Commit 593fda4b authored by Tino Goratsch's avatar Tino Goratsch

converted the Permissions module to use the new validation facility

parent e4cfe8ca
<?php
namespace ACP3\Core\Validator\ValidationRules;
use ACP3\Core\Modules;
/**
* Class ModuleIsInstalledValidationRule
* @package ACP3\Core\Validator\ValidationRules
*/
class ModuleIsInstalledValidationRule extends AbstractValidationRule
{
const NAME = 'module_is_installed';
/**
* @var \ACP3\Core\Modules
*/
protected $modules;
/**
* ModuleIsInstalledValidationRule constructor.
*
* @param \ACP3\Core\Modules $modules
*/
public function __construct(Modules $modules)
{
$this->modules = $modules;
}
/**
* @inheritdoc
*/
public function isValid($data, $field = '', array $extra = [])
{
if (is_array($data) && array_key_exists($field, $data)) {
return $this->isValid($data[$field], $field, $extra);
}
return $this->modules->isInstalled($data);
}
}
\ No newline at end of file
......@@ -43,12 +43,18 @@ services:
tags:
- { name: core.validator.validation_rule }
core.validator.validation_rules.module_is_installed_validation_rule:
class: ACP3\Core\Validator\ValidationRules\ModuleIsInstalledValidationRule
arguments: [@core.modules]
tags:
- { name: core.validator.validation_rule }
core.validator.validation_rules.not_empty_validation_rule:
class: ACP3\Core\Validator\ValidationRules\NotEmptyValidationRule
tags:
- { name: core.validator.validation_rule }
core.validator.validation_rules.umber_greater_than_validation_rule:
core.validator.validation_rules.number_greater_than_validation_rule:
class: ACP3\Core\Validator\ValidationRules\NumberGreaterThanValidationRule
tags:
- { name: core.validator.validation_rule }
......
......@@ -10,6 +10,9 @@ parameters:
permissions.model.userrolerepository.fqdn: 'ACP3\Modules\ACP3\Permissions\Model\UserRoleRepository'
permissions.validator.role.fqdn: 'ACP3\Modules\ACP3\Permissions\Validator\Role'
permissions.validator.resource.fqdn: 'ACP3\Modules\ACP3\Permissions\Validator\Resource'
permissions.validator.validation_rules.privilege_exists_validation_rule.fqdn: 'ACP3\Modules\ACP3\Permissions\Validator\ValidationRules\PrivilegeExistsValidationRule'
permissions.validator.validation_rules.privileges_exist_validation_rule.fqdn: 'ACP3\Modules\ACP3\Permissions\Validator\ValidationRules\PrivilegesExistValidationRule'
permissions.validator.validation_rules.role_not_exists_validation_rule.fqdn: 'ACP3\Modules\ACP3\Permissions\Validator\ValidationRules\RoleNotExistsValidationRule'
permissions.installer.schema.fqdn: 'ACP3\Modules\ACP3\Permissions\Installer\Schema'
permissions.installer.migration.fqdn: 'ACP3\Modules\ACP3\Permissions\Installer\Migration'
......@@ -52,11 +55,29 @@ services:
permissions.validator.role:
class: %permissions.validator.role.fqdn%
arguments: ['@core.lang', '@core.validator.rules.misc', '@core.validator.rules.acl', '@permissions.model.rolerepository']
arguments: ['@core.lang', @core.validator, '@core.validator.rules.misc']
permissions.validator.resource:
class: %permissions.validator.resource.fqdn%
arguments: ['@core.lang', '@core.validator.rules.misc', '@core.validator.rules.router', '@core.modules', '@permissions.model.privilegerepository']
arguments: ['@core.lang', @core.validator, '@core.validator.rules.misc']
permissions.validator.validation_rules.privilege_exists_validation_rule:
class: %permissions.validator.validation_rules.privilege_exists_validation_rule.fqdn%
arguments: [@permissions.model.privilegerepository]
tags:
- { name: core.validator.validation_rule }
permissions.validator.validation_rules.privileges_exist_validation_rule:
class: %permissions.validator.validation_rules.privileges_exist_validation_rule.fqdn%
arguments: [@core.acl]
tags:
- { name: core.validator.validation_rule }
permissions.validator.validation_rules.role_not_exists_validation_rule:
class: %permissions.validator.validation_rules.role_not_exists_validation_rule.fqdn%
arguments: [@permissions.model.rolerepository]
tags:
- { name: core.validator.validation_rule }
permissions.installer.schema:
class: %permissions.installer.schema.fqdn%
......
