Add route permissions guard and controller permissions guard #238
Conversation
| @@ -0,0 +1,100 @@ | |||
| <?php | |||
There was a problem hiding this comment.
File seems to be in "tests" folder?
There was a problem hiding this comment.
A mistake, wil move to src
|
On first sight a very good idea and apart from the things you commented @bakura10 it looks fine to me too. However, I'd like to see some tests :) |
|
Just a note on comments and dockblocks. |
|
I want it mostly because it helps IDE :) Envoyé de mon iPhone
|
PHPStorm don't need them : it can read the function prototype and the return type if fixed. |
|
I LIKE THEM :D. That's my reason :p Envoyé de mon iPhone
|
|
Looks perfect. Just waiting for tests for the new guard AND doc ;). |
|
Additionally, I think we should change the default event priority to -10 (like ControllerGuard), so that RouteGuard is always executed first. This allows to clarify the case where you would have both a RouteGuard and RoutePermissionsGuard for the same route. By default the RouteGuard is registered with -5, ControllerGuard with -10, and I suggest RoutePermissionsGuard to be -10 too (https://github.com/ZF-Commons/zfc-rbac/blob/master/src/ZfcRbac/Guard/ControllerGuard.php#L37) |
|
👍 on the priority |
|
It would be best to execute Guards in the order declared in the config. But for the sake of simplicity, i will change the priority |
|
What's the point of mapping multiple permissions for a single route? I think 1 to 1 is more reasonable. |
| @@ -18,6 +18,7 @@ | |||
|
|
|||
| namespace ZfcRbac\Guard; | |||
|
|
|||
| use Doctrine\Common\Proxy\Exception\InvalidArgumentException; | |||
There was a problem hiding this comment.
What what? Doctrine exception in this part of the code? I don't like that. People can use ZfcRbac without Doctrine!
There was a problem hiding this comment.
Oops ! PHPStorm autocompletion can be tricky...
|
I will be on holidays the next few days so I won't be able to merge this. In overall I like it, I just don't like that you included the RULE_AND feature in this PR. Please revert that and only keeps what we need here. I'd prefer you to do that as another PR once this one is merged, so we can discuss it separately. |
👍 OK for a next PR. I revert. |
| @@ -0,0 +1,141 @@ | |||
| <?php | |||
There was a problem hiding this comment.
Why is the whole file marked as changed? Very hard to know what has changed :/
There was a problem hiding this comment.
'cause it's a new one 😉
ControllerPermissionsGuard
|
Sorry but it seems a lot lot of files have a complete different change set, and all the lines are marked as strange. I could merge this but I'm a bit worried because I can't know what has changed in all those files that does not directly belong to this PR :/. |
|
I don't see wich file is worrying you. |
jmleroux
changed the title
|
I have changed the title to reflect all the changes of this PR. |
|
From what I can tell only the |
|
Sorry, I didn't realized you added a fourth guard. Doc is missing for ControllerPermissionsGuard though. |
|
|
||
| foreach ($rules as $rule) { | ||
| $controller = strtolower($rule['controller']); | ||
| $actions = isset($rule['actions']) ? (array) $rule['actions'] : []; |
|
Looks good. I'll merge once doc is added for the new guard. |
Add route permissions guard and controller permissions guard
|
oops, i modified a test in the meanwhile. |
|
nevermind, i'll do it on master. |
|
I received a mail notification @davidwindell. But can't find your comment? |
|
Oops I mean #262 |
First commit to add permissions check on route, as discussed in #182
Discussin is open, tests to come