UsersAPI - Code Metrics - Inspection of "Fix #53" - BurningFlipside/Profiles - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( a4c187...3ea7be )

by Patrick

created 2017-12-06 00:27 UTC

UsersAPI D

↳ Parent: Project

Complexity

Total Complexity

113

Size/Duplication

Total Lines	527
Duplicated Lines	25.62 %

Coupling/Cohesion

Components	1
Dependencies	9

Importance

Changes

Metric	Value
dl	135
loc	527
rs	4.8717
c	0
b	0
f	0
wmc	113
lcom	1
cbo	9

22 Methods

Rating	Name	Duplication	Size	Complexity
A	setup()	0	14	1
A	validateIsAdmin()	17	17	4
A	listUsers()	0	17	2
B	validateCanCreateUser()	10	16	5
A	validEmail()	18	18	4
C	createUser()	8	39	8
A	userIsMe()	0	5	3
B	getUserByUIDReadOnly()	18	18	6
B	getUserByUID()	18	18	5
D	showUser()	0	34	9
A	sendPasswordResetEmail()	0	14	3
A	exceptionCodeToHttpCode()	0	8	2
A	getUser()	0	15	3
C	editUser()	0	36	7
B	deleteUser()	0	32	6
A	listGroupsForUser()	0	20	4
B	linkUser()	0	29	5
B	getAllUsersByFilter()	10	17	5
D	checkEmailAvailable()	12	41	9
C	checkUidAvailable()	12	33	8
B	resetUserPassword()	0	25	5
D	remindUid()	12	37	9

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like UsersAPI often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use UsersAPI, and based on these observations, apply Extract Interface, too.

<?php
require_once('class.UIDForgotEmail.php');

class UsersAPI extends Http\Rest\RestAPI
{
    public function setup($app)
    {
        $app->get('[/]', array($this, 'listUsers'));
        $app->post('[/]', array($this, 'createUser'));
        $app->get('/{uid}[/]', array($this, 'showUser'));
        $app->patch('/{uid}[/]', array($this, 'editUser'));
        $app->delete('/{uid}[/]', array($this, 'deleteUser'));
        $app->get('/{uid}/groups[/]', array($this, 'listGroupsForUser'));
        $app->post('/{uid}/Actions/link[/]', array($this, 'linkUser'));
        $app->post('/{uid}/Actions/reset_pass[/]', array($this, 'resetUserPassword'));
        $app->post('/Actions/check_email_available[/]', array($this, 'checkEmailAvailable'));
        $app->post('/Actions/check_uid_available[/]', array($this, 'checkUidAvailable'));
        $app->post('/Actions/remind_uid[/]', array($this, 'remindUid'));
    }

    public function validateIsAdmin($request, $nonFatal = false)

    {
        $this->user = $request->getAttribute('user');
class MyClass { }

$x = new MyClass();
$x->foo = true;
        if($this->user === false)
        {
            throw new Exception('Must be logged in', \Http\Rest\ACCESS_DENIED);
        }
        if(!$this->user->isInGroupNamed('LDAPAdmins'))
        {
            if($nonFatal)
            {
                return false;
            }
            throw new Exception('Must be Admin', \Http\Rest\ACCESS_DENIED);
        }
        return true;
    }

    public function listUsers($request, $response, $args)

    {
        $users = false;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        $odata = $request->getAttribute('odata', new \ODataParams(array()));
        if($this->validateIsAdmin($request, true) === false)
        {
            $users = array($this->user);
            $users = $odata->filterArrayPerSelect($users);
        }
        else
        {
            $auth = AuthProvider::getInstance();
            $users = $auth->getUsersByFilter($odata->filter, $odata->select, $odata->top, $odata->skip, 
                                             $odata->orderby);
        }
        return $response->withJson($users);
    }

    protected function validateCanCreateUser($proposedUser, $auth, &$message)
    {
        $user = $auth->getUsersByFilter(new \Data\Filter('mail eq '.$proposedUser['mail']));
        if($user !== false && isset($user[0]))

