feat: implement authorization gateway for article publishing actions

Author: aspirantzhang

contexts/ArticlePublishing/Application/Coordinators/ArticlePublishingCoordinator.php

@@ -10,6 +10,7 @@
 use Contexts\ArticlePublishing\Application\DTOs\CreateArticleDTO;
 use Contexts\ArticlePublishing\Application\DTOs\GetArticleListDTO;
 use Contexts\ArticlePublishing\Application\DTOs\UpdateArticleDTO;
+use Contexts\ArticlePublishing\Domain\Gateway\AuthorizationGateway;
 use Contexts\ArticlePublishing\Domain\Gateway\CategoryGateway;
 use Contexts\ArticlePublishing\Domain\Models\Article;
 use Contexts\ArticlePublishing\Domain\Models\ArticleId;
@@ -21,11 +22,14 @@ class ArticlePublishingCoordinator extends BaseCoordinator
 {
     public function __construct(
         private ArticleRepository $repository,
-        private CategoryGateway $categoryGateway
+        private CategoryGateway $categoryGateway,
+        private AuthorizationGateway $authorizationGateway
     ) {}
 
     public function create(CreateArticleDTO $data): Article
     {
+        $this->authorizationGateway->canPerformAction('publish_article');
+
         $article = match ($data->status) {
             'draft' => $this->createDraft($data),
             'published' => $this->createPublished($data),

contexts/ArticlePublishing/Domain/Gateway/AuthorizationGateway.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Contexts\ArticlePublishing\Domain\Gateway;
+
+interface AuthorizationGateway
+{
+    public function canPerformAction(string $action): bool;
+}

contexts/ArticlePublishing/Infrastructure/Adapters/AuthorizationAdapter.php

@@ -0,0 +1,24 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Contexts\ArticlePublishing\Infrastructure\Adapters;
+
+use Contexts\ArticlePublishing\Domain\Gateway\AuthorizationGateway;
+use Contexts\Authorization\Domain\Services\PolicyFactory;
+
+class AuthorizationAdapter implements AuthorizationGateway
+{
+    public function __construct(
+        private PolicyFactory $policyFactory
+    ) {}
+
+    public function canPerformAction(string $action): bool
+    {
+        $policy = $this->policyFactory
+            ->forContext('article_publishing')
+            ->action($action);
+
+        return $policy->evaluate();
+    }
+}

contexts/ArticlePublishing/Infrastructure/ServiceProvider.php

@@ -5,7 +5,9 @@
 namespace Contexts\ArticlePublishing\Infrastructure;
 
 use Contexts\ArticlePublishing\Domain\Events\ArticlePublishedEvent;
+use Contexts\ArticlePublishing\Domain\Gateway\AuthorizationGateway;
 use Contexts\ArticlePublishing\Domain\Gateway\CategoryGateway;
+use Contexts\ArticlePublishing\Infrastructure\Adapters\AuthorizationAdapter;
 use Contexts\ArticlePublishing\Infrastructure\Adapters\CategoryAdapter;
 use Contexts\ArticlePublishing\Infrastructure\EventListeners\ConsoleOutputListener;
 use Contexts\CategoryManagement\Application\Coordinators\CategoryManagementCoordinator;
@@ -45,6 +47,8 @@ public function map(): void
         $this->app->bind(CategoryGateway::class, function ($app) {
             return new CategoryAdapter($app->make(CategoryManagementCoordinator::class));
         });
+
+        $this->app->bind(AuthorizationGateway::class, AuthorizationAdapter::class);
     }
 
     public function provides(): array

contexts/ArticlePublishing/Tests/Feature/ArticlePublishingTest.php

@@ -3,23 +3,25 @@
 declare(strict_types=1);
 
 use Contexts\ArticlePublishing\Domain\Events\ArticlePublishedEvent;
+use Contexts\ArticlePublishing\Domain\Gateway\AuthorizationGateway;
 use Contexts\CategoryManagement\Infrastructure\Records\CategoryRecord;
-use Illuminate\Database\Eloquent\Collection;
 
