moved Rechtemanagement logics to cure bundle

8642b9a1 · Tobias Gross-Vogt · 4265ff52 · 4265ff52 · 8642b9a1 · 8642b9a1
Commit 8642b9a1 authored 2 years ago by Tobias Gross-Vogt
--- a/src/API/AuthorizationDataProviderInterface.php
+++ b/src/API/AuthorizationDataProviderInterface.php
-<?php
-
-declare(strict_types=1);
-
-namespace Dbp\Relay\AuthBundle\API;
-
-interface AuthorizationDataProviderInterface
-{
-    /**
-     * @return string[]
-     */
-    public function getAvailableRoles(): array;
-
-    /**
-     * @return string[]
-     */
-    public function getAvailableAttributes(): array;
-
-    /**
-     * @param string[] $userRoles
-     * @param mixed[]  $userAttributes
-     */
-    public function getUserData(string $userId, array &$userRoles, array &$userAttributes): void;
-}
--- a/src/Authenticator/BearerUser.php
+++ b/src/Authenticator/BearerUser.php
@@ -4,35 +4,24 @@ declare(strict_types=1);

 namespace Dbp\Relay\AuthBundle\Authenticator;

-use Dbp\Relay\AuthBundle\API\AuthorizationDataProviderInterface;
-use Dbp\Relay\CoreBundle\API\UserInterface as DbpUserInterface;
-use Symfony\Component\Security\Core\User\UserInterface as SymfonyUserInterface;
+use Symfony\Component\Security\Core\User\UserInterface;

-class BearerUser implements DbpUserInterface, SymfonyUserInterface
+class BearerUser implements UserInterface
 {
-    /** @var string[] */
+    /**
+     * @var string[]
+     *
+     * @deprecated
+     */
    private $rolesDeprecated;

    /** @var string|null */
    private $identifier;

-    /** @var array */
-    private $roles;
-
-    /** @var array */
-    private $attributes;
-
-    /** @var iterable */
-    private $authorizationDataProviders;
-
    public function __construct(?string $identifier, array $rolesDeprecated)
    {
        $this->rolesDeprecated = $rolesDeprecated;
        $this->identifier = $identifier;
-
-        $this->roles = [];
-        $this->attributes = [];
-        $this->authorizationDataProviders = [];
    }

    public function getRoles(): array
@@ -63,67 +52,4 @@ class BearerUser implements DbpUserInterface, SymfonyUserInterface
    public function eraseCredentials()
    {
    }
-
-    public function setAuthorizationDataProviders(iterable $authorizationDataProviders)
-    {
-        $this->authorizationDataProviders = $authorizationDataProviders;
-    }
-
-    public function hasRole(string $roleName): bool
-    {
-        if (array_key_exists($roleName, $this->roles) === false) {
-            $this->loadRole($roleName);
-        }
-
-        return $this->roles[$roleName] ?? false;
-    }
-
-    /**
-     * @return mixed|null
-     */
-    public function getAttribute(string $attributeName)
-    {
-        if (array_key_exists($attributeName, $this->attributes) === false) {
-            $this->loadAttributes($attributeName);
-        }
-
-        return $this->attributes[$attributeName] ?? null;
-    }
-
-    private function loadRole(string $roleName)
-    {
-        foreach ($this->authorizationDataProviders as $authorizationDataProvider) {
-            $availableRoles = $authorizationDataProvider->getAvailableRoles();
-            if (in_array($roleName, $availableRoles, true)) {
-                $this->loadUserDataFromAuthorizationProvider($authorizationDataProvider);
-                break;
-            }
-        }
-    }
-
-    private function loadAttributes(string $attributeName)
-    {
-        foreach ($this->authorizationDataProviders as $authorizationDataProvider) {
-            $availableAttributes = $authorizationDataProvider->getAvailableAttributes();
-            if (in_array($attributeName, $availableAttributes, true)) {
-                $this->loadUserDataFromAuthorizationProvider($authorizationDataProvider);
-                break;
-            }
-        }
-    }
-
-    private function loadUserDataFromAuthorizationProvider(AuthorizationDataProviderInterface $authorizationDataProvider)
-    {
-        $userRoles = [];
-        $userAttributes = [];
-        $authorizationDataProvider->getUserData($this->identifier, $userRoles, $userAttributes);
-
-        foreach ($authorizationDataProvider->getAvailableAttributes() as $availableAttribute) {
-            $this->attributes[$availableAttribute] = $userAttributes[$availableAttribute] ?? null;
-        }
-
-        foreach ($authorizationDataProvider->getAvailableRoles() as $availableRole) {
-            $this->roles[$availableRole] = in_array($availableRole, $userRoles, true);
-        }
-    }
 }
--- a/src/Authenticator/BearerUserProvider.php
+++ b/src/Authenticator/BearerUserProvider.php
@@ -4,7 +4,6 @@ declare(strict_types=1);

