PermissionAdmin - Code Metrics - Kunstmaan/KunstmaanBundlesCMS - Measure and Improve Code Quality continuously with Scrutinizer

PermissionAdmin A
last analyzed 2020-11-05 13:23 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	345
Duplicated Lines	8.99 %

Coupling/Cohesion

Components	1
Dependencies	17

Test Coverage

Coverage

100%

Importance

Changes

Metric	Value
wmc	40
lcom	1
cbo	17
dl	31
loc	345
ccs	107
cts	107
cp	1
rs	9.2
c	0
b	0
f	0

12 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	17	1
A	initialize()	6	23	4
A	getPermissions()	0	4	1
A	getPermission()	0	11	4
A	getAllRoles()	0	4	1
A	getManageableRolesForPages()	0	13	6
A	getPossiblePermissions()	0	4	1
A	bindRequest()	0	26	3
A	createAclChangeSet()	0	12	1
C	applyAclChangeset()	0	56	12
A	getObjectAceIndex()	13	13	4
A	getMaskAtIndex()	12	12	2

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like PermissionAdmin often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use PermissionAdmin, and based on these observations, apply Extract Interface, too.

<?php

namespace Kunstmaan\AdminBundle\Helper\Security\Acl\Permission;

use Doctrine\ORM\EntityManager;
use Kunstmaan\AdminBundle\Entity\AbstractEntity;
use Kunstmaan\AdminBundle\Entity\AclChangeset;
use Kunstmaan\AdminBundle\Entity\Role;
use Kunstmaan\UtilitiesBundle\Helper\Shell\Shell;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\KernelInterface;
use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
use Symfony\Component\Security\Acl\Exception\AclNotFoundException;
use Symfony\Component\Security\Acl\Model\AclInterface;
use Symfony\Component\Security\Acl\Model\AclProviderInterface;
use Symfony\Component\Security\Acl\Model\AuditableEntryInterface;
use Symfony\Component\Security\Acl\Model\MutableAclInterface;
use Symfony\Component\Security\Acl\Model\MutableAclProviderInterface;
use Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Role\RoleInterface;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * Helper to manage the permissions on a certain entity
 */
class PermissionAdmin
{
    const ADD = 'ADD';
    const DELETE = 'DEL';

    /**
     * @var AbstractEntity
     */
    protected $resource = null;

    /**
     * @var EntityManager
     */
    protected $em = null;

    /**
     * @var TokenStorageInterface
     */
    protected $tokenStorage = null;

    /**
     * @var MutableAclProviderInterface
     */
    protected $aclProvider = null;

    /**
     * @var ObjectIdentityRetrievalStrategyInterface
     */
    protected $oidRetrievalStrategy = null;

    /**
     * @var PermissionMap
     */
    protected $permissionMap = null;

    /**
     * @var array
     */
    protected $permissions = null;

    /**
     * @var EventDispatcherInterface
     */
    protected $eventDispatcher = null;

    /**
     * @var KernelInterface
     */
    protected $kernel;

    /**
     * @var Shell
     */
    protected $shellHelper;

    /**
     * Constructor
     *
     * @param EntityManager                            $em                   The EntityManager
     * @param TokenStorageInterface                    $tokenStorage         The token storage
     * @param AclProviderInterface                     $aclProvider          The ACL provider
     * @param ObjectIdentityRetrievalStrategyInterface $oidRetrievalStrategy The object retrieval strategy
     * @param EventDispatcherInterface                 $eventDispatcher      The event dispatcher
     * @param Shell                                    $shellHelper          The shell helper
     * @param KernelInterface                          $kernel               The kernel
     */
    public function __construct(
        EntityManager $em,
function someFunction(ManagerRegistry $registry) {
    $em = $registry->getManager();
    $em->getConnection()->beginTransaction();
    try {
        // Do something.
        $em->getConnection()->commit();
    } catch (\Exception $ex) {
        $em->getConnection()->rollback();
        $em->close();

        throw $ex;
    }
}
        TokenStorageInterface $tokenStorage,
        AclProviderInterface $aclProvider,
        ObjectIdentityRetrievalStrategyInterface $oidRetrievalStrategy,
        EventDispatcherInterface $eventDispatcher,
        Shell $shellHelper,
        KernelInterface $kernel
    ) {
        $this->em = $em;
        $this->tokenStorage = $tokenStorage;
        $this->aclProvider = $aclProvider;
class Alien {}

class Dalek extends Alien {}

class Plot
{
    /** @var  Dalek */
    public $villain;
}

$alien = new Alien();
$plot = new Plot();
if ($alien instanceof Dalek) {
    $plot->villain = $alien;
}
        $this->oidRetrievalStrategy = $oidRetrievalStrategy;
        $this->eventDispatcher = $eventDispatcher;
        $this->shellHelper = $shellHelper;
        $this->kernel = $kernel;
    }

    /**
     * Initialize permission admin with specified entity.
     *
     * @param AbstractEntity         $resource      The object which has the permissions
     * @param PermissionMapInterface $permissionMap The permission map to use
     */
    public function initialize(AbstractEntity $resource, PermissionMapInterface $permissionMap)
    {
        $this->resource = $resource;
        $this->permissionMap = $permissionMap;
class Alien {}

class Dalek extends Alien {}

class Plot
{
    /** @var  Dalek */
    public $villain;
}

$alien = new Alien();
$plot = new Plot();
if ($alien instanceof Dalek) {
    $plot->villain = $alien;
}
        $this->permissions = array();

        // Init permissions
        try {
            $objectIdentity = $this->oidRetrievalStrategy->getObjectIdentity($this->resource);
            /* @var $acl AclInterface */
            $acl = $this->aclProvider->findAcl($objectIdentity);
            $objectAces = $acl->getObjectAces();
            /* @var $ace AuditableEntryInterface */
            foreach ($objectAces as $ace) {

                $securityIdentity = $ace->getSecurityIdentity();
                if ($securityIdentity instanceof RoleSecurityIdentity) {
                    $this->permissions[$securityIdentity->getRole()] = new MaskBuilder($ace->getMask());
                }
            }
        } catch (AclNotFoundException $e) {
            // No Acl found - do nothing (or should we initialize with default values here?)
        }
    }

    /**
     * Get permissions.
     *
     * @return MaskBuilder[]
     */
    public function getPermissions()
    {
        return $this->permissions;
    }

    /**
     * Get permission for specified role.
     *
     * @param RoleInterface|string $role
     *
     * @return MaskBuilder|null
     */
    public function getPermission($role)
    {
        if ($role instanceof RoleInterface || $role instanceof \Symfony\Component\Security\Core\Role\Role) {
if ($x instanceof DoesNotExist) {
    // Do something.
}
            $role = $role->getRole();
        }
        if (isset($this->permissions[$role])) {
            return $this->permissions[$role];
        }

        return null;
    }

    /**
     * Get all roles.
     *
     * @return Role[]

     */
    public function getAllRoles()
    {
        return $this->em->getRepository(Role::class)->findAll();
    }

    /**
     * Get all manageable roles for pages
     *
     * @return Role[]

     */
    public function getManageableRolesForPages()
    {
        $roles = $this->em->getRepository(Role::class)->findAll();

        if (($token = $this->tokenStorage->getToken()) && ($user = $token->getUser())) {
            if ($user && !$user->isSuperAdmin() && ($superAdminRole = array_keys($roles, 'ROLE_SUPER_ADMIN'))) {
                $superAdminRole = current($superAdminRole);
                unset($roles[$superAdminRole]);
            }
        }

        return $roles;
    }

    /**
     * Get possible permissions.
     *
     * @return array

     */
    public function getPossiblePermissions()
    {
        return $this->permissionMap->getPossiblePermissions();
    }

    /**
     * Handle form entry of permission changes.
     *
     * @param Request $request
     *
     * @return bool
     */
    public function bindRequest(Request $request)
    {
        $changes = $request->request->get('permission-hidden-fields');

        if (empty($changes)) {
            return true;
        }

        // Just apply the changes to the current node (non recursively)
        $this->applyAclChangeset($this->resource, $changes, false);

        // Apply recursively (on request)
        $applyRecursive = $request->request->get('applyRecursive');
        if ($applyRecursive) {
            // Serialize changes & store them in DB
            $user = $this->tokenStorage->getToken()->getUser();
            $this->createAclChangeSet($this->resource, $changes, $user);

            $cmd = 'php ' . $this->kernel->getProjectDir() . '/bin/console kuma:acl:apply';
            $cmd .= ' --env=' . $this->kernel->getEnvironment();

