DRY LanguagePermissions and ModelPermissions

getkirby · Nov 6, 2024 · 4073598 · 4073598
1 parent 794c74d
commit 4073598
Show file tree

Hide file tree

Showing 3 changed files with 116 additions and 169 deletions.
diff --git a/src/Cms/LanguagePermissions.php b/src/Cms/LanguagePermissions.php
@@ -5,21 +5,16 @@
 /**
  * LanguagePermissions
  *
- * Since the Language class is not a content model,
- * it handles this itself instead of inheriting from the `ModelPermissions` class
- *
  * @package   Kirby Cms
  * @author    Ahmet Bora <[email protected]>
  * @link      https://getkirby.com
  * @copyright Bastian Allgeier
  * @license   https://getkirby.com/license
  */
-class LanguagePermissions
+class LanguagePermissions extends NewPermissions
 {
-	protected string      $category = 'languages';
-	protected Language    $model;
-	protected Permissions $permissions;
-	protected User        $user;
+	protected string   $category = 'languages';
+	protected Language $model;
 
 	public function __construct(Language $model)
 	{
@@ -28,75 +23,11 @@ public function __construct(Language $model)
 		$this->permissions = $this->user->role()->permissions();
 	}
 
-	public function __call(string $method, array $arguments = []): bool
-	{
-		return $this->can($method);
-	}
-
-	/**
-	 * Improved `var_dump` output
-	 * @codeCoverageIgnore
-	 */
-	public function __debugInfo(): array
-	{
-		return $this->toArray();
-	}
-
-	/**
-	 * Returns whether the current user is allowed
-	 * to do a certain action on the model
-	 *
-	 * @param bool $default Will be returned if $action does not exist
-	 */
-	public function can(
-		string $action,
-		bool   $default = false
-	): bool {
-		$user = $this->user->id();
-		$role = $this->user->role()->id();
-
-		// users with the `nobody` role can do nothing
-		// that needs a permission check
-		if ($role === 'nobody') {
-			return false;
-		}
-
-		// check for a custom `can` method
-		// which would take priority over any other
-		// role-based permission rules
-		if (
-			method_exists($this, 'can' . $action) === true &&
-			$this->{'can' . $action}() === false
-		) {
-			return false;
-		}
-
-		// the almighty `kirby` user can do anything
-		if ($user === 'kirby' && $role === 'admin') {
-			return true;
-		}
-
-		return $this->permissions->for($this->category, $action, $default);
-	}
-
 	protected function canDelete(): bool
 	{
 		return $this->model->isDeletable() === true;
 	}
 
-	/**
-	 * Returns whether the current user is not allowed
-	 * to do a certain action on the model
-	 *
-	 * @param bool $default Will be returned if $action does not exist
-	 */
-	public function cannot(
-		string $action,
-		bool   $default = true
-	): bool {
-		return $this->can($action, !$default) === false;
-	}
-
 	public function toArray(): array
 	{
 		return [];

diff --git a/src/Cms/ModelPermissions.php b/src/Cms/ModelPermissions.php
@@ -2,8 +2,6 @@
 
 namespace Kirby\Cms;
 
-use Kirby\Toolkit\A;
-
 /**
  * ModelPermissions
  *
@@ -13,13 +11,10 @@
  * @copyright Bastian Allgeier
  * @license   https://getkirby.com/license
  */
-abstract class ModelPermissions
+abstract class ModelPermissions extends NewPermissions
 {
-	protected string $category;
 	protected ModelWithContent $model;
-	protected array $options;
-	protected Permissions $permissions;
-	protected User $user;
+	protected array            $options;
 
 	public function __construct(ModelWithContent $model)
 	{
@@ -29,96 +24,6 @@ public function __construct(ModelWithContent $model)
 		$this->permissions = $this->user->role()->permissions();
 	}
 
