[Security] Replace jemengage_admin auth check

src/AdherentMessage/AdherentMessageTypeEnum.php

@@ -16,7 +16,7 @@
 use App\Entity\AdherentMessage\StatutoryAdherentMessage;
 use App\Scope\FeatureEnum;
 use App\Scope\ScopeEnum;
-use App\Security\Voter\FeatureVoter;
+use App\Security\Voter\RequestScopeVoter;
 use MyCLabs\Enum\Enum;
 
 class AdherentMessageTypeEnum extends Enum
@@ -69,7 +69,7 @@ class AdherentMessageTypeEnum extends Enum
 
         PresidentDepartmentalAssemblyAdherentMessage::class => ['ROLE_PRESIDENT_DEPARTMENTAL_ASSEMBLY', 'ROLE_DELEGATED_PRESIDENT_DEPARTMENTAL_ASSEMBLY'],
 
-        StatutoryAdherentMessage::class => [[FeatureVoter::PERMISSION, [FeatureEnum::STATUTORY_MESSAGE]]],
+        StatutoryAdherentMessage::class => [[RequestScopeVoter::SCOPE_AND_FEATURE_GRANTED, [FeatureEnum::STATUTORY_MESSAGE]]],
 
         FdeCoordinatorAdherentMessage::class => ['ROLE_FDE_COORDINATOR', 'ROLE_DELEGATED_FDE_COORDINATOR'],
     ];

src/Api/Serializer/JecouteNewsGroupsContextBuilder.php

@@ -7,7 +7,7 @@
 use App\Scope\AuthorizationChecker;
 use App\Scope\FeatureEnum;
 use App\Scope\ScopeEnum;
-use App\Security\Voter\FeatureVoter;
+use App\Security\Voter\RequestScopeVoter;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 
@@ -33,7 +33,7 @@ public function createFromRequest(Request $request, bool $normalization, ?array
         $resourceClass = $context['resource_class'] ?? null;
 
         if (News::class !== $resourceClass
-            || !$this->authorizationChecker->isGranted(FeatureVoter::PERMISSION, FeatureEnum::NEWS)
+            || !$this->authorizationChecker->isGranted(RequestScopeVoter::SCOPE_AND_FEATURE_GRANTED, FeatureEnum::NEWS)
             || !\in_array($request->getMethod(), [Request::METHOD_POST, Request::METHOD_PUT])
         ) {
             return $context;

src/Controller/Api/Action/CancelActionController.php

@@ -11,7 +11,7 @@
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Messenger\MessageBusInterface;
 
-#[Security("is_granted('IS_FEATURE_GRANTED', 'actions') and (action.getAuthor() == user or user.hasDelegatedFromUser(action.getAuthor(), 'actions'))")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'actions') and (action.getAuthor() == user or user.hasDelegatedFromUser(action.getAuthor(), 'actions'))")]
 class CancelActionController extends AbstractController
 {
     public function __invoke(Action $action, EntityManagerInterface $manager, MessageBusInterface $bus): Response

src/Controller/Api/AdherentAutocompleteController.php

@@ -16,7 +16,7 @@
 use Symfony\Component\Serializer\Normalizer\DenormalizerInterface;
 
 #[Route(path: '/v3/adherents/autocomplete', name: 'api_adherent_autocomplete', methods: ['GET'])]
-#[Security("is_granted('IS_FEATURE_GRANTED', ['team', 'my_team', 'committee'])")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', ['team', 'my_team', 'committee'])")]
 class AdherentAutocompleteController extends AbstractController
 {
     public function __invoke(

src/Controller/Api/AdherentList/CountAdherentController.php

@@ -20,7 +20,7 @@
 use Symfony\Component\Serializer\SerializerInterface;
 
 #[Route(path: '/v3/adherents/count', name: 'app_adherents_count_get', methods: ['GET', 'POST'])]
-#[Security("is_granted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN') and is_granted('IS_FEATURE_GRANTED', ['contacts', 'committee', 'designation'])")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', ['contacts', 'committee', 'designation'])")]
 class CountAdherentController extends AbstractController
 {
     public function __construct(

src/Controller/Api/AdherentMessage/DuplicateMessageController.php

@@ -8,7 +8,7 @@
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Response;
 