-function createTestCategories(): Collection
-{
-    $category = CategoryRecord::factory(2)->create();
+beforeEach(function () {
+    $mockAuthGateway = mock(AuthorizationGateway::class);
+    $mockAuthGateway->shouldReceive('canPerformAction')
+        ->with('publish_article')
+        ->andReturn(true);
+    $this->app->instance(AuthorizationGateway::class, $mockAuthGateway);
 
-    return $category;
-}
+    $this->categories = CategoryRecord::factory(2)->create();
+});
 
 it('can publish aritcle drafts via api', function () {
-    $categories = createTestCategories();
     $response = $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'draft',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(201);
@@ -29,18 +31,17 @@ function createTestCategories(): Collection
             'title' => 'My Article',
             'body' => 'This is my article body',
             'status' => 'draft',
-            'categories' => $categories->only(['id', 'label'])->toArray(),
+            'categories' => $this->categories->only(['id', 'label'])->toArray(),
         ],
     ]);
 });
 
 it('can publish published articles via api', function () {
-    $categories = createTestCategories();
     $response = $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'published',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(201);
@@ -50,32 +51,31 @@ function createTestCategories(): Collection
             'title' => 'My Article',
             'body' => 'This is my article body',
             'status' => 'published',
-            'categories' => $categories->only(['id', 'label'])->toArray(),
+            'categories' => $this->categories->only(['id', 'label'])->toArray(),
         ],
     ]);
 });
 
 it('dispatches an event when an article is published via api', function () {
     Event::fake();
 
-    $categories = createTestCategories();
     $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'published',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     Event::assertDispatched(ArticlePublishedEvent::class);
 });
 
 it('can publish a draft article via api', function () {
-    $categories = createTestCategories();
+
     $response = $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'draft',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(201);
@@ -88,12 +88,12 @@ function createTestCategories(): Collection
 });
 
 it('can get an article via api', function () {
-    $categories = createTestCategories();
+
     $response = $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'draft',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(201);
@@ -109,18 +109,18 @@ function createTestCategories(): Collection
             'title' => 'My Article',
             'body' => 'This is my article body',
             'status' => 'draft',
-            'categories' => $categories->only(['id', 'label'])->toArray(),
+            'categories' => $this->categories->only(['id', 'label'])->toArray(),
         ],
     ]);
 });
 
 it('can get a list of articles via api', function () {
-    $categories = createTestCategories();
+
     $response = $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'draft',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(201);
@@ -131,24 +131,24 @@ function createTestCategories(): Collection
 });
 
 it('can update an article via api', function () {
-    $categories = createTestCategories();
+
     $response = $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'draft',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(201);
 
     $id = $response->json('data.id');
 
-    $categories2 = createTestCategories();
+    $this->categories2 = CategoryRecord::factory(2)->create();
     $response = $this->putJson("articles/{$id}", [
         'title' => 'My Updated Article',
         'body' => 'This is my updated article body',
         'status' => 'published',
-        'category_ids' => $categories2->pluck('id')->toArray(),
+        'category_ids' => $this->categories2->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(200);
@@ -158,18 +158,18 @@ function createTestCategories(): Collection
             'title' => 'My Updated Article',
             'body' => 'This is my updated article body',
             'status' => 'published',
-            'categories' => $categories2->only(['id', 'label'])->toArray(),
+            'categories' => $this->categories2->only(['id', 'label'])->toArray(),
         ],
     ]);
 });
 
 it('can archive an article via api', function () {
-    $categories = createTestCategories();
+
     $response = $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'published',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(201);
@@ -182,12 +182,12 @@ function createTestCategories(): Collection
 });
 
 it('can archive and delete an article via api', function () {
-    $categories = createTestCategories();
+
     $response = $this->postJson('articles', [
         'title' => 'My Article',
         'body' => 'This is my article body',
         'status' => 'published',
-        'category_ids' => $categories->pluck('id')->toArray(),
+        'category_ids' => $this->categories->pluck('id')->toArray(),
     ]);
 
     $response->assertStatus(201);