15133993414

Committed 20 May 2025 09:30AM UTC coverage: 26.313% (-1.2%) from 27.493%

Build # 15133993414

Build Type

Pull #7161

github

Committed by

web-flow

Commit Message

Merge e2c03d45f into 5459ba375

Pull Request Pull Request #7161: fix(metadata): infer parameter string type from schema

Run Details

0 of 2 new or added lines in 1 file covered. (0.0%)

11019 existing lines in 363 files now uncovered.

12898 of 49018 relevant lines covered (26.31%)

34.33 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.0

/src/Symfony/Security/State/LinkAccessCheckerProvider.php

<?php

/*
 * This file is part of the API Platform project.
 *
 * (c) Kévin Dunglas <dunglas@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace ApiPlatform\Symfony\Security\State;

use ApiPlatform\Metadata\HttpOperation;
use ApiPlatform\Metadata\Link;
use ApiPlatform\Metadata\Operation;
use ApiPlatform\State\ProviderInterface;
use ApiPlatform\Symfony\Security\Exception\AccessDeniedException;
use ApiPlatform\Symfony\Security\ResourceAccessCheckerInterface;

/**
 * Checks the individual parts of the linked resource for access rights.
 *
 * @experimental
 */
final class LinkAccessCheckerProvider implements ProviderInterface
{
    public function __construct(
        private readonly ProviderInterface $decorated,
        private readonly ResourceAccessCheckerInterface $resourceAccessChecker,
    ) {
    }

    public function provide(Operation $operation, array $uriVariables = [], array $context = []): object|array|null
    {
        $request = ($context['request'] ?? null);

        $data = $this->decorated->provide($operation, $uriVariables, $context);

        if ($operation instanceof HttpOperation && $operation->getUriVariables()) {
            foreach ($operation->getUriVariables() as $uriVariable) {
                if (!$uriVariable instanceof Link || !$uriVariable->getSecurity()) {
                    continue;
                }

                $targetResource = $uriVariable->getFromClass() ?? $uriVariable->getToClass();

                if (!$targetResource) {
                    continue;
                }

                $propertyName = $uriVariable->getToProperty() ?? $uriVariable->getFromProperty();
                $securityObjectName = $uriVariable->getSecurityObjectName();

                if (!$securityObjectName) {
                    $securityObjectName = $propertyName;
                }

                if (!$securityObjectName) {
                    continue;
                }

                $resourceAccessCheckerContext = [
                    'object' => $data,
                    'previous_object' => $request?->attributes->get('previous_data'),
                    $securityObjectName => $request?->attributes->get($securityObjectName),
                    'request' => $request,
                ];

                if (!$this->resourceAccessChecker->isGranted($targetResource, $uriVariable->getSecurity(), $resourceAccessCheckerContext)) {
                    throw new AccessDeniedException($uriVariable->getSecurityMessage() ?? 'Access Denied.');
                }
            }
        }

        return $data;
    }
}

1	<?php
2
3	/*
4	* This file is part of the API Platform project.
5	*
6	* (c) Kévin Dunglas <dunglas@gmail.com>
7	*
8	* For the full copyright and license information, please view the LICENSE
9	* file that was distributed with this source code.
10	*/
11
12	declare(strict_types=1);
13
14	namespace ApiPlatform\Symfony\Security\State;
15
16	use ApiPlatform\Metadata\HttpOperation;
17	use ApiPlatform\Metadata\Link;
18	use ApiPlatform\Metadata\Operation;
19	use ApiPlatform\State\ProviderInterface;
20	use ApiPlatform\Symfony\Security\Exception\AccessDeniedException;
21	use ApiPlatform\Symfony\Security\ResourceAccessCheckerInterface;
22
23	/**
24	* Checks the individual parts of the linked resource for access rights.
25	*
26	* @experimental
27	*/
28	final class LinkAccessCheckerProvider implements ProviderInterface
29	{
30	public function __construct(
31	private readonly ProviderInterface $decorated,
32	private readonly ResourceAccessCheckerInterface $resourceAccessChecker,
33	) {
UNCOV 34	}	802✔
35
36	public function provide(Operation $operation, array $uriVariables = [], array $context = []): object\|array\|null
37	{
UNCOV 38	$request = ($context['request'] ?? null);	802✔
39
UNCOV 40	$data = $this->decorated->provide($operation, $uriVariables, $context);	802✔
41
UNCOV 42	if ($operation instanceof HttpOperation && $operation->getUriVariables()) {	795✔
UNCOV 43	foreach ($operation->getUriVariables() as $uriVariable) {	310✔
UNCOV 44	if (!$uriVariable instanceof Link \|\| !$uriVariable->getSecurity()) {	310✔
UNCOV 45	continue;	303✔
46	}
47
UNCOV 48	$targetResource = $uriVariable->getFromClass() ?? $uriVariable->getToClass();	11✔
49
UNCOV 50	if (!$targetResource) {	11✔
51	continue;	×
52	}
53
UNCOV 54	$propertyName = $uriVariable->getToProperty() ?? $uriVariable->getFromProperty();	11✔
UNCOV 55	$securityObjectName = $uriVariable->getSecurityObjectName();	11✔
56
UNCOV 57	if (!$securityObjectName) {	11✔
UNCOV 58	$securityObjectName = $propertyName;	7✔
59	}
60
UNCOV 61	if (!$securityObjectName) {	11✔
62	continue;	×
63	}
64
UNCOV 65	$resourceAccessCheckerContext = [	11✔
UNCOV 66	'object' => $data,	11✔
UNCOV 67	'previous_object' => $request?->attributes->get('previous_data'),	11✔
UNCOV 68	$securityObjectName => $request?->attributes->get($securityObjectName),	11✔
UNCOV 69	'request' => $request,	11✔
UNCOV 70	];	11✔
71
UNCOV 72	if (!$this->resourceAccessChecker->isGranted($targetResource, $uriVariable->getSecurity(), $resourceAccessCheckerContext)) {	11✔
UNCOV 73	throw new AccessDeniedException($uriVariable->getSecurityMessage() ?? 'Access Denied.');	6✔
74	}
75	}
76	}
77
UNCOV 78	return $data;	793✔
79	}
80	}

api-platform / core / 15133993414

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous