Skip to content

Commit

Permalink
Roles : restreindre la suppression de poste type aux ADMIN (elefan-gr…
Browse files Browse the repository at this point in the history 
…enoble#766)

* Remove unused period/list.html template

* Rename & create forms in controller

* Cleanup route names

* Only ADMIN can delete periodposition
  • Loading branch information
@raphodn @quot17
raphodn authored and quot17 committed Mar 28, 2023
1 parent f9534cc commit 37e0941
Show file tree
Hide file tree
Showing 3 changed files with 84 additions and 158 deletions.
38 changes: 20 additions & 18 deletions app/Resources/views/admin/period/edit.html.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
<a href="#remove-period-confirmation-modal" class="modal-trigger btn waves-effect waves-light red" title="Supprimer le créneau type">
Supprimer
</a>
{{ form_start(delete_form) }}
{{ form_start(period_delete_form) }}
<div id="remove-period-confirmation-modal" class="modal">
<div class="modal-content">
<h5><i class="material-icons left small">remove_circle_outline</i>Supprimer le créneau type</h5>
Expand All @@ -38,7 +38,7 @@
</button>
</div>
</div>
{{ form_end(delete_form) }}
{{ form_end(period_delete_form) }}
{% endif %}

<h5>Postes disponibles</h5>
Expand All @@ -48,7 +48,7 @@
Aucun poste n'existe pour ce créneau
{% endif %}
{% for week, positions in period.positionsperweekcycle %}
<h6>Semaine {{week}}</h6>
<h6>Semaine {{ week }}</h6>
<ul class="collapsible">
{% for position in positions %}
{% if position.shifter %}
Expand All @@ -73,7 +73,7 @@
le <i>{{ position.bookedTime | date_fr_with_time }}</i>
par {% if position.booker and position.booker.beneficiary %}<a href="{{ path("member_show", { 'member_number': position.booker.beneficiary.membership.memberNumber }) }}" target="_blank">{{ position.booker.beneficiary }}</a>{% else %}{{ position.booker }}{% endif %}.
</p>
<form action="{{ path('free_position_from_period', {'id': period.id, 'position' : position.id }) }}" method="post" id="free_position_{{ position.id }}">
<form action="{{ path('period_position_free', {'id': period.id, 'position' : position.id }) }}" method="post" id="free_position_{{ position.id }}">
<button type="submit" class="btn orange">
<i class="material-icons left">lock_open</i>Libérer
</button>
Expand Down Expand Up @@ -109,12 +109,14 @@
</div>
</div>
{{ form_end(positions_book_forms[position.id]) }}
<div class="row">
{{ form_start(positions_delete_forms[position.id]) }}
{{ form_widget(positions_delete_forms[position.id]) }}
<a href="#" class="btn waves-effect waves-light red" onclick="var r = confirm('Supprimer ce poste ?!'); if (r == true) {$(this).closest('form').submit();}; event.stopPropagation();" title="Supprimer ce poste" class="red-text">Supprimer</a>
{{ form_end(positions_delete_forms[position.id]) }}
</div>
{% if is_granted("ROLE_ADMIN") %}
<div class="row">
{{ form_start(positions_delete_forms[position.id]) }}
{{ form_widget(positions_delete_forms[position.id]) }}
<a href="#" class="btn waves-effect waves-light red" onclick="var r = confirm('Supprimer ce poste ?!'); if (r == true) {$(this).closest('form').submit();}; event.stopPropagation();" title="Supprimer ce poste" class="red-text">Supprimer</a>
{{ form_end(positions_delete_forms[position.id]) }}
</div>
{% endif %}
</div>
</li>
{% endif %}
Expand All @@ -137,23 +139,23 @@
{% endfor %}
{% endif %}
<h5>Ajouter un poste</h5>
{{ form_start(position_form) }}
{{ form_start(position_add_form) }}
<div class="row">
<div class="col s3">
{{ form_label(position_form.nb_of_shifter) }}
{{ form_widget(position_form.nb_of_shifter) }}
{{ form_label(position_add_form.nb_of_shifter) }}
{{ form_widget(position_add_form.nb_of_shifter) }}
</div>
<div class="col s3">
{{ form_label(position_form.week_cycle) }}
{{ form_widget(position_form.week_cycle) }}
{{ form_label(position_add_form.week_cycle) }}
{{ form_widget(position_add_form.week_cycle) }}
</div>
<div class="col s6">
{{ form_label(position_form.formation) }}
{{ form_widget(position_form.formation) }}
{{ form_label(position_add_form.formation) }}
{{ form_widget(position_add_form.formation) }}
</div>
<div class="col s6">
<button type="submit" class="btn waves-effect waves-light teal"><i class="material-icons left">add</i>Ajouter</button>
</div>
</div>
{{ form_end(position_form) }}
{{ form_end(position_add_form) }}
{% endblock %}
103 changes: 0 additions & 103 deletions app/Resources/views/admin/period/list.html.twig
View file

This file was deleted.

