mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-06-12 21:34:25 +00:00
fix: Strict types interfaces: VoterHelperInterface, ProvideRoleHierarchyInterface and ProvideRoleInterface.
This commit is contained in:
Pol Dellaiera
parent
05dda33a7a
commit
328b4c4596
@ -75,17 +75,17 @@ class ActivityStatsVoter extends AbstractChillVoter implements ProvideRoleHierar
|
||||
return $this->helper->userHasAccess($user, $object, $attribute);
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return $this->getAttributes();
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return $this->getAttributes();
|
||||
}
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return ['Activity' => $this->getRoles()];
|
||||
}
|
||||
|
||||
@ -1,21 +1,6 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* Copyright (C) 2015 Julien Fastré <julien.fastre@champs-libres.coop>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Chill\ActivityBundle\Security\Authorization;
|
||||
|
||||
@ -25,9 +10,7 @@ use Chill\PersonBundle\Entity\AccompanyingPeriod;
|
||||
use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodVoter;
|
||||
use Chill\PersonBundle\Security\Authorization\PersonVoter;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
|
||||
use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
|
||||
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
|
||||
use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
|
||||
use Chill\MainBundle\Entity\User;
|
||||
use Chill\ActivityBundle\Entity\Activity;
|
||||
@ -35,9 +18,6 @@ use Chill\PersonBundle\Entity\Person;
|
||||
use Symfony\Component\Security\Core\Role\Role;
|
||||
use Symfony\Component\Security\Core\Security;
|
||||
|
||||
/**
|
||||
* Voter for Activity class
|
||||
*/
|
||||
class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface
|
||||
{
|
||||
/**
|
||||
@ -46,7 +26,7 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
|
||||
*
|
||||
* It is safe for usage in template and controller
|
||||
*/
|
||||
const CREATE = 'CHILL_ACTIVITY_CREATE';
|
||||
public const CREATE = 'CHILL_ACTIVITY_CREATE';
|
||||
|
||||
/**
|
||||
* role to allow to create an activity associated win an accompanying course.
|
||||
@ -55,7 +35,7 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
const CREATE_ACCOMPANYING_COURSE = 'CHILL_ACTIVITY_CREATE_ACCOMPANYING_COURSE';
|
||||
public const CREATE_ACCOMPANYING_COURSE = 'CHILL_ACTIVITY_CREATE_ACCOMPANYING_COURSE';
|
||||
|
||||
/**
|
||||
* role to allow to create an activity associated with a person
|
||||
@ -64,13 +44,13 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
const CREATE_PERSON = 'CHILL_ACTIVITY_CREATE_PERSON';
|
||||
public const CREATE_PERSON = 'CHILL_ACTIVITY_CREATE_PERSON';
|
||||
|
||||
const SEE = 'CHILL_ACTIVITY_SEE';
|
||||
const SEE_DETAILS = 'CHILL_ACTIVITY_SEE_DETAILS';
|
||||
const UPDATE = 'CHILL_ACTIVITY_UPDATE';
|
||||
const DELETE = 'CHILL_ACTIVITY_DELETE';
|
||||
const FULL = 'CHILL_ACTIVITY_FULL';
|
||||
public const SEE = 'CHILL_ACTIVITY_SEE';
|
||||
public const SEE_DETAILS = 'CHILL_ACTIVITY_SEE_DETAILS';
|
||||
public const UPDATE = 'CHILL_ACTIVITY_UPDATE';
|
||||
public const DELETE = 'CHILL_ACTIVITY_DELETE';
|
||||
public const FULL = 'CHILL_ACTIVITY_FULL';
|
||||
|
||||
private const ALL = [
|
||||
self::CREATE,
|
||||
@ -97,13 +77,12 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
|
||||
->build();
|
||||
}
|
||||
|
||||
|
||||
protected function supports($attribute, $subject)
|
||||
protected function supports($attribute, $subject): bool
|
||||
{
|
||||
return $this->voterHelper->supports($attribute, $subject);
|
||||
}
|
||||
|
||||
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
|
||||
protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
