Create user security read model - clean user domain

repman-io · Jun 2, 2020 · 0e3f01d · 0e3f01d
1 parent 0272653
commit 0e3f01d
Show file tree

Hide file tree

Showing 44 changed files with 613 additions and 333 deletions.
diff --git a/config/packages/security.yaml b/config/packages/security.yaml
@@ -1,12 +1,10 @@
 security:
     encoders:
-        Buddy\Repman\Entity\User:
+        Buddy\Repman\Security\Model\User:
             algorithm: auto
     providers:
         user_provider:
-            entity:
-                class: Buddy\Repman\Entity\User
-                property: email
+            id: Buddy\Repman\Security\UserProvider
         organization_provider:
             id: Buddy\Repman\Security\OrganizationProvider
     firewalls:

diff --git a/config/packages/test/security.yaml b/config/packages/test/security.yaml
@@ -1,6 +1,6 @@
 security:
     encoders:
-        Buddy\Repman\Entity\User:
+        Buddy\Repman\Security\Model\User:
             algorithm: plaintext
     firewalls:
         main:

diff --git a/src/Controller/OAuth/BitbucketController.php b/src/Controller/OAuth/BitbucketController.php
@@ -4,9 +4,10 @@
 
 namespace Buddy\Repman\Controller\OAuth;
 
-use Buddy\Repman\Entity\User;
 use Buddy\Repman\Entity\User\OAuthToken;
 use Buddy\Repman\Query\User\Model\Organization;
+use Buddy\Repman\Query\User\UserQuery;
+use Buddy\Repman\Security\Model\User;
 use Buddy\Repman\Service\BitbucketApi;
 use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
 use League\OAuth2\Client\Token\AccessToken;
@@ -54,11 +55,11 @@ public function registerCheck(Request $request, BitbucketApi $api): Response
      * @IsGranted("ROLE_ORGANIZATION_OWNER", subject="organization")
      * @Route("/organization/{organization}/package/add-from-bitbucket", name="fetch_bitbucket_package_token", methods={"GET"}, requirements={"organization"="%organization_pattern%"})
      */
-    public function packageAddFromBitbucket(Organization $organization): Response
+    public function packageAddFromBitbucket(Organization $organization, UserQuery $userQuery): Response
     {
         /** @var User */
         $user = $this->getUser();
-        if ($user->oauthToken(OAuthToken::TYPE_BITBUCKET) !== null) {
+        if ($userQuery->findOAuthAccessToken($user->id(), OAuthToken::TYPE_BITBUCKET)->isPresent()) {
             return $this->redirectToRoute('organization_package_new', ['organization' => $organization->alias(), 'type' => OAuthToken::TYPE_BITBUCKET]);
         }
         $this->session->set('organization', $organization->alias());

diff --git a/src/Controller/OAuth/GitHubController.php b/src/Controller/OAuth/GitHubController.php
@@ -4,9 +4,10 @@
 
 namespace Buddy\Repman\Controller\OAuth;
 
-use Buddy\Repman\Entity\User;
 use Buddy\Repman\Entity\User\OAuthToken;
 use Buddy\Repman\Query\User\Model\Organization;
+use Buddy\Repman\Query\User\UserQuery;
+use Buddy\Repman\Security\Model\User;
 use Buddy\Repman\Service\GitHubApi;
 use League\OAuth2\Client\Token\AccessToken;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
@@ -56,11 +57,11 @@ public function registerCheck(Request $request, GitHubApi $api): Response
      * @IsGranted("ROLE_ORGANIZATION_OWNER", subject="organization")
      * @Route("/organization/{organization}/package/add-from-github", name="fetch_github_package_token", methods={"GET"}, requirements={"organization"="%organization_pattern%"})
      */
-    public function packageAddFromGithub(Organization $organization): Response
+    public function packageAddFromGithub(Organization $organization, UserQuery $userQuery): Response
     {
         /** @var User */
         $user = $this->getUser();
-        if ($user->oauthToken(OAuthToken::TYPE_GITHUB) !== null) {
+        if ($userQuery->findOAuthAccessToken($user->id(), OAuthToken::TYPE_GITHUB)->isPresent()) {
             return $this->redirectToRoute('organization_package_new', ['organization' => $organization->alias(), 'type' => OAuthToken::TYPE_GITHUB]);
         }
         $this->session->set('organization', $organization->alias());

diff --git a/src/Controller/OAuth/GitLabController.php b/src/Controller/OAuth/GitLabController.php
@@ -4,9 +4,10 @@
 
 namespace Buddy\Repman\Controller\OAuth;
 
-use Buddy\Repman\Entity\User;
 use Buddy\Repman\Entity\User\OAuthToken;
 use Buddy\Repman\Query\User\Model\Organization;
+use Buddy\Repman\Query\User\UserQuery;
+use Buddy\Repman\Security\Model\User;
 use League\OAuth2\Client\Token\AccessToken;
 use Omines\OAuth2\Client\Provider\GitlabResourceOwner;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
@@ -58,11 +59,11 @@ function (): string {
      * @IsGranted("ROLE_ORGANIZATION_OWNER", subject="organization")
      * @Route("/organization/{organization}/package/add-from-gitlab", name="fetch_gitlab_package_token", methods={"GET"}, requirements={"organization"="%organization_pattern%"})
      */
-    public function packageAddFromGitLab(Organization $organization): Response
+    public function packageAddFromGitLab(Organization $organization, UserQuery $userQuery): Response
     {
         /** @var User */
         $user = $this->getUser();
-        if ($user->oauthToken(OAuthToken::TYPE_GITLAB) !== null) {
+        if ($userQuery->findOAuthAccessToken($user->id(), OAuthToken::TYPE_GITLAB)->isPresent()) {
             return $this->redirectToRoute('organization_package_new', ['organization' => $organization->alias(), 'type' => OAuthToken::TYPE_GITLAB]);
         }
         $this->session->set('organization', $organization->alias());

diff --git a/src/Controller/OAuth/OAuthController.php b/src/Controller/OAuth/OAuthController.php
@@ -4,10 +4,10 @@
 
 namespace Buddy\Repman\Controller\OAuth;
 
-use Buddy\Repman\Entity\User;
 use Buddy\Repman\Message\User\AddOAuthToken;
 use Buddy\Repman\Message\User\CreateOAuthUser;
 use Buddy\Repman\Message\User\RefreshOAuthToken;
+use Buddy\Repman\Security\Model\User;
 use Buddy\Repman\Security\UserGuardHelper;
 use Buddy\Repman\Service\Config;
 use Http\Client\Exception as HttpException;
@@ -45,7 +45,7 @@ public function refreshRepoToken(string $type): Response
     {
         /** @var User $user */
         $user = $this->getUser();
-        $this->dispatchMessage(new RefreshOAuthToken($user->id()->toString(), $type));
+        $this->dispatchMessage(new RefreshOAuthToken($user->id(), $type));
 
         return $this->redirectToRoute('organization_package_new', [
             'organization' => $this->session->get('organization', $user->firstOrganizationAlias()->getOrElseThrow(new NotFoundHttpException())),
@@ -94,7 +94,7 @@ protected function storeRepoToken(string $type, callable $tokenProvider, string
             $this->dispatchMessage(
                 new AddOAuthToken(
                     Uuid::uuid4()->toString(),
-                    $user->id()->toString(),
+                    $user->id(),
                     $type,
                     $token->getToken(),
                     $token->getRefreshToken(),

diff --git a/src/Controller/Organization/MembersController.php b/src/Controller/Organization/MembersController.php
@@ -4,7 +4,6 @@
 
 namespace Buddy\Repman\Controller\Organization;
 
-use Buddy\Repman\Entity\User;
 use Buddy\Repman\Form\Type\Organization\InviteMemberType;
 use Buddy\Repman\Form\Type\Organization\Member\ChangeRoleType;
 use Buddy\Repman\Message\Organization\Member\AcceptInvitation;
@@ -15,6 +14,7 @@
 use Buddy\Repman\Query\User\Model\Organization;
 use Buddy\Repman\Query\User\Model\Organization\Member;
 use Buddy\Repman\Query\User\OrganizationQuery;
+use Buddy\Repman\Security\Model\User;
 use Ramsey\Uuid\Uuid;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
@@ -54,15 +54,15 @@ public function acceptInvitation(string $token): Response
     {
         /** @var User $user */
         $user = $this->getUser();
-        $organization = $this->organizations->getByInvitation($token, $user->getEmail());
+        $organization = $this->organizations->getByInvitation($token, $user->email());
         if ($organization->isEmpty()) {
             $this->addFlash('danger', 'Invitation not found or belongs to different user');
             $this->tokenStorage->setToken();
 
             return $this->redirectToRoute('app_login');
         }
 
-        $this->dispatchMessage(new AcceptInvitation($token, $user->id()->toString()));
+        $this->dispatchMessage(new AcceptInvitation($token, $user->id()));
         $this->addFlash('success', sprintf('The invitation to %s organization has been accepted', $organization->get()->name()));
 
         return $this->redirectToRoute('organization_overview', ['organization' => $organization->get()->alias()]);

diff --git a/src/Controller/Organization/PackageController.php b/src/Controller/Organization/PackageController.php
@@ -5,7 +5,6 @@
 namespace Buddy\Repman\Controller\Organization;
 
 use Buddy\Repman\Entity\Organization\Package\Metadata;
-use Buddy\Repman\Entity\User;
 use Buddy\Repman\Entity\User\OAuthToken;
 use Buddy\Repman\Form\Type\Organization\AddPackageType;
 use Buddy\Repman\Message\Organization\AddPackage;
@@ -14,6 +13,8 @@
 use Buddy\Repman\Message\Organization\Package\AddGitLabHook;
 use Buddy\Repman\Message\Organization\SynchronizePackage;
 use Buddy\Repman\Query\User\Model\Organization;
+use Buddy\Repman\Query\User\UserQuery;
+use Buddy\Repman\Security\Model\User;
 use Buddy\Repman\Service\BitbucketApi;
 use Buddy\Repman\Service\GitHubApi;
 use Buddy\Repman\Service\GitLabApi;
@@ -33,11 +34,24 @@
 
 final class PackageController extends AbstractController
 {
+    private UserQuery $userQuery;
+    private GithubApi $githubApi;
+    private GitlabApi $gitlabApi;
+    private BitbucketApi $bitbucketApi;
+
+    public function __construct(UserQuery $userQuery, GitHubApi $githubApi, GitLabApi $gitlabApi, BitbucketApi $bitbucketApi)
+    {
+        $this->userQuery = $userQuery;
+        $this->githubApi = $githubApi;
+        $this->gitlabApi = $gitlabApi;
+        $this->bitbucketApi = $bitbucketApi;
+    }
+
     /**
      * @IsGranted("ROLE_ORGANIZATION_OWNER", subject="organization")
      * @Route("/organization/{organization}/package/new/{type?}", name="organization_package_new", methods={"GET","POST"}, requirements={"organization"="%organization_pattern%"})
      */
-    public function packageNew(Organization $organization, Request $request, GithubApi $githubApi, GitlabApi $gitlabApi, BitbucketApi $bitbucketApi, ?string $type): Response
+    public function packageNew(Organization $organization, Request $request, ?string $type): Response
     {
         $form = $this->createForm(AddPackageType::class);
         $form->get('formUrl')->setData($this->generateUrl(
@@ -64,13 +78,13 @@ public function packageNew(Organization $organization, Request $request, GithubA
                     $response = $this->packageNewFromUrl($type, $form, $organization, $request);
                     break;
                 case 'github':
-                    $response = $this->packageNewFromGitHub($form, $organization, $request, $githubApi);
+                    $response = $this->packageNewFromGitHub($form, $organization, $request);
                     break;
                 case 'gitlab':
-                    $response = $this->packageNewFromGitLab($form, $organization, $request, $gitlabApi);
+                    $response = $this->packageNewFromGitLab($form, $organization, $request);
                     break;
                 case 'bitbucket':
-                    $response = $this->packageNewFromBitbucket($form, $organization, $request, $bitbucketApi);
+                    $response = $this->packageNewFromBitbucket($form, $organization, $request);
                     break;
                 default:
                     throw new NotFoundHttpException();
@@ -156,14 +170,14 @@ private function packageNewFromUrl(string $label, FormInterface $form, Organizat
         return null;
     }
 
-    private function packageNewFromGitHub(FormInterface $form, Organization $organization, Request $request, GithubApi $api): ?Response
+    private function packageNewFromGitHub(FormInterface $form, Organization $organization, Request $request): ?Response
     {
-        $token = $this->getUser()->oauthToken(OAuthToken::TYPE_GITHUB);
-        if ($token === null) {
+        $token = $this->userQuery->findOAuthAccessToken($this->getUser()->id(), OAuthToken::TYPE_GITHUB);
+        if ($token->isEmpty()) {
             return $this->redirectToRoute('fetch_github_package_token', ['organization' => $organization->alias()]);
         }
 
-        $repos = $api->repositories($token->accessToken());
+        $repos = $this->githubApi->repositories($token->get());
         $choices = array_combine($repos, $repos);
         $form->add(...$this->repositoriesChoiceType(is_array($choices) ? $choices : []));
         $form->handleRequest($request);
@@ -187,14 +201,14 @@ private function packageNewFromGitHub(FormInterface $form, Organization $organiz
         return null;
     }
 
-    private function packageNewFromGitLab(FormInterface $form, Organization $organization, Request $request, GitlabApi $api): ?Response
+    private function packageNewFromGitLab(FormInterface $form, Organization $organization, Request $request): ?Response
     {
-        $token = $this->getUser()->oauthToken(OAuthToken::TYPE_GITLAB);
-        if ($token === null) {
+        $token = $this->userQuery->findOAuthAccessToken($this->getUser()->id(), OAuthToken::TYPE_GITLAB);
+        if ($token->isEmpty()) {
             return $this->redirectToRoute('fetch_gitlab_package_token', ['organization' => $organization->alias()]);
         }
 
-        $projects = $api->projects($token->accessToken());
+        $projects = $this->gitlabApi->projects($token->get());
         $form->add(...$this->repositoriesChoiceType(array_flip($projects->names())));
         $form->handleRequest($request);
 
@@ -217,14 +231,14 @@ private function packageNewFromGitLab(FormInterface $form, Organization $organiz
         return null;
     }
 
-    private function packageNewFromBitbucket(FormInterface $form, Organization $organization, Request $request, BitbucketApi $api): ?Response
+    private function packageNewFromBitbucket(FormInterface $form, Organization $organization, Request $request): ?Response
     {
-        $token = $this->getUser()->oauthToken(OAuthToken::TYPE_BITBUCKET);
-        if ($token === null) {
+        $token = $this->userQuery->findOAuthAccessToken($this->getUser()->id(), OAuthToken::TYPE_BITBUCKET);
+        if ($token->isEmpty()) {
             return $this->redirectToRoute('fetch_bitbucket_package_token', ['organization' => $organization->alias()]);
         }
 
-        $repos = $api->repositories($token->accessToken());
+        $repos = $this->bitbucketApi->repositories($token->get());
         $form->add(...$this->repositoriesChoiceType(array_flip($repos->names())));
         $form->handleRequest($request);
 

diff --git a/src/Controller/OrganizationController.php b/src/Controller/OrganizationController.php
@@ -4,7 +4,6 @@
 
 namespace Buddy\Repman\Controller;
 
-use Buddy\Repman\Entity\User;
 use Buddy\Repman\Form\Type\Organization\ChangeAliasType;
 use Buddy\Repman\Form\Type\Organization\ChangeNameType;
 use Buddy\Repman\Form\Type\Organization\CreateType;
@@ -30,6 +29,7 @@
 use Buddy\Repman\Query\User\Model\Package;
 use Buddy\Repman\Query\User\OrganizationQuery;
 use Buddy\Repman\Query\User\PackageQuery;
+use Buddy\Repman\Security\Model\User;
 use Buddy\Repman\Service\ExceptionHandler;
 use Buddy\Repman\Service\Organization\AliasGenerator;
 use Ramsey\Uuid\Uuid;
@@ -63,11 +63,9 @@ public function create(Request $request, AliasGenerator $aliasGenerator): Respon
         $form->handleRequest($request);
 
         if ($form->isSubmitted() && $form->isValid()) {
-            $user = $this->getUser();
-
             $this->dispatchMessage(new CreateOrganization(
                 $id = Uuid::uuid4()->toString(),
-                $user->id()->toString(),
+                $this->getUser()->id(),
                 $name = $form->get('name')->getData()
             ));
             $this->dispatchMessage(new GenerateToken($id, 'default'));
@@ -99,7 +97,7 @@ public function overview(Organization $organization): Response
     public function packages(Organization $organization, Request $request): Response
     {
         $count = $this->packageQuery->count($organization->id());
-        if ($count === 0 && $organization->isOwner($this->getUser()->id()->toString())) {
+        if ($count === 0 && $organization->isOwner($this->getUser()->id())) {
             return $this->redirectToRoute('organization_package_new', ['organization' => $organization->alias()]);
         }
 

diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
@@ -4,13 +4,13 @@
 
 namespace Buddy\Repman\Controller;
 
-use Buddy\Repman\Entity\User;
 use Buddy\Repman\Form\Type\User\ChangePasswordType;
 use Buddy\Repman\Message\User\ChangePassword;
 use Buddy\Repman\Message\User\RemoveOAuthToken;
 use Buddy\Repman\Message\User\RemoveUser;
 use Buddy\Repman\Message\User\SendConfirmToken;
 use Buddy\Repman\Query\User\UserQuery;
+use Buddy\Repman\Security\Model\User;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
@@ -31,15 +31,15 @@ public function __construct(UserQuery $userQuery)
     public function profile(Request $request): Response
     {
         $this->denyAccessUnlessGranted('IS_AUTHENTICATED_REMEMBERED');
-        $oauthTokens = $this->userQuery->findAllOAuthTokens($this->getUser()->id()->toString());
+        $oauthTokens = $this->userQuery->findAllOAuthTokens($this->getUser()->id());
         $form = $this->createForm(ChangePasswordType::class);
         $form->handleRequest($request);
 
         if ($form->isSubmitted() && $form->isValid()) {
             $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
 
             $this->dispatchMessage(new ChangePassword(
-                $this->getUser()->id()->toString(),
+                $this->getUser()->id(),
                 $form->get('plainPassword')->getData()
             ));
             $this->addFlash('success', 'Your password has been changed');
@@ -59,7 +59,7 @@ public function profile(Request $request): Response
     public function remove(): Response
     {
         $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
-        $this->dispatchMessage(new RemoveUser($this->getUser()->id()->toString()));
+        $this->dispatchMessage(new RemoveUser($this->getUser()->id()));
         $this->addFlash('success', 'User has been successfully removed');
 
         return $this->redirectToRoute('index');
@@ -72,7 +72,7 @@ public function resendVerificationEmail(): Response
     {
         $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
         $this->dispatchMessage(new SendConfirmToken(
-            $this->getUser()->getEmail(),
+            $this->getUser()->email(),
             $this->getUser()->emailConfirmToken()
         ));
         $this->addFlash('success', 'Email sent successfully');
@@ -86,7 +86,7 @@ public function resendVerificationEmail(): Response
     public function removeOAuthToken(string $type): Response
     {
         $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
-        $this->dispatchMessage(new RemoveOAuthToken($this->getUser()->id()->toString(), $type));
+        $this->dispatchMessage(new RemoveOAuthToken($this->getUser()->id(), $type));
         $this->addFlash('success', sprintf('%s has been successfully unlinked.', \ucfirst($type)));
 
         return $this->redirectToRoute('user_profile');