Issues in Plugin.php (3.0) - Issues in 3.0 - Cotya/magento-composer-installer - Measure and Improve Code Quality continuously with Scrutinizer

Issues (20)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/MagentoHackathon/Composer/Magento/Plugin.php (5 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 *
 *
 *
 *
 */

namespace MagentoHackathon\Composer\Magento;

use Composer\Config;
use Composer\DependencyResolver\Rule;
use Composer\Installer;
use Composer\Package\AliasPackage;
use Composer\Script\Event;
use Composer\Installer\PackageEvent;
use MagentoHackathon\Composer\Helper;
use MagentoHackathon\Composer\Magento\Event\EventManager;
use MagentoHackathon\Composer\Magento\Event\PackageDeployEvent;
use MagentoHackathon\Composer\Magento\Factory\DeploystrategyFactory;
use MagentoHackathon\Composer\Magento\Factory\EntryFactory;
use MagentoHackathon\Composer\Magento\Factory\ParserFactory;
use MagentoHackathon\Composer\Magento\Factory\PathTranslationParserFactory;
use MagentoHackathon\Composer\Magento\Patcher\Bootstrap;
use MagentoHackathon\Composer\Magento\Repository\InstalledPackageFileSystemRepository;
use MagentoHackathon\Composer\Magento\UnInstallStrategy\UnInstallStrategy;
use MagentoHackathon\Composer\Magento\Factory\InstallStrategyFactory;
use RecursiveDirectoryIterator;
use RecursiveIteratorIterator;
use Composer\Composer;
use Composer\IO\IOInterface;
use Composer\Package\PackageInterface;
use Composer\Plugin\PluginInterface;
use Composer\EventDispatcher\EventSubscriberInterface;
use Composer\Script\ScriptEvents;
use Composer\Util\Filesystem;
use Symfony\Component\Process\Process;

class Plugin implements PluginInterface, EventSubscriberInterface
{
    /**
     * The type of packages this plugin supports
     */
    const PACKAGE_TYPE = 'magento-module';

    const VENDOR_DIR_KEY = 'vendor-dir';

    const BIN_DIR_KEY = 'bin-dir';

    const THESEER_AUTOLOAD_EXEC_BIN_PATH = '/phpab';

    const THESEER_AUTOLOAD_EXEC_REL_PATH = '/theseer/autoload/composer/bin/phpab';

    /**
     * @var IOInterface
     */
    protected $io;

    /**
     * @var ProjectConfig
     */
    protected $config;

    /**
     * @var DeployManager
     */
    protected $deployManager;

    /**
     * @var Composer
     */
    protected $composer;

    /**
     * @var Filesystem
     */
    protected $filesystem;

    /**
     * @var EntryFactory
     */
    protected $entryFactory;

    /**
     * @var EventManager
     */
    private $eventManager;

    /**
     * @var ModuleManager
     */
    private $moduleManager;

    /**
     * init the DeployManager
     *
     * @param Composer    $composer
     * @param IOInterface $io
     */
    protected function initDeployManager(Composer $composer, IOInterface $io, EventManager $eventManager)

    {
        $this->deployManager = new DeployManager($eventManager);
        $this->deployManager->setSortPriority($this->getSortPriority($composer));

        $this->applyEvents($eventManager);
    }

    protected function applyEvents(EventManager $eventManager)
    {

        if ($this->config->hasAutoAppendGitignore()) {
            $gitIgnoreLocation = sprintf('%s/.gitignore', $this->config->getMagentoRootDir());
            $gitIgnore = new GitIgnoreListener(new GitIgnore($gitIgnoreLocation));

            $eventManager->listen('post-package-deploy', [$gitIgnore, 'addNewInstalledFiles']);
            $eventManager->listen('post-package-uninstall', [$gitIgnore, 'removeUnInstalledFiles']);
        }

        $io = $this->io;
        if ($this->io->isDebug()) {
            $eventManager->listen('pre-package-deploy', function (PackageDeployEvent $event) use ($io) {
                $io->write('Start magento deploy for ' . $event->getDeployEntry()->getPackageName());
            });
        }
    }

    /**
     * get Sort Priority from extra Config
     *
     * @param \Composer\Composer $composer
     *
     * @return array
     */
    private function getSortPriority(Composer $composer)
    {
        $extra = $composer->getPackage()->getExtra();

        return isset($extra[ProjectConfig::SORT_PRIORITY_KEY])
            ? $extra[ProjectConfig::SORT_PRIORITY_KEY]
            : array();
    }

    /**
     * Apply plugin modifications to composer
     *
     * @param Composer    $composer
     * @param IOInterface $io
     */
    public function activate(Composer $composer, IOInterface $io)
    {
        $this->io = $io;
        $this->composer = $composer;

        $this->filesystem = new Filesystem();
        $this->config = new ProjectConfig($composer->getPackage()->getExtra(), $composer->getConfig()->all());

        if (!$this->config->skipSuggestComposerRepositories()) {
            $this->suggestComposerRepositories();
        }

        $this->entryFactory = new EntryFactory(
            $this->config,
            new DeploystrategyFactory($this->config),
            new PathTranslationParserFactory(new ParserFactory($this->config), $this->config)
        );

        $this->initDeployManager($composer, $io, $this->getEventManager());
        $this->writeDebug('activate magento plugin');
    }

    /**
     * Returns an array of event names this subscriber wants to listen to.
     *
     * The array keys are event names and the value can be:
     *
     * * The method name to call (priority defaults to 0)
     * * An array composed of the method name to call and the priority
     * * An array of arrays composed of the method names to call and respective
     *   priorities, or 0 if unset
     *
     * For instance:
     *
     * * array('eventName' => 'methodName')
     * * array('eventName' => array('methodName', $priority))
     * * array('eventName' => array(array('methodName1', $priority), array('methodName2'))
     *
     * @return array The event names to listen to
     */
    public static function getSubscribedEvents()
    {
        return array(
            Installer\PackageEvents::PRE_PACKAGE_UPDATE => array(
                array('onPackageUpdate', 0),
            ),
            ScriptEvents::POST_INSTALL_CMD => array(
                array('onNewCodeEvent', 0),
            ),
            ScriptEvents::POST_UPDATE_CMD  => array(
                array('onNewCodeEvent', 0),
            ),
        );
    }

    /**
     * event listener is named this way, as it listens for events leading to changed code files
     *
     * @param Event $event
     */
    public function onNewCodeEvent(Event $event)
    {

        $packageTypeToMatch = static::PACKAGE_TYPE;
        $magentoModules = array_filter(
            $this->composer->getRepositoryManager()->getLocalRepository()->getPackages(),
            function (PackageInterface $package) use ($packageTypeToMatch) {
                if ($package instanceof AliasPackage) {
                    return false;
                }
                return $package->getType() === $packageTypeToMatch;
            }
        );

        if ($this->composer->getPackage()->getType() === static::PACKAGE_TYPE
            && $this->config->getIncludeRootPackage() === true
        ) {
            $magentoModules[] = $this->composer->getPackage();
        }

        $vendorDir = rtrim($this->composer->getConfig()->get(self::VENDOR_DIR_KEY), '/');

        Helper::initMagentoRootDir(
            $this->config,
            $this->io,
            $this->filesystem,
            $vendorDir
        );

        $this->applyEvents($this->getEventManager());

        if (in_array('--redeploy', $event->getArguments())) {
            $this->writeDebug('remove all deployed modules');
            $this->getModuleManager()->updateInstalledPackages(array());
        }
        $this->writeDebug('start magento module deploy via moduleManager');
        $this->getModuleManager()->updateInstalledPackages($magentoModules);
        $this->deployLibraries();

        $patcher = Bootstrap::fromConfig($this->config);
        $patcher->setIo($this->io);
        try {
            $patcher->patch();
        } catch (\DomainException $e) {
            $this->io->write('<comment>'.$e->getMessage().'</comment>');
        }
    }

    public function onPackageUpdate(PackageEvent $event)
    {
        /** @var Rule $rule */
        $rule = $event->getOperation()->getReason();
        if ($rule instanceof Rule) {
            if ($event->getOperation()->getJobType() === 'update') {
                if ($rule->getJob()['packageName'] === 'magento-hackathon/magento-composer-installer') {
                    throw new \Exception(
                        'Dont update the "magento-hackathon/magento-composer-installer" with active plugins.' . PHP_EOL .
                        'Consult the documentation on how to update the Installer' . PHP_EOL .
                        'https://github.com/Cotya/magento-composer-installer#update-the-installer' . PHP_EOL
                    );
                }
            }
        } else {
if (rand(1, 6) > 3) {
print "Check failed";
} else {
    //print "Check succeeded";
}
            
        }
        
    }
    
    /**
     * test configured repositories and give message about adding recommended ones
     */
    protected function suggestComposerRepositories()
    {
        $foundFiregento = false;
        $foundMagento   = false;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

        foreach ($this->config->getComposerRepositories() as $repository) {
            if (!isset($repository["type"]) || $repository["type"] !== "composer") {
                continue;
            }
            if (strpos($repository["url"], "packages.firegento.com") !== false) {
                $foundFiregento = true;
            }
        };
        $message1 = "<comment>you may want to add the %s repository to composer.</comment>";
        $message2 = "<comment>add it with:</comment> composer.phar config -g repositories.%s composer %s";
        if (!$foundFiregento) {
            $this->io->write(sprintf($message1, 'packages.firegento.com'));
            $this->io->write(sprintf($message2, 'firegento', 'https://packages.firegento.com'));
        }
    }

    /**
     * deploy Libraries
     */
    protected function deployLibraries()
    {
        $packages = $this->composer->getRepositoryManager()->getLocalRepository()->getPackages();
        $autoloadDirectories = array();

        $libraryPath = $this->config->getLibraryPath();

        if ($libraryPath === null) {
            $this->writeDebug('jump over deployLibraries as no Magento libraryPath is set');

            return;
        }

        $vendorDir = rtrim($this->composer->getConfig()->get(self::VENDOR_DIR_KEY), '/');

        $this->filesystem->removeDirectory($libraryPath);
        $this->filesystem->ensureDirectoryExists($libraryPath);

        foreach ($packages as $package) {
            /** @var PackageInterface $package */
            $packageConfig = $this->config->getLibraryConfigByPackagename($package->getName());
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
$object = $a->getObject();
            if ($packageConfig === null) {
                continue;
            }
            if (!isset($packageConfig['autoload'])) {
                $packageConfig['autoload'] = array('/');
            }
            foreach ($packageConfig['autoload'] as $path) {
                $autoloadDirectories[] = $libraryPath . '/' . $package->getName() . "/" . $path;
            }
            $this->writeDebug(sprintf('Magento deployLibraries executed for %s', $package->getName()));

            $libraryTargetPath = $libraryPath . '/' . $package->getName();
            $this->filesystem->removeDirectory($libraryTargetPath);
            $this->filesystem->ensureDirectoryExists($libraryTargetPath);
            $this->copyRecursive($vendorDir . '/' . $package->getPrettyName(), $libraryTargetPath);
        }

        if (false !== ($executable = $this->getTheseerAutoloadExecutable())) {
            $this->writeDebug('Magento deployLibraries executes autoload generator');

            $params = $this->getTheseerAutoloadParams($libraryPath, $autoloadDirectories);

            $process = new Process($executable . $params);
            $process->run();
        }
    }

    /**
     * return the autoload generator binary path or false if not found
     *
     * @return bool|string
     */
    protected function getTheseerAutoloadExecutable()
    {
        $executable = $this->composer->getConfig()->get(self::BIN_DIR_KEY)
            . self::THESEER_AUTOLOAD_EXEC_BIN_PATH;

        if (!file_exists($executable)) {
            $executable = $this->composer->getConfig()->get(self::VENDOR_DIR_KEY)
                . self::THESEER_AUTOLOAD_EXEC_REL_PATH;
        }

        if (!file_exists($executable)) {
            $this->writeDebug(
                'Magento deployLibraries autoload generator not available, you should require "theseer/autoload"',
                $executable
            );

            return false;
        }

        return $executable;
    }

    /**
     * get Theseer Autoload Generator Params
     *
     * @param string $libraryPath
     * @param array  $autoloadDirectories
     *
     * @return string
     */
    protected function getTheseerAutoloadParams($libraryPath, $autoloadDirectories)
    {
        // @todo  --blacklist 'test\\\\*'
        return " -b {$libraryPath} -o {$libraryPath}/autoload.php  " . implode(' ', $autoloadDirectories);
    }

