RaCandidateRepository::createSearchQuery() - Code Metrics - OpenConext/Stepup-Middleware - Measure and Improve Code Quality continuously with Scrutinizer

RaCandidateRepository::createSearchQuery() B
last analyzed 2025-11-20 15:45 UTC

↳ Parent: RaCandidateRepository

Complexity

Conditions	9
Paths	32

Size

Total Lines	54
Code Lines	31

Duplication

Lines	0
Ratio	0 %

Importance

Changes	3
Bugs	0	Features	0

Metric	Value
cc	9
eloc	31
nc	32
nop	1
dl	0
loc	54
rs	8.0555
c	3
b	0
f	0

How to fix Long Method

<?php

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */


namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;

use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
use Doctrine\ORM\Query;
use Doctrine\ORM\Query\Expr\Join;
use Doctrine\ORM\QueryBuilder;
use Doctrine\Persistence\ManagerRegistry;
use Surfnet\Stepup\Identity\Value\VettingType;
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Filter\InstitutionAuthorizationRepositoryFilter;
use Surfnet\StepupMiddleware\ApiBundle\Configuration\Entity\InstitutionAuthorization;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\Identity;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaCandidate;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaListing;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\VettedSecondFactor;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Query\RaCandidateQuery;

/**
 * @SuppressWarnings("PHPMD.CouplingBetweenObjects")
 * @SuppressWarnings("PHPMD.TooManyPublicMethods")
 * @extends ServiceEntityRepository<RaCandidate>

 */

class RaCandidateRepository extends ServiceEntityRepository
{
    public function __construct(
        ManagerRegistry $registry,
        private readonly InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter,
    ) {
        parent::__construct($registry, RaCandidate::class);
    }

    /**

     * @return Query
     */
    public function createSearchQuery(RaCandidateQuery $query): Query
    {
        $queryBuilder = $this->getBaseQuery();

        // Modify query to filter on authorization:
        // For the RA candidates we want the identities that we could make RA. Because we then need to look at the
        // select_raa's we have to look at the institution of the candidate because that's the institution we could
        // select RA's from. Hence the 'rac.institution'.
        $this->authorizationRepositoryFilter->filter(
            $queryBuilder,
            $query->authorizationContext,
            'i.institution',
            'iac',
        );

        if ($query->institution) {
            $queryBuilder
                ->andWhere('i.institution = :institution')
                ->setParameter('institution', $query->institution);
        }

        if ($query->commonName !== '' && $query->commonName !== '0') {
            $queryBuilder
                ->andWhere('i.commonName LIKE :commonName')
                ->setParameter('commonName', sprintf('%%%s%%', $query->commonName));
        }

        if ($query->email !== '' && $query->email !== '0') {
            $queryBuilder
                ->andWhere('i.email LIKE :email')
                ->setParameter('email', sprintf('%%%s%%', $query->email));
        }

        if (isset($query->secondFactorTypes) && $query->secondFactorTypes !== []) {
            $queryBuilder
                ->andWhere('vsf.type IN (:secondFactorTypes)')
                ->setParameter('secondFactorTypes', $query->secondFactorTypes);
            // Self asserted tokens diminish the LoA never resulting in a valid
            // second factor candidate. Only on-premise and self-vetted tokens
            // can be a valid option.
            $queryBuilder
                ->andWhere('vsf.vettingType != :vettingType')
                ->setParameter('vettingType', VettingType::TYPE_SELF_ASSERTED_REGISTRATION);
        }

        if (!empty($query->raInstitution)) {
            $queryBuilder
                ->andWhere('a.raInstitution = :raInstitution')
                ->setParameter('raInstitution', $query->raInstitution);
        }

        $queryBuilder->groupBy('i.id');

        return $queryBuilder->getQuery();
    }

    /**

     * @return Query
     */
    public function createOptionsQuery(RaCandidateQuery $query): Query
    {
        $queryBuilder = $this->getEntityManager()->createQueryBuilder()
            ->select('a.institution')
            ->from(InstitutionAuthorization::class, 'a')
            ->where("a.institutionRole = 'select_raa'");

        // Modify query to filter on authorization:
        // For the RA candidates we want the identities that we could make RA. Because we then need to look at the
        // select_raa's we have to look at the institution of the candidate because that's the institution we could
        // select RA's from. Hence the 'rac.institution'.
        $this->authorizationRepositoryFilter->filter(
            $queryBuilder,
            $query->authorizationContext,
            'a.institution',
            'iac',
        );

        return $queryBuilder->getQuery();
    }

    /**

     * @return array|null
     */
    public function findOneByIdentityId(string $identityId): ?array
    {
        // Finds a single identity by its identity id. Returns the identity as an array
        $queryBuilder = $this->getBaseQuery()
            ->andWhere('i.id = :identityId')
            ->setParameter('identityId', $identityId)
            ->groupBy('i.id')
            ->orderBy('a.institution');

        return $queryBuilder->getQuery()->getOneOrNullResult();
    }

    /**
     * @return QueryBuilder
     */
    private function getBaseQuery(): QueryBuilder

