => self::val($row, $map['eural_code'] ?? null),
+                'cas_numbers'            => self::splitCas(self::val($row, $map['cas'] ?? null)),
+                'footnotes'              => self::val($row, $map['footnotes'] ?? null),
+            ];
+        }
+
+        return ['exportDate' => $exportDate, 'rows' => $rows];
+    }
+
+    /**
+     * Cherche une date "d-m-Y" dans les premieres lignes (preambule
+     * "Export date: 12-6-2026") et la convertit en "Y-m-d". Null si absente.
+     *
+     * @param array<int, array<int, mixed>> $matrix
+     */
+    public static function extractExportDate(array $matrix): ?string
+    {
+        foreach (array_slice($matrix, 0, 5) as $row) {
+            $line = implode(' ', array_map(static fn (mixed $c): string => (string) $c, $row));
+
+            if (preg_match('/(\d{1,2})-(\d{1,2})-(\d{4})/', $line, $m)) {
+                $day   = (int) $m[1];
+                $month = (int) $m[2];
+                $year  = (int) $m[3];
+
+                if (checkdate($month, $day, $year)) {
+                    return sprintf('%04d-%02d-%02d', $year, $month, $day);
+                }
+            }
+        }
+
+        return null;
+    }
+
+    /**
+     * Index de la ligne d'en-tete : premiere ligne contenant une cellule dont
+     * le libelle normalise contient "numero idtf".
+     *
+     * @param array<int, array<int, mixed>> $matrix
+     */
+    private static function findHeaderIndex(array $matrix): ?int
+    {
+        foreach ($matrix as $i => $row) {
+            foreach ($row as $cell) {
+                if (str_contains(self::normalize((string) $cell), 'numero idtf')) {
+                    return $i;
+                }
+            }
+        }
+
+        return null;
+    }
+
+    /**
+     * Construit le mapping logique -> index de colonne a partir de la ligne
+     * d'en-tete (resiste au reordonnancement via fields[]).
+     *
+     * @param array<int, mixed> $header
+     *
+     * @return array<string, int>
+     */
+    private static function buildColumnMap(array $header): array
+    {
+        $map = [];
+
+        foreach ($header as $col => $label) {
+            $n = self::normalize((string) $label);
+
+            $key = match (true) {
+                str_contains($n, 'numero idtf') => 'idtf_number',
+                str_contains($n, 'product group'),
+                str_contains($n, 'groupe')                => 'product_group',
+                str_contains($n, 'nom de la marchandise') => 'name',
+                str_contains($n, 'regime de nettoyage')   => 'cleaning_regime',
+                str_contains($n, 'exigences importantes') => 'important_requirements',
+                str_contains($n, 'date d application')    => 'mandatory_date',
+                str_contains($n, 'produits apparentes')   => 'related_products',
+                str_contains($n, 'formule')               => 'formula',
+                str_contains($n, 'code eural')            => 'eural_code',
+                str_contains($n, 'numero cas')            => 'cas',
+                str_contains($n, 'annotations')           => 'footnotes',
+                default                                   => null,
+            };
+
+            if (null !== $key && !isset($map[$key])) {
+                $map[$key] = (int) $col;
+            }
+        }
+
+        return $map;
+    }
+
+    /**
+     * Convertit une date "dd-mm-yyyy" en "yyyy-mm-dd". Null si format invalide
+     * ou date calendaire impossible.
+     */
+    private static function parseDate(?string $raw): ?string
+    {
+        if (null === $raw || !preg_match('/^(\d{1,2})-(\d{1,2})-(\d{4})$/', $raw, $m)) {
+            return null;
+        }
+
+        $day   = (int) $m[1];
+        $month = (int) $m[2];
+        $year  = (int) $m[3];
+
+        if (!checkdate($month, $day, $year)) {
+            return null;
+        }
+
+        return sprintf('%04d-%02d-%02d', $year, $month, $day);
+    }
+
+    /**
+     * Eclate une cellule "Numero CAS" sur ';' en liste de chaines non vides.
+     *
+     * @return list<string>
+     */
+    private static function splitCas(?string $raw): array
+    {
+        if (null === $raw) {
+            return [];
+        }
+
+        $parts = array_map('trim', explode(';', $raw));
+
+        return array_values(array_filter($parts, static fn (string $v): bool => '' !== $v));
+    }
+
+    /**
+     * Valeur d'une cellule par index : trim, null si absente/vide.
+     *
+     * @param array<int, mixed> $row
+     */
+    private static function val(array $row, ?int $col): ?string
+    {
+        if (null === $col) {
+            return null;
+        }
+
+        $v = trim((string) ($row[$col] ?? ''));
+
+        return '' === $v ? null : $v;
+    }
+
+    /**
+     * Normalise un libelle d'en-tete : minuscules, sans accents ni apostrophes,
+     * espaces compresses (pour un matching robuste).
+     */
+    private static function normalize(string $s): string
+    {
+        $s = str_replace(['’', "'"], ' ', $s);
+        $s = (string) iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $s);
+        $s = mb_strtolower($s);
+
+        return trim((string) preg_replace('/\s+/', ' ', $s));
+    }
+}

src/Module/Transport/Application/Qualimat/QualimatRowMapper.php

@@ -0,0 +1,130 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Transport\Application\Qualimat;
+
+/**
+ * Mapping pur d'un item brut de l'API QUALIMAT vers une ligne normalisee
+ * prete a l'upsert dans `qualimat_carrier`. Sans dependance (testable en
+ * isolation). Voir ERP-39 § 2 pour les pieges qualite de la source.
+ */
+final class QualimatRowMapper
+{
+    /**
+     * Mappe un lot d'items. Les items sans SIRET exploitable sont ignores et
+     * comptes a part (cf. `rows_skipped` du journal). Les doublons de SIRET
+     * (source "sale" : memes chiffres a separateurs pres) sont fusionnes,
+     * derniere occurrence gagnante — l'upsert ne verrait qu'une ligne de toute
+     * facon, et le compte `rows_upserted` reflete ainsi les transporteurs
+     * distincts.
+     *
+     * @param array<int, array<string, mixed>> $items
+     *
+     * @return array{rows: list<array<string, mixed>>, skipped: int}
+     */
+    public static function mapMany(array $items): array
+    {
+        $bySiret = [];
+        $skipped = 0;
+
+        foreach ($items as $item) {
+            $row = self::mapOne($item);
+
+            if (null === $row) {
+                ++$skipped;
+
+                continue;
+            }
+
+            // Cle = SIRET normalise : une occurrence ulterieure ecrase la
+            // precedente (derniere gagnante).
+            $bySiret[$row['siret']] = $row;
+        }
+
+        return ['rows' => array_values($bySiret), 'skipped' => $skipped];
+    }
+
+    /**
+     * Mappe un item unique. Retourne null si le SIRET est absent ou vide
+     * (ligne inexploitable : pas de cle naturelle pour l'upsert).
+     *
+     * @param array<string, mixed> $item
+     *
+     * @return null|array<string, mixed>
+     */
+    public static function mapOne(array $item): ?array
+    {
+        $siret = self::normalizeSiret(self::str($item['Siret'] ?? null));
+
+        if (null === $siret) {
+            return null;
+        }
+
+        return [
+            'siret' => $siret,
+            // Nom et Societe sont identiques a la source : une seule colonne.
+            'name'        => self::str($item['Nom'] ?? null) ?? '',
+            'address'     => self::str($item['Adresse'] ?? null),
+            'postal_code' => self::str($item['CodePostal'] ?? null),
+            'city'        => self::str($item['Ville'] ?? null),
+            'phone'       => self::str($item['Telephone_1'] ?? null),
+            'department'  => self::str($item['Departement'] ?? null),
+            // Statut conserve brut (feed externe, valeurs non contraintes).
+            'status'        => self::str($item['Statut'] ?? null) ?? '',
+            'validity_date' => self::parseDate(self::str($item['Validite'] ?? null)),
+        ];
+    }
+
+    /**
+     * Normalise un SIRET : ne conserve que les chiffres. Null si vide.
+     * La source est "sale" (longueurs variables 7 a 14) : aucune contrainte
+     * de longueur, on stocke les chiffres tels quels.
+     */
+    public static function normalizeSiret(?string $raw): ?string
+    {
+        if (null === $raw) {
+            return null;
+        }
+
+        $digits = preg_replace('/\D+/', '', $raw) ?? '';
+
+        return '' === $digits ? null : $digits;
+    }
+
+    /**
+     * Convertit une date "dd/mm/yyyy" en "yyyy-mm-dd". Null si le format ne
+     * correspond pas ou si la date n'est pas un jour calendaire valide
+     * (garde-fou : evite un INSERT en erreur sur une date impossible).
+     */
+    public static function parseDate(?string $raw): ?string
+    {
+        if (null === $raw || !preg_match('#^(\d{2})/(\d{2})/(\d{4})$#', $raw, $m)) {
+            return null;
+        }
+
+        $day   = (int) $m[1];
+        $month = (int) $m[2];
+        $year  = (int) $m[3];
+
+        if (!checkdate($month, $day, $year)) {
+            return null;
+        }
+
+        return sprintf('%04d-%02d-%02d', $year, $month, $day);
+    }
+
+    /**
+     * Trim d'une valeur scalaire ; null si la chaine resultante est vide.
+     */
+    private static function str(mixed $value): ?string
+    {
+        if (null === $value) {
+            return null;
+        }
+
+        $trimmed = trim((string) $value);
+
+        return '' === $trimmed ? null : $trimmed;
+    }
+}

src/Module/Transport/Infrastructure/Console/SyncIdtfCommand.php

@@ -0,0 +1,317 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Transport\Infrastructure\Console;
+
+use App\Module\Transport\Application\Idtf\IdtfSheetParser;
+use DateTimeImmutable;
+use Doctrine\DBAL\Connection;
+use PhpOffice\PhpSpreadsheet\IOFactory;
+use RuntimeException;
+use Symfony\Component\Console\Attribute\AsCommand;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Style\SymfonyStyle;
+use Symfony\Contracts\HttpClient\HttpClientInterface;
+use Throwable;
+
+use function array_slice;
+use function count;
+use function in_array;
+
+use const JSON_THROW_ON_ERROR;
+use const JSON_UNESCAPED_UNICODE;
+
+/**
+ * ERP-149 : synchronise le referentiel des codes IDTF (regimes de nettoyage
+ * transport).
+ *
+ * Recupere l'export Excel depuis le generateur icrt-idtf.com (ou un fichier
+ * local), le parse et synchronise `idtf_product` de facon transactionnelle :
+ * upsert sur (schema, idtf_number), soft-delete des absents, journal dans
+ * `idtf_sync_log`. Idempotente (refresh complet).
+ */
+#[AsCommand(
+    name: 'app:idtf:sync',
+    description: 'Synchronise le referentiel des codes IDTF depuis l\'export Excel icrt-idtf.com (upsert + soft-delete + journal).',
+)]
+final class SyncIdtfCommand extends Command
+{
+    private const string GENERATOR_URL = 'https://www.icrt-idtf.com/fr/excel-generator/';
+
+    /**
+     * Champs a cocher explicitement : `fields[]=all` ne deplie PAS les colonnes
+     * cote serveur (6 colonnes seulement). Cette liste donne l'export complet
+     * (11 colonnes). Cf. ERP-149 § 1.
+     *
+     * @var list<string>
+     */
+    private const array EXPORT_FIELDS = [
+        'product_number_idtf',
+        'product_name',
+        'minimum_cleaning_regime',
+        'important_requirements',
+        'date_mandatory',
+        'related_products',
+        'formula',
+        'product_number_eural',
+        'product_number_cas',
+        'footnotes',
+    ];
+
+    public function __construct(
+        private readonly Connection $connection,
+        private readonly HttpClientInterface $httpClient,
+    ) {
+        parent::__construct();
+    }
+
+    protected function configure(): void
+    {
+        $this
+            ->addOption('schema', null, InputOption::VALUE_REQUIRED, "Module IDTF : 'road' (routier) ou 'water' (fluvial).", 'road')
+            ->addOption('file', null, InputOption::VALUE_REQUIRED, "Chemin d'un .xlsx local (court-circuite le telechargement, utile pour tests/rejeu).")
+            ->addOption('dry-run', null, InputOption::VALUE_NONE, 'Analyse sans ecriture en base.')
+        ;
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output): int
+    {
+        $io     = new SymfonyStyle($input, $output);
+        $schema = (string) $input->getOption('schema');
+        $dryRun = (bool) $input->getOption('dry-run');
+        $file   = $input->getOption('file');
+
+        if (!in_array($schema, ['road', 'water'], true)) {
+            $io->error("--schema doit valoir 'road' ou 'water'.");
+
+            return Command::INVALID;
+        }
+
+        // 1. Recuperation du binaire xlsx (local ou via POST).
+        try {
+            $xlsx = null !== $file ? $this->readLocal((string) $file) : $this->downloadExport($schema);
+        } catch (Throwable $e) {
+            $io->error('Telechargement/lecture impossible : '.$e->getMessage());
+
+            return Command::FAILURE;
+        }
+
+        // 2. Parsing (xlsx -> matrice -> lignes normalisees).
+        try {
+            $parsed = IdtfSheetParser::parse($this->toMatrix($xlsx));
+        } catch (Throwable $e) {
+            $io->error('Parsing impossible : '.$e->getMessage());
+
+            return Command::FAILURE;
+        }
+
+        $rows       = $parsed['rows'];
+        $exportDate = $parsed['exportDate'] ?? new DateTimeImmutable()->format('Y-m-d');
+
+        $io->section(sprintf('IDTF %s — export du %s', mb_strtoupper($schema), $exportDate));
+        $io->writeln(sprintf('%d lignes exploitables lues.', count($rows)));
+
+        if ($dryRun) {
+            $this->renderPreview($io, $rows);
+            $io->note(sprintf('Dry-run : aucune ecriture. (%d lignes au total)', count($rows)));
+
+            return Command::SUCCESS;
+        }
+
+        // 3. Sync transactionnelle : upsert -> soft-delete -> journal.
+        $run = new DateTimeImmutable()->format('Y-m-d H:i:s.u');
+
+        $this->connection->beginTransaction();
+
+        try {
+            $upserted    = $this->upsertAll($schema, $exportDate, $rows, $run);
+            $deactivated = $this->deactivateMissing($schema, $run);
+            $this->log($schema, $exportDate, count($rows), $upserted, $deactivated);
+            $this->connection->commit();
+        } catch (Throwable $e) {
+            $this->connection->rollBack();
+            $io->error('Sync annulee (rollback) : '.$e->getMessage());
+
+            return Command::FAILURE;
+        }
+
+        $io->success(sprintf('%d upsert, %d desactive(s).', $upserted, $deactivated));
+
+        return Command::SUCCESS;
+    }
+
+    /**
+     * Rejoue le POST du generateur pour recuperer le binaire xlsx complet.
+     * Le formulaire poste sur lui-meme ; pas besoin de GET/cookies prealables.
+     */
+    private function downloadExport(string $schema): string
+    {
+        // Corps construit a la main : http-client encoderait fields[] en
+        // indices numerotes, on veut bien des "fields[]=..." repetes.
+        $pairs = [
+            'schema='.$schema,
+            'type%5B%5D='.$schema,
+            'roadRegime%5B%5D=all',
+            'waterRegime%5B%5D=all',
+            'groups%5B%5D=all',
+            'products%5B%5D=all',
+        ];
+
+        foreach (self::EXPORT_FIELDS as $field) {
+            $pairs[] = 'fields%5B%5D='.$field;
+        }
+
+        $pairs[] = 'generateExcel=';
+
+        $response = $this->httpClient->request('POST', self::GENERATOR_URL, [
+            'headers' => ['Content-Type' => 'application/x-www-form-urlencoded'],
+            'body'    => implode('&', $pairs),
+            'timeout' => 90,
+        ]);
+
+        $content     = $response->getContent();
+        $contentType = $response->getHeaders(false)['content-type'][0] ?? '';
+
+        // Garde-fou : un HTML signifie un POST rejete (filtres/payload).
+        if (!str_contains($contentType, 'spreadsheet') && !str_starts_with($content, "PK\x03\x04")) {
+            throw new RuntimeException(sprintf('Reponse non-xlsx (content-type: %s). Verifie le payload.', $contentType));
+        }
+
+        return $content;
+    }
+
+    private function readLocal(string $path): string
+    {
+        $raw = @file_get_contents($path);
+
+        if (false === $raw) {
+            throw new RuntimeException(sprintf('Fichier illisible : %s', $path));
+        }
+
+        return $raw;
+    }
+
+    /**
+     * Charge le binaire xlsx via PhpSpreadsheet et retourne la feuille active
+     * sous forme de matrice 0-indexee (lignes/colonnes).
+     *
+     * @return array<int, array<int, mixed>>
+     */
+    private function toMatrix(string $xlsx): array
+    {
+        $tmp = tempnam(sys_get_temp_dir(), 'idtf_').'.xlsx';
+        file_put_contents($tmp, $xlsx);
+
+        try {
+            // toArray(null, true, true, false) : colonnes 0-indexees.
+            return IOFactory::load($tmp)->getActiveSheet()->toArray(null, true, true, false);
+        } finally {
+            @unlink($tmp);
+        }
+    }
+
+    /**
+     * Upsert de toutes les lignes (cle naturelle = schema + idtf_number).
+     *
+     * @param list<array<string, mixed>> $rows
+     */
+    private function upsertAll(string $schema, string $exportDate, array $rows, string $run): int
+    {
+        $sql = <<<'SQL'
+            INSERT INTO idtf_product
+                (idtf_number, schema, product_group, name, cleaning_regime, important_requirements,
+                 mandatory_date, related_products, formula, eural_code, cas_numbers, footnotes,
+                 source_export_date, is_active, last_synced_at)
+            VALUES
+                (:idtf, :schema, :grp, :name, :regime, :req, :mdate, :related, :formula, :eural,
+                 CAST(:cas AS JSONB), :foot, :export, TRUE, :run)
+            ON CONFLICT (schema, idtf_number) DO UPDATE SET
+                product_group          = EXCLUDED.product_group,
+                name                   = EXCLUDED.name,
+                cleaning_regime        = EXCLUDED.cleaning_regime,
+                important_requirements = EXCLUDED.important_requirements,
+                mandatory_date         = EXCLUDED.mandatory_date,
+                related_products       = EXCLUDED.related_products,
+                formula                = EXCLUDED.formula,
+                eural_code             = EXCLUDED.eural_code,
+                cas_numbers            = EXCLUDED.cas_numbers,
+                footnotes              = EXCLUDED.footnotes,
+                source_export_date     = EXCLUDED.source_export_date,
+                is_active              = TRUE,
+                last_synced_at         = EXCLUDED.last_synced_at
+            SQL;
+
+        $count = 0;
+
+        foreach ($rows as $r) {
+            $this->connection->executeStatement($sql, [
+                'idtf'    => $r['idtf_number'],
+                'schema'  => $schema,
+                'grp'     => $r['product_group'],
+                'name'    => $r['name'],
+                'regime'  => $r['cleaning_regime'],
+                'req'     => $r['important_requirements'],
+                'mdate'   => $r['mandatory_date'],
+                'related' => $r['related_products'],
+                'formula' => $r['formula'],
+                'eural'   => $r['eural_code'],
+                'cas'     => json_encode($r['cas_numbers'], JSON_UNESCAPED_UNICODE | JSON_THROW_ON_ERROR),
+                'foot'    => $r['footnotes'],
+                'export'  => $exportDate,
+                'run'     => $run,
+            ]);
+            ++$count;
+        }
+
+        return $count;
+    }
+
+    /**
+     * Soft-delete : toute ligne du schema active non revue par ce run passe a
+     * is_active=false.
+     */
+    private function deactivateMissing(string $schema, string $run): int
+    {
+        return (int) $this->connection->executeStatement(
+            'UPDATE idtf_product SET is_active = FALSE WHERE schema = :schema AND is_active = TRUE AND last_synced_at < :run',
+            ['schema' => $schema, 'run' => $run],
+        );
+    }
+
+    private function log(string $schema, string $exportDate, int $total, int $upserted, int $deactivated): void
+    {
+        $this->connection->executeStatement(
+            <<<'SQL'
+                INSERT INTO idtf_sync_log (schema, export_date, rows_total, rows_upserted, rows_deactivated)
+                VALUES (:schema, :export, :total, :upserted, :deactivated)
+                SQL,
+            [
+                'schema'      => $schema,
+                'export'      => $exportDate,
+                'total'       => $total,
+                'upserted'    => $upserted,
+                'deactivated' => $deactivated,
+            ],
+        );
+    }
+
+    /**
+     * @param list<array<string, mixed>> $rows
+     */
+    private function renderPreview(SymfonyStyle $io, array $rows): void
+    {
+        $io->table(
+            ['IDTF', 'Nom', 'Regime', 'CAS'],
+            array_map(static fn (array $r): array => [
+                (string) $r['idtf_number'],
+                mb_strimwidth((string) $r['name'], 0, 50, '…'),
+                (string) $r['cleaning_regime'],
+                implode(', ', $r['cas_numbers']),
+            ], array_slice($rows, 0, 15)),
+        );
+    }
+}

