Add room context to User and getCurrentUserPlayer method

claude · claude · commit ab5f73ef9485 · 2025-11-08T17:14:42.000Z
- Add room property to User entity for tracking current room context
- Add getCurrentUserPlayer method to PlayerRepository
- Update all Voters (PlayerVoter, MissionVoter, RoomVoter) to use getCurrentUserPlayer
- Create database migration to add room_id to users table

The room property on User tracks which room context the user is currently operating in.
This allows for proper authorization checks in Voters by getting the current player
based on the user's room context.

Changes:
- User entity: Added nullable room property with SET NULL on delete
- PlayerRepository: Added getCurrentUserPlayer(User) method
- DoctrinePlayerRepository: Implemented getCurrentUserPlayer logic
- PlayerVoter: Use getCurrentUserPlayer for authorization
- MissionVoter: Use getCurrentUserPlayer for authorization
- RoomVoter: Use getCurrentUserPlayer for authorization
- Migration: Add room_id column to users table with foreign key to room
diff --git a/migrations/Version20251108171358.php b/migrations/Version20251108171358.php
@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Migration: Add room property to User entity for room context tracking
+ */
+final class Version20251108171358 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return 'Add room_id column to users table to track user\'s current room context';
+    }
+
+    public function up(Schema $schema): void
+    {
+        // Add room_id column to users table
+        $this->addSql('ALTER TABLE users ADD room_id INTEGER DEFAULT NULL');
+        $this->addSql('ALTER TABLE users ADD CONSTRAINT FK_1483A5E954177093 FOREIGN KEY (room_id) REFERENCES room (id) ON DELETE SET NULL NOT DEFERRABLE INITIALLY IMMEDIATE');
+        $this->addSql('CREATE INDEX IDX_1483A5E954177093 ON users (room_id)');
+    }
+
+    public function down(Schema $schema): void
+    {
+        // Remove room_id column from users table
+        $this->addSql('ALTER TABLE users DROP CONSTRAINT FK_1483A5E954177093');
+        $this->addSql('DROP INDEX IDX_1483A5E954177093');
+        $this->addSql('ALTER TABLE users DROP COLUMN room_id');
+    }
+}
diff --git a/src/Domain/Player/PlayerRepository.php b/src/Domain/Player/PlayerRepository.php
@@ -6,6 +6,7 @@
 
 use App\Domain\Player\Entity\Player;
 use App\Domain\Room\Entity\Room;
+use App\Domain\User\Entity\User;
 use App\Infrastructure\Persistence\BaseRepository;
 
 /** @extends BaseRepository<Player> */
@@ -21,4 +22,10 @@ public function findPlayersByRoomAndName(Room $room, string $name): array;
      * Find the killer of a player (the player who has this player as their target).
      */
     public function findKiller(Player $player): ?Player;
+
+    /**
+     * Get the current player for a user based on the user's current room context.
+     * Returns the player belonging to the user that is in the user's current room.
+     */
+    public function getCurrentUserPlayer(User $user): ?Player;
 }
diff --git a/src/Domain/User/Entity/User.php b/src/Domain/User/Entity/User.php
@@ -5,6 +5,7 @@
 namespace App\Domain\User\Entity;
 
 use App\Domain\Player\Entity\Player;
+use App\Domain\Room\Entity\Room;
 use Doctrine\Common\Collections\ArrayCollection;
 use Doctrine\Common\Collections\Collection;
 use Doctrine\ORM\Mapping as ORM;
@@ -51,6 +52,10 @@ class User implements UserInterface
     #[ORM\Column(type: 'string', length: 255, nullable: true)]
     private ?string $appleId = null;
 
+    #[ORM\ManyToOne(targetEntity: Room::class)]
+    #[ORM\JoinColumn(name: 'room_id', nullable: true, onDelete: 'SET NULL')]
+    private ?Room $room = null;
+
     public function __construct()
     {
         $this->players = new ArrayCollection();
@@ -177,4 +182,16 @@ public function setAppleId(?string $appleId): self
 
         return $this;
     }
+
+    public function getRoom(): ?Room
+    {
+        return $this->room;
+    }
+
+    public function setRoom(?Room $room): self
+    {
+        $this->room = $room;
+
+        return $this;
+    }
 }
diff --git a/src/Infrastructure/Persistence/Doctrine/Repository/DoctrinePlayerRepository.php b/src/Infrastructure/Persistence/Doctrine/Repository/DoctrinePlayerRepository.php
@@ -7,6 +7,7 @@
 use App\Domain\Player\Entity\Player;
 use App\Domain\Player\PlayerRepository;
 use App\Domain\Room\Entity\Room;
+use App\Domain\User\Entity\User;
 use Doctrine\ORM\EntityManagerInterface;
 
 /** @extends DoctrineBaseRepository<Player> */
@@ -36,4 +37,22 @@ public function findKiller(Player $player): ?Player
     {
         return $this->findOneBy(['target' => $player]);
     }
+
+    /**
+     * Get the current player for a user based on the user's current room context.
+     * Returns the player belonging to the user that is in the user's current room.
+     */
+    public function getCurrentUserPlayer(User $user): ?Player
+    {
+        $room = $user->getRoom();
+
+        if ($room === null) {
+            return null;
+        }
+
+        return $this->findOneBy([
+            'user' => $user,
+            'room' => $room,
+        ]);
+    }
 }
diff --git a/src/Infrastructure/Security/Voters/MissionVoter.php b/src/Infrastructure/Security/Voters/MissionVoter.php
@@ -6,6 +6,8 @@
 
 use App\Domain\Mission\Entity\Mission;
 use App\Domain\Player\Entity\Player;
+use App\Domain\Player\PlayerRepository;
+use App\Domain\User\Entity\User;
 use Symfony\Bundle\SecurityBundle\Security;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;
@@ -16,8 +18,10 @@ class MissionVoter extends Voter
     public const VIEW_MISSION = 'view_mission';
     public const CREATE_MISSION = 'create_mission';
 
-    public function __construct(private readonly Security $security)
-    {
+    public function __construct(
+        private readonly Security $security,
+        private readonly PlayerRepository $playerRepository,
+    ) {
     }
 
     protected function supports(string $attribute, mixed $subject): bool
@@ -31,16 +35,22 @@ protected function supports(string $attribute, mixed $subject): bool
 
     protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
     {
-        $player = $token->getUser();
+        $user = $token->getUser();
+
+        if (!$user instanceof User) {
+            return false;
+        }
+
+        $currentPlayer = $this->playerRepository->getCurrentUserPlayer($user);
 
-        if (!$player instanceof Player) {
+        if ($currentPlayer === null) {
             return false;
         }
 
         return match ($attribute) {
-            self::VIEW_MISSION => $this->canView($subject, $player),
-            self::EDIT_MISSION => $this->canEdit($subject, $player),
-            self::CREATE_MISSION => $this->canPost($player),
+            self::VIEW_MISSION => $this->canView($subject, $currentPlayer),
+            self::EDIT_MISSION => $this->canEdit($subject, $currentPlayer),
+            self::CREATE_MISSION => $this->canPost($currentPlayer),
             default => throw new \LogicException('This code should not be reached'),
         };
     }
diff --git a/src/Infrastructure/Security/Voters/PlayerVoter.php b/src/Infrastructure/Security/Voters/PlayerVoter.php
@@ -5,23 +5,36 @@
 namespace App\Infrastructure\Security\Voters;
 
 use App\Domain\Player\Entity\Player;
+use App\Domain\Player\PlayerRepository;
+use App\Domain\User\Entity\User;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;
 
 class PlayerVoter extends Voter
 {
     public const string EDIT_PLAYER = 'edit_player';
 
+    public function __construct(
+        private readonly PlayerRepository $playerRepository,
+    ) {
+    }
+
     protected function supports(string $attribute, mixed $subject): bool
     {
         return $attribute === self::EDIT_PLAYER && $subject instanceof Player;
     }
 
     protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
     {
-        $playerInSession = $token->getUser();
+        $user = $token->getUser();
+
+        if (!$user instanceof User) {
+            return false;
+        }
+
+        $currentPlayer = $this->playerRepository->getCurrentUserPlayer($user);
 
-        if (!$playerInSession instanceof Player) {
+        if ($currentPlayer === null) {
             return false;
         }
 
@@ -32,13 +45,13 @@ protected function voteOnAttribute(string $attribute, mixed $subject, TokenInter
             throw new \LogicException('This code should not be reached');
         }
 
-        return $this->canEdit($player, $playerInSession);
+        return $this->canEdit($player, $currentPlayer);
     }
 
-    private function canEdit(Player $player, Player $playerInSession): bool
+    private function canEdit(Player $player, Player $currentPlayer): bool
     {
-        return $player === $playerInSession
-            || ($player->getRoom() === $playerInSession->getRoom()
-                && $player->getRoom()?->getAdmin() === $playerInSession);
+        return $player === $currentPlayer
+            || ($player->getRoom() === $currentPlayer->getRoom()
+                && $player->getRoom()?->getAdmin() === $currentPlayer);
     }
 }
diff --git a/src/Infrastructure/Security/Voters/RoomVoter.php b/src/Infrastructure/Security/Voters/RoomVoter.php
@@ -5,7 +5,9 @@
 namespace App\Infrastructure\Security\Voters;
 
 use App\Domain\Player\Entity\Player;
+use App\Domain\Player\PlayerRepository;
 use App\Domain\Room\Entity\Room;
+use App\Domain\User\Entity\User;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;
 
