mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-07-12 19:34:31 +02:00
Allow to cache support status of voters
This should increase the performance a bit
This commit is contained in:
Jan Böhmer
parent
879b702fc1
commit
7b6ba37667
14 changed files with 133 additions and 2 deletions
|
|
@ -47,6 +47,8 @@ use function in_array;
|
|||
|
||||
final class AttachmentVoter extends Voter
|
||||
{
|
||||
private const ALLOWED_ATTRIBUTES = ['read', 'view', 'edit', 'delete', 'create', 'show_private', 'show_history'];
|
||||
|
||||
public function __construct(private readonly Security $security, private readonly VoterHelper $helper)
|
||||
{
|
||||
}
|
||||
|
|
@ -134,10 +136,20 @@ final class AttachmentVoter extends Voter
|
|||
{
|
||||
if (is_a($subject, Attachment::class, true)) {
|
||||
//These are the allowed attributes
|
||||
return in_array($attribute, ['read', 'view', 'edit', 'delete', 'create', 'show_private', 'show_history'], true);
|
||||
return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
|
||||
}
|
||||
|
||||
//Allow class name as subject
|
||||
return false;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return $subjectType === 'string' || is_a($subjectType, Attachment::class, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -62,4 +62,14 @@ final class GroupVoter extends Voter
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return $this->helper->isValidOperation('groups', $attribute);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return $subjectType === 'string' || is_a($subjectType, Group::class, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,4 +51,9 @@ final class HasAccessPermissionsVoter extends Voter
|
|||
{
|
||||
return $attribute === self::ROLE;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return $attribute === self::ROLE;
|
||||
}
|
||||
}
|
||||
|
|
@ -47,4 +47,14 @@ final class ImpersonateUserVoter extends Voter
|
|||
{
|
||||
return $this->helper->isGranted($token, 'users', 'impersonate');
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return $attribute === 'CAN_SWITCH_USER';
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return is_a($subjectType, User::class, true);
|
||||
}
|
||||
}
|
||||
|
|
@ -78,4 +78,14 @@ final class LabelProfileVoter extends Voter
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return isset(self::MAPPING[$attribute]);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return is_a($subjectType, LabelProfile::class, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -85,4 +85,14 @@ final class LogEntryVoter extends Voter
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return in_array($attribute, static::ALLOWED_OPS, true);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return is_a($subjectType, AbstractLogEntry::class, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -90,4 +90,14 @@ final class OrderdetailVoter extends Voter
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return in_array($attribute, self::ALLOWED_PERMS, true);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return $subjectType === 'string' || is_a($subjectType, Orderdetail::class, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,6 +47,8 @@ use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
|||
final class ParameterVoter extends Voter
|
||||
{
|
||||
|
||||
private const ALLOWED_ATTRIBUTES = ['read', 'edit', 'delete', 'create', 'show_history', 'revert_element'];
|
||||
|
||||
public function __construct(private readonly Security $security, private readonly VoterHelper $helper)
|
||||
{
|
||||
}
|
||||
|
|
@ -113,10 +115,21 @@ final class ParameterVoter extends Voter
|
|||
{
|
||||
if (is_a($subject, AbstractParameter::class, true)) {
|
||||
//These are the allowed attributes
|
||||
return in_array($attribute, ['read', 'edit', 'delete', 'create', 'show_history', 'revert_element'], true);
|
||||
return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
|
||||
}
|
||||
|
||||
//Allow class name as subject
|
||||
return false;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return $subjectType === 'string' || is_a($subjectType, AbstractParameter::class, true);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -101,4 +101,14 @@ final class PartLotVoter extends Voter
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return in_array($attribute, self::ALLOWED_PERMS, true);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return $subjectType === 'string' || is_a($subjectType, PartLot::class, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,4 +56,14 @@ final class PartVoter extends Voter
|
|||
//Null concealing operator means, that no
|
||||
return $this->helper->isGranted($token, 'parts', $attribute);
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return $this->helper->isValidOperation('parts', $attribute);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return is_a($subjectType, Part::class, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,6 +47,12 @@ final class PermissionVoter extends Voter
|
|||
return $this->helper->isGranted($token, $perm, $op);
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
//Check if the attribute has the form '@permission.operation'
|
||||
return preg_match('#^@\\w+\\.\\w+$#', $attribute) === 1;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determines if the attribute and subject are supported by this voter.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -87,4 +87,14 @@ final class PricedetailVoter extends Voter
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return $subjectType === 'string' || is_a($subjectType, Pricedetail::class, true);
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return in_array($attribute, self::ALLOWED_PERMS, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -76,6 +76,11 @@ final class StructureVoter extends Voter
|
|||
return false;
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return $subjectType === 'string' || $this->instanceToPermissionName($subjectType) !== null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Maps an instance type to the permission name.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -60,6 +60,16 @@ final class UserVoter extends Voter
|
|||
return false;
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
{
|
||||
return $this->helper->isValidOperation('users', $attribute) || $this->helper->isValidOperation('self', $attribute);
|
||||
}
|
||||
|
||||
public function supportsType(string $subjectType): bool
|
||||
{
|
||||
return $subjectType === 'string' || is_a($subjectType, User::class, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Similar to voteOnAttribute, but checking for the anonymous user is already done.
|
||||
* The current user (or the anonymous user) is passed by $user.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue