Authentication::safeguardContext() - Code Metrics - Inspection of "[BUG] #15 After installing Extension "Oops an erro..." - AOEpeople/aoe_ipauth - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#19)

by Tomas Norre

created 2016-01-27 12:11 UTC

Authentication::safeguardContext() B

↳ Parent: Authentication

Complexity

Conditions	5
Paths	6

Size

Total Lines	14
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	15.5468

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
c	2
b	0
f	0
dl	0
loc	14
ccs	3
cts	12
cp	0.25
rs	8.8571
cc	5
eloc	8
nc	6
nop	0
crap	15.5468

<?php
namespace AOE\AoeIpauth\Typo3\Service;

/***************************************************************
 *  Copyright notice
 *
 *  (c) 2014 AOE GmbH <[email protected]>
 *
 *  All rights reserved
 *
 *  This script is part of the TYPO3 project. The TYPO3 project is
 *  free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 3 of the License, or
 *  (at your option) any later version.
 *
 *  The GNU General Public License can be found at
 *  http://www.gnu.org/copyleft/gpl.html.
 *
 *  This script is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  This copyright notice MUST APPEAR in all copies of the script!
 ***************************************************************/

use TYPO3\CMS\Core\Utility\GeneralUtility;

/**
 * Class Authentication
 *
 * @package AOE\AoeIpauth\Typo3\Service
 */
class Authentication extends \TYPO3\CMS\Sv\AbstractAuthenticationService {


	/**
	 * @var \AOE\AoeIpauth\Service\IpMatchingService
	 */
	protected $ipMatchingService = NULL;

	/**
	 * @var \AOE\AoeIpauth\Domain\Service\FeEntityService
	 */
	protected $feEntityService = NULL;

	/**
	 * @var \AOE\AoeIpauth\Domain\Service\IpService
	 */
	protected $ipService = NULL;

	/**
	 * Makes sure the TCA is readable, necessary for enableFields to work
	 * Is de-facto called when using the Preview BE Module
	 *
	 * @return void
	 */
	protected function safeguardContext() {
		if (!isset($GLOBALS['TSFE'])) {
			return;
		}

		if (!isset($GLOBALS['TCA'][\AOE\AoeIpauth\Domain\Service\FeEntityService::TABLE_USER])) {
			if (empty($GLOBALS['TSFE']->sys_page)) {
				$GLOBALS['TSFE']->sys_page = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
			}
			if (version_compare(TYPO3_version, '7.0.0', '<')) {
				$GLOBALS['TSFE']->getCompressedTCarray();
			}
		}
	}

	/**
	 * Gets the user automatically
	 *
	 * @return bool
	 */
	public function getUser() {
		// Do not respond to non-fe users and login attempts
		if ('getUserFE' != $this->mode || 'login' == $this->login['status']) {
			return FALSE;
		}

		$this->safeguardContext();

		$clientIp = $this->authInfo['REMOTE_ADDR'];
		$ipAuthenticatedUsers = $this->findAllUsersByIpAuthentication($clientIp);

		if (empty($ipAuthenticatedUsers)) {
			return FALSE;
		}

		$user = array_pop($ipAuthenticatedUsers);
		return $user;
	}

	/**
	 * Authenticate a user
	 * Return 200 if the IP is right.
	 * This means that no more checks are needed.
	 * Otherwise authentication may fail because we may don't have a password.
	 *
	 * @param array Data of user.
	 * @return bool
	 */
	public function authUser($user) {

		$this->safeguardContext();

		$authCode = 100;

		// Do not respond to non-fe users and login attempts
		if ('FE' != $this->authInfo['loginType'] || 'login' == $this->login['status']) {
			return $authCode;
		}
		if (!isset($user['uid'])) {
			return $authCode;
		}

		$clientIp = $this->authInfo['REMOTE_ADDR'];
		$userId = $user['uid'];

		$ipMatches = $this->doesCurrentUsersIpMatch($userId, $clientIp);

		if ($ipMatches) {
			$authCode = 200;
		}

		return $authCode;
	}

	/**
	 * Get the group list
	 *
	 * @param string $user
	 * @param array $knownGroups
	 * @return array
	 */
	public function getGroups($user, $knownGroups) {

		// Do not respond to non-FE group calls
		if ('getGroupsFE' != $this->mode) {
			return $knownGroups;
		}

		$this->safeguardContext();

