From 58a1b2d3166f17cf7cf479b722188cfffe98cba7 Mon Sep 17 00:00:00 2001
From: Craig Williams <craig@avsdev.uk>
Date: Wed, 7 Jun 2023 11:12:32 +0100
Subject: [PATCH] No longer need to override authorization manager

---
 src/Authorize/AuthorizationManager.php    | 94 -----------------------
 src/ServicesProvider/ServicesProvider.php | 12 +--
 2 files changed, 4 insertions(+), 102 deletions(-)
 delete mode 100644 src/Authorize/AuthorizationManager.php

diff --git a/src/Authorize/AuthorizationManager.php b/src/Authorize/AuthorizationManager.php
deleted file mode 100644
index 5f8ca44..0000000
--- a/src/Authorize/AuthorizationManager.php
+++ /dev/null
@@ -1,94 +0,0 @@
-<?php
-
-/*
- * AVSDev UF Organisations (https://avsdev.uk)
- *
- * @link      https://git.avsdev.uk/avsdev/sprinkle-organisations
- * @license   https://git.avsdev.uk/avsdev/sprinkle-organisations/blob/master/LICENSE.md (LGPL-3.0 License)
- */
-
-namespace UserFrosting\Sprinkle\Organisations\Authorize;
-
-use Illuminate\Support\Arr;
-use Psr\Container\ContainerInterface;
-use UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface;
-use UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager as UFAuthorizationManager;
-
-/**
- * AuthorizationManager class.
- *
- * Extends the authorization manager and allows for running an authorization callback without fetching it from the internal list.
- *
- * @author Craig Williams (https://avsdev.uk)
- */
-class AuthorizationManager extends UFAuthorizationManager
-{
-    /**
-     * Run a registered callback directly.
-     *
-     * @param string   $name
-     * @param object   $user
-     * @param ...      $args
-     */
-    public function runCallback($user, $name, ...$args)
-    {
-        $debug = $this->ci->config['debug.auth'];
-        $logger = $this->ci->authLogger;
-
-        if (is_null($user) || !($user instanceof UserInterface)) {
-            if ($debug) {
-                $this->ci->authLogger->debug('No user defined. Access denied.');
-            }
-
-            return false;
-        }
-
-        // The master (root) account has access to everything.
-        // Need to use loose comparison for now, because some DBs return `id` as a string.
-        if ($user->id == $this->ci->config['reserved_user_ids.master']) {
-            if ($debug) {
-                $this->ci->authLogger->debug('User is the master (root) user. Access granted.');
-            }
-
-            return true;
-        }
-
-        if ($debug) {
-            $trace = array_slice(debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 3), 1);
-            $this->ci->authLogger->debug('Authorization check requested at: ', $trace);
-            $this->ci->authLogger->debug("Checking authorization for user {$user->id} ('{$user->user_name}') against check '$name'...");
-        }
-
-        if (!array_key_exists($name, $this->callbacks) || !isset($this->callbacks[$name])) {
-            if ($debug) {
-                $this->ci->authLogger->debug('No matching callback found. Access denied.');
-            }
-
-            return false;
-        }
-
-        try {
-            if ($debug) {
-                $this->ci->authLogger->debug("Calling check '{$name}' with arguments:", $args);
-            }
-
-            $result = call_user_func_array($this->callbacks[$name], $args);
-
-            if ($result === true) {
-                if ($debug) {
-                    $this->ci->authLogger->debug("User passed check '{$name}'. Access granted.");
-                }
-
-                return true;
-            }
-
-            return $result;
-        } catch (Exception $e) {
-            if ($this->debug) {
-                $this->logger->debug("Error running check '$name':" . $e->getMessage() . ". Access denied.");
-            }
-
-            return false;
-        }
-    }
-}
diff --git a/src/ServicesProvider/ServicesProvider.php b/src/ServicesProvider/ServicesProvider.php
index a776423..6c327cd 100644
--- a/src/ServicesProvider/ServicesProvider.php
+++ b/src/ServicesProvider/ServicesProvider.php
@@ -19,7 +19,6 @@ use UserFrosting\Sprinkle\Organisations\Database\Models\User;
 use UserFrosting\Sprinkle\Organisations\Twig\OrganisationsExtension;
 use UserFrosting\Sprinkle\Organisations\Repository\OrganisationApprovalRepository;
 use UserFrosting\Sprinkle\Organisations\Repository\OrganisationMembershipApprovalRepository;
-use UserFrosting\Sprinkle\Organisations\Authorize\AuthorizationManager;
 
 
 /**
@@ -61,9 +60,6 @@ class ServicesProvider
          * @return \UserFrosting\Sprinkle\Core\Util\ClassMapper
          */
         $container->extend('authorizer', function ($authorizer, $c) {
-
-            $new_authorizer = new AuthorizationManager($c, $authorizer->getCallbacks());
-
             /*
              * Check if all $user is a member of $organisation.
              *
@@ -71,7 +67,7 @@ class ServicesProvider
              * @param  int  $organisation_id the id of the target organisation.
              * @return bool true if $user is a member of $organisation.
              */
-            $new_authorizer->addCallback('is_organisation_member', function ($user_id, $organisation_id, $explicit = false) {
+            $authorizer->addCallback('is_organisation_member', function ($user_id, $organisation_id, $explicit = false) {
                 $query = Capsule::table('organisation_members')
                     ->where('user_id', $user_id)
                     ->where('organisation_id', $organisation_id)
@@ -91,7 +87,7 @@ class ServicesProvider
              * @param  int  $organisation_id the id of the target organisation.
              * @return bool true if $user is an administrator of $organisation.
              */
-            $new_authorizer->addCallback('is_organisation_admin', function ($user_id, $organisation_id) {
+            $authorizer->addCallback('is_organisation_admin', function ($user_id, $organisation_id) {
                 return Capsule::table('organisation_members')
                     ->where('user_id', $user_id)
                     ->where('organisation_id', $organisation_id)
@@ -107,7 +103,7 @@ class ServicesProvider
              * @param  bool  $check_is_admin  also check if A can administrate B.
              * @return bool true if $user_A_id in an organisation with $user_B_id in.
              */
-            $new_authorizer->addCallback('has_matching_organisation', function ($user_A_id, $user_B_id, $check_is_admin = false) {
+            $authorizer->addCallback('has_matching_organisation', function ($user_A_id, $user_B_id, $check_is_admin = false) {
                 $user_A = User::findInt($user_A_id);
                 $user_B = User::findInt($user_B_id);
 
@@ -128,7 +124,7 @@ class ServicesProvider
                 return false;
             });
 
-            return $new_authorizer;
+            return $authorizer;
         });
 
         /*