User: Refactor roles list, remove error logs, add user roles method

5 months ago · 058fba2186
parent fe5af88280
commit 058fba2186
4 changed files with 26 additions and 43 deletions
--- a/public/main/inc/lib/api.lib.php
+++ b/public/main/inc/lib/api.lib.php
@ -11,8 +11,8 @@ use Chamilo\CoreBundle\Entity\User;
 use Chamilo\CoreBundle\Entity\UserCourseCategory;
 use Chamilo\CoreBundle\Exception\NotAllowedException;
 use Chamilo\CoreBundle\Framework\Container;
-use Chamilo\CoreBundle\Service\PermissionService;
 use Chamilo\CoreBundle\ServiceHelper\MailHelper;
+use Chamilo\CoreBundle\ServiceHelper\PermissionServiceHelper;
 use Chamilo\CoreBundle\ServiceHelper\ThemeHelper;
 use Chamilo\CourseBundle\Entity\CGroup;
 use Chamilo\CourseBundle\Entity\CLp;
@ -6348,15 +6348,9 @@ function api_get_roles()

 function api_get_user_roles(): array
 {
-    $roles = [
-        'ROLE_TEACHER',
-        'ROLE_STUDENT',
-        'ROLE_RRHH',
-        'ROLE_SESSION_MANAGER',
-        'ROLE_STUDENT_BOSS',
-        'ROLE_INVITEE',
-        'ROLE_USER',
-    ];
+    $permissionService = Container::$container->get(PermissionServiceHelper::class);
+
+    $roles = $permissionService->getUserRoles();

    return array_combine($roles, $roles);
 }
@ -7484,7 +7478,7 @@ function api_protect_webservices()
 */
 function api_get_permission(string $permissionSlug, array $roles): bool
 {
-    $permissionService = Container::$container->get(PermissionService::class);
+    $permissionService = Container::$container->get(PermissionServiceHelper::class);

    return $permissionService->hasPermission($permissionSlug, $roles);
 }
--- a/src/CoreBundle/Controller/PermissionController.php
+++ b/src/CoreBundle/Controller/PermissionController.php
@ -10,6 +10,7 @@ use Chamilo\CoreBundle\Entity\PermissionRelRole;
 use Chamilo\CoreBundle\Form\PermissionType;
 use Chamilo\CoreBundle\Repository\PermissionRelRoleRepository;
 use Chamilo\CoreBundle\Repository\PermissionRepository;
+use Chamilo\CoreBundle\ServiceHelper\PermissionServiceHelper;
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
@ -17,27 +18,11 @@ use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Security\Http\Attribute\IsGranted;

-/**
- * The Permission controller manages the /permissions page to control what roles has what permission
- */
 class PermissionController extends AbstractController
 {
-
-    #[IsGranted('ROLE_ADMIN')]
-    #[Route('/permissions/test', name: 'permissions_test')]
-    public function testPermissions(): Response
-    {
-        // Test roles and permission slug
-        $roles = ['ROLE_STUDENT', 'ROLE_TEACHER'];
-        $permissionSlug = 'analytics:view';
-
-        // Call the api_get_permission function and log the result
-        $hasPermission = api_get_permission($permissionSlug, $roles);
-        error_log('Permission check for ' . $permissionSlug . ' with roles ' . implode(', ', $roles) . ': ' . ($hasPermission ? 'true' : 'false'));
-
-        // Return a simple response for testing purposes
-        return new Response('<html><body>Permission check result: ' . ($hasPermission ? 'true' : 'false') . '</body></html>');
-    }
+    public function __construct(
+        private PermissionServiceHelper $permissionServiceHelper
+    ) {}

    #[IsGranted('ROLE_ADMIN')]
    #[Route('/permissions', name: 'permissions')]
@ -48,14 +33,13 @@ class PermissionController extends AbstractController
        EntityManagerInterface $em
    ): Response {
        $permissions = $permissionRepo->findAll();
-        $roles = ['ROLE_INVITEE', 'ROLE_STUDENT', 'ROLE_TEACHER', 'ROLE_ADMIN', 'ROLE_SUPER_ADMIN', 'ROLE_GLOBAL_ADMIN', 'ROLE_RRHH', 'ROLE_QUESTION_MANAGER', 'ROLE_SESSION_MANAGER', 'ROLE_STUDENT_BOSS'];
+        $roles = $this->permissionServiceHelper->getUserRoles();

        if ($request->isMethod('POST')) {
            $data = $request->request->all('permissions');
            foreach ($permissions as $permission) {
                foreach ($roles as $role) {
                    $checkboxValue = isset($data[$permission->getSlug()][$role]);
-                    error_log('Processing role: ' . $role . ' with value: ' . ($checkboxValue ? 'true' : 'false'));
                    $permRelRole = $permissionRelRoleRepo->findOneBy(['permission' => $permission, 'roleCode' => $role]);

                    if ($checkboxValue) {
@ -67,17 +51,14 @@ class PermissionController extends AbstractController
                        $permRelRole->setChangeable(true);
                        $permRelRole->setUpdatedAt(new \DateTime());
                        $em->persist($permRelRole);
-                        error_log('Persisting PermissionRelRole for permission: ' . $permission->getSlug() . ' and role: ' . $role);
                    } else {
                        if ($permRelRole) {
                            $em->remove($permRelRole);
-                            error_log('Removing PermissionRelRole for permission: ' . $permission->getSlug() . ' and role: ' . $role);
                        }
                    }
                }
            }
            $em->flush();
-            error_log('Flush complete');

            return $this->redirectToRoute('permissions');
        }
--- a/src/CoreBundle/Resources/config/services.yml
+++ b/src/CoreBundle/Resources/config/services.yml
@ -104,6 +104,6 @@ services:
    Chamilo\CoreBundle\Filter\SocialWallFilter:
        tags: [ 'api_platform.filter' ]

-    Chamilo\CoreBundle\Service\PermissionService:
+    Chamilo\CoreBundle\ServiceHelper\PermissionServiceHelper:
      arguments:
        $permissionRelRoleRepository: '@Chamilo\CoreBundle\Repository\PermissionRelRoleRepository'
--- a/src/CoreBundle/ServiceHelper/PermissionServiceHelper.php
+++ b/src/CoreBundle/ServiceHelper/PermissionServiceHelper.php
@ -1,20 +1,28 @@
 <?php

-declare(strict_types=1);
-
 /* For licensing terms, see /license.txt */

-namespace Chamilo\CoreBundle\Service;
+declare(strict_types=1);
+
+namespace Chamilo\CoreBundle\ServiceHelper;

 use Chamilo\CoreBundle\Repository\PermissionRelRoleRepository;
+use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;

-class PermissionService
+class PermissionServiceHelper
 {
-    private PermissionRelRoleRepository $permissionRelRoleRepository;
+    public function __construct(
+        private ParameterBagInterface $parameterBag,
+        private PermissionRelRoleRepository $permissionRelRoleRepository
+    ) {}

-    public function __construct(PermissionRelRoleRepository $permissionRelRoleRepository)
+    public function getUserRoles(): array
    {
-        $this->permissionRelRoleRepository = $permissionRelRoleRepository;
+        $roles = $this->parameterBag->get('security.role_hierarchy.roles');
+
+        return array_filter(array_keys($roles), function ($role) {
+            return !str_starts_with($role, 'ROLE_CURRENT_') && $role !== 'ROLE_ANONYMOUS';
+        });
    }

    public function hasPermission(string $permissionSlug, array $roles): bool