From 00cac5005c24619b7871369f4df3e97b9f9a56b5 Mon Sep 17 00:00:00 2001 From: Mohammad Alavi Date: Fri, 14 Oct 2022 20:22:03 +0330 Subject: [PATCH] refactor(authorization) refactor authorization container --- .../Actions/AttachPermissionsToUserAction.php | 7 +-- .../DetachPermissionsFromUserAction.php | 11 +++-- .../Actions/GetRolePermissionsAction.php | 9 ++-- .../Actions/GetUserPermissionsAction.php | 5 ++- .../Actions/GetUserRolesAction.php | 9 ++-- .../Tasks/AttachPermissionsToUserTask.php | 21 --------- .../Tasks/DetachPermissionsFromUserTask.php | 5 ++- .../AttachPermissionsToUserController.php | 9 +++- .../DetachPermissionsFromUserController.php | 9 +++- .../GetRolePermissionsController.php | 11 +++-- .../GetUserPermissionsController.php | 11 +++-- .../Controllers/GetUserRolesController.php | 11 ++++- .../API/Requests/AssignRolesToUserRequest.php | 3 +- .../AttachPermissionsToRoleRequest.php | 5 ++- .../AttachPermissionsToUserRequest.php | 4 +- .../DetachPermissionsFromRoleRequest.php | 5 ++- .../DetachPermissionsFromUserRequest.php | 4 +- .../Requests/GetRolePermissionsRequest.php | 2 +- .../Requests/GetUserPermissionsRequest.php | 2 +- .../Requests/RevokeRolesFromUserRequest.php | 5 ++- .../Requests/SyncPermissionsOnRoleRequest.php | 5 ++- .../UI/API/Requests/SyncUserRolesRequest.php | 5 ++- .../AttachPermissionsToRole.v1.private.php | 2 +- .../AttachPermissionsToUser.v1.private.php | 10 ++--- .../DetachPermissionsFromRole.v1.private.php | 2 +- .../DetachPermissionsFromUser.v1.private.php | 10 ++--- .../Routes/GetUserPermissions.v1.private.php | 2 +- .../UI/API/Routes/GetUserRoles.v1.private.php | 2 +- .../Functional/AttachPermissionToUserTest.php | 37 +++++++++------ .../AttachPermissionsToRoleTest.php | 40 +++++++++++------ .../DetachPermissionFromUserTest.php | 45 ++++++++++++------- .../DetachPermissionsFromRoleTest.php | 43 +++++++++++------- .../Functional/RevokeRolesFromUserTest.php | 31 ++++++++----- .../Functional/SyncPermissionsOnRoleTest.php | 33 +++++++++----- .../Tests/Functional/SyncUserRolesTest.php | 29 ++++++++---- .../UI/API/Transformers/UserTransformer.php | 2 +- 36 files changed, 272 insertions(+), 174 deletions(-) delete mode 100644 app/Containers/AppSection/Authorization/Tasks/AttachPermissionsToUserTask.php diff --git a/app/Containers/AppSection/Authorization/Actions/AttachPermissionsToUserAction.php b/app/Containers/AppSection/Authorization/Actions/AttachPermissionsToUserAction.php index aace13b92..f86b06f7d 100644 --- a/app/Containers/AppSection/Authorization/Actions/AttachPermissionsToUserAction.php +++ b/app/Containers/AppSection/Authorization/Actions/AttachPermissionsToUserAction.php @@ -2,11 +2,11 @@ namespace App\Containers\AppSection\Authorization\Actions; -use App\Containers\AppSection\Authorization\Tasks\AttachPermissionsToUserTask; use App\Containers\AppSection\Authorization\Tasks\FindPermissionTask; -use App\Containers\AppSection\User\Models\User; use App\Containers\AppSection\Authorization\UI\API\Requests\AttachPermissionsToUserRequest; +use App\Containers\AppSection\User\Models\User; use App\Containers\AppSection\User\Tasks\FindUserByIdTask; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Actions\Action as ParentAction; class AttachPermissionsToUserAction extends ParentAction @@ -14,6 +14,7 @@ class AttachPermissionsToUserAction extends ParentAction /** * @param AttachPermissionsToUserRequest $request * @return User + * @throws NotFoundException */ public function run(AttachPermissionsToUserRequest $request): User { @@ -25,6 +26,6 @@ public function run(AttachPermissionsToUserRequest $request): User return app(FindPermissionTask::class)->run($permissionId); }, $permissionIds); - return app(AttachPermissionsToUserTask::class)->run($user, $permissions); + return $user->givePermissionTo($permissions); } } diff --git a/app/Containers/AppSection/Authorization/Actions/DetachPermissionsFromUserAction.php b/app/Containers/AppSection/Authorization/Actions/DetachPermissionsFromUserAction.php index 3ab634549..2a3541ab3 100644 --- a/app/Containers/AppSection/Authorization/Actions/DetachPermissionsFromUserAction.php +++ b/app/Containers/AppSection/Authorization/Actions/DetachPermissionsFromUserAction.php @@ -6,23 +6,26 @@ use App\Containers\AppSection\Authorization\Tasks\DetachPermissionsFromUserTask; use App\Containers\AppSection\Authorization\Tasks\FindPermissionTask; use App\Containers\AppSection\Authorization\UI\API\Requests\DetachPermissionsFromUserRequest; +use App\Containers\AppSection\User\Models\User; use App\Containers\AppSection\User\Tasks\FindUserByIdTask; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Actions\Action as ParentAction; class DetachPermissionsFromUserAction extends ParentAction { /** * @param DetachPermissionsFromUserRequest $request - * @return \App\Containers\AppSection\User\Models\User + * @return User + * @throws NotFoundException */ - public function run(DetachPermissionsFromUserRequest $request) + public function run(DetachPermissionsFromUserRequest $request): User { - $role = app(FindUserByIdTask::class)->run($request->id); + $user = app(FindUserByIdTask::class)->run($request->id); $permissions = array_map(static function ($permissionId) { return app(FindPermissionTask::class)->run($permissionId); }, $request->permissions_ids); - return app(DetachPermissionsFromUserTask::class)->run($role, $permissions); + return