11180438725

Committed 04 Oct 2024 01:02PM UTC coverage: 7.836% (+0.003%) from 7.833%

Build # 11180438725

Build Type

push

github

Committed by

soyuka

Commit Message

fix(metadata): graphql can be disabled but with an existing operation

Run Details

2 of 9 new or added lines in 5 files covered. (22.22%)

720 existing lines in 47 files now uncovered.

12939 of 165112 relevant lines covered (7.84%)

27.02 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/Laravel/State/AccessCheckerProvider.php

<?php

/*
 * This file is part of the API Platform project.
 *
 * (c) Kévin Dunglas <dunglas@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace ApiPlatform\Laravel\State;

use ApiPlatform\Metadata\HttpOperation;
use ApiPlatform\Metadata\Operation;
use ApiPlatform\Metadata\ResourceAccessCheckerInterface;
use ApiPlatform\State\ProviderInterface;
use Illuminate\Auth\Access\AuthorizationException;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

/**
 * Allows access based on the ApiPlatform\Symfony\Security\ResourceAccessCheckerInterface.
 * This implementation covers GraphQl and HTTP.
 *
 * @see ResourceAccessCheckerInterface
 *
 * @implements ProviderInterface<object>
 */
final class AccessCheckerProvider implements ProviderInterface
{
    /**
     * @param ProviderInterface<object> $decorated
     */
    public function __construct(private readonly ProviderInterface $decorated, private readonly ResourceAccessCheckerInterface $resourceAccessChecker)
    {
    }

    public function provide(Operation $operation, array $uriVariables = [], array $context = []): object|array|null
    {
        $policy = $operation->getPolicy();
        $message = $operation->getSecurityMessage();

        $body = $this->decorated->provide($operation, $uriVariables, $context);
        if (null === $policy) {
            return $body;
        }

        $request = $context['request'] ?? null;

        $resourceAccessCheckerContext = [
            'object' => $body,
            'request' => $request,
            'operation' => $operation,
        ];

        if (!$this->resourceAccessChecker->isGranted($operation->getClass(), $policy, $resourceAccessCheckerContext)) {
            throw $operation instanceof HttpOperation ? new AuthorizationException($message ?? 'Access Denied.') : new AccessDeniedHttpException($message ?? 'Access Denied.');
        }

        return $body;
    }
}

1	<?php
2
3	/*
4	* This file is part of the API Platform project.
5	*
6	* (c) Kévin Dunglas <dunglas@gmail.com>
7	*
8	* For the full copyright and license information, please view the LICENSE
9	* file that was distributed with this source code.
10	*/
11
12	declare(strict_types=1);
13
14	namespace ApiPlatform\Laravel\State;
15
16	use ApiPlatform\Metadata\HttpOperation;
17	use ApiPlatform\Metadata\Operation;
18	use ApiPlatform\Metadata\ResourceAccessCheckerInterface;
19	use ApiPlatform\State\ProviderInterface;
20	use Illuminate\Auth\Access\AuthorizationException;
21	use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
22
23	/**
24	* Allows access based on the ApiPlatform\Symfony\Security\ResourceAccessCheckerInterface.
25	* This implementation covers GraphQl and HTTP.
26	*
27	* @see ResourceAccessCheckerInterface
28	*
29	* @implements ProviderInterface<object>
30	*/
31	final class AccessCheckerProvider implements ProviderInterface
32	{
33	/**
34	* @param ProviderInterface<object> $decorated
35	*/
36	public function __construct(private readonly ProviderInterface $decorated, private readonly ResourceAccessCheckerInterface $resourceAccessChecker)
37	{
UNCOV 38	}	×
39
40	public function provide(Operation $operation, array $uriVariables = [], array $context = []): object\|array\|null
41	{
UNCOV 42	$policy = $operation->getPolicy();	×
43	$message = $operation->getSecurityMessage();	×
44
45	$body = $this->decorated->provide($operation, $uriVariables, $context);	×
UNCOV 46	if (null === $policy) {	×
UNCOV 47	return $body;	×
48	}
49
50	$request = $context['request'] ?? null;	×
51
52	$resourceAccessCheckerContext = [	×
53	'object' => $body,	×
54	'request' => $request,	×
UNCOV 55	'operation' => $operation,	×
56	];	×
57
UNCOV 58	if (!$this->resourceAccessChecker->isGranted($operation->getClass(), $policy, $resourceAccessCheckerContext)) {	×
UNCOV 59	throw $operation instanceof HttpOperation ? new AuthorizationException($message ?? 'Access Denied.') : new AccessDeniedHttpException($message ?? 'Access Denied.');	×
60	}
61
UNCOV 62	return $body;	×
63	}
64	}

api-platform / core / 11180438725

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous