mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-08-09 20:55:23 +02:00
Used PHP_CS_Fixer with symfony preset on codebase.
This commit is contained in:
Jan Böhmer
parent
0f3ba9b6a8
commit
e2f7aafa2d
43 changed files with 971 additions and 1068 deletions
|
|
@ -1,9 +1,8 @@
|
|||
<?php
|
||||
/**
|
||||
*
|
||||
* part-db version 0.1
|
||||
* Copyright (C) 2005 Christoph Lechner
|
||||
* http://www.cl-projects.de/
|
||||
* http://www.cl-projects.de/.
|
||||
*
|
||||
* part-db version 0.2+
|
||||
* Copyright (C) 2009 K. Jacobs and others (see authors.php)
|
||||
|
|
@ -26,12 +25,10 @@
|
|||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
||||
*
|
||||
*/
|
||||
|
||||
namespace App\Security\Voter;
|
||||
|
||||
|
||||
use App\Entity\User;
|
||||
use App\Services\PermissionResolver;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
|
|
@ -40,7 +37,6 @@ use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
|||
|
||||
/**
|
||||
* The purpose of this class is, to use the anonymous user from DB in the case, that nobody is logged in.
|
||||
* @package App\Security\Voter
|
||||
*/
|
||||
abstract class ExtendedVoter extends Voter
|
||||
{
|
||||
|
|
@ -63,7 +59,7 @@ abstract class ExtendedVoter extends Voter
|
|||
// if the user is anonymous, we use the anonymous user.
|
||||
if (!$user instanceof User) {
|
||||
$user = $this->entityManager->find(User::class, User::ID_ANONYMOUS);
|
||||
if($user === null) {
|
||||
if (null === $user) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -74,10 +70,12 @@ abstract class ExtendedVoter extends Voter
|
|||
/**
|
||||
* Similar to voteOnAttribute, but checking for the anonymous user is already done.
|
||||
* The current user (or the anonymous user) is passed by $user.
|
||||
*
|
||||
* @param $attribute
|
||||
* @param $subject
|
||||
* @param User $user
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
abstract protected function voteOnUser($attribute, $subject, User $user) : bool;
|
||||
}
|
||||
abstract protected function voteOnUser($attribute, $subject, User $user): bool;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,26 +2,18 @@
|
|||
|
||||
namespace App\Security\Voter;
|
||||
|
||||
use App\Configuration\PermissionsConfiguration;
|
||||
use App\Entity\Part;
|
||||
use App\Entity\User;
|
||||
use App\Services\PermissionResolver;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
|
||||
|
||||
/**
|
||||
* A Voter that votes on Part entities.
|
||||
*
|
||||
* See parts permissions for valid operations.
|
||||
*
|
||||
* @package App\Security\Voter
|
||||
*/
|
||||
class PartVoter extends ExtendedVoter
|
||||
{
|
||||
const READ = "read";
|
||||
|
||||
const READ = 'read';
|
||||
|
||||
protected function supports($attribute, $subject)
|
||||
{
|
||||
|
|
@ -29,31 +21,28 @@ class PartVoter extends ExtendedVoter
|
|||
// https://symfony.com/doc/current/security/voters.html
|
||||
//return ($subject instanceof Part || in_array($subject, ['PERM_parts', 'PERM_parts_name']));
|
||||
|
||||
if ($subject instanceof Part)
|
||||
{
|
||||
|
||||
if ($subject instanceof Part) {
|
||||
//Check if a sub permission should be checked -> $attribute has format name.edit
|
||||
if(strpos($attribute, '.') !== false) {
|
||||
if (false !== strpos($attribute, '.')) {
|
||||
[$perm, $op] = explode('.', $attribute);
|
||||
|
||||
return in_array($op, $this->resolver->listOperationsForPermission('parts_'.$perm), false);
|
||||
}
|
||||
|
||||
|
||||
return in_array($attribute, $this->resolver->listOperationsForPermission('parts'), false);
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
protected function voteOnUser($attribute, $subject, User $user): bool
|
||||
{
|
||||
if($subject instanceof Part) {
|
||||
|
||||
if ($subject instanceof Part) {
|
||||
//Check for sub permissions
|
||||
if(strpos($attribute, '.') !== false) {
|
||||
if (false !== strpos($attribute, '.')) {
|
||||
[$perm, $op] = explode('.', $attribute);
|
||||
return $this->resolver->inherit($user, 'parts_'. $perm, $op) ?? false;
|
||||
|
||||
return $this->resolver->inherit($user, 'parts_'.$perm, $op) ?? false;
|
||||
}
|
||||
|
||||
//Null concealing operator means, that no
|
||||
|
|
|
|||
|
|
@ -1,9 +1,8 @@
|
|||
<?php
|
||||
/**
|
||||
*
|
||||
* part-db version 0.1
|
||||
* Copyright (C) 2005 Christoph Lechner
|
||||
* http://www.cl-projects.de/
|
||||
* http://www.cl-projects.de/.
|
||||
*
|
||||
* part-db version 0.2+
|
||||
* Copyright (C) 2009 K. Jacobs and others (see authors.php)
|
||||
|
|
@ -26,29 +25,25 @@
|
|||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
||||
*
|
||||
*/
|
||||
|
||||
namespace App\Security\Voter;
|
||||
|
||||
|
||||
use App\Entity\User;
|
||||
|
||||
class UserVoter extends ExtendedVoter
|
||||
{
|
||||
|
||||
/**
|
||||
* Determines if the attribute and subject are supported by this voter.
|
||||
*
|
||||
* @param string $attribute An attribute
|
||||
* @param mixed $subject The subject to secure, e.g. an object the user wants to access or any other PHP type
|
||||
* @param mixed $subject The subject to secure, e.g. an object the user wants to access or any other PHP type
|
||||
*
|
||||
* @return bool True if the attribute and subject are supported, false otherwise
|
||||
*/
|
||||
protected function supports($attribute, $subject)
|
||||
{
|
||||
if($subject instanceof User)
|
||||
{
|
||||
if ($subject instanceof User) {
|
||||
return in_array($attribute, array_merge(
|
||||
$this->resolver->listOperationsForPermission('users'),
|
||||
$this->resolver->listOperationsForPermission('self')),
|
||||
|
|
@ -62,23 +57,25 @@ class UserVoter extends ExtendedVoter
|
|||
/**
|
||||
* Similar to voteOnAttribute, but checking for the anonymous user is already done.
|
||||
* The current user (or the anonymous user) is passed by $user.
|
||||
*
|
||||
* @param $attribute
|
||||
* @param $subject
|
||||
* @param User $user
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
protected function voteOnUser($attribute, $subject, User $user): bool
|
||||
{
|
||||
if($subject instanceof User)
|
||||
{
|
||||
if ($subject instanceof User) {
|
||||
//Check if the checked user is the user itself
|
||||
if($subject->getID() === $user->getID() &&
|
||||
if ($subject->getID() === $user->getID() &&
|
||||
$this->resolver->isValidOperation('self', $attribute)) {
|
||||
//Then we also need to check the self permission
|
||||
$tmp = $this->resolver->inherit($user, 'self', $attribute) ?? false;
|
||||
//But if the self value is not allowed then use just the user value:
|
||||
if($tmp)
|
||||
if ($tmp) {
|
||||
return $tmp;
|
||||
}
|
||||
}
|
||||
//Else just check users permission:
|
||||
return $this->resolver->inherit($user, 'users', $attribute) ?? false;
|
||||
|
|
@ -86,6 +83,4 @@ class UserVoter extends ExtendedVoter
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue