Issues in WithPermissions.php (master) - Issues in master - EmilMoe/Guardian - Measure and Improve Code Quality continuously with Scrutinizer

Issues (5)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Http/Traits/WithPermissions.php (1 issue)

Labels

Bug 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace EmilMoe\Guardian\Http\Traits;

use EmilMoe\Guardian\Http\Models\Role;
use EmilMoe\Guardian\Support\Guardian;
use EmilMoe\Guardian\Http\Models\Permission;

use Illuminate\Support\Facades\DB;
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Auth;
use Illuminate\Database\Eloquent\Collection as EloquentCollection;

trait WithPermissions
{
    /**
     * Get all roles the user is attached to.
     *
     * @return EloquentCollection
     */
    public function roles()
    {
        return $this->belongsToMany(Role::class, Guardian::getUsersRolesTable());
trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}
    }

    /**
     * Get all permissions the user has access to through roles.
     *
     * @return Collection
     */
    public function permissions()
    {
        $p = collect([]);

        foreach ($this->roles()->get() as $role)
            $p = $p->merge($role->permissions()->get());

        return $p->unique();
    }

    /**
     * Check whether the user has access to a specific permission.
     * If ID is provided a check for local access and inherit access
     * will be performed automatically too.
     *
     * @param $permission
     * @param null $id
     * @return bool
     */
    public function hasAccess($permission, $id = null)
    {
        if ($this->hasGlobalAccess($permission))
            return true;

        if ($this->hasLocalAccess($permission, $id))
            return true;

        if ($this->hasInheritAccess($permission, $id))
            return true;

        return false;
    }

    /**
     * Check whether the user has access to a permission at any
     * given point. If user does not have global access but
     * local access in 1 or more occurrences the hasAccessAny
     * will return true.
     *
     * @param $permission
     * @return bool
     */
    public function hasAccessAny($permission)
    {
        if ($this->hasAccess($permission))
            return true;

        $permission = Permission::where('name', $permission);

        if ($permission->count() == 0 || $permission->first()->table == null)
            return false;

        return DB::table(Permission::where('name', $permission)->first()->table)
            ->where($permission->first()->user_id_column, Auth::id())
            ->where('is_privileged', true)
            ->count() > 0;
    }

    /**
     * Determines whether the user has global access to the
     * given permission.
     *
     * @param $permission
     * @return bool
     */
    private function hasGlobalAccess($permission)
    {
        return $this->permissions()->contains('name', $permission);
    }

    /**
     * Determines whether the user has local access to the
     * permission with the given ID.
     *
     * @param $permission
     * @param $id
     * @return bool
     */
    private function hasLocalAccess($permission, $id)
    {
        if (! $id)
            return false;

        $permission = Permission::where('name', $permission);

        if ($permission->count() == 0 || $permission->first()->table == null)
            return false;

        if (DB::table($permission->first()->table)
                ->where($permission->first()->user_id_column, Auth::id())
                ->where($permission->first()->foreign_id_column, $id)
                ->where('is_privileged', true)
                ->count() > 0)
            return true;

        return false;
    }

    /**
     * Determining whether the user is granted access to a
     * permission indirectly through inheritance where a
     * superior permission grants access down a tree
     * structure.
     *
     * @param $permission
     * @param $id
     * @return bool
     */
    private function hasInheritAccess($permission, $id)
    {
        if (! $id)
            return false;

        if (method_exists(Auth::user(), $permission .'Privilege'))
            return Auth::user()->{$permission .'Privilege'}($id);

