From 1d2debf364031632a8853a224302bbe1ca605a12 Mon Sep 17 00:00:00 2001
From: Charles <ce.marguerite@sudalys.fr>
Date: Thu, 17 Jul 2025 15:55:09 +0200
Subject: [PATCH] Roles adjustment

---
 config/packages/security.yaml                 |  3 +-
 src/Controller/OrganizationController.php     | 15 +++++++++
 src/Controller/UserController.php             | 31 ++++++++++++++-----
 templates/elements/menu.html.twig             |  2 +-
 .../userOrganizationInformation.html.twig     | 25 +++++++--------
 5 files changed, 53 insertions(+), 23 deletions(-)
 create mode 100644 src/Controller/OrganizationController.php

diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index c4e3033..542c62f 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -11,9 +11,8 @@ security:
                 property: email
 
     role_hierarchy:
-        ROLE_SUDALYS: ROLE_USER
         ROLE_ADMIN: ROLE_USER
-        ROLE_SUDALYS_ADMIN: [ROLE_SUDALYS, ROLE_ALLOWED_TO_SWITCH, ROLE_ADMIN]
+        ROLE_SUPER_ADMIN: [ROLE_ALLOWED_TO_SWITCH, ROLE_ADMIN]
 
 
     firewalls:
diff --git a/src/Controller/OrganizationController.php b/src/Controller/OrganizationController.php
new file mode 100644
index 0000000..f725dd7
--- /dev/null
+++ b/src/Controller/OrganizationController.php
@@ -0,0 +1,15 @@
+<?php
+
+namespace App\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\Routing\Attribute\Route;
+
+#[Route(path: '/organization', name: 'organization_')]
+
+class OrganizationController extends AbstractController
+{
+
+
+
+}
\ No newline at end of file
diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
index d1d39b4..ec892bb 100644
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@@ -29,7 +29,7 @@ class UserController extends AbstractController
     #[Route('/', name: 'index', methods: ['GET'])]
     public function index(EntityManagerInterface $entityManager): Response
     {
-        if ($this->isGranted('ROLE_SUDALYS_ADMIN')) {
+        if ($this->isGranted('ROLE_SUPER_ADMIN')) {
             $users = $entityManager->getRepository(User::class)->getAllActiveUsers();
         } else {
             $users = 'Not Super Admin';
@@ -46,7 +46,7 @@ class UserController extends AbstractController
     #[Route('/{id}', name: 'show', requirements: ['id' => '\d+'], methods: ['GET'])]
     public function show(int $id, EntityManagerInterface $entityManager): Response
     {
-        if (!$this->isGranted('ROLE_SUDALYS_ADMIN')) {
+        if (!$this->isGranted('ROLE_SUPER_ADMIN')) {
             throw $this->createAccessDeniedException('Access denied');
         }
 
@@ -102,7 +102,7 @@ class UserController extends AbstractController
     public function edit(int $id, EntityManagerInterface $entityManager, Request $request): Response
     {
         //Handle access control
-        if (!$this->isGranted('ROLE_SUDALYS_ADMIN')) {
+        if (!$this->isGranted('ROLE_SUPER_ADMIN')) {
             throw $this->createAccessDeniedException('Access denied');
         }
 
@@ -142,7 +142,7 @@ class UserController extends AbstractController
         //This method is used to set a user as deleted without actually removing them from the database.
 
         //Handle access control
-        if (!$this->isGranted('ROLE_SUDALYS_ADMIN')) {
+        if (!$this->isGranted('ROLE_SUPER_ADMIN')) {
             throw $this->createAccessDeniedException('Access denied');
         }
         //Fetch user by ID and handle not found case
@@ -165,7 +165,7 @@ class UserController extends AbstractController
     #[Route('/{id}', name: 'delete', requirements: ['id' => '\d+'], methods: ['DELETE'])]
     public function delete(int $id, EntityManagerInterface $entityManager): Response
     {
-        if (!$this->isGranted('ROLE_SUDALYS_ADMIN')) {
+        if (!$this->isGranted('ROLE_SUPER_ADMIN')) {
             throw $this->createAccessDeniedException('Access denied');
         }
 
@@ -183,9 +183,9 @@ class UserController extends AbstractController
 
 
     #[Route('/deactivate/{id}', name: 'deactivate', methods: ['GET'])]
-    public function userDeactivate(Request $request, EntityManagerInterface $entityManager): Response
+    public function deactivate(Request $request, EntityManagerInterface $entityManager): Response
     {
-        if ($this->isGranted('ROLE_SUDALYS_ADMIN')) {
+        if ($this->isGranted('ROLE_SUPER_ADMIN')) {
             $userId = $request->attributes->get('id');
             $user = $entityManager->getRepository(User::class)->find($userId);
             if (!$user) {
@@ -199,6 +199,23 @@ class UserController extends AbstractController
         return new Response('Unauthorized', Response::HTTP_UNAUTHORIZED);
     }
 
