refactor(arch): enforce gateway compliance and remove service-wrapping gateways

This commit is contained in:
2026-03-13 11:31:33 +01:00
parent 082fa4c9a5
commit 892da0048d
96 changed files with 1117 additions and 1060 deletions

View File

@@ -42,7 +42,7 @@ final class OperationsAuthorizationPolicy implements AuthorizationPolicyInterfac
public const ABILITY_API_TOKENS_SELF_MANAGE = 'ops.api.tokens.self_manage';
public function __construct(
private readonly PermissionGateway $permissionGateway
private readonly PermissionService $permissionService
) {
}
@@ -138,10 +138,10 @@ final class OperationsAuthorizationPolicy implements AuthorizationPolicyInterfac
private function authorizeUsersCreateCustomFields(int $actorUserId): AuthorizationDecision
{
if (!$this->permissionGateway->userHas($actorUserId, PermissionService::CUSTOM_FIELDS_EDIT_VALUES)) {
if (!$this->permissionService->userHas($actorUserId, PermissionService::CUSTOM_FIELDS_EDIT_VALUES)) {
return AuthorizationDecision::deny(403, 'forbidden');
}
if (!$this->permissionGateway->userHas($actorUserId, PermissionService::USERS_UPDATE_ASSIGNMENTS)) {
if (!$this->permissionService->userHas($actorUserId, PermissionService::USERS_UPDATE_ASSIGNMENTS)) {
return AuthorizationDecision::deny(403, 'forbidden');
}
return AuthorizationDecision::allow();
@@ -149,10 +149,10 @@ final class OperationsAuthorizationPolicy implements AuthorizationPolicyInterfac
private function authorizeApiTokensSelfManage(int $actorUserId): AuthorizationDecision
{
if ($this->permissionGateway->userHas($actorUserId, PermissionService::USERS_SELF_UPDATE)) {
if ($this->permissionService->userHas($actorUserId, PermissionService::USERS_SELF_UPDATE)) {
return AuthorizationDecision::allow();
}
if ($this->permissionGateway->userHas($actorUserId, PermissionService::API_TOKENS_MANAGE)) {
if ($this->permissionService->userHas($actorUserId, PermissionService::API_TOKENS_MANAGE)) {
return AuthorizationDecision::allow();
}
return AuthorizationDecision::deny(403, 'forbidden');
@@ -160,7 +160,7 @@ final class OperationsAuthorizationPolicy implements AuthorizationPolicyInterfac
private function allowIfHas(int $actorUserId, string $permissionKey): AuthorizationDecision
{
if (!$this->permissionGateway->userHas($actorUserId, $permissionKey)) {
if (!$this->permissionService->userHas($actorUserId, $permissionKey)) {
return AuthorizationDecision::deny(403, 'forbidden');
}
return AuthorizationDecision::allow();