instances added god may help
This commit is contained in:
@@ -2,15 +2,18 @@
|
||||
|
||||
namespace MintyPHP\Support;
|
||||
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
use MintyPHP\Service\Tenant\TenantService;
|
||||
use MintyPHP\Service\Auth\AuthService;
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\AccessServicesFactory;
|
||||
use MintyPHP\Service\Access\PermissionGateway;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\Directory\DirectoryServicesFactory;
|
||||
|
||||
class Guard
|
||||
{
|
||||
private const TENANT_REFRESH_INTERVAL = 60;
|
||||
private static ?AccessServicesFactory $accessServicesFactory = null;
|
||||
private static ?PermissionGateway $permissionGateway = null;
|
||||
|
||||
public static function requireLogin(string $redirect = 'login'): void
|
||||
{
|
||||
@@ -20,7 +23,7 @@ class Guard
|
||||
}
|
||||
self::refreshTenantContext();
|
||||
if (!empty($_SESSION['no_active_tenant'])) {
|
||||
AuthService::logout();
|
||||
(new AuthServicesFactory())->createAuthService()->logout();
|
||||
Flash::error('No active tenant assigned', 'login', 'no_active_tenant');
|
||||
Router::redirect($redirect);
|
||||
}
|
||||
@@ -34,7 +37,7 @@ class Guard
|
||||
}
|
||||
|
||||
$tenantId = (int) $currentTenant['id'];
|
||||
$tenant = TenantService::findById($tenantId);
|
||||
$tenant = (new DirectoryServicesFactory())->createTenantService()->findById($tenantId);
|
||||
if ($tenant) {
|
||||
return;
|
||||
}
|
||||
@@ -42,7 +45,7 @@ class Guard
|
||||
// Current tenant was deleted, refresh session data
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
if ($userId > 0) {
|
||||
AuthService::loadTenantDataIntoSession($userId);
|
||||
(new AuthServicesFactory())->createAuthService()->loadTenantDataIntoSession($userId);
|
||||
} else {
|
||||
unset($_SESSION['current_tenant']);
|
||||
}
|
||||
@@ -59,7 +62,7 @@ class Guard
|
||||
if ($last > 0 && ($now - $last) < self::TENANT_REFRESH_INTERVAL) {
|
||||
return;
|
||||
}
|
||||
AuthService::loadTenantDataIntoSession($userId);
|
||||
(new AuthServicesFactory())->createAuthService()->loadTenantDataIntoSession($userId);
|
||||
$_SESSION['tenant_context_refreshed_at'] = $now;
|
||||
}
|
||||
|
||||
@@ -68,7 +71,7 @@ class Guard
|
||||
self::requireLogin();
|
||||
self::validateCurrentTenant();
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
if (!$userId || !PermissionService::userHas($userId, $permissionKey)) {
|
||||
if (!$userId || !self::permissionGateway()->userHas($userId, $permissionKey)) {
|
||||
Flash::error('Permission denied', $redirect, 'permission_denied');
|
||||
Router::redirect($redirect);
|
||||
}
|
||||
@@ -79,7 +82,7 @@ class Guard
|
||||
self::requireLogin();
|
||||
self::validateCurrentTenant();
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
if (!$userId || !PermissionService::userHas($userId, $permissionKey)) {
|
||||
if (!$userId || !self::permissionGateway()->userHas($userId, $permissionKey)) {
|
||||
if (Request::wantsJson()) {
|
||||
http_response_code(403);
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
@@ -89,4 +92,24 @@ class Guard
|
||||
Router::redirect('error/forbidden?url=' . urlencode(Request::pathWithQuery()));
|
||||
}
|
||||
}
|
||||
|
||||
private static function permissionGateway(): PermissionGateway
|
||||
{
|
||||
if (self::$permissionGateway instanceof PermissionGateway) {
|
||||
return self::$permissionGateway;
|
||||
}
|
||||
|
||||
self::$permissionGateway = self::accessServicesFactory()->createPermissionGateway();
|
||||
return self::$permissionGateway;
|
||||
}
|
||||
|
||||
private static function accessServicesFactory(): AccessServicesFactory
|
||||
{
|
||||
if (self::$accessServicesFactory instanceof AccessServicesFactory) {
|
||||
return self::$accessServicesFactory;
|
||||
}
|
||||
|
||||
self::$accessServicesFactory = new AccessServicesFactory();
|
||||
