This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Kunstmaan\FixturesBundle\Builder; |
||
4 | |||
5 | use Doctrine\ORM\EntityManager; |
||
6 | use Kunstmaan\FixturesBundle\Loader\Fixture; |
||
7 | use Kunstmaan\FixturesBundle\Populator\Populator; |
||
8 | use Kunstmaan\NodeBundle\Entity\HasNodeInterface; |
||
9 | use Kunstmaan\NodeBundle\Entity\Node; |
||
10 | use Kunstmaan\NodeBundle\Entity\NodeTranslation; |
||
11 | use Kunstmaan\NodeBundle\Entity\NodeVersion; |
||
12 | use Kunstmaan\NodeBundle\Entity\StructureNode; |
||
13 | use Kunstmaan\NodeBundle\Helper\PagesConfiguration; |
||
14 | use Kunstmaan\NodeBundle\Helper\Services\ACLPermissionCreatorService; |
||
15 | use Kunstmaan\PagePartBundle\Entity\PageTemplateConfiguration; |
||
16 | use Kunstmaan\UtilitiesBundle\Helper\ClassLookup; |
||
17 | use Kunstmaan\UtilitiesBundle\Helper\Slugifier; |
||
18 | |||
19 | class PageBuilder implements BuilderInterface |
||
20 | { |
||
21 | private $manager; |
||
22 | |||
23 | private $userRepo; |
||
24 | |||
25 | private $nodeRepo; |
||
26 | |||
27 | private $nodeTranslationRepo; |
||
28 | |||
29 | private $aclPermissionCreatorService; |
||
30 | |||
31 | private $populator; |
||
32 | |||
33 | private $slugifier; |
||
34 | |||
35 | /** |
||
36 | * @var PagesConfiguration |
||
37 | */ |
||
38 | private $pagesConfiguration; |
||
39 | |||
40 | public function __construct( |
||
41 | EntityManager $em, |
||
0 ignored issues
–
show
|
|||
42 | ACLPermissionCreatorService $aclPermissionCreatorService, |
||
43 | Populator $populator, |
||
44 | Slugifier $slugifier, |
||
45 | PagesConfiguration $pagesConfiguration, |
||
46 | string $userClass |
||
47 | ) { |
||
48 | $this->manager = $em; |
||
49 | $this->nodeRepo = $em->getRepository(Node::class); |
||
50 | $this->nodeTranslationRepo = $em->getRepository(NodeTranslation::class); |
||
51 | $this->userRepo = $em->getRepository($userClass); |
||
52 | $this->aclPermissionCreatorService = $aclPermissionCreatorService; |
||
53 | $this->populator = $populator; |
||
54 | $this->slugifier = $slugifier; |
||
55 | $this->pagesConfiguration = $pagesConfiguration; |
||
56 | } |
||
57 | |||
58 | public function canBuild(Fixture $fixture) |
||
59 | { |
||
60 | if ($fixture->getEntity() instanceof HasNodeInterface) { |
||
61 | return true; |
||
62 | } |
||
63 | |||
64 | return false; |
||
65 | } |
||
66 | |||
67 | public function preBuild(Fixture $fixture) |
||
68 | { |
||
69 | return; |
||
70 | } |
||
71 | |||
72 | public function postBuild(Fixture $fixture) |
||
73 | { |
||
74 | $entity = $fixture->getEntity(); |
||
75 | $fixtureParams = $fixture->getParameters(); |
||
76 | $translations = $fixture->getTranslations(); |
||
77 | View Code Duplication | if (empty($translations)) { |
|
78 | throw new \Exception('No translations detected for page fixture ' . $fixture->getName() . ' (' . $fixture->getClass() . ')'); |
||
79 | } |
||
80 | |||
81 | $internalName = array_key_exists('page_internal_name', $fixtureParams) ? |
||
82 | $fixtureParams['page_internal_name'] : null; |
||
83 | |||
84 | $rootNode = null; |
||
85 | foreach ($fixture->getTranslations() as $language => $data) { |
||
86 | if ($rootNode === null) { |
||
87 | $page = $entity; |
||
88 | $rootNode = $this->createRootNode($page, $language, $internalName, $fixtureParams); |
||
89 | $this->manager->persist($rootNode); |
||
90 | } else { |
||
91 | $cloned = clone $entity; |
||
92 | $page = $cloned; |
||
93 | $this->manager->persist($page); |
||
94 | } |
||
95 | |||
96 | // Create the translationNode. |
||
97 | $translationNode = $this->createTranslationNode($rootNode, $language, $page); |
||
98 | if (!$page instanceof StructureNode) { |
||
99 | $translationNode->setOnline(isset($fixtureParams['set_online']) ? $fixtureParams['set_online'] : true); |
||
100 | } |
||
101 | |||
102 | $fixture->addAdditional($fixture->getName() . '_' . $language, $page); |
||
103 | $fixture->addAdditional('translationNode_' . $language, $translationNode); |
||
104 | $fixture->addAdditional('nodeVersion_' . $language, $translationNode->getPublicNodeVersion()); |
||
105 | $fixture->addAdditional('rootNode', $rootNode); |
||
106 | |||
107 | $this->populator->populate($translationNode, $data); |
||
108 | $this->populator->populate($page, $data); |
||
109 | View Code Duplication | if ($translationNode->getSlug() === null && $rootNode->getParent() !== null) { |
|
110 | $translationNode->setSlug($this->slugifier->slugify($translationNode->getTitle())); |
||
111 | } |
||
112 | $this->ensureUniqueUrl($translationNode, $page); |
||
113 | |||
114 | $this->manager->persist($translationNode); |
||
115 | $rootNode->addNodeTranslation($translationNode); |
||
116 | } |
||
117 | |||
118 | $this->manager->flush(); |
||
119 | $this->aclPermissionCreatorService->createPermission($rootNode); |
||
120 | } |
||
121 | |||
122 | public function postFlushBuild(Fixture $fixture) |
||
123 | { |
||
124 | $entities = $fixture->getAdditionalEntities(); |
||
125 | $fixtureParams = $fixture->getParameters(); |
||
126 | |||
127 | foreach ($fixture->getTranslations() as $language => $data) { |
||
128 | /** @var HasNodeInterface $page */ |
||
129 | $page = $entities[$fixture->getName() . '_' . $language]; |
||
130 | /** @var NodeTranslation $translationNode */ |
||
131 | $translationNode = $entities['translationNode_' . $language]; |
||
132 | |||
133 | $pagecreator = array_key_exists('creator', $fixtureParams) ? $fixtureParams['creator'] : 'pagecreator'; |
||
134 | $creator = $this->userRepo->findOneBy(array('username' => $pagecreator)); |
||
135 | |||
136 | $nodeVersion = new NodeVersion(); |
||
137 | $nodeVersion->setNodeTranslation($translationNode); |
||
138 | $nodeVersion->setType('public'); |
||
139 | $nodeVersion->setOwner($creator); |
||
140 | $nodeVersion->setRef($page); |
||
141 | |||
142 | $translationNode->setPublicNodeVersion($nodeVersion); |
||
143 | |||
144 | if (isset($fixtureParams['template'])) { |
||
145 | $pageTemplateConfiguration = new PageTemplateConfiguration(); |
||
146 | $pageTemplateConfiguration->setPageId($page->getId()); |
||
147 | $pageTemplateConfiguration->setPageEntityName(ClassLookup::getClass($page)); |
||
148 | $pageTemplateConfiguration->setPageTemplate($fixtureParams['template']); |
||
149 | $this->manager->persist($pageTemplateConfiguration); |
||
150 | } |
||
151 | |||
152 | $this->manager->persist($nodeVersion); |
||
153 | $this->manager->persist($translationNode); |
||
154 | } |
||
155 | $this->manager->flush(); |
||
156 | } |
||
157 | |||
158 | private function getParentNode($params, $language) |
||
159 | { |
||
160 | if (!isset($params['parent'])) { |
||
161 | return; |
||
162 | } |
||
163 | |||
164 | $parent = $params['parent']; |
||
165 | if ($parent instanceof Fixture) { |
||
166 | $additionals = $parent->getAdditionalEntities(); |
||
167 | $parent = $additionals['rootNode']; |
||
168 | } elseif (is_string($parent)) { |
||
169 | $nodes = $this->nodeRepo->getNodesByInternalName($parent, $language, false, true); |
||
0 ignored issues
–
show
It seems like you code against a concrete implementation and not the interface
Doctrine\Persistence\ObjectRepository as the method getNodesByInternalName() does only exist in the following implementations of said interface: Kunstmaan\NodeBundle\Repository\NodeRepository .
