RaCandidateRepository::createOptionsQuery() - Code Metrics - Inspection of "Remove RaCandidate projector in favor of query" - OpenConext/Stepup-Middleware - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#301)

unknown

created 2020-04-20 09:48 UTC

RaCandidateRepository::createOptionsQuery() A

↳ Parent: RaCandidateRepository

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	21
rs	9.584
c	0
b	0
f	0
cc	1
nc	1
nop	1

<?php

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;

use Doctrine\ORM\EntityManager;
use Doctrine\ORM\EntityRepository;
use Doctrine\ORM\Mapping;
use Doctrine\ORM\Query\Expr\Join;
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Filter\InstitutionAuthorizationRepositoryFilter;
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Value\InstitutionAuthorizationContextInterface;
use Surfnet\StepupMiddleware\ApiBundle\Configuration\Entity\InstitutionAuthorization;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\Identity;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaCandidate;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaListing;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\VettedSecondFactor;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Query\RaCandidateQuery;

/**
 * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
 * @SuppressWarnings(PHPMD.TooManyPublicMethods)
 */
class RaCandidateRepository extends EntityRepository
{
    /**
     * @var InstitutionAuthorizationRepositoryFilter
     */
    private $authorizationRepositoryFilter;

    public function __construct(
        EntityManager $em,
        Mapping\ClassMetadata $class,
        InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter
    ) {
        parent::__construct($em, $class);
        $this->authorizationRepositoryFilter = $authorizationRepositoryFilter;
    }

    /**
     * @param RaCandidateQuery $query
     * @return \Doctrine\ORM\Query
     */
    public function createSearchQuery(RaCandidateQuery $query)
    {
        // Base query to get all allowed ra candidates
        $queryBuilder = $this->getEntityManager()->createQueryBuilder()
            ->select('i.id as identity_id, i.institution, i.commonName as common_name, i.email, i.nameId AS name_id, a.institution AS ra_institution')
            ->from(VettedSecondFactor::class, 'vsf')
            ->innerJoin(Identity::class, 'i', Join::WITH, "vsf.identityId = i.id")
            ->innerJoin(
                InstitutionAuthorization::class,
                'a',
                Join::WITH,
                "a.institutionRole = 'select_raa' AND a.institutionRelation = i.institution"
            );

        // Filter out candidates who are already ra
        // Todo: filter out SRAA's ?
        $subQuery = $this->getEntityManager()->createQueryBuilder()
            ->select('l')
            ->from(RaListing::class, "l")
            ->where("l.identityId = i.id AND l.raInstitution = a.institution");

        $queryBuilder->andWhere($queryBuilder->expr()->not($queryBuilder->expr()->exists($subQuery->getDQL())));


        // Modify query to filter on authorization:
        // For the RA candidates we want the identities that we could make RA. Because we then need to look at the
        // select_raa's we have to look at the institution of the candidate because that's the institution we could
        // select RA's from. Hence the 'rac.institution'.
        $this->authorizationRepositoryFilter->filter(
            $queryBuilder,
            $query->authorizationContext,
            'i.institution',
            'iac'
        );

        if ($query->institution) {
            $queryBuilder
                ->andWhere('i.institution = :institution')
                ->setParameter('institution', $query->institution);
        }

        if ($query->commonName) {
            $queryBuilder
                ->andWhere('i.commonName LIKE :commonName')
                ->setParameter('commonName', sprintf('%%%s%%', $query->commonName));
        }

        if ($query->email) {
            $queryBuilder
                ->andWhere('i.email LIKE :email')
                ->setParameter('email', sprintf('%%%s%%', $query->email));
        }

        if (!empty($query->secondFactorTypes)) {
            $queryBuilder
                //->innerJoin(VettedSecondFactor::class, 'vsf', Join::WITH, 'rac.identityId = vsf.identityId')
                ->andWhere('vsf.type IN (:secondFactorTypes)')
                ->setParameter('secondFactorTypes', $query->secondFactorTypes);
        }

        if (!empty($query->raInstitution)) {
            $queryBuilder
                ->andWhere('a.raInstitution = :raInstitution')
                ->setParameter('raInstitution', $query->raInstitution);
        }

