Add ORPHAN_VISITS_EXCLUDED API key role

2026-03-10 09:13:11 +08:00 · 2023-05-30 09:12:46 +02:00
parent 112b54ec7d
commit 8b03532ddb
11 changed files with 54 additions and 23 deletions
--- a/module/CLI/src/ApiKey/RoleResolver.php
+++ b/module/CLI/src/ApiKey/RoleResolver.php
@@ -22,6 +22,7 @@ class RoleResolver implements RoleResolverInterface
    {
        $domainAuthority = $input->getOption(Role::DOMAIN_SPECIFIC->paramName());
        $author = $input->getOption(Role::AUTHORED_SHORT_URLS->paramName());
+        $noOrphanVisits = $input->getOption(Role::NO_ORPHAN_VISITS->paramName());

        $roleDefinitions = [];
        if ($author) {
@@ -30,6 +31,9 @@ class RoleResolver implements RoleResolverInterface
        if (is_string($domainAuthority)) {
            $roleDefinitions[] = $this->resolveRoleForAuthority($domainAuthority);
        }
+        if ($noOrphanVisits) {
+            $roleDefinitions[] = RoleDefinition::forOrphanVisitsExcluded();
+        }

        return $roleDefinitions;
    }
--- a/module/CLI/src/Command/Api/GenerateKeyCommand.php
+++ b/module/CLI/src/Command/Api/GenerateKeyCommand.php
@@ -25,8 +25,8 @@ class GenerateKeyCommand extends Command
    public const NAME = 'api-key:generate';

    public function __construct(
-        private ApiKeyServiceInterface $apiKeyService,
-        private RoleResolverInterface $roleResolver,
+        private readonly ApiKeyServiceInterface $apiKeyService,
+        private readonly RoleResolverInterface $roleResolver,
    ) {
        parent::__construct();
    }
@@ -35,6 +35,8 @@ class GenerateKeyCommand extends Command
    {
        $authorOnly = Role::AUTHORED_SHORT_URLS->paramName();
        $domainOnly = Role::DOMAIN_SPECIFIC->paramName();
+        $noOrphanVisits = Role::NO_ORPHAN_VISITS->paramName();
+
        $help = <<<HELP
        The <info>%command.name%</info> generates a new valid API key.

@@ -52,7 +54,8 @@ class GenerateKeyCommand extends Command

            * Can interact with short URLs created with this API key: <info>%command.full_name% --{$authorOnly}</info>
            * Can interact with short URLs for one domain: <info>%command.full_name% --{$domainOnly}=example.com</info>
-            * Both: <info>%command.full_name% --{$authorOnly} --{$domainOnly}=example.com</info>
+            * Cannot see orphan visits: <info>%command.full_name% --{$noOrphanVisits}</info>
+            * All: <info>%command.full_name% --{$authorOnly} --{$domainOnly}=example.com --{$noOrphanVisits}</info>
        HELP;

        $this
@@ -85,6 +88,12 @@ class GenerateKeyCommand extends Command
                    Role::DOMAIN_SPECIFIC->value,
                ),
            )
+            ->addOption(
+                $noOrphanVisits,
+                'o',
+                InputOption::VALUE_NONE,
+                sprintf('Adds the "%s" role to the new API key.', Role::NO_ORPHAN_VISITS->value),
+            )
            ->setHelp($help);
    }

--- a/module/CLI/src/Command/Api/ListKeysCommand.php
+++ b/module/CLI/src/Command/Api/ListKeysCommand.php
@@ -27,7 +27,7 @@ class ListKeysCommand extends Command

    public const NAME = 'api-key:list';

-    public function __construct(private ApiKeyServiceInterface $apiKeyService)
+    public function __construct(private readonly ApiKeyServiceInterface $apiKeyService)
    {
        parent::__construct();
    }
@@ -60,10 +60,7 @@ class ListKeysCommand extends Command
            }
            $rowData[] = $expiration?->toAtomString() ?? '-';
            $rowData[] = ApiKey::isAdmin($apiKey) ? 'Admin' : implode("\n", $apiKey->mapRoles(
-                fn (Role $role, array $meta) =>
-                    empty($meta)
-                        ? $role->toFriendlyName()
-                        : sprintf('%s: %s', $role->toFriendlyName(), Role::domainAuthorityFromMeta($meta)),
+                fn (Role $role, array $meta) => $role->toFriendlyName($meta),
            ));

            return $rowData;