mirror of
https://github.com/kevinveenbirkenbach/infinito.git
synced 2025-01-09 22:17:26 +01:00
Implemented SecureEntityChecker
This commit is contained in:
parent
412b26d639
commit
b47003bb52
@ -0,0 +1,35 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Domain\SecureManagement;
|
||||||
|
|
||||||
|
use App\Domain\RequestManagement\Right\RequestedRightInterface;
|
||||||
|
use Doctrine\ORM\EntityManagerInterface;
|
||||||
|
use App\Domain\RightManagement\RightTransformerServiceInterface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author kevinfrantz
|
||||||
|
*/
|
||||||
|
final class SecureEntityChecker implements SecureEntityCheckerInterface
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var RightTransformerServiceInterface
|
||||||
|
*/
|
||||||
|
private $rightTransformerService;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param EntityManagerInterface $entityManager
|
||||||
|
*/
|
||||||
|
public function __construct(RightTransformerServiceInterface $rightTransformerService)
|
||||||
|
{
|
||||||
|
$this->rightTransformerService = $rightTransformerService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function check(RequestedRightInterface $requestedRight): bool
|
||||||
|
{
|
||||||
|
$source = $requestedRight->getSource();
|
||||||
|
$secureSourceChecker = new SecureSourceChecker($source);
|
||||||
|
$transformedRequestedRight = $this->rightTransformerService->transform($requestedRight);
|
||||||
|
|
||||||
|
return $secureSourceChecker->hasPermission($transformedRequestedRight);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,20 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Domain\SecureManagement;
|
||||||
|
|
||||||
|
use App\Domain\RequestManagement\Right\RequestedRightInterface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Allows to check if a RequestedRight is valid.
|
||||||
|
*
|
||||||
|
* @author kevinfrantz
|
||||||
|
*/
|
||||||
|
interface SecureEntityCheckerInterface
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @param RequestedRightInterface $requestedRight
|
||||||
|
*
|
||||||
|
* @return bool If Permission granted true
|
||||||
|
*/
|
||||||
|
public function check(RequestedRightInterface $requestedRight): bool;
|
||||||
|
}
|
@ -0,0 +1,72 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace tests\Unit\Domain\SecureManagement;
|
||||||
|
|
||||||
|
use PHPUnit\Framework\TestCase;
|
||||||
|
use App\Entity\Source\AbstractSource;
|
||||||
|
use App\DBAL\Types\Meta\Right\LayerType;
|
||||||
|
use App\DBAL\Types\Meta\Right\CRUDType;
|
||||||
|
use App\Entity\Meta\Right;
|
||||||
|
use App\Domain\RequestManagement\Right\RequestedRight;
|
||||||
|
use App\Domain\RequestManagement\Entity\RequestedEntityInterface;
|
||||||
|
use App\Domain\SecureManagement\SecureEntityChecker;
|
||||||
|
use App\Domain\RightManagement\RightTransformerService;
|
||||||
|
|
||||||
|
class SecureEntityCheckerTest extends TestCase
|
||||||
|
{
|
||||||
|
public function testGranted(): void
|
||||||
|
{
|
||||||
|
$reciever = new class() extends AbstractSource {
|
||||||
|
};
|
||||||
|
$layer = LayerType::SOURCE;
|
||||||
|
$crud = CRUDType::READ;
|
||||||
|
$source = new class() extends AbstractSource {
|
||||||
|
};
|
||||||
|
$right = new Right();
|
||||||
|
$right->setSource($source);
|
||||||
|
$right->setLayer($layer);
|
||||||
|
$right->setCrud($crud);
|
||||||
|
$right->setReciever($reciever);
|
||||||
|
$source->getLaw()->getRights()->add($right);
|
||||||
|
$requestedRight = new RequestedRight();
|
||||||
|
$requestedRight->setCrud($crud);
|
||||||
|
$requestedRight->setLayer($layer);
|
||||||
|
$requestedRight->setReciever($reciever);
|
||||||
|
$requestedEntity = $this->createMock(RequestedEntityInterface::class);
|
||||||
|
$requestedEntity->method('hasId')->willReturn(true);
|
||||||
|
$requestedEntity->method('getEntity')->willReturn($source);
|
||||||
|
$requestedRight->setRequestedEntity($requestedEntity);
|
||||||
|
$rightTransformerService = new RightTransformerService();
|
||||||
|
$secureEntityChecker = new SecureEntityChecker($rightTransformerService);
|
||||||
|
$result = $secureEntityChecker->check($requestedRight);
|
||||||
|
$this->assertTrue($result);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testNotGranted(): void
|
||||||
|
{
|
||||||
|
$reciever = new class() extends AbstractSource {
|
||||||
|
};
|
||||||
|
$layer = LayerType::SOURCE;
|
||||||
|
$crud = CRUDType::READ;
|
||||||
|
$source = new class() extends AbstractSource {
|
||||||
|
};
|
||||||
|
$right = new Right();
|
||||||
|
$right->setSource($source);
|
||||||
|
$right->setLayer($layer);
|
||||||
|
$right->setCrud(CRUDType::CREATE);
|
||||||
|
$right->setReciever($reciever);
|
||||||
|
$source->getLaw()->getRights()->add($right);
|
||||||
|
$requestedRight = new RequestedRight();
|
||||||
|
$requestedRight->setCrud($crud);
|
||||||
|
$requestedRight->setLayer($layer);
|
||||||
|
$requestedRight->setReciever($reciever);
|
||||||
|
$requestedEntity = $this->createMock(RequestedEntityInterface::class);
|
||||||
|
$requestedEntity->method('hasId')->willReturn(true);
|
||||||
|
$requestedEntity->method('getEntity')->willReturn($source);
|
||||||
|
$requestedRight->setRequestedEntity($requestedEntity);
|
||||||
|
$rightTransformerService = new RightTransformerService();
|
||||||
|
$secureEntityChecker = new SecureEntityChecker($rightTransformerService);
|
||||||
|
$result = $secureEntityChecker->check($requestedRight);
|
||||||
|
$this->assertFalse($result);
|
||||||
|
}
|
||||||
|
}
|
@ -1,6 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
namespace Tests\Unit\Domain\SecureSourceManagement;
|
namespace Tests\Unit\Domain\SecureManagement;
|
||||||
|
|
||||||
use PHPUnit\Framework\TestCase;
|
use PHPUnit\Framework\TestCase;
|
||||||
use App\Entity\Source\SourceInterface;
|
use App\Entity\Source\SourceInterface;
|
Loading…
Reference in New Issue
Block a user