if (!$token->getUser() instanceof User) {
|
||||
return false;
|
||||
@ -132,7 +111,7 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
|
||||
$attribute = self::CREATE_ACCOMPANYING_COURSE;
|
||||
}
|
||||
} else {
|
||||
throw new \RuntimeException("could not determine context of activity");
|
||||
throw new \RuntimeException('Could not determine context of activity.');
|
||||
}
|
||||
} elseif ($subject instanceof AccompanyingPeriod) {
|
||||
if (AccompanyingPeriod::STEP_CLOSED === $subject->getStep()) {
|
||||
@ -155,8 +134,7 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
|
||||
return $this->voterHelper->voteOnAttribute($attribute, $subject, $token);
|
||||
}
|
||||
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return [
|
||||
self::CREATE_PERSON,
|
||||
@ -167,14 +145,12 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return [];
|
||||
}
|
||||
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return ['Activity' => $this->getRoles()];
|
||||
}
|
||||
|
||||
@ -61,7 +61,7 @@ class BudgetElementVoter extends AbstractChillVoter implements ProvideRoleHierar
|
||||
->userHasAccess($user, $subject, new Role($attribute));
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return self::ROLES;
|
||||
}
|
||||
@ -71,7 +71,7 @@ class BudgetElementVoter extends AbstractChillVoter implements ProvideRoleHierar
|
||||
return ['Budget elements' => self::ROLES];
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return self::ROLES;
|
||||
}
|
||||
|
||||
@ -47,7 +47,7 @@ class AccompanyingCourseDocumentVoter extends AbstractChillVoter implements Prov
|
||||
->build();
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return [
|
||||
self::CREATE,
|
||||
@ -91,12 +91,12 @@ class AccompanyingCourseDocumentVoter extends AbstractChillVoter implements Prov
|
||||
return $this->voterHelper->voteOnAttribute($attribute, $subject, $token);
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return array();
|
||||
return [];
|
||||
}
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return ['accompanyingCourseDocument' => $this->getRoles()];
|
||||
}
|
||||
|
||||
@ -40,7 +40,7 @@ class PersonDocumentVoter extends AbstractChillVoter implements ProvideRoleHiera
|
||||
->build();
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return [
|
||||
self::CREATE,
|
||||
@ -79,13 +79,12 @@ class PersonDocumentVoter extends AbstractChillVoter implements ProvideRoleHiera
|
||||
return $this->voterHelper->voteOnAttribute($attribute, $subject, $token);
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return array();
|
||||
return [];
|
||||
}
|
||||
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return ['PersonDocument' => $this->getRoles()];
|
||||
}
|
||||
|
||||
@ -160,12 +160,7 @@ class EventType
|
||||
$this->roles->removeElement($role);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get roles
|
||||
*
|
||||
* @return Collection
|
||||
*/
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return $this->roles;
|
||||
}
|
||||
|
||||
@ -128,20 +128,19 @@ class EventVoter extends AbstractChillVoter implements ProvideRoleHierarchyInter
|
||||
|
||||
}
|
||||
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return self::ROLES;
|
||||
}
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return [
|
||||
'Event' => self::ROLES
|
||||
];
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return [];
|
||||
}
|
||||
|
||||
@ -127,19 +127,19 @@ class ParticipationVoter extends AbstractChillVoter implements ProvideRoleHierar
|
||||
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return self::ROLES;
|
||||
}
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return [
|
||||
'Event' => self::ROLES
|
||||
];
