diff --git a/VERSIONS_HOTLINE/136610 b/VERSIONS_HOTLINE/136610
new file mode 100644
index 0000000000000000000000000000000000000000..5df728610dba074a102b40eda2ddb049a592590d
--- /dev/null
+++ b/VERSIONS_HOTLINE/136610
@@ -0,0 +1 @@
+ - ticket #136610 : Activités : Les redacteurs portail avec le droit de diriger une activité doivent avoir la possibilité d'editer un article lié à une activitée
\ No newline at end of file
diff --git a/library/Class/SessionActivity.php b/library/Class/SessionActivity.php
index ce75f2a5c232b7a6aacc85aae3479de5e639c4ed..da6b24742487414fe81c7fee6c0a087a2e195340 100644
--- a/library/Class/SessionActivity.php
+++ b/library/Class/SessionActivity.php
@@ -90,6 +90,11 @@ class SessionActivityLoader extends Storm_Model_Loader {
}
+ public function countByArticle($article) {
+ return Class_SessionActivity::countBy(['article_id' => $article->getId()]);
+ }
+
+
public function findAllNotifiable() {
if (!$delay = (int)Class_AdminVar::get('ACTIVITY_NOTIFICATION_DELAY'))
return [];
diff --git a/library/Class/UserGroup.php b/library/Class/UserGroup.php
index 7c429edc64a1e166c032e4b9f164863785233550..ff319f82e9faa4a966832d717d8ab5d08a6ec006 100644
--- a/library/Class/UserGroup.php
+++ b/library/Class/UserGroup.php
@@ -626,6 +626,9 @@ class Class_UserGroup extends Storm_Model_Abstract {
public function hasParentPermissionOn($permission, $model) {
+ if (!$model)
+ return false;
+
if ($parent = $model->getPermissionsParent())
return $this->hasPermissionOn($permission, $parent);
@@ -725,4 +728,4 @@ class Class_UserGroup extends Storm_Model_Abstract {
return $this->_criteria_cache;
return $this->_criteria_cache = (new Class_UserGroup_Filter($this->getFiltersAsArray()));
}
-}
\ No newline at end of file
+}
diff --git a/library/ZendAfi/Controller/Plugin/Manager/Article.php b/library/ZendAfi/Controller/Plugin/Manager/Article.php
index 97475c779ebb76cc3918a2188b9a014fd4111cd8..f4459b7f25aae63e82c3ed34b795286798dad233 100644
--- a/library/ZendAfi/Controller/Plugin/Manager/Article.php
+++ b/library/ZendAfi/Controller/Plugin/Manager/Article.php
@@ -206,8 +206,13 @@ class ZendAfi_Controller_Plugin_Manager_Article extends ZendAfi_Controller_Plugi
protected function _canEdit($model) {
- $this->_setParam('id_cat',null);
- return $this->_canModify($model->getCategorie());
+ $this->_setParam('id_cat', null);
+
+ if ($this->_canModify($model->getCategorie()))
+ return true;
+
+ return Class_SessionActivity::countByArticle($model) > 0
+ && Class_Users::getIdentity()->hasRightDirigerActivity();
}
@@ -431,4 +436,4 @@ class ZendAfi_Controller_Plugin_Manager_Article extends ZendAfi_Controller_Plugi
}]
];
}
-}
\ No newline at end of file
+}
diff --git a/tests/scenarios/Activities/ActivityArticleTest.php b/tests/scenarios/Activities/ActivityArticleTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..14967f21fa81b1b1d50d56d119770b9a19b70e36
--- /dev/null
+++ b/tests/scenarios/Activities/ActivityArticleTest.php
@@ -0,0 +1,173 @@
+<?php
+/**
+ * Copyright (c) 2021, Agence Française Informatique (AFI). All rights reserved.
+ *
+ * BOKEH is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE as published by
+ * the Free Software Foundation.
+ *
+ * There are special exceptions to the terms and conditions of the AGPL as it
+ * is applied to this software (see README file).
+ *
+ * BOKEH is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * along with BOKEH; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+
+/* hotline: #136610 */
+abstract class ActivityArticleWithRightTestCase
+ extends Admin_AbstractControllerTestCase {
+
+ protected
+ $_storm_default_to_volatile = true,
+ $_linked_article;
+
+ public function setUp() {
+ parent::setUp();
+ Class_AdminVar::set('ACTIVITY', '1');
+
+ $activity = $this->fixture(Class_Activity::class,
+ ['id' => 333,
+ 'libelle' => 'Festival annimation']);
+
+ $session_activity = $this->fixture(Class_SessionActivity::class,
+ ['id' => 444,
+ 'activity' => $activity,
+ 'date_debut' => '2012-03-27',
+ 'date_fin' => '2012-03-29',
+ 'duree'=> 8,
+ 'horaires' => '9h - 12h, 13h - 18h',
+ 'intervenants' => [],
+ ]);
+ $activity
+ ->setSessions([$session_activity])
+ ->assertSave();
+
+ $this->_linked_article = $session_activity->getArticle();
+ $this->_doBeforeDispatch();
+ $this->dispatch('/admin/cms/edit/id/' . $this->_linked_article->getId());
+ }
+
+
+ protected function _doBeforeDispatch() {
+ }
+}
+
+
+
+
+class ActivityArticleRightModoPortailAndDirigerActivityTest
+ extends ActivityArticleWithRightTestCase {
+
+ protected function _doBeforeDispatch() {
+ $logged_user = $this->fixture(Class_Users::class,
+ ['id' => 6,
+ 'login' => 'totoro',
+ 'password' => '123456'])
+ ->beModoPortail()
+ ->setUserGroups([$this->fixture(Class_UserGroup::class,
+ ['id' => 20,
+ 'libelle' => 'Redacteur portail'])
+ ->addRightDirigerActivity()
+ ]);
+ ZendAfi_Auth::getInstance()->logUser($logged_user);
+ }
+
+
+ /** @test */
+ public function modoPortailShouldNotBeRedirect() {
+ $this->assertNotRedirect();
+ }
+
+
+ /** @test */
+ public function modoPortailShouldHaveRightToEditAcitvityArticle() {
+ $this->assertXPath('//input[@id="titre"][@value="Festival annimation"]');
+ }
+}
+
+
+
+
+class ActivityArticleRightModoPortailAndNotDirigerActivityTest
+ extends ActivityArticleWithRightTestCase {
+
+ protected function _doBeforeDispatch() {
+ $logged_user = $this->fixture(Class_Users::class,
+ ['id' => 6,
+ 'login' => 'totoro',
+ 'password' => '123456'])
+ ->beModoPortail()
+ ->setUserGroups([$this->fixture(Class_UserGroup::class,
+ ['id' => 20,
+ 'libelle' => 'Redacteur portail'])
+ ]);
+ ZendAfi_Auth::getInstance()->logUser($logged_user);
+ }
+
+
+ /** @test */
+ public function modoPortailShouldBeRedirect() {
+ $this->assertRedirect();
+ }
+
+
+ /** @test */
+ public function flashMessengerShouldBeVousNavezPasLaPermission() {
+ $this->assertFlashMessengerContentContains('Vous n\'avez pas la permission');
+ }
+}
+
+
+
+
+class ActivityArticleRightModoPortailAndPermissionCreateArticleTest
+ extends ActivityArticleWithRightTestCase {
+
+ protected function _doBeforeDispatch() {
+ $category = $this->fixture(Class_ArticleCategorie::class,
+ ['id' => 555,
+ 'libelle' => 'Categorie']);
+
+ $this->fixture(Class_Permission::class,
+ ['id' => 333,
+ 'module' => 'ARTICLE',
+ 'code' => 'ARTICLE']);
+
+ $this->_linked_article
+ ->setCategorie($category)
+ ->assertSave();
+
+ $user_group = $this->fixture(Class_UserGroup::class,
+ ['id' => 20,
+ 'libelle' => 'Redacteur portail']);
+
+ $logged_user = $this->fixture(Class_Users::class,
+ ['id' => 6,
+ 'login' => 'totoro',
+ 'password' => '123456'])
+ ->beModoPortail()
+ ->setUserGroups([$user_group]);
+
+ Class_Permission::createArticle()->permitTo($user_group, $category);
+ ZendAfi_Auth::getInstance()->logUser($logged_user);
+ }
+
+
+ /** @test */
+ public function modoPortailShouldNotBeRedirect() {
+ $this->assertNotRedirect();
+ }
+
+
+ /** @test */
+ public function modoPortailShouldHaveRightToEditActivityArticle() {
+ $this->assertXPath('//input[@id="titre"][@value="Festival annimation"]');
+ }
+}