added PHP 8 typehints

dg · dg · commit dc5cc9f8273c · 2022-11-18T03:58:58.000+01:00
diff --git a/src/Bridges/SecurityHttp/SessionStorage.php b/src/Bridges/SecurityHttp/SessionStorage.php
@@ -101,9 +101,8 @@ private function setupExpiration(): void
 
 	/**
 	 * Changes namespace; allows more users to share a session.
-	 * @return static
 	 */
-	public function setNamespace(string $namespace)
+	public function setNamespace(string $namespace): static
 	{
 		if ($this->namespace !== $namespace) {
 			$this->namespace = $namespace;
diff --git a/src/Security/Authorizator.php b/src/Security/Authorizator.php
@@ -27,11 +27,8 @@ interface Authorizator
 
 	/**
 	 * Performs a role-based authorization.
-	 * @param  string|null  $role
-	 * @param  string|null  $resource
-	 * @param  string|null  $privilege
 	 */
-	function isAllowed($role, $resource, $privilege): bool;
+	function isAllowed(?string $role, ?string $resource, ?string $privilege): bool;
 }
 
 
diff --git a/src/Security/IIdentity.php b/src/Security/IIdentity.php
@@ -18,9 +18,8 @@ interface IIdentity
 {
 	/**
 	 * Returns the ID of user.
-	 * @return mixed
 	 */
-	function getId();
+	function getId(): string|int;
 
 	/**
 	 * Returns a list of roles that the user is a member of.
diff --git a/src/Security/Identity.php b/src/Security/Identity.php
@@ -43,14 +43,9 @@ public function __construct($id, $roles = null, ?iterable $data = null)
 
 	/**
 	 * Sets the ID of user.
-	 * @param  string|int  $id
-	 * @return static
 	 */
-	public function setId($id)
+	public function setId(string|int $id): static
 	{
-		if (!is_string($id) && !is_int($id)) {
-			throw new Nette\InvalidArgumentException('Identity identifier must be string|int, but type "' . gettype($id) . '" given.');
-		}
 
 		$this->id = is_numeric($id) && !is_float($tmp = $id * 1) ? $tmp : $id;
 		return $this;
@@ -59,19 +54,17 @@ public function setId($id)
 
 	/**
 	 * Returns the ID of user.
-	 * @return mixed
 	 */
-	public function getId()
+	public function getId(): string|int
 	{
 		return $this->id;
 	}
 
 
 	/**
 	 * Sets a list of roles that the user is a member of.
-	 * @return static
 	 */
-	public function setRoles(array $roles)
+	public function setRoles(array $roles): static
 	{
 		$this->roles = $roles;
 		return $this;
@@ -112,9 +105,8 @@ public function __set(string $key, $value): void
 
 	/**
 	 * Returns user data value.
-	 * @return mixed
 	 */
-	public function &__get(string $key)
+	public function &__get(string $key): mixed
 	{
 		if ($this->parentIsSet($key)) {
 			return $this->parentGet($key);
diff --git a/src/Security/Passwords.php b/src/Security/Passwords.php
@@ -27,7 +27,7 @@ class Passwords
 	 * Chooses which secure algorithm is used for hashing and how to configure it.
 	 * @see https://php.net/manual/en/password.constants.php
 	 */
-	public function __construct($algo = PASSWORD_DEFAULT, array $options = [])
+	public function __construct(string $algo = PASSWORD_DEFAULT, array $options = [])
 	{
 		$this->algo = $algo;
 		$this->options = $options;
diff --git a/src/Security/Permission.php b/src/Security/Permission.php
@@ -52,12 +52,10 @@ class Permission implements Authorizator
 	/**
 	 * Adds a Role to the list. The most recently added parent
 	 * takes precedence over parents that were previously added.
-	 * @param  string|array $parents
 	 * @throws Nette\InvalidArgumentException
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	public function addRole(string $role, $parents = null)
+	public function addRole(string $role, string|array|null $parents = null): static
 	{
 		$this->checkRole($role, false);
 		if (isset($this->roles[$role])) {
@@ -161,9 +159,8 @@ public function roleInheritsFrom(string $role, string $inherit, bool $onlyParent
 	 * Removes the Role from the list.
 	 *
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	public function removeRole(string $role)
+	public function removeRole(string $role): static
 	{
 		$this->checkRole($role);
 
@@ -199,10 +196,8 @@ public function removeRole(string $role)
 
 	/**
 	 * Removes all Roles from the list.
-	 *
-	 * @return static
 	 */
-	public function removeAllRoles()
+	public function removeAllRoles(): static
 	{
 		$this->roles = [];
 
@@ -228,9 +223,8 @@ public function removeAllRoles()
 	 *
 	 * @throws Nette\InvalidArgumentException
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	public function addResource(string $resource, ?string $parent = null)
+	public function addResource(string $resource, ?string $parent = null): static
 	{
 		$this->checkResource($resource, false);
 