        {
            $message = 'Email already exists!';
            return false;
        }
        $user = $auth->getUsersByFilter(new \Data\Filter('uid eq '.$proposedUser['uid']));
        if($user !== false && isset($user[0]))

        {
            $message = 'Username already exists!';
            return false;
        }
        return true;
    }

    protected function validEmail($email)

    {
        if(filter_var($email) === false)
        {
            return false;
        }
        $pos = strpos($email, '@');
        if($pos === false)
        {
            return false;
        }
        $domain = substr($email, $pos+1);
        if(checkdnsrr($domain, 'MX') === false)
        {
            return false;
        }
        return true;
    }

    public function createUser($request, $response, $args)

    {
        $this->user = $request->getAttribute('user');
        //This one is different. If they are logged in fail...
        if($this->user !== false)
        {
            return $response->withStatus(404);
        }
        $obj = $request->getParsedBody();
        if(!isset($obj['captcha']))
        {
            return $response->withStatus(401);
        }
        $captcha = FlipSession::getVar('captcha');
        if($captcha === false)
        {
            return $response->withStatus(401);
        }
        if(!$captcha->is_answer_right($obj['captcha']))
        {
            return $response->withJson(array('res'=>false, 'message'=>'Incorrect answer to CAPTCHA!'), 412);
        }
        $auth = AuthProvider::getInstance();
        $message = false;
        if($this->validateCanCreateUser($obj, $auth, $message) === false)
        {
            return $response->withJson(array('res'=>false, 'message'=>$message), 412);
        }
        else if($this->validEmail($obj['mail']) === false)

        {
            return $response->withJson(array('res'=>false, 'message'=>'Invalid Email Address!'));
        }
        $ret = $auth->createPendingUser($obj);
        if($ret == false)

        {
            return $response->withJson(array('res'=>false, 'message'=>'Failed to save user registration!'), 500);
        }
        return $response->withJson($ret);
    }

    protected function userIsMe($request, $uid)
    {
        $this->user = $request->getAttribute('user');
        return ($uid === 'me' || ($this->user !== false && $uid === $this->user->uid));
    }

    protected function getUserByUIDReadOnly($request, $uid)

    {
        if($this->userIsMe($request, $uid))
        {
            return $this->user;
        }
        if($this->user->isInGroupNamed('LDAPAdmins') || $this->hasLeadAccess($request))

        {
            $auth = \AuthProvider::getInstance();
            $filter = new \Data\Filter("uid eq $uid");
            $users = $auth->getUsersByFilter($filter);
            if($users !== false && isset($users[0]))
            {
                return $users[0];
            }
        }
        return false;
    }

    protected function getUserByUID($request, $uid)

    {
        if($this->userIsMe($request, $uid))
        {
            return $this->user;
        }
        if($this->user->isInGroupNamed('LDAPAdmins'))
        {
            $auth = \AuthProvider::getInstance();
            $filter = new \Data\Filter("uid eq $uid");
            $users = $auth->getUsersByFilter($filter);
            if($users !== false && isset($users[0]))
            {
                return $users[0];
            }
        }
        return false;
    }

    public function showUser($request, $response, $args)
    {
        $uid = $args['uid'];
        $user = $request->getAttribute('user');
        if($user === false)
        {
            if($_SERVER['SERVER_ADDR'] === $_SERVER['REMOTE_ADDR'])
            {
                $user = \AuthProvider::getInstance()->getUsersByFilter(new \Data\Filter("uid eq $uid"));
                if($user === false || !isset($user[0]))
                {
                    return $response->withStatus(404);
                }
                return $response->withJson($user[0]);
            } 
            return $response->withStatus(401);
        }
        $user = $this->getUserByUIDReadOnly($request, $uid);
        if($user === false)
        {
            return $response->withStatus(404);
        }
        if(!is_object($user) && isset($user[0]))
        {
            $user = $user[0];
        }
        if($request->getAttribute('format') === 'vcard')
        {
            $response = $response->withHeader('Content-Type', 'text/x-vCard');
            $response->getBody()->write($user->getVcard());
            return $response;
        }
        return $response->withJson($user);
    }

