diff --git a/psalm-baseline.xml b/psalm-baseline.xml index 979297d..5abe178 100644 --- a/psalm-baseline.xml +++ b/psalm-baseline.xml @@ -1,26 +1,5 @@ - - - $routeName - - - $routeName - $routeResult - - - getMatchedRouteName - isFailure - - - setRequest - - - - - setRequest - - $assertion @@ -33,13 +12,8 @@ $role $role - - - - $assertion - $config $parents $permission $permissions diff --git a/src/LaminasRbac.php b/src/LaminasRbac.php index 822c9be..93d2dc2 100644 --- a/src/LaminasRbac.php +++ b/src/LaminasRbac.php @@ -4,27 +4,22 @@ namespace Mezzio\Authorization\Rbac; -use Laminas\Permissions\Rbac\AssertionInterface; use Laminas\Permissions\Rbac\Rbac; use Mezzio\Authorization\AuthorizationInterface; use Mezzio\Authorization\Exception; use Mezzio\Router\RouteResult; use Psr\Http\Message\ServerRequestInterface; +use function assert; +use function is_string; use function sprintf; class LaminasRbac implements AuthorizationInterface { - /** @var Rbac */ - private $rbac; - - /** @var null|AssertionInterface */ - private $assertion; - - public function __construct(Rbac $rbac, ?LaminasRbacAssertionInterface $assertion = null) - { - $this->rbac = $rbac; - $this->assertion = $assertion; + public function __construct( + private Rbac $rbac, + private ?LaminasRbacAssertionInterface $assertion = null + ) { } /** @@ -35,7 +30,7 @@ public function __construct(Rbac $rbac, ?LaminasRbacAssertionInterface $assertio public function isGranted(string $role, ServerRequestInterface $request): bool { $routeResult = $request->getAttribute(RouteResult::class, false); - if (false === $routeResult) { + if (! $routeResult instanceof RouteResult) { throw new Exception\RuntimeException(sprintf( 'The %s attribute is missing in the request; cannot perform authorizations', RouteResult::class @@ -48,6 +43,7 @@ public function isGranted(string $role, ServerRequestInterface $request): bool } $routeName = $routeResult->getMatchedRouteName(); + assert(is_string($routeName)); if (null !== $this->assertion) { $this->assertion->setRequest($request); } diff --git a/src/LaminasRbacFactory.php b/src/LaminasRbacFactory.php index b30c438..6e48dbe 100644 --- a/src/LaminasRbacFactory.php +++ b/src/LaminasRbacFactory.php @@ -4,6 +4,7 @@ namespace Mezzio\Authorization\Rbac; +use ArrayAccess; use Laminas\Permissions\Rbac\Exception\ExceptionInterface as RbacExceptionInterface; use Laminas\Permissions\Rbac\Rbac; use Mezzio\Authorization\AuthorizationInterface; @@ -11,6 +12,7 @@ use Psr\Container\ContainerInterface; use Zend\Expressive\Authorization\Rbac\ZendRbacAssertionInterface; +use function is_array; use function sprintf; class LaminasRbacFactory @@ -21,7 +23,7 @@ class LaminasRbacFactory public function __invoke(ContainerInterface $container): AuthorizationInterface { $config = $container->get('config')['mezzio-authorization-rbac'] ?? null; - if (null === $config) { + if (! is_array($config) && ! $config instanceof ArrayAccess) { throw new Exception\InvalidConfigException(sprintf( 'Cannot create %s instance; no "mezzio-authorization-rbac" config key present', LaminasRbac::class