appwrite/src/Database/Validator/Authorization.php

<?php

namespace Database\Validator;

use Database\Document;
use Utopia\Validator;

class Authorization extends Validator
{
    /**
     * @var array
     */
    protected static $roles = ['*'];

    /**
     * @var Document
     */
    protected $document = null;

    /**
     * @var string
     */
    protected $action = '';

    /**
     * @var string
     */
    protected $message = 'Authorization Error';

    /**
     * Structure constructor.
     *
     * @param Document $document
     * @param string   $action
     */
    public function __construct(Document $document, $action)
    {
        $this->document = $document;
        $this->action = $action;
    }

    /**
     * Get Description.
     *
     * Returns validator description
     *
     * @return string
     */
    public function getDescription()
    {
        return $this->message;
    }

    /**
     * Is valid.
     *
     * Returns true if valid or false if not.
     *
     * @param array $permissions
     *
     * @return bool
     */
    public function isValid($permissions)
    {
        if (!self::$status) {
            return true;
        }

        if (!isset($permissions[$this->action])) {
            $this->message = 'Missing action key: "'.$this->action.'"';

            return false;
        }

        if(is_array($permissions[$this->action]) && empty($permissions[$this->action])) {
            return true;
        }

        $permission = null;

        foreach ($permissions[$this->action] as $permission) {
            $permission = str_replace(':{self}', ':'.$this->document->getUid(), $permission);

            if (in_array($permission, self::getRoles())) {
                return true;
            }
        }

        $this->message = 'User is missing '.$this->action.' for "'.$permission.'" permission. Only this scopes "'.json_encode(self::getRoles()).'" is given and only this are allowed "'.json_encode($permissions[$this->action]).'".';

        return false;
    }

    /**
     * @param string $role
     */
    public static function setRole($role)
    {
        self::$roles[] = $role;
    }

    /**
     * @return array
     */
    public static function getRoles()
    {
        return self::$roles;
    }

    /**
     * @var bool
     */
    public static $status = true;

    /**
     *
     */
    public static function enable()
    {
        self::$status = true;
    }

    /**
     *
     */
    public static function disable()
    {
        self::$status = false;
    }
}
Added source code 2019-05-09 06:54:39 +00:00			`<?php`

			`namespace Database\Validator;`

			`use Database\Document;`
			`use Utopia\Validator;`

			`class Authorization extends Validator`
			`{`
			`/**`
			`* @var array`
			`*/`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`protected static $roles = ['*'];`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
			`* @var Document`
			`*/`
			`protected $document = null;`

			`/**`
			`* @var string`
			`*/`
			`protected $action = '';`

			`/**`
			`* @var string`
			`*/`
Better error descriptions 2019-09-17 09:55:31 +00:00			`protected $message = 'Authorization Error';`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
			`* Structure constructor.`
			`*`
			`* @param Document $document`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`* @param string $action`
Added source code 2019-05-09 06:54:39 +00:00			`*/`
			`public function __construct(Document $document, $action)`
			`{`
			`$this->document = $document;`
			`$this->action = $action;`
			`}`

			`/**`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`* Get Description.`
Added source code 2019-05-09 06:54:39 +00:00			`*`
			`* Returns validator description`
			`*`
			`* @return string`
			`*/`
			`public function getDescription()`
			`{`
			`return $this->message;`
			`}`

			`/**`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`* Is valid.`
Added source code 2019-05-09 06:54:39 +00:00			`*`
			`* Returns true if valid or false if not.`
			`*`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`* @param array $permissions`
			`*`
Added source code 2019-05-09 06:54:39 +00:00			`* @return bool`
			`*/`
			`public function isValid($permissions)`
			`{`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`if (!self::$status) {`
Added source code 2019-05-09 06:54:39 +00:00			`return true;`
			`}`

Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`if (!isset($permissions[$this->action])) {`
			`$this->message = 'Missing action key: "'.$this->action.'"';`

Added source code 2019-05-09 06:54:39 +00:00			`return false;`
			`}`

Allow empty permissions array 2019-10-20 18:28:07 +00:00			`if(is_array($permissions[$this->action]) && empty($permissions[$this->action])) {`
			`return true;`
			`}`

Added source code 2019-05-09 06:54:39 +00:00			`$permission = null;`

			`foreach ($permissions[$this->action] as $permission) {`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`$permission = str_replace(':{self}', ':'.$this->document->getUid(), $permission);`
Added source code 2019-05-09 06:54:39 +00:00
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`if (in_array($permission, self::getRoles())) {`
Added source code 2019-05-09 06:54:39 +00:00			`return true;`
			`}`
			`}`

Allow empty permissions array 2019-10-20 18:28:07 +00:00			`$this->message = 'User is missing '.$this->action.' for "'.$permission.'" permission. Only this scopes "'.json_encode(self::getRoles()).'" is given and only this are allowed "'.json_encode($permissions[$this->action]).'".';`
Added source code 2019-05-09 06:54:39 +00:00
			`return false;`
			`}`

			`/**`
			`* @param string $role`
			`*/`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`public static function setRole($role)`
Added source code 2019-05-09 06:54:39 +00:00			`{`
			`self::$roles[] = $role;`
			`}`

			`/**`
			`* @return array`
			`*/`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`public static function getRoles()`
Added source code 2019-05-09 06:54:39 +00:00			`{`
			`return self::$roles;`
			`}`

			`/**`
			`* @var bool`
			`*/`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`public static $status = true;`
Added source code 2019-05-09 06:54:39 +00:00
			`/**`
			`*`
			`*/`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`public static function enable()`
Added source code 2019-05-09 06:54:39 +00:00			`{`
			`self::$status = true;`
			`}`

			`/**`
			`*`
			`*/`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`public static function disable()`
Added source code 2019-05-09 06:54:39 +00:00			`{`
			`self::$status = false;`
			`}`
Run PHP-CS-FIXER to make sure code is consisted with PSR-1 + PSR-2 2019-09-06 17:04:26 +00:00			`}`