Add readonly inherited vvt

- Adds extra column "Inherited by team" to vvt table
- Inherited vvt cannot be edited

src/Controller/VvtController.php

@@ -9,6 +9,7 @@
 namespace App\Controller;
 
 use App\Form\Type\VvtDsfaType;
+use App\Repository\TeamRepository;
 use App\Repository\VVTDsfaRepository;
 use App\Repository\VVTRepository;
 use App\Service\ApproveService;
@@ -216,12 +217,14 @@ public function editVvt(
         VVTDatenkategorieService $VVTDatenkategorieService,
         CurrentTeamService       $currentTeamService,
         VVTRepository            $vvtRepository,
+        TeamRepository           $teamRepository
     ): Response
     {
         $team = $currentTeamService->getCurrentTeam($this->getUser());
         $vvt = $vvtRepository->find($request->get('id'));
+        $teamPath = $team ? $teamRepository->getPath($team) : null;
 
-        if ($securityService->teamDataCheck($vvt, $team) === false) {
+        if ($securityService->teamPathDataCheck($vvt, $teamPath) === false) {
             return $this->redirectToRoute('vvt');
         }
         $newVvt = $VVTService->cloneVvt($vvt, $this->getUser());
@@ -230,13 +233,13 @@ public function editVvt(
             $newVvt->addKategorien($VVTDatenkategorieService->findLatestKategorie($cloneKat->getCloneOf()));//wir hängen die neueste gültige Datenkategorie an den VVT clone an.
         }
 
-        $form = $VVTService->createForm($newVvt, $team);
+        $form = $VVTService->createForm($newVvt, $team, ['disabled' => $vvt->getTeam() !== $team]);
         $form->remove('nummer');
         $form->handleRequest($request);
         $assign = $assignService->createForm($vvt, $team);
 
         $errors = array();
-        if ($form->isSubmitted() && $form->isValid() && $vvt->getActiv() && !$vvt->getApproved()) {
+        if ($form->isSubmitted() && $form->isValid() && $vvt->getActiv() && !$vvt->getApproved() && $vvt->getTeam() === $team) {
             $vvt->setActiv(false);
             $newVvt = $form->getData();
 
@@ -287,7 +290,8 @@ public function editVvt(
             'vvt' => $vvt,
             'activ' => $vvt->getActiv(),
             'activNummer' => false,
-            'snack' => $request->get('snack')
+            'snack' => $request->get('snack'),
+            'isEditable' => $vvt->getTeam() === $team
         ]);
     }
 
@@ -353,13 +357,15 @@ public function index(
         Request            $request,
         CurrentTeamService $currentTeamService,
         VVTRepository      $vvtRepository,
+        TeamRepository     $teamRepository
     ): Response
     {
         $team = $currentTeamService->getCurrentTeam($this->getUser());
         if ($securityService->teamCheck($team) === false) {
             return $this->redirectToRoute('dashboard');
         }
-        $vvt = $vvtRepository->findActiveByTeam($team);
+        $teamPath = $teamRepository->getPath($team);
+        $vvt = $vvtRepository->findActiveByTeamPath($teamPath);
 
         return $this->render('vvt/index.html.twig', [
             'vvt' => $vvt,

src/Form/Type/VVTType.php

@@ -40,6 +40,10 @@ class VVTType extends AbstractType
 {
     public function buildForm(FormBuilderInterface $builder, array $options)
     {
+        $summernoteClass = 'summernote';
+        if ($options['disabled']) {
+            $summernoteClass .= ' summernote-disable';
+        }
 
         $builder
             ->add('nummer', TextType::class, [
@@ -82,7 +86,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                 'help' => 'procedureUsedSOftwareHelp'
             ])
             ->add('zweck', TextareaType::class, [
-                'attr' => ['class' => 'summernote'],
+                'attr' => ['class' => $summernoteClass],
                 'label' => 'procedurePurpose',
                 'required' => true,
                 'translation_domain' => 'form',
@@ -101,7 +105,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                 'help' => 'isContractHelp'
             ])
             ->add('speicherung', TextareaType::class, [
-                'attr' => ['class' => 'summernote'],
+                'attr' => ['class' => $summernoteClass],
                 'label' => 'procedureDataStorage',
                 'required' => true,
                 'translation_domain' => 'form',
@@ -115,7 +119,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                 'help' => 'deleteDeadlineHelp'
             ])
             ->add('weitergabe', TextareaType::class, [
-                'attr' => ['class' => 'summernote'],
+                'attr' => ['readonly'=>true, 'class' => $summernoteClass],
                 'label' => 'procedureDataTransferPartners',
                 'required' => false,
                 'translation_domain' => 'form',
@@ -192,7 +196,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                 'help' => 'procedureTOM'
             ])
             ->add('tom', TextareaType::class, [
-                'attr' => ['class' => 'summernote'],
+                'attr' => ['class' => $summernoteClass],
                 'label' => 'procedureFurtherMeasures',
                 'required' => false,
                 'translation_domain' => 'form',
@@ -245,14 +249,14 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                 'help' => 'procedureDataCollectionHelp'
             ])
             ->add('informationspflicht', TextareaType::class, [
-                'attr' => ['class' => 'summernote'],
+                'attr' => ['readonly'=>true, 'class' => $summernoteClass],
                 'label' => 'informationObligation',
                 'required' => false,
                 'translation_domain' => 'form',
                 'help' => 'informationObligationHelp'
             ])
             ->add('dsb', TextareaType::class, [
-                'attr' => ['class' => 'summernote'],
+                'attr' => ['class' => $summernoteClass],
                 'label' => 'dsbComment',
                 'required' => false,
                 'translation_domain' => 'form',
@@ -327,7 +331,8 @@ public function configureOptions(OptionsResolver $resolver)
             'tom' => array(),
             'abteilung' => array(),
             'produkte' => array(),
-            'software' => array()
+            'software' => array(),
+            'disabled' => true
         ]);
     }
 }

src/Service/SecurityService.php

@@ -135,4 +135,37 @@ public function teamDataCheck($data, $team): bool
 
         return true;
     }
+
+    /**
+     * @param $data
+     * @param Team[]|null $teamPath
+     * @return bool
+     */
+    public function teamPathDataCheck($data, ?array $teamPath): bool
+    {
+        //Sicherheitsfunktion, dass ein Team vorhanden ist
+        if (!$teamPath) {
+            $message = [
+                'typ' => 'LOGIN',
+                'error' => true,
+                'hinweis' => $this->translator->trans(id: 'error.userWithoutTeam', domain: 'general'),
+            ];
+            $this->logger->error($message['typ'], $message);
+            return false;
+        }
+
+        //Sicherheitsfunktion, dass nur eigene Daten bearbeitet werden können
+        if (!in_array($data->getTeam(), $teamPath)) {
+            $message = [
+                'typ' => 'LOGIN',
+                'error' => true,
+                'hinweis' => $this->translator->trans(id: 'error.userNotInTeamAccessDenied', domain: 'general'),
+                'team' => $teamPath,
+            ];
+            $this->logger->error($message['typ'], $message);
+            return false;
+        }
+
+        return true;
+    }
 }

src/Service/VVTService.php

@@ -62,7 +62,7 @@ function cloneVvt(VVT $vvt, User $user)
         return $newVvt;
     }
 
-    function createForm(VVT $VVT, Team $team)
+    function createForm(VVT $VVT, Team $team, array $options = [])
     {
         $status = $this->em->getRepository(VVTStatus::class)->findActiveByTeam($team);
         $personen = $this->em->getRepository(VVTPersonen::class)->findByTeam($team);
@@ -75,21 +75,22 @@ function createForm(VVT $VVT, Team $team)
         $produkte = $this->em->getRepository(Produkte::class)->findActiveByTeam($team);
         $software = $this->em->getRepository(Software::class)->findActiveByTeam($team);
 
-        $form = $this->formBuilder->create(VVTType::class, $VVT, [
-            'personen' => $personen,
-            'kategorien' => $kategorien,
-            'risiken' => $risiken,
-            'status' => $status,
-            'grundlage' => $grundlagen,
-            'user' => $team->getMembers(),
-            'daten' => $daten,
-            'tom' => $tom,
-            'abteilung' => $abteilung,
-            'produkte' => $produkte,
-            'software' => $software
-        ]);
-
-        return $form;
+        return $this->formBuilder->create(VVTType::class, $VVT, array_merge(
+            [
+                'personen' => $personen,
+                'kategorien' => $kategorien,
+                'risiken' => $risiken,
+                'status' => $status,
+                'grundlage' => $grundlagen,
+                'user' => $team->getMembers(),
+                'daten' => $daten,
+                'tom' => $tom,
+                'abteilung' => $abteilung,
+                'produkte' => $produkte,
+                'software' => $software
+            ],
+            $options
+        ));
     }
 
     function newDsfa(Team $team, User $user, VVT $vvt)

templates/vvt/index.html.twig

@@ -25,6 +25,7 @@
                     <th scope="col">{% trans from 'general' %}product{% endtrans %}</th>
                     <th scope="col">{% trans from 'general' %}state{% endtrans %}</th>
                     <th scope="col">{% trans %}assessment{% endtrans %}</th>
+                    <th scope="col">{% trans from 'general' %}inheritance.fromTeam{% endtrans %}</th>
                 </tr>
                 </thead>
                 <tbody>
@@ -46,6 +47,9 @@
                             {% endif %}
                         </td>
                         <td>| E: {{ v.beurteilungEintrittString }}<br>| S: {{ v.beurteilungSchadenString }}</td>
+                        <td{% if v.team != currentTeam %} title="{% trans from 'general' %}inheritance.infoText{% endtrans %}"{% endif %}>
+                            {% if v.team != currentTeam %}{{ v.team }}{% else %}-{% endif %}
+                        </td>
                     </tr>
                 {% endfor %}
                 </tbody>

translations/general/general.de.yaml

@@ -95,3 +95,6 @@ uuid: UID
 version: Version
 versionApproved: (Diese Version war freigegeben)
 yes: Ja
+inheritance:
+  fromTeam: Von Team vererbt
+  infoText: Dieses Element wurde durch Team-Vererbung übertragen und ist daher nicht bearbeitbar.

translations/general/general.en.yaml

@@ -92,3 +92,6 @@ uuid: UID
 version: Version
 versionApproved: (Diese Version war freigegeben)
 yes: Ja
+inheritance:
+  fromTeam: Inherited from team
+  infoText: This element was transferred by team inheritance und thus is not editable.

translations/general/general.ev.yaml

@@ -92,3 +92,6 @@ uuid: UID
 version: Version
 versionApproved: (Diese Version war freigegeben)
 yes: Ja
+inheritance:
+  fromTeam: Von Team vererbt
+  infoText: Dieses Element wurde durch Team-Vererbung übertragen und ist daher nicht bearbeitbar.

translations/general/general.fr.yaml

@@ -92,3 +92,6 @@ uuid: UID
 version: Version
 versionApproved: (Diese Version war freigegeben)
 yes: Ja
+inheritance:
+  fromTeam: Von Team vererbt
+  infoText: Dieses Element wurde durch Team-Vererbung übertragen und ist daher nicht bearbeitbar.