 namespace Dbp\Relay\AuthBundle\Authenticator;

-use Dbp\Relay\AuthBundle\Authorization\AuthorizationDataProviderProvider;
 use Dbp\Relay\AuthBundle\OIDC\OIDProvider;
 use Dbp\Relay\CoreBundle\API\UserSessionInterface;
 use Psr\Log\LoggerAwareInterface;
@@ -19,7 +18,6 @@ class BearerUserProvider implements BearerUserProviderInterface, LoggerAwareInte
    private $config;
    private $userSession;
    private $oidProvider;
-    private $authorizationDataProviders;

    public function __construct(UserSessionInterface $userSession, OIDProvider $oidProvider)
    {
@@ -28,14 +26,6 @@ class BearerUserProvider implements BearerUserProviderInterface, LoggerAwareInte
        $this->oidProvider = $oidProvider;
    }

-    /**
-     * @required
-     */
-    public function injectAuthorizationDataProvders(AuthorizationDataProviderProvider $provider): void
-    {
-        $this->authorizationDataProviders = $provider->getAuthorizationDataProviders();
-    }
-
    public function setConfig(array $config)
    {
        $this->config = $config;
@@ -92,15 +82,9 @@ class BearerUserProvider implements BearerUserProviderInterface, LoggerAwareInte
        $identifier = $session->getUserIdentifier();
        $userRoles = $session->getUserRoles();

-        $user = new BearerUser(
+        return new BearerUser(
            $identifier,
            $userRoles
        );
-
-        if ($this->authorizationDataProviders !== null) {
-            $user->setAuthorizationDataProviders($this->authorizationDataProviders);
-        }
-
-        return $user;
    }
 }
--- a/src/DbpRelayAuthBundle.php
+++ b/src/DbpRelayAuthBundle.php
@@ -4,7 +4,6 @@ declare(strict_types=1);

 namespace Dbp\Relay\AuthBundle;

-use Dbp\Relay\AuthBundle\API\AuthorizationDataProviderInterface;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\HttpKernel\Bundle\Bundle;

@@ -12,8 +11,5 @@ class DbpRelayAuthBundle extends Bundle
 {
    public function build(ContainerBuilder $container)
    {
-        // add tag to all services implementing the interface
-        $container->registerForAutoconfiguration(AuthorizationDataProviderInterface::class)
-            ->addTag('auth.authorization_data_provider');
    }
 }
--- a/src/Resources/config/services.yaml
+++ b/src/Resources/config/services.yaml
@@ -34,8 +34,3 @@ services:

  Dbp\Relay\AuthBundle\API\UserRolesInterface:
    '@Dbp\Relay\AuthBundle\Service\DefaultUserRoles'
-
-  Dbp\Relay\AuthBundle\Authorization\AuthorizationDataProviderProvider:
-    autowire: true
-    autoconfigure: true
-    arguments: [!tagged auth.authorization_data_provider]