#345 Deprecation in RoleChecker and UserProvider (#350)

* #345 Deprecation in RoleChecker and UserProvider * remove line --------- Co-authored-by: a.dmitryuk <[email protected]>
DamienHarper · Feb 27, 2023 · 868e26b · 868e26b
1 parent 3da0a92
commit 868e26b
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 34 deletions.
diff --git a/src/Resources/config/services.yaml b/src/Resources/config/services.yaml
@@ -73,7 +73,7 @@ services:
 
   DH\AuditorBundle\User\UserProvider:
     class: DH\AuditorBundle\User\UserProvider
-    arguments: ['@security.helper', '@DH\Auditor\Provider\Doctrine\Configuration']
+    arguments: ['@security.token_storage']
   dh_auditor.user_provider: '@DH\AuditorBundle\User\UserProvider'
 
   DH\AuditorBundle\User\ConsoleUserProvider:
@@ -86,7 +86,7 @@ services:
 
   DH\AuditorBundle\Security\RoleChecker:
     class: DH\AuditorBundle\Security\RoleChecker
-    arguments: ['@security.helper', '@DH\Auditor\Provider\Doctrine\DoctrineProvider']
+    arguments: ['@security.authorization_checker', '@DH\Auditor\Provider\Doctrine\DoctrineProvider']
   dh_auditor.role_checker: '@DH\AuditorBundle\Security\RoleChecker'
 
   DH\AuditorBundle\Event\ViewerEventSubscriber:

diff --git a/src/Security/RoleChecker.php b/src/Security/RoleChecker.php
@@ -8,27 +8,27 @@
 use DH\Auditor\Provider\Doctrine\DoctrineProvider;
 use DH\Auditor\Security\RoleCheckerInterface;
 use DH\Auditor\User\UserInterface;
-use Symfony\Component\Security\Core\Security;
+use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 
 class RoleChecker implements RoleCheckerInterface
 {
-    private Security $security;
+    private AuthorizationCheckerInterface $authorizationChecker;
 
     private DoctrineProvider $provider;
 
-    public function __construct(Security $security, DoctrineProvider $doctrineProvider)
+    public function __construct(AuthorizationCheckerInterface $authorizationChecker, DoctrineProvider $doctrineProvider)
     {
-        $this->security = $security;
+        $this->authorizationChecker = $authorizationChecker;
         $this->provider = $doctrineProvider;
     }
 
     public function __invoke(string $entity, string $scope): bool
     {
         $userProvider = $this->provider->getAuditor()->getConfiguration()->getUserProvider();
-        $user = null === $userProvider ? null : $userProvider();
-        $security = null === $userProvider ? null : $this->security;
+        $user = null !== $userProvider ? $userProvider() : null;
+        $authorizationChecker = null !== $userProvider ? $this->authorizationChecker : null;
 
-        if (!($user instanceof UserInterface) || !($security instanceof Security)) {
+        if (!($user instanceof UserInterface) || !($authorizationChecker instanceof AuthorizationCheckerInterface)) {
             // If no security defined or no user identified, consider access granted
             return true;
         }
@@ -49,7 +49,7 @@ public function __invoke(string $entity, string $scope): bool
 
         // roles are defined for the give scope
         foreach ($roles[$scope] as $role) {
-            if ($security->isGranted($role)) {
+            if ($authorizationChecker->isGranted($role)) {
                 // role granted => access granted
                 return true;
             }

diff --git a/src/User/UserProvider.php b/src/User/UserProvider.php
@@ -4,25 +4,21 @@
 
 namespace DH\AuditorBundle\User;
 
-use DH\Auditor\Provider\Doctrine\Configuration;
 use DH\Auditor\User\User;
 use DH\Auditor\User\UserInterface as AuditorUserInterface;
 use DH\Auditor\User\UserProviderInterface;
 use Exception;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken;
-use Symfony\Component\Security\Core\Security;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 class UserProvider implements UserProviderInterface
 {
-    private Security $security;
+    private TokenStorageInterface $tokenStorage;
 
-    private Configuration $configuration;
-
-    public function __construct(Security $security, Configuration $configuration)
+    public function __construct(TokenStorageInterface $tokenStorage)
     {
-        $this->security = $security;
-        $this->configuration = $configuration;
+        $this->tokenStorage = $tokenStorage;
     }
 
     public function __invoke(): ?AuditorUserInterface
@@ -33,26 +29,16 @@ public function __invoke(): ?AuditorUserInterface
         $identifier = null;
         $username = null;
 
-        if (null !== $tokenUser && $tokenUser instanceof UserInterface) {
+        if ($tokenUser instanceof UserInterface) {
             if (method_exists($tokenUser, 'getId')) {
                 $identifier = $tokenUser->getId();
             }
 
-            $username = '';
-            if (method_exists($tokenUser, 'getUserIdentifier')) {
-                $username = $tokenUser->getUserIdentifier();
-            } elseif (method_exists($tokenUser, 'getUsername')) {
-                $username = $tokenUser->getUsername();
-            }
+            $username = $this->getUsername($tokenUser);
         }
 
         if ($impersonatorUser instanceof UserInterface) {
-            $impersonatorUsername = '';
-            if (method_exists($impersonatorUser, 'getUserIdentifier')) {
-                $impersonatorUsername = $impersonatorUser->getUserIdentifier();
-            } elseif (method_exists($impersonatorUser, 'getUsername')) {
-                $impersonatorUsername = $impersonatorUser->getUsername();
-            }
+            $impersonatorUsername = $this->getUsername($impersonatorUser);
             $username .= '[impersonator '.$impersonatorUsername.']';
         }
 
@@ -63,10 +49,22 @@ public function __invoke(): ?AuditorUserInterface
         return new User((string) $identifier, $username);
     }
 
+    private function getUsername(UserInterface $user): string
+    {
+        if (method_exists($user, 'getUserIdentifier')) {
+            return $user->getUserIdentifier();
+        }
+        if (method_exists($user, 'getUsername')) {
+            return $user->getUsername();
+        }
+
+        return '';
+    }
+
     private function getTokenUser(): ?UserInterface
     {
         try {
-            $token = $this->security->getToken();
+            $token = $this->tokenStorage->getToken();
         } catch (Exception $e) {
             $token = null;
         }
@@ -85,9 +83,9 @@ private function getTokenUser(): ?UserInterface
 
     private function getImpersonatorUser()
     {
-        $token = $this->security->getToken();
+        $token = $this->tokenStorage->getToken();
 
-        if (null !== $token && $token instanceof SwitchUserToken) {
+        if ($token instanceof SwitchUserToken) {
             return $token->getOriginalToken()->getUser();
         }