diff --git a/src/Command/ControllerCommand.php b/src/Command/ControllerCommand.php index 7a04425d..d7f5ab5f 100644 --- a/src/Command/ControllerCommand.php +++ b/src/Command/ControllerCommand.php @@ -21,6 +21,7 @@ use Cake\Console\ConsoleIo; use Cake\Console\ConsoleOptionParser; use Cake\Core\Configure; +use Cake\Core\Plugin; use Cake\Datasource\ConnectionManager; /** @@ -219,6 +220,10 @@ public function getComponents(Arguments $args): array if ($args->getOption('components')) { $components = explode(',', $args->getOption('components')); $components = array_values(array_filter(array_map('trim', $components))); + } else { + if (Plugin::isLoaded('Authorization')) { + $components[] = 'Authorization.Authorization'; + } } return $components; diff --git a/templates/bake/element/Controller/add.twig b/templates/bake/element/Controller/add.twig index 0e003205..081d1c79 100644 --- a/templates/bake/element/Controller/add.twig +++ b/templates/bake/element/Controller/add.twig @@ -22,6 +22,9 @@ public function add() { ${{ singularName }} = $this->{{ currentModelName }}->newEmptyEntity(); +{% if Bake.hasPlugin('Authorization') %} + $this->Authorization->authorize(${{ singularName }}); +{% endif %} if ($this->request->is('post')) { ${{ singularName }} = $this->{{ currentModelName }}->patchEntity(${{ singularName }}, $this->request->getData()); if ($this->{{ currentModelName }}->save(${{ singularName }})) { diff --git a/templates/bake/element/Controller/delete.twig b/templates/bake/element/Controller/delete.twig index 53e57dac..bab93c72 100644 --- a/templates/bake/element/Controller/delete.twig +++ b/templates/bake/element/Controller/delete.twig @@ -24,6 +24,9 @@ { $this->request->allowMethod(['post', 'delete']); ${{ singularName }} = $this->{{ currentModelName }}->get($id); +{% if Bake.hasPlugin('Authorization') %} + $this->Authorization->authorize(${{ singularName }}); +{% endif %} if ($this->{{ currentModelName }}->delete(${{ singularName }})) { $this->Flash->success(__('The {{ singularHumanName|lower }} has been deleted.')); } else { diff --git a/templates/bake/element/Controller/edit.twig b/templates/bake/element/Controller/edit.twig index e6b2164d..793f8515 100644 --- a/templates/bake/element/Controller/edit.twig +++ b/templates/bake/element/Controller/edit.twig @@ -26,6 +26,9 @@ public function edit($id = null) { ${{ singularName }} = $this->{{ currentModelName }}->get($id, contain: {{ Bake.exportArray(belongsToMany)|raw }}); +{% if Bake.hasPlugin('Authorization') %} + $this->Authorization->authorize(${{ singularName }}); +{% endif %} if ($this->request->is(['patch', 'post', 'put'])) { ${{ singularName }} = $this->{{ currentModelName }}->patchEntity(${{ singularName }}, $this->request->getData()); if ($this->{{ currentModelName }}->save(${{ singularName }})) { diff --git a/templates/bake/element/Controller/index.twig b/templates/bake/element/Controller/index.twig index fb136ec5..0394d966 100644 --- a/templates/bake/element/Controller/index.twig +++ b/templates/bake/element/Controller/index.twig @@ -26,6 +26,9 @@ ->contain({{ Bake.exportArray(belongsTo)|raw }}); {% else %} $query = $this->{{ currentModelName }}->find(); +{% endif %} +{% if Bake.hasPlugin('Authorization') %} + $query = $this->Authorization->applyScope($query); {% endif %} ${{ pluralName }} = $this->paginate($query); diff --git a/templates/bake/element/Controller/view.twig b/templates/bake/element/Controller/view.twig index 3d7cdf8d..d85bd17a 100644 --- a/templates/bake/element/Controller/view.twig +++ b/templates/bake/element/Controller/view.twig @@ -27,5 +27,8 @@ public function view($id = null) { ${{ singularName }} = $this->{{ currentModelName }}->get($id, contain: {{ Bake.exportArray(allAssociations)|raw }}); +{% if Bake.hasPlugin('Authorization') %} + $this->Authorization->authorize(${{ singularName }}); +{% endif %} $this->set(compact('{{ singularName }}')); } diff --git a/tests/TestCase/Command/ControllerCommandTest.php b/tests/TestCase/Command/ControllerCommandTest.php index b3474141..82fd2a25 100644 --- a/tests/TestCase/Command/ControllerCommandTest.php +++ b/tests/TestCase/Command/ControllerCommandTest.php @@ -66,7 +66,7 @@ public function tearDown(): void parent::tearDown(); $this->getTableLocator()->clear(); - $this->removePlugins(['ControllerTest', 'Company/Pastry']); + $this->removePlugins(['ControllerTest', 'Company/Pastry', 'Authorization', 'BakeTest']); } /** @@ -102,6 +102,25 @@ public function testGetComponents() $this->assertSame(['Auth', 'RequestHandler'], $result); } + /** + * test component generation with auto-detect for core plugins + * + * @return void + */ + public function testGetComponentsInferredDefaults() + { + $this->_loadTestPlugin('Authorization'); + + $command = new ControllerCommand(); + $args = new Arguments([], [], []); + $result = $command->getComponents($args); + $this->assertSame(['Authorization.Authorization'], $result); + + $args = new Arguments([], ['components' => 'Flash, FormProtection'], []); + $result = $command->getComponents($args); + $this->assertSame(['Flash', 'FormProtection'], $result); + } + /** * test helper generation * @@ -193,6 +212,21 @@ public function testBakeActions() $this->assertSameAsFile(__FUNCTION__ . '.php', $result); } + /** + * Test the integration with Authorization plugin + */ + public function testBakeActionsAuthorizationPlugin() + { + $this->_loadTestPlugin('Authorization'); + + $this->generatedFile = APP . 