Part-DB-server/src/Validator/Constraints/ValidPermissionValidator.php

<?php
/**
 * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
 *
 * Copyright (C) 2019 - 2022 Jan Böhmer (https://github.com/jbtronics)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published
 * by the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace App\Validator\Constraints;

use App\Controller\GroupController;
use App\Controller\UserController;
use App\Security\Interfaces\HasPermissionsInterface;
use App\Services\UserSystem\PermissionManager;
use Symfony\Component\Form\Exception\UnexpectedTypeException;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;

use function Symfony\Component\Translation\t;

class ValidPermissionValidator extends ConstraintValidator
{
    public function __construct(protected PermissionManager $resolver, protected RequestStack $requestStack)
    {
    }

    /**
     * Checks if the passed value is valid.
     *
     * @param mixed      $value      The value that should be validated
     * @param Constraint $constraint The constraint for the validation
     */
    public function validate($value, Constraint $constraint): void
    {
        if (!$constraint instanceof ValidPermission) {
            throw new UnexpectedTypeException($constraint, ValidPermission::class);
        }

        /** @var HasPermissionsInterface $perm_holder */
        $perm_holder = $this->context->getObject();

        $changed = $this->resolver->ensureCorrectSetOperations($perm_holder);

        //Sending a flash message if the permissions were fixed (only if called from UserController or GroupController)
        //This is pretty hacky and bad design but I dont see a better way without a complete rewrite of how permissions are validated
        //on the admin pages
        if ($changed) {
            //Check if this was called in context of UserController
            $request = $this->requestStack->getMainRequest();
            if (!$request) {
                return;
            }
            //Determine the controller class (the part before the ::)
            $controller_class = explode('::', $request->attributes->get('_controller'))[0];

            if (in_array($controller_class, [UserController::class, GroupController::class])) {
                /** @var Session $session */
                $session = $this->requestStack->getSession();
                $flashBag = $session->getFlashBag();
                $flashBag->add('warning', t('user.edit.flash.permissions_fixed'));
            }
        }
    }
}
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`<?php`
Changed license to AGPL3+ 2020-02-22 18:14:36 +01:00			`/**`
			`* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).`
			`*`
Removed old GPLv2 copyright header 2022-11-29 22:28:53 +01:00			`* Copyright (C) 2019 - 2022 Jan Böhmer (https://github.com/jbtronics)`
Changed license to AGPL3+ 2020-02-22 18:14:36 +01:00			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as published`
			`* by the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*/`
Applied code style rules to src/ 2020-01-05 15:46:58 +01:00
			`declare(strict_types=1);`

Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`namespace App\Validator\Constraints;`

Show a warning flash message, if permissions were corrected and missing permissions were set Related to issue #435 2023-11-25 00:28:07 +01:00			`use App\Controller\GroupController;`
			`use App\Controller\UserController;`
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`use App\Security\Interfaces\HasPermissionsInterface;`
Renamed PermissionResolver service to PermissionService 2022-11-14 20:15:06 +01:00			`use App\Services\UserSystem\PermissionManager;`
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`use Symfony\Component\Form\Exception\UnexpectedTypeException;`
Show a warning flash message, if permissions were corrected and missing permissions were set Related to issue #435 2023-11-25 00:28:07 +01:00			`use Symfony\Component\HttpFoundation\RequestStack;`
			`use Symfony\Component\HttpFoundation\Session\Session;`
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`use Symfony\Component\Validator\Constraint;`
			`use Symfony\Component\Validator\ConstraintValidator;`

Show a warning flash message, if permissions were corrected and missing permissions were set Related to issue #435 2023-11-25 00:28:07 +01:00			`use function Symfony\Component\Translation\t;`

Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`class ValidPermissionValidator extends ConstraintValidator`
			`{`
Show a warning flash message, if permissions were corrected and missing permissions were set Related to issue #435 2023-11-25 00:28:07 +01:00			`public function __construct(protected PermissionManager $resolver, protected RequestStack $requestStack)`
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`{`
			`}`

			`/**`
			`* Checks if the passed value is valid.`
			`*`
Added an PHP CS fixer config file and applied it to files. We now use the same the same style as the symfony project, and it allows us to simply fix the style by executing php_cs_fixer fix in the project root. 2019-11-09 00:47:20 +01:00			`* @param mixed $value The value that should be validated`
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`* @param Constraint $constraint The constraint for the validation`
			`*/`
Applied code style rules to src/ 2020-01-05 15:46:58 +01:00			`public function validate($value, Constraint $constraint): void`
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`{`
Fixed code style. 2020-08-21 21:36:22 +02:00			`if (!$constraint instanceof ValidPermission) {`
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`throw new UnexpectedTypeException($constraint, ValidPermission::class);`
			`}`

			`/** @var HasPermissionsInterface $perm_holder */`
			`$perm_holder = $this->context->getObject();`

Show a warning flash message, if permissions were corrected and missing permissions were set Related to issue #435 2023-11-25 00:28:07 +01:00			`$changed = $this->resolver->ensureCorrectSetOperations($perm_holder);`

			`//Sending a flash message if the permissions were fixed (only if called from UserController or GroupController)`
			`//This is pretty hacky and bad design but I dont see a better way without a complete rewrite of how permissions are validated`
			`//on the admin pages`
			`if ($changed) {`
			`//Check if this was called in context of UserController`
			`$request = $this->requestStack->getMainRequest();`
			`if (!$request) {`
			`return;`
			`}`
			`//Determine the controller class (the part before the ::)`
			`$controller_class = explode('::', $request->attributes->get('_controller'))[0];`

			`if (in_array($controller_class, [UserController::class, GroupController::class])) {`
			`/** @var Session $session */`
			`$session = $this->requestStack->getSession();`
			`$flashBag = $session->getFlashBag();`
			`$flashBag->add('warning', t('user.edit.flash.permissions_fixed'));`
			`}`
			`}`
Allow to specify operations that also need to be set. When the edit operation is set, the read permission is now set too. 2019-09-11 13:37:51 +02:00			`}`
Added an PHP CS fixer config file and applied it to files. We now use the same the same style as the symfony project, and it allows us to simply fix the style by executing php_cs_fixer fix in the project root. 2019-11-09 00:47:20 +01:00			`}`