    protected function sendPasswordResetEmail($user)
    {
        $forwardedFor = false;
        if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
        {
            $forwardedFor = $_SERVER['HTTP_X_FORWARDED_FOR'];
        }
        $emailMsg = new PasswordHasBeenResetEmail($user, $_SERVER['REMOTE_ADDR'], $forwardedFor);
        $emailProvider = EmailProvider::getInstance();
        if($emailProvider->sendEmail($emailMsg) === false)
        {
            throw new \Exception('Unable to send password reset email!');
        }
    }

    protected function exceptionCodeToHttpCode($e)
    {
        if($e->getCode() === 3)
        {
            return 401;
        }
        return 500;
    }

    protected function getUser($request, $uid, $payload)
    {
        $this->user = $request->getAttribute('user');
        if($this->user === false)
        {
            if(isset($payload->hash))
            {
                $auth = AuthProvider::getInstance();
                $this->user = $auth->getUserByResetHash($payload->hash);
                return $this->user;
            }
            return false;
        }
        return $this->getUserByUID($request, $uid);
    }

    public function editUser($request, $response, $args)
    {
        $uid = 'me';
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        $obj = $request->getParsedBody();
        $user = $this->getUser($request, $uid, $obj);
        if($user === false)
        {
            return $response->withStatus(404);
        }
        try
        {
            if(isset($obj['old_uid']))
            {
                unset($obj['old_uid']);
            }
            unset($obj['uid']);
            $user->editUser($obj);
        }
        catch(\Exception $e)
        {
            return $response->withJson(array('error'=>array('msg'=>$e->getMessage(), 'stack'=>$e->getTraceAsString())), $this->exceptionCodeToHttpCode($e));
        }
        if($this->userIsMe($request, $uid))
        {
            \FlipSession::setUser($user);
        }
        if(isset($obj->password))
        {
            $this->sendPasswordResetEmail($user);
        }
        return $response->withJson(array('success'=>true));
    }

    public function deleteUser($request, $response, $args)
    {
        $uid = 'me';
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        $user = false;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        if($this->validateIsAdmin($request, true) === false && $this->userIsMe($request, $uid))
        {
            $user = $this->user;
        }
        else
        {
            $auth = AuthProvider::getInstance();
            $filter = new \Data\Filter("uid eq $uid");
            $user = $auth->getUsersByFilter($filter);
            if(empty($user))
            {
                $user = false;
            }
            else
            {
                $user = $user[0];
            }
        }
        if($user === false)
        {
            return $response->withStatus(404);
        }
        return $response->withJson($user->delete());
    }

    public function listGroupsForUser($request, $response, $args)
    {
        $uid = 'me';
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        $this->validateLoggedIn($request);
        $user = $this->getUserByUID($request, $uid);
        if($user === false)
        {
            return $response->withStatus(404);
        }
        $groups = $user->getGroups();
        if($groups === false)
        {
            $groups = array();
        }
        return $response->withJson($groups);
    }

    public function linkUser($request, $response, $args)
    {
        $uid = 'me';
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        $this->validateLoggedIn($request);
        $obj = $request->getParsedBody();
        if($this->userIsMe($request, $uid))
        {
            $this->user->addLoginProvider($obj->provider);
            AuthProvider::getInstance()->impersonateUser($app->user);

        }
        else if($this->user->isInGroupNamed("LDAPAdmins"))
        {
            $user = AuthProvider::getInstance()->getUser($uid);
            if($user === false)
            {
                return $response->withStatus(404);
            }
            $user->addLoginProvider($obj->provider);
        }
        else
        {
            return $response->withStatus(404);
        }
        return $response->withJson(array('success'=>true));
    }

    protected function getAllUsersByFilter($filter, &$pending)
    {
        $auth = AuthProvider::getInstance();
        $user = $auth->getUsersByFilter($filter);
        if($user !== false && isset($user[0]))

