Issues in CheckAdministrators.php - New Issues - Inspection of "Merge pull request #8 from ARCANESOFT/patch-1" - ARCANESOFT/Core - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 2760df...c42cfb )

by ARCANEDEV

created 2017-11-01 17:16 UTC

src/Http/Middleware/CheckAdministrators.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php namespace Arcanesoft\Core\Http\Middleware;

use Arcanedev\Support\Http\Middleware;
use Closure;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Http\Request;

/**
 * Class     AdminMiddleware
 *
 * @package  Arcanesoft\Foundation\Http\Middleware
 * @author   ARCANEDEV <[email protected]>
 */
class CheckAdministrators extends Middleware
{
    /* -----------------------------------------------------------------
     |  Main Methods
     | -----------------------------------------------------------------
     */

    /**
     * Run the request filter.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure                  $next
     *
     * @return mixed
     *
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function handle(Request $request, Closure $next)
    {
        if ( ! $this->isAllowed())
            $this->failedAuthorization();

        return $next($request);
    }

    /* -----------------------------------------------------------------
     |  Other Methods
     | -----------------------------------------------------------------
     */

    /**
     * Check if the user is allowed.
     *
     * @return bool
     */
    protected function isAllowed()
    {
        /** @var  \Arcanesoft\Contracts\Auth\Models\User  $user */
        if (is_null($user = auth()->user()))
class A
{
    public function foo() { }
}

class B extends A
{
    public function bar() { }
}

/**
 * @param A|B $x
 */
function someFunction($x)
{
    $x->foo(); // This call is fine as the method exists in A and B.
    $x->bar(); // This method only exists in B and might cause an error.
}
            return false;

        return $user->isAdmin() || $user->isModerator();
    }

    /**
     * Handle a failed authorization attempt.
     *
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    protected function failedAuthorization()
    {
        throw new AuthorizationException(
            '[Unauthorized] You are not allowed to perform this action.', 403
        );
    }
}


Push — master ( 2760df...c42cfb )

src/Http/Middleware/CheckAdministrators.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

1			<?php namespace Arcanesoft\Core\Http\Middleware;
2
3			use Arcanedev\Support\Http\Middleware;
4			use Closure;
5			use Illuminate\Auth\Access\AuthorizationException;
6			use Illuminate\Http\Request;
7
8			/**
9			* Class AdminMiddleware
10			*
11			* @package Arcanesoft\Foundation\Http\Middleware
12			* @author ARCANEDEV <[email protected]>
13			*/
14			class CheckAdministrators extends Middleware
15			{
16			/* -----------------------------------------------------------------
17			\| Main Methods
18			\| -----------------------------------------------------------------
19			*/
20
21			/**
22			* Run the request filter.
23			*
24			* @param \Illuminate\Http\Request $request
25			* @param \Closure $next
26			*
27			* @return mixed
28			*
29			* @throws \Illuminate\Auth\Access\AuthorizationException
30			*/
31			public function handle(Request $request, Closure $next)
32			{
33			if ( ! $this->isAllowed())
34			$this->failedAuthorization();
35
36			return $next($request);
37			}
38
39			/* -----------------------------------------------------------------
40			\| Other Methods
41			\| -----------------------------------------------------------------
42			*/
43
44			/**
45			* Check if the user is allowed.
46			*
47			* @return bool
48			*/
49			protected function isAllowed()
50			{
51			/** @var \Arcanesoft\Contracts\Auth\Models\User $user */
52			if (is_null($user = auth()->user()))
			0 ignored issues – show Bug introduced 2017-11-01 14:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `user` does only exist in `Illuminate\Contracts\Auth\Guard`, but not in `Illuminate\Contracts\Auth\Factory`. It seems like the method you are trying to call exists only in some of the possible types. Let’s take a look at an example: class A { public function foo() { } } class B extends A { public function bar() { } } /** * @param A\|B $x / function someFunction($x) { $x->foo(); // This call is fine as the method exists in A and B. $x->bar(); // This method only exists in B and might cause an error. } Available Fixes Add an additional type-check: /* * @param A\|B $x / function someFunction($x) { $x->foo(); if ($x instanceof B) { $x->bar(); } } Only allow a single type to be passed if the variable comes from a parameter: function someFunction(B $x) { /* ... */ } Loading history...
53			return false;
54
55			return $user->isAdmin() \|\| $user->isModerator();
56			}
57
58			/**
59			* Handle a failed authorization attempt.
60			*
61			* @throws \Illuminate\Auth\Access\AuthorizationException
62			*/
63			protected function failedAuthorization()
64			{
65			throw new AuthorizationException(
66			'[Unauthorized] You are not allowed to perform this action.', 403
67			);
68			}
69			}
70

ARCANESOFT / Core

Push — master ( 2760df...c42cfb )

src/Http/Middleware/CheckAdministrators.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Duplication Side-by-Side

Filter issues like