-	public function __call(string $method, array $arguments = []): bool
-	{
-		return $this->can($method);
-	}
-
-	/**
-	 * Improved `var_dump` output
-	 * @codeCoverageIgnore
-	 */
-	public function __debugInfo(): array
-	{
-		return $this->toArray();
-	}
-
-	/**
-	 * Returns whether the current user is allowed to do
-	 * a certain action on the model
-	 *
-	 * @param bool $default Will be returned if $action does not exist
-	 */
-	public function can(
-		string $action,
-		bool $default = false
-	): bool {
-		$user = $this->user->id();
-		$role = $this->user->role()->id();
-
-		// users with the `nobody` role can do nothing
-		// that needs a permission check
-		if ($role === 'nobody') {
-			return false;
-		}
-
-		// check for a custom `can` method
-		// which would take priority over any other
-		// role-based permission rules
-		if (
-			method_exists($this, 'can' . $action) === true &&
-			$this->{'can' . $action}() === false
-		) {
-			return false;
-		}
-
-		// the almighty `kirby` user can do anything
-		if ($user === 'kirby' && $role === 'admin') {
-			return true;
-		}
-
-		// evaluate the blueprint options block
-		if (isset($this->options[$action]) === true) {
-			$options = $this->options[$action];
-
-			if ($options === false) {
-				return false;
-			}
-
-			if ($options === true) {
-				return true;
-			}
-
-			if (
-				is_array($options) === true &&
-				A::isAssociative($options) === true
-			) {
-				if (isset($options[$role]) === true) {
-					return $options[$role];
-				}
-
-				if (isset($options['*']) === true) {
-					return $options['*'];
-				}
-			}
-		}
-
-		return $this->permissions->for($this->category, $action, $default);
-	}
-
-	/**
-	 * Returns whether the current user is not allowed to do
-	 * a certain action on the model
-	 *
-	 * @param bool $default Will be returned if $action does not exist
-	 */
-	public function cannot(
-		string $action,
-		bool $default = true
-	): bool {
-		return $this->can($action, !$default) === false;
-	}
-
 	public function toArray(): array
 	{
 		$array = [];

diff --git a/src/Cms/NewPermissions.php b/src/Cms/NewPermissions.php
@@ -0,0 +1,111 @@
+<?php
+
+namespace Kirby\Cms;
+
+use Kirby\Toolkit\A;
+
+/**
+ * NewPermissions
+ *
+ * @package   Kirby Cms
+ * @author    Bastian Allgeier <[email protected]>
+ * @link      https://getkirby.com
+ * @copyright Bastian Allgeier
+ * @license   https://getkirby.com/license
+ */
+abstract class NewPermissions
+{
+    protected string      $category;
+    protected Permissions $permissions;
+    protected User        $user;
+
+	public function __call(string $method, array $arguments = []): bool
+	{
+		return $this->can($method);
+	}
+
+	/**
+	 * Improved `var_dump` output
+	 * @codeCoverageIgnore
+	 */
+	public function __debugInfo(): array
+	{
+		return $this->toArray();
+	}
+
+	/**
+	 * Returns whether the current user is allowed to do
+	 * a certain action on the model
+	 *
+	 * @param bool $default Will be returned if $action does not exist
+	 */
+	public function can(
+		string $action,
+		bool $default = false
+	): bool {
+		$user = $this->user->id();
+		$role = $this->user->role()->id();
+
+		// users with the `nobody` role can do nothing
+		// that needs a permission check
+		if ($role === 'nobody') {
+			return false;
+		}
+
+		// check for a custom `can` method
+		// which would take priority over any other
+		// role-based permission rules
+		if (
+			method_exists($this, 'can' . $action) === true &&
+			$this->{'can' . $action}() === false
+		) {
+			return false;
+		}
+
+		// the almighty `kirby` user can do anything
+		if ($user === 'kirby' && $role === 'admin') {
+			return true;
+		}
+
+		// evaluate the blueprint options block for only content models
+		if (isset($this->options[$action]) === true) {
+			$options = $this->options[$action];
+
+			if ($options === false) {
+				return false;
+			}
+
+			if ($options === true) {
+				return true;
+			}
+
+			if (
+				is_array($options) === true &&
+				A::isAssociative($options) === true
+			) {
+				if (isset($options[$role]) === true) {
+					return $options[$role];
+				}
+
+				if (isset($options['*']) === true) {
+					return $options['*'];
+				}
+			}
+		}
+
+		return $this->permissions->for($this->category, $action, $default);
+	}
+
+	/**
+	 * Returns whether the current user is not allowed to do
+	 * a certain action on the model
+	 *
+	 * @param bool $default Will be returned if $action does not exist
+	 */
+	public function cannot(
+		string $action,
+		bool $default = true
+	): bool {
+		return $this->can($action, !$default) === false;
+	}
+}