Skip to content

Commit 62aa5e4

Browse files
doekenorgdoekenorg
committed
Extract capabilities to classes with context
1 parent 7a341f1 commit 62aa5e4

12 files changed

Lines changed: 205 additions & 43 deletions

src/ACL/AccessController.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
namespace DataKit\DataViews\ACL;
44

5+
use DataKit\DataViews\ACL\Capability\Capability;
56
use DataKit\DataViews\DataView\DataView;
67
use DataKit\DataViews\Field\Field;
78

@@ -17,9 +18,8 @@ interface AccessController {
1718
* @since $ver$
1819
*
1920
* @param Capability $capability The capability to test.
20-
* @param mixed ...$context The available context for the test.
2121
*
2222
* @return bool Whether the user has the capability.
2323
*/
24-
public function can( Capability $capability, ...$context ): bool;
24+
public function can( Capability $capability ): bool;
2525
}

src/ACL/Capability.php

Lines changed: 0 additions & 29 deletions
This file was deleted.

src/ACL/Capability/Capability.php

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
<?php
2+
3+
namespace DataKit\DataViews\ACL\Capability;
4+
5+
/**
6+
* Represents a capability a user can have.
7+
*
8+
* @since $ver$
9+
*/
10+
interface Capability {
11+
/**
12+
* Returns whether the capability is related to mutation.
13+
*
14+
* @since $ver$
15+
*
16+
* @return bool Whether the capability is related to mutation.
17+
*/
18+
public function is_mutative(): bool;
19+
20+
/**
21+
* Returns whether the capability is related to destruction.
22+
*
23+
* @since $ver$
24+
*
25+
* @return bool Whether the capability is related to destruction.
26+
*/
27+
public function is_destructive(): bool;
28+
}

src/ACL/Capability/DataViewCapability.php

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
<?php
2+
3+
namespace DataKit\DataViews\ACL\Capability;
4+
5+
use DataKit\DataViews\DataView\DataView;
6+
7+
/**
8+
* Represents a capability that is connected to a DataView.
9+
*
10+
* @since $ver$
11+
*/
12+
abstract class DataViewCapability implements Capability {
13+
/**
14+
* The DataView.
15+
*
16+
* @since $ver$
17+
*
18+
* @var DataView
19+
*/
20+
protected DataView $dataview;
21+
22+
/**
23+
* Creates the Capability.
24+
*
25+
* @since $ver$
26+
*/
27+
public function __construct( DataView $dataview ) {
28+
$this->dataview = $dataview;
29+
}
30+
31+
/**
32+
* Returns the DataView connected to the capability.
33+
*
34+
* @since $ver$
35+
*/
36+
public function dataview(): DataView {
37+
return $this->dataview;
38+
}
39+
40+
/**
41+
* {@inheritDoc}
42+
*
43+
* @since $ver$
44+
*/
45+
public function is_mutative(): bool {
46+
return false;
47+
}
48+
49+
/**
50+
* {@inheritDoc}
51+
*
52+
* @since $ver$
53+
*/
54+
public function is_destructive(): bool {
55+
return false;
56+
}
57+
}

src/ACL/Capability/DeleteDataView.php

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
<?php
2+
3+
namespace DataKit\DataViews\ACL\Capability;
4+
5+
/**
6+
* A capability representing a user can delete a DataView.
7+
*
8+
* @since $ver$
9+
*/
10+
final class DeleteDataView extends DataViewCapability {
11+
/**
12+
* {@inheritDoc}
13+
*
14+
* @since $ver$
15+
*/
16+
public function is_destructive(): bool {
17+
return true;
18+
}
19+
}

src/ACL/Capability/EditDataView.php

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
<?php
2+
3+
namespace DataKit\DataViews\ACL\Capability;
4+
5+
/**
6+
* A capability representing a user can edit a DataView.
7+
*
8+
* @since $ver$
9+
*/
10+
final class EditDataView extends DataViewCapability {
11+
/**
12+
* {@inheritDoc}
13+
*
14+
* @since $ver$
15+
*/
16+
public function is_mutative(): bool {
17+
return true;
18+
}
19+
}

src/ACL/Capability/ViewDataView.php

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
<?php
2+
3+
namespace DataKit\DataViews\ACL\Capability;
4+
5+
/**
6+
* A capability representing a user can view a DataView.
7+
*
8+
* @since $ver$
9+
*/
10+
final class ViewDataView extends DataViewCapability {
11+
}

src/ACL/Capability/ViewField.php

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
<?php
2+
3+
namespace DataKit\DataViews\ACL\Capability;
4+
5+
use DataKit\DataViews\DataView\DataView;
6+
use DataKit\DataViews\Field\Field;
7+
8+
/**
9+
* A capability representing a user can view a DataView field.
10+
*
11+
* @since $ver$
12+
*/
13+
final class ViewField extends DataViewCapability {
14+
/**
15+
* The Field.
16+
*
17+
* @since $ver$
18+
*
19+
* @var Field
20+
*/
21+
private Field $field;
22+
23+
/**
24+
* Creates the capability.
25+
*
26+
* @since $ver$
27+
*
28+
* @param DataView $dataview The DataView.
29+
* @param Field $field The Field.
30+
*/
31+
public function __construct( DataView $dataview, Field $field ) {
32+
parent::__construct( $dataview );
33+
34+
$this->field = $field;
35+
}
36+
37+
/**
38+
* Returns the Field to view.
39+
*
40+
* @since $ver$
41+
*
42+
* @return Field The Field.
43+
*/
44+
public function field(): Field {
45+
return $this->field;
46+
}
47+
}

src/ACL/ReadOnlyAccessController.php

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,10 @@
22

33
namespace DataKit\DataViews\ACL;
44

5+
use DataKit\DataViews\ACL\Capability\Capability;
6+
57
/**
6-
* AccessControlManager that allows full access to anyone.
8+
* AccessControlManager that allows read access to anyone.
79
*
810
* @since $ver$
911
*/
@@ -13,7 +15,7 @@ final class ReadOnlyAccessController implements AccessController {
1315
*
1416
* @since $ver$
1517
*/
16-
public function can( Capability $capability, ...$context ): bool {
17-
return strpos( $capability->as_string(), 'view_' ) === 0;
18+
public function can( Capability $capability ): bool {
19+
return ! $capability->is_mutative() && ! $capability->is_destructive();
1820
}
1921
}

src/DataView/DataView.php

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
namespace DataKit\DataViews\DataView;
44

55
use DataKit\DataViews\ACL\AccessControlManager;
6-
use DataKit\DataViews\ACL\Capability;
6+
use DataKit\DataViews\ACL\Capability\ViewField;
77
use DataKit\DataViews\Data\DataSource;
88
use DataKit\DataViews\Data\Exception\DataSourceException;
99
use DataKit\DataViews\Data\MutableDataSource;
@@ -675,9 +675,7 @@ private function allowed_fields( array $fields ): array {
675675
return array_filter(
676676
$fields,
677677
fn( Field $field ) => AccessControlManager::current()->can(
678-
Capability::view_dataview_field(),
679-
$this,
680-
$field
678+
new ViewField( $this, $field )
681679
)
682680
);
683681
}

0 commit comments

Comments
 (0)