```

✨ feat(ReserverController): Modifie la route de création de session. 🐛 fix(ErrorListener): Corrige l'envoi de mails d'erreur en prod. ♻️ refactor(FlowReserve): Simplifie la validation du panier de réservation. ✅ test(ErrorListener): Ajoute des tests pour la gestion des erreurs. ```
2026-01-31 14:17:34 +01:00
parent 18ac532914
commit db6c5d5fa6
4 changed files with 97 additions and 42 deletions
--- a/assets/tools/FlowReserve.js
+++ b/assets/tools/FlowReserve.js
@@ -94,15 +94,15 @@ export class FlowReserve extends HTMLAnchorElement {
        ensureSidebarExists() {
            if (document.getElementById(this.sidebarId)) return;
-    
+
            const template = `
                <div id="${this.sidebarId}" class="fixed inset-0 z-[100] flex justify-end pointer-events-none">
                    <!-- Backdrop -->
                    <div class="backdrop absolute inset-0 bg-slate-900/60 backdrop-blur-sm opacity-0 transition-opacity duration-300"></div>
-                    
+
                    <!-- Panel -->
                    <div class="panel w-full max-w-md bg-white shadow-2xl translate-x-full transition-transform duration-300 flex flex-col relative z-10">
-                        
+
                        <!-- Header -->
                        <div class="p-6 border-b border-gray-100 flex items-center justify-between bg-white">
                            <div>
@@ -112,12 +112,12 @@ export class FlowReserve extends HTMLAnchorElement {
                                <svg class="w-6 h-6 text-slate-400" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12"/></svg>
                            </button>
                        </div>
-    
+
                        <!-- Content (Loader/List/Empty) -->
                        <div id="flow-reserve-content" class="flex-1 overflow-y-auto p-6 space-y-6 bg-gray-50/50 relative">
                            <!-- Content injected via JS -->
                        </div>
-    
+
                        <!-- Footer -->
                        <div id="flow-reserve-footer" class="p-6 border-t border-gray-100 bg-white">
                             <!-- Content injected via JS -->
@@ -126,10 +126,10 @@ export class FlowReserve extends HTMLAnchorElement {
                </div>
            `;
            document.body.insertAdjacentHTML('beforeend', template);
-    
+
            // Bind events
            const sidebar = document.getElementById(this.sidebarId);
-            
+
            const closeHandler = (e) => {
                if (e) {
                    e.preventDefault();
@@ -154,7 +154,7 @@ export class FlowReserve extends HTMLAnchorElement {
        footer.innerHTML = '';
        const ids = this.getList();
-        
+
        // Retrieve dates from localStorage
        let dates = { start: null, end: null };
        try {
@@ -172,7 +172,7 @@ export class FlowReserve extends HTMLAnchorElement {
            const response = await fetch(this.apiUrl, {
                method: 'POST',
                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify({ 
+                body: JSON.stringify({
                    ids,
                    start: dates.start,
                    end: dates.end
@@ -182,12 +182,12 @@ export class FlowReserve extends HTMLAnchorElement {
            if (!response.ok) throw new Error('Erreur réseau');
            const data = await response.json();
-            
+
            // Merge client-side dates if server didn't return them (or to prioritize client choice)
            if (!data.start_date && dates.start) data.start_date = this.formatDate(dates.start);
            if (!data.end_date && dates.end) data.end_date = this.formatDate(dates.end);
-            
+
-            // Fallback: if server returns dates in a format we can use directly, fine. 
+            // Fallback: if server returns dates in a format we can use directly, fine.
            // If we just want to display what is in local storage:
            if (dates.start) data.start_date = this.formatDate(dates.start);
            if (dates.end) data.end_date = this.formatDate(dates.end);
@@ -291,7 +291,7 @@ export class FlowReserve extends HTMLAnchorElement {
                    <span class="text-[#f39e36]">${this.formatPrice(total.totalTTC || total.totalHT)}</span>
                </div>
            </div>
-            <a href="/reservation/devis" id="flow-validate-btn" class="block w-full py-4 bg-slate-900 text-white text-center rounded-2xl font-black uppercase italic tracking-widest hover:bg-[#fc0e50] transition-colors shadow-lg">
+            <a data-turbo="false" href="/reservation/devis" id="flow-validate-btn" class="block w-full py-4 bg-slate-900 text-white text-center rounded-2xl font-black uppercase italic tracking-widest hover:bg-[#fc0e50] transition-colors shadow-lg">
                Valider ma demande
            </a>
        `;
@@ -306,7 +306,7 @@ export class FlowReserve extends HTMLAnchorElement {
    async validateBasket(e) {
        e.preventDefault();
-        
+
        const ids = this.getList();
        let dates = { start: null, end: null };
        try {
@@ -316,10 +316,10 @@ export class FlowReserve extends HTMLAnchorElement {
        }
        try {
-            const response = await fetch('/reservation/session', {
+            const response = await fetch('/session', {
                method: 'POST',
                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify({ 
+                body: JSON.stringify({
                    ids,
                    start: dates.start,
                    end: dates.end
--- a/src/Controller/ReserverController.php
+++ b/src/Controller/ReserverController.php
@@ -198,7 +198,7 @@ class ReserverController extends AbstractController
        ]);
    }
-    #[Route('/reservation/session', name: 'reservation_session_create', methods: ['POST'])]
+    #[Route('/session', name: 'reservation_session_create', methods: ['POST'])]
    public function createSession(Request $request, EntityManagerInterface $em, OrderSessionRepository $sessionRepository): Response
    {
        $data = json_decode($request->getContent(), true);
--- a/src/Security/ErrorListener.php
+++ b/src/Security/ErrorListener.php
@@ -2,37 +2,58 @@
 namespace App\Security;
 use App\Service\Mailer\Mailer;
 use Symfony\Component\EventDispatcher\Attribute\AsEventListener;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\ExceptionEvent;
 use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\KernelEvents;
 use Twig\Environment;
 #[AsEventListener(event: KernelEvents::EXCEPTION)]
 class ErrorListener
 {
-    public function __construct(private Environment $twig) {}
+    public function __construct(
        private readonly Mailer $mailer,
        private readonly Environment $twig
    ) {}
    public function onKernelException(ExceptionEvent $event): void
    {
        // En mode dev, on laisse Symfony afficher la Toolbar et les erreurs détaillées
        if ($_ENV['APP_ENV'] === "dev") {
            return;
        }
        $exception = $event->getThrowable();
        $request = $event->getRequest();
        $path = $request->getPathInfo();
-        // Détermination du code HTTP
+        $statusCode = $exception instanceof HttpExceptionInterface
-        $statusCode = Response::HTTP_INTERNAL_SERVER_ERROR; // 500 par défaut
+            ? $exception->getStatusCode()
-        if ($exception instanceof HttpExceptionInterface) {
+            : Response::HTTP_INTERNAL_SERVER_ERROR;
-            $statusCode = $exception->getStatusCode();
+
        // On envoie le mail pour les 500 ET les 404
        // Filtre optionnel : on évite les mails pour les fichiers techniques (.env, .php, etc) cherchés par les bots
        $isBotTarget = preg_match('/\.(php|env|yaml|xml|map)$/i', $path);
        if (!$isBotTarget) {
            $this->mailer->send(
                'notification@siteconseil.fr',
                "Notification siteconseil",
                "[Intranet Ludikevent] - Alerte " . ($statusCode === 404 ? "404 Page introuvable" : "500 Erreur serveur"),
                "mails/tech/noaccess.twig",
                [
                    'message' => [
                        'service' => 'Application Core',
                        'status' => "Code $statusCode sur l'URL : $path",
                        'trace' => $exception->getMessage()
                    ]
                ]
            );
        }
-        // Détection si la requête attend du JSON (API/AJAX)
+        // --- Gestion de la Réponse (JSON vs HTML) ---
        $acceptHeader = $request->headers->get('Accept', '');
        $isJsonRequest = str_contains($acceptHeader, 'application/json') || $request->getContentTypeFormat() === 'json';
@@ -43,7 +64,6 @@ class ErrorListener
                'message' => $statusCode === 404 ? 'Resource not found' : 'Internal server error'
            ], $statusCode);
        } else {
