fix resources security

config/api_platform/Access/access.yaml

@@ -1,35 +1,9 @@
 resources:
   App\Entity\Access\Access:
     - operations:
-        ApiPlatform\Metadata\GetCollection: ~
-
         ApiPlatform\Metadata\Get:
           security: '(is_granted("ROLE_USERS_VIEW") and object.getOrganization().getId() == user.getOrganization().getId()) or (object.getId() == user.getId())'
 
         ApiPlatform\Metadata\Put:
           security: 'is_granted("ROLE_USERS") or (object.getId() == user.getId())'
 
-        ApiPlatform\Metadata\Delete: ~
-
-    - operations:
-        ApiPlatform\Metadata\GetCollection:
-          name: 'cget_students'
-          uriTemplate: '/students'
-          security: 'is_granted("ROLE_USERS_VIEW")'
-
-    - operations:
-        ApiPlatform\Metadata\GetCollection:
-          name: 'cget_access_person_ref'
-          uriTemplate: '/access_people'
-          normalization_context:
-            groups: [ 'access_people_ref' ]
-
-    - operations:
-        ApiPlatform\Metadata\Get:
-          name: 'get_access_address'
-          uriTemplate: '/access_addresses/{id}'
-          requirements:
-            id: '\d+'
-          normalization_context:
-            groups: [ 'access_address', 'address' ] ]
-          security: 'object.getOrganization().getId() == user.getOrganization().getId()'

src/ApiResources/Access/AdminAccess.php

@@ -15,20 +15,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Classe resource qui contient les champs d'un compte admin
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            uriTemplate: '/admin/{id}',
-            defaults: ['id' => 0],
-            provider: AdminAccessProvider::class
-        ),
-        new Put(
-            uriTemplate: '/admin/{id}',
-            defaults: ['id' => 0],
-            processor: AdminAccessProcessor::class
-        )
-    ]
-)]
+#[ApiResource]
 class AdminAccess implements ApiResourcesInterface
 {
     #[ApiProperty(identifier: true)]

src/Doctrine/Core/CurrentNotificationUserExtension.php → src/Doctrine/Core/CurrentUserNotificationUserExtension.php

@@ -14,7 +14,7 @@ use Symfony\Bundle\SecurityBundle\Security;
  *
  * @package App\Doctrine\Core
  */
-final class CurrentNotificationUserExtension extends AbstractExtension
+final class CurrentUserNotificationUserExtension extends AbstractExtension
 {
     public function __construct(private Security $security)
     { }

src/Entity/Access/Access.php

@@ -66,7 +66,7 @@ use Symfony\Component\Serializer\Annotation\Groups;
 /**
  * Fais le lien entre une Person et une Organization
  */
-#[ApiResource] // Config in config/api_platform/Access/access.yaml
+#[ApiResource] // @see config/api_platform/Access/access.yaml
 //#[Auditable]
 #[ORM\Entity(repositoryClass: AccessRepository::class)]
 #[ApiFilter(filterClass: BooleanFilter::class, properties: ['person.isPhysical'])]

src/Entity/Access/AccessFamily.php

@@ -14,13 +14,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\')'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class AccessFamily
@@ -102,4 +96,4 @@ class AccessFamily
         }
         return $this;
     }
-}
+}

src/Entity/Billing/AccessBilling.php

@@ -14,13 +14,7 @@ use Doctrine\Common\Collections\Collection;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getAccess().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class AccessBilling
@@ -179,4 +173,4 @@ class AccessBilling
         $this->access = $access;
         return $this;
     }
-}
+}

src/Entity/Billing/AccessPayer.php

@@ -17,13 +17,7 @@ use Doctrine\ORM\Mapping as ORM;
  * Fais le lien entre l'Access qui règle la facture et l'Access concerné
  *
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getAccessPayer().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Table(name: 'BillingPayer')]
 #[ORM\Entity(repositoryClass: AccessPayerRepository::class)]

src/Entity/Billing/Bill.php

@@ -13,13 +13,7 @@ use Doctrine\ORM\Mapping as ORM;
  * @todo : A la suite de la migration, il faut supprimer le nom de la table pour avoir une table Bill, et supprimer l'attribut discr.
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'BillAccounting')]
@@ -42,4 +36,4 @@ class Bill extends BillAccounting implements BillAccountingInterface
         $this->access = $access;
         return $this;
     }
-}
+}

src/Entity/Billing/BillAccounting.php

@@ -16,13 +16,7 @@ use Doctrine\Common\Collections\Collection;
  * @todo : A la suite de la migration, il faut supprimer le nom de la table pour avoir une table BillAccounting, et supprimer l'attribut discr.
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class BillAccounting

