[Api][Administrator] refactor endpoints for admin and admin avatar

This commit is contained in:
Adam Kasperczak 2020-08-31 12:41:07 +02:00
parent d1414ae936
commit 81bebecc35
7 changed files with 56 additions and 44 deletions

View file

@ -4,6 +4,8 @@ parameters:
sylius.security.shop_regex: "^/(?!%sylius_admin.path_name%|new-api|api/.*|api$|media/.*)[^/]++"
sylius.security.new_api_route: "/new-api"
sylius.security.new_api_regex: "^%sylius.security.new_api_route%"
sylius.security.new_api_admin_route: "%sylius.security.new_api_route%/admin"
sylius.security.new_api_admin_regex: "^%sylius.security.new_api_admin_route%"
security:
always_authenticate_before_granting: true
@ -150,3 +152,5 @@ security:
- { path: "%sylius.security.admin_regex%", role: ROLE_ADMINISTRATION_ACCESS }
- { path: "%sylius.security.api_regex%/.*", role: ROLE_API_ACCESS }
- { path: "%sylius.security.shop_regex%/account", role: ROLE_USER }
- { path: "%sylius.security.new_api_admin_regex%/.*", role: ROLE_API_ACCESS }

View file

@ -30,19 +30,27 @@ final class ApiPlatformClient implements ApiClientInterface
/** @var string */
private $resource;
/** @var string|null */
private $section;
/** @var RequestInterface */
private $request;
public function __construct(AbstractBrowser $client, SharedStorageInterface $sharedStorage, string $resource)
{
public function __construct(
AbstractBrowser $client,
SharedStorageInterface $sharedStorage,
string $resource,
string $section = null
) {
$this->client = $client;
$this->sharedStorage = $sharedStorage;
$this->resource = $resource;
$this->section = $section;
}
public function index(): Response
{
$this->request = Request::index($this->resource, $this->getToken());
$this->request = Request::index($this->section, $this->resource, $this->getToken());
return $this->request($this->request);
}
@ -65,7 +73,7 @@ final class ApiPlatformClient implements ApiClientInterface
public function show(string $id): Response
{
return $this->request(Request::show($this->resource, $id, $this->getToken()));
return $this->request(Request::show($this->section, $this->resource, $id, $this->getToken()));
}
public function create(?RequestInterface $request = null): Response
@ -80,7 +88,7 @@ final class ApiPlatformClient implements ApiClientInterface
public function delete(string $id): Response
{
return $this->request(Request::delete($this->resource, $id, $this->getToken()));
return $this->request(Request::delete($this->section, $this->resource, $id, $this->getToken()));
}
public function filter(): Response
@ -135,7 +143,7 @@ final class ApiPlatformClient implements ApiClientInterface
public function buildCreateRequest(): void
{
$this->request = Request::create($this->resource);
$this->request = Request::create($this->section, $this->resource);
$this->request->authorize($this->getToken());
}
@ -143,13 +151,13 @@ final class ApiPlatformClient implements ApiClientInterface
{
$this->show($id);
$this->request = Request::update($this->resource, $id, $this->getToken());
$this->request = Request::update($this->section, $this->resource, $id, $this->getToken());
$this->request->setContent(json_decode($this->client->getResponse()->getContent(), true));
}
public function buildUploadRequest(): void
{
$this->request = Request::upload($this->resource, $this->getToken());
$this->request = Request::upload($this->section, $this->resource, $this->getToken());
}
/** @param string|int $value */

View file

@ -42,11 +42,11 @@ final class Request implements RequestInterface
$this->headers = array_merge($this->headers, $headers);
}
public static function index(string $resource, ?string $token = null): RequestInterface
public static function index(?string $section, string $resource, ?string $token = null): RequestInterface
{
$headers = $token ? ['HTTP_Authorization' => 'Bearer ' . $token] : [];
return new self('/new-api/' . $resource, HttpRequest::METHOD_GET, $headers);
return new self(sprintf('/new-api/%s%s', self::prepareSection($section), $resource), HttpRequest::METHOD_GET, $headers);
}
public static function subResourceIndex(string $resource, string $id, string $subResource): RequestInterface
@ -57,16 +57,16 @@ final class Request implements RequestInterface
);
}
public static function show(string $resource, string $id, string $token): RequestInterface
public static function show(?string $section, string $resource, string $id, string $token): RequestInterface
{
return new self(
sprintf('/new-api/%s/%s', $resource, $id),
sprintf('/new-api/%s%s/%s', self::prepareSection($section), $resource, $id),
HttpRequest::METHOD_GET,
['HTTP_Authorization' => 'Bearer ' . $token]
);
}
public static function create(string $resource, ?string $token = null): RequestInterface
public static function create(?string $section, string $resource, ?string $token = null): RequestInterface
{
$headers = ['CONTENT_TYPE' => 'application/ld+json'];
@ -75,25 +75,25 @@ final class Request implements RequestInterface
}
return new self(
sprintf('/new-api/%s', $resource),
sprintf('/new-api/%s%s', self::prepareSection($section), $resource),
HttpRequest::METHOD_POST,
$headers
);
}
public static function update(string $resource, string $id, string $token): RequestInterface
public static function update(?string $section, string $resource, string $id, string $token): RequestInterface
{
return new self(
sprintf('/new-api/%s/%s', $resource, $id),
sprintf('/new-api/%s%s/%s', self::prepareSection($section), $resource, $id),
HttpRequest::METHOD_PUT,
['CONTENT_TYPE' => 'application/ld+json', 'HTTP_Authorization' => 'Bearer ' . $token]
);
}
public static function delete(string $resource, string $id, string $token): RequestInterface
public static function delete(?string $section, string $resource, string $id, string $token): RequestInterface
{
return new self(
sprintf('/new-api/%s/%s', $resource, $id),
sprintf('/new-api/%s%s/%s', self::prepareSection($section), $resource, $id),
HttpRequest::METHOD_DELETE,
['HTTP_Authorization' => 'Bearer ' . $token]
);
@ -113,10 +113,10 @@ final class Request implements RequestInterface
);
}
public static function upload(string $resource, string $token): RequestInterface
public static function upload(?string $section, string $resource, string $token): RequestInterface
{
return new self(
sprintf('/new-api/%s', $resource),
sprintf('/new-api/%s%s', self::prepareSection($section), $resource),
HttpRequest::METHOD_POST,
['CONTENT_TYPE' => 'multipart/form-data', 'HTTP_Authorization' => 'Bearer ' . $token]
);
@ -211,4 +211,13 @@ final class Request implements RequestInterface
return $firstArray;
}
private static function prepareSection(?string $section): string
{
if($section === null) {
return '';
}
return $section . '/';
}
}

