Issues in UpdateAclCommand.php - All Issues - Inspection of "Merge branch '5.6'" - Kunstmaan/KunstmaanBundlesCMS - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( ae5e03...0447ee )

by Jeroen

created 2020-08-07 09:00 UTC

Kunstmaan/AdminBundle/Command/UpdateAclCommand.php (1 issue)

Showing only issues like (Show All)

Check that errors are not suppressed

Best Practice Security Major

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Kunstmaan\AdminBundle\Command;

use Doctrine\ORM\EntityManagerInterface;
use Kunstmaan\AdminBundle\Service\AclManager;
use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Question\ChoiceQuestion;
use Symfony\Component\Security\Acl\Permission\PermissionMapInterface;

/**
 * Permissions update of ACL entries for all nodes for given role.
 *
 * @final since 5.1
 * NEXT_MAJOR extend from `Command` and remove `$this->getContainer` usages
 */
class UpdateAclCommand extends ContainerAwareCommand
{
    /** @var AclManager */
    private $aclManager;

    /** @var PermissionMapInterface */
    private $permissionMap;

    /** @var EntityManagerInterface */
    private $em;

    /** @var array */
    private $roles;

    public function __construct(/*AclManager*/ $aclManager = null, EntityManagerInterface $em = null, PermissionMapInterface $permissionMap = null, array $roles = null)
    {
        parent::__construct();

        if (!$aclManager instanceof AclManager) {
            @trigger_error(sprintf('Passing a command name as the first argument of "%s" is deprecated since version symfony 3.4 and will be removed in symfony 4.0. If the command was registered by convention, make it a service instead. ', __METHOD__), E_USER_DEPRECATED);
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}

            $this->setName(null === $aclManager ? 'kuma:acl:update' : $aclManager);

            return;
        }

        $this->aclManager = $aclManager;
        $this->em = $em;
        $this->permissionMap = $permissionMap;
        $this->roles = $roles;
    }

    /**
     * {@inheritdoc}
     */
    protected function configure()
    {
        parent::configure();

        $this->setName('kuma:acl:update')
            ->setDescription('Permissions update of ACL entries for all nodes for given role')
            ->setHelp('The <info>kuma:acl:update</info> will update ACL entries for the nodes of the current project' .
                'with given role and permissions');
    }

    /**
     * {@inheritdoc}
     */
    protected function execute(InputInterface $input, OutputInterface $output)
    {
        $helper = $this->getHelper('question');
        if (null === $this->aclManager) {
            $this->aclManager = $this->getContainer()->get('kunstmaan_admin.acl.manager');
        }
        if (null === $this->em) {
            $this->em = $this->getContainer()->get('doctrine.orm.entity_manager');
        }
        if (null === $this->permissionMap) {
            $this->permissionMap = $this->getContainer()->get('security.acl.permission.map');
        }
        if (null === $this->roles) {
            $this->roles = $this->getContainer()->getParameter('security.role_hierarchy.roles');
        }

        // Select Role
        $question = new ChoiceQuestion('Select role', array_keys($this->roles));
        $question->setErrorMessage('Role %s is invalid.');
        $role = $helper->ask($input, $output, $question);

        // Select Permission(s)
        $permissionMap = $this->permissionMap;
        $question = new ChoiceQuestion('Select permissions(s) (separate by ",")',
            $permissionMap->getPossiblePermissions());
        $question->setMultiselect(true);
        $mask = array_reduce($helper->ask($input, $output, $question), function ($a, $b) use ($permissionMap) {
            return $a | $permissionMap->getMasks($b, null)[0];
        }, 0);

        // Fetch all nodes & grant access
        $nodes = $this->em->getRepository('KunstmaanNodeBundle:Node')->findAll();

        $this->aclManager->updateNodesAclToRole($nodes, $role, $mask);

