Merge pull request #22 from rupadana/dev

feat: Allow non-admin users to generate API key to access their records
rupadana · Mar 2, 2024 · f168087 · f168087
2 parents 36780da + 2b9170c
commit f168087
Show file tree

Hide file tree

Showing 30 changed files with 144 additions and 76 deletions.
diff --git a/.phpunit.cache/test-results b/.phpunit.cache/test-results
diff --git a/composer.json b/composer.json
@@ -32,6 +32,7 @@
     "spatie/laravel-query-builder": "^5.3"
   },
   "require-dev": {
+    "laravel/pint": "^1.0",
     "nunomaduro/collision": "^7.9",
     "orchestra/testbench": "^8.0",
     "pestphp/pest": "^2.0",

diff --git a/pint.json b/pint.json
@@ -0,0 +1,84 @@
+{
+    "preset": "laravel",
+    "rules": {
+        "no_unused_imports": true,
+        "ordered_imports": true,
+        "phpdoc_align": true,
+        "phpdoc_order": true,
+        "single_line_comment_style": true,
+        "single_quote": true,
+        "combine_consecutive_issets": true,
+        "array_syntax": true,
+        "blank_line_after_namespace": true,
+        "blank_line_after_opening_tag": true,
+        "attribute_empty_parentheses": true,
+        "blank_line_before_statement": true,
+        "braces_position": true,
+        "blank_lines_before_namespace": {
+            "min_line_breaks": 1
+        },
+        "cast_spaces": {
+            "space": "single"
+        },
+        "class_attributes_separation": {
+            "elements": {
+                "const": "only_if_meta",
+                "property": "only_if_meta"
+            }
+        },
+        "class_definition": {
+            "single_line": true
+        },
+        "class_reference_name_casing": true,
+        "clean_namespace": true,
+        "concat_space": {
+            "spacing": "one"
+        },
+        "constant_case": true,
+        "control_structure_braces": true,
+        "control_structure_continuation_position": true,
+        "elseif": true,
+        "empty_loop_body": true,
+        "empty_loop_condition": true,
+        "encoding": true,
+        "explicit_indirect_variable": true,
+        "full_opening_tag": true,
+        "function_declaration": true,
+        "general_phpdoc_annotation_remove": {
+            "annotations": [
+                "author",
+                "package",
+                "subpackage"
+            ],
+            "case_sensitive": false
+        },
+        "global_namespace_import": true,
+        "heredoc_indentation": true,
+        "increment_style": {
+            "style": "post"
+        },
+        "indentation_type": true,
+        "lambda_not_used_import": true,
+        "linebreak_after_opening_tag": true,
+        "lowercase_cast": true,
+        "lowercase_keywords": true,
+        "lowercase_static_reference": true,
+        "magic_constant_casing": true,
+        "magic_method_casing": true,
+        "method_chaining_indentation": true,
+        "multiline_comment_opening_closing": true,
+        "multiline_whitespace_before_semicolons": true,
+        "native_type_declaration_casing": true,
+        "no_blank_lines_after_class_opening": true,
+        "no_blank_lines_after_phpdoc": true,
+        "no_break_comment": true,
+        "no_empty_comment": true,
+        "no_empty_statement": true,
+        "no_multiline_whitespace_around_double_arrow": true,
+        "no_multiple_statements_per_line": true,
+        "no_short_bool_cast": true,
+        "no_singleline_whitespace_before_semicolons": true,
+        "no_space_around_double_colon": true,
+        "no_trailing_whitespace": true
+    }
+}
diff --git a/resources/lang/en/api-service.php b/resources/lang/en/api-service.php
@@ -2,5 +2,5 @@
 
 // translations for Rupadana/ApiService
 return [
-    //
+
 ];
diff --git a/routes/api.php b/routes/api.php
@@ -12,7 +12,7 @@
             try {
 
                 Route::prefix($panel->getId())
-                    ->name($panel->getId().'.')
+                    ->name($panel->getId() . '.')
                     ->group(function () use ($panel) {
                         $apiServicePlugin = $panel->getPlugin('api-service');
                         $apiServicePlugin->route($panel);

diff --git a/src/ApiService.php b/src/ApiService.php
@@ -11,7 +11,6 @@ class ApiService
      * Filament Resource
      */
     protected static ?string $resource = null;
-
     protected static ?string $groupRouteName = null;
 
     /**

diff --git a/src/ApiServicePlugin.php b/src/ApiServicePlugin.php
@@ -38,7 +38,7 @@ public static function getAbilities(Panel $panel): array
 
                 $resourceName = str($resource)->beforeLast('Resource')->explode('\\')->last();
 
-                $apiServiceClass = $resource.'\\Api\\'.$resourceName.'ApiService';
+                $apiServiceClass = $resource . '\\Api\\' . $resourceName . 'ApiService';
 
                 $handlers = app($apiServiceClass)->handlers();
 
@@ -63,7 +63,7 @@ public function route(Panel $panel): void
             try {
                 $resourceName = str($resource)->beforeLast('Resource')->explode('\\')->last();
 
-                $apiServiceClass = $resource.'\\Api\\'.$resourceName.'ApiService';
+                $apiServiceClass = $resource . '\\Api\\' . $resourceName . 'ApiService';
 
                 app($apiServiceClass)->registerRoutes();
             } catch (Exception $e) {

diff --git a/src/ApiServiceServiceProvider.php b/src/ApiServiceServiceProvider.php
@@ -17,7 +17,6 @@
 class ApiServiceServiceProvider extends PackageServiceProvider
 {
     public static string $name = 'api-service';
-
     public static string $viewNamespace = 'api-service';
 
     public function configurePackage(Package $package): void
@@ -91,7 +90,7 @@ protected function getAssetPackageName(): ?string
     protected function getAssets(): array
     {
         return [
-            //
+
         ];
     }
 

diff --git a/src/Commands/MakeApiHandlerCommand.php b/src/Commands/MakeApiHandlerCommand.php
@@ -14,9 +14,7 @@
 class MakeApiHandlerCommand extends Command
 {
     use CanManipulateFiles;
-
     protected $description = 'Create a new API Handler for supporting filamentphp Resource';
-
     protected $signature = 'make:filament-api-handler {resource?} {handler?} {--panel=}';
 
     public function handle(): int

diff --git a/src/Commands/MakeApiServiceCommand.php b/src/Commands/MakeApiServiceCommand.php
@@ -14,9 +14,7 @@
 class MakeApiServiceCommand extends Command
 {
     use CanManipulateFiles;
-
     protected $description = 'Create a new API Service for supporting filamentphp Resource';
-
     protected $signature = 'make:filament-api-service {resource?} {--panel=}';
 
     public function handle(): int

diff --git a/src/Commands/MakeApiTransformerCommand.php b/src/Commands/MakeApiTransformerCommand.php
@@ -14,9 +14,7 @@
 class MakeApiTransformerCommand extends Command
 {
     use CanManipulateFiles;
-
     protected $description = 'Create a Transformer for your API response';
-
     protected $signature = 'make:filament-api-transformer {resource?} {--panel=}';
 
     public function handle(): int

diff --git a/src/Http/Handlers.php b/src/Http/Handlers.php
@@ -9,25 +9,15 @@
 class Handlers
 {
     use HttpResponse;
-
     public static ?string $uri = '/';
-
     public static string $method = 'get';
-
     public static ?string $resource = null;
-
     protected static string $keyName = 'id';
-
     protected static bool $public = false;
-
     const POST = 'post';
-
     const GET = 'get';
-
     const DELETE = 'delete';
-
     const PATCH = 'patch';
-
     const PUT = 'put';
 
     public static function getMethod()
@@ -40,7 +30,7 @@ public static function route(Router $router)
         $method = static::getMethod();
 
         $router
-            ->$method(static::$uri, [static::class, 'handler'])
+            ->{$method}(static::$uri, [static::class, 'handler'])
             ->name(static::getKebabClassName())
             ->middleware(static::getRouteMiddleware());
     }
@@ -58,7 +48,7 @@ public static function getRouteMiddleware(): array
 
         return [
             'auth:sanctum',
-            static::getMiddlewareAliasName().':'.static::stringifyAbility(),
+            static::getMiddlewareAliasName() . ':' . static::stringifyAbility(),
         ];
     }
 
@@ -80,7 +70,7 @@ public static function stringifyAbility()
     public static function getAbility(): array
     {
         return [
-            str(str(static::getModel())->explode('\\')->last())->kebab().':'.static::getKebabClassName(),
+            str(str(static::getModel())->explode('\\')->last())->kebab() . ':' . static::getKebabClassName(),
         ];
     }
 

diff --git a/src/Models/Token.php b/src/Models/Token.php
@@ -8,6 +8,5 @@
 class Token extends PersonalAccessToken
 {
     use HasFactory;
-
     protected $table = 'personal_access_tokens';
 }
diff --git a/src/Policies/TokenPolicy.php b/src/Policies/TokenPolicy.php
@@ -36,7 +36,7 @@ public function view(User $user, Token $token): bool
             return true;
         }
 
-        return $user->can('view_token');
+        return $user->can('view_token') && $token->tokenable_id === $user->id;
     }
 
     /**
@@ -60,7 +60,7 @@ public function update(User $user, Token $token): bool
             return true;
         }
 
-        return $user->can('update_token');
+        return $user->can('update_token') && $token->tokenable_id === $user->id;
     }
 
     /**
@@ -73,7 +73,7 @@ public function delete(User $user, Token $token): bool
             return true;
         }
 
-        return $user->can('delete_token');
+        return $user->can('delete_token') && $token->tokenable_id === $user->id;
     }
 
     /**
@@ -97,7 +97,7 @@ public function forceDelete(User $user, Token $token): bool
             return true;
         }
 
-        return $user->can('force_delete_token');
+        return $user->can('force_delete_token') && $token->tokenable_id === $user->id;
     }
 
     /**
@@ -121,7 +121,7 @@ public function restore(User $user, Token $token): bool
             return true;
         }
 
-        return $user->can('restore_token');
+        return $user->can('restore_token') && $token->tokenable_id === $user->id;
     }
 
     /**
@@ -145,7 +145,7 @@ public function replicate(User $user, Token $token): bool
             return true;
         }
 
-        return $user->can('replicate_token');
+        return $user->can('replicate_token') && $token->tokenable_id === $user->id;
     }
 
     /**

diff --git a/src/Resources/TokenResource.php b/src/Resources/TokenResource.php
@@ -15,14 +15,14 @@
 use Filament\Tables\Actions\DeleteAction;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
 use Rupadana\ApiService\ApiServicePlugin;
 use Rupadana\ApiService\Models\Token;
 use Rupadana\ApiService\Resources\TokenResource\Pages;
 
 class TokenResource extends Resource
 {
     protected static ?string $model = Token::class;
-
     protected static ?string $navigationIcon = 'heroicon-o-key';
 
     public static function form(Form $form): Form
@@ -36,6 +36,11 @@ public static function form(Form $form): Form
                         Select::make('tokenable_id')
                             ->options(User::all()->pluck('name', 'id'))
                             ->label('User')
+                            ->hidden(function () {
+                                $user = auth()->user();
+
+                                return ! $user->hasRole('super_admin');
+                            })
                             ->required(),
                     ]),
 
@@ -87,7 +92,7 @@ public static function table(Table $table): Table
                     ->toggleable(isToggledHiddenByDefault: true),
             ])
             ->filters([
-                //
+
             ])
             ->actions([
                 DeleteAction::make(),
@@ -96,13 +101,22 @@ public static function table(Table $table): Table
                 Tables\Actions\BulkActionGroup::make([
                     Tables\Actions\DeleteBulkAction::make(),
                 ]),
-            ]);
+            ])
+            ->modifyQueryUsing(function (Builder $query) {
+                $authenticatedUser = auth()->user();
+
+                if (method_exists($authenticatedUser, 'hasRole') && $authenticatedUser->hasRole('super_admin')) {
+                    return $query;
+                }
+
+                return $query->where('tokenable_id', $authenticatedUser->id);
+            });
     }
 
     public static function getRelations(): array
     {
         return [
-            //
+
         ];
     }
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,5 +2,5 @@ @@
     // translations for Rupadana/ApiService
     return [
-        //
     ];