    {
        // Base query to get all allowed ra candidates
        $queryBuilder = $this->getEntityManager()->createQueryBuilder()
            ->select(
                'i.id as identity_id, i.institution, i.commonName as common_name, i.email, i.nameId AS name_id, a.institution AS ra_institution',
            )
            ->from(VettedSecondFactor::class, 'vsf')
            ->innerJoin(Identity::class, 'i', Join::WITH, "vsf.identityId = i.id")
            ->innerJoin(
                InstitutionAuthorization::class,
                'a',
                Join::WITH,
                "a.institutionRole = 'select_raa' AND a.institutionRelation = i.institution",
            );

        // Filter out candidates who are already ra
        // Todo: filter out SRAA's ?
        $subQuery = $this->getEntityManager()->createQueryBuilder()
            ->select('l')
            ->from(RaListing::class, "l")
            ->where("l.identityId = i.id AND l.raInstitution = a.institution");

        $queryBuilder->andWhere($queryBuilder->expr()->not($queryBuilder->expr()->exists($subQuery->getDQL())));

        return $queryBuilder;
    }
}


1			<?php
2
3			/**
4			* Copyright 2014 SURFnet bv
5			*
6			* Licensed under the Apache License, Version 2.0 (the "License");
7			* you may not use this file except in compliance with the License.
8			* You may obtain a copy of the License at
9			*
10			* http://www.apache.org/licenses/LICENSE-2.0
11			*
12			* Unless required by applicable law or agreed to in writing, software
13			* distributed under the License is distributed on an "AS IS" BASIS,
14			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15			* See the License for the specific language governing permissions and
16			* limitations under the License.
17			*/
			0 ignored issues – show Coding Style introduced 2023-09-07 09:35 UTC by Report Bug Copy Issue Report Missing @link tag in file comment Loading history...
18
19			namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;
20
21			use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
22			use Doctrine\ORM\Query;
23			use Doctrine\ORM\Query\Expr\Join;
24			use Doctrine\ORM\QueryBuilder;
25			use Doctrine\Persistence\ManagerRegistry;
26			use Surfnet\Stepup\Identity\Value\VettingType;
27			use Surfnet\StepupMiddleware\ApiBundle\Authorization\Filter\InstitutionAuthorizationRepositoryFilter;
28			use Surfnet\StepupMiddleware\ApiBundle\Configuration\Entity\InstitutionAuthorization;
29			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\Identity;
30			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaCandidate;
31			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaListing;
32			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\VettedSecondFactor;
33			use Surfnet\StepupMiddleware\ApiBundle\Identity\Query\RaCandidateQuery;
34
35			/**
36			* @SuppressWarnings("PHPMD.CouplingBetweenObjects")
37			* @SuppressWarnings("PHPMD.TooManyPublicMethods")
38			* @extends ServiceEntityRepository<RaCandidate>
			0 ignored issues – show Coding Style introduced 2025-11-20 15:45 UTC by Report Bug Copy Issue Report Tag value for @extends tag indented incorrectly; expected 42 spaces but found 1 Loading history...
39			*/
			0 ignored issues – show Coding Style introduced 2023-09-07 09:35 UTC by Report Bug Copy Issue Report Missing @category tag in class comment Loading history... Coding Style introduced 2023-09-07 09:35 UTC by Report Bug Copy Issue Report Missing @package tag in class comment Loading history... Coding Style introduced 2023-09-07 09:35 UTC by Report Bug Copy Issue Report Missing @author tag in class comment Loading history... Coding Style introduced 2023-09-07 09:35 UTC by Report Bug Copy Issue Report Missing @license tag in class comment Loading history... Coding Style introduced 2023-09-07 09:35 UTC by Report Bug Copy Issue Report Missing @link tag in class comment Loading history...
40			class RaCandidateRepository extends ServiceEntityRepository
41			{
42			public function __construct(
43			ManagerRegistry $registry,
44			private readonly InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter,
45			) {
46			parent::__construct($registry, RaCandidate::class);
47			}
48
49			/**
			0 ignored issues – show Coding Style introduced 2025-01-06 14:59 UTC by Report Bug Copy Issue Report Parameter `$query` should have a doc-comment as per coding-style. Loading history...
50			* @return Query
51			*/
52			public function createSearchQuery(RaCandidateQuery $query): Query
53			{
54			$queryBuilder = $this->getBaseQuery();
55
56			// Modify query to filter on authorization:
57			// For the RA candidates we want the identities that we could make RA. Because we then need to look at the
58			// select_raa's we have to look at the institution of the candidate because that's the institution we could
59			// select RA's from. Hence the 'rac.institution'.