    /**
     * Copy then delete is a non-atomic version of {@link rename}.
     *
     * Some systems can't rename and also don't have proc_open,
     * which requires this solution.
     *
     * copied from \Composer\Util\Filesystem::copyThenRemove and removed the remove part
     *
     * @param string $source
     * @param string $target
     */
    protected function copyRecursive($source, $target)
    {
        $it = new RecursiveDirectoryIterator($source, RecursiveDirectoryIterator::SKIP_DOTS);
        $ri = new RecursiveIteratorIterator($it, RecursiveIteratorIterator::SELF_FIRST);
        $this->filesystem->ensureDirectoryExists($target);

        foreach ($ri as $file) {
            $targetPath = $target . DIRECTORY_SEPARATOR . $ri->getSubPathName();
            if ($file->isDir()) {
                $this->filesystem->ensureDirectoryExists($targetPath);
            } else {
                copy($file->getPathname(), $targetPath);
            }
        }
    }

    /**
     * print Debug Message
     *
     * @param $message
     */
    private function writeDebug($message, $varDump = null)
    {
        if ($this->io->isDebug()) {
            $this->io->write($message);

            if (!is_null($varDump)) {
                var_dump($varDump);

            }
        }
    }

    /**
     * @param PackageInterface $package
     * @return string
     */
    public function getPackageInstallPath(PackageInterface $package)
    {
        $vendorDir = realpath(rtrim($this->composer->getConfig()->get('vendor-dir'), '/'));
        return sprintf('%s/%s', $vendorDir, $package->getPrettyName());
    }

    /**
     * @return EventManager
     */
    protected function getEventManager()
    {
        if (null === $this->eventManager) {
            $this->eventManager = new EventManager;
        }

        return $this->eventManager;
    }

    /**
     * @return ModuleManager
     */
    protected function getModuleManager()
    {
        if (null === $this->moduleManager) {
            $this->moduleManager = new ModuleManager(
                new InstalledPackageFileSystemRepository(
                    rtrim($this->composer->getConfig()->get(self::VENDOR_DIR_KEY), '/') . '/installed.json',
                    new InstalledPackageDumper()
                ),
                $this->getEventManager(),
                $this->config,
                new UnInstallStrategy($this->filesystem, $this->config->getMagentoRootDir()),
                new InstallStrategyFactory($this->config, new ParserFactory($this->config))
            );
        }

        return $this->moduleManager;
    }
}


1		<?php
2		/**
3		*
4		*
5		*
6		*
7		*/
8
9		namespace MagentoHackathon\Composer\Magento;
10
11		use Composer\Config;
12		use Composer\DependencyResolver\Rule;
13		use Composer\Installer;
14		use Composer\Package\AliasPackage;
15		use Composer\Script\Event;
16		use Composer\Installer\PackageEvent;
17		use MagentoHackathon\Composer\Helper;
18		use MagentoHackathon\Composer\Magento\Event\EventManager;
19		use MagentoHackathon\Composer\Magento\Event\PackageDeployEvent;
20		use MagentoHackathon\Composer\Magento\Factory\DeploystrategyFactory;
21		use MagentoHackathon\Composer\Magento\Factory\EntryFactory;
22		use MagentoHackathon\Composer\Magento\Factory\ParserFactory;
23		use MagentoHackathon\Composer\Magento\Factory\PathTranslationParserFactory;
24		use MagentoHackathon\Composer\Magento\Patcher\Bootstrap;
25		use MagentoHackathon\Composer\Magento\Repository\InstalledPackageFileSystemRepository;
26		use MagentoHackathon\Composer\Magento\UnInstallStrategy\UnInstallStrategy;
27		use MagentoHackathon\Composer\Magento\Factory\InstallStrategyFactory;
28		use RecursiveDirectoryIterator;
29		use RecursiveIteratorIterator;
30		use Composer\Composer;
31		use Composer\IO\IOInterface;
32		use Composer\Package\PackageInterface;
33		use Composer\Plugin\PluginInterface;
34		use Composer\EventDispatcher\EventSubscriberInterface;
35		use Composer\Script\ScriptEvents;
36		use Composer\Util\Filesystem;
37		use Symfony\Component\Process\Process;
38
39		class Plugin implements PluginInterface, EventSubscriberInterface
40		{
41		/**
42		* The type of packages this plugin supports
43		*/
44		const PACKAGE_TYPE = 'magento-module';
45
46		const VENDOR_DIR_KEY = 'vendor-dir';
47
48		const BIN_DIR_KEY = 'bin-dir';
49
50		const THESEER_AUTOLOAD_EXEC_BIN_PATH = '/phpab';
51
52		const THESEER_AUTOLOAD_EXEC_REL_PATH = '/theseer/autoload/composer/bin/phpab';
53
54		/**
55		* @var IOInterface
56		*/
57		protected $io;
58
59		/**
60		* @var ProjectConfig
61		*/
62		protected $config;
63
64		/**
65		* @var DeployManager
66		*/
67		protected $deployManager;
68
69		/**
70		* @var Composer
71		*/
72		protected $composer;
73
74		/**
75		* @var Filesystem
76		*/
77		protected $filesystem;
78
79		/**
80		* @var EntryFactory
81		*/
82		protected $entryFactory;
83
84		/**
85		* @var EventManager
86		*/
87		private $eventManager;
88
89		/**
90		* @var ModuleManager
91		*/
92		private $moduleManager;
93
94		/**
95		* init the DeployManager
96		*
97		* @param Composer $composer
98		* @param IOInterface $io
99		*/
100	6	protected function initDeployManager(Composer $composer, IOInterface $io, EventManager $eventManager)
		0 ignored issues – show Unused Code introduced 2015-11-21 00:02 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$io` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
101		{
102	6	$this->deployManager = new DeployManager($eventManager);
103	6	$this->deployManager->setSortPriority($this->getSortPriority($composer));
104
105	6	$this->applyEvents($eventManager);
106	6	}
107
108	6	protected function applyEvents(EventManager $eventManager)
109		{
110
111	6	if ($this->config->hasAutoAppendGitignore()) {
112	1	$gitIgnoreLocation = sprintf('%s/.gitignore', $this->config->getMagentoRootDir());
113	1	$gitIgnore = new GitIgnoreListener(new GitIgnore($gitIgnoreLocation));
114
115	1	$eventManager->listen('post-package-deploy', [$gitIgnore, 'addNewInstalledFiles']);
116	1	$eventManager->listen('post-package-uninstall', [$gitIgnore, 'removeUnInstalledFiles']);
117		}
118
119	6	$io = $this->io;
120	6	if ($this->io->isDebug()) {
121		$eventManager->listen('pre-package-deploy', function (PackageDeployEvent $event) use ($io) {
122		$io->write('Start magento deploy for ' . $event->getDeployEntry()->getPackageName());
123	1	});
124		}
125	6	}
126
127		/**
128		* get Sort Priority from extra Config
129		*
130		* @param \Composer\Composer $composer
131		*
132		* @return array
133		*/
134	6	private function getSortPriority(Composer $composer)
135		{
136	6	$extra = $composer->getPackage()->getExtra();
137
138	6	return isset($extra[ProjectConfig::SORT_PRIORITY_KEY])
139		? $extra[ProjectConfig::SORT_PRIORITY_KEY]
140	6	: array();
141		}
142
143		/**
144		* Apply plugin modifications to composer
145		*
146		* @param Composer $composer
147		* @param IOInterface $io
148		*/
149	6	public function activate(Composer $composer, IOInterface $io)
150		{
151	6	$this->io = $io;
152	6	$this->composer = $composer;
153
154	6	$this->filesystem = new Filesystem();
155	6	$this->config = new ProjectConfig($composer->getPackage()->getExtra(), $composer->getConfig()->all());
156
157	6	if (!$this->config->skipSuggestComposerRepositories()) {
158	5	$this->suggestComposerRepositories();
159		}
160
161	6	$this->entryFactory = new EntryFactory(
162	6	$this->config,
163	6	new DeploystrategyFactory($this->config),
164	6	new PathTranslationParserFactory(new ParserFactory($this->config), $this->config)
165		);
166
167	6	$this->initDeployManager($composer, $io, $this->getEventManager());
168	6	$this->writeDebug('activate magento plugin');
169	6	}
170
171		/**
172		* Returns an array of event names this subscriber wants to listen to.
173		*
174		* The array keys are event names and the value can be:
175		*
176		* * The method name to call (priority defaults to 0)
177		* * An array composed of the method name to call and the priority
178		* * An array of arrays composed of the method names to call and respective
179		* priorities, or 0 if unset
180		*
181		* For instance:
182		*
183		* * array('eventName' => 'methodName')
184		* * array('eventName' => array('methodName', $priority))
185		* * array('eventName' => array(array('methodName1', $priority), array('methodName2'))
186		*
187		* @return array The event names to listen to
188		*/
189		public static function getSubscribedEvents()
190		{
191		return array(
192		Installer\PackageEvents::PRE_PACKAGE_UPDATE => array(
193		array('onPackageUpdate', 0),
194		),
195		ScriptEvents::POST_INSTALL_CMD => array(
196		array('onNewCodeEvent', 0),
197		),
198		ScriptEvents::POST_UPDATE_CMD => array(
199		array('onNewCodeEvent', 0),
200		),
201		);
202		}
203
204		/**
205		* event listener is named this way, as it listens for events leading to changed code files
206		*
207		* @param Event $event
208		*/
209	3	public function onNewCodeEvent(Event $event)
210		{
211
212	3	$packageTypeToMatch = static::PACKAGE_TYPE;
213	3	$magentoModules = array_filter(
214	3	$this->composer->getRepositoryManager()->getLocalRepository()->getPackages(),
215	3	function (PackageInterface $package) use ($packageTypeToMatch) {
216	3	if ($package instanceof AliasPackage) {
217	1	return false;
218		}
219	3	return $package->getType() === $packageTypeToMatch;
220	3	}
221		);
222
223	3	if ($this->composer->getPackage()->getType() === static::PACKAGE_TYPE
224	3	&& $this->config->getIncludeRootPackage() === true
225		) {
226	1	$magentoModules[] = $this->composer->getPackage();
227		}
228
229	3	$vendorDir = rtrim($this->composer->getConfig()->get(self::VENDOR_DIR_KEY), '/');
230
231	3	Helper::initMagentoRootDir(
232	3	$this->config,
233	3	$this->io,
234	3	$this->filesystem,
235		$vendorDir
236		);
237
238	3	$this->applyEvents($this->getEventManager());
239
240	3	if (in_array('--redeploy', $event->getArguments())) {
241		$this->writeDebug('remove all deployed modules');
242		$this->getModuleManager()->updateInstalledPackages(array());
243		}
244	3	$this->writeDebug('start magento module deploy via moduleManager');
245	3	$this->getModuleManager()->updateInstalledPackages($magentoModules);
246	3	$this->deployLibraries();
247
248	3	$patcher = Bootstrap::fromConfig($this->config);
249	3	$patcher->setIo($this->io);
250		try {
251	3	$patcher->patch();
252	3	} catch (\DomainException $e) {
253	3	$this->io->write('<comment>'.$e->getMessage().'</comment>');
254		}
255	3	}
256
257		public function onPackageUpdate(PackageEvent $event)
258		{
259		/** @var Rule $rule */
260		$rule = $event->getOperation()->getReason();
261		if ($rule instanceof Rule) {
262		if ($event->getOperation()->getJobType() === 'update') {
263		if ($rule->getJob()['packageName'] === 'magento-hackathon/magento-composer-installer') {
264		throw new \Exception(
265		'Dont update the "magento-hackathon/magento-composer-installer" with active plugins.' . PHP_EOL .
266		'Consult the documentation on how to update the Installer' . PHP_EOL .
267		'https://github.com/Cotya/magento-composer-installer#update-the-installer' . PHP_EOL
