```

✨ feat(ReserverController): Modifie la route de création de session. 🐛 fix(ErrorListener): Corrige l'envoi de mails d'erreur en prod. ♻️ refactor(FlowReserve): Simplifie la validation du panier de réservation. ✅ test(ErrorListener): Ajoute des tests pour la gestion des erreurs. ```
2026-01-31 14:17:34 +01:00
parent 18ac532914
commit db6c5d5fa6
4 changed files with 97 additions and 42 deletions
--- a/assets/tools/FlowReserve.js
+++ b/assets/tools/FlowReserve.js
@@ -291,7 +291,7 @@ export class FlowReserve extends HTMLAnchorElement {
                    <span class="text-[#f39e36]">${this.formatPrice(total.totalTTC || total.totalHT)}</span>
                </div>
            </div>
-            <a href="/reservation/devis" id="flow-validate-btn" class="block w-full py-4 bg-slate-900 text-white text-center rounded-2xl font-black uppercase italic tracking-widest hover:bg-[#fc0e50] transition-colors shadow-lg">
+            <a data-turbo="false" href="/reservation/devis" id="flow-validate-btn" class="block w-full py-4 bg-slate-900 text-white text-center rounded-2xl font-black uppercase italic tracking-widest hover:bg-[#fc0e50] transition-colors shadow-lg">
                Valider ma demande
            </a>
        `;
@@ -316,7 +316,7 @@ export class FlowReserve extends HTMLAnchorElement {
        }

        try {
-            const response = await fetch('/reservation/session', {
+            const response = await fetch('/session', {
                method: 'POST',
                headers: { 'Content-Type': 'application/json' },
                body: JSON.stringify({
--- a/src/Controller/ReserverController.php
+++ b/src/Controller/ReserverController.php
@@ -198,7 +198,7 @@ class ReserverController extends AbstractController
        ]);
    }

-    #[Route('/reservation/session', name: 'reservation_session_create', methods: ['POST'])]
+    #[Route('/session', name: 'reservation_session_create', methods: ['POST'])]
    public function createSession(Request $request, EntityManagerInterface $em, OrderSessionRepository $sessionRepository): Response
    {
        $data = json_decode($request->getContent(), true);
--- a/src/Security/ErrorListener.php
+++ b/src/Security/ErrorListener.php
@@ -2,37 +2,58 @@

 namespace App\Security;

+use App\Service\Mailer\Mailer;
 use Symfony\Component\EventDispatcher\Attribute\AsEventListener;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\ExceptionEvent;
 use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
-use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\KernelEvents;
 use Twig\Environment;

 #[AsEventListener(event: KernelEvents::EXCEPTION)]
 class ErrorListener
 {
-    public function __construct(private Environment $twig) {}
+    public function __construct(
+        private readonly Mailer $mailer,
+        private readonly Environment $twig
+    ) {}

    public function onKernelException(ExceptionEvent $event): void
    {
-        // En mode dev, on laisse Symfony afficher la Toolbar et les erreurs détaillées
        if ($_ENV['APP_ENV'] === "dev") {
            return;
        }

        $exception = $event->getThrowable();
        $request = $event->getRequest();
+        $path = $request->getPathInfo();

-        // Détermination du code HTTP
-        $statusCode = Response::HTTP_INTERNAL_SERVER_ERROR; // 500 par défaut
-        if ($exception instanceof HttpExceptionInterface) {
-            $statusCode = $exception->getStatusCode();
+        $statusCode = $exception instanceof HttpExceptionInterface
+            ? $exception->getStatusCode()
+            : Response::HTTP_INTERNAL_SERVER_ERROR;
+
+        // On envoie le mail pour les 500 ET les 404
+        // Filtre optionnel : on évite les mails pour les fichiers techniques (.env, .php, etc) cherchés par les bots
+        $isBotTarget = preg_match('/\.(php|env|yaml|xml|map)$/i', $path);
+
+        if (!$isBotTarget) {
+            $this->mailer->send(
+                'notification@siteconseil.fr',
+                "Notification siteconseil",
+                "[Intranet Ludikevent] - Alerte " . ($statusCode === 404 ? "404 Page introuvable" : "500 Erreur serveur"),
+                "mails/tech/noaccess.twig",
+                [
+                    'message' => [
+                        'service' => 'Application Core',
+                        'status' => "Code $statusCode sur l'URL : $path",
+                        'trace' => $exception->getMessage()
+                    ]
+                ]
+            );
        }

-        // Détection si la requête attend du JSON (API/AJAX)
+        // --- Gestion de la Réponse (JSON vs HTML) ---
        $acceptHeader = $request->headers->get('Accept', '');
        $isJsonRequest = str_contains($acceptHeader, 'application/json') || $request->getContentTypeFormat() === 'json';

@@ -43,7 +64,6 @@ class ErrorListener
                'message' => $statusCode === 404 ? 'Resource not found' : 'Internal server error'
            ], $statusCode);
        } else {
-            // Sélection du template selon l'erreur
            $template = ($statusCode === 404) ? 'error/404.twig' : 'error/500.twig';

            try {
@@ -52,8 +72,7 @@ class ErrorListener
                    'exception' => $exception
                ]);
            } catch (\Exception $e) {
-                // Fallback si Twig plante lui-même
-                $html = "<h1>Erreur critique</h1><p>Une erreur inattendue est survenue.</p>";
+                $html = "<h1>Erreur critique ($statusCode)</h1><p>Une erreur inattendue est survenue.</p>";
            }

            $response = new Response($html, $statusCode);
--- a/tests/Security/ErrorListenerTest.php
+++ b/tests/Security/ErrorListenerTest.php
@@ -3,6 +3,7 @@
 namespace App\Tests\Security;

 use App\Security\ErrorListener;
+use App\Service\Mailer\Mailer;
 use PHPUnit\Framework\Attributes\AllowMockObjectsWithoutExpectations;
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\HttpFoundation\JsonResponse;
@@ -17,12 +18,14 @@ use Twig\Environment;
 class ErrorListenerTest extends TestCase
 {
    private $twig;
+    private $mailer;
    private $listener;

    protected function setUp(): void
    {
        $this->twig = $this->createMock(Environment::class);
-        $this->listener = new ErrorListener($this->twig);
+        $this->mailer = $this->createMock(Mailer::class);
+        $this->listener = new ErrorListener($this->mailer, $this->twig);
    }

    public function testOnKernelExceptionInDevModeDoesNothing()
@@ -32,11 +35,50 @@ class ErrorListenerTest extends TestCase
        $request = new Request();
        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, new \Exception());

+        // Le mailer ne doit jamais être appelé en dev
+        $this->mailer->expects($this->never())->method('send');
+
        $this->listener->onKernelException($event);

        $this->assertNull($event->getResponse());

-        unset($_ENV['APP_ENV']); // Cleanup
+        unset($_ENV['APP_ENV']);
+    }
+
+    public function testOnKernelExceptionSendsEmailFor404()
+    {
+        $_ENV['APP_ENV'] = 'prod';
+        $kernel = $this->createMock(HttpKernelInterface::class);
+        $request = Request::create('/une-page-existante');
+
+        $exception = new NotFoundHttpException('Not found');
+        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception);
+
+        // On vérifie que le mail est bien envoyé pour une 404 standard
+        $this->mailer->expects($this->once())
+            ->method('send')
+            ->with($this->anything(), $this->anything(), $this->stringContains('404 Page introuvable'));
+
+        $this->listener->onKernelException($event);
+
+        unset($_ENV['APP_ENV']);
+    }
+
+    public function testOnKernelExceptionDoesNotSendEmailForBotTarget()
+    {
+        $_ENV['APP_ENV'] = 'prod';
+        $kernel = $this->createMock(HttpKernelInterface::class);
+        $request = Request::create('/.env'); // URL typique de bot
+
+        $exception = new NotFoundHttpException('Not found');
+        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception);
+
+        // Le mailer ne doit PAS être appelé car c'est une cible de bot
+        $this->mailer->expects($this->never())->method('send');
+
+        $this->listener->onKernelException($event);
+
+        unset($_ENV['APP_ENV']);
    }

    public function testOnKernelExceptionJsonRequest()
@@ -55,10 +97,6 @@ class ErrorListenerTest extends TestCase
        $this->assertInstanceOf(JsonResponse::class, $response);
        $this->assertEquals(404, $response->getStatusCode());

-        $content = json_decode($response->getContent(), true);
-        $this->assertEquals('error', $content['status']);
-        $this->assertEquals('Resource not found', $content['message']);
-        
        unset($_ENV['APP_ENV']);
    }

@@ -68,7 +106,7 @@ class ErrorListenerTest extends TestCase
        $kernel = $this->createMock(HttpKernelInterface::class);
        $request = new Request();

-        $exception = new \Exception('Error');
+        $exception = new \Exception('500 Error');
        $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception);

        $this->twig->expects($this->once())
@@ -79,9 +117,7 @@ class ErrorListenerTest extends TestCase
        $this->listener->onKernelException($event);

        $response = $event->getResponse();
-        $this->assertInstanceOf(Response::class, $response);
        $this->assertEquals(500, $response->getStatusCode());
-        $this->assertEquals('<html>Error</html>', $response->getContent());

        unset($_ENV['APP_ENV']);
    }