VerifiedSecondFactorRepository::createSearchQuery() - Code Metrics - Inspection of "Integrate required SRAA authorization changes" - OpenConext/Stepup-Middleware - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — feature/fga-sraa-authorization ( 8efd63 )

by Michiel

created 2018-10-24 11:10 UTC

createSearchQuery() B

↳ Parent: VerifiedSecondFactorRepository

Complexity

Conditions	7
Paths	32

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	44
rs	8.2826
c	0
b	0
f	0
cc	7
nc	32
nop	1

<?php

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;

use DateTime;
use Doctrine\ORM\EntityManager;
use Doctrine\ORM\EntityRepository;
use Doctrine\ORM\Mapping;
use Doctrine\ORM\Query;
use Surfnet\Stepup\Identity\Value\IdentityId;
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Filter\InstitutionAuthorizationRepositoryFilter;
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Value\InstitutionAuthorizationContextInterface;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\VerifiedSecondFactor;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Query\VerifiedSecondFactorQuery;

class VerifiedSecondFactorRepository extends EntityRepository
{
    /**
     * @var InstitutionAuthorizationRepositoryFilter
     */
    private $authorizationRepositoryFilter;

    /**
     * VerifiedSecondFactorRepository constructor.
     * @param EntityManager $em
     * @param Mapping\ClassMetadata $class
     * @param InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter
     */
    public function __construct(
        EntityManager $em,
        Mapping\ClassMetadata $class,
        InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter
    ) {
        parent::__construct($em, $class);
        $this->authorizationRepositoryFilter = $authorizationRepositoryFilter;
    }


    /**
     * @param string $id
     * @return VerifiedSecondFactor|null
     */
    public function find($id)
    {
        /** @var VerifiedSecondFactor|null $secondFactor */
        $secondFactor = parent::find($id);

        return $secondFactor;
    }

    /**
     * @param DateTime $requestedAt
     * @return VerifiedSecondFactor[]
     */
    public function findByDate(DateTime $requestedAt)
    {
        $fromDate = clone $requestedAt;
        $fromDate->setTime(0, 0, 0);

        $toDate = clone $requestedAt;
        $toDate->setTime(23, 59, 59);

        return $this->createQueryBuilder('sf')
            ->where('sf.registrationRequestedAt <= :toDate')
            ->andWhere('sf.registrationRequestedAt >= :fromDate')
            ->setParameter('toDate', $toDate)
            ->setParameter('fromDate', $fromDate)
            ->getQuery()
            ->getResult();
    }

    /**
     * @param VerifiedSecondFactorQuery $query
     * @return Query
     */
    public function createSearchQuery(VerifiedSecondFactorQuery $query)
    {
        $queryBuilder = $this->createQueryBuilder('sf');

        // In certain situations, the FGA filtering is not applied.
        $applyFgaFilter = true;

        // The SRAA user does not adhere to the FGA filter rules when searching for a registration code.
        // This way the SRAA does not have to switch to a certain institution to start the vetting process.
        if ($query->authorizationContext->isActorSraa() && is_string($query->registrationCode)) {
            $applyFgaFilter = false;
        }

        if ($query->identityId) {
            $queryBuilder
                ->andWhere('sf.identityId = :identityId')
                ->setParameter('identityId', (string) $query->identityId);
        }

        if ($query->secondFactorId) {
            $queryBuilder
                ->andWhere('sf.id = :secondFactorId')
                ->setParameter('secondFactorId', (string) $query->secondFactorId);
        }

        if (is_string($query->registrationCode)) {
            $queryBuilder
                ->andWhere('sf.registrationCode = :registrationCode')
                ->setParameter('registrationCode', $query->registrationCode);
        }

        if ($applyFgaFilter) {
            // Modify query to filter on authorization
            $this->authorizationRepositoryFilter->filter(
                $queryBuilder,
                $query->authorizationContext,
                'sf.id',
                'sf.institution',
                'iac'
            );
        }

        return $queryBuilder->getQuery();
    }

    public function removeByIdentityId(IdentityId $identityId)

    {
        $this->getEntityManager()->createQueryBuilder()
            ->delete($this->_entityName, 'sf')
            ->where('sf.identityId = :identityId')
            ->setParameter('identityId', $identityId->getIdentityId())
            ->getQuery()
            ->execute();
    }

    /**
     * @param VerifiedSecondFactor $secondFactor
     */
    public function save(VerifiedSecondFactor $secondFactor)
    {
        $this->getEntityManager()->persist($secondFactor);
        $this->getEntityManager()->flush();
    }

    public function remove(VerifiedSecondFactor $secondFactor)
    {
        $this->getEntityManager()->remove($secondFactor);
        $this->getEntityManager()->flush();
    }
}


1		<?php
2
3		/**
4		* Copyright 2014 SURFnet bv
5		*
6		* Licensed under the Apache License, Version 2.0 (the "License");
7		* you may not use this file except in compliance with the License.
8		* You may obtain a copy of the License at
9		*
10		* http://www.apache.org/licenses/LICENSE-2.0
11		*
12		* Unless required by applicable law or agreed to in writing, software
13		* distributed under the License is distributed on an "AS IS" BASIS,
14		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15		* See the License for the specific language governing permissions and
16		* limitations under the License.
17		*/
18
19		namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;
20
21		use DateTime;
22		use Doctrine\ORM\EntityManager;
23		use Doctrine\ORM\EntityRepository;
24		use Doctrine\ORM\Mapping;
25		use Doctrine\ORM\Query;
26		use Surfnet\Stepup\Identity\Value\IdentityId;
27		use Surfnet\StepupMiddleware\ApiBundle\Authorization\Filter\InstitutionAuthorizationRepositoryFilter;
28		use Surfnet\StepupMiddleware\ApiBundle\Authorization\Value\InstitutionAuthorizationContextInterface;
29		use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\VerifiedSecondFactor;
30		use Surfnet\StepupMiddleware\ApiBundle\Identity\Query\VerifiedSecondFactorQuery;
31
32		class VerifiedSecondFactorRepository extends EntityRepository
33		{
34		/**
35		* @var InstitutionAuthorizationRepositoryFilter
36		*/
37		private $authorizationRepositoryFilter;
38
39		/**
40		* VerifiedSecondFactorRepository constructor.
41		* @param EntityManager $em
42		* @param Mapping\ClassMetadata $class
43		* @param InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter
44		*/
45		public function __construct(
46		EntityManager $em,
47		Mapping\ClassMetadata $class,
48		InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter
49		) {
50		parent::__construct($em, $class);
51		$this->authorizationRepositoryFilter = $authorizationRepositoryFilter;
52		}
53
54
55		/**
56		* @param string $id
57		* @return VerifiedSecondFactor\|null
58		*/
59		public function find($id)
60		{
61		/** @var VerifiedSecondFactor\|null $secondFactor */
62		$secondFactor = parent::find($id);
63
64		return $secondFactor;
65		}
66
67		/**
68		* @param DateTime $requestedAt
69		* @return VerifiedSecondFactor[]
70		*/
71		public function findByDate(DateTime $requestedAt)
72		{
73		$fromDate = clone $requestedAt;
74		$fromDate->setTime(0, 0, 0);
75
76		$toDate = clone $requestedAt;
77		$toDate->setTime(23, 59, 59);
78
79		return $this->createQueryBuilder('sf')
80		->where('sf.registrationRequestedAt <= :toDate')
81		->andWhere('sf.registrationRequestedAt >= :fromDate')
82		->setParameter('toDate', $toDate)
83		->setParameter('fromDate', $fromDate)
84		->getQuery()
85		->getResult();
86		}
87
88		/**
89		* @param VerifiedSecondFactorQuery $query
90		* @return Query
91		*/
92		public function createSearchQuery(VerifiedSecondFactorQuery $query)
93		{
94		$queryBuilder = $this->createQueryBuilder('sf');
95
96		// In certain situations, the FGA filtering is not applied.
97		$applyFgaFilter = true;
98
99		// The SRAA user does not adhere to the FGA filter rules when searching for a registration code.
100		// This way the SRAA does not have to switch to a certain institution to start the vetting process.
101		if ($query->authorizationContext->isActorSraa() && is_string($query->registrationCode)) {
102		$applyFgaFilter = false;
103		}
104
105		if ($query->identityId) {
106		$queryBuilder
107		->andWhere('sf.identityId = :identityId')
108		->setParameter('identityId', (string) $query->identityId);
109		}
110
111		if ($query->secondFactorId) {
112		$queryBuilder
113		->andWhere('sf.id = :secondFactorId')
114		->setParameter('secondFactorId', (string) $query->secondFactorId);
115		}
116
117		if (is_string($query->registrationCode)) {
118		$queryBuilder
119		->andWhere('sf.registrationCode = :registrationCode')
120		->setParameter('registrationCode', $query->registrationCode);
121		}
122
123		if ($applyFgaFilter) {
124		// Modify query to filter on authorization
125		$this->authorizationRepositoryFilter->filter(
126		$queryBuilder,
127		$query->authorizationContext,
128		'sf.id',
129		'sf.institution',
130		'iac'
131		);
132		}
133
134		return $queryBuilder->getQuery();
135		}
136
137	View Code Duplication	public function removeByIdentityId(IdentityId $identityId)
		0 ignored issues – show Duplication introduced 2017-08-01 07:44 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
138		{
139		$this->getEntityManager()->createQueryBuilder()
140		->delete($this->_entityName, 'sf')
141		->where('sf.identityId = :identityId')
142		->setParameter('identityId', $identityId->getIdentityId())
143		->getQuery()
144		->execute();
145		}
146
147		/**
148		* @param VerifiedSecondFactor $secondFactor
149		*/
150		public function save(VerifiedSecondFactor $secondFactor)
151		{
152		$this->getEntityManager()->persist($secondFactor);
153		$this->getEntityManager()->flush();
154		}
155
156		public function remove(VerifiedSecondFactor $secondFactor)
157		{
158		$this->getEntityManager()->remove($secondFactor);
159		$this->getEntityManager()->flush();
160		}
161		}
162

OpenConext / Stepup-Middleware

Push — feature/fga-sraa-authorization ( 8efd63 )

createSearchQuery() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like