Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
29 / 29 |
|
100.00% |
10 / 10 |
CRAP | |
100.00% |
1 / 1 |
| AuthorizationService | |
100.00% |
29 / 29 |
|
100.00% |
10 / 10 |
15 | |
100.00% |
1 / 1 |
| __construct | |
100.00% |
2 / 2 |
|
100.00% |
1 / 1 |
1 | |||
| setUser | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| getUser | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| setIndividualProfile | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
2 | |||
| setAllProfiles | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
2 | |||
| queryIndividualProfile | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
2 | |||
| queryAllProfiles | |
100.00% |
6 / 6 |
|
100.00% |
1 / 1 |
2 | |||
| getProcessedAuthorizations | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| clearAuthorizations | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| processAuthorizations | |
100.00% |
2 / 2 |
|
100.00% |
1 / 1 |
2 | |||
| 1 | <?php |
| 2 | |
| 3 | declare(strict_types=1); |
| 4 | |
| 5 | namespace Drupal\authorization\Service; |
| 6 | |
| 7 | use Drupal\Core\Entity\EntityTypeManagerInterface; |
| 8 | use Drupal\authorization\AuthorizationProfileInterface; |
| 9 | use Drupal\authorization\AuthorizationServiceInterface; |
| 10 | use Drupal\user\UserInterface; |
| 11 | use Psr\Log\LoggerInterface; |
| 12 | |
| 13 | /** |
| 14 | * Authorization service. |
| 15 | */ |
| 16 | class AuthorizationService implements AuthorizationServiceInterface { |
| 17 | |
| 18 | /** |
| 19 | * Entity type manager. |
| 20 | * |
| 21 | * @var \Drupal\Core\Entity\EntityTypeManager |
| 22 | */ |
| 23 | protected $entityTypeManager; |
| 24 | |
| 25 | /** |
| 26 | * Logger. |
| 27 | * |
| 28 | * @var \Psr\Log\LoggerInterface |
| 29 | */ |
| 30 | protected $logger; |
| 31 | |
| 32 | |
| 33 | /** |
| 34 | * The user to act upon. |
| 35 | * |
| 36 | * @var \Drupal\user\UserInterface |
| 37 | */ |
| 38 | protected $user; |
| 39 | |
| 40 | /** |
| 41 | * The human-readable list of profiles processed. |
| 42 | * |
| 43 | * Used for optional output in the global authorizations settings. |
| 44 | * |
| 45 | * @var array |
| 46 | */ |
| 47 | protected $processedAuthorizations = []; |
| 48 | |
| 49 | /** |
| 50 | * Constructs a new AuthorizationService object. |
| 51 | */ |
| 52 | public function __construct( |
| 53 | EntityTypeManagerInterface $entity_type_manager, |
| 54 | LoggerInterface $logger_channel_authorization, |
| 55 | ) { |
| 56 | $this->entityTypeManager = $entity_type_manager; |
| 57 | $this->logger = $logger_channel_authorization; |
| 58 | } |
| 59 | |
| 60 | /** |
| 61 | * {@inheritdoc} |
| 62 | */ |
| 63 | public function setUser(UserInterface $user): void { |
| 64 | $this->user = $user; |
| 65 | } |
| 66 | |
| 67 | /** |
| 68 | * {@inheritdoc} |
| 69 | */ |
| 70 | public function getUser(): UserInterface { |
| 71 | return $this->user; |
| 72 | } |
| 73 | |
| 74 | /** |
| 75 | * {@inheritdoc} |
| 76 | */ |
| 77 | public function setIndividualProfile($profile_id): void { |
| 78 | /** @var \Drupal\authorization\AuthorizationProfileInterface $profile */ |
| 79 | $profile = $this->entityTypeManager->getStorage('authorization_profile')->load($profile_id); |
| 80 | if ($profile) { |
| 81 | $this->processAuthorizations($profile, TRUE); |
| 82 | } |
| 83 | else { |
| 84 | $this->logger->error('Profile @profile could not be loaded.', ['@profile' => $profile_id]); |
| 85 | } |
| 86 | } |
| 87 | |
| 88 | /** |
| 89 | * {@inheritdoc} |
| 90 | */ |
| 91 | public function setAllProfiles(): void { |
| 92 | $queryResults = $this->entityTypeManager |
| 93 | ->getStorage('authorization_profile') |
| 94 | ->getQuery() |
| 95 | ->accessCheck(FALSE) |
| 96 | ->execute() ?? []; |
| 97 | foreach ($queryResults as $key => $value) { |
| 98 | $this->setIndividualProfile($key); |
| 99 | } |
| 100 | } |
| 101 | |
| 102 | /** |
| 103 | * {@inheritdoc} |
| 104 | */ |
| 105 | public function queryIndividualProfile(string $profile_id): void { |
| 106 | /** @var \Drupal\authorization\AuthorizationProfileInterface $profile */ |
| 107 | $profile = $this->entityTypeManager->getStorage('authorization_profile')->load($profile_id); |
| 108 | if ($profile) { |
| 109 | $this->processAuthorizations($profile, FALSE); |
| 110 | } |
| 111 | else { |
| 112 | $this->logger->error('Profile @profile could not be loaded.', ['@profile' => $profile_id]); |
| 113 | } |
| 114 | |
| 115 | } |
| 116 | |
| 117 | /** |
| 118 | * {@inheritdoc} |
| 119 | */ |
| 120 | public function queryAllProfiles(): void { |
| 121 | $queryResults = $this->entityTypeManager->getStorage('authorization_profile') |
| 122 | ->getQuery() |
| 123 | ->accessCheck(FALSE) |
| 124 | ->execute(); |
| 125 | foreach ($queryResults as $key => $value) { |
| 126 | $this->queryIndividualProfile($key); |
| 127 | } |
| 128 | } |
| 129 | |
| 130 | /** |
| 131 | * {@inheritdoc} |
| 132 | */ |
| 133 | public function getProcessedAuthorizations(): array { |
| 134 | return $this->processedAuthorizations; |
| 135 | } |
| 136 | |
| 137 | /** |
| 138 | * {@inheritdoc} |
| 139 | */ |
| 140 | public function clearAuthorizations(): void { |
| 141 | $this->processedAuthorizations = []; |
| 142 | } |
| 143 | |
| 144 | /** |
| 145 | * Process Authorizations. |
| 146 | * |
| 147 | * @param \Drupal\authorization\AuthorizationProfileInterface $profile |
| 148 | * The profile to act upon. |
| 149 | * @param bool $save_user |
| 150 | * Save the user in the end. |
| 151 | */ |
| 152 | private function processAuthorizations(AuthorizationProfileInterface $profile, $save_user): void { |
| 153 | if ($profile->checkConditions()) { |
| 154 | $this->processedAuthorizations[] = $profile->grantsAndRevokes($this->user, $save_user); |
| 155 | } |
| 156 | } |
| 157 | |
| 158 | } |