View file

@ -15,21 +15,21 @@ namespace Sylius\Behat\Client;
interface RequestInterface
{
public static function index(string $resource, string $token): self;
public static function index(?string $section, string $resource, string $token): self;
public static function subResourceIndex(string $resource, string $id, string $subResource): self;
public static function show(string $resource, string $id, string $token): self;
public static function show(?string $section, string $resource, string $id, string $token): self;
public static function create(string $resource, ?string $token = null): self;
public static function create(?string $section, string $resource, ?string $token = null): self;
public static function update(string $resource, string $id, string $token): self;
public static function update(?string $section, string $resource, string $id, string $token): self;
public static function delete(string $resource, string $id, string $token): self;
public static function delete(?string $section, string $resource, string $id, string $token): self;
public static function transition(string $resource, string $id, string $transition): self;
public static function upload(string $resource, string $token): self;
public static function upload(?string $section, string $resource, string $token): self;
public static function custom(string $url, string $method): self;

View file

@ -20,10 +20,12 @@
<service id="sylius.behat.api_platform_client.administrator" class="Sylius\Behat\Client\ApiPlatformClient" parent="sylius.behat.api_platform_client">
<argument>administrators</argument>
<argument>admin</argument>
</service>
<service id="sylius.behat.api_platform_client.avatar_image" class="Sylius\Behat\Client\ApiPlatformClient" parent="sylius.behat.api_platform_client">
<argument>avatar-images</argument>
<argument>admin</argument>
</service>
<service id="sylius.behat.api_platform_client.channel" class="Sylius\Behat\Client\ApiPlatformClient" parent="sylius.behat.api_platform_client">

View file

@ -16,6 +16,7 @@
xsi:schemaLocation="https://api-platform.com/schema/metadata https://api-platform.com/schema/metadata/metadata-2.0.xsd"
>
<resource class="%sylius.model.admin_user.class%" shortName="Administrator">
<attribute name="route_prefix">admin</attribute>
<attribute name="normalization_context">
<attribute name="groups">
<attribute>admin_user:read</attribute>
@ -31,11 +32,8 @@
<attribute name="validation_groups">sylius</attribute>
<collectionOperations>
<collectionOperation name="get">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</collectionOperation>
<collectionOperation name="get" />
<collectionOperation name="post">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
<attribute name="validation_groups">
<attribute>sylius</attribute>
<attribute>sylius_user_create</attribute>
@ -44,18 +42,13 @@
</collectionOperations>
<itemOperations>
<itemOperation name="get">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</itemOperation>
<itemOperation name="get" />
<itemOperation name="put">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
<attribute name="denormalization_context">
<attribute name="groups">admin_user:update</attribute>
</attribute>
</itemOperation>
<itemOperation name="delete">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</itemOperation>
<itemOperation name="delete" />
</itemOperations>
<property name="id" identifier="true" writable="false" />

View file

@ -16,6 +16,7 @@
xsi:schemaLocation="https://api-platform.com/schema/metadata https://api-platform.com/schema/metadata/metadata-2.0.xsd"
>
<resource class="%sylius.model.avatar_image.class%" shortName="AvatarImage">
<attribute name="route_prefix">admin</attribute>
<attribute name="normalization_context">
<attribute name="groups">
<attribute>avatar_image:read</attribute>
@ -24,7 +25,6 @@
<collectionOperations>
<collectionOperation name="post">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
<attribute name="controller">sylius.api.upload_avatar_image_action</attribute>
<attribute name="deserialize">false</attribute>
<attribute name="openapi_context">
@ -52,12 +52,8 @@
</collectionOperations>
<itemOperations>
<itemOperation name="get">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</itemOperation>
<itemOperation name="delete">
<attribute name="security">is_granted('ROLE_API_ACCESS')</attribute>
</itemOperation>
<itemOperation name="get" />
<itemOperation name="delete" />
</itemOperations>
<property name="id" identifier="true" writable="false" />