From 0a5bb7dd8eae6767d405855df279ceb1e8236d60 Mon Sep 17 00:00:00 2001
From: Tobias Gross-Vogt <tgros@tugraz.at>
Date: Mon, 5 Dec 2022 14:59:15 +0100
Subject: [PATCH] abstractgetattributesubscribe; re-allowing to update values
of existing user attributes
---
src/Authorization/AuthorizationDataMuxer.php | 3 +-
.../AbstractGetAttributeSubscriber.php | 31 +++++++++++++------
2 files changed, 22 insertions(+), 12 deletions(-)
diff --git a/src/Authorization/AuthorizationDataMuxer.php b/src/Authorization/AuthorizationDataMuxer.php
index 3cf2865..ce6aed5 100644
--- a/src/Authorization/AuthorizationDataMuxer.php
+++ b/src/Authorization/AuthorizationDataMuxer.php
@@ -112,7 +112,6 @@ class AuthorizationDataMuxer
throw new AuthorizationException(sprintf('attribute \'%s\' undefined', $attributeName), AuthorizationException::ATTRIBUTE_UNDEFINED);
}
- $wasFound = false;
$value = $defaultValue;
foreach ($this->authorizationDataProviders as $authorizationDataProvider) {
$availableAttributes = $this->getProviderAvailableAttributes($authorizationDataProvider);
@@ -130,7 +129,7 @@ class AuthorizationDataMuxer
$event = new GetAttributeEvent($this, $attributeName, $value, $userIdentifier);
$event->setAttributeValue($value);
- // Avoid endless recursions by only emitting an event for each attribtue only once
+ // Avoid endless recursions by only emitting an event for each attribute only once
if (!in_array($attributeName, $this->attributeStack, true)) {
array_push($this->attributeStack, $attributeName);
$this->eventDispatcher->dispatch($event);
diff --git a/src/Authorization/EventSubscriber/AbstractGetAttributeSubscriber.php b/src/Authorization/EventSubscriber/AbstractGetAttributeSubscriber.php
index 2b30bd6..bb02caf 100644
--- a/src/Authorization/EventSubscriber/AbstractGetAttributeSubscriber.php
+++ b/src/Authorization/EventSubscriber/AbstractGetAttributeSubscriber.php
@@ -23,18 +23,19 @@ abstract class AbstractGetAttributeSubscriber implements EventSubscriberInterfac
public function onGetAvailableAttributes(GetAvailableAttributesEvent $event)
{
- $event->addAttributes($this->getAvailableAttributes());
+ $event->addAttributes($this->getNewAttributes());
}
public function onGetAttributeEvent(GetAttributeEvent $event)
{
try {
$this->event = $event;
-
$attributeName = $event->getAttributeName();
- if (in_array($attributeName, $this->getAvailableAttributes(), true)) {
- $event->setAttributeValue($this->getUserAttributeValue($event->getUserIdentifier(), $attributeName, $event->getAttributeValue()));
- }
+
+ $event->setAttributeValue(in_array($attributeName, $this->getNewAttributes(), true) ?
+ $this->getNewAttributeValue($event->getUserIdentifier(), $attributeName, $event->getAttributeValue()) :
+ $this->updateExistingAttributeValue($event->getUserIdentifier(), $attributeName, $event->getAttributeValue())
+ );
} finally {
$this->event = null;
}
@@ -50,15 +51,25 @@ abstract class AbstractGetAttributeSubscriber implements EventSubscriberInterfac
return $this->event->getAttribute($attributeName, $defaultValue);
}
+ /**
+ * @param mixed|null $attributeValue The current attribute value
+ *
+ * @return mixed|null The updated attribute value
+ */
+ protected function updateExistingAttributeValue(?string $userIdentifier, string $attributeName, $attributeValue)
+ {
+ return $attributeValue;
+ }
+
/*
- * @return string[]
+ * @return string[] The array of new attribute names that this subscriber provides
*/
- abstract protected function getAvailableAttributes(): array;
+ abstract protected function getNewAttributes(): array;
/**
- * @param mixed|null $attributeValue
+ * @param mixed|null $defaultValue the default value if provided explicitly in the authorization expression, else null
*
- * @return mixed|null
+ * @return mixed|null the value for the new attribute with the given name for the given user
*/
- abstract protected function getUserAttributeValue(?string $userIdentifier, string $attributeName, $attributeValue);
+ abstract protected function getNewAttributeValue(?string $userIdentifier, string $attributeName, $defaultValue);
}
--
GitLab