fix: refactor protection of data imported from producers

[stephanegigandet]

This PR solves some issues from #6816

• Protection on the web now works (bug fixed)
• Protection in the API is more precise (only fields sent by the producer are protected)
• Started to refactor so that the protection works the same way in the API and on the web
• Added tests to verify that the protection works as intended

[github-advanced-security]

You have successfully added a new SonarCloud configuration ``. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

[codecov-commenter]

Codecov Report

Merging #8274 (e4d58c7) into main (bfc1fe2) will decrease coverage by 0.01%.
The diff coverage is 38.46%.

@@            Coverage Diff             @@
##             main    #8274      +/-   ##
==========================================
- Coverage   46.61%   46.60%   -0.01%     
==========================================
  Files         106      106              
  Lines       20787    20797      +10     
  Branches     4696     4699       +3     
==========================================
+ Hits         9689     9692       +3     
- Misses       9946     9953       +7     
  Partials     1152     1152              

Impacted Files	Coverage Δ
lib/ProductOpener/TestDefaults.pm	100.00% <ø> (ø)
lib/ProductOpener/Food.pm	61.15% <25.00%> (-0.15%)	⬇️
lib/ProductOpener/APIProductWrite.pm	17.77% <28.57%> (+0.91%)	⬆️
lib/ProductOpener/Products.pm	42.37% <100.00%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[alexgarel]

Really cool implementation.

I have some comments. The most important being about the 1 year rule.

Also it would be great if we could act on the web form (and the mobile form) to avoid users to try to modify those fields if they can't ! I see a lot of complaints coming.

[alexgarel]

You did not test,if it works for moderators on protected products.

[stephanegigandet]

@alexgarel I added some tests for moderators.

[stephanegigandet]

Also it would be great if we could act on the web form (and the mobile form) to avoid users to try to modify those fields if they can't ! I see a lot of complaints coming.

Related:
#6721
#2012

And I filed #8282

[alexgarel]

Strange that strings strikes back ☹️

[alexgarel]

Cool.

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information