Issue #390: Implemented ResourceProviderMiddleware and added ResourceGuardInterface

.github/workflows/qodana_code_quality.yml

@@ -4,7 +4,7 @@ on:
   pull_request:
   push:
     branches:
-      - 5.0
+      - '6.0'
       - 'releases/*'
 
 jobs:

config/pipeline.php

@@ -2,11 +2,12 @@
 
 declare(strict_types=1);
 
-use Api\App\Handler\GetNotFoundViewHandler;
+use Api\App\Handler\GetNotFoundResourceHandler;
 use Api\App\Middleware\AuthenticationMiddleware;
 use Api\App\Middleware\AuthorizationMiddleware;
 use Api\App\Middleware\ContentNegotiationMiddleware;
 use Api\App\Middleware\DeprecationMiddleware;
+use Api\App\Middleware\ResourceProviderMiddleware;
 use Dot\ResponseHeader\Middleware\ResponseHeaderMiddleware;
 use Mezzio\Application;
 use Mezzio\Cors\Middleware\CorsMiddleware;
@@ -80,11 +81,13 @@
     // - route-based validation
     // - etc.
 
+    $app->pipe(ResourceProviderMiddleware::class);
+
     // Register the dispatch middleware in the middleware pipeline
     $app->pipe(DispatchMiddleware::class);
     // At this point, if no Response is returned by any middleware, the
     // NotFoundHandler kicks in; alternately, you can provide other fallback
     // middleware to execute.
     $app->pipe(ProblemDetailsNotFoundHandler::class);
-    $app->pipe(GetNotFoundViewHandler::class);
+    $app->pipe(GetNotFoundResourceHandler::class);
 };

src/Admin/src/Handler/Account/GetAdminAccountResourceHandler.php

@@ -5,14 +5,14 @@
 namespace Api\Admin\Handler\Account;
 
 use Api\App\Handler\AbstractHandler;
-use Core\Admin\Entity\Admin;
+use Api\App\IdentityInterface;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class GetAdminAccountResourceHandler extends AbstractHandler
 {
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
-        return $this->createResponse($request, $request->getAttribute(Admin::class));
+        return $this->createResponse($request, $request->getAttribute(IdentityInterface::class));
     }
 }

src/Admin/src/Handler/Account/PatchAdminAccountResourceHandler.php

@@ -10,7 +10,7 @@
 use Api\App\Exception\ConflictException;
 use Api\App\Exception\NotFoundException;
 use Api\App\Handler\AbstractHandler;
-use Core\Admin\Entity\Admin;
+use Api\App\IdentityInterface;
 use Core\App\Message;
 use Dot\DependencyInjection\Attribute\Inject;
 use Psr\Http\Message\ResponseInterface;
@@ -47,7 +47,7 @@ public function handle(ServerRequestInterface $request): ResponseInterface
             $request,
             $this->adminService->saveAdmin(
                 (array) $this->inputFilter->getValues(),
-                $request->getAttribute(Admin::class)
+                $request->getAttribute(IdentityInterface::class)
             )
         );
     }

src/Admin/src/Handler/Admin/DeleteAdminResourceHandler.php

@@ -5,8 +5,9 @@
 namespace Api\Admin\Handler\Admin;
 
 use Api\Admin\Service\AdminServiceInterface;
-use Api\App\Exception\NotFoundException;
+use Api\App\Attribute\Resource;
 use Api\App\Handler\AbstractHandler;
+use Core\Admin\Entity\Admin;
 use Dot\DependencyInjection\Attribute\Inject;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
@@ -21,12 +22,12 @@ public function __construct(
     ) {
     }
 
-    /**
-     * @throws NotFoundException
-     */
+    #[Resource(entity: Admin::class)]
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
-        $this->adminService->deleteAdmin($this->adminService->findAdmin($request->getAttribute('uuid')));
+        $this->adminService->deleteAdmin(
+            $request->getAttribute(Admin::class)
+        );
 
         return $this->noContentResponse();
     }

src/Admin/src/Handler/Admin/GetAdminResourceHandler.php

@@ -4,31 +4,20 @@
 
 namespace Api\Admin\Handler\Admin;
 
-use Api\Admin\Service\AdminServiceInterface;
-use Api\App\Exception\NotFoundException;
+use Api\App\Attribute\Resource;
 use Api\App\Handler\AbstractHandler;
-use Dot\DependencyInjection\Attribute\Inject;
+use Core\Admin\Entity\Admin;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class GetAdminResourceHandler extends AbstractHandler
 {
-    #[Inject(
-        AdminServiceInterface::class,
-    )]
-    public function __construct(
-        protected AdminServiceInterface $adminService,
-    ) {
-    }
-
-    /**
-     * @throws NotFoundException
-     */
+    #[Resource(entity: Admin::class)]
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
         return $this->createResponse(
             $request,
-            $this->adminService->findAdmin($request->getAttribute('uuid'))
+            $request->getAttribute(Admin::class)
         );
     }
 }

src/Admin/src/Handler/Admin/PatchAdminResourceHandler.php

@@ -6,10 +6,12 @@
 
 use Api\Admin\InputFilter\UpdateAdminInputFilter;
 use Api\Admin\Service\AdminServiceInterface;
+use Api\App\Attribute\Resource;
 use Api\App\Exception\BadRequestException;
 use Api\App\Exception\ConflictException;
 use Api\App\Exception\NotFoundException;
 use Api\App\Handler\AbstractHandler;
+use Core\Admin\Entity\Admin;
 use Core\App\Message;
 use Dot\DependencyInjection\Attribute\Inject;
 use Psr\Http\Message\ResponseInterface;
@@ -32,6 +34,7 @@ public function __construct(
      * @throws ConflictException
      * @throws NotFoundException
      */
+    #[Resource(entity: Admin::class)]
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
         $this->inputFilter->setData((array) $request->getParsedBody());
@@ -46,7 +49,7 @@ public function handle(ServerRequestInterface $request): ResponseInterface
             $request,
             $this->adminService->saveAdmin(
                 (array) $this->inputFilter->getValues(),
-                $this->adminService->findAdmin($request->getAttribute('uuid'))
+                $request->getAttribute(Admin::class)
             )
         );
     }

src/Admin/src/Handler/Admin/Role/GetAdminRoleResourceHandler.php

@@ -4,31 +4,20 @@
 
 namespace Api\Admin\Handler\Admin\Role;
 
-use Api\Admin\Service\AdminRoleServiceInterface;
-use Api\App\Exception\NotFoundException;
+use Api\App\Attribute\Resource;
 use Api\App\Handler\AbstractHandler;
-use Dot\DependencyInjection\Attribute\Inject;
+use Core\Admin\Entity\AdminRole;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class GetAdminRoleResourceHandler extends AbstractHandler
 {
-    #[Inject(
-        AdminRoleServiceInterface::class,
-    )]
-    public function __construct(
-        protected AdminRoleServiceInterface $adminRoleService,
-    ) {
-    }
-
-    /**
-     * @throws NotFoundException
-     */
+    #[Resource(entity: AdminRole::class)]
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
         return $this->createResponse(
             $request,
-            $this->adminRoleService->findAdminRole($request->getAttribute('uuid'))
+            $request->getAttribute(AdminRole::class)
         );
     }
 }

src/App/src/Attribute/Resource.php

@@ -0,0 +1,31 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Api\App\Attribute;
+
+use Attribute;
+
+#[Attribute(Attribute::TARGET_METHOD)]
+readonly class Resource implements ResourceInterface
+{
+    /**
+     * @param class-string $entity The target entity to be found
+     * @param string $identifier The class property used to find the entity by
+     * @param string $placeholder The route parameter containing the identifier value
+     * @param class-string|null $guard An invokable class implementing Api\App\Guard\ResourceGuardInterface,
+     * which will determine if the current user is allowed to access the entity
+     */
+    public function __construct(
+        public string $entity,
+        public string $identifier = 'uuid',
+        public string $placeholder = 'uuid',
+        public ?string $guard = null,
+    ) {
+    }
+
+    public function hasGuard(): bool
+    {
+        return $this->guard !== null;
+    }
+}