......@@ -4,6 +4,7 @@ namespace ACP3\Modules\ACP3\Permissions\Validator;
use ACP3\Core;
use ACP3\Modules\ACP3\Permissions\Model\PrivilegeRepository;
use ACP3\Modules\ACP3\Permissions\Model\RoleRepository;
use ACP3\Modules\ACP3\Permissions\Validator\ValidationRules\PrivilegeExistsValidationRule;
/**
* Class Resource
......@@ -12,38 +13,26 @@ use ACP3\Modules\ACP3\Permissions\Model\RoleRepository;
class Resource extends Core\Validator\AbstractValidator
{
/**
* @var \ACP3\Core\Validator\Rules\Router
* @var \ACP3\Core\Validator\Validator
*/
protected $routerValidator;
/**
* @var \ACP3\Core\Modules
*/
protected $modules;
/**
* @var \ACP3\Modules\ACP3\Permissions\Model\PrivilegeRepository
*/
protected $privilegeRepository;
protected $validator;
/**
* @param \ACP3\Core\Lang $lang
* @param \ACP3\Core\Validator\Rules\Misc $validate
* @param \ACP3\Core\Validator\Rules\Router $routerValidator
* @param \ACP3\Core\Modules $modules
* @param \ACP3\Modules\ACP3\Permissions\Model\PrivilegeRepository $privilegeRepository
* Resource constructor.
*
* @param \ACP3\Core\Lang $lang
* @param \ACP3\Core\Validator\Validator $validator
* @param \ACP3\Core\Validator\Rules\Misc $validate
*/
public function __construct(
Core\Lang $lang,
Core\Validator\Rules\Misc $validate,
Core\Validator\Rules\Router $routerValidator,
Core\Modules $modules,
PrivilegeRepository $privilegeRepository
Core\Validator\Validator $validator,
Core\Validator\Rules\Misc $validate
)
{
parent::__construct($lang, $validate);
$this->routerValidator = $routerValidator;
$this->modules = $modules;
$this->privilegeRepository = $privilegeRepository;
$this->validator = $validator;
}
/**
......@@ -54,27 +43,48 @@ class Resource extends Core\Validator\AbstractValidator
*/
public function validate(array $formData)
{
$this->validateFormKey();
$this->errors = [];
if (empty($formData['modules']) || $this->modules->isInstalled($formData['modules']) === false) {
$this->errors['modules'] = $this->lang->t('permissions', 'select_module');
}
if (empty($formData['area']) || in_array($formData['area'], ['admin', 'frontend', 'sidebar']) === false) {
$this->errors['controller'] = $this->lang->t('permissions', 'type_in_area');
}
if (empty($formData['controller'])) {
$this->errors['controller'] = $this->lang->t('permissions', 'type_in_controller');
}
if (empty($formData['resource']) || preg_match('=/=', $formData['resource']) || $this->routerValidator->isInternalURI(strtolower($formData['modules'] . '/' . $formData['controller'] . '/' . $formData['resource'] . '/')) === false) {
$this->errors['resource'] = $this->lang->t('permissions', 'type_in_resource');
}
if (empty($formData['privileges']) || $this->validate->isNumber($formData['privileges']) === false) {
$this->errors['privileges'] = $this->lang->t('permissions', 'select_privilege');
} elseif ($this->privilegeRepository->privilegeExists($formData['privileges']) === false) {
$this->errors['privileges'] = $this->lang->t('permissions', 'privilege_does_not_exist');
}
$this->validator
->addConstraint(Core\Validator\ValidationRules\FormTokenValidationRule::NAME)
->addConstraint(
Core\Validator\ValidationRules\ModuleIsInstalledValidationRule::NAME,
[
'data' => $formData,
'field' => 'modules',
'message' => $this->lang->t('permissions', 'select_module')
])
->addConstraint(
Core\Validator\ValidationRules\InArrayValidationRule::NAME,
[
'data' => $formData,
'field' => 'area',
'message' => $this->lang->t('permissions', 'type_in_area'),
'extra' => [
'haystack' => ['admin', 'frontend', 'sidebar']
]
])
->addConstraint(
Core\Validator\ValidationRules\NotEmptyValidationRule::NAME,
[
'data' => $formData,
'field' => 'controller',
'message' => $this->lang->t('permissions', 'type_in_controller')
])
->addConstraint(
PrivilegeExistsValidationRule::NAME,
[
'data' => $formData,
'field' => 'privileges',
'message' => $this->lang->t('permissions', 'privilege_does_not_exist')
])
->addConstraint(