+    #Route('/organizationsUserEdit/{id}', name: 'organization_user_edit', requirements: ['id' => '\d+'], methods: ['POST'])]
+    public function organizationUserEdit(int $id, Request $request, EntityManagerInterface $entityManager): Response
+    {
+        if (!$this->isGranted('ROLE_SUPER_ADMIN')) {
+            throw $this->createAccessDeniedException('Access denied');
+        }
+
+        $user = $entityManager->getRepository(User::class)->find($id);
+        if (!$user) {
+            throw $this->createNotFoundException(self::NOT_FOUND);
+        }
+
+        // Handle organization user edit logic here
+
+        return $this->redirectToRoute('user_show', ['id' => $user->getId()]);
+    }
+
 
 
 }
diff --git a/templates/elements/menu.html.twig b/templates/elements/menu.html.twig
index 7ce9f8c..1a1ffb2 100644
--- a/templates/elements/menu.html.twig
+++ b/templates/elements/menu.html.twig
@@ -23,7 +23,7 @@
       </div>
     </li>
 {#    if user is Super Admin#}
-    {% if is_granted('ROLE_SUDALYS_ADMIN') %}
+    {% if is_granted('ROLE_SUPER_ADMIN') %}
     <li class="nav-item">
       <a class="nav-link" href="{{ path('user_index') }}">
         <i class="icon-grid menu-icon">{{ ux_icon('bi:menu-up', {height: '15px', width: '15px'}) }}</i>
diff --git a/templates/elements/userOrganizationInformation.html.twig b/templates/elements/userOrganizationInformation.html.twig
index 9d90d09..277ed42 100644
--- a/templates/elements/userOrganizationInformation.html.twig
+++ b/templates/elements/userOrganizationInformation.html.twig
@@ -4,12 +4,15 @@
     <div class="card col-4 mt-3 me-3 user-org-card" style="cursor:pointer;" data-bs-toggle="collapse"
          data-bs-target="#org-details-{{ organization.id }}" aria-expanded="false"
          aria-controls="org-details-{{ organization.id }}">
+        <div class="card-title shadow-sm p-3 ">
+            <div class="d-flex ">
+                <h2 class=" pe-2">{{ organization.name|capitalize }}</h2>
+                <i class="pt-2" id="arrow-icon-{{ organization.id }}">
+                    {{ ux_icon('fa6-regular:circle-down', {height: '25px', width: '25px'})  }}
+                </i>
+            </div>
+{#            <a href="{{ path('user_organization_edit', {'id': user.id}) }}" class="btn btn-primary">Modifier</a>#}
 
-        <div class="card-title shadow-sm p-3 d-flex ">
-            <h2 class=" pe-2">{{ organization.name|capitalize }}</h2>
-            <i class="pt-2" id="arrow-icon-{{ organization.id }}">
-                {{ ux_icon('fa6-regular:circle-down', {height: '25px', width: '25px'})  }}
-            </i>
         </div>
 
         {#    Information principale sur l'utilisateur dans l'organisation#}
@@ -18,12 +21,10 @@
             <p><b>Role:</b>
                 {% if roles|length > 0 %}
                     {% set firstRole = roles[0] %}
-                    {% if firstRole.name == "ROLE ADMIN SUDALYS" or firstRole.name == "ROLE ADMIN" %}
+                    {% if firstRole.name == "SUPER ADMIN" or firstRole.name == "ADMIN" %}
                         <span class="badge bg-danger">{{ firstRole.name|capitalize }}</span>
-                    {% elseif firstRole.name == "ROLE USER" %}
-                        <span class="badge bg-primary">{{ firstRole.name|capitalize }}</span>
                     {% else %}
-                        <span class="badge bg-success">{{ firstRole.name|capitalize }}</span>
+                        <span class="badge bg-primary">{{ firstRole.name|capitalize }}</span>
                     {% endif %}
                 {% else %}
                     Aucun rôle
@@ -50,12 +51,10 @@
             {% if roles|length > 1 %}
                 <p><b>Autres rôles:</b>
                     {% for role in roles|slice(1) %}
-                        {% if role.name == "ROLE ADMIN SUDALYS" or role.name == "ROLE ADMIN" %}
+                        {% if role.name == "SUPER ADMIN" or role.name == "ADMIN" %}
                             <span class="badge bg-danger">{{ role.name|capitalize }}</span>
-                        {% elseif role.name == "ROLE USER" %}
-                            <span class="badge bg-primary">{{ role.name|capitalize }}</span>
                         {% else %}
-                            <span class="badge bg-success">{{ role.name|capitalize }}</span>
+                            <span class="badge bg-primary">{{ role.name|capitalize }}</span>
                         {% endif %}
                         {% if not loop.last %} - {% endif %}
                     {% endfor %}