@@ -324,9 +318,8 @@ public function resourceInheritsFrom(string $resource, string $inherit, bool $on
 	 * Removes a Resource and all of its children.
 	 *
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	public function removeResource(string $resource)
+	public function removeResource(string $resource): static
 	{
 		$this->checkResource($resource);
 
@@ -356,9 +349,8 @@ public function removeResource(string $resource)
 
 	/**
 	 * Removes all Resources.
-	 * @return static
 	 */
-	public function removeAllResources()
+	public function removeAllResources(): static
 	{
 		foreach ($this->resources as $resource => $foo) {
 			foreach ($this->rules['byResource'] as $resourceCurrent => $rules) {
@@ -383,14 +375,14 @@ public function removeAllResources()
 	 * @param  string|string[]|null  $roles
 	 * @param  string|string[]|null  $resources
 	 * @param  string|string[]|null  $privileges
-	 * @return static
 	 */
 	public function allow(
 		$roles = self::ALL,
 		$resources = self::ALL,
 		$privileges = self::ALL,
 		?callable $assertion = null,
-	) {
+	): static
+	{
 		$this->setRule(true, self::ALLOW, $roles, $resources, $privileges, $assertion);
 		return $this;
 	}
@@ -403,14 +395,14 @@ public function allow(
 	 * @param  string|string[]|null  $roles
 	 * @param  string|string[]|null  $resources
 	 * @param  string|string[]|null  $privileges
-	 * @return static
 	 */
 	public function deny(
 		$roles = self::ALL,
 		$resources = self::ALL,
 		$privileges = self::ALL,
 		?callable $assertion = null,
-	) {
+	): static
+	{
 		$this->setRule(true, self::DENY, $roles, $resources, $privileges, $assertion);
 		return $this;
 	}
@@ -422,9 +414,8 @@ public function deny(
 	 * @param  string|string[]|null  $roles
 	 * @param  string|string[]|null  $resources
 	 * @param  string|string[]|null  $privileges
-	 * @return static
 	 */
-	public function removeAllow($roles = self::ALL, $resources = self::ALL, $privileges = self::ALL)
+	public function removeAllow($roles = self::ALL, $resources = self::ALL, $privileges = self::ALL): static
 	{
 		$this->setRule(false, self::ALLOW, $roles, $resources, $privileges);
 		return $this;
@@ -437,9 +428,8 @@ public function removeAllow($roles = self::ALL, $resources = self::ALL, $privile
 	 * @param  string|string[]|null  $roles
 	 * @param  string|string[]|null  $resources
 	 * @param  string|string[]|null  $privileges
-	 * @return static
 	 */
-	public function removeDeny($roles = self::ALL, $resources = self::ALL, $privileges = self::ALL)
+	public function removeDeny($roles = self::ALL, $resources = self::ALL, $privileges = self::ALL): static
 	{
 		$this->setRule(false, self::DENY, $roles, $resources, $privileges);
 		return $this;
@@ -452,9 +442,15 @@ public function removeDeny($roles = self::ALL, $resources = self::ALL, $privileg
 	 * @param  string|string[]|null  $resources
 	 * @param  string|string[]|null  $privileges
 	 * @throws Nette\InvalidStateException
-	 * @return static
 	 */
-	protected function setRule(bool $toAdd, bool $type, $roles, $resources, $privileges, ?callable $assertion = null)
+	protected function setRule(
+		bool $toAdd,
+		bool $type,
+		$roles,
+		$resources,
+		$privileges,
+		?callable $assertion = null,
+	): static
 	{
 		// ensure that all specified Roles exist; normalize input to array of Roles or null
 		if ($roles === self::ALL) {
@@ -564,12 +560,13 @@ protected function setRule(bool $toAdd, bool $type, $roles, $resources, $privile
 	 * and its respective parents are checked similarly before the lower-priority parents of
 	 * the Role are checked.
 	 *
-	 * @param  string|Role|null  $role
-	 * @param  string|Nette\Security\Resource|null  $resource
-	 * @param  string|null  $privilege
 	 * @throws Nette\InvalidStateException
 	 */
-	public function isAllowed($role = self::ALL, $resource = self::ALL, $privilege = self::ALL): bool
+	public function isAllowed(
+		string|Role|null $role = self::ALL,
+		string|Nette\Security\Resource|null $resource = self::ALL,
+		?string $privilege = self::ALL,
+	): bool
 	{
 		$this->queriedRole = $role;
 		if ($role !== self::ALL) {
@@ -626,19 +623,17 @@ public function isAllowed($role = self::ALL, $resource = self::ALL, $privilege =
 
 	/**
 	 * Returns real currently queried Role. Use by assertion.
-	 * @return mixed
 	 */
-	public function getQueriedRole()
+	public function getQueriedRole(): mixed
 	{
 		return $this->queriedRole;
 	}
 
