|
|
@@ -20,22 +20,25 @@ use Doctrine\ORM\Mapping as ORM;
|
|
|
*
|
|
|
* @see \App\Doctrine\Education\AttendanceBookingReasonExtension.php
|
|
|
*/
|
|
|
-#[ApiResource(operations: [
|
|
|
- new Get(
|
|
|
- security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and object.getOrganization().getId() == user.getOrganization().getId()'
|
|
|
- ),
|
|
|
- new Put(
|
|
|
- security: 'object.getOrganization().getId() == user.getOrganization().getId()'
|
|
|
- ),
|
|
|
- new Delete(
|
|
|
- security: 'object.getOrganization().getId() == user.getOrganization().getId()'
|
|
|
- ),
|
|
|
- new GetCollection(
|
|
|
- security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
|
|
|
- ),
|
|
|
- new Post()
|
|
|
-
|
|
|
-])]
|
|
|
+#[ApiResource(
|
|
|
+
|
|
|
+ operations: [
|
|
|
+ new Get(
|
|
|
+ security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and object.getOrganization().getId() == user.getOrganization().getId()'
|
|
|
+ ),
|
|
|
+ new Put(
|
|
|
+ security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and is_granted(\'ROLE_GENERAL_CONFIG\') and object.getOrganization().getId() == user.getOrganization().getId()'
|
|
|
+ ),
|
|
|
+ new Delete(
|
|
|
+ security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and is_granted(\'ROLE_GENERAL_CONFIG\') and object.getOrganization().getId() == user.getOrganization().getId()'
|
|
|
+ ),
|
|
|
+ new GetCollection(
|
|
|
+ security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\')'
|
|
|
+ ),
|
|
|
+ new Post(
|
|
|
+ security: 'is_granted(\'ROLE_ORGANIZATION_VIEW\') and is_granted(\'ROLE_GENERAL_CONFIG\')'
|
|
|
+ )]
|
|
|
+)]
|
|
|
//#[Auditable]
|
|
|
#[ORM\Table(name: 'AttendanceBookingReason')]
|
|
|
#[OrganizationDefaultValue(fieldName: "organization")]
|
Olivier Massot