refactor(arch): enforce gateway compliance and remove service-wrapping gateways
This commit is contained in:
@@ -2,17 +2,27 @@
|
||||
|
||||
namespace MintyPHP\Service\AddressBook;
|
||||
|
||||
use MintyPHP\Repository\CustomField\TenantCustomFieldOptionRepository;
|
||||
use MintyPHP\Service\Access\RoleService;
|
||||
use MintyPHP\Service\CustomField\UserCustomFieldValueService;
|
||||
use MintyPHP\Service\Org\DepartmentService;
|
||||
use MintyPHP\Service\Tenant\TenantScopeService;
|
||||
use MintyPHP\Service\Tenant\TenantService;
|
||||
use MintyPHP\Service\User\UserAccountService;
|
||||
use MintyPHP\Service\User\UserAssignmentService;
|
||||
use MintyPHP\Service\User\UserAvatarService;
|
||||
|
||||
class AddressBookService
|
||||
{
|
||||
public function __construct(
|
||||
private readonly UserAccountService $userAccountService,
|
||||
private readonly UserAssignmentService $userAssignmentService,
|
||||
private readonly AddressBookDirectoryGateway $directoryGateway,
|
||||
private readonly AddressBookCustomFieldGateway $customFieldGateway,
|
||||
private readonly AddressBookAvatarGateway $avatarGateway
|
||||
private readonly TenantService $tenantService,
|
||||
private readonly DepartmentService $departmentService,
|
||||
private readonly RoleService $roleService,
|
||||
private readonly TenantScopeService $scopeGateway,
|
||||
private readonly UserCustomFieldValueService $customFieldValueService,
|
||||
private readonly UserAvatarService $avatarService
|
||||
) {
|
||||
}
|
||||
|
||||
@@ -22,8 +32,8 @@ class AddressBookService
|
||||
$activeRoles = $this->splitCommaValues($query['roles'] ?? '');
|
||||
$activeDepartments = $this->splitCommaValues($query['departments'] ?? '');
|
||||
|
||||
$tenantIds = $this->normalizeIds($this->directoryGateway->getUserTenantIds($currentUserId));
|
||||
$tenants = $this->directoryGateway->listTenants();
|
||||
$tenantIds = $this->normalizeIds($this->scopeGateway->getUserTenantIds($currentUserId));
|
||||
$tenants = $this->tenantService->list();
|
||||
if ($tenantIds) {
|
||||
$allowedTenantMap = array_fill_keys($tenantIds, true);
|
||||
$tenants = array_values(array_filter(
|
||||
@@ -33,7 +43,7 @@ class AddressBookService
|
||||
return $tenantId > 0 && isset($allowedTenantMap[$tenantId]);
|
||||
}
|
||||
));
|
||||
} elseif ($this->directoryGateway->isStrictScope()) {
|
||||
} elseif ($this->scopeGateway->isStrict()) {
|
||||
$tenants = [];
|
||||
}
|
||||
|
||||
@@ -46,12 +56,12 @@ class AddressBookService
|
||||
);
|
||||
|
||||
$departments = $tenantIds
|
||||
? $this->directoryGateway->listDepartmentsByTenantIds($tenantIds)
|
||||
: ($this->directoryGateway->isStrictScope() ? [] : $this->directoryGateway->listDepartments());
|
||||
? $this->departmentService->listByTenantIds($tenantIds)
|
||||
: ($this->scopeGateway->isStrict() ? [] : $this->departmentService->list());
|
||||
|
||||
$roles = $this->directoryGateway->listActiveRoles();
|
||||
$roles = $this->roleService->listActive();
|
||||
|
||||
$customFieldFilterSpec = $this->customFieldGateway->extractFilterSpec($query, $currentUserId);
|
||||
$customFieldFilterSpec = $this->customFieldValueService->extractAddressBookFilterSpec($query, $currentUserId);
|
||||
$customFieldFilterDefinitions = $this->normalizeDefinitions(
|
||||
$customFieldFilterSpec['definitions'] ?? []
|
||||
);
|
||||
@@ -68,7 +78,7 @@ class AddressBookService
|
||||
}
|
||||
$customFieldDefinitionIds = array_values(array_unique($customFieldDefinitionIds));
|
||||
|
||||
$customFieldOptions = $this->customFieldGateway->listOptionsByDefinitionIds(
|
||||
$customFieldOptions = TenantCustomFieldOptionRepository::listByDefinitionIds(
|
||||
$customFieldDefinitionIds,
|
||||
true
|
||||
);
|
||||
@@ -151,7 +161,7 @@ class AddressBookService
|
||||
$tenants = $query['tenants'] ?? '';
|
||||
$departments = $query['departments'] ?? '';
|
||||
$roles = $query['roles'] ?? '';
|
||||
$customFieldFilterSpec = $this->customFieldGateway->extractFilterSpec($query, $currentUserId);
|
||||
$customFieldFilterSpec = $this->customFieldValueService->extractAddressBookFilterSpec($query, $currentUserId);
|
||||
|
||||
$result = $this->userAccountService->listPaged([
|
||||
'limit' => $limit,
|
||||
@@ -195,7 +205,7 @@ class AddressBookService
|
||||
'tenants' => $tenantList,
|
||||
'departments' => $departmentList,
|
||||
'roles' => $roleList,
|
||||
'has_avatar' => $uuid !== '' && $this->avatarGateway->hasAvatar($uuid),
|
||||
'has_avatar' => $uuid !== '' && $this->avatarService->hasAvatar($uuid),
|
||||
];
|
||||
}
|
||||
|
||||
@@ -225,12 +235,12 @@ class AddressBookService
|
||||
// Users can always view their own profile; others require scope access.
|
||||
if (
|
||||
$currentUserId !== $targetUserId
|
||||
&& !$this->directoryGateway->canAccessUser($currentUserId, $targetUserId)
|
||||
&& !$this->scopeGateway->canAccess('users', $targetUserId, $currentUserId)
|
||||
) {
|
||||
return ['status' => 'forbidden'];
|
||||
}
|
||||
|
||||
$viewerTenantIds = $this->normalizeIds($this->directoryGateway->getUserTenantIds($currentUserId));
|
||||
$viewerTenantIds = $this->normalizeIds($this->scopeGateway->getUserTenantIds($currentUserId));
|
||||
$assignments = $this->userAssignmentService->buildAssignmentsForUser($targetUserId);
|
||||
|
||||
$departmentMap = [];
|
||||
@@ -294,7 +304,7 @@ class AddressBookService
|
||||
$roleLabels = array_values($roleLabels);
|
||||
|
||||
$avatarUuid = (string) ($user['uuid'] ?? '');
|
||||
$user['has_avatar'] = $avatarUuid !== '' && $this->avatarGateway->hasAvatar($avatarUuid);
|
||||
$user['has_avatar'] = $avatarUuid !== '' && $this->avatarService->hasAvatar($avatarUuid);
|
||||
$user['tenant_groups'] = $tenantGroups;
|
||||
$user['role_labels'] = $roleLabels;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user