Let’s take a look at an example: interface User
{
/** @return string */
public function getPassword();
}
class MyUser implements User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
170 | if (count($nodes) > 0) { |
||
171 | $parent = $nodes[0]; |
||
172 | } |
||
173 | } |
||
174 | |||
175 | return $parent; |
||
176 | } |
||
177 | |||
178 | private function createRootNode($page, $language, $internalName, $fixtureParams) |
||
179 | { |
||
180 | $rootNode = new Node(); |
||
181 | $rootNode->setRef($page); |
||
182 | $rootNode->setDeleted(false); |
||
183 | $rootNode->setInternalName($internalName); |
||
184 | $rootNode->setHiddenFromNav( |
||
185 | isset($fixtureParams['hidden_from_nav']) ? $fixtureParams['hidden_from_nav'] : false |
||
186 | ); |
||
187 | $parent = $this->getParentNode($fixtureParams, $language); |
||
188 | |||
189 | if ($parent instanceof Node) { |
||
190 | $rootNode->setParent($parent); |
||
191 | |||
192 | if (!$this->canHaveChild($parent->getRefEntityName(), get_class($page))) { |
||
193 | throw new \Exception(sprintf('A %s can\'t have a %s as child. Forgot to add in allowed_children or getPossibleChildTypes?', $parent->getRefEntityName(), get_class($page))); |
||
194 | } |
||
195 | } |
||
196 | |||
197 | return $rootNode; |
||
198 | } |
||
199 | |||
200 | private function createTranslationNode(Node $rootNode, $language, HasNodeInterface $page) |
||
201 | { |
||
202 | $translationNode = new NodeTranslation(); |
||
203 | $translationNode |
||
204 | ->setNode($rootNode) |
||
205 | ->setLang($language) |
||
206 | ->setTitle($page->getTitle()) |
||
207 | ->setOnline(false) |
||
208 | ->setWeight(0); |
||
209 | |||
210 | return $translationNode; |
||
211 | } |
||
212 | |||
213 | private function ensureUniqueUrl(NodeTranslation $translation, HasNodeInterface $page) |
||
214 | { |
||
215 | if ($page instanceof StructureNode) { |
||
216 | $translation->setSlug(''); |
||
217 | $translation->setUrl($translation->getFullSlug()); |
||
218 | |||
219 | return $translation; |
||
220 | } |
||
221 | |||
222 | $translation->setUrl($translation->getFullSlug()); |
||
223 | |||
224 | // Find all translations with this new URL, whose nodes are not deleted. |
||
225 | $translationWithSameUrl = $this->nodeTranslationRepo->getNodeTranslationForUrl($translation->getUrl(), $translation->getLang(), false, $translation); |
||
226 | |||
227 | if ($translationWithSameUrl instanceof NodeTranslation) { |
||
228 | $translation->setSlug($this->slugifier->slugify($this->incrementString($translation->getSlug()))); |
||
229 | $this->ensureUniqueUrl($translation, $page); |
||
230 | } |
||
231 | |||
232 | return $translation; |
||
233 | } |
||
234 | |||
235 | View Code Duplication | private function incrementString($string, $append = '-v') |
|
236 | { |
||
237 | $finalDigitGrabberRegex = '/\d+$/'; |
||
238 | $matches = array(); |
||
239 | |||
240 | preg_match($finalDigitGrabberRegex, $string, $matches); |
||
241 | |||
242 | if (count($matches) > 0) { |
||
243 | $digit = (int) $matches[0]; |
||
244 | ++$digit; |
||
245 | |||
246 | // Replace the integer with the new digit. |
||
247 | return preg_replace($finalDigitGrabberRegex, $digit, $string); |
||
248 | } else { |
||
249 | return $string . $append . '1'; |
||
250 | } |
||
251 | } |
||
252 | |||
253 | /** |
||
254 | * @param string $parentPageClass |
||
255 | * @param string $childPageClass |
||
256 | * |
||
257 | * @return bool |
||
258 | */ |
||
259 | private function canHaveChild($parentPageClass, $childPageClass) |
||
260 | { |
||
261 | $childTypes = $this->pagesConfiguration->getPossibleChildTypes($parentPageClass); |
||
262 | |||
263 | foreach ($childTypes as $childType) { |
||
264 | if ($childType['class'] == $childPageClass) { |
||
265 | return true; |
||
266 | } |
||
267 | } |
||
268 | |||
269 | return false; |
||
270 | } |
||
271 | } |
||
272 |
The
EntityManager
might become unusable for example if a transaction is rolled back and it gets closed. Let’s assume that somewhere in your application, or in a third-party library, there is code such as the following:If that code throws an exception and the
EntityManager
is closed. Any other code which depends on the same instance of theEntityManager
during this request will fail.On the other hand, if you instead inject the
ManagerRegistry
, thegetManager()
method guarantees that you will always get a usable manager instance.