UsersAPI::deleteUser() - Code Metrics - Inspection of "Production fixes" - BurningFlipside/Profiles - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( bf23bc...4f23d4 )

by Patrick

created 2017-10-17 17:35 UTC

UsersAPI::deleteUser() B

↳ Parent: UsersAPI

Complexity

Conditions	6
Paths	12

Size

Total Lines	32
Code Lines	18

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	6
eloc	18
nc	12
nop	3
dl	0
loc	32
rs	8.439
c	0
b	0
f	0

<?php
class UsersAPI extends Http\Rest\RestAPI
{
    public function setup($app)
    {
        $app->get('[/]', array($this, 'listUsers'));
        $app->post('[/]', array($this, 'createUser'));
        $app->get('/{uid}[/]', array($this, 'showUser'));
        $app->patch('/{uid}[/]', array($this, 'editUser'));
        $app->delete('/{uid}[/]', array($this, 'deleteUser'));
        $app->get('/{uid}/groups[/]', array($this, 'listGroupsForUser'));
        $app->post('/{uid}/Actions/link[/]', array($this, 'linkUser'));
        $app->post('/{uid}/Actions/reset_pass[/]', array($this, 'resetUserPassword'));
        $app->post('/Actions/check_email_available[/]', array($this, 'checkEmailAvailable'));
        $app->post('/Actions/check_uid_available[/]', array($this, 'checkUidAvailable'));
        $app->post('/Actions/remind_uid[/]', array($this, 'remindUid'));
    }

    public function validateIsAdmin($request, $nonFatal = false)

    {
        $this->user = $request->getAttribute('user');
class MyClass { }

$x = new MyClass();
$x->foo = true;
        if($this->user === false)
        {
            throw new Exception('Must be logged in', \Http\Rest\ACCESS_DENIED);
        }
        if(!$this->user->isInGroupNamed('LDAPAdmins'))
        {
            if($nonFatal)
            {
                return false;
            }
            throw new Exception('Must be Admin', \Http\Rest\ACCESS_DENIED);
        }
        return true;
    }

    public function listUsers($request, $response, $args)

    {
        $users = false;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        $odata = $request->getAttribute('odata', new \ODataParams(array()));
        if($this->validateIsAdmin($request, true) === false)
        {
            $users = array($this->user);
            $users = $odata->filterArrayPerSelect($users);
        }
        else
        {
            $auth = AuthProvider::getInstance();
            $users = $auth->getUsersByFilter($odata->filter, $odata->select, $odata->top, $odata->skip, 
                                             $odata->orderby);
        }
        return $response->withJson($users);
    }

    protected function validateCanCreateUser($proposedUser, $auth, &$message)
    {
        $user = $auth->getUsersByFilter(new \Data\Filter('mail eq '.$proposedUser->mail));
        if($user !== false && isset($user[0]))

        {
            $message = 'Email already exists!';
            return false;
        }
        $user = $auth->getUsersByFilter(new \Data\Filter('uid eq '.$proposedUser->uid));
        if($user !== false && isset($user[0]))

        {
            $message = 'Username already exists!';
            return false;
        }
        return true;
    }

    protected function validEmail($email)

    {
        if(filter_var($email) === false)
        {
            return false;
        }
        $pos = strpos($email, '@');
        if($pos === false)
        {
            return false;
        }
        $domain = substr($email, $pos+1);
        if(checkdnsrr($domain, 'MX') === false)
        {
            return false;
        }
        return true;
    }

    public function createUser($request, $response, $args)

    {
        $this->user = $request->getAttribute('user');
        //This one is different. If they are logged in fail...
        if($this->user !== false)
        {
            return $response->withStatus(404);
        }
        $obj = $request->getParsedBody();
        if(!isset($obj->captcha))
        {
            return $response->withStatus(401);
        }
        $captcha = FlipSession::getVar('captcha');
        if($captcha === false)
        {
            return $response->withStatus(401);
        }
        if(!$captcha->is_answer_right($obj->captcha))
        {
            return $response->withJson(array('res'=>false, 'message'=>'Incorrect answer to CAPTCHA!'), 412);
        }
        $auth = AuthProvider::getInstance();
        $message = false;
        if($this->validateCanCreateUser($obj, $auth, $message) === false)
        {
            return $response->withJson(array('res'=>false, 'message'=>$message), 412);
        }
        else if($this->validEmail($obj->mail) === false)