101 changes: 64 additions & 37 deletions src/AppBundle/Controller/PeriodController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,7 +192,7 @@ public function newAction(Request $request)
* @Route("/{id}/edit", name="period_edit", methods={"GET","POST"})
* @Security("has_role('ROLE_SHIFT_MANAGER')")
*/
public function editAction(Request $request, Period $period)
public function editPeriodAction(Request $request, Period $period)
{
$session = new Session();

Expand All @@ -217,46 +217,38 @@ public function editAction(Request $request, Period $period)
$form->get('start')->setData($period->getStart()->format('H:i'));
$form->get('end')->setData($period->getEnd()->format('H:i'));

$deleteForm = $this->createFormBuilder()
->setAction($this->generateUrl('period_delete', array('id' => $period->getId())))
->setMethod('DELETE')
->getForm();
$periodDeleteForm = $this->createPeriodDeleteForm($period);

$positionsDeleteForms = array();
foreach($period->getPositions() as $position) {
$positionsDeleteForms[$position->getId()] = $this->createDeletePeriodPositionForm($period, $position)->createView();
}

$positionForm = $this->createForm(
PeriodPositionType::class,
new PeriodPosition(),
array('action' => $this->generateUrl(
'add_position_to_period',
array('id' => $period->getId())))) ;
$positionAddForm = $this->createPeriodPositionAddForm($period);

$positionsBookForms = [];
foreach ($period->getPositions() as $position) {
if (!$position->getShifter()) {
$positionsBookForms[$position->getId()] = $this->createBookPeriodPositionForm($period, $position)->createView();
$positionsBookForms[$position->getId()] = $this->createPeriodPositionBookForm($period, $position)->createView();
}
}

$positionsDeleteForms = array();
foreach($period->getPositions() as $position) {
$positionsDeleteForms[$position->getId()] = $this->createPeriodPositionDeleteForm($period, $position)->createView();
}

return $this->render('admin/period/edit.html.twig', array(
"form" => $form->createView(),
"period" => $period,
"beneficiaries" => $beneficiaries,
"position_form" => $positionForm->createView(),
"delete_form" => $deleteForm->createView(),
"period" => $period,
"period_delete_form" => $periodDeleteForm->createView(),
"position_add_form" => $positionAddForm->createView(),
"positions_book_forms" => $positionsBookForms,
"positions_delete_forms" => $positionsDeleteForms,
));
}

/**
* @Route("/{id}/position/add", name="add_position_to_period", methods={"POST"})
* @Route("/{id}/position/add", name="period_position_new", methods={"POST"})
* @Security("has_role('ROLE_SHIFT_MANAGER')")
*/
public function addPositionToPeriodAction(Request $request, Period $period)
public function newPeriodPositionAction(Request $request, Period $period)
{
$session = new Session();

Expand Down Expand Up @@ -286,14 +278,14 @@ public function addPositionToPeriodAction(Request $request, Period $period)
}

/**
* @Route("/{id}/position/{position}", name="remove_position_from_period", methods={"DELETE"})
* @Security("has_role('ROLE_SHIFT_MANAGER')")
* @Route("/{id}/position/{position}", name="period_position_delete", methods={"DELETE"})
* @Security("has_role('ROLE_ADMIN')")
*/
public function removePositionToPeriodAction(Request $request, Period $period, PeriodPosition $position)
public function deletePeriodPositionAction(Request $request, Period $period, PeriodPosition $position)
{
$session = new Session();

$form = $this->createDeletePeriodPositionForm($period, $position);
$form = $this->createPeriodPositionDeleteForm($period, $position);
$form->handleRequest($request);

if ($form->isSubmitted() && $form->isValid()) {
Expand All @@ -310,14 +302,14 @@ public function removePositionToPeriodAction(Request $request, Period $period, P
/**
* Book a period.
*
* @Route("/{id}/position/{position}/book", name="book_position_from_period", methods={"POST"})
* @Route("/{id}/position/{position}/book", name="period_position_book", methods={"POST"})
* @Security("has_role('ROLE_SHIFT_MANAGER')")
*/
public function bookPositionToPeriodAction(Request $request, Period $period, PeriodPosition $position): Response
public function bookPeriodPositionAction(Request $request, Period $period, PeriodPosition $position): Response
{
$session = new Session();

