From eed945b55f5e69bf0ea94540e5d9ff7c9b517fe0 Mon Sep 17 00:00:00 2001
From: jeremykendall <jeremy@jeremykendall.net>
Date: Sat, 2 Jan 2016 22:29:36 -0600
Subject: [PATCH] De-cruft and de-CRAP

---
 src/Middleware/Authorization.php       | 18 ++++++------------
 tests/Middleware/AuthorizationTest.php |  3 +--
 2 files changed, 7 insertions(+), 14 deletions(-)

diff --git a/src/Middleware/Authorization.php b/src/Middleware/Authorization.php
index 1a4986d..5017c4d 100644
--- a/src/Middleware/Authorization.php
+++ b/src/Middleware/Authorization.php
@@ -61,15 +61,15 @@ public function __invoke(ServerRequestInterface $request, ResponseInterface $res
         $route = $request->getAttribute('route', null);
 
         if ($route === null) {
-            // User likely accessing a non-existant route. Calling next middleware.
+            // User likely accessing a nonexistent route. Calling next middleware.
             return $next($request, $response);
         }
 
         $role = $this->getRole($this->auth->getIdentity());
-        $resource = $routePattern = $route->getPattern();
+        $resource = $route->getPattern();
         $privilege = $request->getMethod();
-        $hasIdentity = $this->auth->hasIdentity();
         $isAllowed = $this->acl->isAllowed($role, $resource, $privilege);
+        $hasIdentity = $this->auth->hasIdentity();
 
         if ($hasIdentity && !$isAllowed) {
             // Authenticated but unauthorized for this resource
@@ -93,20 +93,14 @@ public function __invoke(ServerRequestInterface $request, ResponseInterface $res
      */
     private function getRole($identity = null)
     {
-        $role = null;
-
         if (is_object($identity)) {
-            $role = $identity->getRole();
+            return $identity->getRole();
         }
 
         if (is_array($identity) && isset($identity['role'])) {
-            $role = $identity['role'];
-        }
-
-        if ($role === null) {
-            $role = 'guest';
+            return $identity['role'];
         }
 
-        return $role;
+        return 'guest';
     }
 }
diff --git a/tests/Middleware/AuthorizationTest.php b/tests/Middleware/AuthorizationTest.php
index 6ec8fae..c62b21d 100644
--- a/tests/Middleware/AuthorizationTest.php
+++ b/tests/Middleware/AuthorizationTest.php
@@ -131,7 +131,7 @@ public function authenticationDataProvider()
             ['GET', '/admin', null, true, new Identity('member'), 403, '/admin'],
             ['DELETE', '/member/photo/992892', null, true, ['role' => 'member'], 200, '/member/photo/{id}'],
             // Admin
-            ['GET', '/admin', null, true, ['role' => 'admin'], 200, '/member/photo/{id}'],
+            ['GET', '/admin', null, true, ['role' => 'admin'], 200, '/admin'],
         ];
     }
 
@@ -151,7 +151,6 @@ private function getConfiguredAcl()
 
         $acl->allow('guest', '/');
         $acl->allow('guest', '/login', ['GET', 'POST']);
-        $acl->deny('guest', '/admin');
 
         $acl->allow('member', '/member');
         $acl->allow('member', '/member/photo/{id}', 'DELETE');