accounts/api/rbac/rules/OauthClientOwner.php

<?php
declare(strict_types=1);

namespace api\rbac\rules;

use api\rbac\Permissions as P;
use common\models\OauthClient;
use Webmozart\Assert\Assert;
use Yii;
use yii\rbac\Rule;

class OauthClientOwner extends Rule {

    public $name = 'oauth_client_owner';

    /**
     * Accepts 2 params:
     * - clientId - it's the client id, that user want access to.
     * - accountId - if it is passed to check the VIEW_OAUTH_CLIENTS permission, then it will
     *               check, that current user have access to the provided account.
     *
     * @param string|int     $accessToken
     * @param \yii\rbac\Item $item
     * @param array          $params
     *
     * @return bool a value indicating whether the rule permits the auth item it is associated with.
     */
    public function execute($accessToken, $item, $params): bool {
        $accountId = $params['accountId'] ?? null;
        if ($accountId !== null && $item->name === P::VIEW_OWN_OAUTH_CLIENTS) {
            return (new AccountOwner())->execute($accessToken, $item, ['accountId' => $accountId]);
        }

        Assert::keyExists($params, 'clientId');
        /** @var OauthClient|null $client */
        $client = OauthClient::findOne(['id' => $params['clientId']]);
        if ($client === null) {
            return true;
        }

        $identity = Yii::$app->user->getIdentity();
        if ($identity === null) {
            return false;
        }

        $account = $identity->getAccount();
        if ($account === null) {
            return false;
        }

        if ($account->id !== $client->account_id) {
            return false;
        }

        return true;
    }

}
Implementation of the backend for the OAuth2 clients management 2018-02-28 03:57:35 +05:30			`<?php`
			`declare(strict_types=1);`

Fixed almost everything, but all functional tests are broken at the last minute :( 2019-08-02 05:59:20 +05:30			`namespace api\rbac\rules;`
Implementation of the backend for the OAuth2 clients management 2018-02-28 03:57:35 +05:30
Fixed almost everything, but all functional tests are broken at the last minute :( 2019-08-02 05:59:20 +05:30			`use api\rbac\Permissions as P;`
Implementation of the backend for the OAuth2 clients management 2018-02-28 03:57:35 +05:30			`use common\models\OauthClient;`
Fixed almost everything, but all functional tests are broken at the last minute :( 2019-08-02 05:59:20 +05:30			`use Webmozart\Assert\Assert;`
Implementation of the backend for the OAuth2 clients management 2018-02-28 03:57:35 +05:30			`use Yii;`
			`use yii\rbac\Rule;`

			`class OauthClientOwner extends Rule {`

			`public $name = 'oauth_client_owner';`

			`/**`
			`* Accepts 2 params:`
			`* - clientId - it's the client id, that user want access to.`
			`* - accountId - if it is passed to check the VIEW_OAUTH_CLIENTS permission, then it will`
			`* check, that current user have access to the provided account.`
			`*`
			`* @param string\|int $accessToken`
			`* @param \yii\rbac\Item $item`
			`* @param array $params`
			`*`
			`* @return bool a value indicating whether the rule permits the auth item it is associated with.`
			`*/`
			`public function execute($accessToken, $item, $params): bool {`
			`$accountId = $params['accountId'] ?? null;`
			`if ($accountId !== null && $item->name === P::VIEW_OWN_OAUTH_CLIENTS) {`
			`return (new AccountOwner())->execute($accessToken, $item, ['accountId' => $accountId]);`
			`}`

Fixed almost everything, but all functional tests are broken at the last minute :( 2019-08-02 05:59:20 +05:30			`Assert::keyExists($params, 'clientId');`
Implementation of the backend for the OAuth2 clients management 2018-02-28 03:57:35 +05:30			`/** @var OauthClient\|null $client */`
Fixed almost everything, but all functional tests are broken at the last minute :( 2019-08-02 05:59:20 +05:30			`$client = OauthClient::findOne(['id' => $params['clientId']]);`
Implementation of the backend for the OAuth2 clients management 2018-02-28 03:57:35 +05:30			`if ($client === null) {`
Fix 403 error on not exists application. Remove countUsers from minecraft server application type. 2018-03-26 00:51:22 +05:30			`return true;`
Implementation of the backend for the OAuth2 clients management 2018-02-28 03:57:35 +05:30			`}`

Fixed almost everything, but all functional tests are broken at the last minute :( 2019-08-02 05:59:20 +05:30			`$identity = Yii::$app->user->getIdentity();`
Implementation of the backend for the OAuth2 clients management 2018-02-28 03:57:35 +05:30			`if ($identity === null) {`
			`return false;`
			`}`

			`$account = $identity->getAccount();`
			`if ($account === null) {`
			`return false;`
			`}`

			`if ($account->id !== $client->account_id) {`
			`return false;`
			`}`

			`return true;`
			`}`

			`}`