lm-commons / lmcrbacmvc Goto Github PK

Update the documenation for V4
Add versioning to docs to provide V3 and V4 versions via a menu dropdown using Docusaurus versioning

Replace references to ZFcUser by LmcUser in cookbook

Hi,

I tried using this with laminas api-tools but can not get the guards working. From my understanding, the guards have a higher priority in the execution of events.
Because they have higher priority, the guards are executed before authentication events in api-tools-mvc-auth. The authenticated identity could not be retrieved by the time the guards are executed.

Does anybody else have the same issues?

Update composer.json to add the Laminas Component installer

Context:

LmcRbacMvc provide a role provider based on Doctrine ORM which forces to add dependencies to Doctrine for all application, even the ones that are not using Doctrine ORM.
It would be better to have a separate companion library just for the ORM based Role provider

Work to do:

• Remove Doctrine ORM Role Provided from LmcRbacMvc
• Create a companion library called LmcRbacMvcDoctrine
• Update documentation

Travis CI testing fails for the case PHP 7.3 --prefer-lowest --prefer-stable

Move the developer tools to a separate library.
This will reduce the footprint of LmcRbacMvc as this is an optional package which is only required if the developer uses Laminas Developer Tools.

Interop/Container is deprecated.
Replace by Psr/Container

Update composer requirements to include 8.2
Add CI testing for PHP 8.2

PHP 7 and PHP 8.0 are end of life.
Drop support for those versions:

• Remove testing against 7.4 and 8.0
• Update composer requirements to 8.1, 8.2

Update README to point to Slack instead of Gitter in the Support section

To address some of the issues raised in issue #29

The example provided in the 06. Using the Authorization Service.md file is using DI v2.
An example using Laminas-di v3 is required.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

• Update docusaurus monorepo to v3.4.0 (master) (@docusaurus/core, @docusaurus/module-type-aliases, @docusaurus/preset-classic, @docusaurus/types)
• Update docusaurus monorepo to v3.4.0 (4.x) (@docusaurus/core, @docusaurus/module-type-aliases, @docusaurus/preset-classic, @docusaurus/types)
• Update dependency laminas/laminas-serializer to v3 (4.x)
• Update dependency laminas/laminas-servicemanager to v4 (4.x)
• Update dependency phpunit/phpunit to v11 (4.x)
• 🔐 Create all rate-limited PRs at once 🔐

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• Update dependency phpunit/phpunit to v9.6.19 (master)
• Update dependency doctrine/doctrine-orm-module to v6 (master)
• Update dependency doctrine/persistence to v3 (master)
• Update dependency laminas/laminas-serializer to v3 (master)
• Update dependency laminas/laminas-servicemanager to v4 (master)
• Update dependency phpunit/phpunit to v11 (master)
• Update dependency zfr/rbac to v2 (master)
• Update dependency phpunit/phpunit to v10.5.20 (4.x)
• Update dependency doctrine/doctrine-orm-module to v6 (4.x)
• Update dependency doctrine/persistence to v3 (4.x)
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Travis-CI is no longer free for OpenSource
Need to find another provider for CI
Look into using GiHub Actions?

The original ZfcRbac allows dependencies on Zf2.
Should we remove these dependencies?

Review code to ensure propose execution under PHP8

Add type declarations to function parameters and return values
Validate and fix invalid PHPDoc annotations

Remove the dependency on Zfr/Rbac.
Integrate the prototypes defined by Zfr/Rbac into the LmcRbac namespace

• Add a ConfigProvider class
• Move content of module.config.php into ConfigProvider
• Use ConfigProvider in Module::getConfig()

In ObjectRepositoryRoleProvider :
use Doctrine\Common\Persistence\ObjectRepository; is wrong.
It should be
use Doctrine\Persistence\ObjectRepository;

ObjectRepository.php has been moved
https://github.com/doctrine/persistence/blob/2.1.x/lib/Doctrine/Persistence/ObjectRepository.php

Same in ObjectRepositoryRoleProviderFactory :

use Doctrine\Common\Persistence\ObjectManager;
use Doctrine\Common\Persistence\ObjectRepository;

Replace by :

use Doctrine\Persistence\ObjectManager;
use Doctrine\Persistence\ObjectRepository;

At this very moment I cannot implememt the AssertionInterface with context, it is not described in this interface.
I tried to override the AssertionInterface with my own, thus with the $context = null parameter. But... the AssertionPluginManager is not that flexible: "Assertions must implement "LmcRbacMvc\Assertion\AssertionInterface", but "Application\Assertion\MustBeWebsiteOwner" (MustBeWebsiteOwner implements my AssertionInterface, with $context...)

So... should the AssertionInterface not be like this?

interface AssertionInterface
{
    /**
     * Check if this assertion is true
     *
     * @param  AuthorizationService $authorizationService
     * @param  mixed                $context
     * @return bool
     */
    public function assert(AuthorizationService $authorizationService, $context = null);
}

Edit: I used a quick and dirty workaround like this to get my context:

$context = \func_get_arg(1);

Add Renovate

Factories should be closer to the object that it is created. This is will help in understanding the code as one does not have to navigate to the Factory folder.

Refactor all the factories in Factory to the folder of the object that they are creating. For example, LmcRbacMvc\Factory\RoleServiceFactory should be refactored to LmcRbacMvc\Service\RoleServiceFactory.
Have the original factory extend the new factory and mark it as deprecated
Update ConfigProvider to use the new factories

Dependency on this library was introduced during migration to Laminas by the laminas-migration tool.
LmcRbacMvc does not depend on it.

