Merge 14fbf9b into 7756747

Author: mcg-web

phpstan-baseline.neon

@@ -882,7 +882,7 @@ parameters:
 
 		-
 			message: "#^Call to method getMock\\(\\) on an unknown class PHPUnit_Framework_MockObject_MockBuilder\\.$#"
-			count: 5
+			count: 4
 			path: tests/ExpressionLanguage/ExpressionFunction/Security/GetUserTest.php
 
 		-

src/ExpressionLanguage/ExpressionFunction/Security/GetUser.php

@@ -5,19 +5,18 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Symfony\Component\Security\Core\Security;
-use Symfony\Component\Security\Core\User\UserInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class GetUser extends ExpressionFunction
 {
     public function __construct(Security $security)
     {
         parent::__construct(
             'getUser',
-            function (): string {
-                return \sprintf('\%s::getUser($globalVariable)', Helper::class);
+            static function (): string {
+                return '$globalVariable->get(\'security\')->getUser()';
             },
-            function () use ($security): ?UserInterface {
+            static function () use ($security) {
                 return $security->getUser();
             }
         );

src/ExpressionLanguage/ExpressionFunction/Security/HasAnyPermission.php

@@ -5,26 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Overblog\GraphQLBundle\Generator\TypeGenerator;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class HasAnyPermission extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'hasAnyPermission',
-            function ($object, $permissions) {
-                $code = \sprintf('array_reduce(%s, function ($isGranted, $permission) use (%s, $object) { return $isGranted || $globalVariable->get(\'container\')->get(\'security.authorization_checker\')->isGranted($permission, %s); }, false)', $permissions, TypeGenerator::USE_FOR_CLOSURES, $object);
-
-                return $code;
+            static function ($object, $permissions): string {
+                return \sprintf('$globalVariable->get(\'security\')->hasAnyPermission(%s, %s)', $object, $permissions);
             },
-            function ($_, $object, $permissions) use ($authorizationChecker) {
-                return \array_reduce(
-                    $permissions,
-                    function ($isGranted, $permission) use ($authorizationChecker, $object) { return $isGranted || $authorizationChecker->isGranted($permission, $object); },
-                    false
-                );
+            function ($_, $object, $permissions) use ($security): bool {
+                return $security->hasAnyPermission($object, $permissions);
             }
         );
     }

src/ExpressionLanguage/ExpressionFunction/Security/HasAnyRole.php

@@ -5,28 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Overblog\GraphQLBundle\Generator\TypeGenerator;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class HasAnyRole extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'hasAnyRole',
-            function ($roles): string {
-                $code = \sprintf('array_reduce(%s, function ($isGranted, $role) use (%s) { return $isGranted || $globalVariable->get(\'container\')->get(\'security.authorization_checker\')->isGranted($role); }, false)', $roles, TypeGenerator::USE_FOR_CLOSURES);
-
-                return $code;
+            static function ($roles): string {
+                return \sprintf('$globalVariable->get(\'security\')->hasAnyRole(%s)', $roles);
             },
-            function ($_, $roles) use ($authorizationChecker): bool {
-                return \array_reduce(
-                    $roles,
-                    function ($isGranted, $role) use ($authorizationChecker) {
-                        return $isGranted || $authorizationChecker->isGranted($role);
-                    },
-                    false
-                );
+            static function ($_, $roles) use ($security): bool {
+                return $security->hasAnyRole($roles);
             }
         );
     }

src/ExpressionLanguage/ExpressionFunction/Security/HasPermission.php

@@ -5,19 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class HasPermission extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'hasPermission',
-            function ($object, $permission) {
-                return "\$globalVariable->get('container')->get('security.authorization_checker')->isGranted($permission, $object)";
+            static function ($object, $permission): string {
+                return \sprintf('$globalVariable->get(\'security\')->hasPermission(%s, %s)', $object, $permission);
             },
-            function ($_, $object, $permission) use ($authorizationChecker) {
-                return $authorizationChecker->isGranted($permission, $object);
+            static function ($_, $object, $permission) use ($security): bool {
+                return $security->hasPermission($object, $permission);
             }
         );
     }

src/ExpressionLanguage/ExpressionFunction/Security/HasRole.php

@@ -5,19 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class HasRole extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'hasRole',
-            function ($role): string {
-                return "\$globalVariable->get('container')->get('security.authorization_checker')->isGranted($role)";
+            static function ($role): string {
+                return \sprintf('$globalVariable->get(\'security\')->hasRole(%s)', $role);
             },
-            function ($_, $role) use ($authorizationChecker): bool {
-                return $authorizationChecker->isGranted($role);
+            static function ($_, $role) use ($security): bool {
+                return $security->hasRole($role);
             }
         );
     }

src/ExpressionLanguage/ExpressionFunction/Security/Helper.php

@@ -7,6 +7,10 @@
 use Overblog\GraphQLBundle\Definition\GlobalVariables;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 
+/**
+ * @deprecated since 0.13 will be remove in 0.14
+ * @codeCoverageIgnore
+ */
 final class Helper
 {
     /**

src/ExpressionLanguage/ExpressionFunction/Security/IsAnonymous.php

@@ -5,19 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class IsAnonymous extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'isAnonymous',
-            function () {
-                return "\$globalVariable->get('container')->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_ANONYMOUSLY')";
+            static function (): string {
+                return '$globalVariable->get(\'security\')->isAnonymous()';
             },
-            function () use ($authorizationChecker) {
-                return $authorizationChecker->isGranted('IS_AUTHENTICATED_ANONYMOUSLY');
+            static function () use ($security): bool {
+                return $security->isAnonymous();
             }
         );
     }

