add public security checkpoint

config/packages/security.yaml

@@ -167,4 +167,5 @@ security:
     # Easy way to control access for large sections of your site
     # Note: Only the *first* access control that matches will be used
     access_control:
-        - { path: ^/api, roles: IS_HAVING_MODULE }
+        - { path: ^/api/public, roles: PUBLIC_ACCESS }
+        - { path: ^/api/, roles: IS_HAVING_MODULE }

src/Service/ApiResourceBuilder/Public/FederationStructureBuilder.php

@@ -1,129 +0,0 @@
-<?php
-
-namespace App\Service\ApiResourceBuilder\Public;
-
-use App\ApiResources\Public\FederationStructure;
-use Doctrine\ORM\EntityManagerInterface;
-
-class FederationStructureBuilder
-{
-    public function __construct(
-        private EntityManagerInterface $em
-    ) {}
-
-    private static function buildFederationStructure(array $data) {
-        return (new FederationStructure())
-            ->setId((int)$data['id'])
-            ->setName((string)$data['name'])
-            ->setLogoId((int)$data['logoId'])
-            ->setPrincipalType((string)$data['principalType'])
-            ->setWebsite((string)$data['website'])
-            ->setAddresses((string)$data['addresses'])
-            ->setPractices((string)$data['practices'])
-            ->setParentId((int)$data['parentId'])
-            ->setN1Id((int)$data['n1Id'])
-            ->setN2Id((int)$data['n2id'])
-            ->setN3Id((int)$data['n3Id'])
-            ->setN4Id((int)$data['n4Id'])
-            ->setN5Id((int)$data['n5Id'])
-            ->setParents((string)$data['parents']);
-    }
-
-    /**
-     * Route optimisée pour retourner les données de réseau d'une structure membre de fédération, au format json
-     *
-     * Cette route est utilisée par l'iframe de recherche des structures
-     * @see https://gitlab.2iopenservice.com/opentalent/frames
-     *
-     * @param int $organizationId
-     * @return FederationStructure
-     * @throws \Doctrine\DBAL\DBALException
-     * @throws \Doctrine\DBAL\Driver\Exception
-     * @throws \Doctrine\DBAL\Exception
-     */
-    public function getFederationStructureByOrganizationId(int $organizationId): FederationStructure
-    {
-
-        $sql = "SELECT o.id, o.name, o.logo_id as logoId, o.description, o.image_id as imageId, p.otherWebsite as website, a.latitude, a.longitude,
-                       GROUP_CONCAT(COLUMN_JSON(COLUMN_CREATE(
-                             'type', oa.type, 'latitude', a.latitude, 'longitude', a.longitude, 
-                             'streetAddress', TRIM(BOTH '\n' FROM CONCAT_WS('\n', a.addressOwner, a.streetAddress, a.streetAddressSecond, a.streetAddressThird)),
-                             'postalCode', a.postalCode, 'addressCity', a.addressCity, 'country', c.name))) as addresses,
-                       cp.telphone, cp.mobilPhone, cp.email, o.facebook, o.twitter, o.instagram, o.youtube,
-                       (SELECT CONCAT(GROUP_CONCAT(DISTINCT CONCAT(tp.name)))
-                        FROM organization_type_of_practices AS otp
-                        LEFT JOIN TypeOfPractice AS tp ON(tp.id = otp.typeofpractice_id)
-                        WHERE otp.organization_id = o.id) AS practices,
-                       oar.articles,
-                       n1.parent_id as n1Id, net1.name as n1Name
-                    FROM opentalent.Organization o
-                        INNER JOIN opentalent.Parameters p on o.parameters_id = p.id
-                        LEFT JOIN opentalent.OrganizationAddressPostal oa on oa.organization_id = o.id
-                        LEFT JOIN opentalent.AddressPostal a on oa.addressPostal_id = a.id
-                        LEFT JOIN opentalent.Country c ON c.id = a.addressCountry_id
-                        INNER JOIN (SELECT * FROM NetworkOrganization WHERE parent_id NOT IN (32366, 13) AND (endDate IS NULL OR endDate = '0000-00-00')) n1 on n1.organization_id = o.id
-                        INNER JOIN Organization net1 ON net1.id = n1.parent_id
-                        LEFT JOIN opentalent.organization_contactpoint ocp ON ocp.organization_id = o.id
-                        INNER JOIN (SELECT * FROM opentalent.ContactPoint WHERE `contactType`='PRINCIPAL') cp ON cp.id = ocp.contactPoint_id
-                        LEFT JOIN (
-                            SELECT oar_.organization_id, GROUP_CONCAT(COLUMN_JSON(COLUMN_CREATE('id', oar_.id, 'title', oar_.title, 'date', DATE_FORMAT(oar_.date, '%Y-%m-%dT%TZ'), 'link', oar_.link))) as articles
-                            FROM (SELECT * FROM OrganizationArticle WHERE link is not null and link != '' ORDER BY date DESC) as oar_
-                            group by organization_id
-                        ) oar ON oar.organization_id = o.id
-                    WHERE o.id = :organizationId;";
-
-        $stmt = $this->em->getConnection()->prepare($sql);
-        $data = $stmt->executeQuery(['organizationId' => $organizationId])->fetchAssociative();
-        return self::buildFederationStructure($data);
-    }
-
-    /**
-     * Route optimisée pour retourner l'ensemble des structures d'une fédération au format json
-     *
-     * Cette route est utilisée par l'iframe de recherche des structures
-     * @see https://gitlab.2iopenservice.com/opentalent/frames
-     *
-     * @param int $parentId
-     * @return array
-     * @throws \Doctrine\DBAL\DBALException
-     * @throws \Doctrine\DBAL\Driver\Exception
-     * @throws \Doctrine\DBAL\Exception
-     */
-    public function getDataByFederationId(int $parentId): array
-    {
-        // NOTE: Cette route est utilisée pour l'affichage et la recherche des structures adhérentes à une fédération
-        // Pour éviter une requête récursive et conserver des performances correctes, on a mis en place ces JOIN chainés.
-        // Au moment du développement de cette route (juin 2021), aucune structure n'a plus de 4 fédération parentes,
-        // les 5 niveaux de JOIN devraient donc suffire.
-        $sql = "SELECT o.id, o.name, o.logo_id as logoId, o.principalType, p.otherWebsite as website,    
-                        GROUP_CONCAT(COLUMN_JSON(COLUMN_CREATE(
-                             'type', oa.type, 'latitude', a.latitude, 'longitude', a.longitude, 
-                             'streetAddress', TRIM(BOTH '\n' FROM CONCAT_WS('\n', a.streetAddress, a.streetAddressSecond, a.streetAddressThird)),
-                             'postalCode', a.postalCode, 'addressCity', a.addressCity, 'country', c.name))) as addresses,
-                        (SELECT CONCAT(GROUP_CONCAT(DISTINCT CONCAT(tp.name)))
-                        FROM organization_type_of_practices AS otp
-                        LEFT JOIN TypeOfPractice AS tp ON(tp.id = otp.typeofpractice_id)
-                        WHERE otp.organization_id = o.id) AS practices,
-                       n1.parent_id as n1Id, net1.name as n1Name, n2.parent_id as n2Id, n3.parent_id as n3Id, n4.parent_id as n4Id, n5.parent_id as n5Id,
-                       CONCAT_WS(',', n1.parent_id, n2.parent_id, n3.parent_id, n4.parent_id, n5.parent_id) as parents
-                    FROM opentalent.Organization o
-                        INNER JOIN opentalent.Parameters p on o.parameters_id = p.id
-                        LEFT JOIN opentalent.OrganizationAddressPostal oa on oa.organization_id = o.id
-                        LEFT JOIN opentalent.AddressPostal a on oa.addressPostal_id = a.id
-                        LEFT JOIN opentalent.Country c ON (c.id = a.addressCountry_id)
-                        INNER JOIN (SELECT DISTINCT organization_id, parent_id FROM NetworkOrganization WHERE parent_id NOT IN (32366, 13) AND (endDate IS NULL OR endDate = '0000-00-00')) n1 on n1.organization_id = o.id
-                        INNER JOIN Organization net1 ON net1.id = n1.parent_id
-                        LEFT JOIN (SELECT DISTINCT organization_id, parent_id FROM NetworkOrganization WHERE parent_id NOT IN (32366, 13) AND (endDate IS NULL OR endDate = '0000-00-00')) n2 on n2.organization_id = n1.parent_id
-                        LEFT JOIN (SELECT DISTINCT organization_id, parent_id FROM NetworkOrganization WHERE parent_id NOT IN (32366, 13) AND (endDate IS NULL OR endDate = '0000-00-00')) n3 on n3.organization_id = n2.parent_id
-                        LEFT JOIN (SELECT DISTINCT organization_id, parent_id FROM NetworkOrganization WHERE parent_id NOT IN (32366, 13) AND (endDate IS NULL OR endDate = '0000-00-00')) n4 on n4.organization_id = n3.parent_id
-                        LEFT JOIN (SELECT DISTINCT organization_id, parent_id FROM NetworkOrganization WHERE parent_id NOT IN (32366, 13) AND (endDate IS NULL OR endDate = '0000-00-00')) n5 on n5.organization_id = n4.parent_id
-                        WHERE :parentId IN (n1.parent_id, n2.parent_id, n3.parent_id, n4.parent_id, n5.parent_id)
-                        GROUP BY o.id
-        ;";
-
-        $stmt = $this->em->getConnection()->prepare($sql);
-        $rows = $stmt->executeQuery(['parentId' => $parentId])->fetchAllAssociative();
-
-        return array_map('self::buildFederationStructure', $rows);
-    }
-}