From c0e59698b300e5f175028ba34cff78fb3ba9b93b Mon Sep 17 00:00:00 2001
From: Arthur de Moulins <arthurdemoulins@gmail.com>
Date: Tue, 19 Dec 2023 12:30:27 +0100
Subject: [PATCH] fix api-platform

---
 .../src/Entity/Core/RenditionDefinition.php   | 15 +++++-----
 .../api/tests/Api/RenditionDefinitionTest.php | 29 +++++++++++++++++++
 2 files changed, 37 insertions(+), 7 deletions(-)

diff --git a/databox/api/src/Entity/Core/RenditionDefinition.php b/databox/api/src/Entity/Core/RenditionDefinition.php
index f7e3343c7..2ef2d562b 100644
--- a/databox/api/src/Entity/Core/RenditionDefinition.php
+++ b/databox/api/src/Entity/Core/RenditionDefinition.php
@@ -80,6 +80,7 @@ class RenditionDefinition extends AbstractUuidEntity implements \Stringable
     final public const GROUP_READ = 'renddef:read';
     final public const GROUP_LIST = 'renddef:index';
     final public const GROUP_WRITE = 'renddef:w';
+    private const GRANT_ADMIN_PROP = "object ? is_granted('READ_ADMIN', object) : true";
 
     /**
      * Override trait for annotation.
@@ -104,37 +105,37 @@ class RenditionDefinition extends AbstractUuidEntity implements \Stringable
 
     #[Groups([RenditionDefinition::GROUP_LIST, RenditionDefinition::GROUP_READ, RenditionDefinition::GROUP_WRITE])]
     #[ORM\Column(type: Types::BOOLEAN)]
-    #[ApiProperty(security: "is_granted('READ_ADMIN', object)")]
+    #[ApiProperty(security: self::GRANT_ADMIN_PROP)]
     private bool $pickSourceFile = false;
 
     #[Groups([RenditionDefinition::GROUP_LIST, RenditionDefinition::GROUP_READ, RenditionDefinition::GROUP_WRITE])]
     #[ORM\Column(type: Types::BOOLEAN)]
-    #[ApiProperty(security: "is_granted('READ_ADMIN', object)")]
+    #[ApiProperty(security: self::GRANT_ADMIN_PROP)]
     private bool $useAsOriginal = false;
 
     #[Groups([RenditionDefinition::GROUP_LIST, RenditionDefinition::GROUP_READ, RenditionDefinition::GROUP_WRITE])]
     #[ORM\Column(type: Types::BOOLEAN)]
-    #[ApiProperty(security: "is_granted('READ_ADMIN', object)")]
+    #[ApiProperty(security: self::GRANT_ADMIN_PROP)]
     private bool $useAsPreview = false;
 
     #[Groups([RenditionDefinition::GROUP_LIST, RenditionDefinition::GROUP_READ, RenditionDefinition::GROUP_WRITE])]
     #[ORM\Column(type: Types::BOOLEAN)]
-    #[ApiProperty(security: "is_granted('READ_ADMIN', object)")]
+    #[ApiProperty(security: self::GRANT_ADMIN_PROP)]
     private bool $useAsThumbnail = false;
 
     #[Groups([RenditionDefinition::GROUP_LIST, RenditionDefinition::GROUP_READ, RenditionDefinition::GROUP_WRITE])]
     #[ORM\Column(type: Types::BOOLEAN)]
-    #[ApiProperty(security: "is_granted('READ_ADMIN', object)")]
+    #[ApiProperty(security: self::GRANT_ADMIN_PROP)]
     private bool $useAsThumbnailActive = false;
 
     #[Groups([RenditionDefinition::GROUP_LIST, RenditionDefinition::GROUP_READ, RenditionDefinition::GROUP_WRITE])]
     #[ORM\Column(type: Types::TEXT)]
-    #[ApiProperty(security: "is_granted('READ_ADMIN', object)")]
+    #[ApiProperty(security: self::GRANT_ADMIN_PROP)]
     private ?string $definition = '';
 
     #[Groups([RenditionDefinition::GROUP_LIST, RenditionDefinition::GROUP_READ, RenditionDefinition::GROUP_WRITE])]
     #[ORM\Column(type: Types::SMALLINT, nullable: false)]
-    #[ApiProperty(security: "is_granted('READ_ADMIN', object)")]
+    #[ApiProperty(security: self::GRANT_ADMIN_PROP)]
     private int $priority = 0;
 
     /**
diff --git a/databox/api/tests/Api/RenditionDefinitionTest.php b/databox/api/tests/Api/RenditionDefinitionTest.php
index d4f9e7015..c51b9cd7d 100644
--- a/databox/api/tests/Api/RenditionDefinitionTest.php
+++ b/databox/api/tests/Api/RenditionDefinitionTest.php
@@ -31,4 +31,33 @@ public function testUpdateRenditionDefinition(): void
             'useAsThumbnail' => true,
         ]);
     }
+
+    public function testGetRenditionDefinition(): void
+    {
+        self::enableFixtures();
+        $client = static::createClient();
+        $iri = $this->findIriBy(RenditionDefinition::class, ['name' => 'preview']);
+
+        $response = $client->request('GET', $iri, [
+            'headers' => [
+                'Authorization' => 'Bearer '.KeycloakClientTestMock::getJwtFor(KeycloakClientTestMock::USER_UID),
+            ],
+        ]);
+        $this->assertResponseIsSuccessful();
+        $this->assertJsonContains([
+            '@id' => $iri,
+        ]);
+        $this->assertArrayNotHasKey('useAsThumbnail', $response->toArray());
+
+        $client->request('GET', $iri, [
+            'headers' => [
+                'Authorization' => 'Bearer '.KeycloakClientTestMock::getJwtFor(KeycloakClientTestMock::ADMIN_UID),
+            ],
+        ]);
+        $this->assertResponseIsSuccessful();
+        $this->assertJsonContains([
+            '@id' => $iri,
+            'useAsThumbnail' => false,
+        ]);
+    }
 }