Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-06-07 18:44:08 +00:00
Code Issues Actions Projects Releases Wiki Activity

add endpoint for getting permissions info

Browse Source
This commit is contained in:
Julien Fastré 2021-11-23 23:04:29 +01:00
parent d0856a9a39
commit fdbaa8cbef
3 changed files with 140 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
src/Bundle/ChillMainBundle/Controller/PermissionApiController.php Normal file
View File

@ -0,0 +1,67 @@
<?php
namespace Chill\MainBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Serializer\Normalizer\DenormalizerInterface;
class PermissionApiController extends AbstractController
{
private DenormalizerInterface $denormalizer;
private Security $security;
public function __construct(
DenormalizerInterface $denormalizer,
Security $security
) {
$this->denormalizer = $denormalizer;
$this->security = $security;
}
/**
* @Route("/api/1.0/main/permissions/info.json", methods={"POST"})
* @throws \Symfony\Component\Serializer\Exception\ExceptionInterface
*/
public function getPermissions(Request $request): JsonResponse
{
$this->denyAccessUnlessGranted('ROLE_USER');
$data = \json_decode($request->getContent(), true);
if (null === $data) {
throw new BadRequestHttpException(sprintf(
"Could not decode json received, or data invalid: %s, %s", \json_last_error(), \json_last_error_msg()
));
}
if (!\array_key_exists('object', $data)) {
throw new BadRequestHttpException("the object key is not present");
}
if (!\array_key_exists('class', $data)) {
throw new BadRequestHttpException("the class key is not present");
}
if (null !== $data['object']) {
$object = $this->denormalizer->denormalize($data['object'], $data['class'], 'json');
} else {
$object = null;
}
$roles = [];
foreach (($data['roles'] ?? []) as $role) {
$roles[$role] = $this->security->isGranted($role, $object);
}
return $this->json(
['roles' => $roles, ],
200,
[],
);
}
}

36
src/Bundle/ChillMainBundle/Tests/Controller/PermissionApiControllerTest.php Normal file
View File

@ -0,0 +1,36 @@
<?php
namespace Controller;
use Chill\MainBundle\Test\PrepareClientTrait;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
class PermissionApiControllerTest extends WebTestCase
{
use PrepareClientTrait;
public function testNullObject()
{
$client = $this->getClientAuthenticated();
$client->request(
'POST',
'/api/1.0/main/permissions/info.json',
[], // parameters
[], // files
[], // server
\json_encode([
'object' => null,
'class' => null,
'roles' => ['ROLE_USER', 'ROLE_ADMIN']
])
);
$this->assertResponseIsSuccessful();
$data = \json_decode($client->getResponse()->getContent(), true);
$this->assertTrue($data['roles']['ROLE_USER']);
$this->assertFalse($data['roles']['ROLE_ADMIN']);
}
}

37
src/Bundle/ChillMainBundle/chill.api.specs.yaml
View File

@ -624,3 +624,40 @@ paths:
401:
description: "Unauthorized"
/1.0/main/permissions/info.json:
post:
tags:
- permissions
summary: Return info about permissions on entity
responses:
200:
description: "ok"
401:
description: "Unauthorized"
400:
description: "Bad request"
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
object:
type: object
class:
type: string
roles:
type: array
items:
type: string
examples:
an-accompanying-period:
value:
object:
type: accompanying_period
id: 1
class: 'Chill\PersonBundle\Entity\AccompanyingPeriod'
roles:
- 'CHILL_PERSON_ACCOMPANYING_PERIOD_SEE'