Commit dd1840c8 authored by Jacob Priddy's avatar Jacob Priddy 👌
Browse files

add method and test to get current perms

parent 9c6c66b3
......@@ -111,4 +111,9 @@ class MeController extends ApiController
return $this->respondWithData($presenter->getViewModel());
}
public function permissions(): JsonResponse
{
}
}
......@@ -128,5 +128,6 @@ Route::group(['middleware' => 'auth:api'], static function () {
Route::get('groups', [MeController::class, 'groups']);
Route::get('tokens', [MeController::class, 'tokens']);
Route::patch('/', [MeController::class, 'update']);
Route::get('permission', [MeController::class, 'permissions']);
});
});
......@@ -3,6 +3,7 @@
namespace Source\Authorization;
use ReflectionClass;
use Source\Gateways\Users\UsersRepository;
use Source\Gateways\Groups\GroupsRepository;
use Source\Exceptions\AuthorizationException;
......@@ -43,11 +44,26 @@ class ApiAuthorizer implements Authorizer
$this->groupUserRepository = $groupUserRepository;
}
/**
* @param string|null $id
*/
public function setCurrentUserId(?string $id): void
{
$this->currentUserId = $id;
}
/**
* @inheritDoc
*/
public function getPermissions(): array
{
$reflection = new ReflectionClass(Permissions::class);
return array_values(array_filter($reflection->getConstants(), function (string $permission) {
return $this->allows($permission);
}));
}
/**
* @inheritDoc
*/
......@@ -154,6 +170,14 @@ class ApiAuthorizer implements Authorizer
$this->protectAll([$permission]);
}
/**
* @inheritDoc
*/
public function allows(string $permission): bool
{
return $this->allowsAll([$permission]);
}
/**
* @inheritDoc
*/
......
......@@ -5,6 +5,13 @@ namespace Source\Authorization;
interface Authorizer
{
/**
* Returns list of permission from \Source\Authorization\Permissions that the user has
*
* @return string[]
*/
public function getPermissions(): array;
/**
* The user needs ALL of the permissions.
*
......@@ -53,6 +60,16 @@ interface Authorizer
*/
public function protect(string $permission): void;
/**
* Permissions to check against from \Source\Authorization\Permissions
* The user needs the permission
*
* @param string $permission
* @return bool
* @throws \Source\Exceptions\EntityNotFoundException
*/
public function allows(string $permission): bool;
/**
* Protects the admin user from being modified.
* Throws an exception if the currently authenticated user does not have
......
......@@ -294,4 +294,20 @@ class AuthorizerTest extends TestCase
$this->authorizer->protect(Permissions::CODE_QUERY);
}
/**
* @test
* @throws \Source\Exceptions\EntityNotFoundException
*/
public function it_gets_permissions(): void
{
$this->createUserWithPerms([Permissions::LOGS_READ, Permissions::MANAGE_DOORS, Permissions::CODE_QUERY, Permissions::CURRENT_USER]);
$this->assertEquals([
Permissions::MANAGE_DOORS,
Permissions::CODE_QUERY,
Permissions::CURRENT_USER,
Permissions::LOGS_READ,
], $this->authorizer->getPermissions());
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment