- WIP on attributes

composer.json

@@ -6,7 +6,7 @@
     "authors": [
         {
             "name": "Dave Mc Nicoll",
-            "email": "info@mcnd.ca"
+            "email": "mcndave@gmail.com"
         }
     ],
     "require": {

src/Attribute/Security.php

@@ -6,6 +6,5 @@ namespace Notes\Security\Attribute;
 class Security implements \Notes\Attribute {
     public function __construct(
         public null|bool $locked = null,
-        public null|string $realm = null,
     ) {}
 }

src/Attribute/Taxus.php

@@ -5,7 +5,7 @@ namespace Notes\Security\Attribute;
 #[\Attribute(\Attribute::IS_REPEATABLE | \Attribute::TARGET_METHOD | \Attribute::TARGET_CLASS)]
 class Taxus implements \Notes\Attribute {
     public function __construct(
-        public null|string|\BackedEnum $privilege = null,
+        public string $privilege = "",
         public null|string $module = null,
     ) {}
 }

src/SecurityHandler.php

@@ -6,13 +6,14 @@ use Taxus\Taxus;
 
 use Psr\Http\Message\ResponseInterface;
 
-use Notes\ObjectResolver;
+use Notes\ObjectReflection,
+    Notes\ObjectResolver;
 
 class SecurityHandler {
 
     protected ResponseInterface $redirectResponse;
 
-    protected ? \Closure $unauthorizeResponse;
+    protected \Closure $unauthorizeResponse;
 
     protected ? Taxus $taxus;
 
@@ -24,44 +25,35 @@ class SecurityHandler {
 
     public function verify(string $className, string $methodName) : ? ResponseInterface
     {
-        return $this->isLocked($className, $methodName) ? $this->redirectResponse : null;
+        # Should generate an equivalent of Ulmus's object reflection here !
-    }
+        if ( $security = $this->getClassAnnotations(Annotation\Security::class, $className, $methodName) ) {
-
+            return array_pop($security)->locked ? $this->redirectResponse : null;
-    public function isLocked(string $className, string $methodName) : bool
-    {
-        if ( $security = $this->getClassAttributes(Attribute\Security::class, $className, $methodName) ) {
-            return array_pop($security)->locked;
-        }
-
-        return true;
-    }
-
-    public function taxus(string $className, string $methodName, object $user = null) : ? ResponseInterface
-    {
-        if ($taxus = $this->getClassAttributes(Attribute\Taxus::class, $className, $methodName)) {
-            if ($this->unauthorizeResponse) {
-                foreach ($taxus as $item) {
-                    if (!isset($item->privilege) || $this->taxus->granted($item->privilege, $user, $item)) {
-                        return null;
-                    }
-                }
-
-                return call_user_func_array($this->unauthorizeResponse, [ $user, $taxus, $className, $methodName ]);
-            }
-            else {
-                throw new \ErrorException("Unauthorized response given.");
-            }
         }
 
         return null;
     }
 
-    protected function getClassAttributes(string $annotationClass, string $className, string $methodName)/* : \Notes\Attribute|array */
+    public function taxus(string $className, string $methodName, object $user = null) : ? ResponseInterface
+    {
+        if ($taxus = $this->getClassAnnotations(Annotation\Taxus::class, $className, $methodName)) {
+            foreach($taxus as $item) {
+                if ( !isset($item->privilege) || $this->taxus->granted($item->privilege, $user, $item) ) {
+                    return null;
+                }
+            }
+
+            return call_user_func_array($this->unauthorizeResponse, [ $user, $taxus, $className, $methodName ] );
+        }
+
+        return null;
+    }
+
+    protected function getClassAnnotations(string $annotationClass, string $className, string $methodName)/* : \Notes\Annotation|array */
     {
         $objectResolver = new ObjectResolver($className, true, true, false, true);
 
         try {
-            $method = $objectResolver->getAttributeListFromClassname( $annotationClass, false );
+            $method = $objectResolver->getAnnotationListFromClassname( $annotationClass, false );
         }
         catch(\Exception $e) { }