Implement canAny handling for controllers

src/Middleware/RequestHandler.php

@@ -8,6 +8,7 @@ use Engelsystem\Application;
 use Engelsystem\Controllers\BaseController;
 use Engelsystem\Helpers\Authenticator;
 use Engelsystem\Http\Exceptions\HttpForbidden;
+use Illuminate\Support\Str;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\MiddlewareInterface;
@@ -103,8 +104,14 @@ class RequestHandler implements MiddlewareInterface
                 continue;
             }
 
-            if (!$auth->can($permission)) {
+            foreach ((array) $permission as $value) {
-                throw new HttpForbidden();
+                if (
+                    Str::contains($value, '||')
+                        ? !$auth->canAny(explode('||', $value))
+                        : !$auth->can($permission)
+                ) {
+                    throw new HttpForbidden();
+                }
             }
         }
 

tests/Unit/Middleware/RequestHandlerTest.php

@@ -7,11 +7,13 @@ namespace Engelsystem\Test\Unit\Middleware;
 use Engelsystem\Application;
 use Engelsystem\Helpers\Authenticator;
 use Engelsystem\Http\Exceptions\HttpForbidden;
+use Engelsystem\Http\Request;
+use Engelsystem\Http\Response;
 use Engelsystem\Middleware\CallableHandler;
 use Engelsystem\Middleware\RequestHandler;
 use Engelsystem\Test\Unit\Middleware\Stub\ControllerImplementation;
+use Engelsystem\Test\Unit\TestCase;
 use PHPUnit\Framework\MockObject\MockObject;
-use PHPUnit\Framework\TestCase;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\MiddlewareInterface;
@@ -212,6 +214,54 @@ class RequestHandlerTest extends TestCase
         $middleware->process($request, $handler);
     }
 
+    /**
+     * @covers \Engelsystem\Middleware\RequestHandler::checkPermissions
+     */
+    public function testCheckPermissionsAnyForbidden(): void
+    {
+        /** @var RequestHandlerInterface|MockObject $handler */
+        list(, , $handler) = $this->getMocks();
+        $this->app->instance('response', new Response());
+        /** @var Authenticator|MockObject $auth */
+        $auth = $this->createMock(Authenticator::class);
+        $this->setExpects($auth, 'canAny', [['foo', 'bar', 'baz']], false);
+        $this->app->instance('auth', $auth);
+
+        $controller = new ControllerImplementation();
+        $request = (new Request())
+            ->withAttribute('route-request-handler', [$controller, 'actionStub']);
+
+        $middleware = new RequestHandler($this->app);
+
+        $controller->setPermissions(['foo||bar||baz']);
+        $this->expectException(HttpForbidden::class);
+        $middleware->process($request, $handler);
+    }
+
+    /**
+     * @covers \Engelsystem\Middleware\RequestHandler::checkPermissions
+     */
+    public function testCheckPermissionsAny(): void
+    {
+        /** @var RequestHandlerInterface|MockObject $handler */
+        list(, , $handler) = $this->getMocks();
+        $this->app->instance('response', new Response());
+        /** @var Authenticator|MockObject $auth */
+        $auth = $this->createMock(Authenticator::class);
+        $this->setExpects($auth, 'canAny', [['foo', 'bar', 'baz']], true);
+        $this->app->instance('auth', $auth);
+
+        $controller = new ControllerImplementation();
+        $request = (new Request())
+            ->withAttribute('route-request-handler', [$controller, 'actionStub']);
+
+        $middleware = new RequestHandler($this->app);
+
+        $controller->setPermissions(['actionStub' => 'foo||bar||baz']);
+        $response = $middleware->process($request, $handler);
+        $this->assertEquals(200, $response->getStatusCode());
+    }
+
     protected function getMocks(): array
     {
         /** @var Application|MockObject $container */