DerDu/SPHERE-Framework

View on GitHub
Application/Platform/Gatekeeper/Authorization/Access/Service.php

Summary

Maintainability
D
2 days
Test Coverage
<?php
namespace SPHERE\Application\Platform\Gatekeeper\Authorization\Access;

use SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Data;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblPrivilege;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblPrivilegeRight;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblRight;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblRole;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblRoleConsumer;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Setup;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Account\Account;
use SPHERE\Application\Platform\Gatekeeper\Authorization\Consumer\Service\Entity\TblConsumer;
use SPHERE\Common\Frontend\Form\IFormInterface;
use SPHERE\Common\Frontend\Message\Repository\Success;
use SPHERE\Common\Window\Redirect;
use SPHERE\System\Cache\Handler\MemcachedHandler;
use SPHERE\System\Database\Binding\AbstractService;

/**
 * Class Service
 *
 * @package SPHERE\Application\System\Gatekeeper\Authorization\Access
 */
class Service extends AbstractService
{

    /** @var array $AuthorizationRequest */
    private static $AuthorizationRequest = array();
    /** @var array $AuthorizationCache */
    private static $AuthorizationCache = array();
    /** @var TblRole[] $RoleByIdCache */
    private static $RoleByIdCache = array();
    /** @var \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel[] $LevelByIdCache */
    private static $LevelByIdCache = array();
    /** @var TblPrivilege[] $PrivilegeByIdCache */
    private static $PrivilegeByIdCache = array();

    /**
     * @param bool $doSimulation
     * @param bool $withData
     * @param bool $UTF8
     *
     * @return string
     */
    public function setupService($doSimulation, $withData, $UTF8)
    {

        $Protocol= '';
        if(!$withData){
            $Protocol = (new Setup($this->getStructure()))->setupDatabaseSchema($doSimulation, $UTF8);
        }
        if (!$doSimulation && $withData) {
            (new Data($this->getBinding()))->setupDatabaseContent();
        }
        return $Protocol;
    }

    /**
     * @param string $Route
     *
     * @return bool
     */
    public function hasAuthorization($Route)
    {

        // Sanitize Route
        $Route = '/'.trim($Route, '/');

        // Cache
        $this->hydrateAuthorization();
        if (in_array($Route, self::$AuthorizationCache) || in_array($Route, self::$AuthorizationRequest)) {
            return true;
        }
        if ($this->existsRightByName($Route) || preg_match('!^/Api/!is', $Route)) {
            // MUST BE protected -> Access denied
            return false;
        } else {
            // Access valid PUBLIC -> Access granted
            self::$AuthorizationRequest[] = $Route;
            return true;
        }
    }

    private function hydrateAuthorization()
    {

        if (empty( self::$AuthorizationCache )) {
            if (false !== ( $tblAccount = Account::useService()->getAccountBySession() )) {
                $Cache = $this->getCache(new MemcachedHandler());
                if (!( $AuthorizationCache = $Cache->getValue($tblAccount->getId(), __METHOD__) )) {
                    if (false !== ( $tblAuthorizationAll = Account::useService()->getAuthorizationAllByAccount($tblAccount) )) {
                        /** @var \SPHERE\Application\Platform\Gatekeeper\Authorization\Account\Service\Entity\TblAuthorization $tblAuthorization */
                        foreach ($tblAuthorizationAll as $tblAuthorization) {
                            $tblRole = $tblAuthorization->getServiceTblRole();
                            if ($tblRole && (false !== ( $tblLevelAll = $tblRole->getTblLevelAll() ))) {
                                /** @var \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel $tblLevel */
                                foreach ($tblLevelAll as $tblLevel) {
                                    $tblPrivilegeAll = $tblLevel->getTblPrivilegeAll();
                                    if ($tblPrivilegeAll) {
                                        /** @var TblPrivilege $tblPrivilege */
                                        foreach ($tblPrivilegeAll as $tblPrivilege) {
                                            $tblRightAll = $tblPrivilege->getTblRightAll();
                                            if ($tblRightAll) {
                                                /** @var TblRight $tblRight */
                                                foreach ($tblRightAll as $tblRight) {
                                                    if (!in_array($tblRight->getRoute(), self::$AuthorizationCache)) {
                                                        array_push(self::$AuthorizationCache, $tblRight->getRoute());
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                    $Cache->setValue($tblAccount->getId(), self::$AuthorizationCache, 0, __METHOD__);
                } else {
                    self::$AuthorizationCache = $AuthorizationCache;
                }
            }
        }
    }