        {
            return $response->withJson(array('res'=>false, 'message'=>'Invalid Email Address!'));
        }
        $ret = $auth->createPendingUser($obj);
        if($ret == false)

        {
            return $response->withJson(array('res'=>false, 'message'=>'Failed to save user registration!'), 500);
        }
        return $response->withJson($ret);
    }

    protected function userIsMe($request, $uid)
    {
        $this->user = $request->getAttribute('user');
        return ($uid === 'me' || ($this->user !== false && $uid === $this->user->uid));
    }

    protected function getUserByUIDReadOnly($request, $uid)

    {
        if($this->userIsMe($request, $uid))
        {
            return $this->user;
        }
        if($this->user->isInGroupNamed('LDAPAdmins') || $this->hasLeadAccess($request))

        {
            $auth = \AuthProvider::getInstance();
            $filter = new \Data\Filter("uid eq $uid");
            $users = $auth->getUsersByFilter($filter);
            if($users !== false && isset($users[0]))
            {
                return $users[0];
            }
        }
        return false;
    }

    protected function getUserByUID($request, $uid)

    {
        if($this->userIsMe($request, $uid))
        {
            return $this->user;
        }
        if($this->user->isInGroupNamed('LDAPAdmins'))
        {
            $auth = \AuthProvider::getInstance();
            $filter = new \Data\Filter("uid eq $uid");
            $users = $auth->getUsersByFilter($filter);
            if($users !== false && isset($users[0]))
            {
                return $users[0];
            }
        }
        return false;
    }

    public function showUser($request, $response, $args)
    {
        $uid = $args['uid'];
        $user = $request->getAttribute('user');
        if($user === false)
        {
            if($_SERVER['SERVER_ADDR'] === $_SERVER['REMOTE_ADDR'])
            {
                $user = \AuthProvider::getInstance()->getUsersByFilter(new \Data\Filter("uid eq $uid"));
                if($user === false || !isset($user[0]))
                {
                    return $response->withStatus(404);
                }
                return $response->withJson($user[0]);
            } 
            return $response->withStatus(401);
        }
        $user = $this->getUserByUIDReadOnly($request, $uid);
        if($user === false)
        {
            return $response->withStatus(404);
        }
        if(!is_object($user) && isset($user[0]))
        {
            $user = $user[0];
        }
        if($request->getAttribute('format') === 'vcard')
        {
            $response = $response->withHeader('Content-Type', 'text/x-vCard');
            $response->getBody()->write($user->getVcard());
            return $response;
        }
        return $response->withJson($user);
    }

    protected function sendPasswordResetEmail($user)
    {
        $forwardedFor = false;
        if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
        {
            $forwardedFor = $_SERVER['HTTP_X_FORWARDED_FOR'];
        }
        $emailMsg = new PasswordHasBeenResetEmail($user, $_SERVER['REMOTE_ADDR'], $forwardedFor);
        $emailProvider = EmailProvider::getInstance();
        if($emailProvider->sendEmail($emailMsg) === false)
        {
            throw new \Exception('Unable to send password reset email!');
        }
    }

    protected function exceptionCodeToHttpCode($e)
    {
        if($e->getCode() === 3)
        {
            return 401;
        }
        return 500;
    }

    protected function getUser($request, $uid, $payload)
    {
        $this->user = $request->getAttribute('user');
        if($this->user === false)
        {
            if(isset($payload->hash))
            {
                $auth = AuthProvider::getInstance();
                $this->user = $auth->getUserByResetHash($payload->hash);
                return $this->user;
            }
            return false;
        }
        return $this->getUserByUID($request, $uid);
    }

