Merge pull request #403 from dotkernel/issue-390-2

Issue #390: Implemented `ResourceProviderMiddleware` and added `ResourceGuardInterface`

Author: arhimede

.github/workflows/qodana_code_quality.yml

@@ -4,7 +4,7 @@ on:
   pull_request:
   push:
     branches:
-      - 5.0
+      - '6.0'
       - 'releases/*'
 
 jobs:

config/pipeline.php

@@ -2,11 +2,12 @@
 
 declare(strict_types=1);
 
-use Api\App\Handler\GetNotFoundViewHandler;
+use Api\App\Handler\GetNotFoundResourceHandler;
 use Api\App\Middleware\AuthenticationMiddleware;
 use Api\App\Middleware\AuthorizationMiddleware;
 use Api\App\Middleware\ContentNegotiationMiddleware;
 use Api\App\Middleware\DeprecationMiddleware;
+use Api\App\Middleware\ResourceProviderMiddleware;
 use Dot\ResponseHeader\Middleware\ResponseHeaderMiddleware;
 use Mezzio\Application;
 use Mezzio\Cors\Middleware\CorsMiddleware;
@@ -80,11 +81,13 @@
     // - route-based validation
     // - etc.
 
+    $app->pipe(ResourceProviderMiddleware::class);
+
     // Register the dispatch middleware in the middleware pipeline
     $app->pipe(DispatchMiddleware::class);
     // At this point, if no Response is returned by any middleware, the
     // NotFoundHandler kicks in; alternately, you can provide other fallback
     // middleware to execute.
     $app->pipe(ProblemDetailsNotFoundHandler::class);
-    $app->pipe(GetNotFoundViewHandler::class);
+    $app->pipe(GetNotFoundResourceHandler::class);
 };

src/Admin/src/Handler/Account/GetAdminAccountResourceHandler.php

@@ -5,14 +5,14 @@
 namespace Api\Admin\Handler\Account;
 
 use Api\App\Handler\AbstractHandler;
-use Core\Admin\Entity\Admin;
+use Api\App\IdentityInterface;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class GetAdminAccountResourceHandler extends AbstractHandler
 {
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
-        return $this->createResponse($request, $request->getAttribute(Admin::class));
+        return $this->createResponse($request, $request->getAttribute(IdentityInterface::class));
     }
 }

src/Admin/src/Handler/Account/PatchAdminAccountResourceHandler.php

@@ -10,7 +10,7 @@
 use Api\App\Exception\ConflictException;
 use Api\App\Exception\NotFoundException;
 use Api\App\Handler\AbstractHandler;
-use Core\Admin\Entity\Admin;
+use Api\App\IdentityInterface;
 use Core\App\Message;
 use Dot\DependencyInjection\Attribute\Inject;
 use Psr\Http\Message\ResponseInterface;
@@ -47,7 +47,7 @@ public function handle(ServerRequestInterface $request): ResponseInterface
             $request,
             $this->adminService->saveAdmin(
                 (array) $this->inputFilter->getValues(),
-                $request->getAttribute(Admin::class)
+                $request->getAttribute(IdentityInterface::class)
             )
         );
     }

src/Admin/src/Handler/Admin/DeleteAdminResourceHandler.php

@@ -5,8 +5,9 @@
 namespace Api\Admin\Handler\Admin;
 
 use Api\Admin\Service\AdminServiceInterface;
-use Api\App\Exception\NotFoundException;
+use Api\App\Attribute\Resource;
 use Api\App\Handler\AbstractHandler;
+use Core\Admin\Entity\Admin;
 use Dot\DependencyInjection\Attribute\Inject;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
@@ -21,12 +22,12 @@ public function __construct(
     ) {
     }
 
-    /**
-     * @throws NotFoundException
-     */
+    #[Resource(entity: Admin::class)]
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
-        $this->adminService->deleteAdmin($this->adminService->findAdmin($request->getAttribute('uuid')));
+        $this->adminService->deleteAdmin(
+            $request->getAttribute(Admin::class)
+        );
 
         return $this->noContentResponse();
     }

src/Admin/src/Handler/Admin/GetAdminResourceHandler.php

@@ -4,31 +4,20 @@
 
 namespace Api\Admin\Handler\Admin;
 
-use Api\Admin\Service\AdminServiceInterface;
-use Api\App\Exception\NotFoundException;
+use Api\App\Attribute\Resource;
 use Api\App\Handler\AbstractHandler;
-use Dot\DependencyInjection\Attribute\Inject;
+use Core\Admin\Entity\Admin;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class GetAdminResourceHandler extends AbstractHandler
 {
-    #[Inject(
-        AdminServiceInterface::class,
-    )]
-    public function __construct(
-        protected AdminServiceInterface $adminService,
-    ) {
-    }
-
-    /**
-     * @throws NotFoundException
-     */
+    #[Resource(entity: Admin::class)]
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
         return $this->createResponse(
             $request,
-            $this->adminService->findAdmin($request->getAttribute('uuid'))
+            $request->getAttribute(Admin::class)
         );
     }
 }

src/Admin/src/Handler/Admin/PatchAdminResourceHandler.php

@@ -6,10 +6,12 @@
 
 use Api\Admin\InputFilter\UpdateAdminInputFilter;
 use Api\Admin\Service\AdminServiceInterface;
+use Api\App\Attribute\Resource;
 use Api\App\Exception\BadRequestException;
 use Api\App\Exception\ConflictException;
 use Api\App\Exception\NotFoundException;
 use Api\App\Handler\AbstractHandler;
+use Core\Admin\Entity\Admin;
 use Core\App\Message;
 use Dot\DependencyInjection\Attribute\Inject;
 use Psr\Http\Message\ResponseInterface;
@@ -32,6 +34,7 @@ public function __construct(
      * @throws ConflictException
      * @throws NotFoundException
      */
+    #[Resource(entity: Admin::class)]
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
         $this->inputFilter->setData((array) $request->getParsedBody());
@@ -46,7 +49,7 @@ public function handle(ServerRequestInterface $request): ResponseInterface
             $request,
             $this->adminService->saveAdmin(
                 (array) $this->inputFilter->getValues(),
-                $this->adminService->findAdmin($request->getAttribute('uuid'))
+                $request->getAttribute(Admin::class)
             )
         );
     }

src/Admin/src/Handler/Admin/Role/GetAdminRoleResourceHandler.php

@@ -4,31 +4,20 @@
 
 namespace Api\Admin\Handler\Admin\Role;
 
-use Api\Admin\Service\AdminRoleServiceInterface;
-use Api\App\Exception\NotFoundException;
+use Api\App\Attribute\Resource;
 use Api\App\Handler\AbstractHandler;
-use Dot\DependencyInjection\Attribute\Inject;
+use Core\Admin\Entity\AdminRole;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class GetAdminRoleResourceHandler extends AbstractHandler
 {
-    #[Inject(
-        AdminRoleServiceInterface::class,
-    )]
-    public function __construct(
-        protected AdminRoleServiceInterface $adminRoleService,
-    ) {
-    }
-
-    /**
-     * @throws NotFoundException
-     */
+    #[Resource(entity: AdminRole::class)]
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
         return $this->createResponse(
             $request,
-            $this->adminRoleService->findAdminRole($request->getAttribute('uuid'))
+            $request->getAttribute(AdminRole::class)
         );
     }
 }

src/App/src/Attribute/Resource.php

@@ -0,0 +1,31 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Api\App\Attribute;
+
+use Attribute;
+
+#[Attribute(Attribute::TARGET_METHOD)]
+readonly class Resource implements ResourceInterface
+{
+    /**
+     * @param class-string $entity The target entity to be found
+     * @param string $identifier The class property used to find the entity by
+     * @param string $placeholder The route parameter containing the identifier value
+     * @param class-string|null $guard An invokable class implementing Api\App\Guard\ResourceGuardInterface,
+     * which will determine if the current user is allowed to access the entity
+     */
+    public function __construct(
+        public string $entity,
+        public string $identifier = 'uuid',
+        public string $placeholder = 'uuid',
+        public ?string $guard = null,
+    ) {
+    }
+
+    public function hasGuard(): bool
+    {
+        return $this->guard !== null;
+    }
+}

src/App/src/Attribute/ResourceInterface.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Api\App\Attribute;
+
+interface ResourceInterface
+{
+    public function hasGuard(): bool;
+}