refactor: enforce layer discipline — move repositories, fix constructor injection
- Move HelpdeskTenantSettingsRepository and HelpdeskTokenRepository from Service/ to Repository/ directory (GR-SEC-003: SQL only in repositories) - Make AccessControl constructor require IntendedUrlService explicitly instead of falling back to `new IntendedUrlService()` (GR-TEST-002: no service instantiation outside factories) - Update all imports and tests accordingly Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -22,7 +22,7 @@ class AccessControl
|
||||
private array $configuredPublicPaths;
|
||||
private IntendedUrlService $intendedUrlService;
|
||||
|
||||
public function __construct(array $publicPaths = [], ?IntendedUrlService $intendedUrlService = null)
|
||||
public function __construct(array $publicPaths, IntendedUrlService $intendedUrlService)
|
||||
{
|
||||
$normalizedPaths = [];
|
||||
foreach ($publicPaths as $path) {
|
||||
@@ -34,7 +34,7 @@ class AccessControl
|
||||
}
|
||||
|
||||
$this->configuredPublicPaths = array_values(array_unique($normalizedPaths));
|
||||
$this->intendedUrlService = $intendedUrlService ?? new IntendedUrlService();
|
||||
$this->intendedUrlService = $intendedUrlService;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -13,8 +13,8 @@ use MintyPHP\Module\Helpdesk\Service\EffectiveHelpdeskSettingsService;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskOAuthTokenService;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskSettingsGateway;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskTenantSettingsGateway;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskTenantSettingsRepository;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskTokenRepository;
|
||||
use MintyPHP\Module\Helpdesk\Repository\HelpdeskTenantSettingsRepository;
|
||||
use MintyPHP\Module\Helpdesk\Repository\HelpdeskTokenRepository;
|
||||
use MintyPHP\Module\Helpdesk\Service\SystemRecommendationEngine;
|
||||
use MintyPHP\Module\Helpdesk\Service\TicketCommunicationService;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
namespace MintyPHP\Module\Helpdesk\Service;
|
||||
namespace MintyPHP\Module\Helpdesk\Repository;
|
||||
|
||||
use MintyPHP\DB;
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
namespace MintyPHP\Module\Helpdesk\Service;
|
||||
namespace MintyPHP\Module\Helpdesk\Repository;
|
||||
|
||||
use MintyPHP\DB;
|
||||
use MintyPHP\Service\Settings\SettingsCryptoGatewayInterface;
|
||||
@@ -2,6 +2,8 @@
|
||||
|
||||
namespace MintyPHP\Module\Helpdesk\Service;
|
||||
|
||||
use MintyPHP\Module\Helpdesk\Repository\HelpdeskTokenRepository;
|
||||
|
||||
/**
|
||||
* OAuth2 client_credentials token service for BC OData access.
|
||||
*
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace MintyPHP\Module\Helpdesk\Service;
|
||||
|
||||
use MintyPHP\Module\Helpdesk\Repository\HelpdeskTenantSettingsRepository;
|
||||
use MintyPHP\Service\Settings\SettingsCryptoGatewayInterface;
|
||||
|
||||
/**
|
||||
|
||||
@@ -5,7 +5,7 @@ use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Module\Helpdesk\HelpdeskAuthorizationPolicy;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskSettingsGateway;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskTenantSettingsGateway;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskTokenRepository;
|
||||
use MintyPHP\Module\Helpdesk\Repository\HelpdeskTokenRepository;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
@@ -5,7 +5,7 @@ namespace MintyPHP\Tests\Module\Helpdesk\Service;
|
||||
use MintyPHP\Module\Helpdesk\Service\EffectiveHelpdeskSettingsService;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskOAuthTokenService;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskSettingsGateway;
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskTokenRepository;
|
||||
use MintyPHP\Module\Helpdesk\Repository\HelpdeskTokenRepository;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
|
||||
class HelpdeskOAuthTokenServiceTest extends TestCase
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
namespace MintyPHP\Tests\Module\Helpdesk\Service;
|
||||
|
||||
use MintyPHP\Module\Helpdesk\Service\HelpdeskTokenRepository;
|
||||
use MintyPHP\Module\Helpdesk\Repository\HelpdeskTokenRepository;
|
||||
use MintyPHP\Service\Settings\SettingsCryptoGatewayInterface;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
|
||||
|
||||
@@ -3,13 +3,19 @@
|
||||
namespace MintyPHP\Tests\Http;
|
||||
|
||||
use MintyPHP\Http\AccessControl;
|
||||
use MintyPHP\Http\IntendedUrlService;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
|
||||
class AccessControlTest extends TestCase
|
||||
{
|
||||
private function createAccessControl(array $publicPaths = []): AccessControl
|
||||
{
|
||||
return new AccessControl($publicPaths, new IntendedUrlService());
|
||||
}
|
||||
|
||||
public function testConfiguredPublicPathIsAccessible(): void
|
||||
{
|
||||
$accessControl = new AccessControl(['imprint', 'privacy']);
|
||||
$accessControl = $this->createAccessControl(['imprint', 'privacy']);
|
||||
|
||||
$this->assertTrue($accessControl->isPublicPath('imprint'));
|
||||
$this->assertTrue($accessControl->isPublicPath('/privacy'));
|
||||
@@ -17,7 +23,7 @@ class AccessControlTest extends TestCase
|
||||
|
||||
public function testPageSlugPathIsNotAutoPublic(): void
|
||||
{
|
||||
$accessControl = new AccessControl(['imprint']);
|
||||
$accessControl = $this->createAccessControl(['imprint']);
|
||||
|
||||
$this->assertTrue($accessControl->isPublicPath('imprint'));
|
||||
$this->assertFalse($accessControl->isPublicPath('page/imprint'));
|
||||
@@ -25,7 +31,7 @@ class AccessControlTest extends TestCase
|
||||
|
||||
public function testAlwaysPublicPrefixesRemainAccessible(): void
|
||||
{
|
||||
$accessControl = new AccessControl([]);
|
||||
$accessControl = $this->createAccessControl([]);
|
||||
|
||||
$this->assertTrue($accessControl->isPublicPath('api/v1/health'));
|
||||
$this->assertTrue($accessControl->isPublicPath('auth/microsoft/callback'));
|
||||
|
||||
Reference in New Issue
Block a user