Core\Validator\ValidationRules\InternalUriValidationRule::NAME,
[
'data' => strtolower($formData['modules'] . '/' . $formData['controller'] . '/' . $formData['resource'] . '/'),
'field' => 'resource',
'message' => $this->lang->t('permissions', 'type_in_resource')
]
);
$this->_checkForFailedValidation();
$this->validator->validate();
}
}
\ No newline at end of file
......@@ -3,6 +3,8 @@ namespace ACP3\Modules\ACP3\Permissions\Validator;
use ACP3\Core;
use ACP3\Modules\ACP3\Permissions\Model\RoleRepository;
use ACP3\Modules\ACP3\Permissions\Validator\ValidationRules\PrivilegesExistValidationRule;
use ACP3\Modules\ACP3\Permissions\Validator\ValidationRules\RoleNotExistsValidationRule;
/**
* Class Validator
......@@ -11,31 +13,26 @@ use ACP3\Modules\ACP3\Permissions\Model\RoleRepository;
class Role extends Core\Validator\AbstractValidator
{
/**
* @var \ACP3\Core\Validator\Rules\ACL
* @var \ACP3\Core\Validator\Validator
*/
protected $aclValidator;
/**
* @var \ACP3\Modules\ACP3\Permissions\Model\RoleRepository
*/
protected $roleRepository;
protected $validator;
/**
* @param \ACP3\Core\Lang $lang
* @param \ACP3\Core\Validator\Rules\Misc $validate
* @param \ACP3\Core\Validator\Rules\ACL $aclValidator
* @param \ACP3\Modules\ACP3\Permissions\Model\RoleRepository $roleRepository
* Role constructor.
*
* @param \ACP3\Core\Lang $lang
* @param \ACP3\Core\Validator\Validator $validator
* @param \ACP3\Core\Validator\Rules\Misc $validate
*/
public function __construct(
Core\Lang $lang,
Core\Validator\Rules\Misc $validate,
Core\Validator\Rules\ACL $aclValidator,
RoleRepository $roleRepository
Core\Validator\Validator $validator,
Core\Validator\Rules\Misc $validate
)
{
parent::__construct($lang, $validate);
$this->aclValidator = $aclValidator;
$this->roleRepository = $roleRepository;
$this->validator = $validator;
}
/**
......@@ -47,21 +44,33 @@ class Role extends Core\Validator\AbstractValidator
*/
public function validate(array $formData, $roleId = 0)
{
$this->validateFormKey();
$this->errors = [];
if (empty($formData['name'])) {
$this->errors['name'] = $this->lang->t('system', 'name_to_short');
}
if (!empty($formData['name']) && $this->roleRepository->roleExistsByName($formData['name'], $roleId) === true) {
$this->errors['name'] = $this->lang->t('permissions', 'role_already_exists');
}
if (empty($formData['privileges']) || is_array($formData['privileges']) === false) {
$this->errors['privileges'] = $this->lang->t('permissions', 'no_privilege_selected');
} elseif ($this->aclValidator->aclPrivilegesExist($formData['privileges']) === false) {
$this->errors['privileges'] = $this->lang->t('permissions', 'invalid_privileges');
}
$this->validator
->addConstraint(Core\Validator\ValidationRules\FormTokenValidationRule::NAME)
->addConstraint(
Core\Validator\ValidationRules\NotEmptyValidationRule::NAME,
[
'data' => $formData,
'field' => 'name',
'message' => $this->lang->t('system', 'name_to_short')
])
->addConstraint(
RoleNotExistsValidationRule::NAME,
[
'data' => $formData,
'field' => 'name',
'message' => $this->lang->t('permissions', 'role_already_exists'),
'extra' => [
'role_id' => $roleId
]
])
->addConstraint(
PrivilegesExistValidationRule::NAME,
[
'data' => $formData,
'field' => 'privileges',
'message' => $this->lang->t('permissions', 'invalid_privileges')
]);
$this->_checkForFailedValidation();
$this->validator->validate();
}
}
<?php
namespace ACP3\Modules\ACP3\Permissions\Validator\ValidationRules;
use ACP3\Core\Validator\ValidationRules\AbstractValidationRule;
use ACP3\Modules\ACP3\Permissions\Model\PrivilegeRepository;
/**
* Class PrivilegeExistsValidationRule
* @package ACP3\Modules\ACP3\Permissions\Validator\ValidationRules
*/
class PrivilegeExistsValidationRule extends AbstractValidationRule
{
const NAME = 'permissions_privilege_exists';
/**
* @var \ACP3\Modules\ACP3\Permissions\Model\PrivilegeRepository
*/
protected $privilegeRepository;
/**
* PrivilegeExistsValidationRule constructor.