src/Entity/Billing/BillCredit.php

@@ -14,13 +14,7 @@ use Doctrine\ORM\Mapping as ORM;
  *
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'BillAccounting')]
@@ -43,4 +37,4 @@ class BillCredit extends BillAccounting implements BillAccountingInterface
         $this->access = $access;
         return $this;
     }
-}
+}

src/Entity/Billing/BillLine.php

@@ -14,13 +14,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getAccess().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class BillLine
@@ -91,4 +85,4 @@ class BillLine
         $this->equipmentLoan = $equipmentLoan;
         return $this;
     }
-}
+}

src/Entity/Billing/BillingIntangibleExcludeDate.php

@@ -12,13 +12,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\')'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class BillingIntangibleExcludeDate

src/Entity/Billing/EducationalProjectPayer.php

@@ -15,13 +15,7 @@ use Doctrine\ORM\Mapping as ORM;
  *
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getEducationalProjectPayer().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Table(name: 'BillingPayer')]
 #[ORM\Entity]
@@ -67,4 +61,4 @@ class EducationalProjectPayer
         $this->educationalProjectReceiver = $educationalProjectReceiver;
         return $this;
     }
-}
+}

src/Entity/Billing/FamilyQuotient.php

@@ -14,13 +14,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getBillingSetting().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class FamilyQuotient
@@ -117,4 +111,4 @@ class FamilyQuotient
         }
         return $this;
     }
-}
+}

src/Entity/Billing/ResidenceArea.php

@@ -20,24 +20,7 @@ use Doctrine\Common\Collections\Collection;
 /**
  * Zone de résidence d'un Access, telle que définie par l'Organization
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and object.getBillingSetting().getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Put(
-            security: 'object.getBillingSetting().getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Delete(
-            security: 'object.getBillingSetting().getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
-        ),
-        new Post()
-    ],
-    security: 'is_granted(\'ROLE_ORGANIZATION\')'
-)]
+#[ApiResource]
 //#[Auditable]
 #[BillingSettingDefaultValue(fieldName: "billingSetting")]
 #[ORM\Entity(repositoryClass: ResidenceAreaRepository::class)]

src/Entity/Booking/Attendance.php

@@ -15,13 +15,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Attendance
@@ -114,4 +108,4 @@ class Attendance
         }
         return $this;
     }
-}
+}

src/Entity/Booking/AttendanceBooking.php

@@ -12,13 +12,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\')'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class AttendanceBooking

src/Entity/Booking/Course.php

@@ -26,14 +26,7 @@ use Doctrine\Common\Collections\Collection;
  *
  * Classe Course qui permet de gérer les cours de la structure.
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_COURSE_VIEW\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection()
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: CourseRepository::class)]
 #[ORM\Table(name: 'Booking')]
@@ -401,4 +394,4 @@ class Course extends AbstractBooking
         $this->tags->removeElement($tag);
         return $this;
     }
-}
+}

src/Entity/Booking/EducationalProject.php

@@ -24,13 +24,7 @@ use Doctrine\ORM\Mapping as ORM;
  * @todo : migration table tag_booking
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Table(name: 'Booking')]
 #[ORM\Entity]
@@ -461,4 +455,4 @@ class EducationalProject extends AbstractBooking
         $this->tags->removeElement($tag);
         return $this;
     }
-}
+}

src/Entity/Booking/Event.php

@@ -23,13 +23,7 @@ use Symfony\Component\Validator\Constraints as Assert;
  * @todo : A la suite de la migration, il faut supprimer le nom de la table pour avoir une table Event, et supprimer l'attribut discr.
  * @todo : migration table tag_booking
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'Booking')]

src/Entity/Booking/EventUser.php

@@ -12,13 +12,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getAccess().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class EventUser
@@ -60,4 +54,4 @@ class EventUser
         $this->guest = $guest;
         return $this;
     }
-}
+}

src/Entity/Booking/Examen.php

@@ -22,13 +22,7 @@ use Doctrine\ORM\Mapping as ORM;
  * @todo : migration table tag_booking
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'Booking')]
@@ -324,4 +318,4 @@ class Examen extends AbstractBooking
         $this->tags->removeElement($tag);
         return $this;
     }
-}
+}

src/Entity/Booking/OrganizationHoliday.php

@@ -16,13 +16,7 @@ use Doctrine\ORM\Mapping as ORM;
  *
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'Booking')]
@@ -92,4 +86,4 @@ class OrganizationHoliday extends AbstractBooking
         $this->organization = $organization;
         return $this;
     }
-}
+}

src/Entity/Booking/PersonHoliday.php

@@ -16,13 +16,7 @@ use Doctrine\ORM\Mapping as ORM;
  *
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getAccess().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'Booking')]
@@ -91,4 +85,4 @@ class PersonHoliday extends AbstractBooking
         $this->access = $access;
         return $this;
     }
-}
+}

src/Entity/Core/AddressPostal.php

@@ -17,14 +17,7 @@ use Doctrine\ORM\Mapping as ORM;
 use App\Entity\Person\PersonAddressPostal;
 use Symfony\Component\Serializer\Annotation\Groups;
 
