instances added god may help
This commit is contained in:
@@ -2,13 +2,20 @@
|
||||
|
||||
namespace MintyPHP\Service\Access;
|
||||
|
||||
use MintyPHP\Repository\Access\PermissionRepository;
|
||||
use MintyPHP\Repository\Access\RolePermissionRepository;
|
||||
use MintyPHP\Repository\Access\UserRoleRepository;
|
||||
use MintyPHP\Repository\Access\PermissionRepository;
|
||||
|
||||
class PermissionService
|
||||
{
|
||||
private static array $apiPermissionCache = [];
|
||||
private array $apiPermissionCache = [];
|
||||
|
||||
public function __construct(
|
||||
private readonly PermissionRepository $permissionRepository,
|
||||
private readonly RolePermissionRepository $rolePermissionRepository,
|
||||
private readonly UserRoleRepository $userRoleRepository
|
||||
) {
|
||||
}
|
||||
|
||||
public const USERS_CREATE = 'users.create';
|
||||
public const USERS_DELETE = 'users.delete';
|
||||
@@ -58,30 +65,30 @@ class PermissionService
|
||||
public const STATS_VIEW = 'stats.view';
|
||||
public const API_TOKENS_MANAGE = 'api_tokens.manage';
|
||||
|
||||
public static function userHas(int $userId, string $permissionKey): bool
|
||||
public function userHas(int $userId, string $permissionKey): bool
|
||||
{
|
||||
$permissionKey = trim((string) $permissionKey);
|
||||
if ($userId <= 0 || $permissionKey === '') {
|
||||
return false;
|
||||
}
|
||||
$keys = self::getUserPermissions($userId);
|
||||
$keys = $this->getUserPermissions($userId);
|
||||
return in_array($permissionKey, $keys, true);
|
||||
}
|
||||
|
||||
public static function getUserPermissions(int $userId, bool $refresh = false): array
|
||||
public function getUserPermissions(int $userId, bool $refresh = false): array
|
||||
{
|
||||
if ($userId <= 0) {
|
||||
return [];
|
||||
}
|
||||
|
||||
if (self::isApiRequest()) {
|
||||
if (!$refresh && isset(self::$apiPermissionCache[$userId])) {
|
||||
return self::$apiPermissionCache[$userId];
|
||||
if ($this->isApiRequest()) {
|
||||
if (!$refresh && isset($this->apiPermissionCache[$userId])) {
|
||||
return $this->apiPermissionCache[$userId];
|
||||
}
|
||||
|
||||
$roleIds = UserRoleRepository::listRoleIdsByUserId($userId);
|
||||
$keys = RolePermissionRepository::listPermissionKeysByRoleIds($roleIds);
|
||||
self::$apiPermissionCache[$userId] = $keys;
|
||||
$roleIds = $this->userRoleRepository->listRoleIdsByUserId($userId);
|
||||
$keys = $this->rolePermissionRepository->listPermissionKeysByRoleIds($roleIds);
|
||||
$this->apiPermissionCache[$userId] = $keys;
|
||||
return $keys;
|
||||
}
|
||||
|
||||
@@ -95,8 +102,8 @@ class PermissionService
|
||||
return $keys;
|
||||
}
|
||||
}
|
||||
$roleIds = UserRoleRepository::listRoleIdsByUserId($userId);
|
||||
$keys = RolePermissionRepository::listPermissionKeysByRoleIds($roleIds);
|
||||
$roleIds = $this->userRoleRepository->listRoleIdsByUserId($userId);
|
||||
$keys = $this->rolePermissionRepository->listPermissionKeysByRoleIds($roleIds);
|
||||
$_SESSION['permissions'] = [
|
||||
'user_id' => $userId,
|
||||
'keys' => $keys,
|
||||
@@ -104,14 +111,14 @@ class PermissionService
|
||||
return $keys;
|
||||
}
|
||||
|
||||
public static function getCachedPermissions(int $userId): array
|
||||
public function getCachedPermissions(int $userId): array
|
||||
{
|
||||
if ($userId <= 0) {
|
||||
return [];
|
||||
}
|
||||
|
||||
if (self::isApiRequest()) {
|
||||
return self::$apiPermissionCache[$userId] ?? [];
|
||||
if ($this->isApiRequest()) {
|
||||
return $this->apiPermissionCache[$userId] ?? [];
|
||||
}
|
||||
|
||||
$cache = $_SESSION['permissions'] ?? null;
|
||||
@@ -122,10 +129,10 @@ class PermissionService
|
||||
return [];
|
||||
}
|
||||
|
||||
public static function clearUserCache(int $userId): void
|
||||
public function clearUserCache(int $userId): void
|
||||
{
|
||||
if (self::isApiRequest()) {
|
||||
unset(self::$apiPermissionCache[$userId]);
|
||||
if ($this->isApiRequest()) {
|
||||
unset($this->apiPermissionCache[$userId]);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -135,98 +142,98 @@ class PermissionService
|
||||
}
|
||||
}
|
||||
|
||||
private static function isApiRequest(): bool
|
||||
private function isApiRequest(): bool
|
||||
{
|
||||
return defined('MINTY_API_REQUEST');
|
||||
}
|
||||
|
||||
public static function list(): array
|
||||
public function list(): array
|
||||
{
|
||||
return PermissionRepository::list();
|
||||
return $this->permissionRepository->list();
|
||||
}
|
||||
|
||||
public static function listActive(): array
|
||||
public function listActive(): array
|
||||
{
|
||||
return PermissionRepository::listActive();
|
||||
return $this->permissionRepository->listActive();
|
||||
}
|
||||
|
||||
public static function listPaged(array $options): array
|
||||
public function listPaged(array $options): array
|
||||
{
|
||||
return PermissionRepository::listPaged($options);
|
||||
return $this->permissionRepository->listPaged($options);
|
||||
}
|
||||
|
||||
public static function find(int $id): ?array
|
||||
public function find(int $id): ?array
|
||||
{
|
||||
return PermissionRepository::find($id);
|
||||
return $this->permissionRepository->find($id);
|
||||
}
|
||||
|
||||
public static function findByKey(string $key): ?array
|
||||
public function findByKey(string $key): ?array
|
||||
{
|
||||
return PermissionRepository::findByKey($key);
|
||||
return $this->permissionRepository->findByKey($key);
|
||||
}
|
||||
|
||||
public static function createFromAdmin(array $input): array
|
||||
public function createFromAdmin(array $input): array
|
||||
{
|
||||
$form = self::sanitizeBase($input);
|
||||
$errors = self::validateBase($form);
|
||||
$form = $this->sanitizeBase($input);
|
||||
$errors = $this->validateBase($form);
|
||||
if ($errors) {
|
||||
return ['ok' => false, 'errors' => $errors, 'form' => $form];
|
||||
}
|
||||
if (PermissionRepository::findByKey($form['key'])) {
|
||||
if ($this->permissionRepository->findByKey($form['key'])) {
|
||||
return ['ok' => false, 'errors' => [t('Permission key already exists')], 'form' => $form];
|
||||
}
|
||||
$createdId = PermissionRepository::create($form);
|
||||
$createdId = $this->permissionRepository->create($form);
|
||||
if (!$createdId) {
|
||||
return ['ok' => false, 'errors' => [t('Permission can not be created')], 'form' => $form];
|
||||
}
|
||||
return ['ok' => true, 'form' => $form, 'id' => (int) $createdId];
|
||||
}
|
||||
|
||||
public static function updateFromAdmin(int $id, array $input): array
|
||||
public function updateFromAdmin(int $id, array $input): array
|
||||
{
|
||||
$form = self::sanitizeBase($input);
|
||||
$errors = self::validateBase($form);
|
||||
$form = $this->sanitizeBase($input);
|
||||
$errors = $this->validateBase($form);
|
||||
if ($errors) {
|
||||
return ['ok' => false, 'errors' => $errors, 'form' => $form];
|
||||
}
|
||||
$existing = PermissionRepository::findByKey($form['key']);
|
||||
$existing = $this->permissionRepository->findByKey($form['key']);
|
||||
if ($existing && (int) ($existing['id'] ?? 0) !== $id) {
|
||||
return ['ok' => false, 'errors' => [t('Permission key already exists')], 'form' => $form];
|
||||
}
|
||||
$updated = PermissionRepository::update($id, $form);
|
||||
$updated = $this->permissionRepository->update($id, $form);
|
||||
if (!$updated) {
|
||||
return ['ok' => false, 'errors' => [t('Permission can not be updated')], 'form' => $form];
|
||||
}
|
||||
return ['ok' => true, 'form' => $form];
|
||||
}
|
||||
|
||||
public static function deleteById(int $id): array
|
||||
public function deleteById(int $id): array
|
||||
{
|
||||
$permission = PermissionRepository::find($id);
|
||||
$permission = $this->permissionRepository->find($id);
|
||||
if (!$permission) {
|
||||
return ['ok' => false, 'status' => 404, 'error' => 'not_found'];
|
||||
}
|
||||
if ((int) ($permission['is_system'] ?? 0) === 1) {
|
||||
return ['ok' => false, 'status' => 403, 'error' => 'system_permission_protected'];
|
||||
}
|
||||
$deleted = PermissionRepository::delete($id);
|
||||
$deleted = $this->permissionRepository->delete($id);
|
||||
if (!$deleted) {
|
||||
return ['ok' => false, 'status' => 500, 'error' => 'delete_failed'];
|
||||
}
|
||||
return ['ok' => true, 'permission' => $permission];
|
||||
}
|
||||
|
||||
private static function sanitizeBase(array $input): array
|
||||
private function sanitizeBase(array $input): array
|
||||
{
|
||||
return [
|
||||
'key' => trim((string) ($input['key'] ?? '')),
|
||||
'description' => trim((string) ($input['description'] ?? '')),
|
||||
'active' => self::normalizeActive($input['active'] ?? 1),
|
||||
'is_system' => self::normalizeFlag($input['is_system'] ?? 0),
|
||||
'active' => $this->normalizeActive($input['active'] ?? 1),
|
||||
'is_system' => $this->normalizeFlag($input['is_system'] ?? 0),
|
||||
];
|
||||
}
|
||||
|
||||
private static function validateBase(array $form): array
|
||||
private function validateBase(array $form): array
|
||||
{
|
||||
$errors = [];
|
||||
if ($form['key'] === '') {
|
||||
@@ -237,7 +244,7 @@ class PermissionService
|
||||
return $errors;
|
||||
}
|
||||
|
||||
private static function normalizeActive($value): int
|
||||
private function normalizeActive($value): int
|
||||
{
|
||||
$value = strtolower(trim((string) $value));
|
||||
if (in_array($value, ['0', 'false', 'inactive'], true)) {
|
||||
@@ -246,7 +253,7 @@ class PermissionService
|
||||
return 1;
|
||||
}
|
||||
|
||||
private static function normalizeFlag($value): int
|
||||
private function normalizeFlag($value): int
|
||||
{
|
||||
if (is_bool($value)) {
|
||||
return $value ? 1 : 0;
|
||||
|
||||
Reference in New Issue
Block a user