    /**
     * @param string $Name
     *
     * @return bool
     */
    public function existsRightByName($Name)
    {

        return (new Data($this->getBinding()))->existsRightByName($Name);
    }

    /**
     * @param string $Name
     *
     * @return bool|TblRight
     */
    public function getRightByName($Name)
    {

        return (new Data($this->getBinding()))->getRightByName($Name);
    }

    /**
     * @param integer $Id
     *
     * @return bool|TblRight
     */
    public function getRightById($Id)
    {

        return (new Data($this->getBinding()))->getRightById($Id);
    }

    /**
     * @return bool|TblRight[]
     */
    public function getRightAll()
    {

        return (new Data($this->getBinding()))->getRightAll();
    }

    /**
     * @param string $Name
     *
     * @return string
     */
    public function createRight($Name)
    {

        if ($Name) {
            (new Data($this->getBinding()))->createRight($Name);
            return new Success('Recht erfolgreich angelegt.')
                .new Redirect('/Platform/Gatekeeper/Authorization/Access/Right', 0);
        }
        return new Success('Recht konnte nicht angelegt werden.')
            .new Redirect('/Platform/Gatekeeper/Authorization/Access/Right', Redirect::TIMEOUT_WAIT);
    }

    /**
     * @param IFormInterface $Form
     * @param null|string    $Name
     *
     * @return IFormInterface|Redirect
     */
    public function createRightForm(IFormInterface $Form, $Name = null)
    {


        if (null !== $Name && empty( $Name )) {
            $Form->setError('Name', 'Bitte geben Sie einen Namen ein');
        }
        if (!empty( $Name )) {
            $Form->setSuccess('Name', 'Das Recht wurde hinzugefügt');
            (new Data($this->getBinding()))->createRight($Name);
            return new Redirect('/Platform/Gatekeeper/Authorization/Access/Right', 0);
        }
        return $Form;
    }

    /**
     * @param IFormInterface $Form
     * @param null|string    $Name
     *
     * @return IFormInterface|Redirect
     */
    public function createPrivilege(IFormInterface $Form, $Name)
    {

        if (null !== $Name && empty( $Name )) {
            $Form->setError('Name', 'Bitte geben Sie einen Namen ein');
        }
        if (!empty( $Name )) {
            $Form->setSuccess('Name', 'Das Privileg wurde hinzugefügt');
            (new Data($this->getBinding()))->createPrivilege($Name);
            return new Redirect('/Platform/Gatekeeper/Authorization/Access/Privilege', 0);
        }
        return $Form;
    }

    /**
     * @param integer $Id
     *
     * @return bool|TblPrivilege
     */
    public function getPrivilegeById($Id)
    {

        if (array_key_exists($Id, self::$PrivilegeByIdCache)) {
            return self::$PrivilegeByIdCache[$Id];
        }
        self::$PrivilegeByIdCache[$Id] = (new Data($this->getBinding()))->getPrivilegeById($Id);
        return self::$PrivilegeByIdCache[$Id];
    }

    /**
     * @param string $Name
     *
     * @return bool|TblPrivilege
     */
    public function getPrivilegeByName($Name)
    {

        return (new Data($this->getBinding()))->getPrivilegeByName($Name);
    }

    /**
     * @return bool|TblPrivilege[]
     */
    public function getPrivilegeAll()
    {

        return (new Data($this->getBinding()))->getPrivilegeAll();
    }

    /**
     * @param IFormInterface $Form
     * @param null|string    $Name
     *
     * @return IFormInterface|Redirect
     */
    public function createLevel(IFormInterface $Form, $Name)
    {

        if (null !== $Name && empty( $Name )) {
            $Form->setError('Name', 'Bitte geben Sie einen Namen ein');
        }
        if (!empty( $Name )) {
            $Form->setSuccess('Name', 'Das Zugriffslevel wurde hinzugefügt');
            (new Data($this->getBinding()))->createLevel($Name);
            return new Redirect('/Platform/Gatekeeper/Authorization/Access/Level', 0);
        }
        return $Form;
    }

    /**
     * @param integer $Id
     *
     * @return bool|\SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel
     */
    public function getLevelById($Id)
    {

        if (array_key_exists($Id, self::$LevelByIdCache)) {
            return self::$LevelByIdCache[$Id];
        }
        self::$LevelByIdCache[$Id] = (new Data($this->getBinding()))->getLevelById($Id);
        return self::$LevelByIdCache[$Id];
    }