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and object.getOrganizationAddressPostal().getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection()
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: AddressPostalRepository::class)]
 class AddressPostal

src/Entity/Core/BankAccount.php

@@ -22,21 +22,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Données bancaire d'une Person ou d'une Organization
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted("BANK_ACCOUNT_READ", object)'
-        ),
-        new Put(
-            security: 'is_granted("BANK_ACCOUNT_EDIT", object)'
-        ),
-        new Delete(
-            security: 'is_granted("BANK_ACCOUNT_DELETE", object)'
-        ),
-        new Post(),
-        new GetCollection()
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: BankAccountRepository::class)]
 class BankAccount

src/Entity/Core/ContactPoint.php

@@ -26,21 +26,7 @@ use App\Validator\Core as OpentalentAssert;
 /**
  * Données de contact d'une Person ou d'une Organization ou d'un lieu
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted("CONTACT_POINT_READ", object)'
-        ),
-        new Put(
-            security: 'is_granted("CONTACT_POINT_EDIT", object)'
-        ),
-        new Delete(
-            security: 'is_granted("CONTACT_POINT_DELETE", object)'
-        ),
-        new Post(),
-        new GetCollection()
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: ContactPointRepository::class)]
 #[OpentalentAssert\ContactPoint]

src/Entity/Core/File.php

@@ -30,8 +30,12 @@ use App\Enum\Core\FileStatusEnum;
 
 #[ApiResource(
     operations: [
-        new Get(),
-        new Put()
+        new Get(
+            security: ''
+        ),
+        new Put(
+            security: ''
+        )
     ]
 )]
 //#[Auditable]

src/Entity/Core/Tagg.php

@@ -41,13 +41,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Tagg
@@ -863,4 +857,4 @@ class Tagg
         }
         return $this;
     }
-}
+}

src/Entity/Core/Tips.php

@@ -14,16 +14,7 @@ use Doctrine\ORM\Mapping as ORM;
  * Classe ... qui ...
  */
 //#[Auditable]
-#[ApiResource(
-    operations: [
-        new Get(),
-        new GetCollection(
-            paginationMaximumItemsPerPage: 20,
-            paginationClientItemsPerPage: true,
-            order: ['id' => 'DESC']
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Tips extends AbstractInformation

src/Entity/Donor/Donor.php

@@ -14,13 +14,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Partenaire / Sponsor de la structure; les logo des donors apparaissent sur le site web de la structure
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Donor

src/Entity/Education/CriteriaNotation.php

@@ -16,13 +16,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class CriteriaNotation
@@ -182,4 +176,4 @@ class CriteriaNotation
         $this->noteMax = $noteMax;
         return $this;
     }
-}
+}

src/Entity/Education/Cycle.php

@@ -20,20 +20,7 @@ use Doctrine\Common\Collections\Collection;
  * Enum des cycles éducatifs, utilisés par les EducationCurriculum
  * NB: le nombre de cycles est fixé à 6, mais chaque Organization peut en modifier le label
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Put(
-            security: 'object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
-        )
-    ],
-    security: 'is_granted(\'ROLE_ORGANIZATION\')'
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: CycleRepository::class)]
 class Cycle

src/Entity/Education/Education.php

@@ -17,13 +17,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getEducationCategory().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Education
@@ -275,4 +269,4 @@ class Education
         $this->educationNotationConfig = $educationNotationConfig;
         return $this;
     }
-}
+}

src/Entity/Education/EducationCategory.php

@@ -16,13 +16,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class EducationCategory
@@ -87,4 +81,4 @@ class EducationCategory
         }
         return $this;
     }
-}
+}

src/Entity/Education/EducationCurriculum.php

@@ -15,13 +15,7 @@ use Doctrine\Common\Collections\Collection;
 /**
  * Curriculum éducatif; composé d'un cycle, d'une année et d'un niveau
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getEducation().getEducationCategory().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: EducationCurriculumRepository::class)]
 class EducationCurriculum

