Untested login

src/Controller/SecurityController.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+
+class SecurityController extends AbstractController
+{
+    #[Route('/login', name: 'app_login')]
+    public function index(): Response
+    {
+        return $this->json([
+            $this->getUser()?->getId() ?? null
+        ]);
+    }
+}

src/Entity/Building.php

@@ -16,8 +16,7 @@ use Symfony\Component\Serializer\Attribute\Groups;
     operations: [
         new Get(normalizationContext: ['groups' => 'building:item']),
         new GetCollection(normalizationContext: ['groups' => 'building:list']),
-        // TODO Security!!
-        new Post(),
+        new Post(security: "is_granted('ROLE_USER')"),
     ],
     order: ['name' => 'DESC'],
     paginationEnabled: false,