Roukmoute/Classeo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Permettre la consultation et gestion des droits à l'image des élèves

Browse Source 
Les administrateurs et enseignants ont besoin de consulter et gérer
les autorisations de droit à l'image des élèves pour respecter
la réglementation lors de publications contenant des photos (FR82).

Cette fonctionnalité ajoute une page dédiée avec liste filtrable
par statut, modification individuelle via dropdown, export CSV
avec BOM UTF-8 pour Excel, et préparation du système d'avertissement
avant publication (query/handler prêts, intégration à faire quand
le module publication existera).

Le filtrage par classe (AC2) est bloqué en attente d'une table
d'affectation élève↔classe qui n'existe pas encore.
This commit is contained in:
Mathias STRASSER
2026-02-19 13:35:14 +01:00
parent 67734e4de3
commit 1b8bd6cd78
39 changed files with 3264 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

447
backend/tests/Functional/Administration/Api/ImageRightsEndpointsTest.php Normal file
View File

@@ -0,0 +1,447 @@
<?php
declare(strict_types=1);
namespace App\Tests\Functional\Administration\Api;
use ApiPlatform\Symfony\Bundle\Test\ApiTestCase;
use App\Administration\Domain\Model\User\Email;
use App\Administration\Domain\Model\User\ImageRightsStatus;
use App\Administration\Domain\Model\User\Role;
use App\Administration\Domain\Model\User\StatutCompte;
use App\Administration\Domain\Model\User\User;
use App\Administration\Domain\Model\User\UserId;
use App\Administration\Domain\Repository\UserRepository;
use App\Administration\Infrastructure\Security\SecurityUser;
use App\Shared\Domain\Tenant\TenantId;
use DateTimeImmutable;
use Doctrine\DBAL\Connection;
use PHPUnit\Framework\Attributes\Test;
/**
* Tests for image rights API endpoints.
*
* @see Story 2.12 - Consultation Liste Droit à l'Image
*/
final class ImageRightsEndpointsTest extends ApiTestCase
{
protected static ?bool $alwaysBootKernel = true;
private const string TENANT_ID = 'a1b2c3d4-e5f6-7890-abcd-ef1234567890';
private const string USER_ID = '550e8400-e29b-41d4-a716-446655440000';
private const string STUDENT_1_ID = 'aaaaaaaa-bbbb-cccc-dddd-111111111111';
private const string STUDENT_2_ID = 'aaaaaaaa-bbbb-cccc-dddd-222222222222';
private const string BASE_URL = 'http://ecole-alpha.classeo.local/api';
protected function tearDown(): void
{
$container = static::getContainer();
/** @var Connection $connection */
$connection = $container->get(Connection::class);
$connection->executeStatement('UPDATE users SET image_rights_updated_by = NULL WHERE image_rights_updated_by = :id', ['id' => self::USER_ID]);
$connection->executeStatement('DELETE FROM users WHERE id = :id', ['id' => self::STUDENT_1_ID]);
$connection->executeStatement('DELETE FROM users WHERE id = :id', ['id' => self::STUDENT_2_ID]);
$connection->executeStatement('DELETE FROM users WHERE id = :id', ['id' => self::USER_ID]);
parent::tearDown();
}
// =========================================================================
// Security - Without tenant
// =========================================================================
#[Test]
public function getImageRightsReturns404WithoutTenant(): void
{
$client = static::createClient();
$client->request('GET', '/api/students/image-rights', [
'headers' => [
'Host' => 'localhost',
'Accept' => 'application/json',
],
]);
self::assertResponseStatusCodeSame(404);
}
#[Test]
public function updateImageRightsReturns404WithoutTenant(): void
{
$client = static::createClient();
$client->request('PATCH', '/api/students/' . self::STUDENT_1_ID . '/image-rights', [
'headers' => [
'Host' => 'localhost',
'Accept' => 'application/json',
'Content-Type' => 'application/merge-patch+json',
],
'json' => ['imageRightsStatus' => 'authorized'],
]);
self::assertResponseStatusCodeSame(404);
}
#[Test]
public function exportImageRightsReturns404WithoutTenant(): void
{
$client = static::createClient();
$client->request('GET', '/api/students/image-rights/export', [
'headers' => [
'Host' => 'localhost',
'Accept' => 'application/json',
],
]);
self::assertResponseStatusCodeSame(404);
}
// =========================================================================
// Security - Without authentication
// =========================================================================
#[Test]
public function getImageRightsReturns401WithoutAuthentication(): void
{
$client = static::createClient();
$client->request('GET', self::BASE_URL . '/students/image-rights', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseStatusCodeSame(401);
}
#[Test]
public function updateImageRightsReturns401WithoutAuthentication(): void
{
$client = static::createClient();
$client->request('PATCH', self::BASE_URL . '/students/' . self::STUDENT_1_ID . '/image-rights', [
'headers' => [
'Accept' => 'application/json',
'Content-Type' => 'application/merge-patch+json',
],