            // Sélection du template selon l'erreur
            $template = ($statusCode === 404) ? 'error/404.twig' : 'error/500.twig';
            try {
@@ -52,8 +72,7 @@ class ErrorListener
                    'exception' => $exception
                ]);
            } catch (\Exception $e) {
-                // Fallback si Twig plante lui-même
+                $html = "<h1>Erreur critique ($statusCode)</h1><p>Une erreur inattendue est survenue.</p>";
                $html = "<h1>Erreur critique</h1><p>Une erreur inattendue est survenue.</p>";
            }
            $response = new Response($html, $statusCode);
--- a/tests/Security/ErrorListenerTest.php
+++ b/tests/Security/ErrorListenerTest.php
@@ -3,6 +3,7 @@
 namespace App\Tests\Security;
 use App\Security\ErrorListener;
 use App\Service\Mailer\Mailer;
 use PHPUnit\Framework\Attributes\AllowMockObjectsWithoutExpectations;
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\HttpFoundation\JsonResponse;
@@ -17,12 +18,14 @@ use Twig\Environment;
 class ErrorListenerTest extends TestCase
 {
    private $twig;
    private $mailer;
    private $listener;
    protected function setUp(): void
    {
        $this->twig = $this->createMock(Environment::class);
-        $this->listener = new ErrorListener($this->twig);
+        $this->mailer = $this->createMock(Mailer::class);
        $this->listener = new ErrorListener($this->mailer, $this->twig);
    }
    public function testOnKernelExceptionInDevModeDoesNothing()
@@ -32,11 +35,50 @@ class ErrorListenerTest extends TestCase
        $request = new Request();
        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, new \Exception());
        // Le mailer ne doit jamais être appelé en dev
        $this->mailer->expects($this->never())->method('send');
        $this->listener->onKernelException($event);
        $this->assertNull($event->getResponse());
-        
+
-        unset($_ENV['APP_ENV']); // Cleanup
+        unset($_ENV['APP_ENV']);
    }
    public function testOnKernelExceptionSendsEmailFor404()
    {
        $_ENV['APP_ENV'] = 'prod';
        $kernel = $this->createMock(HttpKernelInterface::class);
        $request = Request::create('/une-page-existante');
        $exception = new NotFoundHttpException('Not found');
        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception);
        // On vérifie que le mail est bien envoyé pour une 404 standard
        $this->mailer->expects($this->once())
            ->method('send')
            ->with($this->anything(), $this->anything(), $this->stringContains('404 Page introuvable'));
        $this->listener->onKernelException($event);
        unset($_ENV['APP_ENV']);
    }
    public function testOnKernelExceptionDoesNotSendEmailForBotTarget()
    {
        $_ENV['APP_ENV'] = 'prod';
        $kernel = $this->createMock(HttpKernelInterface::class);
        $request = Request::create('/.env'); // URL typique de bot
        $exception = new NotFoundHttpException('Not found');
        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception);
        // Le mailer ne doit PAS être appelé car c'est une cible de bot
        $this->mailer->expects($this->never())->method('send');
        $this->listener->onKernelException($event);
        unset($_ENV['APP_ENV']);
    }
    public function testOnKernelExceptionJsonRequest()
@@ -45,7 +87,7 @@ class ErrorListenerTest extends TestCase
        $kernel = $this->createMock(HttpKernelInterface::class);
        $request = new Request();
        $request->headers->set('Accept', 'application/json');
-        
+
        $exception = new NotFoundHttpException('Not found');
        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception);
@@ -54,11 +96,7 @@ class ErrorListenerTest extends TestCase
        $response = $event->getResponse();
        $this->assertInstanceOf(JsonResponse::class, $response);
        $this->assertEquals(404, $response->getStatusCode());
-        
+
        $content = json_decode($response->getContent(), true);
        $this->assertEquals('error', $content['status']);
        $this->assertEquals('Resource not found', $content['message']);
        unset($_ENV['APP_ENV']);
    }
@@ -67,8 +105,8 @@ class ErrorListenerTest extends TestCase
        $_ENV['APP_ENV'] = 'prod';
        $kernel = $this->createMock(HttpKernelInterface::class);
        $request = new Request();
-        
+
-        $exception = new \Exception('Error');
+        $exception = new \Exception('500 Error');
        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception);
        $this->twig->expects($this->once())
@@ -79,10 +117,8 @@ class ErrorListenerTest extends TestCase
        $this->listener->onKernelException($event);
        $response = $event->getResponse();
        $this->assertInstanceOf(Response::class, $response);
        $this->assertEquals(500, $response->getStatusCode());
-        $this->assertEquals('<html>Error</html>', $response->getContent());
+
        unset($_ENV['APP_ENV']);
    }
 }