            $this->shellHelper->runInBackground($cmd);
        }

        return true;
    }

    /**
     * Create a new ACL changeset.
     *
     * @param AbstractEntity $entity  The entity
     * @param array          $changes The changes
     * @param UserInterface  $user    The user
     *
     * @return AclChangeset
     */
    public function createAclChangeSet(AbstractEntity $entity, $changes, UserInterface $user)
    {
        $aclChangeset = new AclChangeset();
        $aclChangeset->setRef($entity);
        $aclChangeset->setChangeset($changes);
        /* @var $user BaseUser */
        $aclChangeset->setUser($user);
        $this->em->persist($aclChangeset);
        $this->em->flush();

        return $aclChangeset;
    }

    /**
     * Apply the specified ACL changeset.
     *
     * @param AbstractEntity $entity    The entity
     * @param array          $changeset The changeset
     * @param bool           $recursive The recursive
     */
    public function applyAclChangeset(AbstractEntity $entity, $changeset, $recursive = true)
    {
        if ($recursive) {
            if (!method_exists($entity, 'getChildren')) {
                return;
            }

            // Iterate over children and apply recursively
            foreach ($entity->getChildren() as $child) {
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
                $this->applyAclChangeset($child, $changeset);
            }
        }

        // Apply ACL modifications to node
        $objectIdentity = $this->oidRetrievalStrategy->getObjectIdentity($entity);

        try {
            /* @var $acl MutableAclInterface */
            $acl = $this->aclProvider->findAcl($objectIdentity);
        } catch (AclNotFoundException $e) {
            /* @var $acl MutableAclInterface */
            $acl = $this->aclProvider->createAcl($objectIdentity);
        }

        // Process permissions in changeset
        foreach ($changeset as $role => $roleChanges) {
            $index = $this->getObjectAceIndex($acl, $role);
            $mask = 0;
            if (false !== $index) {
                $mask = $this->getMaskAtIndex($acl, $index);
            }
            foreach ($roleChanges as $type => $permissions) {
                $maskChange = new MaskBuilder();
                foreach ($permissions as $permission) {
                    $maskChange->add($permission);
                }
                switch ($type) {
                    case self::ADD:
                        $mask |= $maskChange->get();

                        break;
                    case self::DELETE:
                        $mask &= ~$maskChange->get();

                        break;
                }
            }
            if (false !== $index) {
                $acl->updateObjectAce($index, $mask);
<?php

function getDate($date)
{
    if ($date !== null) {
        return new DateTime($date);
    }

    return false;
}
            } else {
                $securityIdentity = new RoleSecurityIdentity($role);
                $acl->insertObjectAce($securityIdentity, $mask);
<?php

function getDate($date)
{
    if ($date !== null) {
        return new DateTime($date);
    }

    return false;
}
            }
        }
        $this->aclProvider->updateAcl($acl);
    }

    /**
     * Get current object ACE index for specified role.
     *
     * @param AclInterface $acl  The AclInterface
     * @param string       $role The role
     *
     * @return bool|int

     */
    private function getObjectAceIndex(AclInterface $acl, $role)

    {
        $objectAces = $acl->getObjectAces();
        /* @var $ace AuditableEntryInterface */
        foreach ($objectAces as $index => $ace) {
            $securityIdentity = $ace->getSecurityIdentity();
            if (($securityIdentity instanceof RoleSecurityIdentity) && $securityIdentity->getRole() == $role) {
                return $index;
            }
        }

        return false;
    }

    /**
     * Get object ACE mask at specified index.
     *
     * @param AclInterface $acl   The acl interface
     * @param int          $index The index
     *
     * @return bool|int

     */
    private function getMaskAtIndex(AclInterface $acl, $index)

    {
        $objectAces = $acl->getObjectAces();
        /* @var $ace AuditableEntryInterface */
        $ace = $objectAces[$index];
        $securityIdentity = $ace->getSecurityIdentity();
        if ($securityIdentity instanceof RoleSecurityIdentity) {
            return $ace->getMask();
        }

        return false;
    }
}


PermissionAdmin A
last analyzed 2020-11-05 13:23 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

12 Methods

How to fix Duplicated Code Complexity

Duplicated Code

Complex Class

1. Missing dependencies

2. Missing use statement

Available Fixes

Kunstmaan / KunstmaanBundlesCMS

PermissionAdmin A last analyzed 2020-11-05 13:23 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

12 Methods

How to fix Duplicated Code Complexity

Duplicated Code

Complex Class

1. Missing dependencies

2. Missing use statement

Available Fixes

Duplication Side-by-Side

Filter issues like

PermissionAdmin A
last analyzed 2020-11-05 13:23 UTC