268		);
269		}
270		}
271		} else {
		0 ignored issues – show Unused Code introduced 2016-05-09 19:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this This `else` statement is empty and can be removed. This check looks for the `else` branches of `if` statements that have no statements or where all statements have been commented out. This may be the result of changes for debugging or the code may simply be obsolete. These `else` branches can be removed. if (rand(1, 6) > 3) { print "Check failed"; } else { //print "Check succeeded"; } could be turned into if (rand(1, 6) > 3) { print "Check failed"; } This is much more concise to read. Loading history...
272
273		}
274
275		}
276
277		/**
278		* test configured repositories and give message about adding recommended ones
279		*/
280	5	protected function suggestComposerRepositories()
281		{
282	5	$foundFiregento = false;
283	5	$foundMagento = false;
		0 ignored issues – show Unused Code introduced 2016-05-08 20:34 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$foundMagento` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
284
285	5	foreach ($this->config->getComposerRepositories() as $repository) {
286		if (!isset($repository["type"]) \|\| $repository["type"] !== "composer") {
287		continue;
288		}
289		if (strpos($repository["url"], "packages.firegento.com") !== false) {
290		$foundFiregento = true;
291		}
292		};
293	5	$message1 = "<comment>you may want to add the %s repository to composer.</comment>";
294	5	$message2 = "<comment>add it with:</comment> composer.phar config -g repositories.%s composer %s";
295	5	if (!$foundFiregento) {
296	5	$this->io->write(sprintf($message1, 'packages.firegento.com'));
297	5	$this->io->write(sprintf($message2, 'firegento', 'https://packages.firegento.com'));
298		}
299	5	}
300
301		/**
302		* deploy Libraries
303		*/
304	3	protected function deployLibraries()
305		{
306	3	$packages = $this->composer->getRepositoryManager()->getLocalRepository()->getPackages();
307	3	$autoloadDirectories = array();
308
309	3	$libraryPath = $this->config->getLibraryPath();
310
311	3	if ($libraryPath === null) {
312	3	$this->writeDebug('jump over deployLibraries as no Magento libraryPath is set');
313
314	3	return;
315		}
316
317		$vendorDir = rtrim($this->composer->getConfig()->get(self::VENDOR_DIR_KEY), '/');
318
319		$this->filesystem->removeDirectory($libraryPath);
320		$this->filesystem->ensureDirectoryExists($libraryPath);
321
322		foreach ($packages as $package) {
323		/** @var PackageInterface $package */
324		$packageConfig = $this->config->getLibraryConfigByPackagename($package->getName());
		0 ignored issues – show Bug introduced 2015-11-21 00:02 UTC by Report Bug Copy Issue Report Show Similar Issues like this Are you sure the assignment to `$packageConfig` is correct as `$this->config->getLibrar...me($package->getName())` (which targets `MagentoHackathon\Compose...ryConfigByPackagename()`) seems to always return null. This check looks for function or method calls that always return null and whose return value is assigned to a variable. class A { function getObject() { return null; } } $a = new A(); $object = $a->getObject(); The method `getObject()` can return nothing but null, so it makes no sense to assign that value to a variable. The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. Loading history...
325		if ($packageConfig === null) {
326		continue;
327		}
328		if (!isset($packageConfig['autoload'])) {
329		$packageConfig['autoload'] = array('/');
330		}
331		foreach ($packageConfig['autoload'] as $path) {
332		$autoloadDirectories[] = $libraryPath . '/' . $package->getName() . "/" . $path;
333		}
334		$this->writeDebug(sprintf('Magento deployLibraries executed for %s', $package->getName()));
335
336		$libraryTargetPath = $libraryPath . '/' . $package->getName();
337		$this->filesystem->removeDirectory($libraryTargetPath);
338		$this->filesystem->ensureDirectoryExists($libraryTargetPath);
339		$this->copyRecursive($vendorDir . '/' . $package->getPrettyName(), $libraryTargetPath);
340		}
341
342		if (false !== ($executable = $this->getTheseerAutoloadExecutable())) {
343		$this->writeDebug('Magento deployLibraries executes autoload generator');