*
* @param \ACP3\Modules\ACP3\Permissions\Model\PrivilegeRepository $privilegeRepository
*/
public function __construct(PrivilegeRepository $privilegeRepository)
{
$this->privilegeRepository = $privilegeRepository;
}
/**
* @inheritdoc
*/
public function isValid($data, $field = '', array $extra = [])
{
if (is_array($data) && array_key_exists($field, $data)) {
return $this->isValid($data[$field], $field, $extra);
}
return $this->privilegeRepository->privilegeExists($data);
}
}
\ No newline at end of file
<?php
namespace ACP3\Modules\ACP3\Permissions\Validator\ValidationRules;
use ACP3\Core\ACL;
use ACP3\Core\Validator\ValidationRules\AbstractValidationRule;
/**
* Class PrivilegesExistValidationRule
* @package ACP3\Modules\ACP3\Permissions\Validator\ValidationRules
*/
class PrivilegesExistValidationRule extends AbstractValidationRule
{
const NAME = 'permissions_privileges_exist';
/**
* @var \ACP3\Core\ACL
*/
protected $acl;
/**
* PrivilegesExistValidationRule constructor.
*
* @param \ACP3\Core\ACL $acl
*/
public function __construct(ACL $acl)
{
$this->acl = $acl;
}
/**
* @inheritdoc
*/
public function isValid($data, $field = '', array $extra = [])
{
if (is_array($data) && array_key_exists($field, $data)) {
return $this->isValid($data[$field], $field, $extra);
}
return !empty($data) && is_array($data) ? $this->privilegesExist($data) : false;
}
/**
* Überprüft, ob die übergebenen Privilegien existieren und
* plausible Werte enthalten
*
* @param array $privileges
* Array mit den IDs der zu überprüfenden Privilegien mit ihren Berechtigungen
*
* @return boolean
*/
public function privilegesExist(array $privileges)
{
$allPrivileges = $this->acl->getAllPrivileges();
$c_allPrivileges = count($allPrivileges);
$valid = false;
for ($i = 0; $i < $c_allPrivileges; ++$i) {
$valid = false;
foreach ($privileges as $module) {
foreach ($module as $privilegeId => $value) {
if ($privilegeId == $allPrivileges[$i]['id'] && $value >= 0 && $value <= 2) {
$valid = true;
break 2;
}
}
}
}
return $valid;
}
}
\ No newline at end of file
<?php
namespace ACP3\Modules\ACP3\Permissions\Validator\ValidationRules;
use ACP3\Core\Validator\ValidationRules\AbstractValidationRule;
use ACP3\Modules\ACP3\Permissions\Model\RoleRepository;
/**
* Class RoleNotExistsValidationRule
* @package ACP3\Modules\ACP3\Permissions\Validator\ValidationRules
*/
class RoleNotExistsValidationRule extends AbstractValidationRule
{
const NAME = 'permissions_role_exists';
/**
* @var \ACP3\Modules\ACP3\Permissions\Model\RoleRepository
*/
protected $roleRepository;
/**
* RoleExistsValidationRule constructor.
*
* @param \ACP3\Modules\ACP3\Permissions\Model\RoleRepository $roleRepository
*/
public function __construct(RoleRepository $roleRepository)
{
$this->roleRepository = $roleRepository;
}
/**
* @inheritdoc
*/
public function isValid($data, $field = '', array $extra = [])
{
if (is_array($data) && array_key_exists($field, $data)) {
return $this->isValid($data[$field], $field, $extra);
}
return $this->roleRepository->roleExistsByName($data, isset($extra['role_id']) ? $extra['role_id'] : 0) === false;
}
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment