added PHP 8 typehints

Author: dg

src/Bridges/SecurityHttp/SessionStorage.php

@@ -101,9 +101,8 @@ private function setupExpiration(): void
 
 	/**
 	 * Changes namespace; allows more users to share a session.
-	 * @return static
 	 */
-	public function setNamespace(string $namespace)
+	public function setNamespace(string $namespace): static
 	{
 		if ($this->namespace !== $namespace) {
 			$this->namespace = $namespace;

src/Security/Authorizator.php

@@ -31,11 +31,8 @@ interface Authorizator
 
 	/**
 	 * Performs a role-based authorization.
-	 * @param  string|null  $role
-	 * @param  string|null  $resource
-	 * @param  string|null  $privilege
 	 */
-	function isAllowed($role, $resource, $privilege): bool;
+	function isAllowed(?string $role, ?string $resource, ?string $privilege): bool;
 }
 
 

src/Security/Identity.php

@@ -43,35 +43,27 @@ public function __construct($id, $roles = null, ?iterable $data = null)
 
 	/**
 	 * Sets the ID of user.
-	 * @param  string|int  $id
-	 * @return static
 	 */
-	public function setId($id)
+	public function setId(string|int $id): static
 	{
-		if (!is_string($id) && !is_int($id)) {
-			throw new Nette\InvalidArgumentException('Identity identifier must be string|int, but type "' . gettype($id) . '" given.');
-		}
-
 		$this->id = is_numeric($id) && !is_float($tmp = $id * 1) ? $tmp : $id;
 		return $this;
 	}
 
 
 	/**
 	 * Returns the ID of user.
-	 * @return mixed
 	 */
-	public function getId()
+	public function getId(): string|int
 	{
 		return $this->id;
 	}
 
 
 	/**
 	 * Sets a list of roles that the user is a member of.
-	 * @return static
 	 */
-	public function setRoles(array $roles)
+	public function setRoles(array $roles): static
 	{
 		$this->roles = $roles;
 		return $this;
@@ -112,9 +104,8 @@ public function __set(string $key, $value): void
 
 	/**
 	 * Returns user data value.
-	 * @return mixed
 	 */
-	public function &__get(string $key)
+	public function &__get(string $key): mixed
 	{
 		if ($this->parentIsSet($key)) {
 			return $this->parentGet($key);

src/Security/Passwords.php

@@ -27,7 +27,7 @@ class Passwords
 	 * Chooses which secure algorithm is used for hashing and how to configure it.
 	 * @see https://php.net/manual/en/password.constants.php
 	 */
-	public function __construct($algo = PASSWORD_DEFAULT, array $options = [])
+	public function __construct(string $algo = PASSWORD_DEFAULT, array $options = [])
 	{
 		$this->algo = $algo;
 		$this->options = $options;

src/Security/Permission.php

@@ -49,12 +49,10 @@ class Permission implements Authorizator
 	/**
 	 * Adds a Role to the list. The most recently added parent
 	 * takes precedence over parents that were previously added.
-	 * @param  string|array $parents
 	 * @throws Nette\InvalidArgumentException
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	public function addRole(string $role, $parents = null)
+	public function addRole(string $role, string|array $parents = null): static
 	{
 		$this->checkRole($role, exists: false);
 		if (isset($this->roles[$role])) {
@@ -158,9 +156,8 @@ public function roleInheritsFrom(string $role, string $inherit, bool $onlyParent
 	 * Removes the Role from the list.
 	 *
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	public function removeRole(string $role)
+	public function removeRole(string $role): static
 	{
 		$this->checkRole($role);
 
@@ -196,10 +193,8 @@ public function removeRole(string $role)
 
 	/**
 	 * Removes all Roles from the list.
-	 *
-	 * @return static
 	 */
-	public function removeAllRoles()
+	public function removeAllRoles(): static
 	{
 		$this->roles = [];
 
@@ -225,9 +220,8 @@ public function removeAllRoles()
 	 *
 	 * @throws Nette\InvalidArgumentException
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	public function addResource(string $resource, ?string $parent = null)
+	public function addResource(string $resource, ?string $parent = null): static
 	{
 		$this->checkResource($resource, exists: false);
 