src/Module/Transport/Infrastructure/Console/SyncQualimatCommand.php

@@ -0,0 +1,327 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Transport\Infrastructure\Console;
+
+use App\Module\Transport\Application\Qualimat\QualimatRowMapper;
+use DateTimeImmutable;
+use Doctrine\DBAL\Connection;
+use RuntimeException;
+use Symfony\Component\Console\Attribute\AsCommand;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Style\SymfonyStyle;
+use Symfony\Contracts\HttpClient\HttpClientInterface;
+use Throwable;
+
+use function array_slice;
+use function count;
+use function is_array;
+
+use const JSON_THROW_ON_ERROR;
+
+/**
+ * ERP-39 : synchronise le referentiel des transporteurs QUALIMAT.
+ *
+ * Recupere la liste des operateurs de transport depuis l'API publique (ou un
+ * fichier local), normalise chaque ligne et synchronise `qualimat_carrier` de
+ * facon transactionnelle : upsert sur le SIRET, soft-delete des absents,
+ * journal dans `qualimat_sync_log`. Idempotente (refresh complet) : prevue
+ * pour un cron quotidien.
+ */
+#[AsCommand(
+    name: 'app:qualimat:sync',
+    description: 'Synchronise le referentiel des transporteurs QUALIMAT (upsert + soft-delete + journal).',
+)]
+final class SyncQualimatCommand extends Command
+{
+    private const string API_URL  = 'https://www.qualimat.org/wp-json/qualimat/v1/getOperateurs';
+    private const int DEFAULT_PPP = 10000;
+
+    // Cle arbitraire (mais stable) du verrou consultatif Postgres serialisant
+    // les runs de `app:qualimat:sync` entre eux. Propre a cette commande.
+    private const int ADVISORY_LOCK_KEY = 3_900_000_039;
+
+    // Nombre de lignes par INSERT groupe. 10 parametres/ligne, large marge sous
+    // la limite Postgres de 65535 parametres par requete.
+    private const int UPSERT_CHUNK = 1000;
+
+    public function __construct(
+        private readonly Connection $connection,
+        private readonly HttpClientInterface $httpClient,
+    ) {
+        parent::__construct();
+    }
+
+    protected function configure(): void
+    {
+        $this
+            ->addOption('file', null, InputOption::VALUE_REQUIRED, "Chemin d'un JSON local (court-circuite l'appel HTTP, utile pour tests/rejeu).")
+            ->addOption('ppp', null, InputOption::VALUE_REQUIRED, "Taille de page demandee a l'API.", (string) self::DEFAULT_PPP)
+            ->addOption('dry-run', null, InputOption::VALUE_NONE, 'Analyse sans ecriture en base.')
+        ;
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output): int
+    {
+        $io     = new SymfonyStyle($input, $output);
+        $ppp    = max(1, (int) $input->getOption('ppp'));
+        $dryRun = (bool) $input->getOption('dry-run');
+        $file   = $input->getOption('file');
+
+        // Verrou consultatif (session) : empeche deux runs de se chevaucher
+        // (cron qui deborde, invocation manuelle parallele). Sans lui, le run le
+        // plus tardif desactiverait les lignes que l'autre vient d'inserer.
+        if (!$this->acquireLock()) {
+            $io->error('Une synchronisation QUALIMAT est deja en cours (verrou non disponible).');
+
+            return Command::FAILURE;
+        }
+
+        try {
+            return $this->doSync($io, $ppp, $dryRun, $file);
+        } finally {
+            $this->releaseLock();
+        }
+    }
+
+    /**
+     * Coeur de la synchronisation, execute sous verrou consultatif.
+     */
+    private function doSync(SymfonyStyle $io, int $ppp, bool $dryRun, ?string $file): int
+    {
+        // 1. Recuperation des items (fichier local ou API).
+        try {
+            $items = null !== $file ? $this->readLocal($file) : $this->fetchRemote($ppp);
+        } catch (Throwable $e) {
+            $io->error('Recuperation impossible : '.$e->getMessage());
+
+            return Command::FAILURE;
+        }
+
+        $total = count($items);
+        $io->section(sprintf('QUALIMAT — %d items recus', $total));
+
+        // Garde-fou troncature : un retour egal a ppp signale un dataset coupe.
+        if (null === $file && $total === $ppp) {
+            $io->warning(sprintf("Le nombre d'items recus (%d) egale --ppp : resultat potentiellement tronque, augmente --ppp.", $ppp));
+        }
+
+        // 2. Mapping / normalisation (les items sans SIRET sont ignores, les
+        // doublons de SIRET sont fusionnes : derniere occurrence gagnante).
+        ['rows' => $rows, 'skipped' => $skipped] = QualimatRowMapper::mapMany($items);
+        $io->writeln(sprintf('%d lignes exploitables, %d ignorees (sans SIRET).', count($rows), $skipped));
+
+        if ($dryRun) {
+            $this->renderPreview($io, $rows);
+            $io->note(sprintf('Dry-run : aucune ecriture. (%d lignes au total)', count($rows)));
+
+            return Command::SUCCESS;
+        }
+
+        // Garde-fou « zero ligne » : une source vide (incident amont, liste []
+        // legitime) ne doit JAMAIS atteindre le soft-delete, qui desactiverait
+        // tout le referentiel. On abandonne sans rien ecrire.
+        if ([] === $rows) {
+            $io->error('Aucune ligne exploitable : synchronisation abandonnee (desactivation de masse evitee).');
+
+            return Command::FAILURE;
+        }
+
+        // 3. Sync transactionnelle : upsert -> soft-delete -> journal.
+        $run = new DateTimeImmutable()->format('Y-m-d H:i:s.u');
+
+        $this->connection->beginTransaction();
+
+        try {
+            $upserted    = $this->upsertAll($rows, $run);
+            $deactivated = $this->deactivateMissing($run);
+            $this->log($run, $total, $upserted, $skipped, $deactivated);
+            $this->connection->commit();
+        } catch (Throwable $e) {
+            $this->connection->rollBack();
+            $io->error('Sync annulee (rollback) : '.$e->getMessage());
+
+            return Command::FAILURE;
+        }
+
+        $io->success(sprintf('%d upsert, %d ignore(s), %d desactive(s).', $upserted, $skipped, $deactivated));
+
+        return Command::SUCCESS;
+    }
+
+    /**
+     * Tente de prendre le verrou consultatif de session. Retourne false si un
+     * autre run le detient deja (Postgres `pg_try_advisory_lock`, non bloquant).
+     */
+    private function acquireLock(): bool
+    {
+        return (bool) $this->connection->fetchOne('SELECT pg_try_advisory_lock(:key)', ['key' => self::ADVISORY_LOCK_KEY]);
+    }
+
+    /**
+     * Relache le verrou consultatif pris par acquireLock().
+     */
+    private function releaseLock(): void
+    {
+        $this->connection->executeStatement('SELECT pg_advisory_unlock(:key)', ['key' => self::ADVISORY_LOCK_KEY]);
+    }
+
+    /**
+     * Rejoue l'appel GET de l'API QUALIMAT et retourne le tableau d'items.
+     *
+     * @return array<int, array<string, mixed>>
+     */
+    private function fetchRemote(int $ppp): array
+    {
+        $response = $this->httpClient->request('GET', self::API_URL, [
+            'query'   => ['type' => 'operateur_transport', 'ppp' => $ppp],
+            'timeout' => 60,
+        ]);
+
+        // toArray() leve une exception sur un statut non-2xx ou un corps non-JSON.
+        $data = $response->toArray();
+
+        // Un 2xx au corps inattendu (objet d'erreur, enveloppe {"data":[...]}, etc.)
+        // ne doit PAS etre interprete comme « 0 transporteur » : ce serait masquer
+        // un changement de contrat de l'API et declencher la desactivation de masse
+        // (cf. garde-fou « zero ligne » dans execute()). On echoue franchement.
+        if (!array_is_list($data)) {
+            throw new RuntimeException("Reponse inattendue de l'API QUALIMAT : un tableau d'items etait attendu.");
+        }
+
+        return $data;
+    }
+
+    /**
+     * Lit un export JSON local (tableau d'objets).
+     *
+     * @return array<int, array<string, mixed>>
+     */
+    private function readLocal(string $path): array
+    {
+        $raw = @file_get_contents($path);
+
+        if (false === $raw) {
+            throw new RuntimeException(sprintf('Fichier illisible : %s', $path));
+        }
+
+        $data = json_decode($raw, true, 512, JSON_THROW_ON_ERROR);
+
+        if (!is_array($data) || !array_is_list($data)) {
+            throw new RuntimeException("Le JSON doit etre un tableau d'objets.");
+        }
+
+        return $data;
+    }
+
+    /**
+     * Upsert de toutes les lignes valides (cle naturelle = siret) par paquets
+     * (INSERT groupe), au lieu d'un aller-retour par ligne. Marque is_active=TRUE
+     * et tamponne last_synced_at avec le run courant. Les lignes etant deja
+     * dedoublonnees par SIRET en amont, le compte retourne = transporteurs
+     * distincts effectivement synchronises.
+     *
+     * @param list<array<string, mixed>> $rows
+     */
+    private function upsertAll(array $rows, string $run): int
+    {
+        $count = 0;
+
+        foreach (array_chunk($rows, self::UPSERT_CHUNK) as $chunk) {
+            $placeholders = [];
+            $params       = [];
+
+            foreach ($chunk as $r) {
+                // 10 valeurs liees + is_active force a TRUE (litteral).
+                $placeholders[] = '(?, ?, ?, ?, ?, ?, ?, ?, ?, TRUE, ?)';
+                $params[]       = $r['siret'];
+                $params[]       = $r['name'];
+                $params[]       = $r['address'];
+                $params[]       = $r['postal_code'];
+                $params[]       = $r['city'];
+                $params[]       = $r['phone'];
+                $params[]       = $r['department'];
+                $params[]       = $r['status'];
+                $params[]       = $r['validity_date'];
+                $params[]       = $run;
+            }
+
+            $sql = sprintf(
+                <<<'SQL'
+                    INSERT INTO qualimat_carrier
+                        (siret, name, address, postal_code, city, phone, department, status, validity_date, is_active, last_synced_at)
+                    VALUES
+                        %s
+                    ON CONFLICT (siret) DO UPDATE SET
+                        name           = EXCLUDED.name,
+                        address        = EXCLUDED.address,
+                        postal_code    = EXCLUDED.postal_code,
+                        city           = EXCLUDED.city,
+                        phone          = EXCLUDED.phone,
+                        department     = EXCLUDED.department,
+                        status         = EXCLUDED.status,
+                        validity_date  = EXCLUDED.validity_date,
+                        is_active      = TRUE,
+                        last_synced_at = EXCLUDED.last_synced_at
+                    SQL,
+                implode(",\n        ", $placeholders),
+            );
+
+            $this->connection->executeStatement($sql, $params);
+            $count += count($chunk);
+        }
+
+        return $count;
+    }
+
+    /**
+     * Soft-delete : toute ligne active non revue par ce run (tampon anterieur)
+     * passe a is_active=false.
+     */
+    private function deactivateMissing(string $run): int
+    {
+        return (int) $this->connection->executeStatement(
+            'UPDATE qualimat_carrier SET is_active = FALSE WHERE is_active = TRUE AND last_synced_at < :run',
+            ['run' => $run],
+        );
+    }
+
+    private function log(string $run, int $total, int $upserted, int $skipped, int $deactivated): void
+    {
+        $this->connection->executeStatement(
+            <<<'SQL'
+                INSERT INTO qualimat_sync_log (fetched_at, rows_total, rows_upserted, rows_skipped, rows_deactivated)
+                VALUES (:run, :total, :upserted, :skipped, :deactivated)
+                SQL,
+            [
+                'run'         => $run,
+                'total'       => $total,
+                'upserted'    => $upserted,
+                'skipped'     => $skipped,
+                'deactivated' => $deactivated,
+            ],
+        );
+    }
+
+    /**
+     * @param list<array<string, mixed>> $rows
+     */
+    private function renderPreview(SymfonyStyle $io, array $rows): void
+    {
+        $io->table(
+            ['SIRET', 'Nom', 'CP', 'Ville', 'Statut', 'Validite'],
+            array_map(static fn (array $r): array => [
+                (string) $r['siret'],
+                mb_strimwidth((string) $r['name'], 0, 40, '…'),
+                (string) ($r['postal_code'] ?? ''),
+                mb_strimwidth((string) ($r['city'] ?? ''), 0, 25, '…'),
+                (string) $r['status'],
+                (string) ($r['validity_date'] ?? ''),
+            ], array_slice($rows, 0, 15)),
+        );
+    }
+}

src/Module/Transport/Infrastructure/Doctrine/Migrations/Version20260612150000.php

