feat: implement RoleLabelUniquenessService for role label validation and integrate RoleFactory in RoleCoordinator

Author: aspirantzhang

contexts/Authorization/Application/Coordinators/RoleCoordinator.php

@@ -9,6 +9,7 @@
 use Contexts\Authorization\Application\DTOs\Role\CreateRoleDTO;
 use Contexts\Authorization\Application\DTOs\Role\GetRoleListDTO;
 use Contexts\Authorization\Application\DTOs\Role\UpdateRoleDTO;
+use Contexts\Authorization\Domain\Factories\RoleFactory;
 use Contexts\Authorization\Domain\Repositories\RoleRepository;
 use Contexts\Authorization\Domain\Role\Models\Role;
 use Contexts\Authorization\Domain\Role\Models\RoleId;
@@ -18,12 +19,14 @@
 class RoleCoordinator extends BaseCoordinator
 {
     public function __construct(
-        private RoleRepository $repository
-    ) {}
+        private RoleRepository $repository,
+        private RoleFactory $factory
+    ) {
+    }
 
     public function create(CreateRoleDTO $data): Role
     {
-        $role = Role::create(
+        $role = $this->factory->create(
             RoleId::null(),
             $data->label,
             $data->created_at ? CarbonImmutable::parse($data->created_at) : null

contexts/Authorization/Domain/Services/RoleLabelUniquenessService.php

@@ -0,0 +1,23 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Contexts\Authorization\Domain\Services;
+
+use App\Exceptions\BizException;
+use Contexts\Authorization\Domain\Repositories\RoleRepository;
+
+class RoleLabelUniquenessService
+{
+    public function __construct(
+        private readonly RoleRepository $roleRepository
+    ) {}
+
+    public function ensureUnique(string $label)
+    {
+        if ($this->roleRepository->existsByLabel($label)) {
+            throw BizException::make('Role label already exists: :label')
+                ->with('label', $label);
+        }
+    }
+}

contexts/Authorization/Tests/Feature/Application/GlobalPermissionServiceCoordinatorTest.php

@@ -12,6 +12,8 @@
 use Contexts\Authorization\Infrastructure\Persistence\UserPersistence;
 use Contexts\Authorization\Infrastructure\Records\UserRecord;
 use Illuminate\Support\Facades\Config;
+use Contexts\Authorization\Domain\Services\RoleLabelUniquenessService;
+use Contexts\Authorization\Domain\Factories\RoleFactory;
 
 beforeEach(function () {
     Config::set('policies.article_publishing', [
@@ -37,6 +39,10 @@
             ],
         ],
     ]);
+
+    $this->roleLabelUniquenessService = mock(RoleLabelUniquenessService::class);
+    $this->roleLabelUniquenessService->shouldReceive('ensureUnique')->andReturn(true);
+    $this->roleFactory = new RoleFactory($this->roleLabelUniquenessService);
 });
 
 it('can be instantiated through container', function () {
@@ -47,15 +53,15 @@
 
 it('can check permission for admin user', function () {
     // Setup repositories
-    $userPersistence = new UserPersistence;
-    $rolePersistence = new RolePersistence;
+    $userPersistence = new UserPersistence();
+    $rolePersistence = new RolePersistence();
 
     // Create admin user
     $userRecord = UserRecord::factory()->create();
     $this->actingAs($userRecord);
 
     // Create admin role
-    $adminRole = Role::create(RoleId::null(), 'admin');
+    $adminRole = $this->roleFactory->create(RoleId::null(), 'admin');
     $adminRole = $rolePersistence->create($adminRole);
 
     // Assign admin role to user
@@ -70,15 +76,15 @@
 
 it('denies permission for users without required roles', function () {
     // Setup repositories
-    $userPersistence = new UserPersistence;
-    $rolePersistence = new RolePersistence;
+    $userPersistence = new UserPersistence();
+    $rolePersistence = new RolePersistence();
 
     // Create regular user
     $userRecord = UserRecord::factory()->create();
     $this->actingAs($userRecord);
 
     // Create editor role (not admin)
-    $editorRole = Role::create(RoleId::null(), 'editor');
+    $editorRole = $this->roleFactory->create(RoleId::null(), 'editor');
     $editorRole = $rolePersistence->create($editorRole);
 
     // Assign editor role to user

contexts/Authorization/Tests/Feature/PolicyTest.php

@@ -11,6 +11,8 @@
 use Contexts\Authorization\Infrastructure\Persistence\UserPersistence;
 use Contexts\Authorization\Infrastructure\Records\UserRecord;
 use Illuminate\Support\Facades\Config;
+use Contexts\Authorization\Domain\Services\RoleLabelUniquenessService;
+use Contexts\Authorization\Domain\Factories\RoleFactory;
 
 beforeEach(function () {
     Config::set('policies.article_publishing', [
@@ -30,6 +32,10 @@
             ],
         ],
     ]);
+
+    $this->roleLabelUniquenessService = mock(RoleLabelUniquenessService::class);
+    $this->roleLabelUniquenessService->shouldReceive('ensureUnique')->andReturn(true);
+    $this->roleFactory = new RoleFactory($this->roleLabelUniquenessService);
 });
 
 it('can get default policy handler', function () {
@@ -41,14 +47,14 @@
 });
 
 it('can evaluate user against policy', function () {
-    $userPersistence = new UserPersistence;
+    $userPersistence = new UserPersistence();
 
     $userRecord = UserRecord::factory()->create();
 
     $this->actingAs($userRecord);
 
-    $role = Role::create(RoleId::null(), 'admin');
-    $rolePersistence = new RolePersistence;
+    $role = $this->roleFactory->create(RoleId::null(), 'admin');
+    $rolePersistence = new RolePersistence();
     $role = $rolePersistence->create($role);
 
     $user = $userRecord->toDomain();