Skip to content

Commit

Permalink
Refactor reading relationships.
Browse files Browse the repository at this point in the history
  • Loading branch information
neomerx committed Feb 10, 2018
1 parent 487ffdf commit 9da46f0
Show file tree
Hide file tree
Showing 54 changed files with 307 additions and 306 deletions.
35 changes: 16 additions & 19 deletions server/app/Api/BaseApi.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
use Doctrine\DBAL\DBALException;
use Doctrine\DBAL\Query\QueryBuilder;
use Doctrine\DBAL\Types\Type;
use InvalidArgumentException;
use Limoncello\Contracts\Authentication\AccountManagerInterface;
use Limoncello\Contracts\Authorization\AuthorizationManagerInterface;
use Limoncello\Contracts\Exceptions\AuthorizationExceptionInterface;
Expand All @@ -24,37 +25,33 @@
*/
abstract class BaseApi extends Crud
{
/**
* Should return authorization action name and resource type for reading a relationship.
*
* @param string $name
* @param iterable|null $relationshipFilters
* @param iterable|null $relationshipSorts
*
* @return array [string $action, string|null $resourceType]
/** @noinspection PhpMissingParentCallCommonInspection
* @inheritdoc
*/
abstract protected function getAuthorizationActionAndResourceTypeForRelationship(
final public function readRelationship(
$index,
string $name,
iterable $relationshipFilters = null,
iterable $relationshipSorts = null
): array;
): PaginatedDataInterface {
assert(false, 'Use specialized reading methods instead.');
throw new InvalidArgumentException();
}

/**
* @inheritdoc
* @param $index
* @param string $name
* @param iterable|null $relationshipFilters
* @param iterable|null $relationshipSorts
*
* @return PaginatedDataInterface
*/
public function readRelationship(
protected function readRelationshipInt(
$index,
string $name,
iterable $relationshipFilters = null,
iterable $relationshipSorts = null
): PaginatedDataInterface {
list ($action, $resourceType) = static::getAuthorizationActionAndResourceTypeForRelationship(
$name,
$relationshipFilters,
$relationshipSorts
);
$this->authorize($action, $resourceType, $index);

return parent::readRelationship($index, $name, $relationshipFilters, $relationshipSorts);
}

Expand Down
36 changes: 20 additions & 16 deletions server/app/Api/BoardsApi.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@

use App\Authorization\BoardRules;
use App\Data\Models\Board as Model;
use App\Json\Schemes\BoardScheme as Scheme;
use App\Json\Schemes\BoardSchema as Schema;
use Limoncello\Contracts\Exceptions\AuthorizationExceptionInterface;
use Limoncello\Flute\Contracts\Models\PaginatedDataInterface;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\ContainerInterface;
Expand All @@ -29,7 +30,7 @@ public function __construct(ContainerInterface $container)
*/
public function create($index, iterable $attributes, iterable $toMany): string
{
$this->authorize(BoardRules::ACTION_ADMIN_BOARDS, Scheme::TYPE, $index);
$this->authorize(BoardRules::ACTION_ADMIN_BOARDS, Schema::TYPE, $index);

return parent::create($index, $attributes, $toMany);
}
Expand All @@ -39,7 +40,7 @@ public function create($index, iterable $attributes, iterable $toMany): string
*/
public function update($index, iterable $attributes, iterable $toMany): int
{
$this->authorize(BoardRules::ACTION_ADMIN_BOARDS, Scheme::TYPE, $index);
$this->authorize(BoardRules::ACTION_ADMIN_BOARDS, Schema::TYPE, $index);

return parent::update($index, $attributes, $toMany);
}
Expand All @@ -49,7 +50,7 @@ public function update($index, iterable $attributes, iterable $toMany): int
*/
public function remove($index): bool
{
$this->authorize(BoardRules::ACTION_ADMIN_BOARDS, Scheme::TYPE, $index);
$this->authorize(BoardRules::ACTION_ADMIN_BOARDS, Schema::TYPE, $index);

return parent::remove($index);
}
Expand All @@ -59,7 +60,7 @@ public function remove($index): bool
*/
public function index(): PaginatedDataInterface
{
$this->authorize(BoardRules::ACTION_VIEW_BOARDS, Scheme::TYPE);
$this->authorize(BoardRules::ACTION_VIEW_BOARDS, Schema::TYPE);

return parent::index();
}
Expand All @@ -69,25 +70,28 @@ public function index(): PaginatedDataInterface
*/
public function read($index)
{
$this->authorize(BoardRules::ACTION_VIEW_BOARDS, Scheme::TYPE, $index);
$this->authorize(BoardRules::ACTION_VIEW_BOARDS, Schema::TYPE, $index);

return parent::read($index);
}

/**
* @inheritdoc
* @param string|int $index
* @param iterable|null $relationshipFilters
* @param iterable|null $relationshipSorts
*
* @return PaginatedDataInterface
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
* @throws AuthorizationExceptionInterface
*/
protected function getAuthorizationActionAndResourceTypeForRelationship(
string $name,
public function readPosts(
$index,
iterable $relationshipFilters = null,
iterable $relationshipSorts = null
): array {
// if you add new relationships available for reading
// don't forget to tell the authorization subsystem what are the corresponding auth actions.