@@ -0,0 +1,112 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Transport\Infrastructure\Doctrine\Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * ERP-39 (Module Transport) : referentiel des transporteurs agrees QUALIMAT.
+ *
+ * Tables alimentees par la commande de synchronisation `app:qualimat:sync`
+ * (upsert sur le SIRET + soft-delete des absents + journal). Aucune FK
+ * cross-module (referentiel autonome) : migration au namespace modulaire
+ * Transport. Tables autonomes, sans dependance d'ordre vis-a-vis des autres
+ * migrations, donc insensible au tri cross-namespace de Doctrine Migrations.
+ */
+final class Version20260612150000 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return 'ERP-39 : tables qualimat_carrier + qualimat_sync_log (referentiel transporteurs QUALIMAT, synchro console).';
+    }
+
+    public function up(Schema $schema): void
+    {
+        $this->addSql(<<<'SQL'
+            CREATE TABLE qualimat_carrier (
+                id BIGINT GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+                siret VARCHAR(20) NOT NULL,
+                name VARCHAR(255) NOT NULL,
+                address VARCHAR(255) DEFAULT NULL,
+                postal_code VARCHAR(10) DEFAULT NULL,
+                city VARCHAR(255) DEFAULT NULL,
+                phone VARCHAR(32) DEFAULT NULL,
+                department VARCHAR(64) DEFAULT NULL,
+                status VARCHAR(32) NOT NULL,
+                validity_date DATE DEFAULT NULL,
+                is_active BOOLEAN DEFAULT TRUE NOT NULL,
+                last_synced_at TIMESTAMP(6) WITHOUT TIME ZONE NOT NULL,
+                PRIMARY KEY (id),
+                CONSTRAINT uq_qualimat_carrier_siret UNIQUE (siret)
+            )
+            SQL);
+        $this->addSql('CREATE INDEX idx_qualimat_carrier_active ON qualimat_carrier (is_active)');
+
+        $this->comment('qualimat_carrier', '_table', "Referentiel des transporteurs agrees QUALIMAT, synchronise quotidiennement depuis l'API qualimat.org (type=operateur_transport).");
+        $this->comment('qualimat_carrier', 'id', 'Cle technique auto-incrementee.');
+        $this->comment('qualimat_carrier', 'siret', 'SIRET normalise (chiffres sans espaces). Cle naturelle de synchro (unique). Source parfois incomplete (longueur variable), non contrainte a 14.');
+        $this->comment('qualimat_carrier', 'name', 'Raison sociale du transporteur (champs Nom = Societe de la source, identiques).');
+        $this->comment('qualimat_carrier', 'address', 'Adresse postale (voie). Nullable.');
+        $this->comment('qualimat_carrier', 'postal_code', 'Code postal. Nullable.');
+        $this->comment('qualimat_carrier', 'city', 'Ville. Nullable.');
+        $this->comment('qualimat_carrier', 'phone', 'Telephone au format source "indicatif|numero" (ex: +33|0608890316). Nullable.');
+        $this->comment('qualimat_carrier', 'department', 'Departement au format source "code - libelle" (ex: 65 - Hautes-Pyrenees). Nullable.');
+        $this->comment('qualimat_carrier', 'status', "Statut d'agrement QUALIMAT (valeurs connues : Audite, Valide, Suspendu). Valeur brute de la source, non contrainte.");
+        $this->comment('qualimat_carrier', 'validity_date', 'Date de fin de validite de la certification (convertie depuis dd/mm/yyyy). Nullable.');
+        $this->comment('qualimat_carrier', 'is_active', 'Faux = transporteur absent du dernier import (soft-delete). Toute ligne non revue par le dernier run passe a FALSE.');
+        $this->comment('qualimat_carrier', 'last_synced_at', 'Horodatage du run de synchro ayant vu cette ligne en dernier (soft-delete : last_synced_at < run courant).');
+
+        $this->addSql(<<<'SQL'
+            CREATE TABLE qualimat_sync_log (
+                id BIGINT GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+                fetched_at TIMESTAMP(6) WITHOUT TIME ZONE NOT NULL,
+                rows_total INT NOT NULL,
+                rows_upserted INT NOT NULL,
+                rows_skipped INT NOT NULL,
+                rows_deactivated INT NOT NULL,
+                created_at TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW() NOT NULL,
+                PRIMARY KEY (id)
+            )
+            SQL);
+
+        $this->comment('qualimat_sync_log', '_table', 'Journal des synchronisations QUALIMAT (une ligne par run de la commande app:qualimat:sync).');
+        $this->comment('qualimat_sync_log', 'id', 'Cle technique auto-incrementee.');
+        $this->comment('qualimat_sync_log', 'fetched_at', "Horodatage de l'appel a l'API source (= run de synchro).");
+        $this->comment('qualimat_sync_log', 'rows_total', "Nombre d'items renvoyes par l'API.");
+        $this->comment('qualimat_sync_log', 'rows_upserted', 'Nombre de transporteurs inseres ou mis a jour.');
+        $this->comment('qualimat_sync_log', 'rows_skipped', "Nombre d'items ignores (sans SIRET exploitable).");
+        $this->comment('qualimat_sync_log', 'rows_deactivated', 'Nombre de transporteurs passes a is_active=false (absents de cet import).');
+        $this->comment('qualimat_sync_log', 'created_at', 'Horodatage de fin du run (insertion du journal).');
+    }
+
+    public function down(Schema $schema): void
+    {
+        $this->addSql('DROP TABLE IF EXISTS qualimat_sync_log');
+        $this->addSql('DROP TABLE IF EXISTS qualimat_carrier');
+    }
+
+    /**
+     * Pose un COMMENT ON TABLE/COLUMN en dollar-quoting Postgres ($_$...$_$)
+     * pour eviter tout echappement d'apostrophes dans les descriptions.
+     */
+    private function comment(string $table, string $column, string $description): void
+    {
+        $quotedTable = '"'.str_replace('"', '""', $table).'"';
+
+        if ('_table' === $column) {
+            $this->addSql(sprintf('COMMENT ON TABLE %s IS $_$%s$_$', $quotedTable, $description));
+
+            return;
+        }
+
+        $this->addSql(sprintf(
+            'COMMENT ON COLUMN %s.%s IS $_$%s$_$',
+            $quotedTable,
+            '"'.str_replace('"', '""', $column).'"',
+            $description,
+        ));
+    }
+}

src/Module/Transport/TransportModule.php

@@ -0,0 +1,34 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Transport;
+
+final class TransportModule
+{
+    public const string ID     = 'transport';
+    public const string LABEL  = 'Transport';
+    public const bool REQUIRED = false;
+
+    /**
+     * Liste declarative des permissions RBAC exposees par le module Transport.
+     *
+     * Socle du repertoire transporteurs (M4 § 5.1, ERP-153) :
+     *  - `view`    : consultation de la liste / fiche transporteur ;
+     *  - `manage`  : creation / modification (hors archivage) ;
+     *  - `archive` : archivage / restauration (admin seul, cf. matrice § 5.2).
+     *
+     * Consommee par `app:sync-permissions`. Matrice role -> permissions dans
+     * `RbacSeeder::MATRIX` (§ 5.2).
+     *
+     * @return array<int, array{code: string, label: string}>
+     */
+    public static function permissions(): array
+    {
+        return [
+            ['code' => 'transport.carriers.view', 'label' => 'Voir les transporteurs'],
+            ['code' => 'transport.carriers.manage', 'label' => 'Créer / modifier les transporteurs'],
+            ['code' => 'transport.carriers.archive', 'label' => 'Archiver / restaurer un transporteur'],
+        ];
+    }
+}

src/Shared/Domain/Entity/UploadedDocument.php

@@ -0,0 +1,166 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Shared\Domain\Entity;
+
+use ApiPlatform\Metadata\ApiResource;
+use ApiPlatform\Metadata\Get;
+use ApiPlatform\Metadata\Post;
+use App\Shared\Infrastructure\ApiPlatform\State\UploadedDocumentProcessor;
+use DateTimeImmutable;
+use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Serializer\Attribute\Groups;
+
+/**
+ * Reference technique d'un fichier televerse (infra generique Shared, ERP-154).
+ *
+ * Entite IMMUABLE : un document n'est jamais modifie apres creation (pas d'onglet
+ * edition cote front). Elle ne porte donc QUE `created_at` / `created_by` — pas
+ * la paire `updated_*` — et n'implemente volontairement pas Timestampable /
+ * Blamable (qui imposeraient les 4 colonnes). `created_at` est rempli par le
+ * FileUploader via l'horloge injectee ; `created_by` est positionne par le
+ * processor depuis l'utilisateur authentifie (null hors HTTP).
+ *
+ * Pas de `#[Auditable]` : c'est un enregistrement d'infrastructure (et non un
+ * agregat metier edite), sa tracabilite est portee par created_at / created_by.
+ *
+ * Operations API :
+ *  - Post (/uploaded_documents, multipart) : `deserialize: false` — le binaire
+ *    n'est pas deserialise dans l'entite, le UploadedDocumentProcessor lit le
+ *    fichier de la requete, delegue au FileUploader (validation MIME server-side,
+ *    bornage taille, checksum, ecriture disque) puis persiste. MIME hors
+ *    whitelist -> 422.
+ *  - Get (/uploaded_documents/{id}) : necessaire pour qu'API Platform genere
+ *    l'IRI renvoyee par le Post. Protege par IS_AUTHENTICATED_FULLY uniquement
+ *    (pas de RBAC ni de cloisonnement tenant ici) : cette ressource est une
+ *    infra GENERIQUE qui ne porte aucune notion de proprietaire metier. Le
+ *    cloisonnement d'acces (qui peut voir quel document) est volontairement
+ *    delegue au module CONSOMMATEUR (ex: la Decharge M4), qui exposera le
+ *    document via sa propre ressource cloisonnee plutot que via cet endpoint
+ *    technique. Ne renvoie que des metadonnees (jamais le binaire).
+ *
+ * Pas de GetCollection exposee (non requise) — la regle de pagination ne
+ * s'applique donc pas ici.
+ */
+#[ORM\Entity]
+#[ORM\Table(name: 'uploaded_document')]
+#[ApiResource(
+    operations: [
+        new Get(
+            security: "is_granted('IS_AUTHENTICATED_FULLY')",
+        ),
+        new Post(
+            // Entree multipart : le binaire arrive en multipart/form-data sous
+            // le champ « file ». Sans cet inputFormats, API Platform rejette la
+            // requete en 415.
+            inputFormats: ['multipart' => ['multipart/form-data']],
+            // Le fichier n'est pas deserialisable dans l'entite : le processor
+            // lit le binaire de la requete. La validation est portee par le
+            // FileUploader (MIME server-side, taille), pas par les contraintes.
+            deserialize: false,
+            validate: false,
+            security: "is_granted('IS_AUTHENTICATED_FULLY')",
+            processor: UploadedDocumentProcessor::class,
+        ),
+    ],
+    normalizationContext: ['groups' => ['uploaded_document:read']],
+)]
+class UploadedDocument
+{
+    #[ORM\Id]
+    #[ORM\GeneratedValue]
+    #[ORM\Column(type: 'integer')]
+    #[Groups(['uploaded_document:read'])]
+    private ?int $id = null;
+
+    #[ORM\Column(name: 'original_filename', length: 255)]
+    #[Groups(['uploaded_document:read'])]
+    private string $originalFilename;
+
+    #[ORM\Column(name: 'stored_path', length: 512)]
+    #[Groups(['uploaded_document:read'])]
+    private string $storedPath;
+
+    #[ORM\Column(name: 'mime_type', length: 100)]
+    #[Groups(['uploaded_document:read'])]
+    private string $mimeType;
+
+    #[ORM\Column(name: 'size_bytes', type: 'integer')]
+    #[Groups(['uploaded_document:read'])]
+    private int $sizeBytes;
+
+    #[ORM\Column(name: 'checksum', length: 64)]
+    #[Groups(['uploaded_document:read'])]
+    private string $checksum;
+
+    #[ORM\Column(name: 'created_at', type: 'datetime_immutable')]
+    #[Groups(['uploaded_document:read'])]
+    private DateTimeImmutable $createdAt;
+
+    #[ORM\ManyToOne(targetEntity: UserInterface::class)]
+    #[ORM\JoinColumn(name: 'created_by', referencedColumnName: 'id', nullable: true, onDelete: 'SET NULL')]
+    private ?UserInterface $createdBy = null;
+
+    public function __construct(
+        string $originalFilename,
+        string $storedPath,
+        string $mimeType,
+        int $sizeBytes,
+        string $checksum,
+        DateTimeImmutable $createdAt,
+    ) {
+        $this->originalFilename = $originalFilename;
+        $this->storedPath       = $storedPath;
+        $this->mimeType         = $mimeType;
+        $this->sizeBytes        = $sizeBytes;
+        $this->checksum         = $checksum;
+        $this->createdAt        = $createdAt;
+    }
+
+    public function getId(): ?int
+    {
+        return $this->id;
+    }
+
+    public function getOriginalFilename(): string
+    {
+        return $this->originalFilename;
+    }
+
+    public function getStoredPath(): string
+    {
+        return $this->storedPath;
+    }
+
+    public function getMimeType(): string
+    {
+        return $this->mimeType;
+    }
+
+    public function getSizeBytes(): int
+    {
+        return $this->sizeBytes;
+    }
+
+    public function getChecksum(): string
+    {
+        return $this->checksum;
+    }
+
+    public function getCreatedAt(): DateTimeImmutable
+    {
+        return $this->createdAt;
+    }
+
+    public function getCreatedBy(): ?UserInterface
+    {
+        return $this->createdBy;
+    }
+
+    public function setCreatedBy(?UserInterface $user): void
+    {
+        $this->createdBy = $user;
+    }
+}

src/Shared/Domain/Exception/FileTooLargeException.php

@@ -0,0 +1,21 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Shared\Domain\Exception;
+
+/**
+ * Levee quand le fichier televerse depasse la taille maximale autorisee
+ * (FileUploader::MAX_SIZE_BYTES). Traduite en HTTP 422 par le processor.
+ */
+final class FileTooLargeException extends FileUploadException
+{
+    public function __construct(int $size, int $maxSize)
+    {
+        parent::__construct(sprintf(
+            'Le fichier (%d octets) dépasse la taille maximale autorisée (%d octets).',
+            $size,
+            $maxSize,
+        ));
+    }
+}

src/Shared/Domain/Exception/FileUploadException.php

@@ -0,0 +1,16 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Shared\Domain\Exception;
+
+use RuntimeException;
+
+/**
+ * Exception de base des erreurs de televersement (FileUploader).
+ *
+ * Decouplee de HTTP : le service Shared\Infrastructure\Upload\FileUploader leve
+ * une de ces exceptions metier, et c'est la couche API (UploadedDocumentProcessor)
+ * qui la traduit en reponse HTTP 422.
+ */
+class FileUploadException extends RuntimeException {}

