Merge pull request #33 from moufmouf/userinterface_usage

moufmouf · web-flow · commit db5b5d2c85d4 · 2019-09-26T15:08:58.000+02:00
Adapting code for the new @Security annotation
diff --git a/DependencyInjection/GraphqliteCompilerPass.php b/DependencyInjection/GraphqliteCompilerPass.php
@@ -200,14 +200,14 @@ public function process(ContainerBuilder $container)
         foreach ($controllersNamespaces as $controllersNamespace) {
             $schemaFactory->addMethodCall('addControllerNamespace', [ $controllersNamespace ]);
             foreach ($this->getClassList($controllersNamespace) as $className => $refClass) {
-                $this->makePublicInjectedServices($refClass, $reader, $container);
+                $this->makePublicInjectedServices($refClass, $reader, $container, true);
             }
         }
 
         foreach ($typesNamespaces as $typeNamespace) {
             $schemaFactory->addMethodCall('addTypeNamespace', [ $typeNamespace ]);
             foreach ($this->getClassList($typeNamespace) as $className => $refClass) {
-                $this->makePublicInjectedServices($refClass, $reader, $container);
+                $this->makePublicInjectedServices($refClass, $reader, $container, false);
             }
         }
 
@@ -273,13 +273,16 @@ private function mapAdderToTag(string $tag, string $methodName, ContainerBuilder
         }
     }
 
-    private function makePublicInjectedServices(ReflectionClass $refClass, AnnotationReader $reader, ContainerBuilder $container): void
+    private function makePublicInjectedServices(ReflectionClass $refClass, AnnotationReader $reader, ContainerBuilder $container, bool $isController): void
     {
-        $services = $this->getCodeCache()->get($refClass, function() use ($refClass, $reader, $container) {
+        $services = $this->getCodeCache()->get($refClass, function() use ($refClass, $reader, $container, $isController) {
             $services = [];
             foreach ($refClass->getMethods() as $method) {
                 $field = $reader->getRequestAnnotation($method, AbstractRequest::class);
                 if ($field !== null) {
+                    if ($isController) {
+                        $services[$refClass->getName()] = $refClass->getName();
+                    }
                     $services += $this->getListOfInjectedServices($method, $container);
                 }
             }
diff --git a/Security/AuthenticationService.php b/Security/AuthenticationService.php
@@ -5,6 +5,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use TheCodingMachine\GraphQLite\Security\AuthenticationServiceInterface;
+use function is_object;
 
 class AuthenticationService implements AuthenticationServiceInterface
 {
@@ -24,21 +25,30 @@ public function __construct(?TokenStorageInterface $tokenStorage)
      * @return bool
      */
     public function isLogged(): bool
+    {
+        return $this->getUser() !== null;
+    }
+
+    /**
+     * Returns an object representing the current logged user.
+     * Can return null if the user is not logged.
+     */
+    public function getUser(): ?object
     {
         if ($this->tokenStorage === null) {
             throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');
         }
 
         $token = $this->tokenStorage->getToken();
         if (null === $token) {
-            return false;
+            return null;
         }
 
-        if (!\is_object($token->getUser())) {
+        $user = $token->getUser();
+        if (!\is_object($user)) {
             // e.g. anonymous authentication
-            return false;
+            return null;
         }
-
-        return true;
+        return $user;
     }
 }
diff --git a/Security/AuthorizationService.php b/Security/AuthorizationService.php
@@ -28,10 +28,9 @@ public function __construct(?AuthorizationCheckerInterface $authorizationChecker
     /**
      * Returns true if the "current" user has access to the right "$right"
      *
-     * @param string $right
-     * @return bool
+     * @param mixed $subject The scope this right applies on. $subject is typically an object or a FQCN. Set $subject to "null" if the right is global.
      */
-    public function isAllowed(string $right): bool
+    public function isAllowed(string $right, $subject = null): bool
     {
         if ($this->authorizationChecker === null || $this->tokenStorage === null) {
             throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');
@@ -42,6 +41,6 @@ public function isAllowed(string $right): bool
             return false;
         }
 
