Skip to content

Commit 2fbde8a

Browse files
luka-ltaluka-lta
authored
Merge pull request #57 from luka-lta/hotfix-permissions
hotfix: Permission to const
2 parents 2ed1958 + d060b2e commit 2fbde8a

File tree

4 files changed

+26
-12
lines changed

4 files changed

+26
-12
lines changed

data/mysql/01_permissions.sql

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,11 @@ INSERT INTO `permissions` (`permission_id`, `permission_name`, `permission_descr
1212
VALUES (1, 'Create links', 'Create new links for LinkCollection'),
1313
(2, 'Delete Links', 'Delete links from LinkCollection'),
1414
(3, 'Edit Links', 'Edit Links from the LinkCollection'),
15-
(4, 'Read Links', 'Get all links from the LinkCollection');
15+
(4, 'Read Links', 'Get all links from the LinkCollection'),
16+
(5, 'Read Clicks', 'Get all Clicks from the LinkCollection'),
17+
(6, 'Create Api keys', 'Create new Api keys for Api access'),
18+
(7, 'Read Api keys', 'Read Api keys'),
19+
(8, 'Read Permissions', 'Read the permissions');
1620

1721
ALTER TABLE `permissions`
1822
ADD PRIMARY KEY (`permission_id`),

src/Repository/ApiKeyRepository.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -149,20 +149,20 @@ public function getApiKeyByOrigin(KeyOrigin $origin): ?ApiKeyObject
149149
}
150150
}
151151

152-
public function hasPermission(KeyId $apiKeyId, string $permissionName): bool
152+
public function hasPermission(KeyId $apiKeyId, int $permissionId): bool
153153
{
154154
$query = "
155155
SELECT COUNT(*) as count
156156
FROM api_key_permissions akp
157157
INNER JOIN permissions p ON akp.permission_id = p.permission_id
158-
WHERE akp.api_key_id = :apiKeyId AND p.permission_name = :permissionName
158+
WHERE akp.api_key_id = :apiKeyId AND p.permission_id = :permissionId
159159
";
160160

161161
try {
162162
$stmt = $this->pdo->prepare($query);
163163
$stmt->execute([
164164
'apiKeyId' => $apiKeyId->asInt(),
165-
'permissionName' => $permissionName,
165+
'permissionId' => $permissionId,
166166
]);
167167
} catch (PDOException) {
168168
throw new ApiDatabaseException(

src/Slim/RouteMiddlewareCollector.php

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@
2626
use LukaLtaApi\Slim\Middleware\ApiKeyPermissionMiddleware;
2727
use LukaLtaApi\Slim\Middleware\AuthMiddleware;
2828
use LukaLtaApi\Slim\Middleware\CORSMiddleware;
29+
use LukaLtaApi\Value\Permission\Permission;
2930
use Monolog\Logger;
3031
use Psr\Http\Message\ResponseInterface;
3132
use Psr\Http\Message\ServerRequestInterface;
@@ -108,12 +109,12 @@ public function registerApiRoutes(App $app): void
108109
$key->post('/', CreateApiKeyAction::class)
109110
->add(new ApiKeyPermissionMiddleware(
110111
$app->getContainer()?->get(PermissionService::class),
111-
['Create API keys']
112+
[Permission::CREATE_API_KEYS]
112113
));
113114
$key->get('/', GetAllApiKeysAction::class)
114115
->add(new ApiKeyPermissionMiddleware(
115116
$app->getContainer()?->get(PermissionService::class),
116-
['Read API keys']
117+
[Permission::READ_API_KEYS]
117118
));
118119
})->add(AuthMiddleware::class);
119120

@@ -144,22 +145,22 @@ public function registerApiRoutes(App $app): void
144145
$linkCollection->post('/', CreateLinkAction::class)
145146
->add(new ApiKeyPermissionMiddleware(
146147
$app->getContainer()?->get(PermissionService::class),
147-
['Create links']
148+
[Permission::CREATE_LINKS]
148149
));
149150
$linkCollection->get('/', GetAllLinksAction::class)
150151
->add(new ApiKeyPermissionMiddleware(
151152
$app->getContainer()?->get(PermissionService::class),
152-
['Read links']
153+
[Permission::VIEW_LINKS]
153154
));
154155
$linkCollection->get('/{linkId:[0-9]+}', GetDetailLink::class)
155156
->add(new ApiKeyPermissionMiddleware(
156157
$app->getContainer()?->get(PermissionService::class),
157-
['Read links']
158+
[Permission::VIEW_LINKS]
158159
));
159160
$linkCollection->put('/{linkId:[0-9]+}', EditLinkAction::class)
160161
->add(new ApiKeyPermissionMiddleware(
161162
$app->getContainer()?->get(PermissionService::class),
162-
['Edit links']
163+
[Permission::EDIT_LINKS]
163164
));
164165
$linkCollection->delete('/{linkId:[0-9]+}', DisableLinkAction::class);
165166
})->add(AuthMiddleware::class);
@@ -170,7 +171,7 @@ public function registerApiRoutes(App $app): void
170171
->add(AuthMiddleware::class)
171172
->add(new ApiKeyPermissionMiddleware(
172173
$app->getContainer()?->get(PermissionService::class),
173-
['Get clicks']
174+
[Permission::VIEW_CLICKS]
174175
));
175176
});
176177

@@ -184,7 +185,7 @@ public function registerApiRoutes(App $app): void
184185
$permissions->get('/', GetPermissionsAction::class)
185186
->add(new ApiKeyPermissionMiddleware(
186187
$app->getContainer()?->get(PermissionService::class),
187-
['Read permissions']
188+
[Permission::READ_PERMISSIONS]
188189
));
189190
})->add(AuthMiddleware::class);
190191
});

src/Value/Permission/Permission.php

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,15 @@
66

77
class Permission
88
{
9+
public const int CREATE_LINKS = 1;
10+
public const int DELETE_LINKS = 2;
11+
public const int EDIT_LINKS = 3;
12+
public const int VIEW_LINKS = 4;
13+
public const int VIEW_CLICKS = 5;
14+
public const int CREATE_API_KEYS = 6;
15+
public const int READ_API_KEYS = 7;
16+
public const int READ_PERMISSIONS = 8;
17+
918
private function __construct(
1019
private readonly ?int $permissionId,
1120
private readonly string $name,

0 commit comments

Comments
 (0)