add support for isGranted in Twig and php on security.yaml, Voter::voteOnAttribute and Voter::supports #431

Author: Haehnchen

META-INF/plugin.xml

@@ -582,6 +582,7 @@
         <GotoCompletionRegistrar implementation="fr.adrienbrault.idea.symfony2plugin.dic.registrar.DicGotoCompletionRegistrar"/>
         <GotoCompletionRegistrar implementation="fr.adrienbrault.idea.symfony2plugin.completion.yaml.YamlGotoCompletionRegistrar"/>
         <GotoCompletionRegistrar implementation="fr.adrienbrault.idea.symfony2plugin.translation.ValidatorTranslationGotoCompletionRegistrar"/>
+        <GotoCompletionRegistrar implementation="fr.adrienbrault.idea.symfony2plugin.security.VoterGotoCompletionRegistrar"/>
 
         <TwigNamespaceExtension implementation="fr.adrienbrault.idea.symfony2plugin.templating.path.JsonFileIndexTwigNamespaces"/>
         <TwigNamespaceExtension implementation="fr.adrienbrault.idea.symfony2plugin.templating.path.ConfigAddPathTwigNamespaces"/>

src/fr/adrienbrault/idea/symfony2plugin/codeInsight/utils/GotoCompletionUtil.java

@@ -5,6 +5,7 @@
 import com.intellij.psi.xml.XmlAttributeValue;
 import com.intellij.psi.xml.XmlText;
 import com.jetbrains.php.lang.psi.elements.StringLiteralExpression;
+import com.jetbrains.twig.TwigTokenTypes;
 import fr.adrienbrault.idea.symfony2plugin.codeInsight.GotoCompletionContributor;
 import fr.adrienbrault.idea.symfony2plugin.codeInsight.GotoCompletionRegistrar;
 import fr.adrienbrault.idea.symfony2plugin.codeInsight.GotoCompletionRegistrarParameter;
@@ -56,6 +57,9 @@ public static String getTextValueForElement(@NotNull PsiElement psiElement) {
         } else if(parent instanceof YAMLScalar) {
             // foo: foo, foo: 'foo', foo: "foo"
             value = ((YAMLScalar) parent).getTextValue();
+        } else if(psiElement.getNode().getElementType() == TwigTokenTypes.STRING_TEXT) {
+            // twig: 'foobar'
+            value = psiElement.getText();
         }
 
         if(StringUtils.isBlank(value)) {

src/fr/adrienbrault/idea/symfony2plugin/security/VoterGotoCompletionRegistrar.java

@@ -0,0 +1,97 @@
+package fr.adrienbrault.idea.symfony2plugin.security;
+
+import com.intellij.codeInsight.lookup.LookupElement;
+import com.intellij.codeInsight.lookup.LookupElementBuilder;
+import com.intellij.patterns.PlatformPatterns;
+import com.intellij.psi.PsiElement;
+import com.jetbrains.php.lang.PhpLanguage;
+import com.jetbrains.php.lang.psi.elements.StringLiteralExpression;
+import fr.adrienbrault.idea.symfony2plugin.Symfony2Icons;
+import fr.adrienbrault.idea.symfony2plugin.TwigHelper;
+import fr.adrienbrault.idea.symfony2plugin.codeInsight.GotoCompletionProvider;
+import fr.adrienbrault.idea.symfony2plugin.codeInsight.GotoCompletionRegistrar;
+import fr.adrienbrault.idea.symfony2plugin.codeInsight.GotoCompletionRegistrarParameter;
+import fr.adrienbrault.idea.symfony2plugin.codeInsight.utils.GotoCompletionUtil;
+import fr.adrienbrault.idea.symfony2plugin.security.utils.VoterUtil;
+import fr.adrienbrault.idea.symfony2plugin.util.MethodMatcher;
+import org.apache.commons.lang.StringUtils;
+import org.jetbrains.annotations.NotNull;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+
+/**
+ * @author Daniel Espendiller <daniel@espendiller.net>
+ */
+public class VoterGotoCompletionRegistrar implements GotoCompletionRegistrar {
+    @Override
+    public void register(GotoCompletionRegistrarParameter registrar) {
+        // {% is_granted('foobar') %}
+        registrar.register(
+            TwigHelper.getPrintBlockOrTagFunctionPattern("is_granted"), MyVisitorGotoCompletionProvider::new
+        );
+
+        // Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface::isGranted %}
+        registrar.register(PlatformPatterns.psiElement().withParent(StringLiteralExpression.class).withLanguage(PhpLanguage.INSTANCE), psiElement -> {
+            PsiElement context = psiElement.getContext();
+            if (!(context instanceof StringLiteralExpression)) {
+                return null;
+            }
+
+            MethodMatcher.MethodMatchParameter methodMatchParameter = new MethodMatcher.StringParameterRecursiveMatcher(context, 0)
+                .withSignature("Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller", "isGranted")
+                .withSignature("Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller", "denyAccessUnlessGranted")
+                .withSignature("Symfony\\Component\\Security\\Core\\Authorization\\AuthorizationCheckerInterface", "isGranted")
+                .match();
+
+            if(methodMatchParameter != null) {
+                return new MyVisitorGotoCompletionProvider(psiElement);
+            }
+
+            // ['foobar']
+            MethodMatcher.MethodMatchParameter arrayMatchParameter = new MethodMatcher.ArrayParameterMatcher(context, 0)
+                .withSignature("Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller", "isGranted")
+                .withSignature("Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller", "denyAccessUnlessGranted")
+                .withSignature("Symfony\\Component\\Security\\Core\\Authorization\\AuthorizationCheckerInterface", "isGranted")
+                .match();
+
+            if(arrayMatchParameter != null) {
+                return new MyVisitorGotoCompletionProvider(psiElement);
+            }
+
+            return null;
+        });
+    }
+
+    private static class MyVisitorGotoCompletionProvider extends GotoCompletionProvider {
+        MyVisitorGotoCompletionProvider(PsiElement psiElement) {
+            super(psiElement);
+        }
+
+        @NotNull
+        @Override
+        public Collection<LookupElement> getLookupElements() {
+            Collection<LookupElement> lookupElements = new ArrayList<>();
+
+            VoterUtil.visitAttribute(getProject(), pair ->
+                lookupElements.add(LookupElementBuilder.create(pair.getFirst()).withIcon(Symfony2Icons.SYMFONY))
+            );
+
+            return lookupElements;
+        }
+
+        @NotNull
+        @Override
+        public Collection<PsiElement> getPsiTargets(PsiElement element) {
+            String text = GotoCompletionUtil.getTextValueForElement(element);
+            if(StringUtils.isBlank(text)) {
+                return Collections.emptyList();
+            }
+
+            VoterUtil.TargetPairConsumer foo = new VoterUtil.TargetPairConsumer(text);
+            VoterUtil.visitAttribute(getProject(), foo);
+            return foo.getValues();
+        }
+    }
+}

