BeUserAuthenticationController::__isAllowed()   A
last analyzed

Complexity

Conditions 2
Paths 2

Size

Total Lines 10
Code Lines 4

Duplication

Lines 0
Ratio 0 %

Code Coverage

Tests 4
CRAP Score 2

Importance

Changes 1
Bugs 0 Features 0
Metric Value
cc 2
eloc 4
c 1
b 0
f 0
nc 2
nop 0
dl 0
loc 10
ccs 4
cts 4
cp 1
crap 2
rs 10
1
<?php
2
3
namespace Aoe\Restler\Controller;
4
5
/***************************************************************
6
 *  Copyright notice
7
 *
8
 *  (c) 2024 AOE GmbH <[email protected]>
9
 *
10
 *  All rights reserved
11
 *
12
 *  This script is part of the TYPO3 project. The TYPO3 project is
13
 *  free software; you can redistribute it and/or modify
14
 *  it under the terms of the GNU General Public License as published by
15
 *  the Free Software Foundation; either version 3 of the License, or
16
 *  (at your option) any later version.
17
 *
18
 *  The GNU General Public License can be found at
19
 *  http://www.gnu.org/copyleft/gpl.html.
20
 *
21
 *  This script is distributed in the hope that it will be useful,
22
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
23
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24
 *  GNU General Public License for more details.
25
 *
26
 *  This copyright notice MUST APPEAR in all copies of the script!
27
 ***************************************************************/
28
29
use Aoe\Restler\System\TYPO3\Loader;
30
use Luracast\Restler\iAuthenticate;
31
use Luracast\Restler\Restler;
32
use Luracast\Restler\Scope;
33
use TYPO3\CMS\Core\SingletonInterface;
34
35
/**
36
 * This class checks, if client is allowed to access the requested and protected API-class
37
 * This class checks, if BE-user is logged in
38
 */
39
class BeUserAuthenticationController implements iAuthenticate, SingletonInterface
40
{
41
    /**
42
     * This property defines (when it's set), that this controller should check authentication
43
     * This property will be automatically set by restler, when in the API-class/controller this
44
     * is configured (in PHPdoc/annotations)
45
     *
46
     * Where do we set this property?
47
     * When the property should be used, than it must be set inside the PHPdoc-comment of the API-class-method,
48
     * which handle the API-request
49
     *
50
     * Syntax:
51
     * The PHPdoc-comment must look like this:
52
     * @class [className] {@[propertyName] [propertyValue]}
53
     *
54
     * Example:
55
     * When this controller should be used for authentication-checks, than the PHPdoc-comment must look like this:
56
     * @class Aoe\Restler\Controller\BeUserAuthenticationController {@checkAuthentication true}
57
     */
58
    public bool $checkAuthentication = false;
59
60
    /**
61
     * Instance of Restler class injected at runtime.
62
     *
63
     * @var Restler
64
     */
65
    public $restler;
66
67
    public function __construct(
68 4
        private readonly Loader $typo3Loader
69
    ) {
70 4
        $this->restler = Scope::get('Restler');
71 4
    }
72 4
73
    /**
74
     * This method checks, if client is allowed to access the requested API-class
75
     *
76
     * @return boolean
77
     */
78
    // phpcs:ignore
79
    public function __isAllowed()
80 3
    {
81
        if (!$this->checkAuthentication) {
82 3
            // this controller is not responsible for the authentication
83
            return false;
84 1
        }
85
86
        $this->typo3Loader->initializeBackendUser();
87 2
88
        return $this->typo3Loader->hasActiveBackendUser();
89 2
    }
90
91
    /**
92
     * return dummy string, because we DON'T need that for our case (we use NO base-authentification via REST-API)
93
     *
94
     * @return string
95
     * @see \Luracast\Restler\iAuthenticate
96
     */
97
    // phpcs:ignore
98
    public function __getWWWAuthenticateString()
99 1
    {
100
        return '';
101 1
    }
102
}
103