diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml new file mode 100644 index 0000000..03d62cb --- /dev/null +++ b/.github/workflows/static-analysis.yml @@ -0,0 +1,50 @@ +on: + - push + +name: Run PHPStan checks + +jobs: + mutation: + name: PHPStan ${{ matrix.php }}-${{ matrix.os }} + + runs-on: ${{ matrix.os }} + + strategy: + matrix: + os: + - ubuntu-latest + + php: + - "8.1" + - "8.2" + - "8.3" + - "8.4" + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install PHP + uses: shivammathur/setup-php@v2 + with: + php-version: "${{ matrix.php }}" + coverage: pcov + ini-values: assert.exception=1, zend.assertions=1, error_reporting=-1, log_errors_max_len=0, display_errors=On + tools: composer:v2, cs2pr + + - name: Determine composer cache directory + run: echo "COMPOSER_CACHE_DIR=$(composer config cache-dir)" >> $GITHUB_ENV + + - name: Cache dependencies installed with composer + uses: actions/cache@v4 + with: + path: ${{ env.COMPOSER_CACHE_DIR }} + key: php${{ matrix.php }}-composer-${{ hashFiles('**/composer.json') }} + restore-keys: | + php${{ matrix.php }}-composer- + + - name: Install dependencies with composer + run: composer install --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi + + - name: Run static analysis with PHPStan + run: vendor/bin/phpstan analyse diff --git a/README.md b/README.md index 622ea9a..e735f78 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,14 @@ The authorization is done on a role basis, not user basis as in ACL. Each role can have one or multiple permissions/privileges assigned. When deciding if a user is authorized, the requested permission is checked in all user roles and if at least one role has that permission, access is granted. +## Documentation + +Documentation is available at: https://docs.dotkernel.org/dot-rbac/. + +## Badges + ![OSS Lifecycle](https://img.shields.io/osslifecycle/dotkernel/dot-rbac) -![PHP from Packagist (specify version)](https://img.shields.io/packagist/php-v/dotkernel/dot-rbac/4.0.1) +![PHP from Packagist (specify version)](https://img.shields.io/packagist/php-v/dotkernel/dot-rbac/4.1.0) [![GitHub issues](https://img.shields.io/github/issues/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/issues) [![GitHub forks](https://img.shields.io/github/forks/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/network) @@ -18,6 +24,7 @@ When deciding if a user is authorized, the requested permission is checked in al [![Build Static](https://github.com/dotkernel/dot-rbac/actions/workflows/continuous-integration.yml/badge.svg?branch=4.0)](https://github.com/dotkernel/dot-rbac/actions/workflows/continuous-integration.yml) [![codecov](https://codecov.io/gh/dotkernel/dot-rbac/graph/badge.svg?token=GCK6C92N83)](https://codecov.io/gh/dotkernel/dot-rbac) +[![PHPStan](https://github.com/dotkernel/dot-rbac/actions/workflows/static-analysis.yml/badge.svg?branch=4.0)](https://github.com/dotkernel/dot-rbac/actions/workflows/static-analysis.yml) ## Installation diff --git a/composer.json b/composer.json index 70ff972..f135839 100644 --- a/composer.json +++ b/composer.json @@ -30,8 +30,9 @@ }, "require-dev": { "laminas/laminas-coding-standard": "^3.0", - "phpunit/phpunit": "^10.2", - "vimeo/psalm": "^6.0" + "phpstan/phpstan": "^2.1", + "phpstan/phpstan-phpunit": "^2.0", + "phpunit/phpunit": "^10.2" }, "autoload": { "psr-4": { @@ -52,7 +53,6 @@ "cs-check": "phpcs", "cs-fix": "phpcbf", "test": "phpunit --colors=always", - "test-coverage": "phpunit --colors=always --coverage-clover clover.xml", - "static-analysis": "psalm --shepherd --stats" + "static-analysis": "phpstan analyse --memory-limit 1G" } } diff --git a/docs/book/v3/overview.md b/docs/book/v3/overview.md new file mode 100644 index 0000000..8a39c7f --- /dev/null +++ b/docs/book/v3/overview.md @@ -0,0 +1,17 @@ +# dot-rbac + +The rbac authorization service decides if the authenticated identity or guest