User's Auth Roles not persisted

[kochen]

The User's Auth Roles are not persisted.
To fix that, we should add:
Infrastructure/SecurityBundle/Resources/config/persistence/ValueObject/AuthUser.orm.yml

    roles:
      type: json_array
      nullable: false

The UI/Controller tests check for an array in the role attribute response but do not check the content.
The Domain/User/testGetters doesn't test it at all, but testing it there will always pass, as it is set in the User entity.
Maybe it could be tested on the Infrastructure/Persistence level?

[jorge07]

Well, right now there is not possible to add or remove roles. Thats why I didn't persist it.
But why not, maybe it's a good moment to add it.
We'll have to add some method for add or remove in the AuthUser object and maybe a promote and demote method in the User model, to pass de role you wanna grant or remove and add some unit tests.
After that the persistence that it's already on your PR => #31

And I think It could be a good idea have a command to perform this roles operations.

Make sense to you?

[kochen]

yes, with the exception that add/remove is practically the same as promote/demote, especially with hierarchical roles (the later being more explanatory to what they actually do, but less flexible).

if you could help out with the tests, I could add the functionality to the PR.

[jorge07]

Cool, let's do it