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return [];
|
||||
}
|
||||
|
||||
@ -61,7 +61,7 @@ class FamilyMemberVoter extends AbstractChillVoter implements ProvideRoleHierarc
|
||||
->userHasAccess($user, $subject, new Role($attribute));
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return self::ROLES;
|
||||
}
|
||||
@ -71,7 +71,7 @@ class FamilyMemberVoter extends AbstractChillVoter implements ProvideRoleHierarc
|
||||
return ['Family Members' => self::ROLES];
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return self::ROLES;
|
||||
}
|
||||
|
||||
@ -203,12 +203,9 @@ class User implements AdvancedUserInterface {
|
||||
*/
|
||||
public function eraseCredentials() {}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return array('ROLE_USER');
|
||||
return ['ROLE_USER'];
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Chill\MainBundle\Security\Authorization;
|
||||
|
||||
use Chill\MainBundle\Entity\User;
|
||||
@ -50,7 +52,7 @@ final class DefaultVoterHelper implements VoterHelperInterface
|
||||
}
|
||||
|
||||
if (NULL === $subject) {
|
||||
return 0 < count($this->authorizationHelper->getReachableCenters($token->getUser(), $attribute, null));
|
||||
return [] !== $this->authorizationHelper->getReachableCenters($token->getUser(), $attribute, null);
|
||||
}
|
||||
|
||||
return $this->authorizationHelper->userHasAccess(
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Chill\MainBundle\Security\Authorization;
|
||||
|
||||
use Chill\MainBundle\Security\Resolver\CenterResolverDispatcher;
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Chill\MainBundle\Security\Authorization;
|
||||
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
@ -8,5 +10,5 @@ interface VoterHelperInterface
|
||||
{
|
||||
public function supports($attribute, $subject): bool;
|
||||
|
||||
public function voteOnAttribute($attribute, $subject, TokenInterface $token);
|
||||
public function voteOnAttribute($attribute, $subject, TokenInterface $token): bool;
|
||||
}
|
||||
|
||||
@ -1,28 +1,13 @@
|
||||
<?php
|
||||
/*
|
||||
* Copyright (C) 2017 Champs Libres Cooperative <info@champs-libres.coop>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Chill\MainBundle\Security;
|
||||
|
||||
/**
|
||||
* Give a hierarchy for the role.
|
||||
*
|
||||
* This hierarchy allow to sort roles, which is useful in UI
|
||||
*
|
||||
* @author Julien Fastré <julien.fastre@champs-libres.coop>
|
||||
*/
|
||||
interface ProvideRoleHierarchyInterface extends ProvideRoleInterface
|
||||
{
|
||||
@ -36,7 +21,7 @@ interface ProvideRoleHierarchyInterface extends ProvideRoleInterface
|
||||
* [ 'Title' => [ 'CHILL_FOO_SEE', 'CHILL_FOO_UPDATE' ] ]
|
||||
* ```
|
||||
*
|
||||
* @return array where keys are the hierarchy, and values an array of roles: `[ 'title' => [ 'CHILL_FOO_SEE', 'CHILL_FOO_UPDATE' ] ]`
|
||||
* @return array<string, array<int, string>> Where keys are the hierarchy, and values an array of roles: `[ 'title' => [ 'CHILL_FOO_SEE', 'CHILL_FOO_UPDATE' ] ]`
|
||||
*/
|
||||
public function getRolesWithHierarchy();
|
||||
public function getRolesWithHierarchy(): array;
|
||||
}
|
||||
|
||||
@ -1,21 +1,6 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* Copyright (C) 2015 Julien Fastré <julien.fastre@champs-libres.coop>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Chill\MainBundle\Security;
|
||||
|
||||
@ -32,22 +17,20 @@ namespace Chill\MainBundle\Security;
|
||||
* tags:
|
||||
* - { name: chill.role }
|
||||
* </pre>
|
||||
*
|
||||
* @author Julien Fastré <julien.fastre@champs-libres.coop>
|
||||
*/
|
||||
interface ProvideRoleInterface
|
||||
{
|
||||
/**
|
||||
* return an array of role provided by the object
|
||||
* Return an array of role provided by the object.
|
||||
*
|
||||
* @return string[] array of roles (as string)
|
||||
*/
|
||||
public function getRoles();
|
||||
public function getRoles(): array;
|
||||
|
||||
/**
|
||||
* return roles which doesn't need
|
||||
* Return roles which doesn't need.
|
||||
*
|
||||
* @return string[] array of roles without scopes
|
||||
*/
|
||||
public function getRolesWithoutScope();
|
||||
public function getRolesWithoutScope(): array;
|
||||
}
|
||||
|
||||
@ -53,13 +53,10 @@ class RoleProvider
|
||||
$this->providers[] = $provider;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return string[] the roles as string
|
||||
*/
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
$roles = array();
|
||||
$roles = [];
|
||||
|
||||
foreach ($this->providers as $provider) {
|
||||
if ($provider->getRoles() !== NULL) {
|
||||
$roles = array_merge($roles, $provider->getRoles());
|
||||
@ -69,13 +66,10 @@ class RoleProvider
|
||||
return $roles;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return string[] the roles as string
|
||||
*/
|
||||
public function getRolesWithoutScopes()
|
||||
public function getRolesWithoutScopes(): array
|
||||
{
|
||||
$roles = array();
|
||||
$roles = [];
|
||||
|
||||
foreach ($this->providers as $provider) {
|
||||
if ($provider->getRolesWithoutScope() !== NULL) {
|
||||
$roles = array_merge($roles, $provider->getRolesWithoutScope());
|
||||
|
||||
@ -94,17 +94,17 @@ class AccompanyingPeriodVoter extends AbstractChillVoter implements ProvideRole
|
||||
return $this->voterHelper->voteOnAttribute($attribute, $subject, $token);
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return self::ALL;
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return [];
|
||||
}
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return ['Accompanying period' => $this->getRoles()];
|
||||
}
|
||||
|
||||
@ -69,17 +69,17 @@ class PersonVoter extends AbstractChillVoter implements ProvideRoleHierarchyInte
|
||||
return array(self::CREATE, self::UPDATE, self::SEE, self::STATS, self::LISTS, self::DUPLICATE);
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return $this->getAttributes();
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return $this->getAttributes();
|
||||
}
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return ['Person' => $this->getRoles()];
|
||||
}
|
||||
|
||||
@ -74,18 +74,17 @@ class ReportVoter extends AbstractChillVoter implements ProvideRoleHierarchyInte
|
||||
return $this->helper->userHasAccess($token->getUser(), $subject, $attribute);
|
||||
}
|
||||
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return [self::CREATE, self::UPDATE, self::SEE, self::LISTS];
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return array(self::LISTS);
|
||||
return [self::LISTS];
|
||||
}
|
||||
|
||||
public function getRolesWithHierarchy()
|
||||
public function getRolesWithHierarchy(): array
|
||||
{
|
||||
return ['Report' => $this->getRoles()];
|
||||
}
|
||||
|
||||
@ -127,7 +127,7 @@ final class TaskVoter extends AbstractChillVoter implements ProvideRoleHierarchy
|
||||
return $this->voter->voteOnAttribute($attribute, $subject, $token);
|
||||
}
|
||||
|
||||
public function getRoles()
|
||||
public function getRoles(): array
|
||||
{
|
||||
return self::ROLES;
|
||||
}
|
||||
@ -139,7 +139,7 @@ final class TaskVoter extends AbstractChillVoter implements ProvideRoleHierarchy
|
||||
];
|
||||
}
|
||||
|
||||
public function getRolesWithoutScope()
|
||||
public function getRolesWithoutScope(): array
|
||||
{
|
||||
return [];
|
||||
}
|
||||
|
||||
@ -52,9 +52,8 @@ class ThirdPartyVoter extends AbstractChillVoter implements ProvideRoleHierarchy
|
||||
* @param string $attribute
|
||||
* @param ThirdParty|null $subject
|
||||
* @param TokenInterface $token
|
||||
* @return type
|
||||
*/
|
||||
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
|
||||
protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
return true;
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user