-        return $this->authorizationChecker->isGranted($right);
+        return $this->authorizationChecker->isGranted($right, $subject);
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -200,14 +200,14 @@ public function process(ContainerBuilder $container)`
`200`	`200`	`foreach ($controllersNamespaces as $controllersNamespace) {`
`201`	`201`	`$schemaFactory->addMethodCall('addControllerNamespace', [ $controllersNamespace ]);`
`202`	`202`	`foreach ($this->getClassList($controllersNamespace) as $className => $refClass) {`
`203`		`- $this->makePublicInjectedServices($refClass, $reader, $container);`
	`203`	`+ $this->makePublicInjectedServices($refClass, $reader, $container, true);`
`204`	`204`	`}`
`205`	`205`	`}`
`206`	`206`
`207`	`207`	`foreach ($typesNamespaces as $typeNamespace) {`
`208`	`208`	`$schemaFactory->addMethodCall('addTypeNamespace', [ $typeNamespace ]);`
`209`	`209`	`foreach ($this->getClassList($typeNamespace) as $className => $refClass) {`
`210`		`- $this->makePublicInjectedServices($refClass, $reader, $container);`
	`210`	`+ $this->makePublicInjectedServices($refClass, $reader, $container, false);`
`211`	`211`	`}`
`212`	`212`	`}`
`213`	`213`
`@@ -273,13 +273,16 @@ private function mapAdderToTag(string $tag, string $methodName, ContainerBuilder`
`273`	`273`	`}`
`274`	`274`	`}`
`275`	`275`
`276`		`- private function makePublicInjectedServices(ReflectionClass $refClass, AnnotationReader $reader, ContainerBuilder $container): void`
	`276`	`+ private function makePublicInjectedServices(ReflectionClass $refClass, AnnotationReader $reader, ContainerBuilder $container, bool $isController): void`
`277`	`277`	`{`
`278`		`- $services = $this->getCodeCache()->get($refClass, function() use ($refClass, $reader, $container) {`
	`278`	`+ $services = $this->getCodeCache()->get($refClass, function() use ($refClass, $reader, $container, $isController) {`
`279`	`279`	`$services = [];`
`280`	`280`	`foreach ($refClass->getMethods() as $method) {`
`281`	`281`	`$field = $reader->getRequestAnnotation($method, AbstractRequest::class);`
`282`	`282`	`if ($field !== null) {`
	`283`	`+ if ($isController) {`
	`284`	`+ $services[$refClass->getName()] = $refClass->getName();`
	`285`	`+ }`
`283`	`286`	`$services += $this->getListOfInjectedServices($method, $container);`
`284`	`287`	`}`
`285`	`288`	`}`
Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,7 @@`
`5`	`5`
`6`	`6`	`use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
`7`	`7`	`use TheCodingMachine\GraphQLite\Security\AuthenticationServiceInterface;`
	`8`	`+use function is_object;`
`8`	`9`
`9`	`10`	`class AuthenticationService implements AuthenticationServiceInterface`
`10`	`11`	`{`
`@@ -24,21 +25,30 @@ public function __construct(?TokenStorageInterface $tokenStorage)`
`24`	`25`	`* @return bool`
`25`	`26`	`*/`
`26`	`27`	`public function isLogged(): bool`
	`28`	`+ {`
	`29`	`+ return $this->getUser() !== null;`
	`30`	`+ }`
	`31`	`+`
	`32`	`+ /**`
	`33`	`+ * Returns an object representing the current logged user.`
	`34`	`+ * Can return null if the user is not logged.`
	`35`	`+ */`
	`36`	`+ public function getUser(): ?object`
`27`	`37`	`{`
`28`	`38`	`if ($this->tokenStorage === null) {`
`29`	`39`	`throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');`
`30`	`40`	`}`
`31`	`41`
`32`	`42`	`$token = $this->tokenStorage->getToken();`
`33`	`43`	`if (null === $token) {`
`34`		`- return false;`
	`44`	`+ return null;`
`35`	`45`	`}`
`36`	`46`
`37`		`- if (!\is_object($token->getUser())) {`
	`47`	`+ $user = $token->getUser();`
	`48`	`+ if (!\is_object($user)) {`
`38`	`49`	`// e.g. anonymous authentication`
`39`		`- return false;`
	`50`	`+ return null;`
`40`	`51`	`}`
`41`		`-`
`42`		`- return true;`
	`52`	`+ return $user;`
`43`	`53`	`}`
`44`	`54`	`}`
Original file line number	Diff line number	Diff line change
`@@ -28,10 +28,9 @@ public function __construct(?AuthorizationCheckerInterface $authorizationChecker`
`28`	`28`	`/**`
`29`	`29`	`* Returns true if the "current" user has access to the right "$right"`
`30`	`30`	`*`
`31`		`- * @param string $right`
`32`		`- * @return bool`
	`31`	`+ * @param mixed $subject The scope this right applies on. $subject is typically an object or a FQCN. Set $subject to "null" if the right is global.`
`33`	`32`	`*/`
`34`		`- public function isAllowed(string $right): bool`
	`33`	`+ public function isAllowed(string $right, $subject = null): bool`
`35`	`34`	`{`
`36`	`35`	`if ($this->authorizationChecker === null \|\| $this->tokenStorage === null) {`
`37`	`36`	`throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');`
`@@ -42,6 +41,6 @@ public function isAllowed(string $right): bool`
`42`	`41`	`return false;`
`43`	`42`	`}`
`44`	`43`
`45`		`- return $this->authorizationChecker->isGranted($right);`
	`44`	`+ return $this->authorizationChecker->isGranted($right, $subject);`
`46`	`45`	`}`
`47`	`46`	`}`