Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-06-07 18:44:08 +00:00
Code Issues Actions Projects Releases Wiki Activity

Create the helper ChillSecurity

Browse Source 
En symfony 5.4 le typage a été vraiment amélioré, et phpstan peut détecter plus d'erreur potentielles.

Mais le problème est que Symfony "type" les `User` avec son propre `Symfony\Component\Security\Core\User\UserInterface` alors qu'on a besoin de `Chill\MainBundle\Entity\User`.

Imaginons qu'on a ceci:

```php

namespace Chill\Bundle\Service;

final readonly class SomeService
{
    public function myMethod(\Chill\MainBundle\Entity\User $user): void
    {
        // ...
    }
}
```

Quand on l'appelle dans un contrôleur ou dans un service:

```php

namespace Chill\Bundle\Service;

use Symfony\Component\Security\Core\Security;

final readonly OtherService
{
    public function __construct(private Security $security, private SomeService $service) {}

    public function __invoke(): void
    {
        $this->service->myMethod($this->security->getUser());
    }
}
```

PHPstan va se plaindre:

```
Parameter #1 $user of method SomeService::myMethod() expects Chill\MainBundle\Entity\User, Symfony\Component\Security\Core\User\UserInterface|null given.
```

Du coup, j'ai créé ce service:

```php
<?php

namespace Chill\MainBundle\Security;

use Chill\MainBundle\Entity\User;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\Security\Core\Security;

/**
 * Security helper for Chill user
 *
 * Provides security-related functionality such as user retrieval, authorization checks,
 * and token retrieval, in a context where only an authenticated @see{User::class} is expected.
 *
 */
final readonly class ChillSecurity implements AuthorizationCheckerInterface
{

    public function hasUser(): bool
    {
        // implementation detail not shown here
    }

    public function getUser(): User
    {
        // implementation detail not shown here
    }

    public function isGranted($attribute, $subject = null): bool
    {
        // implementation detail not shown here
    }

    public function getToken(): ?TokenInterface
    {
        // implementation detail not shown here
    }
}
```

Et maintenant, on peut faire:

```php

namespace Chill\Bundle\Service;

use Chill\MainBundle\Security\ChillSecurity;

final readonly OtherService
{
    public function __construct(private ChillSecurity $security, private SomeService $service) {}

    public function __invoke(): void
    {
        $this->service->myMethod($this->security->getUser());
    }
}
```

Et tout va bien se passer.

Ca sera dans la version de chill qui fait passer à symfony 5.4.
This commit is contained in:
Julien Fastré 2023-12-12 22:33:57 +01:00
parent ac98ba4555
commit af663cf27c
Signed by: julienfastre
GPG Key ID: BDE2190974723FCB
1 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
src/Bundle/ChillMainBundle/Security/ChillSecurity.php Normal file
View File

@ -0,0 +1,54 @@
<?php
declare(strict_types=1);
/*
* Chill is a software for social workers
*
* For the full copyright and license information, please view
* the LICENSE file that was distributed with this source code.
*/
namespace Chill\MainBundle\Security;
use Chill\MainBundle\Entity\User;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\Security\Core\Security;
/**
* Security helper for Chill user.
*
* Provides security-related functionality such as user retrieval, authorization checks,
* and token retrieval, in a context where only an authenticated @see{User::class} is expected.
*/
final readonly class ChillSecurity implements AuthorizationCheckerInterface
{
public function __construct(private Security $security) {}
public function hasUser(): bool
{
return null !== $this->security->getUser();
}
public function getUser(): User
{
$user = $this->security->getUser();
if (!$user instanceof User) {
throw new \LogicException(sprintf('authenticated user should be an instance of %s, %s given', User::class, null !== $user ? $user::class : self::class));
}
return $user;
}
public function isGranted($attribute, $subject = null): bool
{
return $this->security->isGranted($attribute, $subject);
}
public function getToken(): ?TokenInterface
{
return $this->security->getToken();
}
}