has access to certain parts of the application + +## Badges + +![OSS Lifecycle](https://img.shields.io/osslifecycle/dotkernel/dot-rbac) +![PHP from Packagist (specify version)](https://img.shields.io/packagist/php-v/dotkernel/dot-rbac/3.7.0) + +[![GitHub issues](https://img.shields.io/github/issues/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/issues) +[![GitHub forks](https://img.shields.io/github/forks/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/network) +[![GitHub stars](https://img.shields.io/github/stars/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/stargazers) +[![GitHub license](https://img.shields.io/github/license/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/blob/3.0/LICENSE.md) +[![Build Static](https://github.com/dotkernel/dot-rbac/actions/workflows/continuous-integration.yml/badge.svg?branch=3.0)](https://github.com/dotkernel/dot-rbac/actions/workflows/continuous-integration.yml) + +[![codecov](https://codecov.io/gh/dotkernel/dot-rbac/graph/badge.svg?token=GCK6C92N83)](https://codecov.io/gh/dotkernel/dot-rbac) +[![PHPStan](https://github.com/dotkernel/dot-rbac/actions/workflows/static-analysis.yml/badge.svg?branch=3.0)](https://github.com/dotkernel/dot-rbac/actions/workflows/static-analysis.yml) diff --git a/docs/book/v4/overview.md b/docs/book/v4/overview.md new file mode 100644 index 0000000..3a1385a --- /dev/null +++ b/docs/book/v4/overview.md @@ -0,0 +1,17 @@ +# dot-rbac + +The rbac authorization service decides if the authenticated identity or guest has access to certain parts of the application + +## Badges + +![OSS Lifecycle](https://img.shields.io/osslifecycle/dotkernel/dot-rbac) +![PHP from Packagist (specify version)](https://img.shields.io/packagist/php-v/dotkernel/dot-rbac/4.1.0) + +[![GitHub issues](https://img.shields.io/github/issues/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/issues) +[![GitHub forks](https://img.shields.io/github/forks/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/network) +[![GitHub stars](https://img.shields.io/github/stars/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/stargazers) +[![GitHub license](https://img.shields.io/github/license/dotkernel/dot-rbac)](https://github.com/dotkernel/dot-rbac/blob/4.0/LICENSE.md) + +[![Build Static](https://github.com/dotkernel/dot-rbac/actions/workflows/continuous-integration.yml/badge.svg?branch=4.0)](https://github.com/dotkernel/dot-rbac/actions/workflows/continuous-integration.yml) +[![codecov](https://codecov.io/gh/dotkernel/dot-rbac/graph/badge.svg?token=GCK6C92N83)](https://codecov.io/gh/dotkernel/dot-rbac) +[![PHPStan](https://github.com/dotkernel/dot-rbac/actions/workflows/static-analysis.yml/badge.svg?branch=4.0)](https://github.com/dotkernel/dot-rbac/actions/workflows/static-analysis.yml) diff --git a/mkdocs.yml b/mkdocs.yml index 77c1b3e..8cbe81c 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -9,11 +9,13 @@ extra: nav: - Home: index.md - v4: + - Overview: v4/overview.md - Installation: v4/installation.md - Configuration: v4/configuration.md - Usage: v4/usage.md - Customization: v4/customization.md - v3: + - Overview: v3/overview.md - Installation: v3/installation.md - Configuration: v3/configuration.md - Usage: v3/usage.md diff --git a/phpstan.neon b/phpstan.neon new file mode 100644 index 0000000..349be25 --- /dev/null +++ b/phpstan.neon @@ -0,0 +1,8 @@ +includes: + - vendor/phpstan/phpstan-phpunit/extension.neon +parameters: + level: 5 + paths: + - src + - test + treatPhpDocTypesAsCertain: false diff --git a/psalm.xml b/psalm.xml deleted file mode 100644 index 7272b57..0000000 --- a/psalm.xml +++ /dev/null @@ -1,17 +0,0 @@ - - - - - - - - - diff --git a/test/Assertion/FactoryTest.php b/test/Assertion/FactoryTest.php index 08c67ef..dd9b369 100644 --- a/test/Assertion/FactoryTest.php +++ b/test/Assertion/FactoryTest.php @@ -51,7 +51,7 @@ public function