refactor(arch): enforce gateway compliance and remove service-wrapping gateways

This commit is contained in:
2026-03-13 11:31:33 +01:00
parent 082fa4c9a5
commit 892da0048d
96 changed files with 1117 additions and 1060 deletions

View File

@@ -71,7 +71,7 @@ foreach ($uuids as $uuid) {
continue;
}
// Scope check per user prevents cross-tenant exports in mixed selections.
if (!app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class)->canAccess('users', $userId, $currentUserId)) {
if (!app(\MintyPHP\Service\Tenant\TenantScopeService::class)->canAccess('users', $userId, $currentUserId)) {
continue;
}
$users[] = $user;

View File

@@ -39,7 +39,7 @@ $userCustomFieldValueService = app(UserCustomFieldValueService::class);
$passwordMinLength = $userPasswordPolicyService->minLength();
$passwordHints = $userPasswordPolicyService->hints();
$settingsDefaultsGateway = app(\MintyPHP\Service\Settings\SettingsDefaultsGateway::class);
$directoryScopeGateway = app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class);
$directoryScopeGateway = app(\MintyPHP\Service\Tenant\TenantScopeService::class);
$tenantService = app(\MintyPHP\Service\Tenant\TenantService::class);
$roleService = app(\MintyPHP\Service\Access\RoleService::class);
$departmentService = app(\MintyPHP\Service\Org\DepartmentService::class);

View File

@@ -119,7 +119,7 @@ if ($canViewUserMeta || $canViewUserAudit) {
$errorBag = formErrors();
$errors = [];
$form = $user;
$scopeGateway = app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class);
$scopeGateway = app(\MintyPHP\Service\Tenant\TenantScopeService::class);
$strictTenantScope = $scopeGateway->isStrict();
$tenants = $tenantService->list();

View File

@@ -41,7 +41,7 @@ $filterState = gridParseFilters($query, [
]);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$allowedTenantIds = app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class)->getUserTenantIds($currentUserId);
$allowedTenantIds = app(\MintyPHP\Service\Tenant\TenantScopeService::class)->getUserTenantIds($currentUserId);
$uiAccessService = app(UiAccessService::class);
$selfEditDecision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_EDIT_CONTEXT, [
'actor_user_id' => $currentUserId,
@@ -70,7 +70,7 @@ if ($allowedTenantIds) {
$tenantId = (int) ($tenant['id'] ?? 0);
return $tenantId > 0 && in_array($tenantId, $allowedTenantIds, true);
}));
} elseif (app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class)->isStrict()) {
} elseif (app(\MintyPHP\Service\Tenant\TenantScopeService::class)->isStrict()) {
$tenants = [];
}
sortByDescription($tenants);
@@ -79,7 +79,7 @@ $roles = app(\MintyPHP\Service\Access\RoleService::class)->listActive();
sortByDescription($roles);
$departments = $allowedTenantIds ? app(\MintyPHP\Service\Org\DepartmentService::class)->listByTenantIds($allowedTenantIds) : [];
if (!$allowedTenantIds && !app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class)->isStrict()) {
if (!$allowedTenantIds && !app(\MintyPHP\Service\Tenant\TenantScopeService::class)->isStrict()) {
$departments = app(\MintyPHP\Service\Org\DepartmentService::class)->list();
}
sortByDescription($departments);