		$clientIp = $this->authInfo['REMOTE_ADDR'];
		$ipAuthenticatedGroups = $this->findAllGroupsByIpAuthentication($clientIp);

		if (!empty($ipAuthenticatedGroups)) {
			$knownGroups = array_merge($ipAuthenticatedGroups, $knownGroups);
		}

		return $knownGroups;
	}

	/**
	 * Returns TRUE if the userId's associated IPs match the client IP
	 *
	 * @param int $userId
	 * @param string $clientIp
	 * @return bool
	 */
	protected function doesCurrentUsersIpMatch($userId, $clientIp) {
		$isMatch = FALSE;
		$ips = $this->getIpService()->findIpsByFeUserId($userId);

		foreach ($ips as $ipWhitelist) {
			if ($this->getIpMatchingService()->isIpAllowed($clientIp, $ipWhitelist)) {
				$isMatch = TRUE;
				break;
			}
		}
		return $isMatch;
	}

	/**
	 * Finds all users with IP authentication enabled
	 *
	 * @param string $ip
	 * @return array
	 */
	protected function findAllUsersByIpAuthentication($ip) {
		$users = $this->getFeEntityService()->findAllUsersAuthenticatedByIp($ip);
		return $users;
	}

	/**
	 * Finds all groups with IP authentication enabled
	 *
	 * @param string $ip
	 * @return array
	 */
	protected function findAllGroupsByIpAuthentication($ip) {
		$groups = $this->getFeEntityService()->findAllGroupsAuthenticatedByIp($ip);
		return $groups;
	}

	/**
	 * @return \AOE\AoeIpauth\Domain\Service\FeEntityService
	 */
	protected function getFeEntityService() {
		if (NULL === $this->feEntityService) {
			$this->feEntityService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Domain\\Service\\FeEntityService');
		}
		return $this->feEntityService;
	}

	/**
	 * @return \AOE\AoeIpauth\Domain\Service\IpService
	 */
	protected function getIpService() {
		if (NULL === $this->ipService) {
			$this->ipService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Domain\\Service\\IpService');
		}
		return $this->ipService;
	}

	/**
	 * @return \AOE\AoeIpauth\Service\IpMatchingService
	 */
	protected function getIpMatchingService() {
		if (NULL === $this->ipMatchingService) {
			$this->ipMatchingService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Service\\IpMatchingService');
		}
		return $this->ipMatchingService;
	}
}