assert(AuthorizationInterface $authorization, mixed $context = n $subject = new Factory($container, $assertionPluginManager); $result = $subject->create(['type' => 'testType']); - $this->assertInstanceOf(AssertionInterface::class, $result); + $this->assertContainsOnlyInstancesOf(AssertionInterface::class, [$result]); } /** @@ -65,6 +65,6 @@ public function testGetAssertionPluginManager(): void $subject = new Factory($container, $assertionPluginManager); $result = $subject->getAssertionPluginManager(); - $this->assertInstanceOf(AssertionPluginManager::class, $result); + $this->assertContainsOnlyInstancesOf(AssertionPluginManager::class, [$result]); } } diff --git a/test/Factory/AssertionPluginManagerFactoryTest.php b/test/Factory/AssertionPluginManagerFactoryTest.php index c25ae68..8854a9f 100644 --- a/test/Factory/AssertionPluginManagerFactoryTest.php +++ b/test/Factory/AssertionPluginManagerFactoryTest.php @@ -34,6 +34,6 @@ public function testCanCreateManager(): void ->willReturn($config); $result = (new AssertionPluginManagerFactory())($container); - $this->assertInstanceOf(AssertionPluginManager::class, $result); + $this->assertSame(AssertionPluginManager::class, $result::class); } } diff --git a/test/Factory/AuthenticationIdentityProviderFactoryTest.php b/test/Factory/AuthenticationIdentityProviderFactoryTest.php index 2e07256..8fd8d71 100644 --- a/test/Factory/AuthenticationIdentityProviderFactoryTest.php +++ b/test/Factory/AuthenticationIdentityProviderFactoryTest.php @@ -39,6 +39,6 @@ public function testWillCreateService(): void ]); $result = (new AuthenticationIdentityProviderFactory())($this->container); - $this->assertInstanceOf(AuthenticationIdentityProvider::class, $result); + $this->assertSame(AuthenticationIdentityProvider::class, $result::class); } } diff --git a/test/Factory/AuthorizationOptionFactoryTest.php b/test/Factory/AuthorizationOptionFactoryTest.php index 8434697..05a90c3 100644 --- a/test/Factory/AuthorizationOptionFactoryTest.php +++ b/test/Factory/AuthorizationOptionFactoryTest.php @@ -28,6 +28,6 @@ public function testCanCreateInterface(): void ->willReturn(['dot_authorization' => null]); $interface = (new AuthorizationOptionsFactory())($container); - $this->assertInstanceOf(AuthorizationOptions::class, $interface); + $this->assertSame(AuthorizationOptions::class, $interface::class); } } diff --git a/test/Factory/AuthorizationServiceFactoryTest.php b/test/Factory/AuthorizationServiceFactoryTest.php index 30ca242..3572089 100644 --- a/test/Factory/AuthorizationServiceFactoryTest.php +++ b/test/Factory/AuthorizationServiceFactoryTest.php @@ -47,6 +47,6 @@ public function testWillCreateService(): void ); $service = (new AuthorizationServiceFactory())($container); - $this->assertInstanceOf(AuthorizationService::class, $service); + $this->assertSame(AuthorizationService::class, $service::class); } } diff --git a/test/Factory/RoleProviderPluginManagerFactoryTest.php b/test/Factory/RoleProviderPluginManagerFactoryTest.php index a3bc459..74a39e9 100644 --- a/test/Factory/RoleProviderPluginManagerFactoryTest.php +++ b/test/Factory/RoleProviderPluginManagerFactoryTest.php @@ -35,6 +35,6 @@ public function testCanCreate(): void ->willReturn($config); $service = (new RoleProviderPluginManagerFactory())($container); - $this->assertInstanceOf(RoleProviderPluginManager::class, $service); + $this->assertSame(RoleProviderPluginManager::class, $service::class); } } diff --git a/test/Factory/RoleServiceFactoryTest.php b/test/Factory/RoleServiceFactoryTest.php index 7c85c2e..14399b4 100644 --- a/test/Factory/RoleServiceFactoryTest.php +++ b/test/Factory/RoleServiceFactoryTest.php @@ -44,7 +44,7 @@ public function testWillCreateService(): void $service = (new RoleServiceFactory())($container); - $this->assertInstanceOf(RoleService::class, $service); + $this->assertSame(RoleService::class, $service::class); } /**