src/Entity/Education/EducationNotation.php

@@ -15,13 +15,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getEducationStudent().getAccess().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: EducationNotationRepository::class)]
 class EducationNotation
@@ -119,4 +113,4 @@ class EducationNotation
         }
         return round($this->note, 2);
     }
-}
+}

src/Entity/Education/EducationNotationConfig.php

@@ -22,20 +22,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Configuration des grilles d'évaluation
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_PEDAGOGICS_ADMINISTRATION_VIEW\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Put(
-            security: 'object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection(
-            security: 'is_granted(\'ROLE_PEDAGOGICS_ADMINISTRATION_VIEW\')'
-        )
-    ],
-    security: 'is_granted(\'ROLE_PEDAGOGICS_ADMINISTRATION\')'
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: EducationNotationConfigRepository::class)]
 #[OrganizationDefaultValue(fieldName: "organization")]

src/Entity/Education/EducationStudent.php

@@ -16,13 +16,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getAccess().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class EducationStudent
@@ -220,4 +214,4 @@ class EducationStudent
         $this->educationTiming = $educationTiming;
         return $this;
     }
-}
+}

src/Entity/Education/EducationTeacher.php

@@ -15,13 +15,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getAccess().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class EducationTeacher
@@ -100,4 +94,4 @@ class EducationTeacher
         }
         return $this;
     }
-}
+}

src/Entity/Education/EducationTiming.php

@@ -21,24 +21,7 @@ use Doctrine\Common\Collections\Collection;
 /**
  * Temps d'un enseignement
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Put(
-            security: 'object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Delete(
-            security: 'object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
-        ),
-        new Post()
-    ],
-    security: 'is_granted(\'ROLE_ORGANIZATION\')'
-)]
+#[ApiResource]
 //#[Auditable]
 #[OrganizationDefaultValue(fieldName: "organization")]
 #[ORM\Entity(repositoryClass: EducationTimingRepository::class)]

src/Entity/Network/Network.php

@@ -18,13 +18,7 @@ use Doctrine\Common\Collections\Collection;
 /**
  * Enum des différents réseaux auxquels peut appartenir une Organization
  */
-#[ApiResource(
-    operations: [
-        new Get(),
-        new GetCollection()
-    ],
-    security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: NetworkRepository::class)]
 class Network

src/Entity/Network/NetworkOrganization.php

@@ -17,19 +17,7 @@ use Symfony\Component\Serializer\Annotation\Groups;
 /**
  * Fait le lien entre une Organization et un Network
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted("ROLE_ORGANIZATION_VIEW" and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
-        )
-    ],
-    normalizationContext: ['groups' => ['network']
-    ],
-    security: 'is_granted(\'ROLE_ORGANIZATION\')'
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: NetworkOrganizationRepository::class)]
 #[DateTimeConstraintAware(startDateFieldName: "startDate", endDateFieldName: "endDate")]

src/Entity/Organization/Activity.php

@@ -18,13 +18,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Activity
@@ -188,4 +182,4 @@ class Activity
         $this->tags->removeElement($tag);
         return $this;
     }
-}
+}

src/Entity/Organization/Jury.php

@@ -17,13 +17,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Jury
@@ -144,4 +138,4 @@ class Jury
         $this->tags->removeElement($tag);
         return $this;
     }
-}
+}

src/Entity/Organization/Organization.php

@@ -49,19 +49,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Structure, organisation
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: '(is_granted("ROLE_ORGANIZATION_VIEW") or is_granted("ROLE_ORGANIZATION")) and object.getId() == user.getOrganization().getId()'
-        ),
-        new Put(
-            security: 'is_granted("ROLE_ORGANIZATION") and object.getId() == user.getOrganization().getId()'
-        ),
-        new Post(),
-        new GetCollection()
-    ],
-    processor: OrganizationProcessor::class
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: OrganizationRepository::class)]
 class Organization

src/Entity/Organization/OrganizationAddressPostal.php

@@ -20,24 +20,8 @@ use Symfony\Component\Serializer\Annotation\Groups;
 use App\Validator\Organization as OpentalentAssert;
 