-#[Security("is_granted('IS_FEATURE_GRANTED', 'messages') and (data.getAuthor() == user or user.hasDelegatedFromUser(data.getAuthor(), 'messages'))")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (data.getAuthor() == user or user.hasDelegatedFromUser(data.getAuthor(), 'messages'))")]
 class DuplicateMessageController extends AbstractController
 {
     public function __construct(private readonly AdherentMessageManager $manager)

src/Controller/Api/AdherentMessage/SendAdherentMessageController.php

@@ -9,7 +9,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 
-#[Security("is_granted('IS_FEATURE_GRANTED', 'messages') and (message.getAuthor() == user or user.hasDelegatedFromUser(message.getAuthor(), 'messages'))")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (message.getAuthor() == user or user.hasDelegatedFromUser(message.getAuthor(), 'messages'))")]
 class SendAdherentMessageController extends AbstractController
 {
     public function __construct(private readonly AdherentMessageManager $manager)

src/Controller/Api/AdherentMessage/SendTestAdherentMessageController.php

@@ -9,7 +9,7 @@
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Response;
 
-#[Security("is_granted('IS_FEATURE_GRANTED', 'messages') and (message.getAuthor() == user or user.hasDelegatedFromUser(message.getAuthor(), 'messages'))")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (message.getAuthor() == user or user.hasDelegatedFromUser(message.getAuthor(), 'messages'))")]
 class SendTestAdherentMessageController extends AbstractController
 {
     public function __construct(private readonly AdherentMessageManager $manager)

src/Controller/Api/AdherentMessage/UpdateAdherentMessageFilterController.php

@@ -17,7 +17,7 @@
 use Symfony\Component\Serializer\SerializerInterface;
 use Symfony\Component\Validator\Validator\ValidatorInterface;
 
-#[Security("is_granted('IS_FEATURE_GRANTED', 'messages') and (data.getAuthor() == user or user.hasDelegatedFromUser(data.getAuthor(), 'messages'))")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'messages') and (data.getAuthor() == user or user.hasDelegatedFromUser(data.getAuthor(), 'messages'))")]
 class UpdateAdherentMessageFilterController extends AbstractController
 {
     public function __construct(

src/Controller/Api/Committee/GetCommitteesZonesController.php

@@ -11,7 +11,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route(path: '/v3/committees/used-zones', name: 'api_committee_get_used_zones', methods: ['GET'])]
-#[Security("is_granted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN') and is_granted('IS_FEATURE_GRANTED', 'committee')")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'committee')")]
 class GetCommitteesZonesController extends AbstractController
 {
     public function __invoke(ScopeGeneratorResolver $scopeGeneratorResolver, ZoneRepository $zoneRepository): Response

src/Controller/Api/ElectedRepresentative/ElectedRepresentativeListController.php

@@ -15,7 +15,7 @@
 use Symfony\Component\Serializer\Normalizer\DenormalizerInterface;
 
 #[Route(path: '/v3/elected_representatives', name: 'app_elected_representatives_list_get', methods: ['GET'])]
-#[Security("is_granted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN') and is_granted('IS_FEATURE_GRANTED', 'elected_representative')")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'elected_representative')")]
 class ElectedRepresentativeListController extends AbstractController
 {
     public function __construct(

src/Controller/Api/Event/CancelEventController.php

@@ -10,7 +10,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 
-#[Security("is_granted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN') and is_granted('CAN_MANAGE_EVENT', event)")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'events') and is_granted('CAN_MANAGE_EVENT', event)")]
 class CancelEventController extends AbstractController
 {
     public function __invoke(EventCanceledHandler $handler, Request $request, BaseEvent $event): Response

src/Controller/Api/Event/GetEventParticipantsController.php

@@ -14,7 +14,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route(path: '/v3/events/{uuid}/participants.{_format}', name: 'api_events_get_participants', requirements: ['uuid' => '%pattern_uuid%', '_format' => 'json|xlsx'], defaults: ['_format' => 'json'], methods: ['GET'])]
-#[Security("is_granted('REQUEST_SCOPE_GRANTED') and is_granted('IS_FEATURE_GRANTED', 'events') and is_granted('MANAGE_ZONEABLE_ITEM__FOR_SCOPE', event)")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'events') and is_granted('MANAGE_ZONEABLE_ITEM__FOR_SCOPE', event)")]
 class GetEventParticipantsController extends AbstractController
 {
     public function __invoke(

src/Controller/Api/Filter/GetCollectionFiltersController.php

@@ -4,15 +4,15 @@
 
 use App\JMEFilter\FiltersGenerator;
 use App\Scope\ScopeGeneratorResolver;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Routing\Attribute\Route;
 
-#[IsGranted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN')]
 #[Route(path: '/v3/filters', name: 'app_collection_filters_get', methods: ['GET'])]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', ['contacts', 'messages'])")]
 class GetCollectionFiltersController extends AbstractController
 {
     public function __construct(

src/Controller/Api/Jecoute/GetSurveyRepliesController.php

@@ -16,7 +16,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route(path: '/v3/surveys/{uuid}/replies.{_format}', name: 'api_survey_get_survey_replies', methods: ['GET'], requirements: ['uuid' => '%pattern_uuid%', '_format' => 'json|csv|xlsx'], defaults: ['_format' => 'json'])]
-#[Security("is_granted('IS_FEATURE_GRANTED', 'survey') and is_granted('SCOPE_CAN_MANAGE', survey)")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'survey') and is_granted('SCOPE_CAN_MANAGE', survey)")]
 class GetSurveyRepliesController extends AbstractController
 {
     public function __construct(private readonly ScopeGeneratorResolver $scopeGeneratorResolver)

src/Controller/Api/Pap/GetPapCampaignSurveyRepliesController.php

@@ -13,7 +13,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route(path: '/v3/pap_campaigns/{uuid}/replies.{_format}', name: 'api_pap_camapign_get_campaign_survey_replies', methods: ['GET'], requirements: ['uuid' => '%pattern_uuid%', '_format' => 'json|csv|xlsx'], defaults: ['_format' => 'json'])]
-#[Security("is_granted('IS_FEATURE_GRANTED', ['pap_v2', 'pap']) and is_granted('SCOPE_CAN_MANAGE', campaign)")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', ['pap_v2', 'pap']) and is_granted('SCOPE_CAN_MANAGE', campaign)")]
 class GetPapCampaignSurveyRepliesController extends AbstractController
 {
     public function __invoke(

src/Controller/Api/Phoning/GetPhoningCampaignSurveyRepliesController.php

@@ -12,7 +12,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route(path: '/v3/phoning_campaigns/{uuid}/replies.{_format}', name: 'api_phoning_camapign_get_campaign_survey_replies', methods: ['GET'], requirements: ['uuid' => '%pattern_uuid%', '_format' => 'json|csv|xlsx'], defaults: ['_format' => 'json'])]
-#[Security("is_granted('IS_FEATURE_GRANTED', 'phoning_campaign')")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'phoning_campaign')")]
 class GetPhoningCampaignSurveyRepliesController extends AbstractController
 {
     public function __invoke(

src/Controller/Api/Security/GetJWTTokenController.php

@@ -5,13 +5,13 @@
 use App\Entity\OAuth\Client;
 use App\OAuth\JWTTokenGenerator;
 use App\Security\Voter\OAuthClientVoter;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
+use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 
-#[IsGranted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN')]
 #[Route(path: '/v3/sso/jwt/{uuid}', name: 'api_security_get_jwt_token', methods: ['GET'])]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'featurebase')")]
 class GetJWTTokenController extends AbstractController
 {
     public function __invoke(Client $client, JWTTokenGenerator $tokenGenerator): Response

src/Controller/Api/Team/AddTeamMembersController.php

@@ -16,7 +16,7 @@
 use Symfony\Component\Validator\Validator\ValidatorInterface;
 
 #[Route(path: '/v3/teams/{uuid}/add-members', requirements: ['uuid' => '%pattern_uuid%'], name: 'api_team_add_members', methods: ['PUT'])]
-#[Security("is_granted('IS_FEATURE_GRANTED', 'team') and is_granted('SCOPE_CAN_MANAGE', team)")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'team') and is_granted('SCOPE_CAN_MANAGE', team)")]
 class AddTeamMembersController extends AbstractController
 {
     public function __invoke(

src/Controller/Api/Team/RemoveTeamController.php

@@ -12,7 +12,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route(path: '/v3/teams/{uuid}', requirements: ['uuid' => '%pattern_uuid%'], name: 'api_team_remove', methods: ['DELETE'])]
-#[Security("is_granted('IS_FEATURE_GRANTED', 'team') and is_granted('SCOPE_CAN_MANAGE', team)")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'team') and is_granted('SCOPE_CAN_MANAGE', team)")]
 class RemoveTeamController extends AbstractController
 {
     public function __invoke(Team $team, EntityManagerInterface $entityManager): JsonResponse

src/Controller/Api/Team/RemoveTeamMemberController.php

@@ -14,7 +14,7 @@
 
 #[Entity('adherent', expr: 'repository.findOneByUuid(adherent_uuid)')]
 #[Route(path: '/v3/teams/{uuid}/members/{adherent_uuid}', requirements: ['uuid' => '%pattern_uuid%', 'adherent_uuid' => '%pattern_uuid%'], name: 'api_team_remove_member', methods: ['DELETE'])]
-#[Security("is_granted('IS_FEATURE_GRANTED', 'team') and is_granted('SCOPE_CAN_MANAGE', team)")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'team') and is_granted('SCOPE_CAN_MANAGE', team)")]
 class RemoveTeamMemberController extends AbstractController
 {
     public function __invoke(

src/Controller/Api/VotingPlatform/ElectionBallotsController.php

@@ -12,7 +12,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route('/v3/designations/{uuid}/ballots.{_format}', name: 'app_designation_get_ballots', requirements: ['uuid' => '%pattern_uuid%', '_format' => 'json|xlsx'], defaults: ['_format' => 'json'], methods: ['GET'])]
-#[Security("is_granted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN') and is_granted('IS_FEATURE_GRANTED', 'designation')")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'designation')")]
 class ElectionBallotsController extends AbstractController
 {
     public function __invoke(

src/Controller/Api/VotingPlatform/ElectionResultsController.php

@@ -10,7 +10,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route('/v3/designations/{uuid}/results', name: 'app_designation_get_results', methods: ['GET'])]
-#[Security("is_granted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN') and is_granted('IS_FEATURE_GRANTED', 'designation')")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'designation')")]
 class ElectionResultsController extends AbstractController
 {
     public function __invoke(Designation $designation, ElectionRepository $electionRepository): Response

src/Controller/Api/VotingPlatform/ElectionVotersListController.php

@@ -13,7 +13,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 
 #[Route('/v3/designations/{uuid}/voters.{_format}', name: 'app_designation_get_voters', requirements: ['uuid' => '%pattern_uuid%', '_format' => 'json|xlsx'], defaults: ['_format' => 'json'], methods: ['GET'])]
-#[Security("is_granted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN') and is_granted('IS_FEATURE_GRANTED', 'designation')")]
+#[Security("is_granted('REQUEST_SCOPE_GRANTED', 'designation')")]
 class ElectionVotersListController extends AbstractController
 {
     public function __invoke(

src/Entity/Adherent.php

@@ -82,20 +82,20 @@
         new Get(
             uriTemplate: '/adherents/{uuid}/elect',
             requirements: ['uuid' => '%pattern_uuid%'],
-            security: '(is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'elected_representative\')) or (is_granted(\'ROLE_OAUTH_SCOPE_READ:PROFILE\') and object === user)'
+            security: "(is_granted('REQUEST_SCOPE_GRANTED', 'elected_representative')) or (is_granted('ROLE_OAUTH_SCOPE_READ:PROFILE') and object === user)"
         ),
         new Post(
             uriTemplate: '/adherents/{uuid}/send-resubscribe-email',
             requirements: ['uuid' => '%pattern_uuid%'],
             controller: SendResubscribeEmailController::class,
-            security: "is_granted('ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN') and is_granted('IS_FEATURE_GRANTED', 'contacts')",
+            security: "is_granted('REQUEST_SCOPE_GRANTED', 'contacts')",
             deserialize: false,
         ),
         new Put(
             uriTemplate: '/adherents/{uuid}/elect',
             requirements: ['uuid' => '%pattern_uuid%'],
             denormalizationContext: ['groups' => ['adherent_elect_update']],
-            security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'elected_representative\')',
+            security: "is_granted('REQUEST_SCOPE_GRANTED', 'elected_representative')",
             validationContext: ['groups' => ['adherent_elect_update']]
         ),
         new HttpOperation(
@@ -108,7 +108,7 @@
     ],
     routePrefix: '/v3',
     normalizationContext: ['groups' => ['adherent_elect_read']],
-    security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'contacts\')'
+    security: "is_granted('REQUEST_SCOPE_GRANTED', 'contacts')"
 )]
 #[ORM\Entity(repositoryClass: AdherentRepository::class)]
 #[ORM\Index(columns: ['tags'], options: ['lengths' => [512]])]

