revision / refact of ability services

config/abilities/pages/addressBook.yaml

@@ -2,48 +2,48 @@
     action: 'display'
     services:
       access :
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'users'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'users'}]}
       organization  :
-        - {function: hasModule, parameters: ['Users']}
+        - {function: hasAllModules, parameters: ['Users']}
 
   student_registration_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'student-registration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'student-registration'}]}
       organization:
-        - {function: hasModule, parameters: ['UsersSchool']}
+        - {function: hasAllModules, parameters: ['UsersSchool']}
 
   education_student_next_year_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'educationstudent'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'educationstudent'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   commissions_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'commissions'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'commissions'}]}
       organization:
-        - {function: hasModule, parameters: ['Users']}
+        - {function: hasAllModules, parameters: ['Users']}
 
   network_children_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'network'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'network'}]}
       organization:
-        - {function: hasModule, parameters: ['Network']}
+        - {function: hasAllModules, parameters: ['Network']}
         - {function: isOrganizationWithChildren}
 
   network_parents_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'core'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'core'}]}
       organization:
-        - {function: hasModule, parameters: ['NetworkOrganization']}
+        - {function: hasAllModules, parameters: ['NetworkOrganization']}
         - {function: isOrganizationWithChildren, result: false}

config/abilities/pages/admin2ios.yaml

@@ -2,46 +2,46 @@
     action: 'display'
     services:
       access :
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'user'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'user'}]}
       organization  :
-        - {function: hasModule, parameters: ['Admin2IOS']}
+        - {function: hasAllModules, parameters: ['Admin2IOS']}
 
   all_organizations_page:
     action: 'display'
     services:
       access :
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'organization'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'organization'}]}
       organization  :
-        - {function: hasModule, parameters: ['Admin2IOS']}
+        - {function: hasAllModules, parameters: ['Admin2IOS']}
 
   tips_page:
     action: 'display'
     services:
       access :
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'tips'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'tips'}]}
       organization  :
-        - {function: hasModule, parameters: ['CorePremium']}
+        - {function: hasAllModules, parameters: ['CorePremium']}
 
   dgv_page:
     action: 'display'
     services:
       organization  :
-        - {function: hasModule, parameters: ['Admin2IOS']}
+        - {function: hasAllModules, parameters: ['Admin2IOS']}
 
   cmf_cotisation_page:
     action: 'display'
     services:
       organization  :
-        - {function: hasModule, parameters: ['Admin2IOS']}
+        - {function: hasAllModules, parameters: ['Admin2IOS']}
 
   right_page:
     action: 'display'
     services:
       organization  :
-        - {function: hasModule, parameters: ['Admin2IOS']}
+        - {function: hasAllModules, parameters: ['Admin2IOS']}
 
   tree_page:
     action: 'display'
     services:
       organization  :
-        - {function: hasModule, parameters: ['Admin2IOS']}
+        - {function: hasAllModules, parameters: ['Admin2IOS']}

config/abilities/pages/billing.yaml

@@ -2,62 +2,62 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'billings-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'billings-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['BillingAdministration']}
+        - {function: hasAllModules, parameters: ['BillingAdministration']}
 
   billing_products_by_student_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['BillingAdministration']}
+        - {function: hasAllModules, parameters: ['BillingAdministration']}
 
   billing_edition_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'manage', subject: 'billings-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'manage', subject: 'billings-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['BillingAdministration']}
+        - {function: hasAllModules, parameters: ['BillingAdministration']}
 
   billing_accounting_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'billings-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'billings-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['BillingAdministration']}
+        - {function: hasAllModules, parameters: ['BillingAdministration']}
 
   billing_payment_list_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'billings-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'billings-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['BillingAdministration']}
+        - {function: hasAllModules, parameters: ['BillingAdministration']}
 
   pes_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'manage', subject: 'billings-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'manage', subject: 'billings-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['Pes']}
+        - {function: hasAllModules, parameters: ['Pes']}
 
   berger_levrault_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'manage', subject: 'billings-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'manage', subject: 'billings-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['BergerLevrault']}
+        - {function: hasAllModules, parameters: ['BergerLevrault']}
 
   jvs_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'manage', subject: 'billings-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'manage', subject: 'billings-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['Jvs']}
+        - {function: hasAllModules, parameters: ['Jvs']}

config/abilities/pages/communication.yaml

@@ -2,34 +2,34 @@
     action: 'display'
     services:
       access:
-        - function: hasAbility
+        - function: hasAllRoleAbilities
           parameters:
             - {action: 'read', subject: 'mails'}
             - {action: 'read', subject: 'emails'}
             - {action: 'read', subject: 'texto'}
       organization:
-        - {function: hasModule, parameters: ['MessagesAdvanced']}
+        - {function: hasAllModules, parameters: ['MessagesAdvanced']}
 
   message_send_page:
     action: 'display'
     services:
       access:
-        - function: hasAbility
+        - function: hasAllRoleAbilities
           parameters:
             - {action: 'read', subject: 'mails'}
             - {action: 'read', subject: 'emails'}
             - {action: 'read', subject: 'texto'}
       organization:
-        - {function: hasModule, parameters: ['MessagesAdvanced']}
+        - {function: hasAllModules, parameters: ['MessagesAdvanced']}
 
   message_templates_page:
     action: 'display'
     services:
       access:
-        - function: hasAbility
+        - function: hasAllRoleAbilities
           parameters:
             - {action: 'read', subject: 'mails'}
             - {action: 'read', subject: 'emails'}
             - {action: 'read', subject: 'texto'}
       organization:
-        - {function: hasModule, parameters: ['MessagesAdvanced']}
+        - {function: hasAllModules, parameters: ['MessagesAdvanced']}

config/abilities/pages/cotisations.yaml

@@ -2,134 +2,134 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationRate', 'CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationRate', 'CotisationCall']}
 
   parameters_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   send_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   state_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   pay_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   check_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   ledger_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   magazine_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCMFAdministration']}
+        - {function: hasAllModules, parameters: ['CotisationCMFAdministration']}
 
   ventilated_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   pay_erase_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   resume_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationTransmissionState']}
+        - {function: hasAllModules, parameters: ['CotisationTransmissionState']}
 
   history_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationCall']}
+        - {function: hasAllModules, parameters: ['CotisationCall']}
 
   call_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationStructure']}
+        - {function: hasAllModules, parameters: ['CotisationStructure']}
 
   history_structure_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationStructure']}
+        - {function: hasAllModules, parameters: ['CotisationStructure']}
 
   insurance_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationStructure', 'CotisationTransmissionState']}
+        - {function: hasAllModules, parameters: ['CotisationStructure', 'CotisationTransmissionState']}
 
   resume_all_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationTransmission']}
+        - {function: hasAllModules, parameters: ['CotisationTransmission']}
 
   resume_pay_cotisation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'cotisation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'cotisation'}]}
       organization:
-        - {function: hasModule, parameters: ['CotisationTransmission']}
+        - {function: hasAllModules, parameters: ['CotisationTransmission']}

config/abilities/pages/donor.yaml

@@ -2,6 +2,6 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'donors'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'donors'}]}
       organization:
-        - {function: hasModule, parameters: ['Donors']}
+        - {function: hasAllModules, parameters: ['Donors']}

config/abilities/pages/educational.yaml

@@ -2,54 +2,54 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   education_notation_config_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['AdvancedEducationNotation']}
+        - {function: hasAllModules, parameters: ['AdvancedEducationNotation']}
 
   seizure_period_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   test_seizure_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-seizure'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-seizure'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsSeizure']}
+        - {function: hasAllModules, parameters: ['PedagogicsSeizure']}
 
   test_validation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   examen_results_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   education_by_student_validation_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-seizure'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-seizure'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsSeizure']}
+        - {function: hasAllModules, parameters: ['PedagogicsSeizure']}

config/abilities/pages/equipment.yaml

@@ -2,6 +2,6 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'equipments'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'equipments'}]}
       organization:
-        - {function: hasModule, parameters: ['Equipments']}
+        - {function: hasAllModules, parameters: ['Equipments']}

config/abilities/pages/medals.yaml

@@ -2,6 +2,6 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'medals'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'medals'}]}
       organization:
-        - {function: hasModule, parameters: ['Medals']}
+        - {function: hasAllModules, parameters: ['Medals']}

config/abilities/pages/myAccount.yaml

@@ -8,10 +8,11 @@
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [{action: 'write', subject: 'attendances'}] }
+        # TODO: l'action write existe-t-elle?
+        - { function: hasAllRoleAbilities, parameters: [{action: 'write', subject: 'attendances'}] }
         - { function: isAdminAccount, result: false }
       organization:
-        - {function: hasModule, parameters: ['Attendances']}
+        - {function: hasAllModules, parameters: ['Attendances']}
 
   my_attendance_page:
     action: 'display'
@@ -29,33 +30,33 @@
     action: 'display'
     services:
       access:
-        - { function: hasProfile, parameters: [ 'teacher'] }
+        - { function: hasAnyProfile, parameters: [ 'teacher'] }
 
   my_students_education_students_page:
     action: 'display'
     services:
       access:
-        - { function: hasProfile, parameters: [ 'teacher'] }
+        - { function: hasAnyProfile, parameters: [ 'teacher'] }
 
   criteria_notations_page_from_account_menu:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'criterianotation'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'criterianotation'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   my_education_students_page:
     action: 'display'
     services:
       access:
-        - { function: hasProfile, parameters: [ 'student'] }
+        - { function: hasAnyProfile, parameters: [ 'student'] }
 
   send_an_email_page:
     action: 'display'
     services:
       access:
-        - { function: hasProfile, parameters: [ 'admin', 'teacher' ] }
+        - { function: hasAnyProfile, parameters: [ 'admin', 'teacher' ] }
 
   my_documents_page:
     action: 'display'
@@ -73,24 +74,24 @@
     action: 'display'
     services:
       access:
-        - { function: hasProfile, parameters: [ 'member'] }
+        - { function: hasAnyProfile, parameters: ['member'] }
       organization:
         - {function: isShowAdherentList}
-        - {function: hasModule, parameters: ['Users']}
+        - {function: hasAllModules, parameters: ['Users']}
 
   subscription_page:
     action: 'display'
     services:
       access:
-        - { function: hasProfile, parameters: ['admin', 'administratifManager', 'pedagogicManager', 'financialManager']}
+        - { function: hasAnyProfile, parameters: ['admin', 'administratifManager', 'pedagogicManager', 'financialManager']}
       organization:
-        - {function: hasModule, parameters: ['GeneralConfig']}
+        - {function: hasAllModules, parameters: ['GeneralConfig']}
 
   my_bills_page:
     action: 'display'
     services:
       access:
-        - { function: hasProfile, parameters: ['guardian', 'payor']}
+        - { function: hasAnyProfile, parameters: ['guardian', 'payor']}
 
   cmf_licence_person_page:
     action: 'display'

config/abilities/pages/parameters.yaml

@@ -2,153 +2,153 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'organization'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'organization'}]}
       organization:
-        - {function: hasModule, parameters: ['GeneralConfig']}
+        - {function: hasAllModules, parameters: ['GeneralConfig']}
 
   cmf_licence_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'organization'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'organization'}]}
       organization:
-        - {function: hasModule, parameters: ['GeneralConfig']}
+        - {function: hasAllModules, parameters: ['GeneralConfig']}
         - {function: isCmf}
 
   parameters_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'general-config'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'general-config'}]}
       organization:
-        - {function: hasModule, parameters: ['GeneralConfig']}
+        - {function: hasAllModules, parameters: ['GeneralConfig']}
 
   parameters_communication_page:
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [ { action: 'read', subject: 'general-config' } ] }
+        - { function: hasAllRoleAbilities, parameters: [ { action: 'read', subject: 'general-config' } ] }
       organization:
-        - { function: hasModule, parameters: [ 'GeneralConfig' ] }
+        - { function: hasAllModules, parameters: [ 'GeneralConfig' ] }
 
   parameters_student_page:
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [ { action: 'read', subject: 'general-config' } ] }
+        - { function: hasAllRoleAbilities, parameters: [ { action: 'read', subject: 'general-config' } ] }
       organization:
-        - { function: hasModule, parameters: [ 'GeneralConfig' ] }
+        - { function: hasAllModules, parameters: [ 'GeneralConfig' ] }
         - {function: isSchool}
 
   parameters_education_page:
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [ { action: 'read', subject: 'general-config' } ] }
+        - { function: hasAllRoleAbilities, parameters: [ { action: 'read', subject: 'general-config' } ] }
       organization:
-        - { function: hasModule, parameters: [ 'GeneralConfig' ] }
+        - { function: hasAllModules, parameters: [ 'GeneralConfig' ] }
         - { function: isSchool }
 