src/Shared/Domain/Exception/UnsupportedMimeTypeException.php

@@ -0,0 +1,24 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Shared\Domain\Exception;
+
+/**
+ * Levee quand le type MIME detecte server-side n'appartient pas a la whitelist
+ * du FileUploader (PDF + images). Traduite en HTTP 422 par le processor.
+ */
+final class UnsupportedMimeTypeException extends FileUploadException
+{
+    /**
+     * @param list<string> $allowed Types MIME autorises
+     */
+    public function __construct(string $mimeType, array $allowed)
+    {
+        parent::__construct(sprintf(
+            'Le type de fichier « %s » n\'est pas autorisé. Types acceptés : %s.',
+            $mimeType,
+            implode(', ', $allowed),
+        ));
+    }
+}

src/Shared/Infrastructure/ApiPlatform/State/UploadedDocumentProcessor.php

@@ -0,0 +1,81 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Shared\Infrastructure\ApiPlatform\State;
+
+use ApiPlatform\Metadata\Operation;
+use ApiPlatform\State\ProcessorInterface;
+use App\Shared\Domain\Exception\FileUploadException;
+use App\Shared\Infrastructure\Upload\FileUploader;
+use Symfony\Bundle\SecurityBundle\Security;
+use Symfony\Component\DependencyInjection\Attribute\Autowire;
+use Symfony\Component\HttpFoundation\File\UploadedFile;
+use Symfony\Component\HttpFoundation\RequestStack;
+use Symfony\Component\HttpKernel\Exception\UnprocessableEntityHttpException;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Throwable;
+
+/**
+ * Processor d'ecriture de l'upload generique (POST /api/uploaded_documents).
+ *
+ * L'operation Post est en `deserialize: false` : le binaire n'est pas mappe sur
+ * l'entite. Ce processor lit le fichier multipart de la requete (champ « file »),
+ * delegue au FileUploader (validation MIME server-side, bornage taille, checksum,
+ * ecriture disque), positionne l'auteur (created_by) puis persiste via le
+ * processor Doctrine standard. Le retour est l'entite, qu'API Platform serialise
+ * en JSON-LD (avec son @id / IRI).
+ *
+ * Mapping des erreurs :
+ *  - fichier absent -> 422 ;
+ *  - MIME hors whitelist / fichier trop volumineux (FileUploadException) -> 422.
+ *
+ * Si la persistance Doctrine echoue APRES l'ecriture disque, le fichier physique
+ * deja deplace est supprime (compensation) pour ne pas laisser de binaire orphelin.
+ *
+ * @implements ProcessorInterface<mixed, mixed>
+ */
+final class UploadedDocumentProcessor implements ProcessorInterface
+{
+    public function __construct(
+        #[Autowire(service: 'api_platform.doctrine.orm.state.persist_processor')]
+        private readonly ProcessorInterface $persistProcessor,
+        private readonly FileUploader $fileUploader,
+        private readonly RequestStack $requestStack,
+        private readonly Security $security,
+    ) {}
+
+    public function process(mixed $data, Operation $operation, array $uriVariables = [], array $context = []): mixed
+    {
+        $request = $this->requestStack->getCurrentRequest();
+        $file    = $request?->files->get('file');
+
+        if (!$file instanceof UploadedFile) {
+            throw new UnprocessableEntityHttpException('Aucun fichier fourni (champ « file » attendu).');
+        }
+
+        try {
+            $document = $this->fileUploader->upload($file);
+        } catch (FileUploadException $e) {
+            // MIME hors whitelist ou fichier trop volumineux -> 422 avec le
+            // message metier explicite porte par l'exception.
+            throw new UnprocessableEntityHttpException($e->getMessage(), $e);
+        }
+
+        $user = $this->security->getUser();
+        if ($user instanceof UserInterface) {
+            $document->setCreatedBy($user);
+        }
+
+        try {
+            return $this->persistProcessor->process($document, $operation, $uriVariables, $context);
+        } catch (Throwable $e) {
+            // La persistance a echoue APRES l'ecriture disque (erreur DB, FK...) :
+            // on supprime le fichier orphelin pour ne pas le laisser sans ligne
+            // uploaded_document correspondante, puis on relaie l'erreur.
+            $this->fileUploader->remove($document);
+
+            throw $e;
+        }
+    }
+}

src/Shared/Infrastructure/Database/ColumnCommentsCatalog.php

@@ -36,6 +36,18 @@ final class ColumnCommentsCatalog
     public static function comments(): array
     {
         return [
+            'uploaded_document' => [
+                '_table'            => 'Fichiers televerses (infra generique Shared, ERP-154) — documents immuables (PDF / images), 1er consommateur la Decharge M4.',
+                'id'                => 'Identifiant interne auto-incremente.',
+                'original_filename' => 'Nom de fichier d origine fourni par le client (≤ 255) — metadonnee d affichage uniquement, jamais utilise pour le stockage disque.',
+                'stored_path'       => 'Chemin relatif du fichier sous var/uploads (ex: 2026/06/<hash>.pdf) — nom genere aleatoirement, jamais le nom client.',
+                'mime_type'         => 'Type MIME detecte SERVER-SIDE via getMimeType (jamais getClientMimeType, spoofable) — borne a la whitelist FileUploader (PDF + images).',
+                'size_bytes'        => 'Taille du fichier en octets — bornee par FileUploader::MAX_SIZE_BYTES.',
+                'checksum'          => 'Empreinte SHA-256 du contenu (64 caracteres hex) — controle d integrite + deduplication eventuelle (hors scope).',
+                'created_at'        => 'Horodatage UTC du televersement — rempli par FileUploader via l horloge injectee (pas via TimestampableBlamableSubscriber).',
+                'created_by'        => 'ID de l utilisateur ayant televerse le fichier — null hors HTTP (CLI, fixture). FK -> "user".id, ON DELETE SET NULL.',
+            ],
+
             'audit_log' => [
                 '_table'       => "Journal d'audit append-only — trace toutes les modifications BDD sur entites annotees #[Auditable]. Lecture seule via API.",
                 'id'           => "UUID v7 — identifiant de la ligne d'audit (genere en PHP, ordre temporel garanti).",

src/Shared/Infrastructure/Upload/FileUploader.php

@@ -0,0 +1,128 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Shared\Infrastructure\Upload;
+
+use App\Shared\Domain\Entity\UploadedDocument;
+use App\Shared\Domain\Exception\FileTooLargeException;
+use App\Shared\Domain\Exception\FileUploadException;
+use App\Shared\Domain\Exception\UnsupportedMimeTypeException;
+use Symfony\Component\Clock\ClockInterface;
+use Symfony\Component\DependencyInjection\Attribute\Autowire;
+use Symfony\Component\HttpFoundation\File\UploadedFile;
+
+/**
+ * Service generique de televersement de fichiers (infra Shared, ERP-154).
+ *
+ * Responsabilites :
+ *  - Validation du type MIME SERVER-SIDE via `getMimeType()` (detection finfo
+ *    sur le contenu reel) — JAMAIS `getClientMimeType()`, spoofable par le
+ *    client (regle backend.md « Upload de fichiers »).
+ *  - Whitelist MIME explicite (PDF + images courantes).
+ *  - Bornage de la taille (MAX_SIZE_BYTES).
+ *  - Calcul du checksum sha256 (controle d integrite) AVANT le deplacement.
+ *  - Ecriture disque sous `var/uploads/{yyyy}/{mm}/` avec un nom genere
+ *    aleatoirement (jamais le nom client, qui reste une simple metadonnee).
+ *
+ * Le service est volontairement decouple de HTTP au-dela du type UploadedFile :
+ * il leve des exceptions metier (FileUploadException), traduites en 422 par le
+ * UploadedDocumentProcessor.
+ */
+final class FileUploader
+{
+    /**
+     * Types MIME autorises (detectes server-side) : PDF + images courantes.
+     *
+     * @var list<string>
+     */
+    public const ALLOWED_MIME_TYPES = [
+        'application/pdf',
+        'image/jpeg',
+        'image/png',
+        'image/webp',
+        'image/gif',
+    ];
+
+    /**
+     * Taille maximale autorisee : 10 Mo.
+     */
+    public const MAX_SIZE_BYTES = 10 * 1024 * 1024;
+
+    public function __construct(
+        // Racine de stockage des fichiers televerses (hors web root, sous var/).
+        #[Autowire('%kernel.project_dir%/var/uploads')]
+        private readonly string $uploadBaseDir,
+        private readonly ClockInterface $clock,
+    ) {}
+
+    /**
+     * Valide, calcule l empreinte, deplace le fichier sur disque et retourne
+     * un UploadedDocument NON persiste (le caller le persiste).
+     *
+     * @throws UnsupportedMimeTypeException si le MIME server-side est hors whitelist
+     * @throws FileTooLargeException        si le fichier depasse MAX_SIZE_BYTES
+     */
+    public function upload(UploadedFile $file): UploadedDocument
+    {
+        // Detection MIME server-side (finfo sur le contenu) — jamais le MIME
+        // declare par le client.
+        $mimeType = $file->getMimeType() ?? 'application/octet-stream';
+        if (!in_array($mimeType, self::ALLOWED_MIME_TYPES, true)) {
+            throw new UnsupportedMimeTypeException($mimeType, self::ALLOWED_MIME_TYPES);
+        }
+
+        // getSize() peut renvoyer false si le fichier est illisible.
+        $size = $file->getSize();
+        if (false === $size || $size > self::MAX_SIZE_BYTES) {
+            throw new FileTooLargeException(false === $size ? 0 : $size, self::MAX_SIZE_BYTES);
+        }
+
+        // Checksum AVANT le move : le chemin du fichier change apres deplacement.
+        // hash_file renvoie false si le fichier temporaire est illisible (I/O) :
+        // on echoue proprement plutot que de propager un TypeError opaque au
+        // constructeur (parametre $checksum type string).
+        $checksum = hash_file('sha256', $file->getPathname());
+        if (false === $checksum) {
+            throw new FileUploadException('Impossible de lire le fichier televerse pour en calculer l\'empreinte.');
+        }
+
+        $now         = $this->clock->now();
+        $relativeDir = $now->format('Y').'/'.$now->format('m');
+        $targetDir   = $this->uploadBaseDir.'/'.$relativeDir;
+
+        // Nom de stockage genere aleatoirement : evite les collisions et toute
+        // injection via le nom client. Extension deduite du MIME.
+        $extension  = $file->guessExtension() ?: 'bin';
+        $storedName = bin2hex(random_bytes(16)).'.'.$extension;
+
+        // Le nom d origine est conserve uniquement comme metadonnee d affichage,
+        // borne a la longueur de colonne (255).
+        $originalFilename = mb_substr($file->getClientOriginalName(), 0, 255);
+
+        $file->move($targetDir, $storedName);
+
+        return new UploadedDocument(
+            originalFilename: $originalFilename,
+            storedPath: $relativeDir.'/'.$storedName,
+            mimeType: $mimeType,
+            sizeBytes: $size,
+            checksum: $checksum,
+            createdAt: $now,
+        );
+    }
+
+    /**
+     * Supprime le fichier physique d'un document (compensation lorsque la
+     * persistance echoue APRES l'ecriture disque). Best-effort : silencieux si
+     * le fichier a deja disparu. Evite d'accumuler des binaires orphelins non
+     * references en base.
+     */
+    public function remove(UploadedDocument $document): void
+    {
+        $path = $this->uploadBaseDir.'/'.$document->getStoredPath();
+        if (is_file($path)) {
+            @unlink($path);
+        }
+    }
+}