@@ -15,6 +17,11 @@ class RoomVoter extends Voter
     public const VIEW_ROOM = 'view_room';
     public const CREATE_ROOM = 'create_room';
 
+    public function __construct(
+        private readonly PlayerRepository $playerRepository,
+    ) {
+    }
+
     protected function supports(string $attribute, mixed $subject): bool
     {
         if (!in_array($attribute, [self::EDIT_ROOM, self::VIEW_ROOM, self::CREATE_ROOM], true)) {
@@ -26,20 +33,26 @@ protected function supports(string $attribute, mixed $subject): bool
 
     protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
     {
-        $player = $token->getUser();
+        $user = $token->getUser();
 
         if ($attribute === self::EDIT_ROOM && $token->getUserIdentifier() === '') {
             return true;
         }
 
-        if (!$player instanceof Player) {
+        if (!$user instanceof User) {
+            return false;
+        }
+
+        $currentPlayer = $this->playerRepository->getCurrentUserPlayer($user);
+
+        if ($currentPlayer === null) {
             return false;
         }
 
         return match ($attribute) {
-            self::VIEW_ROOM => $this->canView($subject, $player),
-            self::EDIT_ROOM => $this->canEdit($subject, $player),
-            self::CREATE_ROOM => $this->canCreate($player),
+            self::VIEW_ROOM => $this->canView($subject, $currentPlayer),
+            self::EDIT_ROOM => $this->canEdit($subject, $currentPlayer),
+            self::CREATE_ROOM => $this->canCreate($currentPlayer),
             default => throw new \LogicException('This code should not be reached'),
         };
     }

Original file line number	Diff line number	Diff line change
`@@ -5,23 +5,36 @@`
`5`	`5`	`namespace App\Infrastructure\Security\Voters;`
`6`	`6`
`7`	`7`	`use App\Domain\Player\Entity\Player;`
	`8`	`+use App\Domain\Player\PlayerRepository;`
	`9`	`+use App\Domain\User\Entity\User;`
`8`	`10`	`use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;`
`9`	`11`	`use Symfony\Component\Security\Core\Authorization\Voter\Voter;`
`10`	`12`
`11`	`13`	`class PlayerVoter extends Voter`
`12`	`14`	`{`
`13`	`15`	`public const string EDIT_PLAYER = 'edit_player';`
`14`	`16`
	`17`	`+ public function __construct(`
	`18`	`+ private readonly PlayerRepository $playerRepository,`
	`19`	`+ ) {`
	`20`	`+ }`
	`21`	`+`
`15`	`22`	`protected function supports(string $attribute, mixed $subject): bool`
`16`	`23`	`{`
`17`	`24`	`return $attribute === self::EDIT_PLAYER && $subject instanceof Player;`
`18`	`25`	`}`
`19`	`26`
`20`	`27`	`protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool`
`21`	`28`	`{`
`22`		`- $playerInSession = $token->getUser();`
	`29`	`+ $user = $token->getUser();`
	`30`	`+`
	`31`	`+ if (!$user instanceof User) {`
	`32`	`+ return false;`
	`33`	`+ }`
	`34`	`+`
	`35`	`+ $currentPlayer = $this->playerRepository->getCurrentUserPlayer($user);`
`23`	`36`
`24`		`- if (!$playerInSession instanceof Player) {`
	`37`	`+ if ($currentPlayer === null) {`
`25`	`38`	`return false;`
`26`	`39`	`}`
`27`	`40`
`@@ -32,13 +45,13 @@ protected function voteOnAttribute(string $attribute, mixed $subject, TokenInter`
`32`	`45`	`throw new \LogicException('This code should not be reached');`
`33`	`46`	`}`
`34`	`47`
`35`		`- return $this->canEdit($player, $playerInSession);`
	`48`	`+ return $this->canEdit($player, $currentPlayer);`
`36`	`49`	`}`
`37`	`50`
`38`		`- private function canEdit(Player $player, Player $playerInSession): bool`
	`51`	`+ private function canEdit(Player $player, Player $currentPlayer): bool`
`39`	`52`	`{`
`40`		`- return $player === $playerInSession`
`41`		`- \|\| ($player->getRoom() === $playerInSession->getRoom()`
`42`		`- && $player->getRoom()?->getAdmin() === $playerInSession);`
	`53`	`+ return $player === $currentPlayer`
	`54`	`+ \|\| ($player->getRoom() === $currentPlayer->getRoom()`
	`55`	`+ && $player->getRoom()?->getAdmin() === $currentPlayer);`
`43`	`56`	`}`
`44`	`57`	`}`