   parameters_bills_page:
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [ { action: 'read', subject: 'general-config' } ] }
+        - { function: hasAllRoleAbilities, parameters: [ { action: 'read', subject: 'general-config' } ] }
       organization:
-        - { function: hasModule, parameters: [ 'GeneralConfig' ] }
+        - { function: hasAllModules, parameters: [ 'GeneralConfig' ] }
         - { function: isSchool }
 
   parameters_secure_page:
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [ { action: 'read', subject: 'general-config' } ] }
+        - { function: hasAllRoleAbilities, parameters: [ { action: 'read', subject: 'general-config' } ] }
       organization:
-        - { function: hasModule, parameters: [ 'GeneralConfig' ] }
+        - { function: hasAllModules, parameters: [ 'GeneralConfig' ] }
 
   place_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'place'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'place'}]}
       organization:
-        - {function: hasModule, parameters: ['GeneralConfig']}
+        - {function: hasAllModules, parameters: ['GeneralConfig']}
 
   education_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   tag_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'manage', subject: 'tagg'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'manage', subject: 'tagg'}]}
       organization:
-        - {function: hasModule, parameters: ['TaggAdvanced']}
+        - {function: hasAllModules, parameters: ['TaggAdvanced']}
 
   activities_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'activity'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'activity'}]}
       organization:
-        - {function: hasModule, parameters: ['GeneralConfig']}
+        - {function: hasAllModules, parameters: ['GeneralConfig']}
 
   template_systems_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'general-config'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'general-config'}]}
       organization:
-        - {function: hasModule, parameters: ['TemplateMessages']}
+        - {function: hasAllModules, parameters: ['TemplateMessages']}
 
   billing_settings_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'billings-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'billings-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['BillingAdministration']}
+        - {function: hasAllModules, parameters: ['BillingAdministration']}
 
   online_registration_settings_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'onlineregistration-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'onlineregistration-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['IEL']}
+        - {function: hasAllModules, parameters: ['IEL']}
         - {function: isSchool}
 
   transition_next_year_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'manage', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'manage', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   course_duplication_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'manage', subject: 'pedagogics-administration'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'manage', subject: 'pedagogics-administration'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   import_page:
     action: 'display'
     services:
       access:
-        - function: hasAbility
+        - function: hasAllRoleAbilities
           parameters:
             - {action: 'manage', subject: 'user'}
             - {action: 'manage', subject: 'equipments'}
       organization:
-        - function: hasModule
+        - function: hasAllModules
           parameters:
             - 'Users'
             - 'Equipments'

config/abilities/pages/schedule.yaml

@@ -2,14 +2,14 @@
     action: 'display'
     services:
       access:
-        - function: hasAbility
+        - function: hasAllRoleAbilities
           parameters:
             - {action: 'read', subject: 'events'}
             - {action: 'read', subject: 'examens'}
             - {action: 'read', subject: 'educationalprojects'}
             - {action: 'read', subject: 'courses'}
       organization:
-        - function: hasModule
+        - function: hasAllModules
           parameters:
             - 'Events'
             - 'Courses'
@@ -20,30 +20,30 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'attendances'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'attendances'}]}
       organization:
-        - {function: hasModule, parameters: ['Attendances']}
+        - {function: hasAllModules, parameters: ['Attendances']}
 
   course_page:
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [ { action: 'read', subject: 'courses' } ] }
+        - { function: hasAllRoleAbilities, parameters: [ { action: 'read', subject: 'courses' } ] }
       organization:
-        - { function: hasModule, parameters: [ 'Courses' ] }
+        - { function: hasAllModules, parameters: [ 'Courses' ] }
 
   exam_page:
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [ { action: 'read', subject: 'examens' } ] }
+        - { function: hasAllRoleAbilities, parameters: [ { action: 'read', subject: 'examens' } ] }
       organization:
-        - { function: hasModule, parameters: [ 'Examens' ] }
+        - { function: hasAllModules, parameters: [ 'Examens' ] }
 
   pedagogics_project_page:
     action: 'display'
     services:
       access:
-        - { function: hasAbility, parameters: [ { action: 'read', subject: 'educationalprojects' } ] }
+        - { function: hasAllRoleAbilities, parameters: [ { action: 'read', subject: 'educationalprojects' } ] }
       organization:
-        - { function: hasModule, parameters: [ 'EducationalProjects' ] }
+        - { function: hasAllModules, parameters: [ 'EducationalProjects' ] }

config/abilities/pages/stats.yaml

@@ -2,30 +2,30 @@
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'statistic'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'statistic'}]}
       organization:
-        - {function: hasModule, parameters: ['Statistic']}
+        - {function: hasAllModules, parameters: ['Statistic']}
 
   education_quotas_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'educationstudent'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'educationstudent'}]}
       organization:
-        - {function: hasModule, parameters: ['PedagogicsAdministation']}
+        - {function: hasAllModules, parameters: ['PedagogicsAdministation']}
 
   fede_stats_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'statistic'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'statistic'}]}
       organization:
-        - {function: hasModule, parameters: ['StatisticFederation']}
+        - {function: hasAllModules, parameters: ['StatisticFederation']}
 
   structure_stats_page:
     action: 'display'
     services:
       access:
-        - {function: hasAbility, parameters: [{action: 'read', subject: 'statistic'}]}
+        - {function: hasAllRoleAbilities, parameters: [{action: 'read', subject: 'statistic'}]}
       organization:
-        - {function: hasModule, parameters: ['StatisticStructure']}
+        - {function: hasAllModules, parameters: ['StatisticStructure']}

services/rights/abilityUtils.ts

@@ -14,6 +14,11 @@ class AbilityUtils {
     private readonly accessProfile: any
     private readonly organizationProfile: any
 
+    private readonly configDir = './config/abilities/config.yaml'
+
+    private abilitiesByRoles: Array<AbilitiesType> = []
+    private abilitiesByConfig: Array<AbilitiesType> = []
+
     /**
      * @constructor
      */
@@ -34,10 +39,6 @@ class AbilityUtils {
         // Nécessaire pour que l'update des habilités soit correcte après la phase SSR
         this.ability.update(this.accessProfile.abilities)
 
-        // const abilities: Array<AbilitiesType> = this.buildAbilities();
-        // this.accessProfile.abilities = abilities
-        // this.ability.update(abilities)
-
         // Au moment où l'on effectue une action organizationProfileStore.setProfile, il faut aller récupérer
         // les différentes habilités que l'utilisateur peut effectuer. (Tout cela se passe en SSR)
         const unsubscribe = this.organizationProfile.$onAction(({
@@ -50,7 +51,7 @@ class AbilityUtils {
             after((result: any)=>{
                 if (name === 'setProfile'){
                     //On récupère les habilités
-                    const abilities: Array<AbilitiesType> = this.buildAbilities();
+                    const abilities = this.buildAbilities();
 
                     //On les store puis on update le service ability pour le mettre à jour.
                     this.accessProfile.abilities = abilities
@@ -69,90 +70,92 @@ class AbilityUtils {
      * @return {Array<AbilitiesType>}
      */
     buildAbilities(): Array<AbilitiesType> {
-        const abilitiesByRoles: Array<AbilitiesType> = this.buildAbilitiesFromRoles(this.accessProfile.roles)
-        const abilitiesByConfig = this.buildAbilitiesFromConfig('./config/abilities/config.yaml')
-        return abilitiesByRoles.concat(abilitiesByConfig)
+        this.buildAbilitiesFromRoles()
+        this.buildAbilitiesFromConfig()
+
+        return this.abilities()
+    }
+
+    abilities(): Array<AbilitiesType> {
+        return ([] as Array<AbilitiesType>).concat(this.abilitiesByRoles).concat(this.abilitiesByConfig)
     }
 
     /**
      * Adaptation et transformations des roles symfony en abilities Casl
-     *
-     * @param {Array<string>} roles
-     * @return {Array<AbilitiesType>}
      */
-    buildAbilitiesFromRoles(roles: Array<string>): Array<AbilitiesType> {
-        return RoleUtils.rolesToAbilities(roles)
+    buildAbilitiesFromRoles() {
+        this.abilitiesByRoles = RoleUtils.rolesToAbilities(this.accessProfile.roles)
     }
 
     /**
      * Charge les habilités depuis les fichiers de configuration
-     *
-     * @param {string} configPath
-     * @return {Array<AbilitiesType>}
      */
-    buildAbilitiesFromConfig(configPath: string): Array<AbilitiesType> {
-        const doc = YamlDenormalizer.denormalize({path: configPath})
+    buildAbilitiesFromConfig() {
+        const doc = YamlDenormalizer.denormalize({path: this.configDir})
         const fromConfig = doc.abilities
 