60			$this->authorizationRepositoryFilter->filter(
61			$queryBuilder,
62			$query->authorizationContext,
63			'i.institution',
64			'iac',
65			);
66
67			if ($query->institution) {
68			$queryBuilder
69			->andWhere('i.institution = :institution')
70			->setParameter('institution', $query->institution);
71			}
72
73			if ($query->commonName !== '' && $query->commonName !== '0') {
74			$queryBuilder
75			->andWhere('i.commonName LIKE :commonName')
76			->setParameter('commonName', sprintf('%%%s%%', $query->commonName));
77			}
78
79			if ($query->email !== '' && $query->email !== '0') {
80			$queryBuilder
81			->andWhere('i.email LIKE :email')
82			->setParameter('email', sprintf('%%%s%%', $query->email));
83			}
84
85			if (isset($query->secondFactorTypes) && $query->secondFactorTypes !== []) {
86			$queryBuilder
87			->andWhere('vsf.type IN (:secondFactorTypes)')
88			->setParameter('secondFactorTypes', $query->secondFactorTypes);
89			// Self asserted tokens diminish the LoA never resulting in a valid
90			// second factor candidate. Only on-premise and self-vetted tokens
91			// can be a valid option.
92			$queryBuilder
93			->andWhere('vsf.vettingType != :vettingType')
94			->setParameter('vettingType', VettingType::TYPE_SELF_ASSERTED_REGISTRATION);
95			}
96
97			if (!empty($query->raInstitution)) {
98			$queryBuilder
99			->andWhere('a.raInstitution = :raInstitution')
100			->setParameter('raInstitution', $query->raInstitution);
101			}
102
103			$queryBuilder->groupBy('i.id');
104
105			return $queryBuilder->getQuery();
106			}
107
108			/**
			0 ignored issues – show Coding Style introduced 2025-01-06 14:59 UTC by Report Bug Copy Issue Report Parameter `$query` should have a doc-comment as per coding-style. Loading history...
109			* @return Query
110			*/
111			public function createOptionsQuery(RaCandidateQuery $query): Query
112			{
113			$queryBuilder = $this->getEntityManager()->createQueryBuilder()
114			->select('a.institution')
115			->from(InstitutionAuthorization::class, 'a')
116			->where("a.institutionRole = 'select_raa'");
117
118			// Modify query to filter on authorization:
119			// For the RA candidates we want the identities that we could make RA. Because we then need to look at the
120			// select_raa's we have to look at the institution of the candidate because that's the institution we could
121			// select RA's from. Hence the 'rac.institution'.
122			$this->authorizationRepositoryFilter->filter(
123			$queryBuilder,
124			$query->authorizationContext,
125			'a.institution',
126			'iac',
127			);
128
129			return $queryBuilder->getQuery();
130			}
131
132			/**
			0 ignored issues – show Coding Style introduced 2023-09-07 09:35 UTC by Report Bug Copy Issue Report Parameter `$identityId` should have a doc-comment as per coding-style. Loading history...
133			* @return array\|null
134			*/
135			public function findOneByIdentityId(string $identityId): ?array
136			{
137			// Finds a single identity by its identity id. Returns the identity as an array
138			$queryBuilder = $this->getBaseQuery()
139			->andWhere('i.id = :identityId')
140			->setParameter('identityId', $identityId)
141			->groupBy('i.id')
142			->orderBy('a.institution');
143
144			return $queryBuilder->getQuery()->getOneOrNullResult();
145			}
146
147			/**
148			* @return QueryBuilder
149			*/
150			private function getBaseQuery(): QueryBuilder
			0 ignored issues – show Coding Style introduced 2023-09-07 09:35 UTC by Report Bug Copy Issue Report Private method name "RaCandidateRepository::getBaseQuery" must be prefixed with an underscore Loading history...
151			{
152			// Base query to get all allowed ra candidates
153			$queryBuilder = $this->getEntityManager()->createQueryBuilder()
154			->select(
155			'i.id as identity_id, i.institution, i.commonName as common_name, i.email, i.nameId AS name_id, a.institution AS ra_institution',
156			)
157			->from(VettedSecondFactor::class, 'vsf')
158			->innerJoin(Identity::class, 'i', Join::WITH, "vsf.identityId = i.id")
159			->innerJoin(
160			InstitutionAuthorization::class,
161			'a',
162			Join::WITH,
163			"a.institutionRole = 'select_raa' AND a.institutionRelation = i.institution",
164			);
165
166			// Filter out candidates who are already ra
167			// Todo: filter out SRAA's ?
168			$subQuery = $this->getEntityManager()->createQueryBuilder()
169			->select('l')
170			->from(RaListing::class, "l")
171			->where("l.identityId = i.id AND l.raInstitution = a.institution");
172
173			$queryBuilder->andWhere($queryBuilder->expr()->not($queryBuilder->expr()->exists($subQuery->getDQL())));
174
175			return $queryBuilder;
176			}
177			}
178

OpenConext / Stepup-Middleware

RaCandidateRepository::createSearchQuery() B last analyzed 2025-11-20 15:45 UTC

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like

RaCandidateRepository::createSearchQuery() B
last analyzed 2025-11-20 15:45 UTC