Merge pull request #33 from moufmouf/userinterface_usage

Adapting code for the new @Security annotation
thecodingmachine · Sep 26, 2019 · db5b5d2 · db5b5d2
2 parents 82343a6 + 935e647
commit db5b5d2
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 13 deletions.
diff --git a/DependencyInjection/GraphqliteCompilerPass.php b/DependencyInjection/GraphqliteCompilerPass.php
@@ -200,14 +200,14 @@ public function process(ContainerBuilder $container)
         foreach ($controllersNamespaces as $controllersNamespace) {
             $schemaFactory->addMethodCall('addControllerNamespace', [ $controllersNamespace ]);
             foreach ($this->getClassList($controllersNamespace) as $className => $refClass) {
-                $this->makePublicInjectedServices($refClass, $reader, $container);
+                $this->makePublicInjectedServices($refClass, $reader, $container, true);
             }
         }
 
         foreach ($typesNamespaces as $typeNamespace) {
             $schemaFactory->addMethodCall('addTypeNamespace', [ $typeNamespace ]);
             foreach ($this->getClassList($typeNamespace) as $className => $refClass) {
-                $this->makePublicInjectedServices($refClass, $reader, $container);
+                $this->makePublicInjectedServices($refClass, $reader, $container, false);
             }
         }
 
@@ -273,13 +273,16 @@ private function mapAdderToTag(string $tag, string $methodName, ContainerBuilder
         }
     }
 
-    private function makePublicInjectedServices(ReflectionClass $refClass, AnnotationReader $reader, ContainerBuilder $container): void
+    private function makePublicInjectedServices(ReflectionClass $refClass, AnnotationReader $reader, ContainerBuilder $container, bool $isController): void
     {
-        $services = $this->getCodeCache()->get($refClass, function() use ($refClass, $reader, $container) {
+        $services = $this->getCodeCache()->get($refClass, function() use ($refClass, $reader, $container, $isController) {
             $services = [];
             foreach ($refClass->getMethods() as $method) {
                 $field = $reader->getRequestAnnotation($method, AbstractRequest::class);
                 if ($field !== null) {
+                    if ($isController) {
+                        $services[$refClass->getName()] = $refClass->getName();
+                    }
                     $services += $this->getListOfInjectedServices($method, $container);
                 }
             }

diff --git a/Security/AuthenticationService.php b/Security/AuthenticationService.php
@@ -5,6 +5,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use TheCodingMachine\GraphQLite\Security\AuthenticationServiceInterface;
+use function is_object;
 
 class AuthenticationService implements AuthenticationServiceInterface
 {
@@ -24,21 +25,30 @@ public function __construct(?TokenStorageInterface $tokenStorage)
      * @return bool
      */
     public function isLogged(): bool
+    {
+        return $this->getUser() !== null;
+    }
+
+    /**
+     * Returns an object representing the current logged user.
+     * Can return null if the user is not logged.
+     */
+    public function getUser(): ?object
     {
         if ($this->tokenStorage === null) {
             throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');
         }
 
         $token = $this->tokenStorage->getToken();
         if (null === $token) {
-            return false;
+            return null;
         }
 
-        if (!\is_object($token->getUser())) {
+        $user = $token->getUser();
+        if (!\is_object($user)) {
             // e.g. anonymous authentication
-            return false;
+            return null;
         }
-
-        return true;
+        return $user;
     }
 }
diff --git a/Security/AuthorizationService.php b/Security/AuthorizationService.php
@@ -28,10 +28,9 @@ public function __construct(?AuthorizationCheckerInterface $authorizationChecker
     /**
      * Returns true if the "current" user has access to the right "$right"
      *
-     * @param string $right
-     * @return bool
+     * @param mixed $subject The scope this right applies on. $subject is typically an object or a FQCN. Set $subject to "null" if the right is global.
      */
-    public function isAllowed(string $right): bool
+    public function isAllowed(string $right, $subject = null): bool
     {
         if ($this->authorizationChecker === null || $this->tokenStorage === null) {
             throw new \LogicException('The SecurityBundle is not registered in your application. Try running "composer require symfony/security-bundle".');
@@ -42,6 +41,6 @@ public function isAllowed(string $right): bool
             return false;
         }
 
-        return $this->authorizationChecker->isGranted($right);
+        return $this->authorizationChecker->isGranted($right, $subject);
     }
 }