-
Notifications
You must be signed in to change notification settings - Fork 1
/
SecurityAnnotationsExtension.php
121 lines (101 loc) · 4.37 KB
/
SecurityAnnotationsExtension.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
declare(strict_types = 1);
namespace Nepada\Bridges\SecurityAnnotationsDI;
use Nepada\SecurityAnnotations\AccessValidators\AccessValidator;
use Nepada\SecurityAnnotations\AccessValidators\LoggedInValidator;
use Nepada\SecurityAnnotations\AccessValidators\PermissionValidator;
use Nepada\SecurityAnnotations\AccessValidators\RoleValidator;
use Nepada\SecurityAnnotations\AnnotationReaders\AnnotationsReader;
use Nepada\SecurityAnnotations\AnnotationReaders\AttributesReader;
use Nepada\SecurityAnnotations\AnnotationReaders\DoctrineAnnotationsReader;
use Nepada\SecurityAnnotations\AnnotationReaders\UnionReader;
use Nepada\SecurityAnnotations\RequirementsChecker;
use Nette;
use Nette\DI\Definitions\ServiceDefinition;
use Nette\Schema\Expect;
use Nette\Utils\Strings;
/**
* @property \stdClass $config
*/
class SecurityAnnotationsExtension extends Nette\DI\CompilerExtension
{
private const DEFAULT_VALIDATORS = [
LoggedInValidator::class,
RoleValidator::class,
PermissionValidator::class,
];
public function getConfigSchema(): Nette\Schema\Schema
{
return Expect::structure([
'enableDefaultValidators' => Expect::bool(true),
'validators' => Expect::listOf(Expect::string()),
'enableDoctrineAnnotations' => Expect::bool(true),
]);
}
public function loadConfiguration(): void
{
$container = $this->getContainerBuilder();
$readers = [];
$readers[] = $container->addDefinition($this->prefix('attributesReader'), new ServiceDefinition())
->setType(AttributesReader::class)
->setAutowired(AttributesReader::class);
if ($this->config->enableDoctrineAnnotations) {
trigger_error(
'Using Doctrine annotations is deprecated, migrate to native PHP8 attributes and set enableDoctrineAnnotations: false in your config',
E_USER_DEPRECATED,
);
$readers[] = $container->addDefinition($this->prefix('doctrineAnnotationsReader'), new ServiceDefinition())
->setType(DoctrineAnnotationsReader::class)
->setAutowired(DoctrineAnnotationsReader::class);
}
$container->addDefinition($this->prefix('annotationsReader'), new ServiceDefinition())
->setType(AnnotationsReader::class)
->setFactory(UnionReader::class, $readers);
$requirementsChecker = $container->addDefinition($this->prefix('requirementsChecker'), new ServiceDefinition())
->setType(RequirementsChecker::class);
$validators = $this->config->validators;
if ($this->config->enableDefaultValidators) {
$validators = array_merge(self::DEFAULT_VALIDATORS, $validators);
}
$validatorServices = [];
foreach ($validators as $validator) {
$validatorServices[] = $this->getValidatorService($validator);
}
$arguments = [null, ...$validatorServices];
unset($arguments[0]);
$requirementsChecker->setArguments($arguments);
}
private function getValidatorService(string $validator): string
{
if (Strings::startsWith($validator, '@')) {
return $validator;
}
if (! class_exists($validator)) {
throw new \LogicException("Access validator class '$validator' not found.");
}
$reflection = new \ReflectionClass($validator);
if (! $reflection->implementsInterface(AccessValidator::class)) {
throw new \LogicException("Access validator class '$validator' must implement AccessValidator interface.");
}
$serviceName = $this->generateValidatorServiceName($reflection);
$this->getContainerBuilder()->addDefinition($serviceName, new ServiceDefinition())
->setType($validator);
return "@{$serviceName}";
}
/**
* @param \ReflectionClass<object> $reflectionClass
* @return string
*/
private function generateValidatorServiceName(\ReflectionClass $reflectionClass): string
{
$container = $this->getContainerBuilder();
$shortName = Strings::firstLower($reflectionClass->getShortName());
$serviceName = $this->prefix($shortName);
$i = 1;
while ($container->hasDefinition($serviceName)) {
$i++;
$serviceName = $this->prefix("{$shortName}_{$i}");
}
return $serviceName;
}
}