@@ -321,9 +315,8 @@ public function resourceInheritsFrom(string $resource, string $inherit, bool $on
 	 * Removes a Resource and all of its children.
 	 *
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	public function removeResource(string $resource)
+	public function removeResource(string $resource): static
 	{
 		$this->checkResource($resource);
 
@@ -353,9 +346,8 @@ public function removeResource(string $resource)
 
 	/**
 	 * Removes all Resources.
-	 * @return static
 	 */
-	public function removeAllResources()
+	public function removeAllResources(): static
 	{
 		foreach ($this->resources as $resource => $foo) {
 			foreach ($this->rules['byResource'] as $resourceCurrent => $rules) {
@@ -376,18 +368,14 @@ public function removeAllResources()
 	/**
 	 * Allows one or more Roles access to [certain $privileges upon] the specified Resource(s).
 	 * If $assertion is provided, then it must return true in order for rule to apply.
-	 *
-	 * @param  string|string[]|null  $roles
-	 * @param  string|string[]|null  $resources
-	 * @param  string|string[]|null  $privileges
-	 * @return static
 	 */
 	public function allow(
-		$roles = self::All,
-		$resources = self::All,
-		$privileges = self::All,
+		string|array|null $roles = self::All,
+		string|array|null $resources = self::All,
+		string|array|null $privileges = self::All,
 		?callable $assertion = null,
-	) {
+	): static
+	{
 		$this->setRule(true, self::Allow, $roles, $resources, $privileges, $assertion);
 		return $this;
 	}
@@ -396,32 +384,27 @@ public function allow(
 	/**
 	 * Denies one or more Roles access to [certain $privileges upon] the specified Resource(s).
 	 * If $assertion is provided, then it must return true in order for rule to apply.
-	 *
-	 * @param  string|string[]|null  $roles
-	 * @param  string|string[]|null  $resources
-	 * @param  string|string[]|null  $privileges
-	 * @return static
 	 */
 	public function deny(
-		$roles = self::All,
-		$resources = self::All,
-		$privileges = self::All,
+		string|array|null $roles = self::All,
+		string|array|null $resources = self::All,
+		string|array|null $privileges = self::All,
 		?callable $assertion = null,
-	) {
+	): static
+	{
 		$this->setRule(true, self::Deny, $roles, $resources, $privileges, $assertion);
 		return $this;
 	}
 
 
 	/**
 	 * Removes "allow" permissions from the list in the context of the given Roles, Resources, and privileges.
-	 *
-	 * @param  string|string[]|null  $roles
-	 * @param  string|string[]|null  $resources
-	 * @param  string|string[]|null  $privileges
-	 * @return static
 	 */
-	public function removeAllow($roles = self::All, $resources = self::All, $privileges = self::All)
+	public function removeAllow(
+		string|array|null $roles = self::All,
+		string|array|null $resources = self::All,
+		string|array|null $privileges = self::All,
+	): static
 	{
 		$this->setRule(false, self::Allow, $roles, $resources, $privileges);
 		return $this;
@@ -430,13 +413,12 @@ public function removeAllow($roles = self::All, $resources = self::All, $privile
 
 	/**
 	 * Removes "deny" restrictions from the list in the context of the given Roles, Resources, and privileges.
-	 *
-	 * @param  string|string[]|null  $roles
-	 * @param  string|string[]|null  $resources
-	 * @param  string|string[]|null  $privileges
-	 * @return static
 	 */
-	public function removeDeny($roles = self::All, $resources = self::All, $privileges = self::All)
+	public function removeDeny(
+		string|array|null $roles = self::All,
+		string|array|null $resources = self::All,
+		string|array|null $privileges = self::All,
+	): static
 	{
 		$this->setRule(false, self::Deny, $roles, $resources, $privileges);
 		return $this;
@@ -445,13 +427,16 @@ public function removeDeny($roles = self::All, $resources = self::All, $privileg
 