tests/Module/Transport/Application/Idtf/IdtfSheetParserTest.php

@@ -0,0 +1,110 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Module\Transport\Application\Idtf;
+
+use App\Module\Transport\Application\Idtf\IdtfSheetParser;
+use PHPUnit\Framework\TestCase;
+use RuntimeException;
+
+/**
+ * @internal
+ */
+final class IdtfSheetParserTest extends TestCase
+{
+    public function testExtractsExportDate(): void
+    {
+        $parsed = IdtfSheetParser::parse($this->sampleMatrix());
+        self::assertSame('2026-06-12', $parsed['exportDate']);
+    }
+
+    public function testParsesAndNormalizesFirstRow(): void
+    {
+        $parsed = IdtfSheetParser::parse($this->sampleMatrix());
+        $row    = $parsed['rows'][0];
+
+        self::assertSame(30748, $row['idtf_number']);
+        self::assertSame('Argiles avec régime de nettoyage C', $row['name']);
+        self::assertSame('C', $row['cleaning_regime']);
+        self::assertSame('2026-04-02', $row['mandatory_date']);
+        self::assertSame('Al2O3', $row['formula']);
+        self::assertSame('01 01 01', $row['eural_code']);
+        self::assertSame(['7631-86-9', '1344-28-1'], $row['cas_numbers']);
+        self::assertSame('Note 1', $row['footnotes']);
+    }
+
+    public function testSkipsEmptyAndNonNumericRows(): void
+    {
+        $parsed = IdtfSheetParser::parse($this->sampleMatrix());
+
+        // 2 lignes exploitables (30748 et 30744) ; vide + "abc" ignorees.
+        self::assertCount(2, $parsed['rows']);
+        self::assertSame(30744, $parsed['rows'][1]['idtf_number']);
+    }
+
+    public function testEmptyOptionalCellsBecomeNullAndCasEmpty(): void
+    {
+        $parsed = IdtfSheetParser::parse($this->sampleMatrix());
+        $row    = $parsed['rows'][1]; // 30744
+
+        self::assertNull($row['mandatory_date']);
+        self::assertNull($row['formula']);
+        self::assertNull($row['product_group']);
+        self::assertSame([], $row['cas_numbers']);
+    }
+
+    public function testColumnOrderIsResolvedByLabel(): void
+    {
+        // En-tete dans un ordre different : le mapping doit suivre les libelles.
+        $matrix = [
+            ['Export date: 1-1-2026'],
+            ['Numéro CAS', 'Numéro IDTF', 'Nom de la marchandise', 'Régime de nettoyage'],
+            ['7440-44-0', '99', 'Carbone', 'B'],
+        ];
+
+        $parsed = IdtfSheetParser::parse($matrix);
+        $row    = $parsed['rows'][0];
+
+        self::assertSame(99, $row['idtf_number']);
+        self::assertSame('Carbone', $row['name']);
+        self::assertSame('B', $row['cleaning_regime']);
+        self::assertSame(['7440-44-0'], $row['cas_numbers']);
+    }
+
+    public function testThrowsWhenHeaderMissing(): void
+    {
+        $this->expectException(RuntimeException::class);
+        IdtfSheetParser::parse([['foo', 'bar'], ['1', '2']]);
+    }
+
+    public function testExportDateNullWhenAbsent(): void
+    {
+        $matrix = [
+            ['Numéro IDTF', 'Nom de la marchandise', 'Régime de nettoyage'],
+            ['1', 'X', 'A'],
+        ];
+
+        self::assertNull(IdtfSheetParser::parse($matrix)['exportDate']);
+    }
+
+    /**
+     * Matrice representative de l'export reel : preambule (lignes 0-1), ligne
+     * vide (2), en-tete (3) puis donnees.
+     *
+     * @return array<int, array<int, mixed>>
+     */
+    private function sampleMatrix(): array
+    {
+        return [
+            ['Export date: 12-6-2026'],
+            ['Changes in the database after this date...'],
+            [],
+            ['Numéro IDTF', 'Product Group', 'Nom de la marchandise', 'Régime de nettoyage', 'Exigences importantes', 'Date d’application obligatoire', 'Produits apparentés', 'Formule', 'Code EURAL', 'Numéro CAS', 'Annotations'],
+            ['30748', 'Substances inorganiques', 'Argiles avec régime de nettoyage C', 'C', 'Exigence X', '02-04-2026', 'Poudre argile', 'Al2O3', '01 01 01', '7631-86-9 ; 1344-28-1', 'Note 1'],
+            ['', '', '', '', '', '', '', '', '', '', ''],
+            ['abc', 'ligne non numerique a ignorer', '', '', '', '', '', '', '', '', ''],
+            ['30744', '', 'Additifs alimentaires', 'A', '', '', '', '', '', '', ''],
+        ];
+    }
+}

tests/Module/Transport/Application/Qualimat/QualimatRowMapperTest.php

@@ -0,0 +1,105 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Module\Transport\Application\Qualimat;
+
+use App\Module\Transport\Application\Qualimat\QualimatRowMapper;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * @internal
+ */
+final class QualimatRowMapperTest extends TestCase
+{
+    public function testNormalizeSiretStripsNonDigits(): void
+    {
+        self::assertSame('44415628500025', QualimatRowMapper::normalizeSiret('444 156 285 000 25'));
+        self::assertNull(QualimatRowMapper::normalizeSiret(null));
+        self::assertNull(QualimatRowMapper::normalizeSiret('   '));
+        self::assertNull(QualimatRowMapper::normalizeSiret(''));
+    }
+
+    public function testParseDate(): void
+    {
+        self::assertSame('2027-05-14', QualimatRowMapper::parseDate('14/05/2027'));
+        self::assertNull(QualimatRowMapper::parseDate(null));
+        self::assertNull(QualimatRowMapper::parseDate('2027-05-14'));
+        self::assertNull(QualimatRowMapper::parseDate('14-05-2027'));
+        // Date calendaire impossible : evite un INSERT en erreur.
+        self::assertNull(QualimatRowMapper::parseDate('31/02/2027'));
+    }
+
+    public function testMapOneNormalizesAndTrims(): void
+    {
+        $row = QualimatRowMapper::mapOne([
+            'Nom'         => '  2C TRANS ',
+            'Societe'     => '2C TRANS',
+            'Adresse'     => '66 Impasse Mendi',
+            'CodePostal'  => '65500',
+            'Ville'       => 'VIC EN BIGORRE',
+            'Telephone_1' => '+33|0608890316',
+            'Siret'       => '444 156 285 000 25',
+            'Validite'    => '14/05/2027',
+            'Statut'      => 'Audité',
+            'Departement' => '65 - Hautes-Pyrénées',
+        ]);
+
+        self::assertNotNull($row);
+        self::assertSame('44415628500025', $row['siret']);
+        self::assertSame('2C TRANS', $row['name']);
+        self::assertSame('2027-05-14', $row['validity_date']);
+        self::assertSame('+33|0608890316', $row['phone']);
+        self::assertSame('Audité', $row['status']);
+        self::assertSame('65 - Hautes-Pyrénées', $row['department']);
+    }
+
+    public function testMapOneReturnsNullWithoutSiret(): void
+    {
+        self::assertNull(QualimatRowMapper::mapOne(['Nom' => 'X', 'Siret' => null]));
+        self::assertNull(QualimatRowMapper::mapOne(['Nom' => 'X']));
+        self::assertNull(QualimatRowMapper::mapOne(['Nom' => 'X', 'Siret' => '   ']));
+    }
+
+    public function testMapManyCountsSkipped(): void
+    {
+        $result = QualimatRowMapper::mapMany([
+            ['Nom' => 'A', 'Siret' => '111 111 111 00011', 'Statut' => 'Audité', 'Validite' => '01/01/2030'],
+            ['Nom' => 'B', 'Siret' => null],
+            ['Nom' => 'C', 'Siret' => '   '],
+        ]);
+
+        self::assertCount(1, $result['rows']);
+        self::assertSame(2, $result['skipped']);
+    }
+
+    public function testMapManyDeduplicatesBySiretLastWins(): void
+    {
+        // Memes chiffres a separateurs pres : un seul transporteur, derniere
+        // occurrence gagnante (le compte ne doit pas surcompter les doublons).
+        $result = QualimatRowMapper::mapMany([
+            ['Nom' => 'PREMIER', 'Siret' => '111 111 111 00011', 'Statut' => 'Audité'],
+            ['Nom' => 'DERNIER', 'Siret' => '11111111100011', 'Statut' => 'Valide'],
+        ]);
+
+        self::assertCount(1, $result['rows']);
+        self::assertSame(0, $result['skipped']);
+        self::assertSame('DERNIER', $result['rows'][0]['name']);
+        self::assertSame('Valide', $result['rows'][0]['status']);
+    }
+
+    public function testEmptyOptionalFieldsBecomeNull(): void
+    {
+        $row = QualimatRowMapper::mapOne([
+            'Siret'   => '111 111 111 00011',
+            'Nom'     => 'A',
+            'Adresse' => '',
+            'Ville'   => '  ',
+        ]);
+
+        self::assertNotNull($row);
+        self::assertNull($row['address']);
+        self::assertNull($row['city']);
+        self::assertNull($row['validity_date']);
+    }
+}

