mirror of
https://github.com/kevinveenbirkenbach/infinito.git
synced 2025-01-10 06:27:24 +01:00
Refactored, optimized and implemented Draft for SecureSourceLoader
This commit is contained in:
parent
8a5845daa9
commit
fa87ed8606
@ -8,6 +8,8 @@ use App\DBAL\Types\SystemSlugType;
|
|||||||
use App\Entity\Source\AbstractSource;
|
use App\Entity\Source\AbstractSource;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* This controller offers the standart routes for the template.
|
||||||
|
*
|
||||||
* @author kevinfrantz
|
* @author kevinfrantz
|
||||||
*/
|
*/
|
||||||
class DefaultController extends AbstractEntityController
|
class DefaultController extends AbstractEntityController
|
||||||
|
@ -147,14 +147,14 @@ final class LawPermissionCheckerService implements LawPermissionCheckerServiceIn
|
|||||||
$this->law = $law;
|
$this->law = $law;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function hasPermission(RightInterface $client): bool
|
public function hasPermission(RightInterface $clientRight): bool
|
||||||
{
|
{
|
||||||
$rights = clone $this->law->getRights();
|
$rights = clone $this->law->getRights();
|
||||||
$rights = $this->getRightsByType($rights, $client->getType());
|
$rights = $this->getRightsByType($rights, $clientRight->getType());
|
||||||
$rights = $this->getRightsByLayer($rights, $client->getLayer());
|
$rights = $this->getRightsByLayer($rights, $clientRight->getLayer());
|
||||||
$rights = $this->getRightsByReciever($rights, $client->getReciever());
|
$rights = $this->getRightsByReciever($rights, $clientRight->getReciever());
|
||||||
$rights = $this->sortByPriority($rights);
|
$rights = $this->sortByPriority($rights);
|
||||||
|
|
||||||
return $this->isGranted($rights, $client);
|
return $this->isGranted($rights, $clientRight);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -16,5 +16,5 @@ interface LawPermissionCheckerServiceInterface
|
|||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function hasPermission(RightInterface $client): bool;
|
public function hasPermission(RightInterface $clientRight): bool;
|
||||||
}
|
}
|
||||||
|
@ -0,0 +1,82 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Domain\SecureLoadManagement;
|
||||||
|
|
||||||
|
use App\Entity\Source\SourceInterface;
|
||||||
|
use App\Entity\Meta\RightInterface;
|
||||||
|
use App\Domain\LawManagement\LawPermissionCheckerService;
|
||||||
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||||
|
use Doctrine\Common\Persistence\ObjectRepository;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author kevinfrantz
|
||||||
|
*/
|
||||||
|
final class SecureSourceLoader implements SecureSourceLoaderInterface
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @todo It would be better to specify the type
|
||||||
|
*
|
||||||
|
* @var ObjectRepository
|
||||||
|
*/
|
||||||
|
private $sourceRepository;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The source attribute of the right needs a slug OR id.
|
||||||
|
*
|
||||||
|
* @var RightInterface the right which is requested
|
||||||
|
*/
|
||||||
|
private $requestedRight;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param SourceInterface $source
|
||||||
|
*
|
||||||
|
* @return RightInterface
|
||||||
|
*/
|
||||||
|
private function getClonedRightWithModifiedSource(SourceInterface $source): RightInterface
|
||||||
|
{
|
||||||
|
$requestedRight = clone $this->requestedRight;
|
||||||
|
$requestedRight->setSource($source);
|
||||||
|
|
||||||
|
return $requestedRight;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return SourceInterface
|
||||||
|
*/
|
||||||
|
private function loadSource(): SourceInterface
|
||||||
|
{
|
||||||
|
try {
|
||||||
|
return $this->sourceRepository->find($this->requestedRight->getSource()->getId());
|
||||||
|
} catch (\Error $error) {
|
||||||
|
return $this->sourceRepository->findOneBy(['slug' => $this->requestedRight->getSource()->getSlug()]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private function hasPermission(SourceInterface $source): bool
|
||||||
|
{
|
||||||
|
$requestedRight = $this->getClonedRightWithModifiedSource($source);
|
||||||
|
$law = new LawPermissionCheckerService($source->getLaw());
|
||||||
|
|
||||||
|
return $law->hasPermission($requestedRight);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function __construct(ObjectRepository $sourceRepository, RightInterface $requestedRight)
|
||||||
|
{
|
||||||
|
$this->sourceRepository = $sourceRepository;
|
||||||
|
$this->requestedRight = $requestedRight;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*
|
||||||
|
* @see \App\Domain\SecureLoadManagement\SecureSourceLoaderInterface::getSource()
|
||||||
|
*/
|
||||||
|
public function getSource(): SourceInterface
|
||||||
|
{
|
||||||
|
$source = $this->loadSource();
|
||||||
|
if ($this->hasPermission($source)) {
|
||||||
|
return $source;
|
||||||
|
}
|
||||||
|
throw new AccessDeniedHttpException();
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,19 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Domain\SecureLoadManagement;
|
||||||
|
|
||||||
|
use App\Entity\Source\SourceInterface;
|
||||||
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author kevinfrantz
|
||||||
|
*/
|
||||||
|
interface SecureSourceLoaderInterface
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @throws AccessDeniedHttpException
|
||||||
|
*
|
||||||
|
* @return SourceInterface
|
||||||
|
*/
|
||||||
|
public function getSource(): SourceInterface;