'Controller/BakeArticlesController.php'; + $this->exec('bake controller --connection test --no-test BakeArticles'); + + $this->assertExitSuccess(); + $result = file_get_contents($this->generatedFile); + $this->assertSameAsFile(__FUNCTION__ . '.php', $result); + } + /** * test bake actions prefixed. * diff --git a/tests/comparisons/Controller/testBakeActionsAuthorizationPlugin.php b/tests/comparisons/Controller/testBakeActionsAuthorizationPlugin.php new file mode 100644 index 00000000..b37de7f2 --- /dev/null +++ b/tests/comparisons/Controller/testBakeActionsAuthorizationPlugin.php @@ -0,0 +1,123 @@ +loadComponent('Authorization.Authorization'); + } + + /** + * Index method + * + * @return \Cake\Http\Response|null|void Renders view + */ + public function index() + { + $query = $this->BakeArticles->find() + ->contain(['BakeUsers']); + $query = $this->Authorization->applyScope($query); + $bakeArticles = $this->paginate($query); + + $this->set(compact('bakeArticles')); + } + + /** + * View method + * + * @param string|null $id Bake Article id. + * @return \Cake\Http\Response|null|void Renders view + * @throws \Cake\Datasource\Exception\RecordNotFoundException When record not found. + */ + public function view($id = null) + { + $bakeArticle = $this->BakeArticles->get($id, contain: ['BakeUsers', 'BakeTags', 'BakeComments']); + $this->Authorization->authorize($bakeArticle); + $this->set(compact('bakeArticle')); + } + + /** + * Add method + * + * @return \Cake\Http\Response|null|void Redirects on successful add, renders view otherwise. + */ + public function add() + { + $bakeArticle = $this->BakeArticles->newEmptyEntity(); + $this->Authorization->authorize($bakeArticle); + if ($this->request->is('post')) { + $bakeArticle = $this->BakeArticles->patchEntity($bakeArticle, $this->request->getData()); + if ($this->BakeArticles->save($bakeArticle)) { + $this->Flash->success(__('The bake article has been saved.')); + + return $this->redirect(['action' => 'index']); + } + $this->Flash->error(__('The bake article could not be saved. Please, try again.')); + } + $bakeUsers = $this->BakeArticles->BakeUsers->find('list', limit: 200)->all(); + $bakeTags = $this->BakeArticles->BakeTags->find('list', limit: 200)->all(); + $this->set(compact('bakeArticle', 'bakeUsers', 'bakeTags')); + } + + /** + * Edit method + * + * @param string|null $id Bake Article id. + * @return \Cake\Http\Response|null|void Redirects on successful edit, renders view otherwise. + * @throws \Cake\Datasource\Exception\RecordNotFoundException When record not found. + */ + public function edit($id = null) + { + $bakeArticle = $this->BakeArticles->get($id, contain: ['BakeTags']); + $this->Authorization->authorize($bakeArticle); + if ($this->request->is(['patch', 'post', 'put'])) { + $bakeArticle = $this->BakeArticles->patchEntity($bakeArticle, $this->request->getData()); + if ($this->BakeArticles->save($bakeArticle)) { + $this->Flash->success(__('The bake article has been saved.')); + + return $this->redirect(['action' => 'index']); + } + $this->Flash->error(__('The bake article could not be saved. Please, try again.')); + } + $bakeUsers = $this->BakeArticles->BakeUsers->find('list', limit: 200)->all(); + $bakeTags = $this->BakeArticles->BakeTags->find('list', limit: 200)->all(); + $this->set(compact('bakeArticle', 'bakeUsers', 'bakeTags')); + } + + /** + * Delete method + * + * @param string|null $id Bake Article id. + * @return \Cake\Http\Response|null Redirects to index. + * @throws \Cake\Datasource\Exception\RecordNotFoundException When record not found. + */ + public function delete($id = null) + { + $this->request->allowMethod(['post', 'delete']); + $bakeArticle = $this->BakeArticles->get($id); + $this->Authorization->authorize($bakeArticle); + if ($this->BakeArticles->delete($bakeArticle)) { + $this->Flash->success(__('The bake article has been deleted.')); + } else { + $this->Flash->error(__('The bake article could not be deleted. Please, try again.')); + } + + return $this->redirect(['action' => 'index']); + } +} diff --git a/tests/test_app/Plugin/Authorization/src/AuthorizationPlugin.php b/tests/test_app/Plugin/Authorization/src/AuthorizationPlugin.php new file mode 100644 index 00000000..7f7636bf --- /dev/null +++ b/tests/test_app/Plugin/Authorization/src/AuthorizationPlugin.php @@ -0,0 +1,14 @@ +