return self::$accessServicesFactory;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,9 +3,12 @@
|
||||
namespace MintyPHP\Support\Search;
|
||||
|
||||
use MintyPHP\Service\User\UserAvatarService;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
|
||||
class SearchItemMapperProvider
|
||||
{
|
||||
private static ?UserAvatarService $userAvatarService = null;
|
||||
|
||||
public static function mapPreviewItem(string $key, array $data, string $query): ?array
|
||||
{
|
||||
if ($key === 'users') {
|
||||
@@ -87,7 +90,7 @@ class SearchItemMapperProvider
|
||||
$description = (string) ($data['email'] ?? '');
|
||||
$uuid = (string) ($data['uuid'] ?? '');
|
||||
$url = lurl('address-book/view/' . $uuid);
|
||||
if ($uuid !== '' && UserAvatarService::hasAvatar($uuid)) {
|
||||
if ($uuid !== '' && self::userAvatarService()->hasAvatar($uuid)) {
|
||||
$image = lurl('admin/users/avatar-file') . '?uuid=' . urlencode($uuid) . '&size=64';
|
||||
}
|
||||
} elseif ($key === 'permissions') {
|
||||
@@ -144,4 +147,14 @@ class SearchItemMapperProvider
|
||||
'icon' => SearchUiMetaProvider::iconForKey($key),
|
||||
];
|
||||
}
|
||||
|
||||
private static function userAvatarService(): UserAvatarService
|
||||
{
|
||||
if (self::$userAvatarService instanceof UserAvatarService) {
|
||||
return self::$userAvatarService;
|
||||
}
|
||||
|
||||
self::$userAvatarService = (new UserServicesFactory())->createUserAvatarService();
|
||||
return self::$userAvatarService;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -127,10 +127,72 @@ function appLogoUrlAbsolute(int $size = 128): string
|
||||
*/
|
||||
function appSetting(string $key): ?string
|
||||
{
|
||||
if (!class_exists('MintyPHP\\Service\\Settings\\SettingCacheService')) {
|
||||
if (!class_exists('MintyPHP\\Service\\Settings\\SettingServicesFactory')) {
|
||||
return null;
|
||||
}
|
||||
return \MintyPHP\Service\Settings\SettingCacheService::get($key);
|
||||
|
||||
static $settingsFactory = null;
|
||||
if (!$settingsFactory instanceof \MintyPHP\Service\Settings\SettingServicesFactory) {
|
||||
$settingsFactory = new \MintyPHP\Service\Settings\SettingServicesFactory();
|
||||
}
|
||||
|
||||
return $settingsFactory->createSettingCacheService()->get($key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Shared per-request factory for tenant/department/role domain services.
|
||||
*/
|
||||
function directoryServicesFactory(): \MintyPHP\Service\Directory\DirectoryServicesFactory
|
||||
{
|
||||
static $factory = null;
|
||||
if (!$factory instanceof \MintyPHP\Service\Directory\DirectoryServicesFactory) {
|
||||
$factory = new \MintyPHP\Service\Directory\DirectoryServicesFactory();
|
||||
}
|
||||
return $factory;
|
||||
}
|
||||
|
||||
/**
|
||||
* Shared per-request factory for access/permission services.
|
||||
*/
|
||||
function accessServicesFactory(): \MintyPHP\Service\Access\AccessServicesFactory
|
||||
{
|
||||
static $factory = null;
|
||||
if (!$factory instanceof \MintyPHP\Service\Access\AccessServicesFactory) {
|
||||
$factory = new \MintyPHP\Service\Access\AccessServicesFactory();
|
||||
}
|
||||
return $factory;
|
||||
}
|
||||
|
||||
/**
|
||||
* Shared per-request permission gateway wrapper.
|
||||
*/
|
||||
function permissionGateway(): \MintyPHP\Service\Access\PermissionGateway
|
||||
{
|
||||
return accessServicesFactory()->createPermissionGateway();
|
||||
}
|
||||
|
||||
/**
|
||||
* Shared per-request factory for audit services.
|
||||
*/
|
||||
function auditServicesFactory(): \MintyPHP\Service\Audit\AuditServicesFactory
|
||||
{
|
||||
static $factory = null;
|
||||
if (!$factory instanceof \MintyPHP\Service\Audit\AuditServicesFactory) {
|
||||
$factory = new \MintyPHP\Service\Audit\AuditServicesFactory();
|
||||
}
|
||||
return $factory;
|
||||
}
|
||||
|
||||
/**
|
||||
* Shared per-request factory for branding services.
