myCRM/test_permissions.php

<?php

require __DIR__.'/vendor/autoload.php';

use Symfony\Component\Dotenv\Dotenv;

(new Dotenv())->bootEnv(__DIR__.'/.env');

$kernel = new App\Kernel($_SERVER['APP_ENV'], (bool) $_SERVER['APP_DEBUG']);
$kernel->boot();
$container = $kernel->getContainer();

$entityManager = $container->get('doctrine.orm.entity_manager');

// Finde einen Nicht-Admin Benutzer
$userRepo = $entityManager->getRepository(App\Entity\User::class);
$user = $userRepo->findOneBy(['email' => 'o.schwarten@osdata.net']);

if (!$user) {
    echo "Benutzer nicht gefunden!\n";
    exit(1);
}

echo "Benutzer: " . $user->getEmail() . "\n";
echo "Rollen: " . implode(', ', $user->getRoles()) . "\n\n";

echo "User Roles (Entities): Count = " . $user->getUserRoles()->count() . "\n";

// Force load the collection
$userRoles = $user->getUserRoles();
if ($userRoles instanceof \Doctrine\ORM\PersistentCollection) {
    $userRoles->initialize();
}

foreach ($userRoles as $role) {
    echo "  - " . $role->getName() . " (ID: " . $role->getId() . ")\n";
    
    $permissions = $role->getPermissions();
    if ($permissions instanceof \Doctrine\ORM\PersistentCollection) {
        $permissions->initialize();
    }
    
    echo "    Permissions count: " . $permissions->count() . "\n";
    foreach ($permissions as $permission) {
        $module = $permission->getModule();
        echo "    Module: " . $module->getCode() . " - View: " . ($permission->canView() ? 'YES' : 'NO') . "\n";
    }
}

echo "\n";
echo "Testing hasModulePermission('billing', 'view'): ";
echo $user->hasModulePermission('billing', 'view') ? "TRUE" : "FALSE";
echo "\n";

echo "Testing hasModulePermission('invoices', 'view'): ";
echo $user->hasModulePermission('invoices', 'view') ? "TRUE" : "FALSE";
echo "\n";

// Test Voter
$authChecker = $container->get('security.authorization_checker');
$tokenStorage = $container->get('security.token_storage');

// Create a token for the user
$token = new Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken(
    $user,
    'main',
    $user->getRoles()
);
$tokenStorage->setToken($token);

echo "\nTesting Voter with is_granted('VIEW', 'billing'): ";
try {
    $result = $authChecker->isGranted('VIEW', 'billing');
    echo $result ? "TRUE" : "FALSE";
} catch (Exception $e) {
    echo "ERROR: " . $e->getMessage();
}
echo "\n";