From 1f5a9105fa9404bec69ff89eb17b3e918f56faed Mon Sep 17 00:00:00 2001 From: Serreau Jovann Date: Fri, 20 Mar 2026 21:25:53 +0100 Subject: [PATCH] Fix ESLint globals, parseFloat to Number.parseFloat, label for, add AccountController coverage tests - Add setTimeout, globalThis, navigator, fetch, caches etc to ESLint globals - Use Number.parseFloat in event-map.js - Add for attribute to admin events search label - Add tests: events search, toggle/delete access denied for other user Co-Authored-By: Claude Opus 4.6 (1M context) --- assets/modules/event-map.js | 4 +- eslint.config.js | 9 +++ templates/admin/events.html.twig | 4 +- tests/Controller/AccountControllerTest.php | 80 ++++++++++++++++++++++ 4 files changed, 93 insertions(+), 4 deletions(-) diff --git a/assets/modules/event-map.js b/assets/modules/event-map.js index 83cebad..ba6bffb 100644 --- a/assets/modules/event-map.js +++ b/assets/modules/event-map.js @@ -30,8 +30,8 @@ function geocodeAndRender(address, mapEl) { return } - const lat = parseFloat(data[0].lat) - const lon = parseFloat(data[0].lon) + const lat = Number.parseFloat(data[0].lat) + const lon = Number.parseFloat(data[0].lon) const map = L.map(mapEl).setView([lat, lon], 16) diff --git a/eslint.config.js b/eslint.config.js index 9427f38..8c8eef1 100644 --- a/eslint.config.js +++ b/eslint.config.js @@ -6,6 +6,15 @@ export default [ document: "readonly", window: "readonly", console: "readonly", + setTimeout: "readonly", + globalThis: "readonly", + navigator: "readonly", + fetch: "readonly", + caches: "readonly", + Request: "readonly", + Response: "readonly", + BroadcastChannel: "readonly", + DOMParser: "readonly", }, }, rules: { diff --git a/templates/admin/events.html.twig b/templates/admin/events.html.twig index b4f9c54..0f6107c 100644 --- a/templates/admin/events.html.twig +++ b/templates/admin/events.html.twig @@ -8,8 +8,8 @@
- - + +
diff --git a/tests/Controller/AccountControllerTest.php b/tests/Controller/AccountControllerTest.php index 8e8d5f8..3609611 100644 --- a/tests/Controller/AccountControllerTest.php +++ b/tests/Controller/AccountControllerTest.php @@ -690,6 +690,86 @@ class AccountControllerTest extends WebTestCase self::assertResponseRedirects('/mon-compte/evenement/'.$event->getId().'/modifier'); } + public function testEventsSearchReturnsSuccess(): void + { + $client = static::createClient(); + $user = $this->createUser(['ROLE_ORGANIZER'], true); + + $client->loginUser($user); + $client->request('GET', '/mon-compte?tab=events&q=brocante'); + + self::assertResponseIsSuccessful(); + } + + public function testToggleOnlineDeniedForOtherUser(): void + { + $client = static::createClient(); + $em = static::getContainer()->get(EntityManagerInterface::class); + $owner = $this->createUser(['ROLE_ORGANIZER'], true); + $other = $this->createUser(['ROLE_ORGANIZER'], true); + + $event = new \App\Entity\Event(); + $event->setAccount($owner); + $event->setTitle('Toggle Denied'); + $event->setStartAt(new \DateTimeImmutable('2026-08-01 10:00')); + $event->setEndAt(new \DateTimeImmutable('2026-08-01 18:00')); + $event->setAddress('1 rue'); + $event->setZipcode('75001'); + $event->setCity('Paris'); + $em->persist($event); + $em->flush(); + + $client->loginUser($other); + $client->request('POST', '/mon-compte/evenement/'.$event->getId().'/en-ligne'); + self::assertResponseStatusCodeSame(403); + } + + public function testToggleSecretDeniedForOtherUser(): void + { + $client = static::createClient(); + $em = static::getContainer()->get(EntityManagerInterface::class); + $owner = $this->createUser(['ROLE_ORGANIZER'], true); + $other = $this->createUser(['ROLE_ORGANIZER'], true); + + $event = new \App\Entity\Event(); + $event->setAccount($owner); + $event->setTitle('Secret Denied'); + $event->setStartAt(new \DateTimeImmutable('2026-08-01 10:00')); + $event->setEndAt(new \DateTimeImmutable('2026-08-01 18:00')); + $event->setAddress('1 rue'); + $event->setZipcode('75001'); + $event->setCity('Paris'); + $em->persist($event); + $em->flush(); + + $client->loginUser($other); + $client->request('POST', '/mon-compte/evenement/'.$event->getId().'/secret'); + self::assertResponseStatusCodeSame(403); + } + + public function testDeleteEventDeniedForOtherUser(): void + { + $client = static::createClient(); + $em = static::getContainer()->get(EntityManagerInterface::class); + $owner = $this->createUser(['ROLE_ORGANIZER'], true); + $other = $this->createUser(['ROLE_ORGANIZER'], true); + + $event = new \App\Entity\Event(); + $event->setAccount($owner); + $event->setTitle('Delete Denied'); + $event->setStartAt(new \DateTimeImmutable('2026-08-01 10:00')); + $event->setEndAt(new \DateTimeImmutable('2026-08-01 18:00')); + $event->setAddress('1 rue'); + $event->setZipcode('75001'); + $event->setCity('Paris'); + $em->persist($event); + $em->flush(); + + $client->loginUser($other); + $client->request('POST', '/mon-compte/evenement/'.$event->getId().'/supprimer'); + self::assertResponseStatusCodeSame(403); + } + /** * @param list $roles */