344
345		$params = $this->getTheseerAutoloadParams($libraryPath, $autoloadDirectories);
346
347		$process = new Process($executable . $params);
348		$process->run();
349		}
350		}
351
352		/**
353		* return the autoload generator binary path or false if not found
354		*
355		* @return bool\|string
356		*/
357		protected function getTheseerAutoloadExecutable()
358		{
359		$executable = $this->composer->getConfig()->get(self::BIN_DIR_KEY)
360		. self::THESEER_AUTOLOAD_EXEC_BIN_PATH;
361
362		if (!file_exists($executable)) {
363		$executable = $this->composer->getConfig()->get(self::VENDOR_DIR_KEY)
364		. self::THESEER_AUTOLOAD_EXEC_REL_PATH;
365		}
366
367		if (!file_exists($executable)) {
368		$this->writeDebug(
369		'Magento deployLibraries autoload generator not available, you should require "theseer/autoload"',
370		$executable
371		);
372
373		return false;
374		}
375
376		return $executable;
377		}
378
379		/**
380		* get Theseer Autoload Generator Params
381		*
382		* @param string $libraryPath
383		* @param array $autoloadDirectories
384		*
385		* @return string
386		*/
387		protected function getTheseerAutoloadParams($libraryPath, $autoloadDirectories)
388		{
389		// @todo --blacklist 'test\\\\*'
390		return " -b {$libraryPath} -o {$libraryPath}/autoload.php " . implode(' ', $autoloadDirectories);
391		}
392
393		/**
394		* Copy then delete is a non-atomic version of {@link rename}.
395		*
396		* Some systems can't rename and also don't have proc_open,
397		* which requires this solution.
398		*
399		* copied from \Composer\Util\Filesystem::copyThenRemove and removed the remove part
400		*
401		* @param string $source
402		* @param string $target
403		*/
404		protected function copyRecursive($source, $target)
405		{
406		$it = new RecursiveDirectoryIterator($source, RecursiveDirectoryIterator::SKIP_DOTS);
407		$ri = new RecursiveIteratorIterator($it, RecursiveIteratorIterator::SELF_FIRST);
408		$this->filesystem->ensureDirectoryExists($target);
409
410		foreach ($ri as $file) {
411		$targetPath = $target . DIRECTORY_SEPARATOR . $ri->getSubPathName();
412		if ($file->isDir()) {
413		$this->filesystem->ensureDirectoryExists($targetPath);
414		} else {
415		copy($file->getPathname(), $targetPath);
416		}
417		}
418		}
419
420		/**
421		* print Debug Message
422		*
423		* @param $message
424		*/
425	6	private function writeDebug($message, $varDump = null)
426		{
427	6	if ($this->io->isDebug()) {
428	1	$this->io->write($message);
429
430	1	if (!is_null($varDump)) {
431		var_dump($varDump);
		0 ignored issues – show Security Debugging Code introduced 2015-11-21 00:02 UTC by Report Bug Copy Issue Report Show Similar Issues like this `var_dump($varDump);` looks like debug code. Are you sure you do not want to remove it? This might expose sensitive data. Loading history...
432		}
433		}
434	6	}
435
436		/**
437		* @param PackageInterface $package
438		* @return string
439		*/
440		public function getPackageInstallPath(PackageInterface $package)
441		{
442		$vendorDir = realpath(rtrim($this->composer->getConfig()->get('vendor-dir'), '/'));
443		return sprintf('%s/%s', $vendorDir, $package->getPrettyName());
444		}
445
446		/**
447		* @return EventManager
448		*/
449		protected function getEventManager()
450		{
451		if (null === $this->eventManager) {
452		$this->eventManager = new EventManager;
453		}
454
455		return $this->eventManager;
456		}
457
458		/**
459		* @return ModuleManager
460		*/
461		protected function getModuleManager()
462		{
463		if (null === $this->moduleManager) {
464		$this->moduleManager = new ModuleManager(
465		new InstalledPackageFileSystemRepository(
466		rtrim($this->composer->getConfig()->get(self::VENDOR_DIR_KEY), '/') . '/installed.json',
467		new InstalledPackageDumper()
468		),
469		$this->getEventManager(),
470		$this->config,
471		new UnInstallStrategy($this->filesystem, $this->config->getMagentoRootDir()),
472		new InstallStrategyFactory($this->config, new ParserFactory($this->config))
473		);
474		}
475
476		return $this->moduleManager;
477		}
478		}
479

Cotya / magento-composer-installer

Issues (20)

Security Analysis no request data

src/MagentoHackathon/Composer/Magento/Plugin.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like