Fix travis-ci scripts:

• Coveralls is not updating

Maybe someone can update laminas/laminas-dependency-plugin dependency to https://github.com/laminas/laminas-dependency-plugin/releases/tag/2.0.0beta1? It just adds composer 2.0 support.

Upgrade test suite to use PHPUnit 10

The InMemoryRoleProvider and the ObjectRepositoryRoleProvider do not implement the getRoles($roleNames) in the same way.

InMemoryRoleProvider::getRoles($roleNames) will return an array of roles matching the $roleNames array. If a roleName in $roleNames` is not present in the in memory config, it will create a role for that roleName with no permissions.

ObjectRepositoryRoleProvider::getRoles($roleNames) will return an array of roles matching the $roleNames array only there is a match. If a roleName in $roleNames is not present in the object repository, it will throw a RoleNotFoundException exception.

Moreover, the RoleProviderInterface interface does not state that getRoles() can throw an exception.

The Role Service, when requesting roles from the provider does not check for exceptions. This means that, in an application using ObjectRepositoryRoleProvider, if an identity has a role that does not exists in the role provider, the application will throw an exception and crash if not handled. The exception makes sense since roles assignable to identity should exist and should be enforced when creating users, roles and permissions.

On the other hand, InMemoryRoleProvider is too permissive as it will add roles in the role provider for roles that do not exist in its initial configuration. InMemoryRoleProvider was meant to be a simple solution and it is not strict in validating that a given role exist or not.

I am of the opinion, that an exception should be thrown when requesting the role provider to provide a role that does not exist.

This would be a breaking change for applications using the InMemoryRoleProvider when an unexpected exception would occur that would cause the app to crash.

I tested using this package with php 8.1 and it generated the following error.

During inheritance of ArrayIterator: Uncaught Whoops\Exception\ErrorException: Return type of Rbac\Traversal\RecursiveRoleIterator::valid() should either be compatible with ArrayIterator::valid(): bool, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /var/www/html/vendor/zfr/rbac/src/Rbac/Traversal/RecursiveRoleIterator.php:37 Stack trace: #0 /var/www/html/vendor/zfr/rbac/src/Rbac/Traversal/RecursiveRoleIterator.php(18): Whoops\Run->handleError() #1 /var/www/html/vendor/composer/ClassLoader.php(571): include('/var/www/html/v...') #2 /var/www/html/vendor/composer/ClassLoader.php(428): Composer\Autoload\includeFile() #3 /var/www/html/vendor/lm-commons/lmc-rbac-mvc/src/Collector/RbacCollector.php(161): Composer\Autoload\ClassLoader->loadClass() #4 /var/www/html/vendor/lm-commons/lmc-rbac-mvc/src/Collector/RbacCollector.php(111): LmcRbacMvc\Collector\RbacCollector->collectIdentityRolesAndPermissions() #5 /var/www/html/vendor/laminas/laminas-developer-tools/src/Profiler.php(202): LmcRbacMvc\Collector\RbacCollector->collect() #6 /var/www/html/vendor/laminas/laminas-developer-tools/src/Listener/ProfilerListener.php(86): Laminas\DeveloperTools\Profiler->collect() #7 /var/www/html/vendor/laminas/laminas-eventmanager/src/EventManager.php(319): Laminas\DeveloperTools\Listener\ProfilerListener->onFinish() #8 /var/www/html/vendor/laminas/laminas-eventmanager/src/EventManager.php(171): Laminas\EventManager\EventManager->triggerListeners() #9 /var/www/html/vendor/laminas/laminas-mvc/src/Application.php(334): Laminas\EventManager\EventManager->triggerEvent() #10 /var/www/html/public/index.php(41): Laminas\Mvc\Application->run() #11 {main}

Version 4 Plan - Features and Enhancements Roadmap

This is to document the enhancements, features and other changes to bring to LmcRbacMvc in a forthcoming version 4.

Rationale

LmcRbacMvc v3 is a port of ZF-Commons/ZfcRbac v2 to Laminas. ZfcRbac v2 was developed several years ago and was based on Zend Framework v2 and v3. The port of ZfcRbac to Laminas has not brought significant improvements or new features to the package. New frameworks based on Laminas MVC, such as Laminas API Tools have, come along and the Laminas Components have also evolved. It is long overdue to give it a serious upgrade.

LmcRbacMvc has been installed more than 100K times according to Packagist which is a good indication that the package has its usefulness in web application. We are looking for users of the package to provide inputs into the development roadmap for Version 4.

Process

• Comment on this issue if you want to add an enhancement or a feature to be included in Version 4.
• Issues will be created for enhancements/features selected for inclusion in V4 and will be added to the development Backlog and will be labeled as v4
• Development toward V4 will be done on the 4.x branch.
• A GitHub project for LmcRbacMvc was created and issues to be added to the project so that progress can be managed
• Issues will be assigned to contributors

Selected Enhancements

• Remove dependency on Zfr/Rbac (#3 )
• Move Developer Tools to a separate package (#32)
• Add type declarations where missing (#38)
• Drop support for PHP 7.4 and 8.0 (#39)
• Use another CI provider (#37)
• Add support for PHP 8.2 (#40)
• Refactor factories (#99)

Proposed enhancements

• Improve documentation (better guides, better class description)

Won't do

• Move Doctrine Support to a separate library (#44)

Update dependencies to use packages supporting 8.3:

• Need to bump doctrine/doctrine-orm-module to a later version

Add PHP 8.3 testing to CI Build

Add function parameter and return types
Add types to variables

I was searching the document on how can I addRole or permission using this repo. but I didnt find any suitable information under the hood of this link. https://github.com/LM-Commons/LmcRbacMvc/tree/master/docs/docs