|
||||||
|
}
|
@ -1,6 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
namespace Tests\Unit\Domain\SourceManagement;
|
namespace Tests\Unit\Domain\MemberManagement;
|
||||||
|
|
||||||
use PHPUnit\Framework\TestCase;
|
use PHPUnit\Framework\TestCase;
|
||||||
use App\Domain\MemberManagement\MemberManagerInterface;
|
use App\Domain\MemberManagement\MemberManagerInterface;
|
@ -0,0 +1,70 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Tests\Unit\Domain\SecureLoadManagement;
|
||||||
|
|
||||||
|
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
|
||||||
|
use Doctrine\Common\Persistence\ObjectRepository;
|
||||||
|
use App\Entity\Source\AbstractSource;
|
||||||
|
use Symfony\Component\HttpKernel\KernelInterface;
|
||||||
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||||
|
use App\Domain\SecureLoadManagement\SecureSourceLoader;
|
||||||
|
use App\Entity\Source\Primitive\Text\TextSource;
|
||||||
|
use App\DBAL\Types\SystemSlugType;
|
||||||
|
use App\Entity\Meta\Right;
|
||||||
|
use App\DBAL\Types\LayerType;
|
||||||
|
use App\DBAL\Types\RightType;
|
||||||
|
use App\Entity\Source\Complex\UserSource;
|
||||||
|
use App\Entity\Source\Primitive\Text\TextSourceInterface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author kevinfrantz
|
||||||
|
*
|
||||||
|
* @todo Implement more tests
|
||||||
|
*/
|
||||||
|
class SecureSourceLoaderTest extends KernelTestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var ObjectRepository
|
||||||
|
*/
|
||||||
|
private $sourceRepository;
|
||||||
|
|
||||||
|
public function setUp(): void
|
||||||
|
{
|
||||||
|
$kernel = self::bootKernel();
|
||||||
|
$this->setSourceRepository($kernel);
|
||||||
|
}
|
||||||
|
|
||||||
|
private function setSourceRepository(KernelInterface $kernel): void
|
||||||
|
{
|
||||||
|
$this->sourceRepository = $kernel->getContainer()
|
||||||
|
->get('doctrine')
|
||||||
|
->getManager()->getRepository(AbstractSource::class);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testAccessDeniedException(): void
|
||||||
|
{
|
||||||
|
$requestedSource = new TextSource();
|
||||||
|
$requestedSource->setSlug(SystemSlugType::IMPRINT);
|
||||||
|
$requestedRight = new Right();
|
||||||
|
$requestedRight->setSource($requestedSource);
|
||||||
|
$requestedRight->setLayer(LayerType::SOURCE);
|
||||||
|
$requestedRight->setType(RightType::READ);
|
||||||
|
$requestedRight->setReciever(new UserSource());
|
||||||
|
$secureSourceLoader = new SecureSourceLoader($this->sourceRepository, $requestedRight);
|
||||||
|
$this->expectException(AccessDeniedHttpException::class);
|
||||||
|
$secureSourceLoader->getSource();
|
||||||
|
}
|
||||||
|
|
||||||
|
// public function testGranted(): void
|
||||||
|
// {
|
||||||
|
// $requestedSource = new TextSource();
|
||||||
|
// $requestedSource->setSlug(SystemSlugType::IMPRINT);
|
||||||
|
// $requestedRight = new Right();
|
||||||
|
// $requestedRight->setSource($requestedSource);
|
||||||
|
// $requestedRight->setLayer(LayerType::SOURCE);
|
||||||
|
// $requestedRight->setType(RightType::READ);
|
||||||
|
// $requestedRight->setReciever($this->sourceRepository->findOneBy(['slug' => SystemSlugType::GUEST_USER]));
|
||||||
|
// $secureSourceLoader = new SecureSourceLoader($this->sourceRepository, $requestedRight);
|
||||||
|
// $this->assertInstanceOf(TextSourceInterface::class, $secureSourceLoader->getSource());
|
||||||
|
// }
|
||||||
|
}
|
@ -3,7 +3,6 @@
|
|||||||
namespace tests\Unit\Repository;
|
namespace tests\Unit\Repository;
|
||||||
|
|
||||||
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
|
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
|
||||||
use Doctrine\ORM\EntityManager;
|
|
||||||
use Doctrine\ORM\EntityRepository;
|
use Doctrine\ORM\EntityRepository;
|
||||||
use App\Entity\Meta\RightInterface;
|
use App\Entity\Meta\RightInterface;
|
||||||
use App\Entity\Meta\Right;
|
use App\Entity\Meta\Right;
|
||||||
@ -11,6 +10,7 @@ use App\DBAL\Types\LayerType;
|
|||||||
use App\DBAL\Types\RightType;
|
use App\DBAL\Types\RightType;
|
||||||
use App\Entity\Meta\Law;
|
use App\Entity\Meta\Law;
|
||||||
use App\Entity\Meta\LawInterface;
|
use App\Entity\Meta\LawInterface;
|
||||||
|
use Doctrine\ORM\EntityManagerInterface;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @todo specify tests for all attributes
|
* @todo specify tests for all attributes
|
||||||
@ -22,29 +22,29 @@ class RightRepositoryTest extends KernelTestCase
|
|||||||
const PRIORITY = 123;
|
const PRIORITY = 123;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var EntityManager
|
* @var EntityManagerInterface
|
||||||
*/
|
*/
|
||||||
protected $entityManager;
|
private $entityManager;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var EntityRepository
|
* @var EntityRepository
|
||||||
*/
|
*/
|
||||||
protected $rightRepository;
|
private $rightRepository;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var RightInterface
|
* @var RightInterface
|
||||||
*/
|
*/
|
||||||
protected $loadedRight;
|
private $loadedRight;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var RightInterface
|
* @var RightInterface
|
||||||
*/
|
*/
|
||||||
protected $right;
|
private $right;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var LawInterface
|
* @var LawInterface
|
||||||
*/
|
*/
|
||||||
protected $law;
|
private $law;
|
||||||
|
|
||||||
public function setUp(): void
|
public function setUp(): void
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user