Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Api][Administrator] refactor endpoints for admin and admin avatar #11776

Merged
merged 1 commit into from Sep 1, 2020
Merged

[Api][Administrator] refactor endpoints for admin and admin avatar #11776

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 4 additions & 0 deletions config/packages/security.yaml
View file
Open in desktop
Expand Up @@ -4,6 +4,8 @@ parameters:
sylius.security.shop_regex: "^/(?!%sylius_admin.path_name%|new-api|api/.*|api$|media/.*)[^/]++"
sylius.security.new_api_route: "/new-api"
sylius.security.new_api_regex: "^%sylius.security.new_api_route%"
sylius.security.new_api_admin_route: "%sylius.security.new_api_route%/admin"
sylius.security.new_api_admin_regex: "^%sylius.security.new_api_admin_route%"

security:
always_authenticate_before_granting: true
Expand Down Expand Up @@ -150,3 +152,5 @@ security:
- { path: "%sylius.security.admin_regex%", role: ROLE_ADMINISTRATION_ACCESS }
- { path: "%sylius.security.api_regex%/.*", role: ROLE_API_ACCESS }
- { path: "%sylius.security.shop_regex%/account", role: ROLE_USER }

- { path: "%sylius.security.new_api_admin_regex%/.*", role: ROLE_API_ACCESS }
24 changes: 16 additions & 8 deletions src/Sylius/Behat/Client/ApiPlatformClient.php
View file
Open in desktop
Expand Up @@ -30,19 +30,27 @@ final class ApiPlatformClient implements ApiClientInterface
/** @var string */
private $resource;

/** @var string|null */
private $section;

/** @var RequestInterface */
private $request;

public function __construct(AbstractBrowser $client, SharedStorageInterface $sharedStorage, string $resource)
{
public function __construct(
AbstractBrowser $client,
SharedStorageInterface $sharedStorage,
string $resource,
string $section = null
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
string $section = null
?string $section = null

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will fix it in the next PR.

) {
$this->client = $client;
$this->sharedStorage = $sharedStorage;
$this->resource = $resource;
$this->section = $section;
}

public function index(): Response
{
$this->request = Request::index($this->resource, $this->getToken());
$this->request = Request::index($this->section, $this->resource, $this->getToken());

return $this->request($this->request);
}
Expand All @@ -65,7 +73,7 @@ public function subResourceIndex(string $subResource, string $id): Response

public function show(string $id): Response
{
return $this->request(Request::show($this->resource, $id, $this->getToken()));
return $this->request(Request::show($this->section, $this->resource, $id, $this->getToken()));
}

public function create(?RequestInterface $request = null): Response
Expand All @@ -80,7 +88,7 @@ public function update(): Response

public function delete(string $id): Response
{
return $this->request(Request::delete($this->resource, $id, $this->getToken()));
return $this->request(Request::delete($this->section, $this->resource, $id, $this->getToken()));
}

public function filter(): Response
Expand Down Expand Up @@ -135,21 +143,21 @@ public function executeCustomRequest(RequestInterface $request): Response

public function buildCreateRequest(): void
{
$this->request = Request::create($this->resource);
$this->request = Request::create($this->section, $this->resource);
$this->request->authorize($this->getToken());
}

public function buildUpdateRequest(string $id): void
{
$this->show($id);

$this->request = Request::update($this->resource, $id, $this->getToken());
$this->request = Request::update($this->section, $this->resource, $id, $this->getToken());
$this->request->setContent(json_decode($this->client->getResponse()->getContent(), true));
}

public function buildUploadRequest(): void
{
$this->request = Request::upload($this->resource, $this->getToken());
$this->request = Request::upload($this->section, $this->resource, $this->getToken());
}