src/ExpressionLanguage/ExpressionFunction/Security/IsAuthenticated.php

@@ -5,19 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class IsAuthenticated extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'isAuthenticated',
-            function () {
-                return "(\$globalVariable->get('container')->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_REMEMBERED') || \$globalVariable->get('container')->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY'))";
+            static function (): string {
+                return '$globalVariable->get(\'security\')->isAuthenticated()';
             },
-            function () use ($authorizationChecker) {
-                return $authorizationChecker->isGranted('IS_AUTHENTICATED_REMEMBERED') || $authorizationChecker->isGranted('IS_AUTHENTICATED_FULLY');
+            static function () use ($security): bool {
+                return $security->isAuthenticated();
             }
         );
     }

src/ExpressionLanguage/ExpressionFunction/Security/IsFullyAuthenticated.php

@@ -5,19 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class IsFullyAuthenticated extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'isFullyAuthenticated',
-            function () {
-                return "\$globalVariable->get('container')->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')";
+            static function (): string {
+                return '$globalVariable->get(\'security\')->isFullyAuthenticated()';
             },
-            function () use ($authorizationChecker) {
-                return $authorizationChecker->isGranted('IS_AUTHENTICATED_FULLY');
+            static function () use ($security): bool {
+                return $security->isFullyAuthenticated();
             }
         );
     }

src/ExpressionLanguage/ExpressionFunction/Security/IsGranted.php

@@ -5,19 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class IsGranted extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'isGranted',
-            function ($attributes, $object = null) {
-                return "\$globalVariable->get('container')->get('security.authorization_checker')->isGranted($attributes, $object)";
+            static function ($attributes, $subject): string {
+                return \sprintf('$globalVariable->get(\'security\')->isGranted(%s, %s)', $attributes, $subject);
             },
-            function ($_, $attributes, $object = null) use ($authorizationChecker) {
-                return $authorizationChecker->isGranted($attributes, $object);
+            static function ($_, $attributes, $subject) use ($security): bool {
+                return $security->isGranted($attributes, $subject);
             }
         );
     }

src/ExpressionLanguage/ExpressionFunction/Security/IsRememberMe.php

@@ -5,19 +5,19 @@
 namespace Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction\Security;
 
 use Overblog\GraphQLBundle\ExpressionLanguage\ExpressionFunction;
-use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Overblog\GraphQLBundle\Security\Security;
 
 final class IsRememberMe extends ExpressionFunction
 {
-    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
+    public function __construct(Security $security)
     {
         parent::__construct(
             'isRememberMe',
-            function () {
-                return "\$globalVariable->get('container')->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_REMEMBERED')";
+            static function (): string {
+                return '$globalVariable->get(\'security\')->isRememberMe()';
             },
-            function () use ($authorizationChecker) {
-                return $authorizationChecker->isGranted('IS_AUTHENTICATED_REMEMBERED');
+            static function () use ($security): bool {
+                return $security->isRememberMe();
             }
         );
     }

src/Resources/config/services.yaml

@@ -98,3 +98,9 @@ services:
     Overblog\GraphQLBundle\Validator\Formatter:
         tags:
             - { name: kernel.event_listener, event: graphql.error_formatting, method: onErrorFormatting }
+
+    Overblog\GraphQLBundle\Security\Security:
+        arguments:
+            - '@?security.helper'
+        tags:
+            - { name: overblog_graphql.global_variable, alias: security, public: false }

src/Security/Security.php

@@ -0,0 +1,89 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Overblog\GraphQLBundle\Security;
+
+use Symfony\Component\Security\Core\Security as CoreSecurity;
+
+final class Security
+{
+    private $coreSecurity;
+
+    public function __construct(?CoreSecurity $security)
+    {
+        $this->coreSecurity = $security ?? new class() {
+            public function isGranted(): void
+            {
+                throw new \LogicException('The "symfony/security-core" component is required.');
+            }
+
+            public function getUser(): void
+            {
+                throw new \LogicException('The "symfony/security-core" component is required.');
+            }
+        };
+    }
+
+    public function getUser()
+    {
+        return $this->coreSecurity->getUser();
+    }
+
+    public function isGranted($attributes, $subject = null): bool
+    {
+        return $this->coreSecurity->isGranted($attributes, $subject);
+    }
+
+    public function hasAnyPermission($object, array $permissions): bool
+    {
+        return \array_reduce(
+            $permissions,
+            function ($isGranted, $permission) use ($object) {
+                return $isGranted || $this->isGranted($permission, $object);
+            },
+            false
+        );
+    }
+
+    public function hasAnyRole(array $roles): bool
+    {
+        return \array_reduce(
+            $roles,
+            function ($isGranted, $role) {
+                return $isGranted || $this->isGranted($role);
+            },
+            false
+        );
+    }
+
+    public function hasPermission($object, $permission): bool
+    {
+        return $this->isGranted($permission, $object);
+    }
+
+    public function hasRole($role): bool
+    {
+        return $this->isGranted($role);
+    }
+
+    public function isAnonymous(): bool
+    {
+        return $this->isGranted('IS_AUTHENTICATED_ANONYMOUSLY');
+    }
+
+    public function isAuthenticated(): bool
+    {
+        return $this->hasAnyRole(['IS_AUTHENTICATED_REMEMBERED', 'IS_AUTHENTICATED_FULLY']);
+    }
+
+    public function isFullyAuthenticated(): bool
+    {
+        return $this->isGranted('IS_AUTHENTICATED_FULLY');
+    }
+
+    public function isRememberMe(): bool
+    {
+        return $this->isGranted('IS_AUTHENTICATED_REMEMBERED');
+    }
+}