1		<?php
2		namespace AOE\AoeIpauth\Typo3\Service;
3
4		/***************************************************************
5		* Copyright notice
6		*
7		* (c) 2014 AOE GmbH <[email protected]>
8		*
9		* All rights reserved
10		*
11		* This script is part of the TYPO3 project. The TYPO3 project is
12		* free software; you can redistribute it and/or modify
13		* it under the terms of the GNU General Public License as published by
14		* the Free Software Foundation; either version 3 of the License, or
15		* (at your option) any later version.
16		*
17		* The GNU General Public License can be found at
18		* http://www.gnu.org/copyleft/gpl.html.
19		*
20		* This script is distributed in the hope that it will be useful,
21		* but WITHOUT ANY WARRANTY; without even the implied warranty of
22		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23		* GNU General Public License for more details.
24		*
25		* This copyright notice MUST APPEAR in all copies of the script!
26		***************************************************************/
27
28		use TYPO3\CMS\Core\Utility\GeneralUtility;
29
30		/**
31		* Class Authentication
32		*
33		* @package AOE\AoeIpauth\Typo3\Service
34		*/
35		class Authentication extends \TYPO3\CMS\Sv\AbstractAuthenticationService {
36
37
38		/**
39		* @var \AOE\AoeIpauth\Service\IpMatchingService
40		*/
41		protected $ipMatchingService = NULL;
42
43		/**
44		* @var \AOE\AoeIpauth\Domain\Service\FeEntityService
45		*/
46		protected $feEntityService = NULL;
47
48		/**
49		* @var \AOE\AoeIpauth\Domain\Service\IpService
50		*/
51		protected $ipService = NULL;
52
53		/**
54		* Makes sure the TCA is readable, necessary for enableFields to work
55		* Is de-facto called when using the Preview BE Module
56		*
57		* @return void
58		*/
59	6	protected function safeguardContext() {
60	6	if (!isset($GLOBALS['TSFE'])) {
61	6	return;
62		}
63
64		if (!isset($GLOBALS['TCA'][\AOE\AoeIpauth\Domain\Service\FeEntityService::TABLE_USER])) {
65		if (empty($GLOBALS['TSFE']->sys_page)) {
66		$GLOBALS['TSFE']->sys_page = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
67		}
68		if (version_compare(TYPO3_version, '7.0.0', '<')) {
69		$GLOBALS['TSFE']->getCompressedTCarray();
70		}
71		}
72		}
73
74		/**
75		* Gets the user automatically
76		*
77		* @return bool
78		*/
79	3	public function getUser() {
80		// Do not respond to non-fe users and login attempts
81	3	if ('getUserFE' != $this->mode \|\| 'login' == $this->login['status']) {
82		return FALSE;
83		}
84
85	3	$this->safeguardContext();
86
87	3	$clientIp = $this->authInfo['REMOTE_ADDR'];
88	3	$ipAuthenticatedUsers = $this->findAllUsersByIpAuthentication($clientIp);
89
90	3	if (empty($ipAuthenticatedUsers)) {
91	1	return FALSE;
92		}
93
94	2	$user = array_pop($ipAuthenticatedUsers);
95	2	return $user;
96		}
97
98		/**
99		* Authenticate a user
100		* Return 200 if the IP is right.
101		* This means that no more checks are needed.
102		* Otherwise authentication may fail because we may don't have a password.
103		*
104		* @param array Data of user.
105		* @return bool
106		*/
107	2	public function authUser($user) {
108
109	2	$this->safeguardContext();
110
111	2	$authCode = 100;
112
113		// Do not respond to non-fe users and login attempts
114	2	if ('FE' != $this->authInfo['loginType'] \|\| 'login' == $this->login['status']) {
115		return $authCode;
116		}
117	2	if (!isset($user['uid'])) {
118		return $authCode;
119		}
120
121	2	$clientIp = $this->authInfo['REMOTE_ADDR'];
122	2	$userId = $user['uid'];
123
124	2	$ipMatches = $this->doesCurrentUsersIpMatch($userId, $clientIp);
125
126	2	if ($ipMatches) {
127	1	$authCode = 200;
128	1	}
129
130	2	return $authCode;
131		}
132
133		/**
134		* Get the group list
135		*
136		* @param string $user
137		* @param array $knownGroups
138		* @return array
139		*/
140	1	public function getGroups($user, $knownGroups) {
		0 ignored issues – show Unused Code introduced 2015-11-28 10:33 UTC by Report Bug Copy Issue Report The parameter `$user` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
141		// Do not respond to non-FE group calls
142	1	if ('getGroupsFE' != $this->mode) {
143		return $knownGroups;
144		}
145
146	1	$this->safeguardContext();
147
148	1	$clientIp = $this->authInfo['REMOTE_ADDR'];
149	1	$ipAuthenticatedGroups = $this->findAllGroupsByIpAuthentication($clientIp);
150
151	1	if (!empty($ipAuthenticatedGroups)) {
152	1	$knownGroups = array_merge($ipAuthenticatedGroups, $knownGroups);
153	1	}
154
155	1	return $knownGroups;
156		}
157
158		/**
159		* Returns TRUE if the userId's associated IPs match the client IP
160		*
161		* @param int $userId
162		* @param string $clientIp
163		* @return bool
164		*/
165		protected function doesCurrentUsersIpMatch($userId, $clientIp) {
166		$isMatch = FALSE;
167		$ips = $this->getIpService()->findIpsByFeUserId($userId);
168
169		foreach ($ips as $ipWhitelist) {
170		if ($this->getIpMatchingService()->isIpAllowed($clientIp, $ipWhitelist)) {
171		$isMatch = TRUE;
172		break;
173		}
174		}
175		return $isMatch;
176		}
177
178		/**
179		* Finds all users with IP authentication enabled
180		*
181		* @param string $ip
182		* @return array
183		*/
184		protected function findAllUsersByIpAuthentication($ip) {
185		$users = $this->getFeEntityService()->findAllUsersAuthenticatedByIp($ip);
186		return $users;
187		}
188
189		/**
190		* Finds all groups with IP authentication enabled
191		*
192		* @param string $ip
193		* @return array
194		*/
195		protected function findAllGroupsByIpAuthentication($ip) {
196		$groups = $this->getFeEntityService()->findAllGroupsAuthenticatedByIp($ip);
197		return $groups;
198		}
199
200		/**
201		* @return \AOE\AoeIpauth\Domain\Service\FeEntityService
202		*/
203		protected function getFeEntityService() {
204		if (NULL === $this->feEntityService) {
205		$this->feEntityService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Domain\\Service\\FeEntityService');
206		}
207		return $this->feEntityService;
208		}
209
210		/**
211		* @return \AOE\AoeIpauth\Domain\Service\IpService
212		*/
213		protected function getIpService() {
214		if (NULL === $this->ipService) {
215		$this->ipService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Domain\\Service\\IpService');
216		}
217		return $this->ipService;
218		}
219
220		/**
221		* @return \AOE\AoeIpauth\Service\IpMatchingService
222		*/
223		protected function getIpMatchingService() {
224		if (NULL === $this->ipMatchingService) {
225		$this->ipMatchingService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Service\\IpMatchingService');
226		}
227		return $this->ipMatchingService;
228		}
229		}

AOEpeople / aoe_ipauth

Pull Request — master (#19)

Authentication::safeguardContext() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like