$form = $this->createBookPeriodPositionForm($period, $position);
$form = $this->createPeriodPositionBookForm($period, $position);
$form->handleRequest($request);

if ($form->isSubmitted() && $form->isValid()) {
Expand Down Expand Up @@ -354,10 +346,10 @@ public function bookPositionToPeriodAction(Request $request, Period $period, Per
/**
* free a position.
*
* @Route("/{id}/position/{position}/free", name="free_position_from_period", methods={"POST"})
* @Route("/{id}/position/{position}/free", name="period_position_free", methods={"POST"})
* @Security("has_role('ROLE_SHIFT_MANAGER')")
*/
public function freePositionToPeriodAction(Request $request, Period $period, PeriodPosition $position)
public function freePeriodPositionAction(Request $request, Period $period, PeriodPosition $position)
{
$session = new Session();

Expand All @@ -376,7 +368,7 @@ public function freePositionToPeriodAction(Request $request, Period $period, Per
* @Route("/{id}", name="period_delete", methods={"DELETE"})
* @Security("has_role('ROLE_ADMIN')")
*/
public function deleteAction(Request $request, Period $period)
public function deletePeriodAction(Request $request, Period $period)
{
$session = new Session();

Expand All @@ -401,7 +393,7 @@ public function deleteAction(Request $request, Period $period)
* @Route("/copyPeriod/", name="period_copy", methods={"GET","POST"})
* @Security("has_role('ROLE_ADMIN')")
*/
public function periodCopyAction(Request $request){
public function copyPeriodAction(Request $request){
$days = array(
"Lundi" => 0,
"Mardi" => 1,
Expand Down Expand Up @@ -491,6 +483,41 @@ public function generateShiftsForDateAction(Request $request, KernelInterface $k
));
}

/**
* Creates a form to delete a period entity.
*
* @param Period $period The period entity
*
* @return \Symfony\Component\Form\Form The form
*/
private function createPeriodDeleteForm(Period $period)
{
return $this->createFormBuilder()
->setAction($this->generateUrl('period_delete', array('id' => $period->getId())))
->setMethod('DELETE')
->getForm();
}

/**
* Creates a form to add a period position entity.
*
* @param Period $period The period entity
*
* @return \Symfony\Component\Form\Form The form
*/
private function createPeriodPositionAddForm(Period $period)
{
return $this->createForm(
PeriodPositionType::class,
new PeriodPosition(),
array(
'action' => $this->generateUrl(
'period_position_new',
array('id' => $period->getId())
)
));
}

/**
* Creates a form to book a period position entity.
*
Expand All @@ -499,10 +526,10 @@ public function generateShiftsForDateAction(Request $request, KernelInterface $k
*
* @return \Symfony\Component\Form\Form The form
*/
private function createBookPeriodPositionForm(Period $period, PeriodPosition $position)
private function createPeriodPositionBookForm(Period $period, PeriodPosition $position)
{
return $this->get('form.factory')->createNamedBuilder('positions_book_forms_' . $position->getId())
->setAction($this->generateUrl('book_position_from_period', array('id' => $period->getId(), 'position' => $position->getId())))
->setAction($this->generateUrl('period_position_book', array('id' => $period->getId(), 'position' => $position->getId())))
->setMethod('POST')
->add('shifter', AutocompleteBeneficiaryType::class, array('label' => 'Numéro d\'adhérent ou nom du membre', 'required' => true))
->getForm();
Expand All @@ -516,10 +543,10 @@ private function createBookPeriodPositionForm(Period $period, PeriodPosition $po
*
* @return \Symfony\Component\Form\Form The form
*/
private function createDeletePeriodPositionForm(Period $period, PeriodPosition $position)
private function createPeriodPositionDeleteForm(Period $period, PeriodPosition $position)
{
return $this->get('form.factory')->createNamedBuilder('positions_delete_forms_' . $position->getId())
->setAction($this->generateUrl('remove_position_from_period', array('id' => $period->getId(), 'position' => $position->getId())))
->setAction($this->generateUrl('period_position_delete', array('id' => $period->getId(), 'position' => $position->getId())))
->setMethod('DELETE')
->getForm();
}
Expand Down

0 comments on commit 37e0941

Please sign in to comment.