assert($name === Model::REL_POSTS);
$pair = [BoardRules::ACTION_VIEW_BOARD_POSTS, Scheme::TYPE];
): PaginatedDataInterface {
$this->authorize(BoardRules::ACTION_VIEW_BOARD_POSTS, Schema::TYPE, $index);

return $pair;
return $this->readRelationshipInt($index, Model::REL_POSTS, $relationshipFilters, $relationshipSorts);
}
}
36 changes: 6 additions & 30 deletions server/app/Api/CommentsApi.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

use App\Authorization\CommentRules;
use App\Data\Models\Comment as Model;
use App\Json\Schemes\CommentScheme as Scheme;
use App\Json\Schemes\CommentSchema as Schema;
use Limoncello\Flute\Contracts\Models\PaginatedDataInterface;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\ContainerInterface;
Expand All @@ -29,7 +29,7 @@ public function __construct(ContainerInterface $container)
*/
public function create($index, iterable $attributes, iterable $toMany): string
{
$this->authorize(CommentRules::ACTION_CREATE_COMMENT, Scheme::TYPE, $index);
$this->authorize(CommentRules::ACTION_CREATE_COMMENT, Schema::TYPE, $index);

$withUserId = $this->addIterable($attributes, [Model::FIELD_ID_USER => $this->getCurrentUserIdentity()]);

Expand All @@ -41,7 +41,7 @@ public function create($index, iterable $attributes, iterable $toMany): string
*/
public function update($index, iterable $attributes, iterable $toMany): int
{
$this->authorize(CommentRules::ACTION_EDIT_COMMENT, Scheme::TYPE, $index);
$this->authorize(CommentRules::ACTION_EDIT_COMMENT, Schema::TYPE, $index);

return parent::update($index, $attributes, $toMany);
}
Expand All @@ -51,7 +51,7 @@ public function update($index, iterable $attributes, iterable $toMany): int
*/
public function remove($index): bool
{
$this->authorize(CommentRules::ACTION_EDIT_COMMENT, Scheme::TYPE, $index);
$this->authorize(CommentRules::ACTION_EDIT_COMMENT, Schema::TYPE, $index);

return parent::remove($index);
}
Expand All @@ -61,7 +61,7 @@ public function remove($index): bool
*/
public function index(): PaginatedDataInterface
{
$this->authorize(CommentRules::ACTION_VIEW_COMMENTS, Scheme::TYPE);
$this->authorize(CommentRules::ACTION_VIEW_COMMENTS, Schema::TYPE);

return parent::index();
}
Expand All @@ -71,32 +71,8 @@ public function index(): PaginatedDataInterface
*/
public function read($index)
{
$this->authorize(CommentRules::ACTION_VIEW_COMMENTS, Scheme::TYPE, $index);
$this->authorize(CommentRules::ACTION_VIEW_COMMENTS, Schema::TYPE, $index);

return parent::read($index);
}

/**
* @inheritdoc
*/
protected function getAuthorizationActionAndResourceTypeForRelationship(
string $name,
iterable $relationshipFilters = null,
iterable $relationshipSorts = null
): array {
// if you add new relationships available for reading
// don't forget to tell the authorization subsystem what are the corresponding auth actions.

//if ($name === Model::REL_1) {
// $pair = [ModelAuthRules::ACTION_VIEW_REL_1, Scheme::TYPE];
//} else {
// assert($name === Model::REL_2);
// $pair = [ModelAuthRules::ACTION_VIEW_REL_2, Scheme::TYPE];
//}
//return $pair;

assert(false, "Authorization action is not configured for reading `$name` relationship.");

return [];
}
}
36 changes: 20 additions & 16 deletions server/app/Api/PostsApi.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@

use App\Authorization\PostRules;
use App\Data\Models\Post as Model;
use App\Json\Schemes\PostScheme as Scheme;
use App\Json\Schemes\PostSchema as Schema;
use Limoncello\Contracts\Exceptions\AuthorizationExceptionInterface;
use Limoncello\Flute\Contracts\Models\PaginatedDataInterface;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\ContainerInterface;
Expand All @@ -29,7 +30,7 @@ public function __construct(ContainerInterface $container)
*/
public function create($index, iterable $attributes, iterable $toMany): string
{
$this->authorize(PostRules::ACTION_CREATE_POST, Scheme::TYPE, $index);
$this->authorize(PostRules::ACTION_CREATE_POST, Schema::TYPE, $index);

$withUserId = $this->addIterable($attributes, [Model::FIELD_ID_USER => $this->getCurrentUserIdentity()]);

