composer.json

@@ -6,7 +6,7 @@
         "php": ">=7.3",
         "ext-json": "*",
         "api-platform/core": "^2.6.3",
-        "dbp/relay-core-bundle": "^0.1.60",
+        "dbp/relay-core-bundle": "^0.1.75",
         "guzzlehttp/guzzle": "^7.0",
         "nelmio/cors-bundle": "^2.1.0",
         "phpdocumentor/reflection-docblock": "^3.0 || ^4.0 || ^5.0",

src/Authorization/AuthorizationService.php

+<?php
+
+declare(strict_types=1);
+
+namespace Dbp\Relay\BasePersonBundle\Authorization;
+
+use Dbp\Relay\BasePersonBundle\Entity\Person;
+use Dbp\Relay\CoreBundle\Authorization\AbstractAuthorizationService;
+use Dbp\Relay\CoreBundle\Authorization\AuthorizationConfigDefinition;
+
+class AuthorizationService extends AbstractAuthorizationService
+{
+    public function __construct()
+    {
+        $isLoggedInUserExpression = 'user.getIdentifier() == entity.getIdentifier()';
+
+        $this->configure([], [], [
+            'BasePerson' => [
+                AuthorizationConfigDefinition::ENTITY_CLASS_NAME_CONFIG_NODE => Person::class,
+                AuthorizationConfigDefinition::ENTITY_READ_ACCESS_CONFIG_NODE => [
+                    'email' => $isLoggedInUserExpression,
+                    'birthDate' => $isLoggedInUserExpression,
+                ],
+            ],
+        ]);
+    }
+}

src/DependencyInjection/Configuration.php

@@ -11,8 +11,6 @@ class Configuration implements ConfigurationInterface
 {
     public function getConfigTreeBuilder(): TreeBuilder
     {
-        $treeBuilder = new TreeBuilder('dbp_relay_base');
-
-        return $treeBuilder;
+        return new TreeBuilder('dbp_relay_base_person');
     }
 }

src/Entity/PersonTrait.php

@@ -36,7 +36,7 @@ trait PersonTrait
 
     /**
      * @ApiProperty(iri="http://schema.org/email")
-     * @Groups({"BasePerson:current-user", "BasePerson:extended-access"})
+     * @Groups({"BasePerson:output:email"})
      *
      * @var string
      */
@@ -45,7 +45,7 @@ trait PersonTrait
     /**
      * @var string
      * @ApiProperty(iri="http://schema.org/birthDate")
-     * @Groups({"BasePerson:current-user"})
+     * @Groups({"BasePerson:output:birthDate"})
      */
     private $birthDate;
 

src/Resources/config/services.yaml

@@ -10,7 +10,7 @@ services:
     autowire: true
     autoconfigure: true
 
-  Dbp\Relay\BasePersonBundle\Serializer\PersonAttributeNormalizer:
+  Dbp\Relay\BasePersonBundle\Authorization\AuthorizationService:
     autowire: true
     autoconfigure: true
 

src/Serializer/PersonAttributeNormalizer.php

-<?php
-
-declare(strict_types=1);
-
-namespace Dbp\Relay\BasePersonBundle\Serializer;
-
-use Dbp\Relay\BasePersonBundle\Entity\Person;
-use Symfony\Component\Security\Core\Security;
-use Symfony\Component\Serializer\Normalizer\ContextAwareNormalizerInterface;
-use Symfony\Component\Serializer\Normalizer\NormalizerAwareInterface;
-use Symfony\Component\Serializer\Normalizer\NormalizerAwareTrait;
-
-class PersonAttributeNormalizer implements ContextAwareNormalizerInterface, NormalizerAwareInterface
-{
-    use NormalizerAwareTrait;
-
-    private const ALREADY_CALLED = 'LDAP_PERSON_ATTRIBUTE_NORMALIZER_CURRENT_USER_ALREADY_CALLED';
-
-    /**
-     * @var Security
-     */
-    private $security;
-
-    public function __construct(Security $security)
-    {
-        $this->security = $security;
-    }
-
-    /**
-     *  @return array|string|int|float|bool|\ArrayObject|null
-     */
-    public function normalize($object, $format = null, array $context = [])
-    {
-        // set the group "Person:current-user" for the current user
-        if ($this->isCurrentUser($object)) {
-            $context['groups'][] = 'BasePerson:current-user';
-        }
-
-        $context[self::ALREADY_CALLED] = true;
-
-        return $this->normalizer->normalize($object, $format, $context);
-    }
-
-    public function supportsNormalization($data, $format = null, array $context = []): bool
-    {
-        // Make sure we're not called twice
-        if (isset($context[self::ALREADY_CALLED])) {
-            return false;
-        }
-
-        return $data instanceof Person;
-    }
-
-    /**
-     * @param Person $object
-     */
-    private function isCurrentUser($object): bool
-    {
-        $user = $this->security->getUser();
-
-        return $user ? $user->getUsername() === $object->getIdentifier() : false;
-    }
-}

tests/ExtTest.php

@@ -48,7 +48,8 @@ class ExtTest extends ApiTestCase
         $client = $this->withUser('foobar', [], '42');
         $user = $this->getUser($client);
         $person = $this->withPerson($client, $user);
-        $person->setEmail('foo@bar.com');
+        $person->setGivenName('Foo');
+        $person->setFamilyName('Bar');
         $response = $client->request('GET', '/base/people/foobar', ['headers' => [
             'Authorization' => 'Bearer 42',
         ]]);
@@ -56,7 +57,8 @@ class ExtTest extends ApiTestCase
         $data = json_decode($response->getContent(false), true, 512, JSON_THROW_ON_ERROR);
         $this->assertEquals('/base/people/foobar', $data['@id']);
         $this->assertEquals('foobar', $data['identifier']);
-        $this->assertEquals('foo@bar.com', $data['email']);
+        $this->assertEquals('Foo', $data['givenName']);
+        $this->assertEquals('Bar', $data['familyName']);
     }
 
     public function testResponseHeaders()

tests/bootstrap.php

@@ -2,12 +2,4 @@
 
 declare(strict_types=1);
 
-use Symfony\Component\Dotenv\Dotenv;
-
 require dirname(__DIR__).'/vendor/autoload.php';
-
-if (file_exists(dirname(__DIR__).'/config/bootstrap.php')) {
-    require dirname(__DIR__).'/config/bootstrap.php';
-} elseif (method_exists(Dotenv::class, 'bootEnv')) {
-    (new Dotenv())->bootEnv(dirname(__DIR__).'/.env');
-}