|
||||
*/
|
||||
function brandingServicesFactory(): \MintyPHP\Service\Branding\BrandingServicesFactory
|
||||
{
|
||||
static $factory = null;
|
||||
if (!$factory instanceof \MintyPHP\Service\Branding\BrandingServicesFactory) {
|
||||
$factory = new \MintyPHP\Service\Branding\BrandingServicesFactory();
|
||||
}
|
||||
return $factory;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -138,13 +200,19 @@ function appSetting(string $key): ?string
|
||||
*/
|
||||
function appThemes(): array
|
||||
{
|
||||
if (!class_exists('MintyPHP\\Service\\Settings\\ThemeConfigService')) {
|
||||
if (!class_exists('MintyPHP\\Service\\Settings\\SettingServicesFactory')) {
|
||||
return [
|
||||
'light' => 'Light',
|
||||
'dark' => 'Dark',
|
||||
];
|
||||
}
|
||||
return \MintyPHP\Service\Settings\ThemeConfigService::all();
|
||||
|
||||
static $settingsFactory = null;
|
||||
if (!$settingsFactory instanceof \MintyPHP\Service\Settings\SettingServicesFactory) {
|
||||
$settingsFactory = new \MintyPHP\Service\Settings\SettingServicesFactory();
|
||||
}
|
||||
|
||||
return $settingsFactory->createThemeConfigService()->all();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -325,9 +393,12 @@ function appPrimaryCssVars(): string
|
||||
*/
|
||||
function appLogoUrl(?int $size = null): string
|
||||
{
|
||||
if (class_exists('MintyPHP\\Service\\Branding\\BrandingLogoService') && \MintyPHP\Service\Branding\BrandingLogoService::hasLogo()) {
|
||||
$query = $size ? '?size=' . (int) $size : '';
|
||||
return lurl('branding/logo' . $query);
|
||||
if (class_exists('MintyPHP\\Service\\Branding\\BrandingServicesFactory')) {
|
||||
$logoService = brandingServicesFactory()->createBrandingLogoService();
|
||||
if ($logoService->hasLogo()) {
|
||||
$query = $size ? '?size=' . (int) $size : '';
|
||||
return lurl('branding/logo' . $query);
|
||||
}
|
||||
}
|
||||
return asset('brand/logo.svg');
|
||||
}
|
||||
@@ -338,8 +409,13 @@ function appLogoUrl(?int $size = null): string
|
||||
function appFaviconUrl(string $file): string
|
||||
{
|
||||
$tenantUuid = $_SESSION['current_tenant']['uuid'] ?? '';
|
||||
if ($tenantUuid !== '' && class_exists('MintyPHP\\Service\\Tenant\\TenantFaviconService')) {
|
||||
if (\MintyPHP\Service\Tenant\TenantFaviconService::hasFavicon($tenantUuid)) {
|
||||
if ($tenantUuid !== '' && class_exists('MintyPHP\\Service\\Tenant\\TenantServicesFactory')) {
|
||||
static $tenantServicesFactory = null;
|
||||
if (!$tenantServicesFactory instanceof \MintyPHP\Service\Tenant\TenantServicesFactory) {
|
||||
$tenantServicesFactory = new \MintyPHP\Service\Tenant\TenantServicesFactory();
|
||||
}
|
||||
|
||||
if ($tenantServicesFactory->createTenantFaviconService()->hasFavicon($tenantUuid)) {
|
||||
return asset('favicon/tenants/' . $tenantUuid . '/favicon/' . ltrim($file, '/'));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -19,13 +19,16 @@ function can(string $permissionKey): bool
|
||||
if ($userId <= 0) {
|
||||
return false;
|
||||
}
|
||||
if (!class_exists('MintyPHP\\Service\\Access\\PermissionService')) {
|
||||
if (!function_exists('permissionGateway')) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$permissionGateway = permissionGateway();
|
||||
|
||||
// First try the in-memory/session cache, then fall back to a direct fetch.
|
||||
$keys = \MintyPHP\Service\Access\PermissionService::getCachedPermissions($userId);
|
||||
$keys = $permissionGateway->getCachedPermissions($userId);
|
||||
if (!$keys) {
|
||||
$keys = \MintyPHP\Service\Access\PermissionService::getUserPermissions($userId);
|
||||
$keys = $permissionGateway->getUserPermissions($userId);
|
||||
if (!$keys) {
|
||||
return false;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user