Expand All @@ -41,7 +42,7 @@ public function create($index, iterable $attributes, iterable $toMany): string
*/
public function update($index, iterable $attributes, iterable $toMany): int
{
$this->authorize(PostRules::ACTION_EDIT_POST, Scheme::TYPE, $index);
$this->authorize(PostRules::ACTION_EDIT_POST, Schema::TYPE, $index);

return parent::update($index, $attributes, $toMany);
}
Expand All @@ -51,7 +52,7 @@ public function update($index, iterable $attributes, iterable $toMany): int
*/
public function remove($index): bool
{
$this->authorize(PostRules::ACTION_EDIT_POST, Scheme::TYPE, $index);
$this->authorize(PostRules::ACTION_EDIT_POST, Schema::TYPE, $index);

return parent::remove($index);
}
Expand All @@ -61,7 +62,7 @@ public function remove($index): bool
*/
public function index(): PaginatedDataInterface
{
$this->authorize(PostRules::ACTION_VIEW_POSTS, Scheme::TYPE);
$this->authorize(PostRules::ACTION_VIEW_POSTS, Schema::TYPE);

return parent::index();
}
Expand All @@ -71,25 +72,28 @@ public function index(): PaginatedDataInterface
*/
public function read($index)
{
$this->authorize(PostRules::ACTION_VIEW_POSTS, Scheme::TYPE, $index);
$this->authorize(PostRules::ACTION_VIEW_POSTS, Schema::TYPE, $index);

return parent::read($index);
}

/**
* @inheritdoc
* @param string|int $index
* @param iterable|null $relationshipFilters
* @param iterable|null $relationshipSorts
*
* @return PaginatedDataInterface
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
* @throws AuthorizationExceptionInterface
*/
protected function getAuthorizationActionAndResourceTypeForRelationship(
string $name,
public function readComments(
$index,
iterable $relationshipFilters = null,
iterable $relationshipSorts = null
): array {
// if you add new relationships available for reading
// don't forget to tell the authorization subsystem what are the corresponding auth actions.

assert($name === Model::REL_COMMENTS);
$pair = [PostRules::ACTION_VIEW_POST_COMMENTS, Scheme::TYPE];
): PaginatedDataInterface {
$this->authorize(PostRules::ACTION_VIEW_POST_COMMENTS, Schema::TYPE, $index);

return $pair;
return $this->readRelationshipInt($index, Model::REL_COMMENTS, $relationshipFilters, $relationshipSorts);
}
}
36 changes: 6 additions & 30 deletions server/app/Api/RolesApi.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

use App\Authorization\RoleRules;
use App\Data\Models\Role as Model;
use App\Json\Schemes\RoleScheme as Scheme;
use App\Json\Schemes\RoleSchema as Schema;
use Limoncello\Flute\Contracts\Models\PaginatedDataInterface;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\ContainerInterface;
Expand All @@ -29,7 +29,7 @@ public function __construct(ContainerInterface $container)
*/
public function create($index, iterable $attributes, iterable $toMany): string
{
$this->authorize(RoleRules::ACTION_ADMIN_ROLES, Scheme::TYPE, $index);
$this->authorize(RoleRules::ACTION_ADMIN_ROLES, Schema::TYPE, $index);

return parent::create($index, $attributes, $toMany);
}
Expand All @@ -39,7 +39,7 @@ public function create($index, iterable $attributes, iterable $toMany): string
*/
public function update($index, iterable $attributes, iterable $toMany): int
{
$this->authorize(RoleRules::ACTION_ADMIN_ROLES, Scheme::TYPE, $index);
$this->authorize(RoleRules::ACTION_ADMIN_ROLES, Schema::TYPE, $index);

return parent::update($index, $attributes, $toMany);
}
Expand All @@ -49,7 +49,7 @@ public function update($index, iterable $attributes, iterable $toMany): int
*/
public function remove($index): bool
{
$this->authorize(RoleRules::ACTION_ADMIN_ROLES, Scheme::TYPE, $index);
$this->authorize(RoleRules::ACTION_ADMIN_ROLES, Schema::TYPE, $index);

return parent::remove($index);
}
Expand All @@ -59,7 +59,7 @@ public function remove($index): bool
*/
public function index(): PaginatedDataInterface
{
$this->authorize(RoleRules::ACTION_VIEW_ROLES, Scheme::TYPE);
$this->authorize(RoleRules::ACTION_VIEW_ROLES, Schema::TYPE);

return parent::index();
}
Expand All @@ -69,32 +69,8 @@ public function index(): PaginatedDataInterface
*/
public function read($index)
{
$this->authorize(RoleRules::ACTION_VIEW_ROLES, Scheme::TYPE, $index);
$this->authorize(RoleRules::ACTION_VIEW_ROLES, Schema::TYPE, $index);

return parent::read($index);
}

/**
* @inheritdoc
*/
protected function getAuthorizationActionAndResourceTypeForRelationship(
string $name,
iterable $relationshipFilters = null,
iterable $relationshipSorts = null
): array {
// if you add new relationships available for reading
// don't forget to tell the authorization subsystem what are the corresponding auth actions.

//if ($name === Model::REL_1) {
// $pair = [ModelAuthRules::ACTION_VIEW_REL_1, Scheme::TYPE];
//} else {
// assert($name === Model::REL_2);
// $pair = [ModelAuthRules::ACTION_VIEW_REL_2, Scheme::TYPE];
//}
//return $pair;

assert(false, "Authorization action is not configured for reading `$name` relationship.");

return [];
}
}
Loading

0 comments on commit 9da46f0

Please sign in to comment.