Adapting code for the new @Security annotation

moufmouf · moufmouf · commit f342629110d6 · 2019-09-26T15:01:10.000+02:00
diff --git a/Security/AuthenticationService.php b/Security/AuthenticationService.php
@@ -5,6 +5,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use TheCodingMachine\GraphQLite\Security\AuthenticationServiceInterface;
+use function is_object;
 
 class AuthenticationService implements AuthenticationServiceInterface
 {
@@ -24,21 +25,30 @@ public function __construct(?TokenStorageInterface $tokenStorage)
      * @return bool
      */
     public function isLogged(): bool
+    {
+        return $this->getUser() !== null;
+    }
+
+    /**
+     * Returns an object representing the current logged user.
+     * Can return null if the user is not logged.
+     */
+    public function getUser(): ?object
     {
         if ($this->tokenStorage === null) {
             throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');
         }
 
         $token = $this->tokenStorage->getToken();
         if (null === $token) {
-            return false;
+            return null;
         }
 
-        if (!\is_object($token->getUser())) {
+        $user = $token->getUser();
+        if (!\is_object($user)) {
             // e.g. anonymous authentication
-            return false;
+            return null;
         }
-
-        return true;
+        return $user;
     }
 }
diff --git a/Security/AuthorizationService.php b/Security/AuthorizationService.php
@@ -28,10 +28,9 @@ public function __construct(?AuthorizationCheckerInterface $authorizationChecker
     /**
      * Returns true if the "current" user has access to the right "$right"
      *
-     * @param string $right
-     * @return bool
+     * @param mixed $subject The scope this right applies on. $subject is typically an object or a FQCN. Set $subject to "null" if the right is global.
      */
-    public function isAllowed(string $right): bool
+    public function isAllowed(string $right, $subject = null): bool
     {
         if ($this->authorizationChecker === null || $this->tokenStorage === null) {
             throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');
@@ -42,6 +41,6 @@ public function isAllowed(string $right): bool
             return false;
         }
 
-        return $this->authorizationChecker->isGranted($right);
+        return $this->authorizationChecker->isGranted($right, $subject);
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,7 @@`
`5`	`5`
`6`	`6`	`use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;`
`7`	`7`	`use TheCodingMachine\GraphQLite\Security\AuthenticationServiceInterface;`
	`8`	`+use function is_object;`
`8`	`9`
`9`	`10`	`class AuthenticationService implements AuthenticationServiceInterface`
`10`	`11`	`{`
`@@ -24,21 +25,30 @@ public function __construct(?TokenStorageInterface $tokenStorage)`
`24`	`25`	`* @return bool`
`25`	`26`	`*/`
`26`	`27`	`public function isLogged(): bool`
	`28`	`+ {`
	`29`	`+ return $this->getUser() !== null;`
	`30`	`+ }`
	`31`	`+`
	`32`	`+ /**`
	`33`	`+ * Returns an object representing the current logged user.`
	`34`	`+ * Can return null if the user is not logged.`
	`35`	`+ */`
	`36`	`+ public function getUser(): ?object`
`27`	`37`	`{`
`28`	`38`	`if ($this->tokenStorage === null) {`
`29`	`39`	`throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');`
`30`	`40`	`}`
`31`	`41`
`32`	`42`	`$token = $this->tokenStorage->getToken();`
`33`	`43`	`if (null === $token) {`
`34`		`- return false;`
	`44`	`+ return null;`
`35`	`45`	`}`
`36`	`46`
`37`		`- if (!\is_object($token->getUser())) {`
	`47`	`+ $user = $token->getUser();`
	`48`	`+ if (!\is_object($user)) {`
`38`	`49`	`// e.g. anonymous authentication`
`39`		`- return false;`
	`50`	`+ return null;`
`40`	`51`	`}`
`41`		`-`
`42`		`- return true;`
	`52`	`+ return $user;`
`43`	`53`	`}`
`44`	`54`	`}`
Original file line number	Diff line number	Diff line change
`@@ -28,10 +28,9 @@ public function __construct(?AuthorizationCheckerInterface $authorizationChecker`
`28`	`28`	`/**`
`29`	`29`	`* Returns true if the "current" user has access to the right "$right"`
`30`	`30`	`*`
`31`		`- * @param string $right`
`32`		`- * @return bool`
	`31`	`+ * @param mixed $subject The scope this right applies on. $subject is typically an object or a FQCN. Set $subject to "null" if the right is global.`
`33`	`32`	`*/`
`34`		`- public function isAllowed(string $right): bool`
	`33`	`+ public function isAllowed(string $right, $subject = null): bool`
`35`	`34`	`{`
`36`	`35`	`if ($this->authorizationChecker === null \|\| $this->tokenStorage === null) {`
`37`	`36`	`throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');`
`@@ -42,6 +41,6 @@ public function isAllowed(string $right): bool`
`42`	`41`	`return false;`
`43`	`42`	`}`
`44`	`43`
`45`		`- return $this->authorizationChecker->isGranted($right);`
	`44`	`+ return $this->authorizationChecker->isGranted($right, $subject);`
`46`	`45`	`}`
`47`	`46`	`}`