        {
            $pending = false;
            return $user[0];
        }
        $user = $auth->getPendingUsersByFilter($filter);
        if($user !== false && isset($user[0]))

        {
            $pending = true;
            return $user[0];
        }
        return false;
    }

    public function checkEmailAvailable($request, $response, $args)

    {
        $params = $request->getQueryParams();
        $email = false;
        if(isset($params['email']))
        {
            $email = $params['email'];
        }
        if($email === false)

        {
            $params = $request->getParsedBody();
            if(isset($params['email']))
            {
                $email = $params['email'];
            }
            if($email === false)
            {
                return $response->withStatus(400);
            }
        }
        if(filter_var($email, FILTER_VALIDATE_EMAIL) === false || strpos($email, '@') === false)
        {
            return $response->withJson(false);
        }
        if(strstr($email, '+') !== false)
        {
            //Remove everything between the + and the @
            $begining = strpos($email, '+');
            $end = strpos($email, '@');
            $to_delete = substr($email, $begining, $end - $begining);
            $email = str_replace($to_delete, '', $email);
        }
        $filter = new \Data\Filter('mail eq '.$email);
        $pending = false;
        $user = $this->getAllUsersByFilter($filter, $pending);
        if($user === false)
        {
            return $response->withJson(true);
        }
        return $response->withJson(array('res'=>false, 'email'=>$user->mail, 'pending'=>$pending));
    }

    public function checkUidAvailable($request, $response, $args)

    {
        $params = $request->getQueryParams();
        $uid = false;
        if(isset($params['uid']))
        {
            $uid = $params['uid'];
        }
        if($uid === false)

        {
            $params = $request->getParsedBody();
            if(isset($params['uid']))
            {
                $uid = $params['uid'];
            }
            if($uid === false)
            {
                return $response->withStatus(400);
            }
        }
        if(strpos($uid, '=') !== false || strpos($uid, ',') !== false)
        {
            return $response->withJson(false);
        }
        $filter = new \Data\Filter('uid eq '.$uid);
        $pending = false;
        $user = $this->getAllUsersByFilter($filter, $pending);
        if($user === false)
        {
            return $response->withJson(true);
        }
        return $response->withJson(array('res'=>false, 'uidl'=>$user->uid, 'pending'=>$pending));
    }

    public function resetUserPassword($request, $response, $args)
    {
        $uid = false;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        if(isset($args['uid']))
        {
            $uid = $args['uid'];
        }
        else
        {
            return $response->withStatus(400);
        }
        $auth = AuthProvider::getInstance();
        $users = $auth->getUsersByFilter(new \Data\Filter('uid eq '.$uid));
        if($users === false || !isset($users[0]))
        {
            return $response->withStatus(404);
        }
        $email_msg = new PasswordResetEmail($users[0]);
        $email_provider = EmailProvider::getInstance();
        if($email_provider->sendEmail($email_msg) === false)
        {
            throw new \Exception('Unable to send email!');
        }
        return $response->withJson(true);
    }

    public function remindUid($request, $response, $args)

    {
        $params = $request->getQueryParams();
        $email = false;
        if(isset($params['email']))
        {
            $email = $params['email'];
        }
        if($email === false)

        {
            $params = $request->getParsedBody();
            if(isset($params['email']))
            {
                $email = $params['email'];
            }
            if($email === false)
            {
                return $response->withStatus(400);
            }
        }
        if(filter_var($email, FILTER_VALIDATE_EMAIL) === false)
        {
            return $response->withStatus(400);
        }
        $auth = AuthProvider::getInstance();
        $users = $auth->getUsersByFilter(new \Data\Filter('mail eq '.$email));
        if($users === false || !isset($users[0]))
        {
            return $response->withStatus(404);
        }
        $email_msg = new UIDForgotEmail($users[0]);
        $email_provider = EmailProvider::getInstance();
        if($email_provider->sendEmail($email_msg) === false)
        {
            throw new \Exception('Unable to send email!');
        }
    }
}
/* vim: set tabstop=4 shiftwidth=4 expandtab: */


BurningFlipside / Profiles