src/Entity/AdherentFormation/Formation.php

@@ -45,18 +45,18 @@
         new Get(
             uriTemplate: '/formations/{uuid}',
             requirements: ['uuid' => '%pattern_uuid%'],
-            security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'adherent_formations\') and is_granted(\'SCOPE_CAN_MANAGE\', object)'
+            security: "is_granted('REQUEST_SCOPE_GRANTED', 'adherent_formations') and is_granted('SCOPE_CAN_MANAGE', object)"
         ),
         new Put(
             uriTemplate: '/formations/{uuid}',
             requirements: ['uuid' => '%pattern_uuid%'],
-            security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'adherent_formations\') and is_granted(\'SCOPE_CAN_MANAGE\', object)'
+            security: "is_granted('REQUEST_SCOPE_GRANTED', 'adherent_formations') and is_granted('SCOPE_CAN_MANAGE', object)"
         ),
         new Post(
             uriTemplate: '/formations/{uuid}/file',
             requirements: ['uuid' => '%pattern_uuid%'],
             controller: FormationUploadFileController::class,
-            security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'adherent_formations\') and is_granted(\'SCOPE_CAN_MANAGE\', object)'
+            security: "is_granted('REQUEST_SCOPE_GRANTED', 'adherent_formations') and is_granted('SCOPE_CAN_MANAGE', object)"
         ),
         new Get(
             uriTemplate: '/formations/{uuid}/file',
@@ -73,7 +73,7 @@
         new Delete(
             uriTemplate: '/formations/{uuid}',
             requirements: ['uuid' => '%pattern_uuid%'],
-            security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'adherent_formations\') and is_granted(\'SCOPE_CAN_MANAGE\', object)'
+            security: "is_granted('REQUEST_SCOPE_GRANTED', 'adherent_formations') and is_granted('SCOPE_CAN_MANAGE', object)"
         ),
         new GetCollection(
             uriTemplate: '/formations',
@@ -88,7 +88,7 @@
     normalizationContext: ['groups' => ['formation_read']],
     denormalizationContext: ['groups' => ['formation_write']],
     order: ['createdAt' => 'DESC'],
-    security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'adherent_formations\')'
+    security: "is_granted('REQUEST_SCOPE_GRANTED', 'adherent_formations')"
 )]
 #[FormationContent]
 #[ORM\Entity(repositoryClass: FormationRepository::class)]

src/Entity/AdherentMandate/ElectedRepresentativeAdherentMandate.php

@@ -24,19 +24,19 @@
         new Put(
             uriTemplate: '/elected_adherent_mandates/{uuid}',
             requirements: ['uuid' => '%pattern_uuid%'],
-            security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'elected_representative\')'
+            security: "is_granted('REQUEST_SCOPE_GRANTED', 'elected_representative')"
         ),
         new Delete(
             uriTemplate: '/elected_adherent_mandates/{uuid}',
             requirements: ['uuid' => '%pattern_uuid%'],
-            security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'elected_representative\')'
+            security: "is_granted('REQUEST_SCOPE_GRANTED', 'elected_representative')"
         ),
         new Post(uriTemplate: '/elected_adherent_mandates'),
     ],
     routePrefix: '/v3',
     normalizationContext: ['groups' => ['elected_mandate_read']],
     denormalizationContext: ['groups' => ['elected_mandate_write']],
-    security: 'is_granted(\'ROLE_OAUTH_SCOPE_JEMENGAGE_ADMIN\') and is_granted(\'IS_FEATURE_GRANTED\', \'elected_representative\')'
+    security: "is_granted('REQUEST_SCOPE_GRANTED', 'elected_representative')"
 )]
 #[ORM\Entity(repositoryClass: ElectedRepresentativeAdherentMandateRepository::class)]
 class ElectedRepresentativeAdherentMandate extends AbstractAdherentMandate