        $output->writeln(\count($nodes) . ' nodes processed.');

        return 0;
    }
}


1			<?php
2
3			namespace Kunstmaan\AdminBundle\Command;
4
5			use Doctrine\ORM\EntityManagerInterface;
6			use Kunstmaan\AdminBundle\Service\AclManager;
7			use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
8			use Symfony\Component\Console\Input\InputInterface;
9			use Symfony\Component\Console\Output\OutputInterface;
10			use Symfony\Component\Console\Question\ChoiceQuestion;
11			use Symfony\Component\Security\Acl\Permission\PermissionMapInterface;
12
13			/**
14			* Permissions update of ACL entries for all nodes for given role.
15			*
16			* @final since 5.1
17			* NEXT_MAJOR extend from `Command` and remove `$this->getContainer` usages
18			*/
19			class UpdateAclCommand extends ContainerAwareCommand
20			{
21			/** @var AclManager */
22			private $aclManager;
23
24			/** @var PermissionMapInterface */
25			private $permissionMap;
26
27			/** @var EntityManagerInterface */
28			private $em;
29
30			/** @var array */
31			private $roles;
32
33			public function __construct(/AclManager/ $aclManager = null, EntityManagerInterface $em = null, PermissionMapInterface $permissionMap = null, array $roles = null)
34			{
35			parent::__construct();
36
37			if (!$aclManager instanceof AclManager) {
38			@trigger_error(sprintf('Passing a command name as the first argument of "%s" is deprecated since version symfony 3.4 and will be removed in symfony 4.0. If the command was registered by convention, make it a service instead. ', __METHOD__), E_USER_DEPRECATED);
			0 ignored issues – show Security Best Practice introduced 2018-06-01 09:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
39
40			$this->setName(null === $aclManager ? 'kuma:acl:update' : $aclManager);
41
42			return;
43			}
44
45			$this->aclManager = $aclManager;
46			$this->em = $em;
47			$this->permissionMap = $permissionMap;
48			$this->roles = $roles;
49			}
50
51			/**
52			* {@inheritdoc}
53			*/
54			protected function configure()
55			{
56			parent::configure();
57
58			$this->setName('kuma:acl:update')
59			->setDescription('Permissions update of ACL entries for all nodes for given role')
60			->setHelp('The <info>kuma:acl:update</info> will update ACL entries for the nodes of the current project' .
61			'with given role and permissions');
62			}
63
64			/**
65			* {@inheritdoc}
66			*/
67			protected function execute(InputInterface $input, OutputInterface $output)
68			{
69			$helper = $this->getHelper('question');
70			if (null === $this->aclManager) {
71			$this->aclManager = $this->getContainer()->get('kunstmaan_admin.acl.manager');
72			}
73			if (null === $this->em) {
74			$this->em = $this->getContainer()->get('doctrine.orm.entity_manager');
75			}
76			if (null === $this->permissionMap) {
77			$this->permissionMap = $this->getContainer()->get('security.acl.permission.map');
78			}
79			if (null === $this->roles) {
80			$this->roles = $this->getContainer()->getParameter('security.role_hierarchy.roles');
81			}
82
83			// Select Role
84			$question = new ChoiceQuestion('Select role', array_keys($this->roles));
85			$question->setErrorMessage('Role %s is invalid.');
86			$role = $helper->ask($input, $output, $question);
87
88			// Select Permission(s)
89			$permissionMap = $this->permissionMap;
90			$question = new ChoiceQuestion('Select permissions(s) (separate by ",")',
91			$permissionMap->getPossiblePermissions());
92			$question->setMultiselect(true);
93			$mask = array_reduce($helper->ask($input, $output, $question), function ($a, $b) use ($permissionMap) {
94			return $a \| $permissionMap->getMasks($b, null)[0];
95			}, 0);
96
97			// Fetch all nodes & grant access
98			$nodes = $this->em->getRepository('KunstmaanNodeBundle:Node')->findAll();
99
100			$this->aclManager->updateNodesAclToRole($nodes, $role, $mask);
101
102			$output->writeln(\count($nodes) . ' nodes processed.');
103
104			return 0;
105			}
106			}
107

Kunstmaan / KunstmaanBundlesCMS

Push — master ( ae5e03...0447ee )

Kunstmaan/AdminBundle/Command/UpdateAclCommand.php (1 issue)

Showing only issues like (Show All)

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like