解决 Laravel Auth Authenticatable to User 模型解决静态分析问题
[英]Resolve Laravel Auth Authenticatable to User model to address static analysis issues
问题描述
We have a Laravel 8 application.
我们有一个 Laravel 8 应用程序。
We're using the standard Laravel Auth facade to retrieve the authenticated user .我们使用标准的 Laravel Auth外观来检索经过身份验证的用户。
Our User model has a few custom functions, the most important of which is a shorthand function, hasPermissionTo() .我们的User模型有一些自定义函数,其中最重要的是速记函数hasPermissionTo() 。 (The reason why is because we have a very custom RBAC setup.) (原因是因为我们有一个非常自定义的 RBAC 设置。)
So in a lot of our controllers, we have something like this...所以在我们的很多控制器中,我们都有这样的东西......
use Illuminate\Routing\Controller as BaseController;
class ExampleController extends BaseController
{
public function index()
{
if (\Auth::user()->hasPermissionTo('Management:View Users')) {
// do something.
}
// etc.
}
}
That's all well and good until we start running static analysis.在我们开始运行静态分析之前,一切都很好。 We're using Larastan, which is giving me these errors:我们正在使用 Larastan,这给了我这些错误:
------ -------------------------------------------------------------------------------------------
Line Http/Controllers/ExampleController.php
------ -------------------------------------------------------------------------------------------
48 Call to an undefined method Illuminate\Contracts\Auth\Authenticatable::hasPermissionTo().
This also makes sense because the Auth facade proxies Illuminate\Auth\AuthManager and Auth::user() , via __call() magic, normally resolves to Illuminate\Auth\SessionGuard::user() and that typehints this...这也是有道理的,因为Auth外观代理Illuminate\Auth\AuthManager和Auth::user() ,通过__call()魔法,通常解析为Illuminate\Auth\SessionGuard::user()并且类型提示这个......
/**
* Get the currently authenticated user.
*
* @return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function user()
{
...
So finally, my question:所以最后,我的问题:
Where is the failure here?这里的失败在哪里? Do I need to a) configure my static analysis tool better, b) configure Laravel better to more accurately return a specific type, or c) do I need to add explicit if (Auth::user() instanceof User) { ... } clauses all throughout my code?我是否需要 a) 更好地配置我的静态分析工具,b) 更好地配置 Laravel 以更准确地返回特定类型,或者 c) 我是否需要显式添加if (Auth::user() instanceof User) { ... }子句贯穿我的代码?
Is there a correct way to override one of the Laravel stock classes with a more specific one of my own to address more specific functionality?是否有一种正确的方法可以用我自己的更具体的一个来覆盖 Laravel 股票类之一以解决更具体的功能? Is there way to type-hint the actual authenticated User into the function declaration so I can declare function index(User $authenticatedUser) and have Laravel autopopulate this in with a more specific type hint?有没有办法将实际经过身份验证的用户类型提示到函数声明中,以便我可以声明function index(User $authenticatedUser)并让 Laravel 使用更具体的类型提示自动填充它?
I understand that I could just add an exclusion for this particular issue in Larastan and move on with my life, but the error is designed to protect against a specific class of error--ie if I added Auth0 and replaced App\Model\User with Auth0\Login\User , then I would have an Authenticatable class that fails to run hasPermissionTo() , and I'd have to now fix a bunch of code.我知道我可以在 Larastan 中为这个特定问题添加一个排除项并继续我的生活,但该错误旨在防止特定类别的错误 - 即如果我添加 Auth0 并将App\Model\User替换为Auth0\Login\User ,那么我将有一个无法运行hasPermissionTo()的Authenticatable类,我现在必须修复一堆代码。
1 个解决方案
解决方案1
0 已采纳 2022-06-27 02:42:17
Eventually, this is how we worked around the problem.最终,这就是我们解决问题的方法。 We added a type-hint for Larastan, so it can infer that $user has this HasRolesContract trait which provides hasPermissionTo() .我们为 Larastan 添加了类型提示,因此它可以推断 $user 具有提供hasPermissionTo()的HasRolesContract特征。
public function index()
{
/** @var \App\Traits\HasRolesContract */
$user = \Auth::user();
if ($user->hasPermissionTo('Management:View Users')) {
Hopefully this helps someone else!希望这对其他人有帮助!
(Thanks for the nudge, @djjavo) (感谢轻推,@djjavo)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.