 #[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Put(
-            security: 'object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Delete(
-            security: 'object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
-        ),
-        new Post()
-    ],
     normalizationContext: ['groups' => ['address']],
     denormalizationContext: ['groups' => ['address']],
-    security: 'is_granted(\'ROLE_ORGANIZATION\')'
 )]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: OrganizationAddressPostalRepository::class)]

src/Entity/Organization/OrganizationArticle.php

@@ -14,17 +14,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Fait le lien entre une Organization et un coup de projecteur
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted("ROLE_ORGANIZATION_VIEW" and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection(
-            security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
-        )
-    ],
-    security: 'is_granted(\'ROLE_ORGANIZATION\')'
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: OrganizationArticleRepository::class)]
 class OrganizationArticle

src/Entity/Organization/Subdomain.php

@@ -23,19 +23,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Sous-domaine enregistré par une organisation
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: '(is_granted("ROLE_ORGANIZATION_VIEW") or is_granted("ROLE_ORGANIZATION")) and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new Put(
-            security: 'is_granted("ROLE_ORGANIZATION") and object.getOrganization().getId() == user.getOrganization().getId()'
-        ),
-        new GetCollection(),
-        new Post()
-    ],
-    processor: SubdomainProcessor::class
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: SubdomainRepository::class)]
 #[OrganizationDefaultValue(fieldName: "organization")]

src/Entity/Organization/TypeOfPractice.php

@@ -19,15 +19,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Type des pratique d'une organisation
  */
-#[ApiResource(
-    operations: [
-        new Get(),
-        new GetCollection(
-            normalizationContext: ['groups' => ['read']]
-        )
-    ],
-    paginationEnabled: false
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: TypeOfPracticeRepository::class)]
 class TypeOfPractice
@@ -108,4 +100,4 @@ class TypeOfPractice
         }
         return $this;
     }
-}
+}

src/Entity/Person/Commission.php

@@ -16,13 +16,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Commission
@@ -116,4 +110,4 @@ class Commission
         $this->tags->removeElement($tag);
         return $this;
     }
-}
+}

src/Entity/Person/CommissionMember.php

@@ -13,13 +13,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\')'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class CommissionMember

src/Entity/Person/CompanyPerson.php

@@ -13,13 +13,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getAccess().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class CompanyPerson
@@ -65,4 +59,4 @@ class CompanyPerson
         $this->access = $access;
         return $this;
     }
-}
+}

src/Entity/Person/Person.php

@@ -26,13 +26,7 @@ use Symfony\Component\Serializer\Annotation\Groups;
 /**
  * Personne physique ou morale
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_USERS_VIEW\')'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: PersonRepository::class)]
 class Person implements UserInterface, PasswordAuthenticatedUserInterface

src/Entity/Person/PersonAddressPostal.php

@@ -16,13 +16,7 @@ use Symfony\Component\Validator\Constraints as Assert;
 /**
  * Lien entre une Person et une AddressPostal
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_USERS_VIEW\')'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity(repositoryClass: PersonAddressPostalRepository::class)]
 class PersonAddressPostal

src/Entity/Place/Place.php

@@ -25,13 +25,7 @@ use Doctrine\ORM\Mapping as ORM;
  *
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'Place')]

src/Entity/Place/Room.php

@@ -20,13 +20,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getPlace().getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class Room
@@ -370,4 +364,4 @@ class Room
         }
         return $this;
     }
-}
+}

src/Entity/Product/Equipment.php

@@ -21,13 +21,7 @@ use Doctrine\ORM\Mapping as ORM;
  * @todo : migration table tag_product
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'Product')]
@@ -398,4 +392,4 @@ class Equipment extends AbstractProduct
         $this->tags->removeElement($tag);
         return $this;
     }
-}
+}

src/Entity/Product/EquipmentLoan.php

@@ -18,13 +18,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\')'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class EquipmentLoan

src/Entity/Product/Intangible.php

@@ -20,13 +20,7 @@ use App\Entity\Education\EducationCurriculum;
  * @todo : migration table tag_product
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\') and object.getOrganization().getId() == user.getOrganization().getId()'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 #[ORM\Table(name: 'Product')]
@@ -150,4 +144,4 @@ class Intangible extends AbstractProduct
         $this->tags->removeElement($tag);
         return $this;
     }
-}
+}

src/Entity/Product/IntangibleDiscountDetail.php

@@ -14,13 +14,7 @@ use Doctrine\ORM\Mapping as ORM;
 /**
  * Classe ... qui ...
  */
-#[ApiResource(
-    operations: [
-        new Get(
-            security: 'is_granted(\'ROLE_ADMIN\')'
-        )
-    ]
-)]
+#[ApiResource]
 //#[Auditable]
 #[ORM\Entity]
 class IntangibleDiscountDetail
@@ -79,4 +73,4 @@ class IntangibleDiscountDetail
         $this->familyQuotient = $familyQuotient;
         return $this;
     }
-}
+}