    public function editUser($request, $response, $args)
    {
        $uid = 'me';
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        $obj = $request->getParsedBody();
        $user = $this->getUser($request, $uid, $obj);
        if($user === false)
        {
            return $response->withStatus(404);
        }
        try
        {
            if(isset($obj['old_uid']))
            {
                unset($obj['old_uid']);
            }
            unset($obj['uid']);
            $user->editUser($obj);
        }
        catch(\Exception $e)
        {
            return $response->withJson(array('error'=>array('msg'=>$e->getMessage(), 'stack'=>$e->getTraceAsString())), $this->exceptionCodeToHttpCode($e));
        }
        if($this->userIsMe($request, $uid))
        {
            \FlipSession::setUser($user);
        }
        if(isset($obj->password))
        {
            $this->sendPasswordResetEmail($user);
        }
        return $response->withJson(array('success'=>true));
    }

    public function deleteUser($request, $response, $args)
    {
        $uid = 'me';
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        $user = false;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        if($this->validateIsAdmin($request, true) === false && $this->userIsMe($request, $uid))
        {
            $user = $this->user;
        }
        else
        {
            $auth = AuthProvider::getInstance();
            $filter = new \Data\Filter("uid eq $uid");
            $user = $auth->getUsersByFilter($filter);
            if(empty($user))
            {
                $user = false;
            }
            else
            {
                $user = $user[0];
            }
        }
        if($user === false)
        {
            return $response->withStatus(404);
        }
        return $response->withJson($user->delete());
    }

    public function listGroupsForUser($request, $response, $args)
    {
        $uid = 'me';
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        $this->validateLoggedIn($request);
        $user = $this->getUserByUID($request, $uid);
        if($user === false)
        {
            return $response->withStatus(404);
        }
        $groups = $user->getGroups();
        if($groups === false)
        {
            $groups = array();
        }
        return $response->withJson($groups);
    }

    public function linkUser($request, $response, $args)
    {
        $uid = 'me';
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        $this->validateLoggedIn($request);
        $obj = $request->getParsedBody();
        if($this->userIsMe($request, $uid))
        {
            $this->user->addLoginProvider($obj->provider);
            AuthProvider::getInstance()->impersonateUser($app->user);

        }
        else if($this->user->isInGroupNamed("LDAPAdmins"))
        {
            $user = AuthProvider::getInstance()->getUser($uid);
            if($user === false)
            {
                return $response->withStatus(404);
            }
            $user->addLoginProvider($obj->provider);
        }
        else
        {
            return $response->withStatus(404);
        }
        return $response->withJson(array('success'=>true));
    }

    protected function getAllUsersByFilter($filter, &$pending)
    {
        $auth = AuthProvider::getInstance();
        $user = $auth->getUsersByFilter($filter);
        if($user !== false && isset($user[0]))

        {
            $pending = false;
            return $user[0];
        }
        $user = $auth->getPendingUsersByFilter($filter);
        if($user !== false && isset($user[0]))

        {
            $pending = true;
            return $user[0];
        }
        return false;
    }

    public function checkEmailAvailable($request, $response, $args)

    {
        $params = $request->getQueryParams();
        $email = false;
        if(isset($params['email']))
        {
            $email = $params['email'];
        }
        if($email === false)
        {
            $params = $request->getParsedBody();
            if(isset($params['email']))
            {
                $email = $params['email'];
            }
            if($email === false)
            {
                return $response->withStatus(400);
            }
        }
        if(filter_var($email, FILTER_VALIDATE_EMAIL) === false || strpos($email, '@') === false)
        {
            return $response->withJson(false);
        }
        if(strstr($email, '+') !== false)
        {
            //Remove everything between the + and the @
            $begining = strpos($email, '+');
            $end = strpos($email, '@');
            $to_delete = substr($email, $begining, $end - $begining);
            $email = str_replace($to_delete, '', $email);
        }
        $filter = new \Data\Filter('mail eq '.$email);
        $pending = false;
        $user = $this->getAllUsersByFilter($filter, $pending);
        if($user === false)
        {
            return $response->withJson(true);
        }
        return $response->withJson(array('res'=>false, 'email'=>$user->mail, 'pending'=>$pending));
    }

    public function checkUidAvailable($request, $response, $args)