        $queryBuilder->groupBy('i.id');

        return $queryBuilder->getQuery();
    }

    /**
     * @param RaCandidateQuery $query
     * @return \Doctrine\ORM\Query
     */
    public function createOptionsQuery(RaCandidateQuery $query)
    {
        $queryBuilder = $this->getEntityManager()->createQueryBuilder()
            ->select('a.institution')
            ->from(InstitutionAuthorization::class, 'a')
            ->where("a.institutionRole = 'select_raa'");


        // Modify query to filter on authorization:
        // For the RA candidates we want the identities that we could make RA. Because we then need to look at the
        // select_raa's we have to look at the institution of the candidate because that's the institution we could
        // select RA's from. Hence the 'rac.institution'.
        $this->authorizationRepositoryFilter->filter(
            $queryBuilder,
            $query->authorizationContext,
            'a.institution',
            'iac'
        );

        return $queryBuilder->getQuery();
    }

    /**
     * @param string $identityId
     * @param InstitutionAuthorizationContextInterface $authorizationContext
     * @return RaCandidate[]
     */
    public function findAllRaasByIdentityId($identityId, InstitutionAuthorizationContextInterface $authorizationContext)
    {
        $queryBuilder = $this->createQueryBuilder('rac')
            ->where('rac.identityId = :identityId')
            ->setParameter('identityId', $identityId)
            ->orderBy('rac.raInstitution');

        // Modify query to filter on authorization:
        // For the RA candidates we want the identities that we could make RA. Because we then need to look at the
        // select_raa's we have to look at the institution of the candidate because that's the institution we could
        // select RA's from. Hence the 'rac.institution'.
        $this->authorizationRepositoryFilter->filter(
            $queryBuilder,
            $authorizationContext,
            'rac.institution',
            'iac'
        );

