Refacto User login

.env.test

@@ -5,3 +5,4 @@ SYMFONY_DEPRECATIONS_HELPER=disabled
 DATABASE_URL=postgresql://resop:postgrespwd@postgres/resop-test?serverVersion=11&charset=utf8
 PANTHER_CHROME_ARGUMENTS="--headless --no-sandbox"
 PANTHER_APP_ENV=panther
+APP_SLOT_INTERVAL="+2 hours"

assets/js/_planning-missions.js

@@ -16,11 +16,11 @@ function setSlotMisssion(mission, $slot) {
   missionsText += ' ';
 
   // User part
-  let url = Routing.generate('app_user_availability_mission_modal', { id: mission.id });
+  let url = Routing.generate('app_user_availability_mission_modal', { mission: mission.id });
 
   if (window.location.pathname.indexOf('organizations') >= 0 && !!mission?.organization?.id) {
     // Organization part
-    url = Routing.generate('app_organization_mission_modal', { organization: mission.organization.id, id: mission.id });
+    url = Routing.generate('app_organization_mission_modal', { organization: mission.organization.id, mission: mission.id });
   }
 
   missionsText += $(`<button type="button" class="btn btn-link" data-toggle="ajax-modal" data-href="${url}">`).text(mission.name)[0].outerHTML;

assets/js/fos_js_routes.json

@@ -1 +1 @@
-{"base_url":"","routes":{"app_user_availability_mission_modal":{"tokens":[["text","\/modal"],["variable","\/","\\d+","id",true],["text","\/user\/availability\/missions"]],"defaults":[],"requirements":{"id":"\\d+"},"hosttokens":[],"methods":["GET"],"schemes":[]},"app_organization_mission_modal":{"tokens":[["text","\/modal"],["variable","\/","\\d+","id",true],["text","\/missions"],["variable","\/","\\d+","organization",true],["text","\/organizations"]],"defaults":[],"requirements":{"id":"\\d+","organization":"\\d+"},"hosttokens":[],"methods":["GET"],"schemes":[]},"app_organization_mission_find_by_filters":{"tokens":[["text","\/missions\/find"],["variable","\/","\\d+","organization",true],["text","\/organizations"]],"defaults":[],"requirements":{"organization":"\\d+"},"hosttokens":[],"methods":["GET"],"schemes":[]}},"prefix":"","host":"localhost","port":"","scheme":"http","locale":[]}
+{"base_url":"","routes":{"app_user_availability_mission_modal":{"tokens":[["text","\/modal"],["variable","\/","\\d+","mission",true],["text","\/user\/availability\/missions"]],"defaults":[],"requirements":{"mission":"\\d+"},"hosttokens":[],"methods":["GET"],"schemes":[]},"app_organization_mission_modal":{"tokens":[["text","\/modal"],["variable","\/","\\d+","mission",true],["text","\/missions"],["variable","\/","\\d+","organization",true],["text","\/organizations"]],"defaults":[],"requirements":{"mission":"\\d+","organization":"\\d+"},"hosttokens":[],"methods":["GET"],"schemes":[]},"app_organization_mission_find_by_filters":{"tokens":[["text","\/missions\/find"],["variable","\/","\\d+","organization",true],["text","\/organizations"]],"defaults":[],"requirements":{"organization":"\\d+"},"hosttokens":[],"methods":["GET"],"schemes":[]}},"prefix":"","host":"localhost","port":"","scheme":"http","locale":[]}

config/packages/security.yaml

@@ -5,37 +5,18 @@ security:
             entity:
                 class: App\Entity\User
 
-        organizations:
-            entity:
-                class: App\Entity\Organization
-
     encoders:
         Symfony\Component\Security\Core\User\UserInterface:
             algorithm: auto
 
+    role_hierarchy:
+        ROLE_VOLUNTEER: ROLE_USER
+
     firewalls:
         dev:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
 