 
 	/**
 	 * Returns real currently queried Resource. Use by assertion.
-	 * @return mixed
 	 */
-	public function getQueriedResource()
+	public function getQueriedResource(): mixed
 	{
 		return $this->queriedResource;
 	}
@@ -653,7 +648,7 @@ public function getQueriedResource()
 	 * @param  bool  $all (true) or one?
 	 * @return mixed  null if no applicable rule is found, otherwise returns ALLOW or DENY
 	 */
-	private function searchRolePrivileges(bool $all, $role, $resource, $privilege)
+	private function searchRolePrivileges(bool $all, $role, $resource, $privilege): mixed
 	{
 		$dfs = [
 			'visited' => [],
@@ -698,12 +693,9 @@ private function searchRolePrivileges(bool $all, $role, $resource, $privilege)
 
 	/**
 	 * Returns the rule type associated with the specified Resource, Role, and privilege.
-	 * @param  string|null  $resource
-	 * @param  string|null  $role
-	 * @param  string|null  $privilege
 	 * @return bool|null  null if a rule does not exist or assertion fails, otherwise returns ALLOW or DENY
 	 */
-	private function getRuleType($resource, $role, $privilege): ?bool
+	private function getRuleType(?string $resource, ?string $role, ?string $privilege): ?bool
 	{
 		if (!$rules = $this->getRules($resource, $role)) {
 			return null;
@@ -740,10 +732,8 @@ private function getRuleType($resource, $role, $privilege): ?bool
 	/**
 	 * Returns the rules associated with a Resource and a Role, or null if no such rules exist.
 	 * If the $create parameter is true, then a rule set is first created and then returned to the caller.
-	 * @param  string|null  $resource
-	 * @param  string|null  $role
 	 */
-	private function &getRules($resource, $role, bool $create = false): ?array
+	private function &getRules(?string $resource, ?string $role, bool $create = false): ?array
 	{
 		$null = null;
 		if ($resource === self::ALL) {
diff --git a/src/Security/User.php b/src/Security/User.php
@@ -18,7 +18,7 @@
  *
  * @property-read bool $loggedIn
  * @property-read IIdentity $identity
- * @property-read mixed $id
+ * @property-read string|int $id
  * @property-read array $roles
  * @property-read int $logoutReason
  * @property   IAuthenticator $authenticator
@@ -75,10 +75,7 @@ public function __construct(
 	}
 
 
-	/**
-	 * @return UserStorage|IUserStorage
-	 */
-	final public function getStorage()
+	final public function getStorage(): UserStorage|IUserStorage
 	{
 		return $this->storage;
 	}
@@ -92,7 +89,7 @@ final public function getStorage()
 	 * @param  string|IIdentity  $user  name or Identity
 	 * @throws AuthenticationException if authentication was not successful
 	 */
-	public function login($user, ?string $password = null): void
+	public function login(string|IIdentity $user, ?string $password = null): void
 	{
 		$this->logout(true);
 		if ($user instanceof IIdentity) {
@@ -195,9 +192,8 @@ private function getStoredData(): void
 
 	/**
 	 * Returns current user ID, if any.
-	 * @return mixed
 	 */
-	public function getId()
+	public function getId(): string|int|null
 	{
 		$identity = $this->getIdentity();
 		return $identity ? $identity->getId() : null;
@@ -212,9 +208,8 @@ final public function refreshStorage(): void
 
 	/**
 	 * Sets authentication handler.
-	 * @return static
 	 */
-	public function setAuthenticator(IAuthenticator $handler)
+	public function setAuthenticator(IAuthenticator $handler): static
 	{
 		$this->authenticator = $handler;
 		return $this;
@@ -257,15 +252,9 @@ final public function hasAuthenticator(): bool
 
 	/**
 	 * Enables log out after inactivity (like '20 minutes').
-	 * @param  string|null  $expire
-	 * @param  int|bool  $clearIdentity
-	 * @return static
 	 */
-	public function setExpiration($expire, $clearIdentity = null)
+	public function setExpiration(?string $expire, bool|int|null $clearIdentity = null)
 	{
-		if ($expire !== null && !is_string($expire)) {
-			trigger_error("Expiration should be a string like '20 minutes' etc.", E_USER_DEPRECATED);
-		}
 
 		if (func_num_args() > 2) {
 			$clearIdentity = $clearIdentity || func_get_arg(2);
@@ -339,9 +328,8 @@ public function isAllowed($resource = Authorizator::ALL, $privilege = Authorizat
 
 	/**
 	 * Sets authorization handler.
-	 * @return static
 	 */
-	public function setAuthorizator(Authorizator $handler)
+	public function setAuthorizator(Authorizator $handler): static
 	{
 		$this->authorizator = $handler;
 		return $this;
diff --git a/tests/Security/MockUserStorage.legacy.php b/tests/Security/MockUserStorage.legacy.php

Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ class Passwords`
`27`	`27`	`* Chooses which secure algorithm is used for hashing and how to configure it.`
`28`	`28`	`* @see https://php.net/manual/en/password.constants.php`
`29`	`29`	`*/`
`30`		`- public function __construct($algo = PASSWORD_DEFAULT, array $options = [])`
	`30`	`+ public function __construct(string $algo = PASSWORD_DEFAULT, array $options = [])`
`31`	`31`	`{`
`32`	`32`	`$this->algo = $algo;`
`33`	`33`	`$this->options = $options;`