src/fr/adrienbrault/idea/symfony2plugin/security/utils/VoterUtil.java

@@ -0,0 +1,254 @@
+package fr.adrienbrault.idea.symfony2plugin.security.utils;
+
+import com.intellij.openapi.project.Project;
+import com.intellij.openapi.util.Pair;
+import com.intellij.psi.PsiElement;
+import com.intellij.psi.PsiFile;
+import com.intellij.psi.PsiReference;
+import com.intellij.psi.search.FilenameIndex;
+import com.intellij.psi.search.GlobalSearchScope;
+import com.intellij.psi.tree.IElementType;
+import com.intellij.psi.util.PsiTreeUtil;
+import com.intellij.util.CommonProcessors;
+import com.jetbrains.php.PhpIndex;
+import com.jetbrains.php.lang.lexer.PhpTokenTypes;
+import com.jetbrains.php.lang.parser.PhpElementTypes;
+import com.jetbrains.php.lang.psi.PhpPsiUtil;
+import com.jetbrains.php.lang.psi.elements.*;
+import fr.adrienbrault.idea.symfony2plugin.util.PhpElementsUtil;
+import fr.adrienbrault.idea.symfony2plugin.util.yaml.YamlHelper;
+import org.apache.commons.lang.StringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.yaml.YAMLFileType;
+import org.jetbrains.yaml.YAMLUtil;
+import org.jetbrains.yaml.psi.*;
+import org.jetbrains.yaml.psi.impl.YAMLHashImpl;
+
+import java.util.HashSet;
+import java.util.Set;
+import java.util.function.Consumer;
+
+/**
+ * @author Daniel Espendiller <daniel@espendiller.net>
+ */
+public class VoterUtil {
+
+    public static void visitAttribute(@NotNull Project project, @NotNull Consumer<Pair<String, PsiElement>> consumer) {
+        for (PhpClass phpClass : PhpIndex.getInstance(project).getAllSubclasses("Symfony\\Component\\Security\\Core\\Authorization\\Voter\\Voter")) {
+            Method supports = phpClass.findMethodByName("supports");
+            if(supports != null) {
+                visitAttribute(supports, consumer);
+            }
+
+            Method voteOnAttribute = phpClass.findMethodByName("voteOnAttribute");
+            if(voteOnAttribute != null) {
+                visitAttribute(voteOnAttribute, consumer);
+            }
+        }
+
+        for (PsiFile psiFile : FilenameIndex.getFilesByName(project, "security.yml", GlobalSearchScope.getScopeRestrictedByFileTypes(GlobalSearchScope.allScope(project), YAMLFileType.YML))) {
+            if(!(psiFile instanceof YAMLFile)) {
+                continue;
+            }
+
+            YAMLKeyValue roleHierarchy = YAMLUtil.getQualifiedKeyInFile((YAMLFile) psiFile, "security", "role_hierarchy");
+            if(roleHierarchy != null) {
+                YAMLValue value = roleHierarchy.getValue();
+                if(!(value instanceof YAMLMapping)) {
+                    continue;
+                }
+
+                for (YAMLPsiElement yamlPsiElement : value.getYAMLElements()) {
+                    if(!(yamlPsiElement instanceof YAMLKeyValue)) {
+                        continue;
+                    }
+
+                    String keyText = ((YAMLKeyValue) yamlPsiElement).getKeyText();
+                    if(StringUtils.isNotBlank(keyText)) {
+                        consumer.accept(Pair.create(keyText, yamlPsiElement));
+                    }
+
+                    YAMLValue yamlValue = ((YAMLKeyValue) yamlPsiElement).getValue();
+                    if(yamlValue instanceof YAMLSequence) {
+                        for (String item : YamlHelper.getYamlArrayValuesAsString((YAMLSequence) yamlValue)) {
+                            consumer.accept(Pair.create(item, yamlValue));
+                        }
+                    }
+                }
+            }
+
+            YAMLKeyValue accessControl = YAMLUtil.getQualifiedKeyInFile((YAMLFile) psiFile, "security", "access_control");
+            if(accessControl != null) {
+                YAMLValue value = accessControl.getValue();
+                if(!(value instanceof YAMLSequence)) {
+                    continue;
+                }
+
+                for (YAMLPsiElement yamlPsiElement : value.getYAMLElements()) {
+                    if(!(yamlPsiElement instanceof YAMLSequenceItem)) {
+                        continue;
+                    }
+
+                    YAMLValue value1 = ((YAMLSequenceItem) yamlPsiElement).getValue();
+                    if(!(value1 instanceof YAMLMapping)) {
+                        continue;
+                    }
+
+                    YAMLKeyValue roles = ((YAMLHashImpl) value1).getKeyValueByKey("roles");
+                    if(roles == null) {
+                        continue;
+                    }
+
+                    YAMLValue value2 = roles.getValue();
+                    if(value2 instanceof YAMLScalar) {
+                        // roles: FOOBAR
+                        String textValue = ((YAMLScalar) value2).getTextValue();
+                        if(StringUtils.isNotBlank(textValue)) {
+                            consumer.accept(Pair.create(textValue, value2));
+                        }
+                    } else if(value2 instanceof YAMLSequence) {
+                        // roles: [FOOBAR, FOOBAR_1]
+                        for (String item : YamlHelper.getYamlArrayValuesAsString((YAMLSequence) value2)) {
+                            consumer.accept(Pair.create(item, value2));
+                        }
+                    }
+                }
+            }
+        }
+    }
+
+    private static void visitAttribute(@NotNull Method method, @NotNull Consumer<Pair<String, PsiElement>> consumer) {
+        Parameter[] parameters = method.getParameters();
+        if(parameters.length == 0) {
+            return;
+        }
+
+        PhpPsiUtil.hasReferencesInSearchScope(
+            method.getUseScope(),
+            parameters[0],
+            new MyAttributePsiReferenceFindProcessor(consumer)
+        );
+    }
+
+    public static class StringPairConsumer implements Consumer<Pair<String, PsiElement>> {
+        private Set<String> values = new HashSet<>();
+
+        @Override
+        public void accept(Pair<String, PsiElement> pair) {
+            values.add(pair.getFirst());
+        }
+
+        @NotNull
+        public Set<String> getValues() {
+            return values;
+        }
+    }
+
+    public static class TargetPairConsumer implements Consumer<Pair<String, PsiElement>> {
+        @NotNull
+        private final String filterValue;
+
+        @NotNull
+        private Set<PsiElement> values = new HashSet<>();
+
+        public TargetPairConsumer(@NotNull String filterValue) {
+            this.filterValue = filterValue;
+        }
+
+        @Override
+        public void accept(Pair<String, PsiElement> pair) {
+            if(pair.getFirst().equalsIgnoreCase(filterValue)) {
+                values.add(pair.getSecond());
+            }
+        }
+
+        @NotNull
+        public Set<PsiElement> getValues() {
+            return values;
+        }
+    }
+
+    /**
+     * Find security roles on Voter implementation and security roles in Yaml
+     */
+    private static class MyAttributePsiReferenceFindProcessor extends CommonProcessors.FindProcessor<PsiReference> {
+        private final Consumer<Pair<String, PsiElement>> consumer;
+
+        MyAttributePsiReferenceFindProcessor(Consumer<Pair<String, PsiElement>> consumer) {
+            this.consumer = consumer;
+        }
+
+        @Override
+        protected boolean accept(PsiReference psiReference) {
+            PsiElement resolve = psiReference.getElement();
+
+            PsiElement parent = resolve.getParent();
+            if(parent instanceof BinaryExpression) {
+                // 'VALUE' == $var
+                PsiElement rightElement = PsiTreeUtil.prevVisibleLeaf(resolve);
+                if(rightElement != null) {
+                    IElementType node = rightElement.getNode().getElementType();
+                    if(isIfOperand(node)) {
+                        PsiElement leftOperand = ((BinaryExpression) parent).getLeftOperand();
+                        String stringValue = PhpElementsUtil.getStringValue(leftOperand);
+                        if(StringUtils.isNotBlank(stringValue)) {
+                            consumer.accept(Pair.create(stringValue, leftOperand));
+                        }
+                    }
+                }
+
+                // $var == 'VALUE'
+                PsiElement leftElement = PsiTreeUtil.nextVisibleLeaf(resolve);
+                if(leftElement != null) {
+                    IElementType node = leftElement.getNode().getElementType();
+                    if(isIfOperand(node)) {
+                        PsiElement rightOperand = ((BinaryExpression) parent).getRightOperand();
+                        String stringValue = PhpElementsUtil.getStringValue(rightOperand);
+                        if(StringUtils.isNotBlank(stringValue)) {
+                            consumer.accept(Pair.create(stringValue, rightOperand));
+                        }
+                    }
+                }
+            } else if(parent instanceof ParameterList) {
+                PsiElement functionCall = parent.getParent();
+                if(functionCall instanceof FunctionReference && "in_array".equalsIgnoreCase(((FunctionReference) functionCall).getName())) {
+                    PsiElement[] functionParameter = ((ParameterList) parent).getParameters();
+                    if(functionParameter.length > 1 && functionParameter[1] instanceof ArrayCreationExpression) {
+                        //functionParameter[1].getNode().findChildByType()
+                        PsiElement[] psiElements = PsiTreeUtil.collectElements(functionParameter[1], psiElement -> psiElement.getNode().getElementType() == PhpElementTypes.ARRAY_VALUE);
+                        for (PsiElement psiElement : psiElements) {
+                            PsiElement firstChild = psiElement.getFirstChild();
+                            String stringValue = PhpElementsUtil.getStringValue(firstChild);
+                            if(StringUtils.isNotBlank(stringValue)) {
+                                consumer.accept(Pair.create(stringValue, firstChild));
+                            }
+                        }
+                    }
+                }
+            } else if(parent instanceof PhpSwitch) {
+                // case "foobar"
+                for (PhpCase phpCase : ((PhpSwitch) parent).getAllCases()) {
+                    PhpPsiElement condition = phpCase.getCondition();
+                    String stringValue = PhpElementsUtil.getStringValue(condition);
+                    if(StringUtils.isNotBlank(stringValue)) {
+                        consumer.accept(Pair.create(stringValue, condition));
+                    }
+                }
+            }
+
+            return false;
+        }
+
+        /**
+         * null == null, null != null, null === null
+         */
+        private boolean isIfOperand(@NotNull IElementType node) {
+            return
+                node == PhpTokenTypes.opIDENTICAL ||
+                node == PhpTokenTypes.opEQUAL ||
+                node == PhpTokenTypes.opNOT_EQUAL ||
+                node == PhpTokenTypes.opNOT_IDENTICAL
+            ;
+        }
+    }
+}