kevinveenbirkenbach/infinito
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/infinito.git synced 2025-01-09 22:17:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactored, optimized and implemented Draft for SecureSourceLoader

Browse Source
This commit is contained in:
Kevin Frantz 2019-01-01 00:16:43 +01:00
parent 8a5845daa9
commit fa87ed8606
8 changed files with 187 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
application/src/Controller/DefaultController.php
View File

@ -8,6 +8,8 @@ use App\DBAL\Types\SystemSlugType;
use App\Entity\Source\AbstractSource; use App\Entity\Source\AbstractSource;
/** /**
* This controller offers the standart routes for the template.
*
* @author kevinfrantz * @author kevinfrantz
*/ */
class DefaultController extends AbstractEntityController class DefaultController extends AbstractEntityController

10
application/src/Domain/LawManagement/LawPermissionCheckerService.php
View File

@ -147,14 +147,14 @@ final class LawPermissionCheckerService implements LawPermissionCheckerServiceIn
$this->law = $law; $this->law = $law;
} }
public function hasPermission(RightInterface $client): bool public function hasPermission(RightInterface $clientRight): bool
{ {
$rights = clone $this->law->getRights(); $rights = clone $this->law->getRights();
$rights = $this->getRightsByType($rights, $client->getType()); $rights = $this->getRightsByType($rights, $clientRight->getType());
$rights = $this->getRightsByLayer($rights, $client->getLayer()); $rights = $this->getRightsByLayer($rights, $clientRight->getLayer());
$rights = $this->getRightsByReciever($rights, $client->getReciever()); $rights = $this->getRightsByReciever($rights, $clientRight->getReciever());
$rights = $this->sortByPriority($rights); $rights = $this->sortByPriority($rights);
return $this->isGranted($rights, $client); return $this->isGranted($rights, $clientRight);
} }
} }

2
application/src/Domain/LawManagement/LawPermissionCheckerServiceInterface.php
View File

@ -16,5 +16,5 @@ interface LawPermissionCheckerServiceInterface
* *
* @return bool * @return bool
*/ */
public function hasPermission(RightInterface $client): bool; public function hasPermission(RightInterface $clientRight): bool;
} }

82
application/src/Domain/SecureLoadManagement/SecureSourceLoader.php Normal file
View File

@ -0,0 +1,82 @@
<?php
namespace App\Domain\SecureLoadManagement;
use App\Entity\Source\SourceInterface;
use App\Entity\Meta\RightInterface;
use App\Domain\LawManagement\LawPermissionCheckerService;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Doctrine\Common\Persistence\ObjectRepository;
/**
* @author kevinfrantz
*/
final class SecureSourceLoader implements SecureSourceLoaderInterface
{
/**
* @todo It would be better to specify the type
*
* @var ObjectRepository
*/
private $sourceRepository;
/**
* The source attribute of the right needs a slug OR id.
*
* @var RightInterface the right which is requested
*/
private $requestedRight;
/**
* @param SourceInterface $source
*
* @return RightInterface
*/
private function getClonedRightWithModifiedSource(SourceInterface $source): RightInterface
{
$requestedRight = clone $this->requestedRight;
$requestedRight->setSource($source);
return $requestedRight;
}
/**
* @return SourceInterface
*/
private function loadSource(): SourceInterface
{
try {
return $this->sourceRepository->find($this->requestedRight->getSource()->getId());
} catch (\Error $error) {
return $this->sourceRepository->findOneBy(['slug' => $this->requestedRight->getSource()->getSlug()]);
}
}
private function hasPermission(SourceInterface $source): bool
{
$requestedRight = $this->getClonedRightWithModifiedSource($source);
$law = new LawPermissionCheckerService($source->getLaw());
return $law->hasPermission($requestedRight);
}
public function __construct(ObjectRepository $sourceRepository, RightInterface $requestedRight)
{
$this->sourceRepository = $sourceRepository;
$this->requestedRight = $requestedRight;
}
/**
* {@inheritdoc}
*
* @see \App\Domain\SecureLoadManagement\SecureSourceLoaderInterface::getSource()
*/
public function getSource(): SourceInterface
{
$source = $this->loadSource();
if ($this->hasPermission($source)) {
return $source;
}
throw new AccessDeniedHttpException();
}
}

19
application/src/Domain/SecureLoadManagement/SecureSourceLoaderInterface.php Normal file
View File

@ -0,0 +1,19 @@
<?php
namespace App\Domain\SecureLoadManagement;
use App\Entity\Source\SourceInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
/**
* @author kevinfrantz
*/
interface SecureSourceLoaderInterface
{
/**
* @throws AccessDeniedHttpException
*
* @return SourceInterface
*/
public function getSource(): SourceInterface;
}