-        organizations:
-            pattern: ^/organizations
-            anonymous: lazy
-            provider: organizations
-            guard:
-                authenticators:
-                    - App\Security\OrganizationLoginFormAuthenticator
-
-            logout:
-                path: app_organization_logout
-                target: app_organization_index
-
-            remember_me:
-                name: remember_me_organization
-                secret:   '%kernel.secret%'
-                lifetime: 604800 # 1 week in seconds
-                path:     /
-
         main:
             anonymous: lazy
             provider: users
@@ -54,6 +35,7 @@ security:
                 path:     /
 
     access_control:
-        - { path: ^/(user\/new|login|organizations\/login)$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/organizations, roles: ROLE_ORGANIZATION }
+        - { path: ^/user/new$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/, roles: ROLE_USER }
+        - { path: ^/organizations/, roles: ROLE_ORGANIZATION }

config/services_test.yaml

@@ -7,7 +7,13 @@ services:
         resource: '../tests/Behat/*'
 
     App\Tests\Behat\FixturesContext:
-        $aliceFixturesLoader: '@hautelook_alice.loader'
+        arguments:
+            $aliceFixturesLoader: '@hautelook_alice.loader'
 
     App\Tests\Behat\TraversingContext:
-        $projectDir: '%kernel.project_dir%'
+        arguments:
+            $projectDir: '%kernel.project_dir%'
+
+    App\Tests\Behat\UserPlanningContext:
+        arguments:
+            $slotInterval: '%app.slot_interval%'

features/organization/assets.feature

@@ -4,10 +4,10 @@ Feature:
     I must be able to list, edit and delete assets in my organization.
 
     Scenario: As an admin of an organization, I can list the assets from my organization
-        Given I am authenticated as "admin203@resop.com"
-        And I am on "/organizations/203"
+        Given I am authenticated as "admin201@resop.com"
+        And I am on "/organizations/201"
         When I follow "Afficher la liste de mes véhicules"
-        Then I should be on "/organizations/203/assets"
+        Then I should be on "/organizations/201/assets/"
         And the response status code should be 200
         And I should see "75992"
         And I should see "75996"
@@ -32,12 +32,12 @@ Feature:
 
     Scenario: As an admin of an organization, I cannot list the assets from an organization I don't have access to
         Given I am authenticated as "[email protected]"
-        When I go to "/organizations/202/assets"
+        When I go to "/organizations/202/assets/"
         Then the response status code should be 403
 
     Scenario: As an admin of a child organization, I cannot list the assets from the parent organization
-        Given I am authenticated as "admin203@resop.com"
-        When I go to "/organizations/201/assets"
+        Given I am authenticated as "admin204@resop.com"
+        When I go to "/organizations/202/assets/"
         Then the response status code should be 403
 