app(DetachPermissionsFromUserTask::class)->run($user, $permissions); } } diff --git a/app/Containers/AppSection/Authorization/Actions/GetRolePermissionsAction.php b/app/Containers/AppSection/Authorization/Actions/GetRolePermissionsAction.php index ba4019597..3ebc82e9a 100644 --- a/app/Containers/AppSection/Authorization/Actions/GetRolePermissionsAction.php +++ b/app/Containers/AppSection/Authorization/Actions/GetRolePermissionsAction.php @@ -2,25 +2,22 @@ namespace App\Containers\AppSection\Authorization\Actions; -use Apiato\Core\Exceptions\CoreInternalErrorException; use App\Containers\AppSection\Authorization\Tasks\FindRoleTask; -use App\Containers\AppSection\Authorization\Tasks\GetAllRolesTask; -use App\Containers\AppSection\Authorization\Tasks\GetRolePermissionsTask; -use App\Containers\AppSection\Authorization\UI\API\Requests\GetAllRolesRequest; use App\Containers\AppSection\Authorization\UI\API\Requests\GetRolePermissionsRequest; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Actions\Action as ParentAction; -use Prettus\Repository\Exceptions\RepositoryException; class GetRolePermissionsAction extends ParentAction { /** * @param GetRolePermissionsRequest $request * @return mixed + * @throws NotFoundException */ - public function run(GetRolePermissionsRequest $request): mixed { $role = app(FindRoleTask::class)->run($request->id); + return $role->permissions; } } diff --git a/app/Containers/AppSection/Authorization/Actions/GetUserPermissionsAction.php b/app/Containers/AppSection/Authorization/Actions/GetUserPermissionsAction.php index 35f6c914a..1278ad60b 100644 --- a/app/Containers/AppSection/Authorization/Actions/GetUserPermissionsAction.php +++ b/app/Containers/AppSection/Authorization/Actions/GetUserPermissionsAction.php @@ -2,21 +2,22 @@ namespace App\Containers\AppSection\Authorization\Actions; -use Apiato\Core\Exceptions\CoreInternalErrorException; use App\Containers\AppSection\Authorization\UI\API\Requests\GetUserPermissionsRequest; use App\Containers\AppSection\User\Tasks\FindUserByIdTask; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Actions\Action as ParentAction; -use Prettus\Repository\Exceptions\RepositoryException; class GetUserPermissionsAction extends ParentAction { /** * @param GetUserPermissionsRequest $request * @return mixed + * @throws NotFoundException */ public function run(GetUserPermissionsRequest $request): mixed { $user = app(FindUserByIdTask::class)->run($request->id); + return $user->permissions; } } diff --git a/app/Containers/AppSection/Authorization/Actions/GetUserRolesAction.php b/app/Containers/AppSection/Authorization/Actions/GetUserRolesAction.php index 1027f3add..b13fde926 100644 --- a/app/Containers/AppSection/Authorization/Actions/GetUserRolesAction.php +++ b/app/Containers/AppSection/Authorization/Actions/GetUserRolesAction.php @@ -2,21 +2,22 @@ namespace App\Containers\AppSection\Authorization\Actions; -use Apiato\Core\Exceptions\CoreInternalErrorException; use App\Containers\AppSection\Authorization\UI\API\Requests\GetUserRolesRequest; use App\Containers\AppSection\User\Tasks\FindUserByIdTask; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Actions\Action as ParentAction; -use Prettus\Repository\Exceptions\RepositoryException; class GetUserRolesAction extends ParentAction { /** - * @throws CoreInternalErrorException - * @throws RepositoryException + * @param GetUserRolesRequest $request + * @return mixed + * @throws NotFoundException */ public function run(GetUserRolesRequest $request): mixed { $user = app(FindUserByIdTask::class)->run($request->id); + return $user->roles; } } diff --git a/app/Containers/AppSection/Authorization/Tasks/AttachPermissionsToUserTask.php b/app/Containers/AppSection/Authorization/Tasks/AttachPermissionsToUserTask.php deleted file mode 100644 index 20cbb96f5..000000000 --- a/app/Containers/AppSection/Authorization/Tasks/AttachPermissionsToUserTask.php +++ /dev/null @@ -1,21 +0,0 @@ -givePermissionTo($permissions);; - } -} diff --git a/app/Containers/AppSection/Authorization/Tasks/DetachPermissionsFromUserTask.php b/app/Containers/AppSection/Authorization/Tasks/DetachPermissionsFromUserTask.php index 7f9fb01bd..197c46565 100644 --- a/app/Containers/AppSection/Authorization/Tasks/DetachPermissionsFromUserTask.php +++ b/app/Containers/AppSection/Authorization/Tasks/DetachPermissionsFromUserTask.php @@ -2,6 +2,7 @@ namespace App\Containers\AppSection\Authorization\Tasks; +use App\Containers\AppSection\Authorization\Models\Permission; use App\Containers\AppSection\User\Models\User; use App\Ship\Parents\Tasks\Task as ParentTask; @@ -9,12 +10,12 @@ class DetachPermissionsFromUserTask extends ParentTask { /** * @param User $user - * @param array $permissions + * @param Permission[] $permissions * @return User */ public function run(User $user, array $permissions): User { - array_map(static function ($permission) use($user){ + array_map(static function ($permission) use ($user) { $user->revokePermissionTo($permission); }, $permissions); diff --git a/app/Containers/AppSection/Authorization/UI/API/Controllers/AttachPermissionsToUserController.php b/app/Containers/AppSection/Authorization/UI/API/Controllers/AttachPermissionsToUserController.php index c6868f5d3..1d0dd80c0 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Controllers/AttachPermissionsToUserController.php +++ b/app/Containers/AppSection/Authorization/UI/API/Controllers/AttachPermissionsToUserController.php @@ -2,20 +2,25 @@ namespace App\Containers\AppSection\Authorization\UI\API\Controllers; +use Apiato\Core\Exceptions\InvalidTransformerException; use App\Containers\AppSection\Authorization\Actions\AttachPermissionsToUserAction; use App\Containers\AppSection\Authorization\UI\API\Requests\AttachPermissionsToUserRequest; use App\Containers\AppSection\User\UI\API\Transformers\UserTransformer; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Controllers\ApiController; class AttachPermissionsToUserController extends ApiController { /** * @param AttachPermissionsToUserRequest $request - * @return \App\Containers\AppSection\User\Models\User + * @return array + * @throws InvalidTransformerException + * @throws NotFoundException */ - public function attachPermissionsToUser(AttachPermissionsToUserRequest $request) + public function attachPermissionsToUser(AttachPermissionsToUserRequest $request): array { $user = app(AttachPermissionsToUserAction::class)->run($request); + return $this->transform($user, UserTransformer::class, ['permissions']); } diff --git a/app/Containers/AppSection/Authorization/UI/API/Controllers/DetachPermissionsFromUserController.php b/app/Containers/AppSection/Authorization/UI/API/Controllers/DetachPermissionsFromUserController.php index 9240db299..0f9b2a4fd 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Controllers/DetachPermissionsFromUserController.php +++ b/app/Containers/AppSection/Authorization/UI/API/Controllers/DetachPermissionsFromUserController.php @@ -2,20 +2,25 @@ namespace App\Containers\AppSection\Authorization\UI\API\Controllers; +use Apiato\Core\Exceptions\InvalidTransformerException; use App\Containers\AppSection\Authorization\Actions\DetachPermissionsFromUserAction; use App\Containers\AppSection\Authorization\UI\API\Requests\DetachPermissionsFromUserRequest; use App\Containers\AppSection\User\UI\API\Transformers\UserTransformer; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Controllers\ApiController; class DetachPermissionsFromUserController extends ApiController { /** * @param DetachPermissionsFromUserRequest $request - * @return \App\Containers\AppSection\User\Models\User + * @return array + * @throws InvalidTransformerException + * @throws NotFoundException */ - public function detachPermissionFromUser(DetachPermissionsFromUserRequest $request) + public function detachPermissionFromUser(DetachPermissionsFromUserRequest $request): array { $user = app(DetachPermissionsFromUserAction::class)->run($request); + return $this->transform($user, UserTransformer::class, ['permissions']); } } diff --git a/app/Containers/AppSection/Authorization/UI/API/Controllers/GetRolePermissionsController.php b/app/Containers/AppSection/Authorization/UI/API/Controllers/GetRolePermissionsController.php index 461ca5435..084541175 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Controllers/GetRolePermissionsController.php +++ b/app/Containers/AppSection/Authorization/UI/API/Controllers/GetRolePermissionsController.php @@ -2,22 +2,25 @@ namespace App\Containers\AppSection\Authorization\UI\API\Controllers; +use Apiato\Core\Exceptions\InvalidTransformerException; use App\Containers\AppSection\Authorization\Actions\GetRolePermissionsAction; use App\Containers\AppSection\Authorization\UI\API\Requests\GetRolePermissionsRequest; use App\Containers\AppSection\Authorization\UI\API\Transformers\PermissionTransformer; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Controllers\ApiController; class GetRolePermissionsController extends ApiController { /** * @param GetRolePermissionsRequest $request - * @return mixed - * @throws \Apiato\Core\Exceptions\CoreInternalErrorException - * @throws \Prettus\Repository\Exceptions\RepositoryException + * @return array + * @throws InvalidTransformerException + * @throws NotFoundException */ - public function getRolePermissions(GetRolePermissionsRequest $request) + public function getRolePermissions(GetRolePermissionsRequest $request): array { $permission = app(GetRolePermissionsAction::class)->run($request); + return $this->transform($permission, PermissionTransformer::class); } } diff --git a/app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserPermissionsController.php b/app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserPermissionsController.php index b521634d3..a3e15b195 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserPermissionsController.php +++ b/app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserPermissionsController.php @@ -2,22 +2,25 @@ namespace App\Containers\AppSection\Authorization\UI\API\Controllers; +use Apiato\Core\Exceptions\InvalidTransformerException; use App\Containers\AppSection\Authorization\Actions\GetUserPermissionsAction; use App\Containers\AppSection\Authorization\UI\API\Requests\GetUserPermissionsRequest; use App\Containers\AppSection\Authorization\UI\API\Transformers\PermissionTransformer; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Controllers\ApiController; class GetUserPermissionsController extends ApiController { /** * @param GetUserPermissionsRequest $request - * @return mixed - * @throws \Apiato\Core\Exceptions\CoreInternalErrorException - * @throws \Prettus\Repository\Exceptions\RepositoryException + * @return array + * @throws InvalidTransformerException + * @throws NotFoundException */ - public function getUserPermissions(GetUserPermissionsRequest $request) + public function getUserPermissions(GetUserPermissionsRequest $request): array { $permission = app(GetUserPermissionsAction::class)->run($request); + return $this->transform($permission, PermissionTransformer::class); } } diff --git a/app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserRolesController.php b/app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserRolesController.php index a503cce6e..235924d5e 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserRolesController.php +++ b/app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserRolesController.php @@ -2,16 +2,25 @@ namespace App\Containers\AppSection\Authorization\UI\API\Controllers; +use Apiato\Core\Exceptions\InvalidTransformerException; use App\Containers\AppSection\Authorization\Actions\GetUserRolesAction; use App\Containers\AppSection\Authorization\UI\API\Requests\GetUserRolesRequest; use App\Containers\AppSection\Authorization\UI\API\Transformers\RoleTransformer; +use App\Ship\Exceptions\NotFoundException; use App\Ship\Parents\Controllers\ApiController; class GetUserRolesController extends ApiController { - public function getUserRoles(GetUserRolesRequest $request) + /** + * @param GetUserRolesRequest $request + * @return array + * @throws InvalidTransformerException + * @throws NotFoundException + */ + public function getUserRoles(GetUserRolesRequest $request): array { $roles = app(GetUserRolesAction::class)->run($request); + return $this->transform($roles, RoleTransformer::class); } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/AssignRolesToUserRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/AssignRolesToUserRequest.php index f0f392bb9..79844f60f 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/AssignRolesToUserRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/AssignRolesToUserRequest.php @@ -34,7 +34,8 @@ public function rules(): array { return [ 'roles_ids' => 'array|required', - 'user_id' => 'required', + 'roles_ids.*' => 'exists:roles,id', + 'user_id' => 'required|exists:users,id', ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToRoleRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToRoleRequest.php index 842fa1ddd..c2289792c 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToRoleRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToRoleRequest.php @@ -33,8 +33,9 @@ class AttachPermissionsToRoleRequest extends ParentRequest public function rules(): array { return [ - 'permissions_ids' => 'required', - 'role_id' => 'required', + 'permissions_ids' => 'array|required', + 'permissions_ids.*' => 'exists:permissions,id', + 'role_id' => 'required|exists:roles,id', ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToUserRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToUserRequest.php index a62822a81..e7d44c0ee 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToUserRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToUserRequest.php @@ -35,7 +35,9 @@ class AttachPermissionsToUserRequest extends ParentRequest public function rules(): array { return [ - 'permissions_ids' => 'required' + 'permissions_ids' => 'array|required', + 'permissions_ids.*' => 'exists:permissions,id', + 'id' => 'required|exists:users,id', ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/DetachPermissionsFromRoleRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/DetachPermissionsFromRoleRequest.php index 3b4ee1c28..af1522181 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/DetachPermissionsFromRoleRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/DetachPermissionsFromRoleRequest.php @@ -33,8 +33,9 @@ class DetachPermissionsFromRoleRequest extends ParentRequest public function rules(): array { return [ - 'role_id' => 'required', - 'permissions_ids' => 'required', + 'role_id' => 'required|exists:roles,id', + 'permissions_ids' => 'array|required', + 'permissions_ids.*' => 'exists:permissions,id', ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/DetachPermissionsFromUserRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/DetachPermissionsFromUserRequest.php index adc6dd9c3..add742f0f 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/DetachPermissionsFromUserRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/DetachPermissionsFromUserRequest.php @@ -35,7 +35,9 @@ class DetachPermissionsFromUserRequest extends ParentRequest public function rules(): array { return [ - 'permissions_ids' => 'required', + 'permissions_ids' => 'array|required', + 'permissions_ids.*' => 'exists:permissions,id', + 'id' => 'required|exists:users,id', ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/GetRolePermissionsRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/GetRolePermissionsRequest.php index c0bd78d9f..a8c37bf28 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/GetRolePermissionsRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/GetRolePermissionsRequest.php @@ -35,7 +35,7 @@ class GetRolePermissionsRequest extends ParentRequest public function rules(): array { return [ - 'id' => 'required', + ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/GetUserPermissionsRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/GetUserPermissionsRequest.php index 66336915b..3a844e84e 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/GetUserPermissionsRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/GetUserPermissionsRequest.php @@ -35,7 +35,7 @@ class GetUserPermissionsRequest extends ParentRequest public function rules(): array { return [ - 'id' => 'required', + ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/RevokeRolesFromUserRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/RevokeRolesFromUserRequest.php index 7d930fa36..92358116b 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/RevokeRolesFromUserRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/RevokeRolesFromUserRequest.php @@ -33,8 +33,9 @@ class RevokeRolesFromUserRequest extends ParentRequest public function rules(): array { return [ - 'roles_ids' => 'required', - 'user_id' => 'required', + 'roles_ids' => 'array|required', + 'roles_ids.