Extract capabilities to classes with context

Author: doekenorg

src/ACL/AccessController.php

@@ -2,6 +2,7 @@
 
 namespace DataKit\DataViews\ACL;
 
+use DataKit\DataViews\ACL\Capability\Capability;
 use DataKit\DataViews\DataView\DataView;
 use DataKit\DataViews\Field\Field;
 
@@ -17,9 +18,8 @@ interface AccessController {
 	 * @since $ver$
 	 *
 	 * @param Capability $capability The capability to test.
-	 * @param mixed      ...$context The available context for the test.
 	 *
 	 * @return bool Whether the user has the capability.
 	 */
-	public function can( Capability $capability, ...$context ): bool;
+	public function can( Capability $capability ): bool;
 }

src/ACL/Capability.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace DataKit\DataViews\ACL\Capability;
+
+/**
+ * Represents a capability a user can have.
+ *
+ * @since $ver$
+ */
+interface Capability {
+	/**
+	 * Returns whether the capability is related to mutation.
+	 *
+	 * @since $ver$
+	 *
+	 * @return bool Whether the capability is related to mutation.
+	 */
+	public function is_mutative(): bool;
+
+	/**
+	 * Returns whether the capability is related to destruction.
+	 *
+	 * @since $ver$
+	 *
+	 * @return bool Whether the capability is related to destruction.
+	 */
+	public function is_destructive(): bool;
+}

src/ACL/Capability/Capability.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace DataKit\DataViews\ACL\Capability;
+
+use DataKit\DataViews\DataView\DataView;
+
+/**
+ * Represents a capability that is connected to a DataView.
+ *
+ * @since $ver$
+ */
+abstract class DataViewCapability implements Capability {
+	/**
+	 * The DataView.
+	 *
+	 * @since $ver$
+	 *
+	 * @var DataView
+	 */
+	protected DataView $dataview;
+
+	/**
+	 * Creates the Capability.
+	 *
+	 * @since $ver$
+	 */
+	public function __construct( DataView $dataview ) {
+		$this->dataview = $dataview;
+	}
+
+	/**
+	 * Returns the DataView connected to the capability.
+	 *
+	 * @since $ver$
+	 */
+	public function dataview(): DataView {
+		return $this->dataview;
+	}
+
+	/**
+	 * {@inheritDoc}
+	 *
+	 * @since $ver$
+	 */
+	public function is_mutative(): bool {
+		return false;
+	}
+
+	/**
+	 * {@inheritDoc}
+	 *
+	 * @since $ver$
+	 */
+	public function is_destructive(): bool {
+		return false;
+	}
+}

src/ACL/Capability/DataViewCapability.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace DataKit\DataViews\ACL\Capability;
+
+/**
+ * A capability representing a user can delete a DataView.
+ *
+ * @since $ver$
+ */
+final class DeleteDataView extends DataViewCapability {
+	/**
+	 * {@inheritDoc}
+	 *
+	 * @since $ver$
+	 */
+	public function is_destructive(): bool {
+		return true;
+	}
+}

src/ACL/Capability/DeleteDataView.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace DataKit\DataViews\ACL\Capability;
+
+/**
+ * A capability representing a user can edit a DataView.
+ *
+ * @since $ver$
+ */
+final class EditDataView extends DataViewCapability {
+	/**
+	 * {@inheritDoc}
+	 *
+	 * @since $ver$
+	 */
+	public function is_mutative(): bool {
+		return true;
+	}
+}

src/ACL/Capability/EditDataView.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace DataKit\DataViews\ACL\Capability;
+
+/**
+ * A capability representing a user can view a DataView.
+ *
+ * @since $ver$
+ */
+final class ViewDataView extends DataViewCapability {
+}

src/ACL/Capability/ViewDataView.php

@@ -0,0 +1,47 @@
+<?php
+
+namespace DataKit\DataViews\ACL\Capability;
+
+use DataKit\DataViews\DataView\DataView;
+use DataKit\DataViews\Field\Field;
+
+/**
+ * A capability representing a user can view a DataView field.
+ *
+ * @since $ver$
+ */
+final class ViewField extends DataViewCapability {
+	/**
+	 * The Field.
+	 *
+	 * @since $ver$
+	 *
+	 * @var Field
+	 */
+	private Field $field;
+
+	/**
+	 * Creates the capability.
+	 *
+	 * @since $ver$
+	 *
+	 * @param DataView $dataview The DataView.
+	 * @param Field    $field    The Field.
+	 */
+	public function __construct( DataView $dataview, Field $field ) {
+		parent::__construct( $dataview );
+
+		$this->field = $field;
+	}
+
+	/**
+	 * Returns the Field to view.
+	 *
+	 * @since $ver$
+	 *
+	 * @return Field The Field.
+	 */
+	public function field(): Field {
+		return $this->field;
+	}
+}

src/ACL/Capability/ViewField.php

@@ -2,8 +2,10 @@
 
 namespace DataKit\DataViews\ACL;
 
+use DataKit\DataViews\ACL\Capability\Capability;
+
 /**
- * AccessControlManager that allows full access to anyone.
+ * AccessControlManager that allows read access to anyone.
  *
  * @since $ver$
  */
@@ -13,7 +15,7 @@ final class ReadOnlyAccessController implements AccessController {
 	 *
 	 * @since $ver$
 	 */
-	public function can( Capability $capability, ...$context ): bool {
-		return strpos( $capability->as_string(), 'view_' ) === 0;
+	public function can( Capability $capability ): bool {
+		return ! $capability->is_mutative() && ! $capability->is_destructive();
 	}
 }

src/ACL/ReadOnlyAccessController.php

@@ -3,7 +3,7 @@
 namespace DataKit\DataViews\DataView;
 
 use DataKit\DataViews\ACL\AccessControlManager;
-use DataKit\DataViews\ACL\Capability;
+use DataKit\DataViews\ACL\Capability\ViewField;
 use DataKit\DataViews\Data\DataSource;
 use DataKit\DataViews\Data\Exception\DataSourceException;
 use DataKit\DataViews\Data\MutableDataSource;
@@ -749,9 +749,7 @@ private function allowed_fields( array $fields ): array {
 		return array_filter(
 			$fields,
 			fn( Field $field ) => AccessControlManager::current()->can(
-				Capability::view_dataview_field(),
-				$this,
-				$field
+				new ViewField( $this, $field )
 			)
 		);
 	}

src/DataView/DataView.php

@@ -4,7 +4,7 @@
 
 use DataKit\DataViews\ACL\AccessController;
 use DataKit\DataViews\ACL\AccessControlManager;
-use DataKit\DataViews\ACL\Capability;
+use DataKit\DataViews\ACL\Capability\Capability;
 use DataKit\DataViews\ACL\ReadOnlyAccessController;
 use PHPUnit\Framework\TestCase;
 

tests/ACL/AccessControlManagerTest.php

@@ -2,8 +2,14 @@
 
 namespace DataKit\DataViews\Tests\ACL;
 
-use DataKit\DataViews\ACL\Capability;
+use DataKit\DataViews\ACL\Capability\DeleteDataView;
+use DataKit\DataViews\ACL\Capability\EditDataView;
+use DataKit\DataViews\ACL\Capability\ViewDataView;
+use DataKit\DataViews\ACL\Capability\ViewField;
 use DataKit\DataViews\ACL\ReadOnlyAccessController;
+use DataKit\DataViews\Data\ArrayDataSource;
+use DataKit\DataViews\DataView\DataView;
+use DataKit\DataViews\Field\TextField;
 use PHPUnit\Framework\TestCase;
 
 /**
@@ -20,8 +26,12 @@ final class ReadOnlyAccessControllerTest extends TestCase {
 	public function test_controller(): void {
 		$controller = new ReadOnlyAccessController();
 
-		self::assertTrue( $controller->can( Capability::view_dataview() ) );
-		self::assertTrue( $controller->can( Capability::view_dataview_field() ) );
-		self::assertFalse( $controller->can( Capability::edit_dataview() ) );
+		$field    = TextField::create( 'test', 'Test' );
+		$dataview = DataView::table( 'test', new ArrayDataSource( 'test', [] ), [ $field ] );
+
+		self::assertTrue( $controller->can( new ViewDataView( $dataview ) ) );
+		self::assertFalse( $controller->can( new EditDataView( $dataview ) ) );
+		self::assertFalse( $controller->can( new DeleteDataView( $dataview ) ) );
+		self::assertTrue( $controller->can( new ViewField( $dataview, $field ) ) );
 	}
 }