        return $queryBuilder->getQuery()->getResult();
    }
}


1			<?php
2
3			/**
4			* Copyright 2014 SURFnet bv
5			*
6			* Licensed under the Apache License, Version 2.0 (the "License");
7			* you may not use this file except in compliance with the License.
8			* You may obtain a copy of the License at
9			*
10			* http://www.apache.org/licenses/LICENSE-2.0
11			*
12			* Unless required by applicable law or agreed to in writing, software
13			* distributed under the License is distributed on an "AS IS" BASIS,
14			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15			* See the License for the specific language governing permissions and
16			* limitations under the License.
17			*/
18
19			namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;
20
21			use Doctrine\ORM\EntityManager;
22			use Doctrine\ORM\EntityRepository;
23			use Doctrine\ORM\Mapping;
24			use Doctrine\ORM\Query\Expr\Join;
25			use Surfnet\StepupMiddleware\ApiBundle\Authorization\Filter\InstitutionAuthorizationRepositoryFilter;
26			use Surfnet\StepupMiddleware\ApiBundle\Authorization\Value\InstitutionAuthorizationContextInterface;
27			use Surfnet\StepupMiddleware\ApiBundle\Configuration\Entity\InstitutionAuthorization;
28			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\Identity;
29			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaCandidate;
30			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaListing;
31			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\VettedSecondFactor;
32			use Surfnet\StepupMiddleware\ApiBundle\Identity\Query\RaCandidateQuery;
33
34			/**
35			* @SuppressWarnings(PHPMD.CouplingBetweenObjects)
36			* @SuppressWarnings(PHPMD.TooManyPublicMethods)
37			*/
38			class RaCandidateRepository extends EntityRepository
39			{
40			/**
41			* @var InstitutionAuthorizationRepositoryFilter
42			*/
43			private $authorizationRepositoryFilter;
44
45			public function __construct(
46			EntityManager $em,
47			Mapping\ClassMetadata $class,
48			InstitutionAuthorizationRepositoryFilter $authorizationRepositoryFilter
49			) {
50			parent::__construct($em, $class);
51			$this->authorizationRepositoryFilter = $authorizationRepositoryFilter;
52			}
53
54			/**
55			* @param RaCandidateQuery $query
56			* @return \Doctrine\ORM\Query
57			*/
58			public function createSearchQuery(RaCandidateQuery $query)
59			{
60			// Base query to get all allowed ra candidates
61			$queryBuilder = $this->getEntityManager()->createQueryBuilder()
62			->select('i.id as identity_id, i.institution, i.commonName as common_name, i.email, i.nameId AS name_id, a.institution AS ra_institution')
63			->from(VettedSecondFactor::class, 'vsf')
64			->innerJoin(Identity::class, 'i', Join::WITH, "vsf.identityId = i.id")
65			->innerJoin(
66			InstitutionAuthorization::class,
67			'a',
68			Join::WITH,
69			"a.institutionRole = 'select_raa' AND a.institutionRelation = i.institution"
70			);
71
72			// Filter out candidates who are already ra
73			// Todo: filter out SRAA's ?
74			$subQuery = $this->getEntityManager()->createQueryBuilder()
75			->select('l')
76			->from(RaListing::class, "l")
77			->where("l.identityId = i.id AND l.raInstitution = a.institution");
78
79			$queryBuilder->andWhere($queryBuilder->expr()->not($queryBuilder->expr()->exists($subQuery->getDQL())));
80
81
82			// Modify query to filter on authorization:
83			// For the RA candidates we want the identities that we could make RA. Because we then need to look at the
84			// select_raa's we have to look at the institution of the candidate because that's the institution we could
85			// select RA's from. Hence the 'rac.institution'.
86			$this->authorizationRepositoryFilter->filter(
87			$queryBuilder,
88			$query->authorizationContext,
89			'i.institution',
90			'iac'
91			);
92
93			if ($query->institution) {
94			$queryBuilder
95			->andWhere('i.institution = :institution')
96			->setParameter('institution', $query->institution);
97			}
98
99			if ($query->commonName) {
100			$queryBuilder
101			->andWhere('i.commonName LIKE :commonName')
102			->setParameter('commonName', sprintf('%%%s%%', $query->commonName));
103			}
104
105			if ($query->email) {
106			$queryBuilder
107			->andWhere('i.email LIKE :email')
108			->setParameter('email', sprintf('%%%s%%', $query->email));
109			}
110
111			if (!empty($query->secondFactorTypes)) {
112			$queryBuilder
113			//->innerJoin(VettedSecondFactor::class, 'vsf', Join::WITH, 'rac.identityId = vsf.identityId')
114			->andWhere('vsf.type IN (:secondFactorTypes)')
115			->setParameter('secondFactorTypes', $query->secondFactorTypes);
116			}
117
118			if (!empty($query->raInstitution)) {
119			$queryBuilder
120			->andWhere('a.raInstitution = :raInstitution')
121			->setParameter('raInstitution', $query->raInstitution);
122			}
123
124			$queryBuilder->groupBy('i.id');
125
126			return $queryBuilder->getQuery();
127			}
128
129			/**
130			* @param RaCandidateQuery $query
131			* @return \Doctrine\ORM\Query
132			*/
133			public function createOptionsQuery(RaCandidateQuery $query)
134			{
135			$queryBuilder = $this->getEntityManager()->createQueryBuilder()
136			->select('a.institution')
137			->from(InstitutionAuthorization::class, 'a')
138			->where("a.institutionRole = 'select_raa'");
139
140
141			// Modify query to filter on authorization:
142			// For the RA candidates we want the identities that we could make RA. Because we then need to look at the
143			// select_raa's we have to look at the institution of the candidate because that's the institution we could
144			// select RA's from. Hence the 'rac.institution'.
145			$this->authorizationRepositoryFilter->filter(
146			$queryBuilder,
147			$query->authorizationContext,
148			'a.institution',
149			'iac'
150			);
151
152			return $queryBuilder->getQuery();
153			}
154
155			/**
156			* @param string $identityId
157			* @param InstitutionAuthorizationContextInterface $authorizationContext
158			* @return RaCandidate[]
159			*/
160			public function findAllRaasByIdentityId($identityId, InstitutionAuthorizationContextInterface $authorizationContext)
161			{
162			$queryBuilder = $this->createQueryBuilder('rac')
163			->where('rac.identityId = :identityId')
164			->setParameter('identityId', $identityId)
165			->orderBy('rac.raInstitution');
166
167			// Modify query to filter on authorization:
168			// For the RA candidates we want the identities that we could make RA. Because we then need to look at the
169			// select_raa's we have to look at the institution of the candidate because that's the institution we could
170			// select RA's from. Hence the 'rac.institution'.
171			$this->authorizationRepositoryFilter->filter(
172			$queryBuilder,
173			$authorizationContext,
174			'rac.institution',
175			'iac'
176			);
177
178			return $queryBuilder->getQuery()->getResult();
179			}
180			}
181

OpenConext / Stepup-Middleware

Pull Request — develop (#301)

RaCandidateRepository::createOptionsQuery() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like