tests/Module/Transport/Infrastructure/Console/SyncIdtfCommandTest.php

@@ -0,0 +1,163 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Module\Transport\Infrastructure\Console;
+
+use Doctrine\DBAL\Connection;
+use PhpOffice\PhpSpreadsheet\Spreadsheet;
+use PhpOffice\PhpSpreadsheet\Writer\Xlsx;
+use Symfony\Bundle\FrameworkBundle\Console\Application;
+use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
+use Symfony\Component\Console\Tester\CommandTester;
+
+/**
+ * Test fonctionnel de `app:idtf:sync` via --file : genere un vrai .xlsx, le
+ * passe a la commande et verifie le parsing, l'upsert, le journal et le
+ * soft-delete (chemin complet IOFactory -> parser -> DBAL).
+ *
+ * @internal
+ */
+final class SyncIdtfCommandTest extends KernelTestCase
+{
+    private Connection $connection;
+
+    protected function setUp(): void
+    {
+        self::bootKernel();
+
+        /** @var Connection $connection */
+        $connection       = self::getContainer()->get('doctrine.dbal.default_connection');
+        $this->connection = $connection;
+        $this->purge();
+    }
+
+    protected function tearDown(): void
+    {
+        $this->purge();
+        parent::tearDown();
+    }
+
+    public function testSyncParsesXlsxUpsertsAndLogs(): void
+    {
+        $path = $this->makeXlsx([
+            ['Export date: 12-6-2026'],
+            ['Avertissement preambule'],
+            [],
+            ['Numéro IDTF', 'Product Group', 'Nom de la marchandise', 'Régime de nettoyage', 'Exigences importantes', 'Date d’application obligatoire', 'Produits apparentés', 'Formule', 'Code EURAL', 'Numéro CAS', 'Annotations'],
+            ['30748', 'Inorganiques', 'Argiles régime C', 'C', 'Exig X', '02-04-2026', 'Poudre', 'Al2O3', '01 01 01', '7631-86-9 ; 1344-28-1', 'Note'],
+            ['', '', '', '', '', '', '', '', '', '', ''],
+            ['30744', '', 'Additifs', 'A', '', '', '', '', '', '', ''],
+        ]);
+
+        $tester = $this->runSync($path);
+        $tester->assertCommandIsSuccessful();
+
+        self::assertSame(2, $this->countRows('SELECT COUNT(*) FROM idtf_product'));
+
+        $row = $this->connection->fetchAssociative("SELECT * FROM idtf_product WHERE idtf_number = 30748 AND schema = 'road'");
+        self::assertNotFalse($row);
+        self::assertSame('Argiles régime C', $row['name']);
+        self::assertSame('C', $row['cleaning_regime']);
+        self::assertSame('2026-04-02', $row['mandatory_date']);
+        self::assertSame('2026-06-12', $row['source_export_date']);
+        self::assertSame(['7631-86-9', '1344-28-1'], json_decode((string) $row['cas_numbers'], true));
+
+        $log = $this->connection->fetchAssociative('SELECT * FROM idtf_sync_log ORDER BY id DESC LIMIT 1');
+        self::assertNotFalse($log);
+        self::assertSame('road', $log['schema']);
+        self::assertSame('2026-06-12', $log['export_date']);
+        self::assertSame(2, (int) $log['rows_total']);
+        self::assertSame(2, (int) $log['rows_upserted']);
+        self::assertSame(0, (int) $log['rows_deactivated']);
+    }
+
+    public function testSecondSyncSoftDeletesMissing(): void
+    {
+        $header = ['Numéro IDTF', 'Nom de la marchandise', 'Régime de nettoyage'];
+
+        $this->runSync($this->makeXlsx([
+            ['Export date: 1-6-2026'],
+            $header,
+            ['100', 'Produit 100', 'A'],
+            ['200', 'Produit 200', 'B'],
+        ]))->assertCommandIsSuccessful();
+        self::assertSame(2, $this->countRows('SELECT COUNT(*) FROM idtf_product WHERE is_active = TRUE'));
+
+        // 2e export sans 200 -> soft-delete de 200, mise a jour de 100.
+        $tester = $this->runSync($this->makeXlsx([
+            ['Export date: 2-6-2026'],
+            $header,
+            ['100', 'Produit 100 maj', 'C'],
+        ]));
+        $tester->assertCommandIsSuccessful();
+
+        self::assertSame(2, $this->countRows('SELECT COUNT(*) FROM idtf_product'));
+        self::assertSame(1, $this->countRows('SELECT COUNT(*) FROM idtf_product WHERE is_active = TRUE'));
+        self::assertSame(1, $this->countRows('SELECT COUNT(*) FROM idtf_product WHERE idtf_number = 200 AND is_active = FALSE'));
+
+        $row100 = $this->connection->fetchAssociative('SELECT * FROM idtf_product WHERE idtf_number = 100');
+        self::assertNotFalse($row100);
+        self::assertSame('Produit 100 maj', $row100['name']);
+        self::assertSame('C', $row100['cleaning_regime']);
+
+        $log = $this->connection->fetchAssociative('SELECT * FROM idtf_sync_log ORDER BY id DESC LIMIT 1');
+        self::assertNotFalse($log);
+        self::assertSame(1, (int) $log['rows_upserted']);
+        self::assertSame(1, (int) $log['rows_deactivated']);
+    }
+
+    public function testInvalidSchemaIsRejected(): void
+    {
+        $path = $this->makeXlsx([
+            ['Numéro IDTF', 'Nom de la marchandise', 'Régime de nettoyage'],
+            ['1', 'X', 'A'],
+        ]);
+
+        $application = new Application(self::$kernel);
+        $tester      = new CommandTester($application->find('app:idtf:sync'));
+        $exitCode    = $tester->execute(['--file' => $path, '--schema' => 'air']);
+
+        @unlink($path);
+
+        self::assertSame(2, $exitCode); // Command::INVALID
+        self::assertSame(0, $this->countRows('SELECT COUNT(*) FROM idtf_product'));
+    }
+
+    /**
+     * @param array<int, array<int, mixed>> $matrix
+     */
+    private function makeXlsx(array $matrix): string
+    {
+        $spreadsheet = new Spreadsheet();
+        $spreadsheet->getActiveSheet()->fromArray($matrix, null, 'A1', true);
+
+        $path = tempnam(sys_get_temp_dir(), 'idtf_').'.xlsx';
+        new Xlsx($spreadsheet)->save($path);
+        $spreadsheet->disconnectWorksheets();
+
+        return $path;
+    }
+
+    private function runSync(string $path): CommandTester
+    {
+        $application = new Application(self::$kernel);
+        $tester      = new CommandTester($application->find('app:idtf:sync'));
+        $tester->execute(['--file' => $path, '--schema' => 'road']);
+
+        @unlink($path);
+
+        return $tester;
+    }
+
+    private function countRows(string $sql): int
+    {
+        return (int) $this->connection->fetchOne($sql);
+    }
+
+    private function purge(): void
+    {
+        $this->connection->executeStatement('DELETE FROM idtf_product');
+        $this->connection->executeStatement('DELETE FROM idtf_sync_log');
+    }
+}

tests/Module/Transport/Infrastructure/Console/SyncQualimatCommandTest.php

@@ -0,0 +1,163 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Module\Transport\Infrastructure\Console;
+
+use Doctrine\DBAL\Connection;
+use Symfony\Bundle\FrameworkBundle\Console\Application;
+use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Tester\CommandTester;
+
+use const JSON_THROW_ON_ERROR;
+
+/**
+ * Test fonctionnel de `app:qualimat:sync` via l'option --file (pas d'appel
+ * reseau) : verifie l'upsert normalise, le journal et le soft-delete.
+ *
+ * @internal
+ */
+final class SyncQualimatCommandTest extends KernelTestCase
+{
+    private Connection $connection;
+
+    protected function setUp(): void
+    {
+        self::bootKernel();
+
+        /** @var Connection $connection */
+        $connection       = self::getContainer()->get('doctrine.dbal.default_connection');
+        $this->connection = $connection;
+        $this->purge();
+    }
+
+    protected function tearDown(): void
+    {
+        $this->purge();
+        parent::tearDown();
+    }
+
+    public function testFirstSyncInsertsNormalizesAndLogs(): void
+    {
+        $tester = $this->runSync([
+            [
+                'Nom'         => '2C TRANS',
+                'Societe'     => '2C TRANS',
+                'Adresse'     => '66 Impasse Mendi',
+                'CodePostal'  => '65500',
+                'Ville'       => 'VIC EN BIGORRE',
+                'Telephone_1' => '+33|0608890316',
+                'Siret'       => '444 156 285 000 25',
+                'Validite'    => '14/05/2027',
+                'Statut'      => 'Audité',
+                'Departement' => '65 - Hautes-Pyrénées',
+            ],
+            // Item sans SIRET : doit etre ignore (compte dans rows_skipped).
+            ['Nom' => 'SANS SIRET', 'Siret' => null, 'Validite' => '01/01/2030', 'Statut' => 'Valide'],
+        ]);
+
+        $tester->assertCommandIsSuccessful();
+
+        self::assertSame(1, $this->countRows('SELECT COUNT(*) FROM qualimat_carrier'));
+
+        $row = $this->connection->fetchAssociative('SELECT * FROM qualimat_carrier');
+        self::assertNotFalse($row);
+        self::assertSame('44415628500025', $row['siret']);
+        self::assertSame('2C TRANS', $row['name']);
+        self::assertSame('2027-05-14', $row['validity_date']);
+        self::assertSame('+33|0608890316', $row['phone']);
+        self::assertSame(1, $this->countRows('SELECT COUNT(*) FROM qualimat_carrier WHERE is_active = TRUE'));
+
+        $log = $this->connection->fetchAssociative('SELECT * FROM qualimat_sync_log ORDER BY id DESC LIMIT 1');
+        self::assertNotFalse($log);
+        self::assertSame(2, (int) $log['rows_total']);
+        self::assertSame(1, (int) $log['rows_upserted']);
+        self::assertSame(1, (int) $log['rows_skipped']);
+        self::assertSame(0, (int) $log['rows_deactivated']);
+    }
+
+    public function testSecondSyncUpdatesAndSoftDeletesMissing(): void
+    {
+        $a = ['Nom' => 'A', 'Siret' => '111 111 111 00011', 'Validite' => '01/01/2030', 'Statut' => 'Audité'];
+        $b = ['Nom' => 'B', 'Siret' => '222 222 222 00022', 'Validite' => '01/01/2030', 'Statut' => 'Audité'];
+
+        $this->runSync([$a, $b])->assertCommandIsSuccessful();
+        self::assertSame(2, $this->countRows('SELECT COUNT(*) FROM qualimat_carrier WHERE is_active = TRUE'));
+
+        // 2e run sans B et avec A renomme : A est mis a jour, B est soft-delete.
+        $aRenamed = ['Nom' => 'A BIS', 'Siret' => '111 111 111 00011', 'Validite' => '02/02/2031', 'Statut' => 'Valide'];
+        $tester   = $this->runSync([$aRenamed]);
+        $tester->assertCommandIsSuccessful();
+
+        // Toujours 2 lignes en base, mais une seule active.
+        self::assertSame(2, $this->countRows('SELECT COUNT(*) FROM qualimat_carrier'));
+        self::assertSame(1, $this->countRows('SELECT COUNT(*) FROM qualimat_carrier WHERE is_active = TRUE'));
+        self::assertSame(1, $this->countRows("SELECT COUNT(*) FROM qualimat_carrier WHERE siret = '22222222200022' AND is_active = FALSE"));
+
+        // A a bien ete mis a jour (nom + statut + date).
+        $a = $this->connection->fetchAssociative("SELECT * FROM qualimat_carrier WHERE siret = '11111111100011'");
+        self::assertNotFalse($a);
+        self::assertSame('A BIS', $a['name']);
+        self::assertSame('Valide', $a['status']);
+        self::assertSame('2031-02-02', $a['validity_date']);
+
+        $log = $this->connection->fetchAssociative('SELECT * FROM qualimat_sync_log ORDER BY id DESC LIMIT 1');
+        self::assertNotFalse($log);
+        self::assertSame(1, (int) $log['rows_upserted']);
+        self::assertSame(1, (int) $log['rows_deactivated']);
+        self::assertSame(0, (int) $log['rows_skipped']);
+    }
+
+    public function testEmptySourceAbortsWithoutMassDeactivation(): void
+    {
+        // Premier run : 2 transporteurs actifs.
+        $a = ['Nom' => 'A', 'Siret' => '111 111 111 00011', 'Validite' => '01/01/2030', 'Statut' => 'Audité'];
+        $b = ['Nom' => 'B', 'Siret' => '222 222 222 00022', 'Validite' => '01/01/2030', 'Statut' => 'Audité'];
+        $this->runSync([$a, $b])->assertCommandIsSuccessful();
+        self::assertSame(2, $this->countRows('SELECT COUNT(*) FROM qualimat_carrier WHERE is_active = TRUE'));
+
+        // Source ne contenant que des items inexploitables (zero ligne mappee) :
+        // la commande doit ECHOUER sans toucher le referentiel (pas de soft-delete
+        // de masse) et sans journaliser de run.
+        $logsBefore = $this->countRows('SELECT COUNT(*) FROM qualimat_sync_log');
+        $tester     = $this->runSync([
+            ['Nom' => 'SANS SIRET 1', 'Siret' => null],
+            ['Nom' => 'SANS SIRET 2', 'Siret' => '   '],
+        ]);
+
+        self::assertSame(Command::FAILURE, $tester->getStatusCode());
+        // Les 2 transporteurs restent ACTIFS (aucune desactivation de masse).
+        self::assertSame(2, $this->countRows('SELECT COUNT(*) FROM qualimat_carrier WHERE is_active = TRUE'));
+        // Aucun journal supplementaire (abandon avant la transaction).
+        self::assertSame($logsBefore, $this->countRows('SELECT COUNT(*) FROM qualimat_sync_log'));
+    }
+
+    /**
+     * @param array<int, array<string, mixed>> $items
+     */
+    private function runSync(array $items): CommandTester
+    {
+        $path = tempnam(sys_get_temp_dir(), 'qualimat_').'.json';
+        file_put_contents($path, json_encode($items, JSON_THROW_ON_ERROR));
+
+        $application = new Application(self::$kernel);
+        $tester      = new CommandTester($application->find('app:qualimat:sync'));
+        $tester->execute(['--file' => $path]);
+
+        @unlink($path);
+
+        return $tester;
+    }
+
+    private function countRows(string $sql): int
+    {
+        return (int) $this->connection->fetchOne($sql);
+    }
+
+    private function purge(): void
+    {
+        $this->connection->executeStatement('DELETE FROM qualimat_carrier');
+        $this->connection->executeStatement('DELETE FROM qualimat_sync_log');
+    }
+}

