Merge pull request #57 from AuroraWebSoftware/refactor-query-builder-for-updated-abac-rules

Refactor AAuthABACModelScope for updated ABAC rule format and add tests

Author: emreakay

src/Facades/AAuth.php

@@ -22,7 +22,7 @@
  * @static switchableRolesStatic(int $userId): array|Collection|\Illuminate\Support\Collection
  *
  * @method static currentRole() \AuroraWebSoftware\AAuth\Models\Role|null
- * @method static ABACRules() array|null
+ * @method static ABACRules(string $modelType) array|null
  */
 class AAuth extends Facade
 {

src/Scopes/AAuthABACModelScope.php

@@ -3,118 +3,105 @@
 namespace AuroraWebSoftware\AAuth\Scopes;
 
 use AuroraWebSoftware\AAuth\Facades\AAuth;
+use AuroraWebSoftware\AAuth\Interfaces\AAuthABACModelInterface;
 use AuroraWebSoftware\AAuth\Utils\ABACUtil;
 use Exception;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Scope;
 
+/**
+ * @template TModelClass of Model
+ */
 class AAuthABACModelScope implements Scope
 {
     /**
+     * @param Builder<TModelClass> $builder
+     * @param Model $model
+     * @param mixed $rules
+     * @param string $parentOperator
+     * @return void
      * @throws Exception
      */
-    public function apply(Builder $builder, Model $model, $rules = false, $parentOperator = '&&')
+    public function apply(Builder $builder, Model $model, mixed $rules = false, string $parentOperator = '&&'): void
     {
         if ($rules === false) {
+            /**
+             * @var AAuthABACModelInterface $model
+             *
+             * PHPStan analysis does not return any errors, but it underlines the ABACRules method because it somehow
+             * does not see it, even though it is defined in the facade.
+             * @phpstan-ignore-next-line
+             */
             $rules = AAuth::ABACRules($model::getModelType()) ?? [];
+
+            /**
+             * @var array $rules
+             */
             ABACUtil::validateAbacRuleArray($rules);
 
-            return $builder->where(
-                function ($query) use ($rules, $model) {
-                    $this->apply($query, $model, $rules);
-                }
-            );
-        }
+            $builder->where(function ($query) use ($rules, $model) {
+                /**
+                 * @var Model $model
+                 */
+                $this->apply($query, $model, $rules);
+            });
+        } else {
+            $logicalOperators = ["&&","||"];
 
-        // todo refactor gerekebilir
-        foreach ($rules as $key => $rule) {
-            if ($key == '&&') {
-                if ($parentOperator == '||') {
-                    $builder->orWhere(
-                        function ($query) use ($rule, $model) {
-                            $this->apply($query, $model, $rule);
-                        }
-                    );
-                } else {
-                    $builder->where(
-                        function ($query) use ($rule, $model) {
-                            $this->apply($query, $model, $rule);
-                        }
-                    );
-                }
-            } elseif ($key == '||') {
-                if ($parentOperator == '||') {
-                    $builder->orWhere(
-                        function ($query) use ($rule, $model) {
-                            $this->apply($query, $model, $rule, '||');
-                        }
-                    );
-                } else {
-                    $builder->where(
-                        function ($query) use ($rule, $model) {
-                            $this->apply($query, $model, $rule, '||');
-                        }
-                    );
-                }
-            } else {
-                $operator = array_key_first($rule);
-                if ($parentOperator == '||') {
-                    $builder->orWhere(
-                        $rule[array_key_first($rule)]['attribute'],
-                        $operator,
-                        $rule[array_key_first($rule)]['value']
-                    );
+            foreach ($rules as $rule) {
+                $firstKey = array_key_first($rule);
+                $abacRule = $rule[$firstKey];
+
+                if (in_array($firstKey, $logicalOperators)) {
+                    $this->applyLogicalOperator($builder, $abacRule, $model, $firstKey, $parentOperator);
                 } else {
-                    $builder->where(
-                        $rule[array_key_first($rule)]['attribute'],
-                        $operator,
-                        $rule[array_key_first($rule)]['value']
-                    );
+                    $this->applyConditionalOperator($builder, $rule, $parentOperator);
                 }
             }
         }
+    }
+
+    /**
+     * Apply logical operator (&& or ||) to the query builder.
+     *
+     * @param Builder<TModelClass> $builder
+     * @param array $abacRule
+     * @param Model $model
+     * @param string $logicalOperator
+     * @param string $parentOperator
+     *
+     * @return void
+     * @throws Exception
+     */
+    protected function applyLogicalOperator(Builder $builder, array $abacRule, Model $model, string $logicalOperator, string $parentOperator): void
+    {
+        $queryMethod = $parentOperator == '&&' ? 'where' : 'orWhere';
 
-        // todo refactor gerekebilir
-        /*
-        foreach ($rules as $key => $rule) {
-            if ($key == '&&') {
-                foreach ($rule as $subkey => $subrule) {
-                    $suboperator = array_key_first($subrule);
+        $builder->{$queryMethod}(function ($query) use ($abacRule, $model, $logicalOperator) {
+            $this->apply($query, $model, $abacRule, $logicalOperator);
+        });
+    }
 
-                    if ($suboperator == '&&' or $suboperator == '||') {
-                        $builder->where(
-                            function ($query) use ($subrule, $model) {
-                                $this->apply($query, $model, $subrule);
-                            }
-                        );
-                    } else {
-                        $builder->where(
-                            $subrule[array_key_first($subrule)]['attribute'],
-                            $suboperator,
-                            $subrule[array_key_first($subrule)]['value']
-                        );
-                    }
-                }
-            } elseif ($key == '||') {
-                foreach ($rule as $subkey => $subrule) {
-                    $suboperator = array_key_first($subrule);
-                    if ($suboperator == '&&' || $suboperator == '||') {
-                        $builder->where(
-                            function ($query) use ($subrule, $model) {
-                                $this->apply($query, $model, $subrule);
-                            }
-                        );
-                    } else {
-                        $builder->orWhere(
-                            $subrule[array_key_first($subrule)]['attribute'],
-                            $suboperator,
-                            $subrule[array_key_first($subrule)]['value']
-                        );
-                    }
-                }
-            }
-        }
-        */
+    /**
+     * Apply conditional operator to the query builder.
+     *
+     * @param Builder<TModelClass> $builder
+     * @param array   $rule
+     * @param string  $parentOperator
+     *
+     * @return void
+     */
+    protected function applyConditionalOperator(Builder $builder, array $rule, string $parentOperator): void
+    {
+        $operator = array_key_first($rule);
+
+        $queryMethod = $parentOperator == '||' ? 'orWhere' : 'where';
+
+        $builder->{$queryMethod}(
+            $rule[$operator]['attribute'],
+            $operator,
+            $rule[$operator]['value']
+        );
     }
 }