10739011304

Committed 06 Sep 2024 01:11PM UTC coverage: 7.159% (-0.5%) from 7.645%

Build # 10739011304

Build Type

push

github

Committed by

web-flow

Commit Message

 feat(laravel): eloquent filters (search, date, equals, or) (#6593)

* feat(laravel): Eloquent filters search date or

* feat(laravel): eloquent filters order range equals afterdate

* fix(laravel): order afterDate filters

* temp

* test(laravel): filter with eloquent

---------

Co-authored-by: Nathan <nathan@les-tilleuls.coop>

Run Details

0 of 144 new or added lines in 16 files covered. (0.0%)

4792 existing lines in 155 files now uncovered.

11736 of 163930 relevant lines covered (7.16%)

22.8 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

61.54

/src/State/Provider/SecurityParameterProvider.php

<?php

/*
 * This file is part of the API Platform project.
 *
 * (c) Kévin Dunglas <dunglas@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace ApiPlatform\State\Provider;

use ApiPlatform\Metadata\GraphQl\Operation as GraphQlOperation;
use ApiPlatform\Metadata\Operation;
use ApiPlatform\Metadata\ResourceAccessCheckerInterface;
use ApiPlatform\State\ParameterNotFound;
use ApiPlatform\State\ProviderInterface;
use ApiPlatform\State\Util\ParameterParserTrait;
use ApiPlatform\Symfony\Security\Exception\AccessDeniedException;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

/**
 * Loops over parameters to check parameter security.
 * Throws an exception if security is not granted.
 */
final class SecurityParameterProvider implements ProviderInterface
{
    use ParameterParserTrait;

    public function __construct(private readonly ProviderInterface $decorated, private readonly ?ResourceAccessCheckerInterface $resourceAccessChecker = null)
    {
    }

    public function provide(Operation $operation, array $uriVariables = [], array $context = []): object|array|null
    {
        $body = $this->decorated->provide($operation, $uriVariables, $context);
        $request = $context['request'] ?? null;

        $operation = $request?->attributes->get('_api_operation') ?? $operation;
        foreach ($operation->getParameters() ?? [] as $parameter) {
            if (null === $security = $parameter->getSecurity()) {
                continue;
            }

            if (($v = $parameter->getValue()) instanceof ParameterNotFound) {
                continue;
            }

            $securityContext = [$parameter->getKey() => $v, 'object' => $body, 'operation' => $operation];
            if (!$this->resourceAccessChecker->isGranted($context['resource_class'], $security, $securityContext)) {
                throw $operation instanceof GraphQlOperation ? new AccessDeniedHttpException($parameter->getSecurityMessage() ?? 'Access Denied.') : new AccessDeniedException($parameter->getSecurityMessage() ?? 'Access Denied.');
            }
        }

        return $body;
    }
}

1	<?php
2
3	/*
4	* This file is part of the API Platform project.
5	*
6	* (c) Kévin Dunglas <dunglas@gmail.com>
7	*
8	* For the full copyright and license information, please view the LICENSE
9	* file that was distributed with this source code.
10	*/
11
12	declare(strict_types=1);
13
14	namespace ApiPlatform\State\Provider;
15
16	use ApiPlatform\Metadata\GraphQl\Operation as GraphQlOperation;
17	use ApiPlatform\Metadata\Operation;
18	use ApiPlatform\Metadata\ResourceAccessCheckerInterface;
19	use ApiPlatform\State\ParameterNotFound;
20	use ApiPlatform\State\ProviderInterface;
21	use ApiPlatform\State\Util\ParameterParserTrait;
22	use ApiPlatform\Symfony\Security\Exception\AccessDeniedException;
23	use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
24
25	/**
26	* Loops over parameters to check parameter security.
27	* Throws an exception if security is not granted.
28	*/
29	final class SecurityParameterProvider implements ProviderInterface
30	{
31	use ParameterParserTrait;
32
33	public function __construct(private readonly ProviderInterface $decorated, private readonly ?ResourceAccessCheckerInterface $resourceAccessChecker = null)
34	{
UNCOV 35	}	1,850✔
36
37	public function provide(Operation $operation, array $uriVariables = [], array $context = []): object\|array\|null
38	{
UNCOV 39	$body = $this->decorated->provide($operation, $uriVariables, $context);	1,850✔
UNCOV 40	$request = $context['request'] ?? null;	1,838✔
41
UNCOV 42	$operation = $request?->attributes->get('_api_operation') ?? $operation;	1,838✔
UNCOV 43	foreach ($operation->getParameters() ?? [] as $parameter) {	1,838✔
UNCOV 44	if (null === $security = $parameter->getSecurity()) {	695✔
UNCOV 45	continue;	695✔
46	}
47
48	if (($v = $parameter->getValue()) instanceof ParameterNotFound) {	×
49	continue;	×
50	}
51
52	$securityContext = [$parameter->getKey() => $v, 'object' => $body, 'operation' => $operation];	×
53	if (!$this->resourceAccessChecker->isGranted($context['resource_class'], $security, $securityContext)) {	×
54	throw $operation instanceof GraphQlOperation ? new AccessDeniedHttpException($parameter->getSecurityMessage() ?? 'Access Denied.') : new AccessDeniedException($parameter->getSecurityMessage() ?? 'Access Denied.');	×
55	}
56	}
57
UNCOV 58	return $body;	1,838✔
59	}
60	}

api-platform / core / 10739011304

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous