vendor/overblog/graphql-bundle/src/Resolver/AccessResolver.php line 147

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Overblog\GraphQLBundle\Resolver;
  7. use GraphQL\Executor\Promise\Adapter\SyncPromise;
  8. use GraphQL\Executor\Promise\Promise;
  9. use GraphQL\Executor\Promise\PromiseAdapter;
  10. use GraphQL\Type\Definition\ListOfType;
  11. use GraphQL\Type\Definition\ResolveInfo;
  12. use Overblog\GraphQLBundle\Error\UserError;
  13. use Overblog\GraphQLBundle\Error\UserWarning;
  14. use Overblog\GraphQLBundle\Relay\Connection\Output\Connection;
  15. use Overblog\GraphQLBundle\Relay\Connection\Output\Edge;
  16. use function array_map;
  17. use function call_user_func_array;
  18. use function is_iterable;
  20. class AccessResolver
  21. {
  22. private PromiseAdapter $promiseAdapter;
  24. public function __construct(PromiseAdapter $promiseAdapter)
  25. {
  26. $this->promiseAdapter = $promiseAdapter;
  27. }
  29. /**
  30. * @return Promise|mixed|Connection
  31. */
  32. public function resolve(callable $accessChecker, callable $resolveCallback, array $resolveArgs = [], bool $useStrictAccess = false)
  33. {
  34. if ($useStrictAccess || self::isMutationRootField($resolveArgs[3])) {
  35. return $this->checkAccessForStrictMode($accessChecker, $resolveCallback, $resolveArgs);
  36. }
  38. $resultOrPromise = call_user_func_array($resolveCallback, $resolveArgs);
  40. if ($this->isThenable($resultOrPromise)) {
  41. return $this->createPromise(
  42. $resultOrPromise,
  43. fn ($result) => $this->processFilter($result, $accessChecker, $resolveArgs)
  44. );
  45. }
  47. return $this->processFilter($resultOrPromise, $accessChecker, $resolveArgs);
  48. }
  50. private static function isMutationRootField(ResolveInfo $info): bool
  51. {
  52. return 'mutation' === $info->operation->operation && $info->parentType === $info->schema->getMutationType();
  53. }
  55. /**
  56. * @return Promise|mixed
  57. */
  58. private function checkAccessForStrictMode(callable $accessChecker, callable $resolveCallback, array $resolveArgs = [])
  59. {
  60. $promiseOrHasAccess = $this->hasAccess($accessChecker, $resolveArgs);
  61. $callback = function ($hasAccess) use ($resolveArgs, $resolveCallback) {
  62. if (true === $hasAccess) {
  63. return call_user_func_array($resolveCallback, $resolveArgs);
  64. }
  66. $exceptionClassName = self::isMutationRootField($resolveArgs[3]) ? UserError::class : UserWarning::class;
  67. throw new $exceptionClassName('Access denied to this field.');
  68. };
  70. if ($this->isThenable($promiseOrHasAccess)) {
  71. return $this->createPromise($promiseOrHasAccess, $callback);
  72. } else {
  73. return $callback($promiseOrHasAccess);
  74. }
  75. }
  77. /**
  78. * @param iterable|object|Connection $result
  79. *
  80. * @return Connection|iterable
  81. */
  82. private function processFilter($result, callable $accessChecker, array $resolveArgs)
  83. {
  84. /** @var ResolveInfo $resolveInfo */
  85. $resolveInfo = $resolveArgs[3];
  87. if (is_iterable($result) && $resolveInfo->returnType instanceof ListOfType) {
  88. foreach ($result as $i => $object) {
  89. $result[$i] = $this->hasAccess($accessChecker, $resolveArgs, $object) ? $object : null; // @phpstan-ignore-line
  90. }
  91. } elseif ($result instanceof Connection) {
  92. $result->setEdges(array_map(
  93. function (Edge $edge) use ($accessChecker, $resolveArgs) {
  94. $edge->setNode($this->hasAccess($accessChecker, $resolveArgs, $edge->getNode()) ? $edge->getNode() : null);
  96. return $edge;
  97. },
  98. $result->getEdges()
  99. ));
  100. } elseif (!$this->hasAccess($accessChecker, $resolveArgs, $result)) {
  101. throw new UserWarning('Access denied to this field.');
  102. }
  104. return $result; // @phpstan-ignore-line
  105. }
  107. /**
  108. * @param mixed $object
  109. *
  110. * @return mixed
  111. */
  112. private function hasAccess(callable $accessChecker, array $resolveArgs = [], $object = null)
  113. {
  114. $resolveArgs[] = $object;
  115. $accessOrPromise = $accessChecker(...$resolveArgs);
  117. return $accessOrPromise;
  118. }
  120. /**
  121. * @param mixed $object
  122. */
  123. private function isThenable($object): bool
  124. {
  125. $object = $this->extractAdoptedPromise($object);
  127. return $this->promiseAdapter->isThenable($object) || $object instanceof SyncPromise;
  128. }
  130. /**
  131. * @param mixed $object
  132. *
  133. * @return SyncPromise|mixed|\React\Promise\Promise
  134. */
  135. private function extractAdoptedPromise($object)
  136. {
  137. if ($object instanceof Promise) {
  138. $object = $object->adoptedPromise;
  139. }
  141. return $object;
  142. }
  144. /**
  145. * @param mixed $promise
  146. */
  147. private function createPromise($promise, callable $onFulfilled = null): Promise
  148. {
  149. return $this->promiseAdapter->then(
  150. new Promise($this->extractAdoptedPromise($promise), $this->promiseAdapter),
  151. $onFulfilled
  152. );
  153. }
  154. }