    /**
     * @param string $Name
     *
     * @return bool|\SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel
     */
    public function getLevelByName($Name)
    {

        return (new Data($this->getBinding()))->getLevelByName($Name);
    }

    /**
     * @return bool|\SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel[]
     */
    public function getLevelAll()
    {

        return (new Data($this->getBinding()))->getLevelAll();
    }

    /**
     * @param IFormInterface $Form
     * @param null|string $Name
     * @param bool $IsSecure
     * @param bool $IsIndividual
     *
     * @return IFormInterface|Redirect
     */
    public function createRole(IFormInterface $Form, $Name, $IsSecure = false, $IsIndividual = false)
    {

        if (null !== $Name && empty( $Name )) {
            $Form->setError('Name', 'Bitte geben Sie einen Namen ein');
        }
        if (!empty( $Name )) {
            $Form->setSuccess('Name', 'Die Rolle wurde hinzugefügt');
            (new Data($this->getBinding()))->createRole($Name, $IsSecure, false, $IsIndividual);
            return new Redirect('/Platform/Gatekeeper/Authorization/Access/Role', Redirect::TIMEOUT_SUCCESS);
        }
        return $Form;
    }

    /**
     * @param integer $Id
     *
     * @return bool|TblRole
     */
    public function getRoleById($Id)
    {

        if (array_key_exists($Id, self::$RoleByIdCache)) {
            return self::$RoleByIdCache[$Id];
        }
        self::$RoleByIdCache[$Id] = (new Data($this->getBinding()))->getRoleById($Id);
        return self::$RoleByIdCache[$Id];
    }

    /**
     * @param string $Name
     *
     * @return bool|\SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblRole
     */
    public function getRoleByName($Name)
    {

        return (new Data($this->getBinding()))->getRoleByName($Name);
    }

    /**
     * @return bool|\SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblRole[]
     */
    public function getRoleAll()
    {

        return (new Data($this->getBinding()))->getRoleAll();
    }

    /**
     *
     * @param \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblRole $tblRole
     *
     * @return bool|\SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel[]
     */
    public function getLevelAllByRole(TblRole $tblRole)
    {

        return (new Data($this->getBinding()))->getLevelAllByRole($tblRole);
    }

    /**
     *
     * @param \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblPrivilege $tblPrivilege
     *
     * @return bool|TblRight[]
     */
    public function getRightAllByPrivilege(TblPrivilege $tblPrivilege)
    {

        return (new Data($this->getBinding()))->getRightAllByPrivilege($tblPrivilege);
    }

    /**
     *
     * @param \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel $tblLevel
     *
     * @return bool|\SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblPrivilege[]
     */
    public function getPrivilegeAllByLevel(TblLevel $tblLevel)
    {

        return (new Data($this->getBinding()))->getPrivilegeAllByLevel($tblLevel);
    }

    /**
     * @param \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblRole  $tblRole
     * @param \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel $tblLevel
     *
     * @return \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblRoleLevel
     */
    public function addRoleLevel(TblRole $tblRole, TblLevel $tblLevel)
    {

        return (new Data($this->getBinding()))->addRoleLevel($tblRole, $tblLevel);
    }

    /**
     * @param TblRole                                                                              $tblRole
     * @param \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel $tblLevel
     *
     * @return boolean
     */
    public function removeRoleLevel(TblRole $tblRole, TblLevel $tblLevel)
    {

        return (new Data($this->getBinding()))->removeRoleLevel($tblRole, $tblLevel);
    }

    /**
     * @param TblLevel     $tblLevel
     * @param TblPrivilege $tblPrivilege
     *
     * @return bool
     */
    public function removeLevelPrivilege(TblLevel $tblLevel, TblPrivilege $tblPrivilege)
    {

        return (new Data($this->getBinding()))->removeLevelPrivilege($tblLevel, $tblPrivilege);
    }

    /**
     * @param TblPrivilege $tblPrivilege
     * @param TblRight     $tblRight
     *
     * @return bool
     */
    public function removePrivilegeRight(TblPrivilege $tblPrivilege, TblRight $tblRight)
    {

        return (new Data($this->getBinding()))->removePrivilegeRight($tblPrivilege, $tblRight);
    }

    /**
     * @param TblPrivilege $tblPrivilege
     * @param TblRight     $tblRight
     *
     * @return TblPrivilegeRight
     */
    public function addPrivilegeRight(TblPrivilege $tblPrivilege, TblRight $tblRight)
    {

        return (new Data($this->getBinding()))->addPrivilegeRight($tblPrivilege, $tblRight);
    }

    /**
     * @param TblLevel     $tblLevel
     * @param TblPrivilege $tblPrivilege
     *
     * @return \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevelPrivilege
     */
    public function addLevelPrivilege(TblLevel $tblLevel, TblPrivilege $tblPrivilege)
    {

        return (new Data($this->getBinding()))->addLevelPrivilege($tblLevel, $tblPrivilege);
    }

    /**
     * @param TblRole $tblRole
     * @param TblConsumer $tblConsumer
     *
     * @return false|TblRoleConsumer
     */
    public function getRoleConsumerBy(TblRole $tblRole, TblConsumer $tblConsumer)
    {

        return (new Data($this->getBinding()))->getRoleConsumerBy($tblRole, $tblConsumer);
    }
}