 	/**
 	 * Performs operations on Access Control List rules.
-	 * @param  string|string[]|null  $roles
-	 * @param  string|string[]|null  $resources
-	 * @param  string|string[]|null  $privileges
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	protected function setRule(bool $toAdd, bool $type, $roles, $resources, $privileges, ?callable $assertion = null)
+	protected function setRule(
+		bool $toAdd,
+		bool $type,
+		string|array|null $roles,
+		string|array|null $resources,
+		string|array|null $privileges,
+		?callable $assertion = null,
+	): void
 	{
 		// ensure that all specified Roles exist; normalize input to array of Roles or null
 		if ($roles === self::All) {
@@ -545,8 +530,6 @@ protected function setRule(bool $toAdd, bool $type, $roles, $resources, $privile
 				}
 			}
 		}
-
-		return $this;
 	}
 
 
@@ -561,12 +544,13 @@ protected function setRule(bool $toAdd, bool $type, $roles, $resources, $privile
 	 * and its respective parents are checked similarly before the lower-priority parents of
 	 * the Role are checked.
 	 *
-	 * @param  string|Role|null  $role
-	 * @param  string|Nette\Security\Resource|null  $resource
-	 * @param  string|null  $privilege
 	 * @throws Nette\InvalidStateException
 	 */
-	public function isAllowed($role = self::All, $resource = self::All, $privilege = self::All): bool
+	public function isAllowed(
+		string|Role|null $role = self::All,
+		string|Resource|null $resource = self::All,
+		string|null $privilege = self::All,
+	): bool
 	{
 		$this->queriedRole = $role;
 		if ($role !== self::All) {
@@ -623,19 +607,17 @@ public function isAllowed($role = self::All, $resource = self::All, $privilege =
 
 	/**
 	 * Returns real currently queried Role. Use by assertion.
-	 * @return mixed
 	 */
-	public function getQueriedRole()
+	public function getQueriedRole(): string|Role|null
 	{
 		return $this->queriedRole;
 	}
 
 
 	/**
 	 * Returns real currently queried Resource. Use by assertion.
-	 * @return mixed
 	 */
-	public function getQueriedResource()
+	public function getQueriedResource(): string|Resource|null
 	{
 		return $this->queriedResource;
 	}
@@ -648,9 +630,8 @@ public function getQueriedResource()
 	 * Performs a depth-first search of the Role DAG, starting at $role, in order to find a rule
 	 * allowing/denying $role access to a/all $privilege upon $resource.
 	 * @param  bool  $all (true) or one?
-	 * @return mixed  null if no applicable rule is found, otherwise returns ALLOW or DENY
 	 */
-	private function searchRolePrivileges(bool $all, $role, $resource, $privilege)
+	private function searchRolePrivileges(bool $all, ?string $role, ?string $resource, ?string $privilege): ?bool
 	{
 		$dfs = [
 			'visited' => [],
@@ -695,12 +676,8 @@ private function searchRolePrivileges(bool $all, $role, $resource, $privilege)
 
 	/**
 	 * Returns the rule type associated with the specified Resource, Role, and privilege.
-	 * @param  string|null  $resource
-	 * @param  string|null  $role
-	 * @param  string|null  $privilege
-	 * @return bool|null  null if a rule does not exist or assertion fails, otherwise returns ALLOW or DENY
 	 */
-	private function getRuleType($resource, $role, $privilege): ?bool
+	private function getRuleType(?string $resource, ?string $role, ?string $privilege): ?bool
 	{
 		if (!$rules = $this->getRules($resource, $role)) {
 			return null;
@@ -737,10 +714,8 @@ private function getRuleType($resource, $role, $privilege): ?bool
 	/**
 	 * Returns the rules associated with a Resource and a Role, or null if no such rules exist.
 	 * If the $create parameter is true, then a rule set is first created and then returned to the caller.
-	 * @param  string|null  $resource
-	 * @param  string|null  $role
 	 */
-	private function &getRules($resource, $role, bool $create = false): ?array
+	private function &getRules(?string $resource, ?string $role, bool $create = false): ?array
 	{
 		$null = null;
 		if ($resource === self::All) {