/** @param string|int $value */
Expand Down
33 changes: 21 additions & 12 deletions src/Sylius/Behat/Client/Request.php
View file
Open in desktop
Expand Up @@ -42,11 +42,11 @@ private function __construct(string $url, string $method, array $headers = [])
$this->headers = array_merge($this->headers, $headers);
}

public static function index(string $resource, ?string $token = null): RequestInterface
public static function index(?string $section, string $resource, ?string $token = null): RequestInterface
{
$headers = $token ? ['HTTP_Authorization' => 'Bearer ' . $token] : [];

return new self('/new-api/' . $resource, HttpRequest::METHOD_GET, $headers);
return new self(sprintf('/new-api/%s%s', self::prepareSection($section), $resource), HttpRequest::METHOD_GET, $headers);
}

public static function subResourceIndex(string $resource, string $id, string $subResource): RequestInterface
Expand All @@ -57,16 +57,16 @@ public static function subResourceIndex(string $resource, string $id, string $su
);
}

public static function show(string $resource, string $id, string $token): RequestInterface
public static function show(?string $section, string $resource, string $id, string $token): RequestInterface
{
return new self(
sprintf('/new-api/%s/%s', $resource, $id),
sprintf('/new-api/%s%s/%s', self::prepareSection($section), $resource, $id),
HttpRequest::METHOD_GET,
['HTTP_Authorization' => 'Bearer ' . $token]
);
}

public static function create(string $resource, ?string $token = null): RequestInterface
public static function create(?string $section, string $resource, ?string $token = null): RequestInterface
{
$headers = ['CONTENT_TYPE' => 'application/ld+json'];

Expand All @@ -75,25 +75,25 @@ public static function create(string $resource, ?string $token = null): RequestI
}

return new self(
sprintf('/new-api/%s', $resource),
sprintf('/new-api/%s%s', self::prepareSection($section), $resource),
HttpRequest::METHOD_POST,
$headers
);
}

public static function update(string $resource, string $id, string $token): RequestInterface
public static function update(?string $section, string $resource, string $id, string $token): RequestInterface
{
return new self(
sprintf('/new-api/%s/%s', $resource, $id),
sprintf('/new-api/%s%s/%s', self::prepareSection($section), $resource, $id),
HttpRequest::METHOD_PUT,
['CONTENT_TYPE' => 'application/ld+json', 'HTTP_Authorization' => 'Bearer ' . $token]
);
}

public static function delete(string $resource, string $id, string $token): RequestInterface
public static function delete(?string $section, string $resource, string $id, string $token): RequestInterface
{
return new self(
sprintf('/new-api/%s/%s', $resource, $id),
sprintf('/new-api/%s%s/%s', self::prepareSection($section), $resource, $id),
HttpRequest::METHOD_DELETE,
['HTTP_Authorization' => 'Bearer ' . $token]
);
Expand All @@ -113,10 +113,10 @@ public static function customItemAction(string $resource, string $id, string $ty
);
}

public static function upload(string $resource, string $token): RequestInterface
public static function upload(?string $section, string $resource, string $token): RequestInterface
{
return new self(
sprintf('/new-api/%s', $resource),
sprintf('/new-api/%s%s', self::prepareSection($section), $resource),
HttpRequest::METHOD_POST,
['CONTENT_TYPE' => 'multipart/form-data', 'HTTP_Authorization' => 'Bearer ' . $token]
);
Expand Down Expand Up @@ -211,4 +211,13 @@ private function mergeArraysUniquely(array $firstArray, array $secondArray): arr

return $firstArray;
}

private static function prepareSection(?string $section): string
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this function should be deleted after refactor all new API endpoints, for now only refactored endpoint have section prefix, without this logic a have problems with pathnames while testing.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO, we can leave it for the future, to give possibility of using this class without any section

{
if($section === null) {
return '';
}

return $section . '/';
}
}
12 changes: 6 additions & 6 deletions src/Sylius/Behat/Client/RequestInterface.php
View file
Open in desktop
Expand Up @@ -15,21 +15,21 @@

interface RequestInterface
{
public static function index(string $resource, string $token): self;
public static function index(?string $section, string $resource, string $token): self;

public static function subResourceIndex(string $resource, string $id, string $subResource): self;

public static function show(string $resource, string $id, string $token): self;
public static function show(?string $section, string $resource, string $id, string $token): self;

public static function create(string $resource, ?string $token = null): self;
public static function create(?string $section, string $resource, ?string $token = null): self;

public static function update(string $resource, string $id, string $token): self;
public static function update(?string $section, string $resource, string $id, string $token): self;

public static function delete(string $resource, string $id, string $token): self;
public static function delete(?string $section, string $resource, string $id, string $token): self;

public static function transition(string $resource, string $id, string $transition): self;

public static function upload(string $resource, string $token): self;
public static function upload(?string $section, string $resource, string $token): self;

public static function custom(string $url, string $method): self;

Expand Down
2 changes: 2 additions & 0 deletions src/Sylius/Behat/Resources/config/services/api.xml
View file
Open in desktop
Expand Up @@ -20,10 +20,12 @@

<service id="sylius.behat.api_platform_client.administrator" class="Sylius\Behat\Client\ApiPlatformClient" parent="sylius.behat.api_platform_client">
<argument>administrators</argument>
<argument>admin</argument>
</service>

<service id="sylius.behat.api_platform_client.avatar_image" class="Sylius\Behat\Client\ApiPlatformClient" parent="sylius.behat.api_platform_client">
<argument>avatar-images</argument>
<argument>admin</argument>
</service>

<service id="sylius.behat.api_platform_client.channel" class="Sylius\Behat\Client\ApiPlatformClient" parent="sylius.behat.api_platform_client">
Expand Down
15 changes: 4 additions & 11 deletions src/Sylius/Bundle/ApiBundle/Resources/config/api_resources/AdminUser.xml
View file
Open in desktop
Expand Up @@ -16,6 +16,7 @@
xsi:schemaLocation="https://api-platform.com/schema/metadata https://api-platform.com/schema/metadata/metadata-2.0.xsd"
>
<resource class="%sylius.model.admin_user.class%" shortName="Administrator">
<attribute name="route_prefix">admin</attribute>
<attribute name="normalization_context">
<attribute name="groups">
<attribute>admin_user:read</attribute>
Expand All @@ -31,11 +32,8 @@
<attribute name="validation_groups">sylius</attribute>

<collectionOperations>
<collectionOperation name="get">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</collectionOperation>
<collectionOperation name="get" />
<collectionOperation name="post">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
<attribute name="validation_groups">
<attribute>sylius</attribute>
<attribute>sylius_user_create</attribute>
Expand All @@ -44,18 +42,13 @@
</collectionOperations>

<itemOperations>
<itemOperation name="get">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</itemOperation>
<itemOperation name="get" />
<itemOperation name="put">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
<attribute name="denormalization_context">
<attribute name="groups">admin_user:update</attribute>
</attribute>
</itemOperation>
<itemOperation name="delete">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</itemOperation>
<itemOperation name="delete" />
</itemOperations>

<property name="id" identifier="true" writable="false" />
Expand Down
10 changes: 3 additions & 7 deletions src/Sylius/Bundle/ApiBundle/Resources/config/api_resources/AvatarImage.xml
View file
Open in desktop
Expand Up @@ -16,6 +16,7 @@
xsi:schemaLocation="https://api-platform.com/schema/metadata https://api-platform.com/schema/metadata/metadata-2.0.xsd"
>
<resource class="%sylius.model.avatar_image.class%" shortName="AvatarImage">
<attribute name="route_prefix">admin</attribute>
<attribute name="normalization_context">
<attribute name="groups">
<attribute>avatar_image:read</attribute>
Expand All @@ -24,7 +25,6 @@

<collectionOperations>
<collectionOperation name="post">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
<attribute name="controller">sylius.api.upload_avatar_image_action</attribute>
<attribute name="deserialize">false</attribute>
<attribute name="openapi_context">
Expand Down Expand Up @@ -52,12 +52,8 @@
</collectionOperations>

<itemOperations>
<itemOperation name="get">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</itemOperation>
<itemOperation name="delete">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</itemOperation>
<itemOperation name="get" />
<itemOperation name="delete" />
</itemOperations>

<property name="id" identifier="true" writable="false" />
Expand Down