'json' => ['imageRightsStatus' => 'authorized'],
]);
self::assertResponseStatusCodeSame(401);
}
#[Test]
public function exportImageRightsReturns401WithoutAuthentication(): void
{
$client = static::createClient();
$client->request('GET', self::BASE_URL . '/students/image-rights/export', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseStatusCodeSame(401);
}
// =========================================================================
// Security - Forbidden roles
// =========================================================================
#[Test]
public function getImageRightsReturns403ForStudent(): void
{
$client = $this->createAuthenticatedClient(['ROLE_ELEVE']);
$client->request('GET', self::BASE_URL . '/students/image-rights', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseStatusCodeSame(403);
}
#[Test]
public function updateImageRightsReturns403ForStudent(): void
{
$client = $this->createAuthenticatedClient(['ROLE_ELEVE']);
$client->request('PATCH', self::BASE_URL . '/students/' . self::STUDENT_1_ID . '/image-rights', [
'headers' => [
'Accept' => 'application/json',
'Content-Type' => 'application/merge-patch+json',
],
'json' => ['imageRightsStatus' => 'authorized'],
]);
self::assertResponseStatusCodeSame(403);
}
#[Test]
public function exportImageRightsReturns403ForStudent(): void
{
$client = $this->createAuthenticatedClient(['ROLE_ELEVE']);
$client->request('GET', self::BASE_URL . '/students/image-rights/export', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseStatusCodeSame(403);
}
#[Test]
public function getImageRightsReturns200ForTeacher(): void
{
$client = $this->createAuthenticatedClient(['ROLE_PROF']);
$client->request('GET', self::BASE_URL . '/students/image-rights', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseStatusCodeSame(200);
}
#[Test]
public function getImageRightsReturns403ForParent(): void
{
$client = $this->createAuthenticatedClient(['ROLE_PARENT']);
$client->request('GET', self::BASE_URL . '/students/image-rights', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseStatusCodeSame(403);
}
// =========================================================================
// AC1 (P1) - GET image rights collection
// =========================================================================
#[Test]
public function getImageRightsReturnsStudentsForAdmin(): void
{
$this->persistStudent(self::STUDENT_1_ID, 'Alice', 'Dupont', 'alice-ir@test.classeo.local', ImageRightsStatus::AUTHORIZED);
$this->persistStudent(self::STUDENT_2_ID, 'Bob', 'Martin', 'bob-ir@test.classeo.local', ImageRightsStatus::REFUSED);
$client = $this->createAuthenticatedClient(['ROLE_ADMIN']);
$response = $client->request('GET', self::BASE_URL . '/students/image-rights', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseIsSuccessful();
$data = $response->toArray();
self::assertNotEmpty($data);
self::assertArrayHasKey('id', $data[0]);
self::assertArrayHasKey('imageRightsStatus', $data[0]);
}
#[Test]
public function getImageRightsReturnsStudentsForSecretariat(): void
{
$this->persistStudent(self::STUDENT_1_ID, 'Alice', 'Dupont', 'alice-ir@test.classeo.local', ImageRightsStatus::AUTHORIZED);
$client = $this->createAuthenticatedClient(['ROLE_SECRETARIAT']);
$response = $client->request('GET', self::BASE_URL . '/students/image-rights', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseIsSuccessful();
$data = $response->toArray();
self::assertNotEmpty($data);
self::assertArrayHasKey('id', $data[0]);
self::assertArrayHasKey('imageRightsStatus', $data[0]);
}
// =========================================================================
// AC2 (P1) - Filter by status
// =========================================================================
#[Test]
public function getImageRightsFiltersByStatus(): void
{
$this->persistStudent(self::STUDENT_1_ID, 'Alice', 'Dupont', 'alice-ir@test.classeo.local', ImageRightsStatus::AUTHORIZED);
$this->persistStudent(self::STUDENT_2_ID, 'Bob', 'Martin', 'bob-ir@test.classeo.local', ImageRightsStatus::REFUSED);
$client = $this->createAuthenticatedClient(['ROLE_ADMIN']);
$response = $client->request('GET', self::BASE_URL . '/students/image-rights?status=authorized', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseIsSuccessful();
$data = $response->toArray();
self::assertNotEmpty($data);
foreach ($data as $member) {
self::assertSame('authorized', $member['imageRightsStatus']);
}
}
#[Test]
public function getImageRightsFiltersByStatusNotSpecified(): void
{
$this->persistStudent(self::STUDENT_1_ID, 'Alice', 'Dupont', 'alice-ir@test.classeo.local', ImageRightsStatus::NOT_SPECIFIED);
$this->persistStudent(self::STUDENT_2_ID, 'Bob', 'Martin', 'bob-ir@test.classeo.local', ImageRightsStatus::AUTHORIZED);
$client = $this->createAuthenticatedClient(['ROLE_ADMIN']);
$response = $client->request('GET', self::BASE_URL . '/students/image-rights?status=not_specified', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseIsSuccessful();
$data = $response->toArray();
self::assertNotEmpty($data);
foreach ($data as $member) {
self::assertSame('not_specified', $member['imageRightsStatus']);
}
}
// =========================================================================
// AC3 (P0) - PATCH update image rights
// =========================================================================
#[Test]
public function updateImageRightsReturns200ForAdmin(): void
{
$this->persistAdmin();
$this->persistStudent(self::STUDENT_1_ID, 'Alice', 'Dupont', 'alice-ir@test.classeo.local', ImageRightsStatus::NOT_SPECIFIED);
$client = $this->createAuthenticatedClient(['ROLE_ADMIN']);
$response = $client->request('PATCH', self::BASE_URL . '/students/' . self::STUDENT_1_ID . '/image-rights', [
'headers' => [
'Accept' => 'application/json',
'Content-Type' => 'application/merge-patch+json',
],
'json' => ['imageRightsStatus' => 'authorized'],
]);
self::assertResponseIsSuccessful();
$data = $response->toArray();
self::assertSame('authorized', $data['imageRightsStatus']);
self::assertSame(self::STUDENT_1_ID, $data['id']);
}
#[Test]
public function updateImageRightsReturns404ForUnknownStudent(): void
{
$client = $this->createAuthenticatedClient(['ROLE_ADMIN']);
$client->request('PATCH', self::BASE_URL . '/students/00000000-0000-0000-0000-000000000000/image-rights', [
'headers' => [
'Accept' => 'application/json',
'Content-Type' => 'application/merge-patch+json',
],
'json' => ['imageRightsStatus' => 'authorized'],
]);
self::assertResponseStatusCodeSame(404);
}
#[Test]
public function updateImageRightsReturns422ForInvalidStatus(): void
{
$this->persistStudent(self::STUDENT_1_ID, 'Alice', 'Dupont', 'alice-ir@test.classeo.local', ImageRightsStatus::NOT_SPECIFIED);
$client = $this->createAuthenticatedClient(['ROLE_ADMIN']);
$client->request('PATCH', self::BASE_URL . '/students/' . self::STUDENT_1_ID . '/image-rights', [
'headers' => [
'Accept' => 'application/json',
'Content-Type' => 'application/merge-patch+json',
],
'json' => ['imageRightsStatus' => 'invalid_status'],
]);
self::assertResponseStatusCodeSame(422);
}
// =========================================================================
// AC4 (P1) - Export CSV
// =========================================================================
#[Test]
public function exportImageRightsReturnsCsvForAdmin(): void
{
$this->persistStudent(self::STUDENT_1_ID, 'Alice', 'Dupont', 'alice-ir@test.classeo.local', ImageRightsStatus::AUTHORIZED);
$client = $this->createAuthenticatedClient(['ROLE_ADMIN']);
$response = $client->request('GET', self::BASE_URL . '/students/image-rights/export', [
'headers' => ['Accept' => 'application/json'],
]);
self::assertResponseIsSuccessful();
self::assertResponseHeaderSame('content-type', 'text/csv; charset=UTF-8');
self::assertResponseHeaderSame('content-disposition', 'attachment; filename="droits-image.csv"');
$content = $response->getContent();
self::assertStringContainsString('Nom', $content);
self::assertStringContainsString('Dupont', $content);
}
// =========================================================================
// Helpers
// =========================================================================
private function createAuthenticatedClient(array $roles): \ApiPlatform\Symfony\Bundle\Test\Client
{
$client = static::createClient();
$user = new SecurityUser(
userId: UserId::fromString(self::USER_ID),
email: 'admin@classeo.local',
hashedPassword: '',
tenantId: TenantId::fromString(self::TENANT_ID),
roles: $roles,
);
$client->loginUser($user, 'api');
return $client;
}
private function persistAdmin(): void
{
$admin = User::reconstitute(
id: UserId::fromString(self::USER_ID),
email: new Email('admin@classeo.local'),
roles: [Role::ADMIN],
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: 'École Alpha',
statut: StatutCompte::ACTIF,
dateNaissance: null,
createdAt: new DateTimeImmutable('2026-01-01'),
hashedPassword: 'dummy',
activatedAt: new DateTimeImmutable('2026-01-01'),
consentementParental: null,
);
/** @var UserRepository $repository */
$repository = static::getContainer()->get(UserRepository::class);
$repository->save($admin);
}
private function persistStudent(
string $id,
string $firstName,
string $lastName,
string $email,
ImageRightsStatus $imageRightsStatus,
): void {
$user = User::reconstitute(
id: UserId::fromString($id),
email: new Email($email),
roles: [Role::ELEVE],
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: 'École Alpha',
statut: StatutCompte::EN_ATTENTE,
dateNaissance: new DateTimeImmutable('2012-06-15'),
createdAt: new DateTimeImmutable('2026-01-15'),
hashedPassword: null,
activatedAt: null,
consentementParental: null,
firstName: $firstName,
lastName: $lastName,
imageRightsStatus: $imageRightsStatus,
);
/** @var UserRepository $repository */
$repository = static::getContainer()->get(UserRepository::class);
$repository->save($user);
}
}

187
backend/tests/Unit/Administration/Application/Command/UpdateImageRights/UpdateImageRightsHandlerTest.php Normal file
View File

@@ -0,0 +1,187 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Administration\Application\Command\UpdateImageRights;
use App\Administration\Application\Command\UpdateImageRights\UpdateImageRightsCommand;
use App\Administration\Application\Command\UpdateImageRights\UpdateImageRightsHandler;
use App\Administration\Domain\Event\DroitImageModifie;
use App\Administration\Domain\Exception\UserNotFoundException;
use App\Administration\Domain\Model\User\Email;
use App\Administration\Domain\Model\User\ImageRightsStatus;
use App\Administration\Domain\Model\User\Role;
use App\Administration\Domain\Model\User\User;
use App\Administration\Infrastructure\Persistence\InMemory\InMemoryUserRepository;
use App\Shared\Domain\Clock;
use App\Shared\Domain\Tenant\TenantId;
use DateTimeImmutable;
use PHPUnit\Framework\Attributes\Test;
use PHPUnit\Framework\TestCase;
final class UpdateImageRightsHandlerTest extends TestCase
{
private const string TENANT_ID = '550e8400-e29b-41d4-a716-446655440002';
private const string MODIFIER_ID = '550e8400-e29b-41d4-a716-446655440099';
private InMemoryUserRepository $userRepository;
private Clock $clock;
private UpdateImageRightsHandler $handler;
protected function setUp(): void
{
$this->userRepository = new InMemoryUserRepository();
$this->clock = new class implements Clock {
public function now(): DateTimeImmutable
{
return new DateTimeImmutable('2026-02-18 10:00:00');
}
};
$this->handler = new UpdateImageRightsHandler($this->userRepository, $this->clock);
}
#[Test]
public function updatesImageRightsToAuthorized(): void
{
$student = $this->createAndSaveStudent();
$command = new UpdateImageRightsCommand(
studentId: (string) $student->id,
status: 'authorized',
modifiedBy: self::MODIFIER_ID,
tenantId: self::TENANT_ID,
);
$user = ($this->handler)($command);
self::assertSame(ImageRightsStatus::AUTHORIZED, $user->imageRightsStatus);
}
#[Test]
public function updatesImageRightsToRefused(): void
{
$student = $this->createAndSaveStudent();
$command = new UpdateImageRightsCommand(
studentId: (string) $student->id,
status: 'refused',
modifiedBy: self::MODIFIER_ID,
tenantId: self::TENANT_ID,
);
$user = ($this->handler)($command);
self::assertSame(ImageRightsStatus::REFUSED, $user->imageRightsStatus);
}
#[Test]
public function recordsDroitImageModifieEvent(): void
{
$student = $this->createAndSaveStudent();
$student->pullDomainEvents();
$command = new UpdateImageRightsCommand(
studentId: (string) $student->id,
status: 'authorized',
modifiedBy: self::MODIFIER_ID,
tenantId: self::TENANT_ID,
);
$user = ($this->handler)($command);
$events = $user->pullDomainEvents();
self::assertCount(1, $events);
self::assertInstanceOf(DroitImageModifie::class, $events[0]);
}
#[Test]
public function throwsWhenStudentNotFound(): void
{
$this->expectException(UserNotFoundException::class);
$command = new UpdateImageRightsCommand(
studentId: '550e8400-e29b-41d4-a716-446655440000',
status: 'authorized',
modifiedBy: self::MODIFIER_ID,
tenantId: self::TENANT_ID,
);
($this->handler)($command);
}
#[Test]
public function throwsWhenTenantMismatch(): void
{
$student = $this->createAndSaveStudent();
$this->expectException(UserNotFoundException::class);
$command = new UpdateImageRightsCommand(
studentId: (string) $student->id,
status: 'authorized',
modifiedBy: self::MODIFIER_ID,
tenantId: '550e8400-e29b-41d4-a716-446655440099',
);
($this->handler)($command);
}
#[Test]
public function throwsWhenUserIsNotStudent(): void
{
$admin = User::creer(
email: new Email('admin@example.com'),
role: Role::ADMIN,
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: 'École Alpha',
dateNaissance: null,
createdAt: new DateTimeImmutable('2026-01-15 10:00:00'),
);
$this->userRepository->save($admin);
$this->expectException(UserNotFoundException::class);
$command = new UpdateImageRightsCommand(
studentId: (string) $admin->id,
status: 'authorized',
modifiedBy: self::MODIFIER_ID,
tenantId: self::TENANT_ID,
);
($this->handler)($command);
}
#[Test]
public function savesUserAfterUpdate(): void
{
$student = $this->createAndSaveStudent();
$command = new UpdateImageRightsCommand(
studentId: (string) $student->id,
status: 'refused',
modifiedBy: self::MODIFIER_ID,
tenantId: self::TENANT_ID,
);
($this->handler)($command);
$saved = $this->userRepository->get($student->id);
self::assertSame(ImageRightsStatus::REFUSED, $saved->imageRightsStatus);
}
private function createAndSaveStudent(): User
{
$student = User::creer(
email: new Email('eleve@example.com'),
role: Role::ELEVE,
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: 'École Alpha',
dateNaissance: new DateTimeImmutable('2012-06-15'),
createdAt: new DateTimeImmutable('2026-01-15 10:00:00'),
);
$this->userRepository->save($student);
return $student;
}
}

136
backend/tests/Unit/Administration/Application/Query/CheckImageRights/CheckImageRightsHandlerTest.php Normal file
View File

@@ -0,0 +1,136 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Administration\Application\Query\CheckImageRights;
use App\Administration\Application\Query\CheckImageRights\CheckImageRightsHandler;
use App\Administration\Application\Query\CheckImageRights\CheckImageRightsQuery;
use App\Administration\Domain\Exception\UserNotFoundException;
use App\Administration\Domain\Model\User\Email;
use App\Administration\Domain\Model\User\ImageRightsStatus;
use App\Administration\Domain\Model\User\Role;
use App\Administration\Domain\Model\User\User;
use App\Administration\Domain\Model\User\UserId;
use App\Administration\Infrastructure\Persistence\InMemory\InMemoryUserRepository;
use App\Shared\Domain\Tenant\TenantId;
use DateTimeImmutable;
use PHPUnit\Framework\Attributes\Test;
use PHPUnit\Framework\TestCase;
final class CheckImageRightsHandlerTest extends TestCase
{
private const string TENANT_ID = '550e8400-e29b-41d4-a716-446655440002';
private InMemoryUserRepository $userRepository;
private CheckImageRightsHandler $handler;
protected function setUp(): void
{
$this->userRepository = new InMemoryUserRepository();
$this->handler = new CheckImageRightsHandler($this->userRepository);
}
#[Test]
public function authorizedStudentCanPublish(): void
{
$student = $this->createStudentWithStatus(ImageRightsStatus::AUTHORIZED);
$query = new CheckImageRightsQuery(
studentId: (string) $student->id,
tenantId: self::TENANT_ID,
);
$result = ($this->handler)($query);
self::assertTrue($result->canPublish);
self::assertNull($result->warningMessage);
self::assertSame(ImageRightsStatus::AUTHORIZED, $result->status);
}
#[Test]
public function refusedStudentCannotPublish(): void
{
$student = $this->createStudentWithStatus(ImageRightsStatus::REFUSED);
$query = new CheckImageRightsQuery(
studentId: (string) $student->id,
tenantId: self::TENANT_ID,
);
$result = ($this->handler)($query);
self::assertFalse($result->canPublish);
self::assertNotNull($result->warningMessage);
self::assertStringContainsString('PAS l\'autorisation', $result->warningMessage);
}
#[Test]
public function notSpecifiedStudentCannotPublish(): void
{
$student = $this->createStudentWithStatus(ImageRightsStatus::NOT_SPECIFIED);
$query = new CheckImageRightsQuery(
studentId: (string) $student->id,
tenantId: self::TENANT_ID,
);
$result = ($this->handler)($query);
self::assertFalse($result->canPublish);
self::assertNotNull($result->warningMessage);
self::assertStringContainsString('pas renseigné', $result->warningMessage);
}
#[Test]
public function throwsWhenStudentNotFound(): void
{
$this->expectException(UserNotFoundException::class);
$query = new CheckImageRightsQuery(
studentId: '550e8400-e29b-41d4-a716-446655440000',
tenantId: self::TENANT_ID,
);
($this->handler)($query);
}
#[Test]
public function throwsWhenTenantMismatch(): void
{
$student = $this->createStudentWithStatus(ImageRightsStatus::AUTHORIZED);
$this->expectException(UserNotFoundException::class);
$query = new CheckImageRightsQuery(
studentId: (string) $student->id,
tenantId: '550e8400-e29b-41d4-a716-446655440099',
);
($this->handler)($query);
}
private function createStudentWithStatus(ImageRightsStatus $status): User
{
$student = User::creer(
email: new Email('eleve@example.com'),
role: Role::ELEVE,
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: 'École Alpha',
dateNaissance: new DateTimeImmutable('2012-06-15'),
createdAt: new DateTimeImmutable('2026-01-15 10:00:00'),
);
if ($status !== ImageRightsStatus::NOT_SPECIFIED) {
$student->modifierDroitImage(
$status,
UserId::fromString('550e8400-e29b-41d4-a716-446655440099'),
new DateTimeImmutable(),
);
}
$this->userRepository->save($student);
return $student;
}
}

144
backend/tests/Unit/Administration/Application/Query/GetStudentsImageRights/GetStudentsImageRightsHandlerTest.php Normal file
View File

@@ -0,0 +1,144 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Administration\Application\Query\GetStudentsImageRights;
use App\Administration\Application\Query\GetStudentsImageRights\GetStudentsImageRightsHandler;
use App\Administration\Application\Query\GetStudentsImageRights\GetStudentsImageRightsQuery;
use App\Administration\Domain\Model\User\Email;
use App\Administration\Domain\Model\User\ImageRightsStatus;
use App\Administration\Domain\Model\User\Role;
use App\Administration\Domain\Model\User\User;
use App\Administration\Domain\Model\User\UserId;
use App\Administration\Infrastructure\Persistence\InMemory\InMemoryUserRepository;
use App\Shared\Domain\Tenant\TenantId;
use DateTimeImmutable;
use PHPUnit\Framework\Attributes\Test;
use PHPUnit\Framework\TestCase;
final class GetStudentsImageRightsHandlerTest extends TestCase
{
private const string TENANT_ID = '550e8400-e29b-41d4-a716-446655440002';
private InMemoryUserRepository $userRepository;
private GetStudentsImageRightsHandler $handler;
protected function setUp(): void
{
$this->userRepository = new InMemoryUserRepository();
$this->handler = new GetStudentsImageRightsHandler($this->userRepository);
}
#[Test]
public function returnsOnlyStudents(): void
{
$this->seedStudentsAndParent();
$query = new GetStudentsImageRightsQuery(tenantId: self::TENANT_ID);
$result = ($this->handler)($query);
self::assertCount(2, $result);
}
#[Test]
public function filtersStudentsByStatus(): void
{
$this->seedStudentsAndParent();
$query = new GetStudentsImageRightsQuery(
tenantId: self::TENANT_ID,
status: 'authorized',
);
$result = ($this->handler)($query);
self::assertCount(1, $result);
self::assertSame('authorized', $result[0]->imageRightsStatus);
}
#[Test]
public function returnsEmptyForNoStudents(): void
{
$query = new GetStudentsImageRightsQuery(tenantId: self::TENANT_ID);
$result = ($this->handler)($query);
self::assertCount(0, $result);
}
#[Test]
public function doesNotReturnStudentsFromOtherTenant(): void
{
$this->seedStudentsAndParent();
$query = new GetStudentsImageRightsQuery(
tenantId: '550e8400-e29b-41d4-a716-446655440099',
);
$result = ($this->handler)($query);
self::assertCount(0, $result);
}
#[Test]
public function returnsDtoWithCorrectFields(): void
{
$this->seedStudentsAndParent();
$query = new GetStudentsImageRightsQuery(
tenantId: self::TENANT_ID,
status: 'authorized',
);
$result = ($this->handler)($query);
self::assertCount(1, $result);
$dto = $result[0];
self::assertSame('Alice', $dto->firstName);
self::assertSame('Dupont', $dto->lastName);
self::assertSame('authorized', $dto->imageRightsStatus);
self::assertSame('Autorisé', $dto->imageRightsStatusLabel);
}
private function seedStudentsAndParent(): void
{
$student1 = User::inviter(
email: new Email('alice@example.com'),
role: Role::ELEVE,
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: 'École Alpha',
firstName: 'Alice',
lastName: 'Dupont',
invitedAt: new DateTimeImmutable('2026-01-15'),
dateNaissance: new DateTimeImmutable('2012-06-15'),
);
$student1->modifierDroitImage(
ImageRightsStatus::AUTHORIZED,
UserId::fromString('550e8400-e29b-41d4-a716-446655440099'),
new DateTimeImmutable('2026-02-01'),
);
$student2 = User::inviter(
email: new Email('bob@example.com'),
role: Role::ELEVE,
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: 'École Alpha',
firstName: 'Bob',
lastName: 'Martin',
invitedAt: new DateTimeImmutable('2026-01-15'),
dateNaissance: new DateTimeImmutable('2013-03-20'),
);
// Bob has default NOT_SPECIFIED
$parent = User::inviter(
email: new Email('parent@example.com'),
role: Role::PARENT,
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: 'École Alpha',
firstName: 'Pierre',
lastName: 'Dupont',
invitedAt: new DateTimeImmutable('2026-01-15'),
);
$this->userRepository->save($student1);
$this->userRepository->save($student2);
$this->userRepository->save($parent);
}
}

113
backend/tests/Unit/Administration/Application/Service/ImageRightsExporterTest.php Normal file
View File

