diff --git a/config/api_platform/User.yaml b/config/api_platform/User.yaml index d82f4c2..efe4597 100644 --- a/config/api_platform/User.yaml +++ b/config/api_platform/User.yaml @@ -1,5 +1,6 @@ resources: App\Entity\User: + security: 'is_granted("ROLE_SUPER_ADMIN")' input: App\Dto\Input\UserInput output: App\Dto\Output\UserOutput processor: App\State\Processor\UserProcessor diff --git a/config/api_platform/UserGroup.yaml b/config/api_platform/UserGroup.yaml index 0e25cb8..0f2a80b 100644 --- a/config/api_platform/UserGroup.yaml +++ b/config/api_platform/UserGroup.yaml @@ -1,5 +1,6 @@ resources: App\Entity\UserGroup: + security: 'is_granted("ROLE_SUPER_ADMIN")' processor: App\State\Processor\UserGroupProcessor input: App\Dto\Input\UserGroupInput output: App\Dto\Output\UserGroupOutput diff --git a/src/DataFixtures/AppFixtures.php b/src/DataFixtures/AppFixtures.php index 3f0d310..f2b8986 100644 --- a/src/DataFixtures/AppFixtures.php +++ b/src/DataFixtures/AppFixtures.php @@ -5,6 +5,7 @@ namespace App\DataFixtures; use App\Entity\OrganizationalUnit; use App\Factory\OrganizationalUnitFactory; use App\Factory\UserFactory; +use App\Model\UserGroupPermissions; use Doctrine\Bundle\FixturesBundle\Fixture; use Doctrine\Persistence\ObjectManager; @@ -17,7 +18,7 @@ class AppFixtures extends Fixture */ public function load(ObjectManager $manager): void { - UserFactory::createOne(['username' => self::ADMIN_USER]); + UserFactory::createOne(['username' => self::ADMIN_USER, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); $rootUnit = OrganizationalUnitFactory::createOne(['name' => 'Centro de ComputaciĆ³n', 'parent' => null]); $roomUnit = OrganizationalUnitFactory::createOne([ diff --git a/tests/Functional/UserGroupTest.php b/tests/Functional/UserGroupTest.php index 0e5572c..257360e 100644 --- a/tests/Functional/UserGroupTest.php +++ b/tests/Functional/UserGroupTest.php @@ -6,6 +6,7 @@ use App\Entity\User; use App\Entity\UserGroup; use App\Factory\UserFactory; use App\Factory\UserGroupFactory; +use App\Model\UserGroupPermissions; use Symfony\Component\HttpFoundation\Response; use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface; use Symfony\Contracts\HttpClient\Exception\DecodingExceptionInterface; @@ -31,7 +32,7 @@ class UserGroupTest extends AbstractTest */ public function testGetCollectionUserGroup(): void { - UserFactory::createOne(['username' => self::USER_ADMIN]); + UserFactory::createOne(['username' => self::USER_ADMIN, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); UserGroupFactory::createOne(['name' => 'Super Admin', 'permissions' => ['ROLE_SUPER_ADMIN'], 'enabled' => true]); UserGroupFactory::createOne(['name' => 'Administrador de aulas', 'permissions' => ['ROLE_ORGANIZATIONAL_UNIT_ADMIN'], 'enabled' => true]); @@ -58,7 +59,7 @@ class UserGroupTest extends AbstractTest */ public function testCreateUserGroup(): void { - UserFactory::createOne(['username' => self::USER_ADMIN]); + UserFactory::createOne(['username' => self::USER_ADMIN, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); $this->createClientWithCredentials()->request('POST', '/user-groups',['json' => [ 'name' => self::USER_GROUP_CREATE, 'enabled' => true, @@ -83,7 +84,7 @@ class UserGroupTest extends AbstractTest */ public function testUpdateUserGroup(): void { - UserFactory::createOne(['username' => self::USER_ADMIN]); + UserFactory::createOne(['username' => self::USER_ADMIN, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); UserGroupFactory::createOne(['name' => self::USER_GROUP_UPDATE]); $iri = $this->findIriBy(UserGroup::class, ['name' => self::USER_GROUP_UPDATE]); @@ -111,7 +112,7 @@ class UserGroupTest extends AbstractTest */ public function testDeleteUser(): void { - UserFactory::createOne(['username' => self::USER_ADMIN]); + UserFactory::createOne(['username' => self::USER_ADMIN, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); UserGroupFactory::createOne(['name' => self::USER_GROUP_DELETE]); $iri = $this->findIriBy(UserGroup::class, ['name' => self::USER_GROUP_DELETE]); diff --git a/tests/Functional/UserTest.php b/tests/Functional/UserTest.php index a63d626..6618ba0 100644 --- a/tests/Functional/UserTest.php +++ b/tests/Functional/UserTest.php @@ -4,6 +4,7 @@ namespace Functional; use App\Entity\User; use App\Factory\UserFactory; +use App\Model\UserGroupPermissions; use Symfony\Component\HttpFoundation\Response; use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface; use Symfony\Contracts\HttpClient\Exception\DecodingExceptionInterface; @@ -27,7 +28,7 @@ class UserTest extends AbstractTest */ public function testGetCollectionUser(): void { - UserFactory::createOne(['username' => self::USER_ADMIN]); + UserFactory::createOne(['username' => self::USER_ADMIN, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); UserFactory::createMany(10); $this->createClientWithCredentials()->request('GET', '/users'); @@ -50,7 +51,7 @@ class UserTest extends AbstractTest */ public function testCreateUser(): void { - UserFactory::createOne(['username' => self::USER_ADMIN]); + UserFactory::createOne(['username' => self::USER_ADMIN, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); $this->createClientWithCredentials()->request('POST', '/users',['json' => [ 'username' => self::USER_CREATE, 'password' => '12345678', @@ -76,8 +77,8 @@ class UserTest extends AbstractTest */ public function testUpdateUser(): void { - UserFactory::createOne(['username' => self::USER_ADMIN]); - UserFactory::createOne(['username' => self::USER_UPDATE]); + UserFactory::createOne(['username' => self::USER_ADMIN, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); + UserFactory::createOne(['username' => self::USER_UPDATE, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); $iri = $this->findIriBy(User::class, ['username' => self::USER_UPDATE]); @@ -101,8 +102,8 @@ class UserTest extends AbstractTest */ public function testDeleteUser(): void { - UserFactory::createOne(['username' => self::USER_ADMIN]); - UserFactory::createOne(['username' => self::USER_DELETE]); + UserFactory::createOne(['username' => self::USER_ADMIN, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); + UserFactory::createOne(['username' => self::USER_DELETE, 'roles'=> [UserGroupPermissions::ROLE_SUPER_ADMIN]]); $iri = $this->findIriBy(User::class, ['username' => self::USER_DELETE]);