    {
        $params = $request->getQueryParams();
        $uid = false;
        if(isset($params['uid']))
        {
            $uid = $params['uid'];
        }
        if($uid === false)
        {
            return $response->withStatus(400);
        }
        if(strpos($uid, '=') !== false || strpos($uid, ',') !== false)
        {
            return $response->withJson(false);
        }
        $filter = new \Data\Filter('uid eq '.$uid);
        $pending = false;
        $user = $this->getAllUsersByFilter($filter, $pending);
        if($user === false)
        {
            return $response->withJson(true);
        }
        return $response->withJson(array('res'=>false, 'uidl'=>$user->uid, 'pending'=>$pending));
    }

    public function resetUserPassword($request, $response, $args)
    {
        $uid = false;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        else
        {
            return $response->withStatus(400);
        }
        $auth = AuthProvider::getInstance();
        $users = $auth->getUsersByFilter(new \Data\Filter('uid eq '.$uid));
        if($users === false || !isset($users[0]))
        {
            return $response->withStatus(404);
        }
        $email_msg = new PasswordResetEmail($users[0]);
        $email_provider = EmailProvider::getInstance();
        if($email_provider->sendEmail($email_msg) === false)
        {
            throw new \Exception('Unable to send email!');
        }
        return $response->withJson(true);
    }

    public function remindUid()
    {
        $params = $request->getQueryParams();

        $email = false;
        if(isset($params['email']))
        {
            $email = $params['email'];
        }
        if($email === false)
        {
            return $response->withStatus(400);

        }
        if(filter_var($email, FILTER_VALIDATE_EMAIL) === false)
        {
            return $response->withStatus(400);
        }
        $auth = AuthProvider::getInstance();
        $users = $auth->getUsersByFilter(new \Data\Filter('mail eq '.$email));
        if($users === false || !isset($users[0]))
        {
            return $response->withStatus(404);
        }
        $email_msg = new UIDForgotEmail($users[0]);
        $email_provider = EmailProvider::getInstance();
        if($email_provider->sendEmail($email_msg) === false)
        {
            throw new \Exception('Unable to send email!');
        }
    }
}
/* vim: set tabstop=4 shiftwidth=4 expandtab: */


1		<?php
2		class UsersAPI extends Http\Rest\RestAPI
3		{
4		public function setup($app)
5		{
6		$app->get('[/]', array($this, 'listUsers'));
7		$app->post('[/]', array($this, 'createUser'));
8		$app->get('/{uid}[/]', array($this, 'showUser'));
9		$app->patch('/{uid}[/]', array($this, 'editUser'));
10		$app->delete('/{uid}[/]', array($this, 'deleteUser'));
11		$app->get('/{uid}/groups[/]', array($this, 'listGroupsForUser'));
12		$app->post('/{uid}/Actions/link[/]', array($this, 'linkUser'));
13		$app->post('/{uid}/Actions/reset_pass[/]', array($this, 'resetUserPassword'));
14		$app->post('/Actions/check_email_available[/]', array($this, 'checkEmailAvailable'));
15		$app->post('/Actions/check_uid_available[/]', array($this, 'checkUidAvailable'));
16		$app->post('/Actions/remind_uid[/]', array($this, 'remindUid'));
17		}
18
19	View Code Duplication	public function validateIsAdmin($request, $nonFatal = false)
		0 ignored issues – show Duplication introduced 2017-10-17 17:42 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
20		{
21		$this->user = $request->getAttribute('user');
		0 ignored issues – show Bug introduced 2017-06-20 14:43 UTC by Report Bug Copy Issue Report The property `user` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
22		if($this->user === false)
23		{
24		throw new Exception('Must be logged in', \Http\Rest\ACCESS_DENIED);
25		}
26		if(!$this->user->isInGroupNamed('LDAPAdmins'))
27		{
28		if($nonFatal)
29		{
30		return false;
31		}
32		throw new Exception('Must be Admin', \Http\Rest\ACCESS_DENIED);
33		}
34		return true;
35		}
36
37		public function listUsers($request, $response, $args)
		0 ignored issues – show Unused Code introduced 2017-10-17 17:42 UTC by Report Bug Copy Issue Report The parameter `$args` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...

BurningFlipside / Profiles

Push — master ( bf23bc...4f23d4 )

UsersAPI::deleteUser() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like