2
application/tests/Unit/Domain/MemberManager/MemberManagerTest.php → application/tests/Unit/Domain/MemberManagement/MemberManagerTest.php
View File

@ -1,6 +1,6 @@
<?php <?php
namespace Tests\Unit\Domain\SourceManagement; namespace Tests\Unit\Domain\MemberManagement;
use PHPUnit\Framework\TestCase; use PHPUnit\Framework\TestCase;
use App\Domain\MemberManagement\MemberManagerInterface; use App\Domain\MemberManagement\MemberManagerInterface;

70
application/tests/Unit/Domain/SecureLoadManagement/SecureSourceLoaderTest.php Normal file
View File

@ -0,0 +1,70 @@
<?php
namespace Tests\Unit\Domain\SecureLoadManagement;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
use Doctrine\Common\Persistence\ObjectRepository;
use App\Entity\Source\AbstractSource;
use Symfony\Component\HttpKernel\KernelInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use App\Domain\SecureLoadManagement\SecureSourceLoader;
use App\Entity\Source\Primitive\Text\TextSource;
use App\DBAL\Types\SystemSlugType;
use App\Entity\Meta\Right;
use App\DBAL\Types\LayerType;
use App\DBAL\Types\RightType;
use App\Entity\Source\Complex\UserSource;
use App\Entity\Source\Primitive\Text\TextSourceInterface;
/**
* @author kevinfrantz
*
* @todo Implement more tests
*/
class SecureSourceLoaderTest extends KernelTestCase
{
/**
* @var ObjectRepository
*/
private $sourceRepository;
public function setUp(): void
{
$kernel = self::bootKernel();
$this->setSourceRepository($kernel);
}
private function setSourceRepository(KernelInterface $kernel): void
{
$this->sourceRepository = $kernel->getContainer()
->get('doctrine')
->getManager()->getRepository(AbstractSource::class);
}
public function testAccessDeniedException(): void
{
$requestedSource = new TextSource();
$requestedSource->setSlug(SystemSlugType::IMPRINT);
$requestedRight = new Right();
$requestedRight->setSource($requestedSource);
$requestedRight->setLayer(LayerType::SOURCE);
$requestedRight->setType(RightType::READ);
$requestedRight->setReciever(new UserSource());
$secureSourceLoader = new SecureSourceLoader($this->sourceRepository, $requestedRight);
$this->expectException(AccessDeniedHttpException::class);
$secureSourceLoader->getSource();
}
// public function testGranted(): void
// {
// $requestedSource = new TextSource();
// $requestedSource->setSlug(SystemSlugType::IMPRINT);
// $requestedRight = new Right();
// $requestedRight->setSource($requestedSource);
// $requestedRight->setLayer(LayerType::SOURCE);
// $requestedRight->setType(RightType::READ);
// $requestedRight->setReciever($this->sourceRepository->findOneBy(['slug' => SystemSlugType::GUEST_USER]));
// $secureSourceLoader = new SecureSourceLoader($this->sourceRepository, $requestedRight);
// $this->assertInstanceOf(TextSourceInterface::class, $secureSourceLoader->getSource());
// }
}

14
application/tests/Unit/Repository/RightRepositoryTest.php
View File

@ -3,7 +3,6 @@
namespace tests\Unit\Repository; namespace tests\Unit\Repository;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase; use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
use Doctrine\ORM\EntityManager;
use Doctrine\ORM\EntityRepository; use Doctrine\ORM\EntityRepository;
use App\Entity\Meta\RightInterface; use App\Entity\Meta\RightInterface;
use App\Entity\Meta\Right; use App\Entity\Meta\Right;
@ -11,6 +10,7 @@ use App\DBAL\Types\LayerType;
use App\DBAL\Types\RightType; use App\DBAL\Types\RightType;
use App\Entity\Meta\Law; use App\Entity\Meta\Law;
use App\Entity\Meta\LawInterface; use App\Entity\Meta\LawInterface;
use Doctrine\ORM\EntityManagerInterface;
/** /**
* @todo specify tests for all attributes * @todo specify tests for all attributes
@ -22,29 +22,29 @@ class RightRepositoryTest extends KernelTestCase
const PRIORITY = 123; const PRIORITY = 123;
/** /**
* @var EntityManager * @var EntityManagerInterface
*/ */
protected $entityManager; private $entityManager;
/** /**
* @var EntityRepository * @var EntityRepository
*/ */
protected $rightRepository; private $rightRepository;
/** /**
* @var RightInterface * @var RightInterface
*/ */
protected $loadedRight; private $loadedRight;
/** /**
* @var RightInterface * @var RightInterface
*/ */
protected $right; private $right;
/** /**
* @var LawInterface * @var LawInterface
*/ */
protected $law; private $law;
public function setUp(): void public function setUp(): void
{ {