feat: add support to custom guard in controller and resource (#1)

PellegrinoDurante · web-flow · commit bff23d0c2e20 · 2024-10-03T09:29:27.000+02:00
diff --git a/src/Http/Api/Contracts/HasParser.php b/src/Http/Api/Contracts/HasParser.php
@@ -86,7 +86,8 @@ protected function filterByParent(): array
         $parentPolicy = Gate::getPolicyFor($routeRelation);
 
         if (! is_null($parentPolicy)) {
-            $this->authorize('view', $routeRelation);
+            $user = auth($this->guard)->user();
+            $this->authorizeForUser($user, 'view', $routeRelation);
         }
 
         $filter = match (class_basename(get_class($relation))) {
diff --git a/src/Http/Api/Contracts/HasPolicies.php b/src/Http/Api/Contracts/HasPolicies.php
@@ -13,7 +13,7 @@ trait HasPolicies
      */
     protected function qualifyCollectionQuery(): void
     {
-        $user = auth()->user();
+        $user = auth($this->guard)->user();
         $modelPolicy = Gate::getPolicyFor($this->model());
 
         if ($modelPolicy && method_exists($modelPolicy, 'qualifyCollectionQueryWithUser')) {
@@ -28,7 +28,7 @@ protected function qualifyCollectionQuery(): void
      */
     protected function qualifyItemQuery(): void
     {
-        $user = auth()->user();
+        $user = auth($this->guard)->user();
         $modelPolicy = Gate::getPolicyFor($this->model());
 
         if ($modelPolicy && method_exists($modelPolicy, 'qualifyItemQueryWithUser')) {
@@ -45,7 +45,7 @@ protected function qualifyItemQuery(): void
      */
     protected function qualifyStoreQuery(array $data): array
     {
-        $user = auth()->user();
+        $user = auth($this->guard)->user();
         $modelPolicy = Gate::getPolicyFor($this->model());
 
         if ($modelPolicy && method_exists($modelPolicy, 'qualifyStoreDataWithUser')) {
@@ -64,7 +64,7 @@ protected function qualifyStoreQuery(array $data): array
      */
     protected function qualifyUpdateQuery(array $data): array
     {
-        $user = auth()->user();
+        $user = auth($this->guard)->user();
         $modelPolicy = Gate::getPolicyFor($this->model());
 
         if ($modelPolicy && method_exists($modelPolicy, 'qualifyUpdateDataWithUser')) {
@@ -124,8 +124,10 @@ protected function testUserPolicyAction(string $ability, $arguments = null, bool
             return true;
         }
 
+        $user = auth($this->guard)->user();
+
         /* @scrutinizer ignore-call */
-        $this->authorize($ability, $model);
+        $this->authorizeForUser($user, $ability, $model);
 
         return true;
     }
diff --git a/src/Http/Api/Contracts/HasResponse.php b/src/Http/Api/Contracts/HasResponse.php
@@ -58,6 +58,7 @@ protected function respondWithMany($items, $code = null, $headers = [])
     protected function respondWithResource($resource, $data, $code = null, $headers = [])
     {
         return $resource::make($data)
+            ->setGuard($this->guard)
             ->response()
             ->setStatusCode($code ?? $this->getStatusCode())
             ->withHeaders($headers);
diff --git a/src/Http/Api/Controller.php b/src/Http/Api/Controller.php
@@ -62,6 +62,14 @@ abstract class Controller extends BaseController
      */
     protected $maximumLimit = 0;
 
+    /**
+     * Guard to use for authentication and authorization.
+     * null defaults to default guard config (auth.defaults.guard)
+     *
+     * @var ?string
+     */
+    protected $guard = null;
+
     /**
      * Display a listing of the resource.
      * GET /api/{resource}.
diff --git a/src/Http/Resources/Contracts/AllowableFields.php b/src/Http/Resources/Contracts/AllowableFields.php
@@ -53,6 +53,14 @@ trait AllowableFields
      */
     protected static ?array $fieldGates = null;
 
+    /**
+     * Guard used to retrieve the user from the request.
+     * null defaults to default guard config (auth.defaults.guard)
+     *
+     * @var ?string
+     */
+    protected ?string $guard = null;
+
     /**
      * Makes sure we only return allowable fields.
      *
@@ -141,6 +149,13 @@ protected function mapFields($request): array
         return $this->filterAllowedFields($fields);
     }
 
+    public function setGuard(string $guard): static
+    {
+        $this->guard = $guard;
+
+        return $this;
+    }
+
     public function filterAllowedFields($fields)
     {
         if (empty(static::$allowedFields) || static::$allowedFields === ['*']) {
@@ -217,7 +232,7 @@ protected function filterUserViewableFields($request): array
         return collect($this->mapFields($request))
         ->when(
             ! empty(static::$fieldGates),
-            fn($collection) => $collection->filter(fn($field) => $this->filterUserField($field, $request->user()))
+            fn($collection) => $collection->filter(fn($field) => $this->filterUserField($field, $request->user($this->guard)))
         )
         ->toArray();
     }

Original file line number	Diff line number	Diff line change
`@@ -86,7 +86,8 @@ protected function filterByParent(): array`
`86`	`86`	`$parentPolicy = Gate::getPolicyFor($routeRelation);`
`87`	`87`
`88`	`88`	`if (! is_null($parentPolicy)) {`
`89`		`- $this->authorize('view', $routeRelation);`
	`89`	`+ $user = auth($this->guard)->user();`
	`90`	`+ $this->authorizeForUser($user, 'view', $routeRelation);`
`90`	`91`	`}`
`91`	`92`
`92`	`93`	`$filter = match (class_basename(get_class($relation))) {`
Original file line number	Diff line number	Diff line change
`@@ -58,6 +58,7 @@ protected function respondWithMany($items, $code = null, $headers = [])`
`58`	`58`	`protected function respondWithResource($resource, $data, $code = null, $headers = [])`
`59`	`59`	`{`
`60`	`60`	`return $resource::make($data)`
	`61`	`+ ->setGuard($this->guard)`
`61`	`62`	`->response()`
`62`	`63`	`->setStatusCode($code ?? $this->getStatusCode())`
`63`	`64`	`->withHeaders($headers);`