Gixx /
WebHemi
| Conditions | 13 |
| Paths | 22 |
| Total Lines | 69 |
| Code Lines | 35 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 94 | public function __invoke(ServerRequestInterface &$request, ResponseInterface $response) |
||
| 95 | { |
||
| 96 | $actionMiddleware = $request->getAttribute(ServerRequestInterface::REQUEST_ATTR_RESOLVED_ACTION_CLASS); |
||
| 97 | $identity = false; |
||
| 98 | |||
| 99 | if (in_array($actionMiddleware, $this->middlewareWhiteList)) { |
||
| 100 | return $response; |
||
| 101 | } |
||
| 102 | |||
| 103 | if (!$this->authAdapter->hasIdentity()) { |
||
| 104 | /** @var Result $result */ |
||
| 105 | $result = $this->authAdapter->authenticate(); |
||
| 106 | |||
| 107 | if ($result->isValid()) { |
||
| 108 | $identity = $result->getIdentity(); |
||
| 109 | $this->authAdapter->setIdentity($identity); |
||
|
|
|||
| 110 | } |
||
| 111 | } else { |
||
| 112 | $identity = $this->authAdapter->getIdentity(); |
||
| 113 | } |
||
| 114 | |||
| 115 | if ($identity instanceof UserEntity) { |
||
| 116 | /** @var array<UserGroupEntity> $userGroups */ |
||
| 117 | $userGroups = $this->userToGroupCoupler->getEntityDependencies($identity); |
||
| 118 | /** @var array<PolicyEntity> $policies */ |
||
| 119 | $policies = $this->userToPolicyCoupler->getEntityDependencies($identity); |
||
| 120 | |||
| 121 | foreach ($userGroups as $userGroupEntity) { |
||
| 122 | /** @var array<PolicyEntity> $userGroupPolicies */ |
||
| 123 | $userGroupPolicies = $this->userGroupToPolicyCoupler->getEntityDependencies($userGroupEntity); |
||
| 124 | $policies = array_merge($userGroupPolicies, $policies); |
||
| 125 | } |
||
| 126 | |||
| 127 | $selectedApplication = $this->environmentManager->getSelectedApplication(); |
||
| 128 | /** @var ApplicationEntity $applicationEntity */ |
||
| 129 | $applicationEntity = $this->applicationStorage->getApplicationByName($selectedApplication); |
||
| 130 | /** @var ResourceEntity $resourceEntity */ |
||
| 131 | $resourceEntity = $this->resourceStorage->getResourceByName($actionMiddleware); |
||
| 132 | |||
| 133 | // We assume the worst case: no access |
||
| 134 | $hasAccess = false; |
||
| 135 | |||
| 136 | /** @var PolicyEntity $policyEntity */ |
||
| 137 | foreach ($policies as $policyEntity) { |
||
| 138 | $policyApplication = $policyEntity->getApplicationId(); |
||
| 139 | $policyResource = $policyEntity->getResourceId(); |
||
| 140 | |||
| 141 | // The user has access when: |
||
| 142 | // - user has a policy which allows access AND |
||
| 143 | // - user has a policy that connected to the current application OR any application AND |
||
| 144 | // - user has a policy that connected to the current resource OR any resource |
||
| 145 | if ($policyEntity->getAllowed() && |
||
| 146 | ($policyApplication == null || $policyApplication == $applicationEntity->getApplicationId()) && |
||
| 147 | ($policyResource == null || $policyResource == $resourceEntity->getResourceId()) |
||
| 148 | ) { |
||
| 149 | $hasAccess = true; |
||
| 150 | break; |
||
| 151 | } |
||
| 152 | } |
||
| 153 | |||
| 154 | if (!$hasAccess) { |
||
| 155 | $response = $response->withStatus(403, 'Forbidden'); |
||
| 156 | } |
||
| 157 | } else { |
||
| 158 | $response = $response->withStatus(401, 'Unauthorized'); |
||
| 159 | } |
||
| 160 | |||
| 161 | return $response; |
||
| 162 | } |
||
| 163 | } |
||
| 164 |
Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code: