refactor(arch): enforce gateway compliance and remove service-wrapping gateways
This commit is contained in:
@@ -42,7 +42,7 @@ final class OperationsAuthorizationPolicy implements AuthorizationPolicyInterfac
|
||||
public const ABILITY_API_TOKENS_SELF_MANAGE = 'ops.api.tokens.self_manage';
|
||||
|
||||
public function __construct(
|
||||
private readonly PermissionGateway $permissionGateway
|
||||
private readonly PermissionService $permissionService
|
||||
) {
|
||||
}
|
||||
|
||||
@@ -138,10 +138,10 @@ final class OperationsAuthorizationPolicy implements AuthorizationPolicyInterfac
|
||||
|
||||
private function authorizeUsersCreateCustomFields(int $actorUserId): AuthorizationDecision
|
||||
{
|
||||
if (!$this->permissionGateway->userHas($actorUserId, PermissionService::CUSTOM_FIELDS_EDIT_VALUES)) {
|
||||
if (!$this->permissionService->userHas($actorUserId, PermissionService::CUSTOM_FIELDS_EDIT_VALUES)) {
|
||||
return AuthorizationDecision::deny(403, 'forbidden');
|
||||
}
|
||||
if (!$this->permissionGateway->userHas($actorUserId, PermissionService::USERS_UPDATE_ASSIGNMENTS)) {
|
||||
if (!$this->permissionService->userHas($actorUserId, PermissionService::USERS_UPDATE_ASSIGNMENTS)) {
|
||||
return AuthorizationDecision::deny(403, 'forbidden');
|
||||
}
|
||||
return AuthorizationDecision::allow();
|
||||
@@ -149,10 +149,10 @@ final class OperationsAuthorizationPolicy implements AuthorizationPolicyInterfac
|
||||
|
||||
private function authorizeApiTokensSelfManage(int $actorUserId): AuthorizationDecision
|
||||
{
|
||||
if ($this->permissionGateway->userHas($actorUserId, PermissionService::USERS_SELF_UPDATE)) {
|
||||
if ($this->permissionService->userHas($actorUserId, PermissionService::USERS_SELF_UPDATE)) {
|
||||
return AuthorizationDecision::allow();
|
||||
}
|
||||
if ($this->permissionGateway->userHas($actorUserId, PermissionService::API_TOKENS_MANAGE)) {
|
||||
if ($this->permissionService->userHas($actorUserId, PermissionService::API_TOKENS_MANAGE)) {
|
||||
return AuthorizationDecision::allow();
|
||||
}
|
||||
return AuthorizationDecision::deny(403, 'forbidden');
|
||||
@@ -160,7 +160,7 @@ final class OperationsAuthorizationPolicy implements AuthorizationPolicyInterfac
|
||||
|
||||
private function allowIfHas(int $actorUserId, string $permissionKey): AuthorizationDecision
|
||||
{
|
||||
if (!$this->permissionGateway->userHas($actorUserId, $permissionKey)) {
|
||||
if (!$this->permissionService->userHas($actorUserId, $permissionKey)) {
|
||||
return AuthorizationDecision::deny(403, 'forbidden');
|
||||
}
|
||||
return AuthorizationDecision::allow();
|
||||
|
||||
Reference in New Issue
Block a user