     Scenario Outline: As an admin of an organization, I can add an asset on my organization or children organizations
@@ -50,69 +50,44 @@ Feature:
         And I press "Continuer"
         Then the response status code should be 200
         And I should be on "<add_url>"
-        When I fill in the following:
-            | commissionable_asset[type]            | VL                    |
-            | commissionable_asset[name]            | new vehicule          |
-            | commissionable_asset[hasMobileRadio]  | 1                     |
-            | commissionable_asset[hasFirstAidKit]  | 1                     |
-            | commissionable_asset[parkingLocation] | some parking location |
-            | commissionable_asset[contact]         | some contact          |
-            | commissionable_asset[seatingCapacity] | 5                     |
-            | commissionable_asset[licensePlate]    | some license plate    |
-            | commissionable_asset[comments]        | some comments         |
+        When I fill in "commissionable_asset[name]" with "new vehicule"
         And I press "Enregistrer"
         Then I should be on "<list_url>"
         And the response status code should be 200
         And I should see "Véhicule créé"
-        And I should see "VL - new vehicule"
-        When I follow the last "Modifier"
-        Then I should be on "/organizations/203/assets/1/edit"
-        And the response status code should be 200
-        And the "commissionable_asset_type" field should contain "VL"
-        And the "commissionable_asset_name" field should contain "new vehicule"
-        And the "commissionable_asset_hasMobileRadio_0" checkbox is checked
-        And the "commissionable_asset_hasFirstAidKit_0" checkbox is checked
-        And the "commissionable_asset_parkingLocation" field should contain "some parking location"
-        And the "commissionable_asset_contact" field should contain "some contact"
-        And the "commissionable_asset_seatingCapacity" field should contain "5"
-        And the "commissionable_asset_licensePlate" field should contain "some license plate"
-        And the "commissionable_asset_comments" field should contain "some comments"
+        And I should see "new vehicule"
         Examples:
-            | login              | list_url                  | preAdd_url                       | add_url                       |
-#            todo: there is a bug when using parent organization: https://github.com/crf-devs/resop/issues/360
-#            todo: how to create a new asset on a children organization (but not on current one)?
-#            | [email protected]     | /organizations/201/assets?organization=203 | /organizations/201/assets/preAdd | /organizations/201/assets/add |
-            | admin203@resop.com | /organizations/203/assets | /organizations/203/assets/preAdd | /organizations/203/assets/add |
+            | login              | list_url                                      | preAdd_url                                          | add_url                                          |
+            | admin201@resop.com | /organizations/201/assets/?organizationId=203 | /organizations/201/assets/preAdd?organizationId=203 | /organizations/201/assets/add?organizationId=203 |
+            | admin204@resop.com | /organizations/204/assets/                    | /organizations/204/assets/preAdd                    | /organizations/204/assets/add                    |
 
     @javascript
     Scenario: As an admin of an admin of an organization, I can display an asset modal
         Given I am authenticated as "[email protected]"
-        When I go to "/organizations/201/assets"
+        When I go to "/organizations/201/assets/"
         And I press "Afficher"
         And I wait for ".modal-show-asset-inner" to be visible
         Then I should see "Modifier"
         And I follow "Modifier"
-        Then I should be on "/organizations/201/assets/75012/edit?organizationId=203"
+        Then I should be on "/organizations/201/assets/75992/edit"
 
     Scenario Outline: As an admin of an organization, I can update an asset from my organization or children organizations
         Given I am authenticated as "<login>"
         When I go to "<edit_url>"
         Then I should be on "<edit_url>"
         And the response status code should be 200
-        And the "commissionable_asset_name" field should contain "75012"
-        When I fill in the following:
-            | commissionable_asset[name] | new name |
+        And the "commissionable_asset_name" field should contain "<name>"
+        When I fill in "commissionable_asset[name]" with "new name"
         And I press "Enregistrer"
         Then I should be on "<list_url>"
         And the response status code should be 200
         And I should see "Véhicule \"VPSP - new name\" mis à jour avec succès"
         When I go to "<edit_url>"
         And the "commissionable_asset_name" field should contain "new name"
         Examples:
-            | login              | edit_url                             | list_url                  |
-#            todo: there is a bug when using parent organization: https://github.com/crf-devs/resop/issues/360
-#            | [email protected]     | /organizations/201/assets/75012/edit | /organizations/201/assets?organization=203 |
-            | admin203@resop.com | /organizations/203/assets/75012/edit | /organizations/203/assets |
+            | login              | name  | edit_url                             | list_url                                      |
+            | admin201@resop.com | 75012 | /organizations/201/assets/75012/edit | /organizations/201/assets/?organizationId=203 |
+            | admin204@resop.com | 77102 | /organizations/204/assets/77102/edit | /organizations/204/assets/                    |
 
     Scenario: As an admin of a parent organization, I cannot update an asset from an organization I don't have access to
         Given I am authenticated as "[email protected]"
@@ -149,7 +124,7 @@ Feature:
 
     Scenario: As an admin of a parent organization, I cannot delete an asset from another organization
         Given I am authenticated as "[email protected]"
-        When I go to "/organizations/202/assets"
+        When I go to "/organizations/202/assets/"
         Then the response status code should be 403
         When I go to "/organizations/202/assets/77992/delete"
         Then the response status code should be 403

features/organization/forecast.feature

@@ -5,12 +5,12 @@ Feature:
     I must be able to search for available users and assets.
 
     Scenario: As an authenticated children organization, I cannot use the forecast search form
-        Given I am authenticated as "UL 01-02"
-        When I go to "/organizations/201/forecast/"
+        Given I am authenticated as "[email protected]"
+        When I go to "/organizations/202/forecast/"
         Then the response status code should be 403
 
     Scenario: As an authenticated parent organization, I can access the forecast search form
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         When I go to "/organizations/201"
         Then I should see "Projections"
         When I follow "Projections"
@@ -20,7 +20,7 @@ Feature:
 
     @javascript
     Scenario: As an authenticated parent organization, I can use the forecast search form
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         And I am on "/organizations/201/forecast/"
         When I click on "#availableRange"
         Then I wait for ".daterangepicker" to be visible

features/organization/home.feature

@@ -21,21 +21,20 @@ Feature:
         When I go to "<url>"
         Then the response status code should be 403
         Examples:
-            | url                     |
-            | /organizations/203        |
-            | /organizations/203/new    |
-            | /organizations/203/search |
-            | /organizations/203/edit   |
-            | /organizations/203/assets |
-            | /organizations/203/users  |
-            | /organizations/planning |
+            | url                             |
+            | /organizations/203              |
+            | /organizations/203/children/new |
+            | /organizations/203/search       |
+            | /organizations/203/assets/      |
+            | /organizations/203/users/       |
+            | /organizations/203/planning     |
 
     Scenario Outline: As an admin of an organization, I cannot go to the homepage of another organization
         Given I am authenticated as "[email protected]"
         When I go to "<url>"
         Then the response status code should be 403
         Examples:
-            | url              |
-            | /organizations/2 |
+            | url                |
+            | /organizations/202 |
             | /organizations/203 |
             | /organizations/204 |

features/organization/mission_type.feature

@@ -5,7 +5,7 @@ Feature:
     I must be able to list, edit and delete mission types.
 
     Scenario: As an organization, I can list my mission types
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         And I am on "/organizations/201"
         When I follow "Modifier les types de missions"
         Then I should be on "/organizations/201/mission_type/"
@@ -17,7 +17,7 @@ Feature:
 
     @javascript
     Scenario: As an organization, I can create a mission type
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         And I am on "/organizations/201/mission_type/"
         When I follow "Ajouter un nouveau type de mission"
         Then I should be on "/organizations/201/mission_type/new"
@@ -43,7 +43,7 @@ Feature:
 
     @javascript
     Scenario: As an organization, I cannot create a mission type with duplicate requirements
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         And I am on "/organizations/201/mission_type/"
         When I follow "Ajouter un nouveau type de mission"
         Then I should be on "/organizations/201/mission_type/new"
@@ -69,7 +69,7 @@ Feature:
 
     @javascript
     Scenario: As an organization, I can edit a mission type
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         And I am on "/organizations/201/mission_type/"
         When I follow "Modifier"
         Then I should be on "/organizations/201/mission_type/751/edit"
@@ -84,13 +84,13 @@ Feature:
         And I should see "CI Réseau BSPP"
 
     Scenario: As an organization, I cannot edit a mission type of another organization
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         And I am on "/organizations/201/mission_type/771/edit"
         Then the response status code should be 403
 
     @javascript
     Scenario: As an organization, I can delete a mission type
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         And I am on "/organizations/201/mission_type/"
         When I follow "Supprimer"
         And I wait for "#delete-item-modal" to be visible
@@ -101,7 +101,7 @@ Feature:
         And I should not see "Mission type DT75 1"
 
     Scenario: As an organization, I cannot delete a mission type of another organization
-        Given I am authenticated as "DT75"
+        Given I am authenticated as "[email protected]"
         And I am on "/organizations/201/mission_type/771/delete"
         Then the response status code should be 403