        return false;
    }
}

1			<?php
2
3			namespace EmilMoe\Guardian\Http\Traits;
4
5			use EmilMoe\Guardian\Http\Models\Role;
6			use EmilMoe\Guardian\Support\Guardian;
7			use EmilMoe\Guardian\Http\Models\Permission;
8
9			use Illuminate\Support\Facades\DB;
10			use Illuminate\Support\Collection;
11			use Illuminate\Support\Facades\Auth;
12			use Illuminate\Database\Eloquent\Collection as EloquentCollection;
13
14			trait WithPermissions
15			{
16			/**
17			* Get all roles the user is attached to.
18			*
19			* @return EloquentCollection
20			*/
21			public function roles()
22			{
23			return $this->belongsToMany(Role::class, Guardian::getUsersRolesTable());
			0 ignored issues – show Bug introduced 2016-05-11 11:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `belongsToMany()` must be provided by classes using this trait. How about adding it as abstract method to this trait? This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable { public function equalIds(Idable $other) { return $this->getId() === $other->getId(); } } The trait `Idable` provides a method `equalsId` that in turn relies on the method `getId()`. If this method does not exist on a class mixing in this trait, the method will fail. Adding the `getId()` as an abstract method to the trait will make sure it is available. Loading history...
24			}
25
26			/**
27			* Get all permissions the user has access to through roles.
28			*
29			* @return Collection
30			*/
31			public function permissions()
32			{
33			$p = collect([]);
34
35			foreach ($this->roles()->get() as $role)
36			$p = $p->merge($role->permissions()->get());
37
38			return $p->unique();
39			}
40
41			/**
42			* Check whether the user has access to a specific permission.
43			* If ID is provided a check for local access and inherit access
44			* will be performed automatically too.
45			*
46			* @param $permission
47			* @param null $id
48			* @return bool
49			*/
50			public function hasAccess($permission, $id = null)
51			{
52			if ($this->hasGlobalAccess($permission))
53			return true;
54
55			if ($this->hasLocalAccess($permission, $id))
56			return true;
57
58			if ($this->hasInheritAccess($permission, $id))
59			return true;
60
61			return false;
62			}
63
64			/**
65			* Check whether the user has access to a permission at any
66			* given point. If user does not have global access but
67			* local access in 1 or more occurrences the hasAccessAny
68			* will return true.
69			*
70			* @param $permission
71			* @return bool
72			*/
73			public function hasAccessAny($permission)
74			{
75			if ($this->hasAccess($permission))
76			return true;
77
78			$permission = Permission::where('name', $permission);
79
80			if ($permission->count() == 0 \|\| $permission->first()->table == null)
81			return false;
82
83			return DB::table(Permission::where('name', $permission)->first()->table)
84			->where($permission->first()->user_id_column, Auth::id())
85			->where('is_privileged', true)
86			->count() > 0;
87			}
88
89			/**
90			* Determines whether the user has global access to the
91			* given permission.
92			*
93			* @param $permission
94			* @return bool
95			*/
96			private function hasGlobalAccess($permission)
97			{
98			return $this->permissions()->contains('name', $permission);
99			}
100
101			/**
102			* Determines whether the user has local access to the
103			* permission with the given ID.
104			*
105			* @param $permission
106			* @param $id
107			* @return bool
108			*/
109			private function hasLocalAccess($permission, $id)
110			{
111			if (! $id)
112			return false;
113
114			$permission = Permission::where('name', $permission);
115
116			if ($permission->count() == 0 \|\| $permission->first()->table == null)
117			return false;
118
119			if (DB::table($permission->first()->table)
120			->where($permission->first()->user_id_column, Auth::id())
121			->where($permission->first()->foreign_id_column, $id)
122			->where('is_privileged', true)
123			->count() > 0)
124			return true;
125
126			return false;
127			}
128
129			/**
130			* Determining whether the user is granted access to a
131			* permission indirectly through inheritance where a
132			* superior permission grants access down a tree
133			* structure.
134			*
135			* @param $permission
136			* @param $id
137			* @return bool
138			*/
139			private function hasInheritAccess($permission, $id)
140			{
141			if (! $id)
142			return false;
143
144			if (method_exists(Auth::user(), $permission .'Privilege'))
145			return Auth::user()->{$permission .'Privilege'}($id);
146
147			return false;
148			}
149			}

EmilMoe / Guardian

Issues (5)

Security Analysis no request data

src/Http/Traits/WithPermissions.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like