diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 8dae615..5fe11ff 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -34,6 +34,10 @@ security:
auth_token:
pattern: ^/token
stateless: true
+ api_m2m:
+ pattern: ^/api/v1/
+ stateless: true
+ oauth2: true
api:
pattern: ^/oauth/api
security: true
diff --git a/docs/Client_Setup.md b/docs/Client_Setup.md
index 54c8568..bb5d290 100644
--- a/docs/Client_Setup.md
+++ b/docs/Client_Setup.md
@@ -178,18 +178,54 @@ class SsoAuthenticator extends OAuth2Authenticator implements AuthenticationEntr
**/
if (!$user) {
$user = new User();
- $user->setEmail($sudalysSsoUser->getEmail());
- $user->setName($sudalysSsoUser->getName());
- $user->setSurname($sudalysSsoUser->getSurname());
- $user->setSsoId($sudalysSsoUser->getId());
+ $user->setEmail($ssoData->getEmail());
+ $user->setPrenom($ssoData->getName());
+ $user->setNom($ssoData->getSurname());
+ $user->setSsoId($ssoData->getId());
$this->em->persist($user);
}else{
// On met a jour l'utilisateur
- $user->setEmail($sudalysSsoUser->getEmail());
- $user->setName($sudalysSsoUser->getName());
- $user->setSurname($sudalysSsoUser->getSurname());
+ $user->setEmail($ssoData->getEmail());
+ $user->setPrenom($ssoData->getName());
+ $user->setNom($ssoData->getSurname());
$this->em->persist($user);
}
+
+ //handle UOs links
+ $ssoArray = $ssoData->toArray();
+ $uoData = $ssoArray['uos'] ?? [];
+ foreach ($uoData as $uo) {
+ $ssoOrgId = $uo['id'];
+
+ $entity = $this->em->getRepository(Entity::class)->findOneBy(['ssoId' => $ssoOrgId]);
+ if (!$entity) {
+ $entity = new Entity();
+ $entity->setSsoId($ssoOrgId);
+ $entity->setNom($uo['name']);
+ $this->em->persist($entity);
+ }
+ $role = $this->em->getRepository(Roles::class)->findOneBy(['name' => $uo['role']]);
+
+ // Check if the user-organization link already exists
+ $existingLink = $this->em->getRepository(UsersOrganizations::class)->findOneBy([
+ 'users' => $user,
+ 'organizations' => $entity
+ ]);
+
+ if (!$existingLink) {
+ // Create a new link if it doesn't exist
+ $newLink = new UsersOrganizations();
+ $newLink->setUsers($user);
+ $newLink->setOrganizations($entity);
+ $newLink->setRole($role);
+ $this->em->persist($newLink);
+ } else {
+ // Update the role if the link already exists
+ $existingLink->setRole($role);
+ $existingLink->setModifiedAt(new \DateTimeImmutable());
+ $this->em->persist($existingLink);
+ }
+ }
$this->em->flush();
return $user;
}
diff --git a/docs/Role_Hierarchy.md b/docs/Role_Hierarchy.md
index 2dfb715..6bf5e54 100644
--- a/docs/Role_Hierarchy.md
+++ b/docs/Role_Hierarchy.md
@@ -31,4 +31,139 @@ Get Access to the following with the following authorisations:
## Organizations Roles
Organizations roles are specific to individual Organizations. They include:
- **Organization Admin**: Has full access to all organization features and settings. Can manage users of the organizations.
-- **Organization User**: Has limited access to organization features and settings. Can view projects and applications, can manage own information
\ No newline at end of file
+- **Organization User**: Has limited access to organization features and settings. Can view projects and applications, can manage own information
+
+
+# Set up
+Like for the sso, we need to create roles in the system. create the following command and the create the roles.
+``` php
+
+#[AsCommand(
+ name: 'app:create-role',
+ description: 'Creates a new role in the database'
+)]
+class CreateRoleCommand extends Command
+{
+ private EntityManagerInterface $entityManager;
+
+ public function __construct(EntityManagerInterface $entityManager)
+ {
+ parent::__construct();
+ $this->entityManager = $entityManager;
+ }
+
+ protected function configure(): void
+ {
+ $this
+ ->addArgument('name', InputArgument::REQUIRED, 'The name of the role'); // role name required
+ }
+
+ protected function execute(InputInterface $input, OutputInterface $output): int
+ {
+ $roleName = trim($input->getArgument('name'));
+ $roleName = strtoupper($roleName); // Normalize to uppercase
+
+ // Ensure not empty
+ if ($roleName === '') {
+ $output->writeln('The role name cannot be empty');
+ return Command::FAILURE;
+ }
+
+ // Check if role already exists
+ $existing = $this->entityManager->getRepository(Roles::class)
+ ->findOneBy(['name' => $roleName]);
+
+ if ($existing) {
+ $output->writeln("Role '{$roleName}' already exists.");
+ return Command::SUCCESS; // not failure, just redundant
+ }
+
+ // Create and persist new role
+ $role = new Roles();
+ $role->setName($roleName);
+
+ $this->entityManager->persist($role);
+ $this->entityManager->flush();
+
+ $output->writeln("Role '{$roleName}' created successfully!");
+
+ return Command::SUCCESS;
+ }
+}
+```
+```php
+#[AsCommand(
+ name: 'app:delete-role',
+ description: 'Deletes a role from the database'
+)]
+class DeleteRoleCommand extends Command
+{
+ private EntityManagerInterface $entityManager;
+
+ public function __construct(EntityManagerInterface $entityManager)
+ {
+ parent::__construct();
+ $this->entityManager = $entityManager;
+ }
+
+ protected function configure(): void
+ {
+ $this
+ ->addArgument('name', InputArgument::REQUIRED, 'The name of the role to delete');
+ }
+
+ protected function execute(InputInterface $input, OutputInterface $output): int
+ {
+ $roleName = trim($input->getArgument('name'));
+ $roleName = strtoupper($roleName); // Normalize to uppercase
+
+ if ($roleName === '') {
+ $output->writeln('The role name cannot be empty');
+ return Command::FAILURE;
+ }
+
+ // Find the role
+ $role = $this->entityManager->getRepository(Roles::class)
+ ->findOneBy(['name' => $roleName]);
+
+ if (!$role) {
+ $output->writeln("Role '{$roleName}' not found.");
+ return Command::FAILURE;
+ }
+
+ // Check if role is being used (optional safety check)
+ $usageCount = $this->entityManager->getRepository(\App\Entity\UsersOrganizations::class)
+ ->count(['role' => $role]);
+
+ if ($usageCount > 0) {
+ $output->writeln("Cannot delete role '{$roleName}' - it is assigned to {$usageCount} user(s).");
+ $output->writeln('Remove all assignments first, then try again.');
+ return Command::FAILURE;
+ }
+
+ // Confirmation prompt
+ $helper = $this->getHelper('question');
+ $question = new ConfirmationQuestion(
+ "Are you sure you want to delete role '{$roleName}'? [y/N] ",
+ false
+ );
+
+ if (!$helper->ask($input, $output, $question)) {
+ $output->writeln('Operation cancelled.');
+ return Command::SUCCESS;
+ }
+
+ // Delete the role
+ $this->entityManager->remove($role);
+ $this->entityManager->flush();
+
+ $output->writeln("Role '{$roleName}' deleted successfully!");
+
+ return Command::SUCCESS;
+ }
+}
+```
+``` bash
+ php bin/console app:create-role USER
+ php bin/console app:create-role ADMIN
+```
\ No newline at end of file
diff --git a/src/Controller/api/Check/EasyCheckController.php b/src/Controller/api/Check/EasyCheckController.php
deleted file mode 100644
index ffc7990..0000000
--- a/src/Controller/api/Check/EasyCheckController.php
+++ /dev/null
@@ -1,20 +0,0 @@
-render('easy_check/index.html.twig');
- }
-}
diff --git a/src/Controller/api/v1/user/UserController.php b/src/Controller/api/v1/user/UserController.php
new file mode 100644
index 0000000..90a01d0
--- /dev/null
+++ b/src/Controller/api/v1/user/UserController.php
@@ -0,0 +1,42 @@
+find($id);
+ if (!$user) {
+ return $this->json(['error' => 'User not found'], 404);
+ }
+ $roleAdmin = $this->entityManager->getRepository(Roles::class)->findOneBy(['name' => 'ADMIN']);
+ $uos = $this->uoRepository->findBy(['user' => $user, 'role' => $roleAdmin]);
+ foreach ($uos as $uo) {
+ $result[] = [
+ 'id' => $uo->getUsers()->getId(),
+ 'name' => $uo->getUsers()->getName(),
+ 'email' => $uo->getUsers()->getEmail(),
+ ];
+ }
+ return $this->json($result);
+ }
+}
\ No newline at end of file