*' => 'required|exists:roles,id', + 'user_id' => 'required|exists:users,id', ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/SyncPermissionsOnRoleRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/SyncPermissionsOnRoleRequest.php index d2706c1f4..ced47a7b2 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/SyncPermissionsOnRoleRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/SyncPermissionsOnRoleRequest.php @@ -33,8 +33,9 @@ class SyncPermissionsOnRoleRequest extends ParentRequest public function rules(): array { return [ - 'permissions_ids' => 'required', - 'role_id' => 'required', + 'permissions_ids' => 'array|required', + 'permissions_ids.*' => 'required|exists:permissions,id', + 'role_id' => 'required|exists:roles,id', ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Requests/SyncUserRolesRequest.php b/app/Containers/AppSection/Authorization/UI/API/Requests/SyncUserRolesRequest.php index c7ea7c171..1efef6cf6 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Requests/SyncUserRolesRequest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Requests/SyncUserRolesRequest.php @@ -33,8 +33,9 @@ class SyncUserRolesRequest extends ParentRequest public function rules(): array { return [ - 'roles_ids' => 'required', - 'user_id' => 'required', + 'roles_ids' => 'array|required', + 'roles_ids.*' => 'required|exists:roles,id', + 'user_id' => 'required|exists:users,id', ]; } diff --git a/app/Containers/AppSection/Authorization/UI/API/Routes/AttachPermissionsToRole.v1.private.php b/app/Containers/AppSection/Authorization/UI/API/Routes/AttachPermissionsToRole.v1.private.php index d1de61fbb..91cdf68e0 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Routes/AttachPermissionsToRole.v1.private.php +++ b/app/Containers/AppSection/Authorization/UI/API/Routes/AttachPermissionsToRole.v1.private.php @@ -17,7 +17,7 @@ * @apiHeader {String} authorization=Bearer * * @apiBody {String} role_id Role ID - * @apiBody {Array} permissions_ids Permission ID or Array of Permissions ID's + * @apiBody {Array} permissions_ids Array of Permissions ID's * * @apiUse RoleSuccessSingleResponse */ diff --git a/app/Containers/AppSection/Authorization/UI/API/Routes/AttachPermissionsToUser.v1.private.php b/app/Containers/AppSection/Authorization/UI/API/Routes/AttachPermissionsToUser.v1.private.php index 4215a396d..f1d49cb15 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Routes/AttachPermissionsToUser.v1.private.php +++ b/app/Containers/AppSection/Authorization/UI/API/Routes/AttachPermissionsToUser.v1.private.php @@ -1,10 +1,10 @@ middleware(['auth:api']); diff --git a/app/Containers/AppSection/Authorization/UI/API/Routes/DetachPermissionsFromRole.v1.private.php b/app/Containers/AppSection/Authorization/UI/API/Routes/DetachPermissionsFromRole.v1.private.php index cf239cd74..f8cf5fa83 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Routes/DetachPermissionsFromRole.v1.private.php +++ b/app/Containers/AppSection/Authorization/UI/API/Routes/DetachPermissionsFromRole.v1.private.php @@ -17,7 +17,7 @@ * @apiHeader {String} authorization=Bearer * * @apiBody {String} role_id Role ID - * @apiBody {String-Array} permissions_ids Permission ID or Array of Permissions ID's + * @apiBody {String} permissions_ids Array of Permissions ID's * * @apiUse RoleSuccessSingleResponse */ diff --git a/app/Containers/AppSection/Authorization/UI/API/Routes/DetachPermissionsFromUser.v1.private.php b/app/Containers/AppSection/Authorization/UI/API/Routes/DetachPermissionsFromUser.v1.private.php index 6ecdd9167..5d547c9b5 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Routes/DetachPermissionsFromUser.v1.private.php +++ b/app/Containers/AppSection/Authorization/UI/API/Routes/DetachPermissionsFromUser.v1.private.php @@ -1,10 +1,10 @@ middleware(['auth:api']); diff --git a/app/Containers/AppSection/Authorization/UI/API/Routes/GetUserPermissions.v1.private.php b/app/Containers/AppSection/Authorization/UI/API/Routes/GetUserPermissions.v1.private.php index e710c8171..c14661c17 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Routes/GetUserPermissions.v1.private.php +++ b/app/Containers/AppSection/Authorization/UI/API/Routes/GetUserPermissions.v1.private.php @@ -1,7 +1,7 @@ create(); $data = [ - 'permissions_ids' => $permission->id + 'permissions_ids' => [$permission->id], ]; // send the HTTP request @@ -40,10 +39,10 @@ public function testAttachSinglePermissionToUser(): void // assert the response status $response->assertStatus(200); $response->assertJson( - fn(AssertableJson $json) => $json->has('data') + fn (AssertableJson $json) => $json->has('data') ->where('data.object', 'User') ->where('data.id', $user->getHashedKey()) - ->has('data.permissions.data',1) + ->has('data.permissions.data', 1) ->where('data.permissions.data.0.object', 'Permission') ->where('data.permissions.data.0.id', $permission->getHashedKey()) ->etc() @@ -56,14 +55,14 @@ public function testAttachMultiplePermissionsToUser(): void $permissionA = Permission::factory()->create(); $permissionB = Permission::factory()->create(); $data = [ - 'permissions_ids' => [$permissionA->id, $permissionB->id] + 'permissions_ids' => [$permissionA->id, $permissionB->id], ]; $response = $this->injectId($user->id)->makeCall($data); $response->assertStatus(200); $response->assertJson( - fn(AssertableJson $json) => $json->has('data') + fn (AssertableJson $json) => $json->has('data') ->where('data.object', 'User') ->where('data.id', $user->getHashedKey()) ->has('data.permissions.data', 2) @@ -79,12 +78,20 @@ public function testAttachNonExistingPermissionToUser(): void $user = User::factory()->create(); $invalidId = 3333; $data = [ - 'permissions_ids' => $invalidId + 'permissions_ids' => [$invalidId], ]; $response = $this->injectId($user->id)->makeCall($data); - $response->assertStatus(404); + $response->assertJson( + fn (AssertableJson $json) => $json->has( + 'errors', + fn (AssertableJson $errors) => $errors->has( + 'permissions_ids.0', + fn (AssertableJson $permissionsIds) => $permissionsIds->where(0, 'The selected permissions_ids.0 is invalid.') + )->etc() + )->etc() + ); } public function testAttachPermissionToNonExistingUser(): void @@ -92,14 +99,16 @@ public function testAttachPermissionToNonExistingUser(): void $permission = Permission::factory()->create(); $invalidId = 7777; $data = [ - 'permissions_ids' => $permission->id + 'permissions_ids' => [$permission->id], ]; $response = $this->injectId($invalidId)->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has('errors') + ->where('errors.id.0', 'The selected id is invalid.') + ->etc() + ); } } - - - diff --git a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/AttachPermissionsToRoleTest.php b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/AttachPermissionsToRoleTest.php index ca146ba4a..38c6351e5 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/AttachPermissionsToRoleTest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/AttachPermissionsToRoleTest.php @@ -36,14 +36,13 @@ public function testAttachSinglePermissionToRole(): void $response->assertStatus(200); $response->assertJson( - fn (AssertableJson $json) => - $json->has('data') - ->where('data.object', 'Role') - ->where('data.id', $role->getHashedKey()) - ->has('data.permissions.data', 1) - ->where('data.permissions.data.0.object', 'Permission') - ->where('data.permissions.data.0.id', $permission->getHashedKey()) - ->etc() + fn (AssertableJson $json) => $json->has('data') + ->where('data.object', 'Role') + ->where('data.id', $role->getHashedKey()) + ->has('data.permissions.data', 1) + ->where('data.permissions.data.0.object', 'Permission') + ->where('data.permissions.data.0.id', $permission->getHashedKey()) + ->etc() ); } @@ -61,8 +60,7 @@ public function testAttachMultiplePermissionsToRole(): void $response->assertStatus(200); $response->assertJson( - fn (AssertableJson $json) => - $json->has('data') + fn (AssertableJson $json) => $json->has('data') ->where('data.object', 'Role') ->where('data.id', $role->getHashedKey()) ->has('data.permissions.data', 2) @@ -79,12 +77,21 @@ public function testAttachNonExistingPermissionToRole(): void $invalidId = 7777; $data = [ 'role_id' => $role->getHashedKey(), - 'permissions_ids' => Hashids::encode($invalidId), + 'permissions_ids' => [Hashids::encode($invalidId)], ]; $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has( + 'errors', + fn (AssertableJson $errors) => $errors->has( + 'permissions_ids.0', + fn (AssertableJson $permissionsIds) => $permissionsIds->where(0, 'The selected permissions_ids.0 is invalid.') + )->etc() + )->etc() + ); } public function testAttachPermissionToNonExistingRole(): void @@ -93,11 +100,16 @@ public function testAttachPermissionToNonExistingRole(): void $invalidId = 7777; $data = [ 'role_id' => Hashids::encode($invalidId), - 'permissions_ids' => $permission->getHashedKey(), + 'permissions_ids' => [$permission->getHashedKey()], ]; $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has('errors') + ->where('errors.role_id.0', 'The selected role id is invalid.') + ->etc() + ); } } diff --git a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/DetachPermissionFromUserTest.php b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/DetachPermissionFromUserTest.php index b283f56eb..4f758a4be 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/DetachPermissionFromUserTest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/DetachPermissionFromUserTest.php @@ -16,16 +16,13 @@ */ class DetachPermissionFromUserTest extends ApiTestCase { - // the endpoint to be called within this test (e.g., get@v1/users) - protected string $endpoint = 'post@v1/users/{id}/permissions/detach'; + protected string $endpoint = 'delete@v1/users/{id}/permissions'; - // fake some access rights protected array $access = [ 'permissions' => 'manage-permissions', 'roles' => '', ]; - public function testDetachSinglePermissionFromUser(): void { $user = User::factory()->create(); @@ -34,18 +31,17 @@ public function testDetachSinglePermissionFromUser(): void $user->givePermissionTo([$permissionA, $permissionB]); $data = [ - 'permissions_ids' => [$permissionA->id] + 'permissions_ids' => [$permissionA->id], ]; - // send the HTTP request $response = $this->injectId($user->id)->makeCall($data); - // assert the response status + $response->assertStatus(200); $response->assertJson( - fn(AssertableJson $json) => $json->has('data') + fn (AssertableJson $json) => $json->has('data') ->where('data.object', 'User') ->where('data.id', $user->getHashedKey()) - ->has('data.permissions.data',1) + ->has('data.permissions.data', 1) ->where('data.permissions.data.0.object', 'Permission') ->where('data.permissions.data.0.id', $permissionB->getHashedKey()) ->etc() @@ -62,16 +58,14 @@ public function testDetachMultiplePermissionFromUser(): void $user->givePermissionTo([$permissionA, $permissionB, $permissionC]); $data = [ - 'permissions_ids' => [$permissionA->id, $permissionB->id] + 'permissions_ids' => [$permissionA->id, $permissionB->id], ]; - // send the HTTP request $response = $this->injectId($user->id)->makeCall($data); - // assert the response status $response->assertStatus(200); $response->assertJson( - fn(AssertableJson $json) => $json->has('data') + fn (AssertableJson $json) => $json->has('data') ->where('data.object', 'User') ->where('data.id', $user->getHashedKey()) ->count('data.permissions.data', 1) @@ -85,12 +79,21 @@ public function testDetachNonExistingPermissionFromUser() $invalidId = 3333; $user = User::factory()->create(); $data = [ - 'permissions_ids' => [Hashids::encode($invalidId)] + 'permissions_ids' => [Hashids::encode($invalidId)], ]; $response = $this->injectId($user->id)->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has( + 'errors', + fn (AssertableJson $errors) => $errors->has( + 'permissions_ids.0', + fn (AssertableJson $permissionsIds) => $permissionsIds->where(0, 'The selected permissions_ids.0 is invalid.') + )->etc() + )->etc() + ); } public function testDetachPermissionFromNonExistingUser() @@ -99,11 +102,19 @@ public function testDetachPermissionFromNonExistingUser() $permission = Permission::factory()->create(); $data = [ //'user_id' => Hashids::encode($invalidId), - 'permissions_ids' => [$permission->getHashedKey()] + 'permissions_ids' => [$permission->getHashedKey()], ]; $response = $this->injectId($invalidId)->makeCall($data); - $response->assertStatus(404); + $response->assertJson( + fn (AssertableJson $json) => $json->has( + 'errors', + fn (AssertableJson $errors) => $errors->has( + 'permissions_ids.0', + fn (AssertableJson $permissionsIds) => $permissionsIds->where(0, 'The selected permissions_ids.0 is invalid.') + )->etc() + )->etc() + ); } } diff --git a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/DetachPermissionsFromRoleTest.php b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/DetachPermissionsFromRoleTest.php index c176eaead..2fa029994 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/DetachPermissionsFromRoleTest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/DetachPermissionsFromRoleTest.php @@ -38,13 +38,12 @@ public function testDetachSinglePermissionFromRole(): void $response->assertStatus(200); $response->assertJson( - fn (AssertableJson $json) => - $json->has('data') - ->where('data.object', 'Role') - ->where('data.id', $role->getHashedKey()) - ->count('data.permissions.data', 1) - ->where('data.permissions.data.0.id', $permissionB->getHashedKey()) - ->etc() + fn (AssertableJson $json) => $json->has('data') + ->where('data.object', 'Role') + ->where('data.id', $role->getHashedKey()) + ->count('data.permissions.data', 1) + ->where('data.permissions.data.0.id', $permissionB->getHashedKey()) + ->etc() ); } @@ -64,13 +63,12 @@ public function testDetachMultiplePermissionFromRole(): void $response->assertStatus(200); $response->assertJson( - fn (AssertableJson $json) => - $json->has('data') - ->where('data.object', 'Role') - ->where('data.id', $role->getHashedKey()) - ->count('data.permissions.data', 1) - ->where('data.permissions.data.0.id', $permissionB->getHashedKey()) - ->etc() + fn (AssertableJson $json) => $json->has('data') + ->where('data.object', 'Role') + ->where('data.id', $role->getHashedKey()) + ->count('data.permissions.data', 1) + ->where('data.permissions.data.0.id', $permissionB->getHashedKey()) + ->etc() ); } @@ -85,7 +83,12 @@ public function testDetachPermissionFromNonExistingRole(): void $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has('errors') + ->where('errors.role_id.0', 'The selected role id is invalid.') + ->etc() + ); } public function testDetachNonExistingPermissionFromRole(): void @@ -99,6 +102,14 @@ public function testDetachNonExistingPermissionFromRole(): void $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertJson( + fn (AssertableJson $json) => $json->has( + 'errors', + fn (AssertableJson $errors) => $errors->has( + 'permissions_ids.0', + fn (AssertableJson $permissionsIds) => $permissionsIds->where(0, 'The selected permissions_ids.0 is invalid.') + )->etc() + )->etc() + ); } } diff --git a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/RevokeRolesFromUserTest.php b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/RevokeRolesFromUserTest.php index ae1215b06..8f69045ee 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/RevokeRolesFromUserTest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/RevokeRolesFromUserTest.php @@ -38,8 +38,7 @@ public function testRevokeRolesFromUser(): void $response->assertStatus(200); $response->assertJson( - fn (AssertableJson $json) => - $json->has('data') + fn (AssertableJson $json) => $json->has('data') ->where('data.object', 'User') ->where('data.id', $data['user_id']) ->has('data.roles.data', 1) @@ -65,12 +64,11 @@ public function testRevokeManyRolesFromUser(): void $response->assertStatus(200); $response->assertJson( - fn (AssertableJson $json) => - $json->has('data') - ->where('data.object', 'User') - ->where('data.id', $data['user_id']) - ->has('data.roles.data', 0) - ->etc() + fn (AssertableJson $json) => $json->has('data') + ->where('data.object', 'User') + ->where('data.id', $data['user_id']) + ->has('data.roles.data', 0) + ->etc() ); } @@ -85,7 +83,12 @@ public function testRevokeRolesFromNonExistingUser(): void $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has('errors') + ->where('errors.user_id.0', 'The selected user id is invalid.') + ->etc() + ); } public function testRevokeNonExistingRoleFromUser(): void @@ -99,6 +102,14 @@ public function testRevokeNonExistingRoleFromUser(): void $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertJson( + fn (AssertableJson $json) => $json->has( + 'errors', + fn (AssertableJson $errors) => $errors->has( + 'roles_ids.0', + fn (AssertableJson $permissionsIds) => $permissionsIds->where(0, 'The selected roles_ids.0 is invalid.') + )->etc() + )->etc() + ); } } diff --git a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/SyncPermissionsOnRoleTest.php b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/SyncPermissionsOnRoleTest.php index 8be530f4d..c29e458be 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/SyncPermissionsOnRoleTest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/SyncPermissionsOnRoleTest.php @@ -38,14 +38,13 @@ public function testSyncDuplicatedPermissionsToRole(): void $response->assertStatus(200); $response->assertJson( - fn (AssertableJson $json) => - $json->has('data') - ->where('data.object', 'Role') - ->where('data.id', $role->getHashedKey()) - ->count('data.permissions.data', 2) - ->where('data.permissions.data.0.id', $permissionA->getHashedKey()) - ->where('data.permissions.data.1.id', $permissionB->getHashedKey()) - ->etc() + fn (AssertableJson $json) => $json->has('data') + ->where('data.object', 'Role') + ->where('data.id', $role->getHashedKey()) + ->count('data.permissions.data', 2) + ->where('data.permissions.data.0.id', $permissionA->getHashedKey()) + ->where('data.permissions.data.1.id', $permissionB->getHashedKey()) + ->etc() ); } @@ -60,7 +59,12 @@ public function testSyncPermissionsOnNonExistingRole(): void $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has('errors') + ->where('errors.role_id.0', 'The selected role id is invalid.') + ->etc() + ); } public function testSyncNonExistingPermissionOnRole(): void @@ -74,6 +78,15 @@ public function testSyncNonExistingPermissionOnRole(): void $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has( + 'errors', + fn (AssertableJson $errors) => $errors->has( + 'permissions_ids.0', + fn (AssertableJson $permissionsIds) => $permissionsIds->where(0, 'The selected permissions_ids.0 is invalid.') + )->etc() + )->etc() + ); } } diff --git a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/SyncUserRolesTest.php b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/SyncUserRolesTest.php index deb00dc8f..3ac684c34 100644 --- a/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/SyncUserRolesTest.php +++ b/app/Containers/AppSection/Authorization/UI/API/Tests/Functional/SyncUserRolesTest.php @@ -41,12 +41,11 @@ public function testSyncMultipleRolesOnUser(): void $response->assertStatus(200); $response->assertJson( - fn (AssertableJson $json) => - $json->has('data') - ->count('data.roles.data', 2) - ->where('data.roles.data.0.id', $data['roles_ids'][0]) - ->where('data.roles.data.1.id', $data['roles_ids'][1]) - ->etc() + fn (AssertableJson $json) => $json->has('data') + ->count('data.roles.data', 2) + ->where('data.roles.data.0.id', $data['roles_ids'][0]) + ->where('data.roles.data.1.id', $data['roles_ids'][1]) + ->etc() ); } @@ -61,7 +60,12 @@ public function testSyncRoleOnNonExistingUser(): void $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has('errors') + ->where('errors.user_id.0', 'The selected user id is invalid.') + ->etc() + ); } public function testSyncNonExistingRoleOnUser(): void @@ -75,6 +79,15 @@ public function testSyncNonExistingRoleOnUser(): void $response = $this->makeCall($data); - $response->assertStatus(404); + $response->assertStatus(422); + $response->assertJson( + fn (AssertableJson $json) => $json->has( + 'errors', + fn (AssertableJson $errors) => $errors->has( + 'roles_ids.0', + fn (AssertableJson $permissionsIds) => $permissionsIds->where(0, 'The selected roles_ids.0 is invalid.') + )->etc() + )->etc() + ); } } diff --git a/app/Containers/AppSection/User/UI/API/Transformers/UserTransformer.php b/app/Containers/AppSection/User/UI/API/Transformers/UserTransformer.php index 980cf432b..d4c1b1905 100644 --- a/app/Containers/AppSection/User/UI/API/Transformers/UserTransformer.php +++ b/app/Containers/AppSection/User/UI/API/Transformers/UserTransformer.php @@ -12,7 +12,7 @@ class UserTransformer extends ParentTransformer { protected array $availableIncludes = [ 'roles', - 'permissions' + 'permissions', ]; protected array $defaultIncludes = [