Add organizer invitation system: invite, accept, refuse
- OrganizerInvitation entity: companyName, firstName, lastName, email,
message, status (sent/opened/accepted/refused), unique token (64 hex chars)
- Admin route /admin/organisateurs/inviter: form + invitation list with status
- Button "Inviter un organisateur" on admin organizers page
- Email with accept/refuse links using unique token
- Public route /invitation/{token}/{action}: accept or refuse without auth
- Response page: confirmation message for accept/refuse
- Migration, PHPStan config, 7 entity tests
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 17:41:31 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Tests\Entity;
|
|
|
|
|
|
|
|
|
|
use App\Entity\OrganizerInvitation;
|
|
|
|
|
use PHPUnit\Framework\TestCase;
|
|
|
|
|
|
|
|
|
|
class OrganizerInvitationTest extends TestCase
|
|
|
|
|
{
|
|
|
|
|
public function testDefaults(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
|
|
|
|
|
self::assertNull($inv->getId());
|
|
|
|
|
self::assertNull($inv->getCompanyName());
|
|
|
|
|
self::assertNull($inv->getFirstName());
|
|
|
|
|
self::assertNull($inv->getLastName());
|
|
|
|
|
self::assertNull($inv->getEmail());
|
|
|
|
|
self::assertNull($inv->getMessage());
|
2026-03-22 18:24:40 +01:00
|
|
|
self::assertNull($inv->getOffer());
|
|
|
|
|
self::assertNull($inv->getCommissionRate());
|
Add organizer invitation system: invite, accept, refuse
- OrganizerInvitation entity: companyName, firstName, lastName, email,
message, status (sent/opened/accepted/refused), unique token (64 hex chars)
- Admin route /admin/organisateurs/inviter: form + invitation list with status
- Button "Inviter un organisateur" on admin organizers page
- Email with accept/refuse links using unique token
- Public route /invitation/{token}/{action}: accept or refuse without auth
- Response page: confirmation message for accept/refuse
- Migration, PHPStan config, 7 entity tests
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 17:41:31 +01:00
|
|
|
self::assertSame(OrganizerInvitation::STATUS_SENT, $inv->getStatus());
|
|
|
|
|
self::assertSame(64, \strlen($inv->getToken()));
|
|
|
|
|
self::assertNull($inv->getRespondedAt());
|
|
|
|
|
self::assertInstanceOf(\DateTimeImmutable::class, $inv->getCreatedAt());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testSetAndGetCompanyName(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$result = $inv->setCompanyName('Asso Test');
|
|
|
|
|
|
|
|
|
|
self::assertSame('Asso Test', $inv->getCompanyName());
|
|
|
|
|
self::assertSame($inv, $result);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testSetAndGetNames(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$inv->setFirstName('Jean');
|
|
|
|
|
$inv->setLastName('Dupont');
|
|
|
|
|
$inv->setEmail('jean@test.fr');
|
|
|
|
|
|
|
|
|
|
self::assertSame('Jean', $inv->getFirstName());
|
|
|
|
|
self::assertSame('Dupont', $inv->getLastName());
|
|
|
|
|
self::assertSame('jean@test.fr', $inv->getEmail());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testSetAndGetMessage(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$result = $inv->setMessage('Bienvenue !');
|
|
|
|
|
|
|
|
|
|
self::assertSame('Bienvenue !', $inv->getMessage());
|
|
|
|
|
self::assertSame($inv, $result);
|
|
|
|
|
|
|
|
|
|
$inv->setMessage(null);
|
|
|
|
|
self::assertNull($inv->getMessage());
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-22 18:24:40 +01:00
|
|
|
public function testSetAndGetOffer(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$result = $inv->setOffer('basic');
|
|
|
|
|
|
|
|
|
|
self::assertSame('basic', $inv->getOffer());
|
|
|
|
|
self::assertSame($inv, $result);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testSetAndGetCommissionRate(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$result = $inv->setCommissionRate(5.5);
|
|
|
|
|
|
|
|
|
|
self::assertSame(5.5, $inv->getCommissionRate());
|
|
|
|
|
self::assertSame($inv, $result);
|
|
|
|
|
}
|
|
|
|
|
|
Add organizer invitation system: invite, accept, refuse
- OrganizerInvitation entity: companyName, firstName, lastName, email,
message, status (sent/opened/accepted/refused), unique token (64 hex chars)
- Admin route /admin/organisateurs/inviter: form + invitation list with status
- Button "Inviter un organisateur" on admin organizers page
- Email with accept/refuse links using unique token
- Public route /invitation/{token}/{action}: accept or refuse without auth
- Response page: confirmation message for accept/refuse
- Migration, PHPStan config, 7 entity tests
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 17:41:31 +01:00
|
|
|
public function testSetAndGetStatus(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$result = $inv->setStatus(OrganizerInvitation::STATUS_ACCEPTED);
|
|
|
|
|
|
|
|
|
|
self::assertSame(OrganizerInvitation::STATUS_ACCEPTED, $inv->getStatus());
|
|
|
|
|
self::assertSame($inv, $result);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testSetAndGetRespondedAt(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$date = new \DateTimeImmutable();
|
|
|
|
|
$result = $inv->setRespondedAt($date);
|
|
|
|
|
|
|
|
|
|
self::assertSame($date, $inv->getRespondedAt());
|
|
|
|
|
self::assertSame($inv, $result);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testUniqueTokens(): void
|
|
|
|
|
{
|
|
|
|
|
$inv1 = new OrganizerInvitation();
|
|
|
|
|
$inv2 = new OrganizerInvitation();
|
|
|
|
|
|
|
|
|
|
self::assertNotSame($inv1->getToken(), $inv2->getToken());
|
|
|
|
|
}
|
Complete TASK_CHECKUP: security, UX, tests, coverage, accessibility, config externalization
Billetterie:
- Partial refund support (STATUS_PARTIALLY_REFUNDED, refundedAmount field, migration)
- Race condition fix: PESSIMISTIC_WRITE lock on stock decrement in transaction
- Idempotency key on PaymentIntent::create, reuse existing PI if stripeSessionId set
- Disable checkout when event ended (server 400 + template hide)
- Webhook deduplication via cache (24h TTL on stripe event.id)
- Email validation (filter_var) in OrderController guest flow
- JSON cart validation (structure check before processing)
- Invitation expiration after 7 days (isExpired method + landing page message)
- Stripe Checkout fallback when JS fails to load (noscript + redirect)
Config externalization:
- Move Stripe fees (STRIPE_FEE_RATE, STRIPE_FEE_FIXED) and admin email (ADMIN_EMAIL) to .env/services.yaml
- Replace all hardcoded contact@e-cosplay.fr across 13 files
- MailerService: getAdminEmail()/getAdminFrom(), default $from=null resolves to admin
UX & Accessibility:
- ARIA tabs: role=tablist/tab/tabpanel, aria-selected, keyboard nav (arrows, Home, End)
- aria-label on cart +/- buttons and editor toolbar buttons
- tabindex=0 on editor toolbar buttons for keyboard access
- data-confirm handler in app.js (was only in admin.js)
- Cart error feedback on checkout failure
- Billet designer save feedback (loading/success/error states)
- Stock polling every 30s with rupture/low stock badges
- Back to event link on payment page
Security:
- HTML sanitizer: BLOCKED_TAGS list (script, style, iframe, svg, etc.) - content fully removed
- Stripe polling timeout (15s max) with fallback redirect
- Rate limiting on public order access (20/5min)
- .catch() on all fetch() calls (sortable, billet-designer)
Tests (92% PHP, 100% JS lines):
- PCOV added to dev Dockerfile
- Test DB setup: .env.test with DATABASE_URL, Redis auth, Meilisearch key
- Rate limiter disabled in test env
- Makefile: test_db_setup, test_db_reset, run_test_php, run_test_coverage_php/js
- New tests: InvitationFlowTest (21), AuditServiceTest (4), ExportServiceTest (9), InvoiceServiceTest (4)
- New tests: SuspendedUserSubscriberTest, RateLimiterSubscriberTest, MeilisearchServiceTest
- New tests: Stripe webhook payment_failed (6) + charge.refunded (6)
- New tests: BilletBuyer refund, User suspended, OrganizerInvitation expiration
- JS tests: stock polling (6), data-confirm (2), copy-url restore (1), editor ARIA (2), XSS (9), tabs keyboard (9)
- ESLint + PHP CS Fixer: 0 errors
- SonarQube exclusions aligned with vitest coverage config
Infra:
- Meilisearch consistency command (app:meilisearch:check-consistency --fix) + cron daily 3am
- MeilisearchService: getAllDocumentIds(), listIndexes()
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-23 11:14:06 +01:00
|
|
|
|
|
|
|
|
public function testIsExpiredFreshInvitation(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
self::assertFalse($inv->isExpired());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testIsExpiredOldInvitation(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$ref = new \ReflectionProperty($inv, 'createdAt');
|
|
|
|
|
$ref->setValue($inv, new \DateTimeImmutable('-8 days'));
|
|
|
|
|
|
|
|
|
|
self::assertTrue($inv->isExpired());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testIsExpiredAcceptedNeverExpires(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$ref = new \ReflectionProperty($inv, 'createdAt');
|
|
|
|
|
$ref->setValue($inv, new \DateTimeImmutable('-30 days'));
|
|
|
|
|
$inv->setStatus(OrganizerInvitation::STATUS_ACCEPTED);
|
|
|
|
|
|
|
|
|
|
self::assertFalse($inv->isExpired());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testIsExpiredRefusedNeverExpires(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$ref = new \ReflectionProperty($inv, 'createdAt');
|
|
|
|
|
$ref->setValue($inv, new \DateTimeImmutable('-30 days'));
|
|
|
|
|
$inv->setStatus(OrganizerInvitation::STATUS_REFUSED);
|
|
|
|
|
|
|
|
|
|
self::assertFalse($inv->isExpired());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testIsExpiredCustomDays(): void
|
|
|
|
|
{
|
|
|
|
|
$inv = new OrganizerInvitation();
|
|
|
|
|
$ref = new \ReflectionProperty($inv, 'createdAt');
|
|
|
|
|
$ref->setValue($inv, new \DateTimeImmutable('-4 days'));
|
|
|
|
|
|
|
|
|
|
self::assertFalse($inv->isExpired(7));
|
|
|
|
|
self::assertTrue($inv->isExpired(3));
|
|
|
|
|
}
|
Add organizer invitation system: invite, accept, refuse
- OrganizerInvitation entity: companyName, firstName, lastName, email,
message, status (sent/opened/accepted/refused), unique token (64 hex chars)
- Admin route /admin/organisateurs/inviter: form + invitation list with status
- Button "Inviter un organisateur" on admin organizers page
- Email with accept/refuse links using unique token
- Public route /invitation/{token}/{action}: accept or refuse without auth
- Response page: confirmation message for accept/refuse
- Migration, PHPStan config, 7 entity tests
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 17:41:31 +01:00
|
|
|
}
|