tests/Module/Transport/TransportModuleTest.php

@@ -0,0 +1,57 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Module\Transport;
+
+use App\Module\Transport\TransportModule;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * Tests structurels du module Transport (M4) : identite et contrat
+ * `permissions()` (socle RBAC, ERP-153).
+ *
+ * @internal
+ */
+final class TransportModuleTest extends TestCase
+{
+    public function testModuleIdentity(): void
+    {
+        self::assertSame('transport', TransportModule::ID);
+        self::assertSame('Transport', TransportModule::LABEL);
+        self::assertFalse(TransportModule::REQUIRED);
+    }
+
+    public function testPermissionsSetContainsExactlyThreeCodes(): void
+    {
+        // Garde-fou : le jeu de permissions du module est fige par ce test. Si
+        // quelqu'un ajoute / retire une permission sans ajuster la spec (§ 5.1)
+        // ni la matrice RBAC (§ 5.2), le test casse explicitement.
+        $codes = array_column(TransportModule::permissions(), 'code');
+        sort($codes);
+
+        self::assertSame(
+            [
+                'transport.carriers.archive',
+                'transport.carriers.manage',
+                'transport.carriers.view',
+            ],
+            $codes,
+        );
+    }
+
+    public function testEveryPermissionCodeIsPrefixedByModuleId(): void
+    {
+        // Convention de nommage `module.resource[.sub].action` : le prefixe doit
+        // correspondre exactement a l'ID du module (verifie aussi par
+        // app:sync-permissions).
+        foreach (TransportModule::permissions() as $permission) {
+            self::assertStringStartsWith(
+                TransportModule::ID.'.',
+                $permission['code'],
+                'Chaque code de permission doit etre prefixe par l\'ID du module.',
+            );
+            self::assertNotSame('', $permission['label'], 'Chaque permission doit porter un label.');
+        }
+    }
+}

tests/Shared/Api/UploadedDocumentApiTest.php

@@ -0,0 +1,132 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Shared\Api;
+
+use App\Shared\Domain\Entity\UploadedDocument;
+use App\Tests\Module\Core\Api\AbstractApiTestCase;
+use Symfony\Component\HttpFoundation\File\UploadedFile;
+
+/**
+ * Tests fonctionnels de l'endpoint d'upload generique (ERP-154).
+ *
+ * Couvre :
+ *  - POST multipart d'un PDF valide -> 201, IRI renvoyee, ligne persistee,
+ *    checksum sha256 calcule cote serveur ;
+ *  - POST d'un MIME hors whitelist (text/plain) -> 422 ;
+ *  - POST sans fichier -> 422 ;
+ *  - POST anonyme -> 401 (acces /api protege globalement).
+ *
+ * @internal
+ */
+final class UploadedDocumentApiTest extends AbstractApiTestCase
+{
+    private const string ENDPOINT = '/api/uploaded_documents';
+
+    /** @var list<string> */
+    private array $tempFiles = [];
+
+    protected function tearDown(): void
+    {
+        foreach ($this->tempFiles as $path) {
+            if (is_file($path)) {
+                @unlink($path);
+            }
+        }
+        parent::tearDown();
+    }
+
+    public function testUploadValidPdfReturnsIriAndPersistsRowWithChecksum(): void
+    {
+        $client  = $this->authenticatedClient('admin', 'admin');
+        $content = $this->minimalPdf();
+        $file    = $this->makeUploadedFile($content, 'facture.pdf');
+
+        $response = $client->request('POST', self::ENDPOINT, [
+            'headers' => ['Accept' => 'application/ld+json'],
+            'extra'   => ['files' => ['file' => $file]],
+        ]);
+
+        self::assertResponseStatusCodeSame(201);
+
+        $data = $response->toArray();
+
+        self::assertArrayHasKey('@id', $data);
+        self::assertStringStartsWith(self::ENDPOINT.'/', $data['@id']);
+        self::assertSame('facture.pdf', $data['originalFilename']);
+        self::assertSame('application/pdf', $data['mimeType']);
+        self::assertSame(\strlen($content), $data['sizeBytes']);
+        self::assertSame(hash('sha256', $content), $data['checksum']);
+        self::assertSame(64, \strlen($data['checksum']));
+
+        // La ligne est bien persistee et relisible via le repository.
+        $id       = $data['id'];
+        $document = $this->getEm()->getRepository(UploadedDocument::class)->find($id);
+        self::assertInstanceOf(UploadedDocument::class, $document);
+        self::assertSame(hash('sha256', $content), $document->getChecksum());
+    }
+
+    public function testUploadDisallowedMimeTypeReturns422(): void
+    {
+        $client = $this->authenticatedClient('admin', 'admin');
+        $file   = $this->makeUploadedFile('just some plain text content', 'note.txt');
+
+        $client->request('POST', self::ENDPOINT, [
+            'headers' => ['Accept' => 'application/ld+json'],
+            'extra'   => ['files' => ['file' => $file]],
+        ]);
+
+        self::assertResponseStatusCodeSame(422);
+    }
+
+    public function testUploadWithoutFileReturns422(): void
+    {
+        $client = $this->authenticatedClient('admin', 'admin');
+
+        $client->request('POST', self::ENDPOINT, [
+            'headers' => ['Accept' => 'application/ld+json'],
+            'extra'   => ['files' => []],
+        ]);
+
+        self::assertResponseStatusCodeSame(422);
+    }
+
+    public function testUploadAnonymousIsRejected(): void
+    {
+        $client = self::createClient();
+        $file   = $this->makeUploadedFile($this->minimalPdf(), 'facture.pdf');
+
+        $client->request('POST', self::ENDPOINT, [
+            'headers' => ['Accept' => 'application/ld+json'],
+            'extra'   => ['files' => ['file' => $file]],
+        ]);
+
+        self::assertResponseStatusCodeSame(401);
+    }
+
+    /**
+     * Cree un UploadedFile en mode test (move() autorise hors contexte HTTP).
+     */
+    private function makeUploadedFile(string $content, string $clientName): UploadedFile
+    {
+        $path = sys_get_temp_dir().'/erp154-api-'.bin2hex(random_bytes(4));
+        file_put_contents($path, $content);
+        $this->tempFiles[] = $path;
+
+        return new UploadedFile($path, $clientName, null, null, true);
+    }
+
+    /**
+     * Contenu PDF minimal valide (entete `%PDF-1.4` -> finfo `application/pdf`).
+     */
+    private function minimalPdf(): string
+    {
+        return "%PDF-1.4\n"
+            ."1 0 obj<</Type/Catalog/Pages 2 0 R>>endobj\n"
+            ."2 0 obj<</Type/Pages/Kids[3 0 R]/Count 1>>endobj\n"
+            ."3 0 obj<</Type/Page/Parent 2 0 R/MediaBox[0 0 612 792]>>endobj\n"
+            ."trailer<</Root 1 0 R/Size 4>>\n"
+            ."%%EOF\n";
+    }
+}

tests/Shared/Infrastructure/Upload/FileUploaderTest.php

@@ -0,0 +1,161 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Shared\Infrastructure\Upload;
+
+use App\Shared\Domain\Exception\FileTooLargeException;
+use App\Shared\Domain\Exception\UnsupportedMimeTypeException;
+use App\Shared\Infrastructure\Upload\FileUploader;
+use DateTimeImmutable;
+use PHPUnit\Framework\TestCase;
+use Symfony\Component\Clock\MockClock;
+use Symfony\Component\HttpFoundation\File\UploadedFile;
+
+/**
+ * Tests unitaires du service generique de televersement (ERP-154).
+ *
+ * Couvre : rejet d'un MIME hors whitelist, rejet d'un fichier trop volumineux,
+ * et le chemin nominal (checksum sha256 calcule, taille/MIME captures, fichier
+ * ecrit sous var/uploads/{yyyy}/{mm}/ avec horodatage de l'horloge injectee).
+ *
+ * @internal
+ */
+final class FileUploaderTest extends TestCase
+{
+    private string $uploadBaseDir;
+
+    /** @var list<string> */
+    private array $tempFiles = [];
+
+    protected function setUp(): void
+    {
+        $this->uploadBaseDir = sys_get_temp_dir().'/erp154-uploads-'.bin2hex(random_bytes(4));
+    }
+
+    protected function tearDown(): void
+    {
+        // Nettoyage des fichiers sources et de l'arborescence de destination.
+        foreach ($this->tempFiles as $path) {
+            if (is_file($path)) {
+                @unlink($path);
+            }
+        }
+        $this->removeDirectory($this->uploadBaseDir);
+    }
+
+    public function testRejectsMimeTypeOutsideWhitelist(): void
+    {
+        $uploader = $this->createUploader();
+        $file     = $this->makeUploadedFile('hello world plain text', 'note.txt');
+
+        $this->expectException(UnsupportedMimeTypeException::class);
+
+        $uploader->upload($file);
+    }
+
+    public function testRejectsFileLargerThanMaxSize(): void
+    {
+        $uploader = $this->createUploader();
+
+        // Contenu PDF valide mais artificiellement gonfle au-dela de la borne.
+        $content = "%PDF-1.4\n".str_repeat('A', FileUploader::MAX_SIZE_BYTES + 1);
+        $file    = $this->makeUploadedFile($content, 'huge.pdf');
+
+        $this->expectException(FileTooLargeException::class);
+
+        $uploader->upload($file);
+    }
+
+    public function testStoresPdfAndComputesSha256Checksum(): void
+    {
+        $content  = $this->minimalPdf();
+        $clock    = new MockClock(new DateTimeImmutable('2026-06-15 10:00:00'));
+        $uploader = $this->createUploader($clock);
+        $file     = $this->makeUploadedFile($content, 'facture.pdf');
+
+        $document = $uploader->upload($file);
+
+        self::assertSame('facture.pdf', $document->getOriginalFilename());
+        self::assertSame('application/pdf', $document->getMimeType());
+        self::assertSame(\strlen($content), $document->getSizeBytes());
+        self::assertSame(hash('sha256', $content), $document->getChecksum());
+        self::assertSame(64, \strlen($document->getChecksum()));
+
+        // Chemin relatif date selon l'horloge injectee (2026/06).
+        self::assertStringStartsWith('2026/06/', $document->getStoredPath());
+        self::assertFileExists($this->uploadBaseDir.'/'.$document->getStoredPath());
+
+        // Le fichier ecrit a bien le contenu d'origine (checksum coherent).
+        self::assertSame(
+            $document->getChecksum(),
+            hash_file('sha256', $this->uploadBaseDir.'/'.$document->getStoredPath()),
+        );
+    }
+
+    public function testRemoveDeletesStoredFile(): void
+    {
+        $uploader   = $this->createUploader();
+        $file       = $this->makeUploadedFile($this->minimalPdf(), 'facture.pdf');
+        $document   = $uploader->upload($file);
+        $storedPath = $this->uploadBaseDir.'/'.$document->getStoredPath();
+        self::assertFileExists($storedPath);
+
+        // Compensation : remove() efface le fichier physique...
+        $uploader->remove($document);
+        self::assertFileDoesNotExist($storedPath);
+
+        // ...et reste silencieux si on le rappelle alors que le fichier a disparu.
+        $uploader->remove($document);
+        self::assertFileDoesNotExist($storedPath);
+    }
+
+    private function createUploader(?MockClock $clock = null): FileUploader
+    {
+        return new FileUploader($this->uploadBaseDir, $clock ?? new MockClock());
+    }
+
+    /**
+     * Cree un UploadedFile en mode test (move() autorise hors contexte HTTP).
+     */
+    private function makeUploadedFile(string $content, string $clientName): UploadedFile
+    {
+        $path = sys_get_temp_dir().'/erp154-src-'.bin2hex(random_bytes(4));
+        file_put_contents($path, $content);
+        $this->tempFiles[] = $path;
+
+        // Le 5e argument `test: true` court-circuite move_uploaded_file().
+        return new UploadedFile($path, $clientName, null, null, true);
+    }
+
+    /**
+     * Contenu PDF minimal valide — l'entete `%PDF-1.4` suffit a faire detecter
+     * `application/pdf` par finfo (getMimeType server-side).
+     */
+    private function minimalPdf(): string
+    {
+        return "%PDF-1.4\n"
+            ."1 0 obj<</Type/Catalog/Pages 2 0 R>>endobj\n"
+            ."2 0 obj<</Type/Pages/Kids[3 0 R]/Count 1>>endobj\n"
+            ."3 0 obj<</Type/Page/Parent 2 0 R/MediaBox[0 0 612 792]>>endobj\n"
+            ."trailer<</Root 1 0 R/Size 4>>\n"
+            ."%%EOF\n";
+    }
+
+    private function removeDirectory(string $dir): void
+    {
+        if (!is_dir($dir)) {
+            return;
+        }
+
+        $items = scandir($dir) ?: [];
+        foreach ($items as $item) {
+            if ('.' === $item || '..' === $item) {
+                continue;
+            }
+            $path = $dir.'/'.$item;
+            is_dir($path) ? $this->removeDirectory($path) : @unlink($path);
+        }
+        @rmdir($dir);
+    }
+}