-        const abilities: Array<AbilitiesType> = []
-
         useEach(fromConfig, (ability: { action: ABILITIES, services: object }, subject: string) => {
             const { action, services } = ability
+
             if (this.hasConfigAbility(services)) {
-                abilities.push({ action, subject })
+                this.abilitiesByConfig.push({ action, subject })
             }
         })
-        return abilities
     }
 
     /**
      * Parcourt les services définis dans la configuration, et établit si oui ou non l'habilité est autorisée
      *
+     * TODO: voir pourquoi on a besoin d'accepter un param null pour le hasProfile?
+     *
      * @return {boolean}
      * @param services
      */
     hasConfigAbility(services: AnyJson) {
-        const handlerMap: any = {
-            hasAbility: (parameters: any) => this.hasAllAbilities(parameters),
-            hasProfile: (parameters: any) => parameters === null || this.hasAnyProfile(parameters),
-            hasModule: (parameters: any) => this.hasModule(parameters),
-            isAdminAccount: (parameters: any) => this.accessProfile.isAdminAccount,
-            isSchool: (parameters: any) => this.organizationProfile.isSchool,
-            isArtist: (parameters: any) => this.organizationProfile.isArtist,
-            isManagerProduct: (parameters: any) => this.organizationProfile.isManagerProduct,
-            isOrganizationWithChildren: (parameters: any) => this.organizationProfile.hasChildren,
-            isAssociation: (parameters: any) => this.organizationProfile.isAssociation,
-            isShowAdherentList: (parameters: any) => this.organizationProfile.isShowAdherentList,
-            isCmf: (parameters: any) => this.organizationProfile.isCmf,
-            getWebsite: (parameters: any) => this.organizationProfile.getWebsite,
-        }
+        for (const service in services) {
+            let handlers = services[service] as Array<{ function: string, parameters?: Array<any>, result?: any }>
 
-        // TODO: renommer les fonctions du handlerMap de la même façon que les fonctions hasAnyXxx, hasAllXxx, etc.
-        // TODO: revoir les fichiers yaml en fonction
-        // TODO: clarifier le fonctionnement du hasAbility (c'est très bizarre de tester des habilités alors qu'on est en train de les construire)
-        // TODO: extraire l'intérieur du useEach dans une méthode séparée pour clarifier l'algo
-        // TODO: voir pourquoi on a besoin d'accepter un param null pour le hasProfile?
-        // TODO: créer un outil pour simplifier le déboguage des droits
-
-        let hasAbility = true
+            if (handlers.some((handler) => !this.testConfigService(handler))) {
+                return false
+            }
+        }
+        return true
+    }
 
-        useEach(services, (handlers: Array<{ function: string, parameters?: Array<any>, result?: any }>, service: string) => {
+    handlerMap: any = {
+        hasAllRoleAbilities: (parameters: any) => this.hasAllRoleAbilities(parameters),
+        hasAnyProfile: (parameters: any) => parameters === null || this.hasAnyProfile(parameters),
+        hasAllModules: (parameters: any) => this.hasAllModules(parameters),
+        isAdminAccount: (parameters: any) => this.accessProfile.isAdminAccount,
+        isSchool: (parameters: any) => this.organizationProfile.isSchool,
+        isArtist: (parameters: any) => this.organizationProfile.isArtist,
+        isManagerProduct: (parameters: any) => this.organizationProfile.isManagerProduct,
+        isOrganizationWithChildren: (parameters: any) => this.organizationProfile.hasChildren,
+        isAssociation: (parameters: any) => this.organizationProfile.isAssociation,
+        isShowAdherentList: (parameters: any) => this.organizationProfile.isShowAdherentList,
+        isCmf: (parameters: any) => this.organizationProfile.isCmf,
+        getWebsite: (parameters: any) => this.organizationProfile.getWebsite,
+    }
 
-            useEach(handlers, (handler: { function: string, parameters?: Array<any>, result?: any }) => {
+    private testConfigService(handler: { function: string, parameters?: Array<any>, result?: any }) {
+        const expectedResult: boolean = handler.result ?? true;
+        const parameters = handler.parameters ?? []
 
-                const expectedResult: boolean = handler.result ?? true;
-                const parameters = handler.parameters ?? []
+        const actualResult = this.handlerMap[handler.function](parameters ?? null)
 
-                const actualResult = handlerMap[handler.function](parameters ?? null)
+        return actualResult === expectedResult
+    }
 
-                if (actualResult !== expectedResult) {
-                    hasAbility = false
-                    return false
-                }
-            })
-            if (!hasAbility) { return false }
-        })
-        return hasAbility
+    /**
+     * Est-ce que l'utilisateur possède l'habilité passée en paramètre
+     *
+     * @return {boolean}
+     * @param ability
+     */
+    hasRoleAbility(ability: AbilitiesType) {
+        return this.abilitiesByRoles.some(
+            (candidate) => candidate.action === ability.action && candidate.subject === ability.subject
+        )
     }
 
     /**
@@ -161,8 +164,10 @@ class AbilityUtils {
      * @param {Array<AbilitiesType>} abilities Habilités à tester
      * @return {boolean}
      */
-    hasAllAbilities(abilities: Array<AbilitiesType>): boolean {
-        return abilities.every(ability => this.ability.can(ability.action, ability.subject))
+    hasAllRoleAbilities(abilities: Array<AbilitiesType>): boolean {
+        return abilities.every(
+            ability => this.hasRoleAbility(ability)
+        )
     }
 
     /**
@@ -172,7 +177,7 @@ class AbilityUtils {
      * @return {boolean}
      */
     hasProfile(profile: string): boolean {
-        const factory: {[key: string]: boolean|null} = {
+        return {
             'admin': this.accessProfile.isAdmin,
             'administratifManager': this.accessProfile.isAdministratifManager,
             'pedagogicManager': this.accessProfile.isPedagogicManager,
@@ -184,8 +189,7 @@ class AbilityUtils {
             'other': this.accessProfile.isOther,
             'guardian': this.accessProfile.isGuardian,
             'payor': this.accessProfile.isPayer,
-        }
-        return factory[profile] ?? false
+        }[profile] ?? false
     }
 
     /**
@@ -215,7 +219,7 @@ class AbilityUtils {
      * @param role
      */
     hasRole(role: string): boolean {
-        return this.accessProfile.roles.includes(role)
+        return this.accessProfile.hasRole(role)
     }
 
     /**
@@ -245,7 +249,7 @@ class AbilityUtils {
      * @param module
      */
     hasModule(module: string): boolean {
-        return this.organizationProfile.modules.includes(module)
+        return this.organizationProfile.hasModule(module)
     }
 
     /**

services/rights/roleUtils.ts

@@ -125,11 +125,12 @@ class RoleUtils {
     useEach(roles, (role) => {
       if ((match = regex.exec(role)) !== null) {
         const subject = match[2]
-        const action = match[3] ?? ''
+        const actionName = match[3] ?? ''
+        const action = actionMap[actionName]
 
-        if (subject) {
+        if (subject && typeof action !== 'undefined') {
           abilities.push({
-            action: actionMap[action],
+            action: action,
             subject: subject.toLowerCase()
           })
         }

stores/accessProfile.ts

@@ -87,6 +87,16 @@ export const useAccessProfileStore = defineStore('accessProfile', () => {
     })
   }
 
+  /**
+   * Est-ce que l'utilisateur possède le rôle donné ?
+   *
+   * @return {boolean}
+   * @param role
+   */
+  const hasRole = (role: string): boolean => {
+    return roles.value.includes(role)
+  }
+
   const setProfile = (profile: any) => {
     const profileRoles: Array<string> = Object.values(profile.roles)
 

stores/organizationProfile.ts

@@ -11,7 +11,7 @@ export const useOrganizationProfileStore = defineStore('organizationProfile', ()
   const name = ref(null)
   const product = ref(null)
   const currentActivityYear = ref(null)
-  const modules = ref([])
+  const modules: Ref<Array<string>> = ref([])
   const hasChildren = ref(false)
   const legalStatus = ref(null)
   const showAdherentList = ref(false)
@@ -142,6 +142,9 @@ export const useOrganizationProfileStore = defineStore('organizationProfile', ()
     return website.value ?? null
   })
 
+  const hasModule = (module: string): boolean => {
+    return modules.value.includes(module)
+  }
 
   // Actions
   const setProfile = (profile: any) => {
@@ -199,6 +202,7 @@ export const useOrganizationProfileStore = defineStore('organizationProfile', ()
     isShowAdherentList,
     isAssociation,
     getWebsite,
+    hasModule,
     setProfile,
     refreshProfile
   }