src/App/src/Attribute/ResourceInterface.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Api\App\Attribute;
+
+interface ResourceInterface
+{
+    public function hasGuard(): bool;
+}

src/App/src/ConfigProvider.php

@@ -14,6 +14,7 @@
 use Api\App\Middleware\ContentNegotiationMiddleware;
 use Api\App\Middleware\DeprecationMiddleware;
 use Api\App\Middleware\ErrorReportPermissionMiddleware;
+use Api\App\Middleware\ResourceProviderMiddleware;
 use Api\App\Service\ErrorReportService;
 use Api\App\Service\ErrorReportServiceInterface;
 use Dot\DependencyInjection\Factory\AttributedServiceFactory;
@@ -56,6 +57,7 @@ private function getDependencies(): array
                 ContentNegotiationMiddleware::class    => AttributedServiceFactory::class,
                 DeprecationMiddleware::class           => AttributedServiceFactory::class,
                 ErrorReportPermissionMiddleware::class => AttributedServiceFactory::class,
+                ResourceProviderMiddleware::class      => AttributedServiceFactory::class,
                 GetIndexResourceHandler::class         => AttributedServiceFactory::class,
                 PostErrorReportResourceHandler::class  => AttributedServiceFactory::class,
                 ErrorReportService::class              => AttributedServiceFactory::class,

src/App/src/Guard/ResourceGuardInterface.php

@@ -0,0 +1,18 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Api\App\Guard;
+
+use Core\App\Entity\EntityInterface;
+use Doctrine\ORM\EntityManagerInterface;
+use Psr\Http\Message\ServerRequestInterface;
+
+interface ResourceGuardInterface
+{
+    public function __invoke(
+        ServerRequestInterface $request,
+        EntityManagerInterface $entityManager,
+        EntityInterface $entity
+    ): void;
+}

src/App/src/Handler/GetNotFoundViewHandler.php → src/App/src/Handler/GetNotFoundResourceHandler.php

@@ -7,7 +7,7 @@
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
-class GetNotFoundViewHandler extends AbstractHandler
+class GetNotFoundResourceHandler extends AbstractHandler
 {
     public function handle(ServerRequestInterface $request): ResponseInterface
     {

src/App/src/IdentityInterface.php

@@ -0,0 +1,9 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Api\App;
+
+interface IdentityInterface
+{
+}

src/App/src/Middleware/AuthorizationMiddleware.php

@@ -4,6 +4,7 @@
 
 namespace Api\App\Middleware;
 
+use Api\App\IdentityInterface;
 use Core\Admin\Entity\Admin;
 use Core\Admin\Repository\AdminRepository;
 use Core\App\Entity\Guest;
@@ -53,7 +54,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                 if (! $user->isActive()) {
                     return $this->unauthorizedResponse(Message::ADMIN_INACTIVE);
                 }
-                $request = $request->withAttribute(Admin::class, $user);
+                $request = $request->withAttribute(IdentityInterface::class, $user);
                 break;
             case 'frontend':
                 $user = $this->userRepository->findOneBy(['identity' => $defaultUser->getIdentity()]);
@@ -63,11 +64,11 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                 if (! $user->isActive()) {
                     return $this->unauthorizedResponse(Message::USER_NOT_ACTIVATED);
                 }
-                $request = $request->withAttribute(User::class, $user);
+                $request = $request->withAttribute(IdentityInterface::class, $user);
                 break;
             case 'guest':
                 $user    = new Guest();
-                $request = $request->withAttribute(Guest::class, $user);
+                $request = $request->withAttribute(IdentityInterface::class, $user);
                 break;
             default:
                 return $this->unauthorizedResponse(Message::INVALID_CLIENT_ID);