@@ -0,0 +1,113 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Administration\Application\Service;
use App\Administration\Application\Query\GetStudentsImageRights\StudentImageRightsDto;
use App\Administration\Application\Service\ImageRightsExporter;
use DateTimeImmutable;
use PHPUnit\Framework\Attributes\Test;
use PHPUnit\Framework\TestCase;
final class ImageRightsExporterTest extends TestCase
{
private ImageRightsExporter $exporter;
protected function setUp(): void
{
$this->exporter = new ImageRightsExporter();
}
#[Test]
public function startsWithUtf8Bom(): void
{
$csv = $this->exporter->export([]);
self::assertStringStartsWith("\xEF\xBB\xBF", $csv);
}
#[Test]
public function exportsHeaderRow(): void
{
$csv = $this->exporter->export([]);
self::assertStringContainsString('Nom;Prénom;Classe;Statut', $csv);
}
#[Test]
public function exportsStudentData(): void
{
$students = [
new StudentImageRightsDto(
id: 'id-1',
firstName: 'Alice',
lastName: 'Dupont',
email: 'alice@example.com',
imageRightsStatus: 'authorized',
imageRightsStatusLabel: 'Autorisé',
imageRightsUpdatedAt: new DateTimeImmutable(),
className: '6ème A',
),
new StudentImageRightsDto(
id: 'id-2',
firstName: 'Bob',
lastName: 'Martin',
email: 'bob@example.com',
imageRightsStatus: 'refused',
imageRightsStatusLabel: 'Refusé',
imageRightsUpdatedAt: null,
className: '5ème B',
),
];
$csv = $this->exporter->export($students);
self::assertStringContainsString('Dupont;Alice;"6ème A";Autorisé', $csv);
self::assertStringContainsString('Martin;Bob;"5ème B";Refusé', $csv);
}
#[Test]
public function handlesNullClassName(): void
{
$students = [
new StudentImageRightsDto(
id: 'id-1',
firstName: 'Alice',
lastName: 'Dupont',
email: 'alice@example.com',
imageRightsStatus: 'not_specified',
imageRightsStatusLabel: 'Non renseigné',
imageRightsUpdatedAt: null,
className: null,
),
];
$csv = $this->exporter->export($students);
self::assertStringContainsString('Dupont;Alice;;"Non renseigné"', $csv);
}
#[Test]
public function exportContainsCorrectNumberOfLines(): void
{
$students = [
new StudentImageRightsDto(
id: 'id-1',
firstName: 'Alice',
lastName: 'Dupont',
email: 'alice@example.com',
imageRightsStatus: 'authorized',
imageRightsStatusLabel: 'Autorisé',
imageRightsUpdatedAt: null,
className: '6ème A',
),
];
$csv = $this->exporter->export($students);
$lines = array_filter(explode("\n", trim($csv)));
// 1 header + 1 data row
self::assertCount(2, $lines);
}
}

46
backend/tests/Unit/Administration/Domain/Model/User/ImageRightsStatusTest.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Administration\Domain\Model\User;
use App\Administration\Domain\Model\User\ImageRightsStatus;
use PHPUnit\Framework\Attributes\Test;
use PHPUnit\Framework\TestCase;
final class ImageRightsStatusTest extends TestCase
{
#[Test]
public function allCasesHaveLabels(): void
{
foreach (ImageRightsStatus::cases() as $status) {
self::assertNotEmpty($status->label());
}
}
#[Test]
public function authorizedEstAutorise(): void
{
self::assertTrue(ImageRightsStatus::AUTHORIZED->estAutorise());
}
#[Test]
public function refusedNEstPasAutorise(): void
{
self::assertFalse(ImageRightsStatus::REFUSED->estAutorise());
}
#[Test]
public function notSpecifiedNEstPasAutorise(): void
{
self::assertFalse(ImageRightsStatus::NOT_SPECIFIED->estAutorise());
}
#[Test]
public function backedValuesAreCorrect(): void
{
self::assertSame('authorized', ImageRightsStatus::AUTHORIZED->value);
self::assertSame('refused', ImageRightsStatus::REFUSED->value);
self::assertSame('not_specified', ImageRightsStatus::NOT_SPECIFIED->value);
}
}

138
backend/tests/Unit/Administration/Domain/Model/User/UserImageRightsTest.php Normal file
View File

@@ -0,0 +1,138 @@
<?php
declare(strict_types=1);
namespace App\Tests\Unit\Administration\Domain\Model\User;
use App\Administration\Domain\Event\DroitImageModifie;
use App\Administration\Domain\Model\User\Email;
use App\Administration\Domain\Model\User\ImageRightsStatus;
use App\Administration\Domain\Model\User\Role;
use App\Administration\Domain\Model\User\User;
use App\Administration\Domain\Model\User\UserId;
use App\Shared\Domain\Tenant\TenantId;
use DateTimeImmutable;
use PHPUnit\Framework\Attributes\Test;
use PHPUnit\Framework\TestCase;
final class UserImageRightsTest extends TestCase
{
private const string TENANT_ID = '550e8400-e29b-41d4-a716-446655440002';
private const string SCHOOL_NAME = 'École Alpha';
private const string MODIFIER_ID = '550e8400-e29b-41d4-a716-446655440099';
#[Test]
public function newUserHasNotSpecifiedImageRights(): void
{
$user = $this->createStudent();
self::assertSame(ImageRightsStatus::NOT_SPECIFIED, $user->imageRightsStatus);
self::assertNull($user->imageRightsUpdatedAt);
self::assertNull($user->imageRightsUpdatedBy);
}
#[Test]
public function modifierDroitImageSetsAuthorized(): void
{
$user = $this->createStudent();
$at = new DateTimeImmutable('2026-02-18 10:00:00');
$modifierId = UserId::fromString(self::MODIFIER_ID);
$user->modifierDroitImage(ImageRightsStatus::AUTHORIZED, $modifierId, $at);
self::assertSame(ImageRightsStatus::AUTHORIZED, $user->imageRightsStatus);
self::assertEquals($at, $user->imageRightsUpdatedAt);
self::assertTrue($user->imageRightsUpdatedBy->equals($modifierId));
}
#[Test]
public function modifierDroitImageSetsRefused(): void
{
$user = $this->createStudent();
$at = new DateTimeImmutable('2026-02-18 10:00:00');
$modifierId = UserId::fromString(self::MODIFIER_ID);
$user->modifierDroitImage(ImageRightsStatus::REFUSED, $modifierId, $at);
self::assertSame(ImageRightsStatus::REFUSED, $user->imageRightsStatus);
}
#[Test]
public function modifierDroitImageRecordsDroitImageModifieEvent(): void
{
$user = $this->createStudent();
$user->pullDomainEvents();
$at = new DateTimeImmutable('2026-02-18 10:00:00');
$modifierId = UserId::fromString(self::MODIFIER_ID);
$user->modifierDroitImage(ImageRightsStatus::AUTHORIZED, $modifierId, $at);
$events = $user->pullDomainEvents();
self::assertCount(1, $events);
self::assertInstanceOf(DroitImageModifie::class, $events[0]);
/** @var DroitImageModifie $event */
$event = $events[0];
self::assertTrue($user->id->equals($event->userId));
self::assertSame(ImageRightsStatus::AUTHORIZED, $event->nouveauStatut);
self::assertSame(ImageRightsStatus::NOT_SPECIFIED, $event->ancienStatut);
}
#[Test]
public function modifierDroitImageTracksOldStatus(): void
{
$user = $this->createStudent();
$modifierId = UserId::fromString(self::MODIFIER_ID);
$user->modifierDroitImage(ImageRightsStatus::AUTHORIZED, $modifierId, new DateTimeImmutable());
$user->pullDomainEvents();
$user->modifierDroitImage(ImageRightsStatus::REFUSED, $modifierId, new DateTimeImmutable());
$events = $user->pullDomainEvents();
/** @var DroitImageModifie $event */
$event = $events[0];
self::assertSame(ImageRightsStatus::AUTHORIZED, $event->ancienStatut);
self::assertSame(ImageRightsStatus::REFUSED, $event->nouveauStatut);
}
#[Test]
public function reconstitutePreservesImageRightsData(): void
{
$at = new DateTimeImmutable('2026-02-18 10:00:00');
$modifierId = UserId::fromString(self::MODIFIER_ID);
$user = User::reconstitute(
id: UserId::generate(),
email: new Email('eleve@example.com'),
roles: [Role::ELEVE],
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: self::SCHOOL_NAME,
statut: \App\Administration\Domain\Model\User\StatutCompte::EN_ATTENTE,
dateNaissance: null,
createdAt: new DateTimeImmutable(),
hashedPassword: null,
activatedAt: null,
consentementParental: null,
imageRightsStatus: ImageRightsStatus::AUTHORIZED,
imageRightsUpdatedAt: $at,
imageRightsUpdatedBy: $modifierId,
);
self::assertSame(ImageRightsStatus::AUTHORIZED, $user->imageRightsStatus);
self::assertEquals($at, $user->imageRightsUpdatedAt);
self::assertTrue($user->imageRightsUpdatedBy->equals($modifierId));
}
private function createStudent(): User
{
return User::creer(
email: new Email('eleve@example.com'),
role: Role::ELEVE,
tenantId: TenantId::fromString(self::TENANT_ID),
schoolName: self::SCHOOL_NAME,
dateNaissance: new DateTimeImmutable('2012-06-15'),
createdAt: new DateTimeImmutable('2026-01-15 10:00:00'),
);
}
}

5
backend/tests/Unit/Administration/Infrastructure/Api/Processor/ActivateAccountProcessorTest.php
View File

@@ -183,6 +183,11 @@ final class ActivateAccountProcessorTest extends TestCase
{
return [];
}
public function findStudentsByTenant(TenantId $tenantId): array
{
return [];
}
};
$consentementPolicy = new ConsentementParentalPolicy($this->clock);