InstitutionListingRepository::getImplicitInstitutionsFor() - Code Metrics - Inspection of "Integrat changes in ProfileService" - OpenConext/Stepup-Middleware - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — feature/profile-retrieve-impli... ( 3a9ede )

by Michiel

created 2019-02-28 16:34 UTC

getImplicitInstitutionsFor() A

↳ Parent: InstitutionListingRepository

Complexity

Conditions	2
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	22
rs	9.568
c	0
b	0
f	0
cc	2
nc	2
nop	2

<?php

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;

use Doctrine\ORM\EntityRepository;
use Doctrine\ORM\Query\Expr\Join;
use Surfnet\Stepup\Configuration\Value\InstitutionRole;
use Surfnet\Stepup\Identity\Collection\InstitutionCollection;
use Surfnet\Stepup\Identity\Value\IdentityId;
use Surfnet\Stepup\Identity\Value\Institution;
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Value\InstitutionRoleSet;
use Surfnet\StepupMiddleware\ApiBundle\Configuration\Entity\InstitutionAuthorization;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\InstitutionListing;
use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaListing;

class InstitutionListingRepository extends EntityRepository
{
    public function save(InstitutionListing $institution)
    {
        $this->getEntityManager()->persist($institution);
        $this->getEntityManager()->flush();
    }

    public function addIfNotExists(Institution $institution)
    {
        $existsQuery = $this->createQueryBuilder('i')
            ->where('i.institution = :institution')
            ->setParameter('institution', (string) $institution)
            ->getQuery()
            ->getOneOrNullResult();

        if ($existsQuery) {
            return;
        }

        $listing = InstitutionListing::createFrom($institution);

        $this->save($listing);
    }

    /**
     * Select the implicit roles for an identity
     *
     * These are not retrievable by the users appointed roles, but are based on the institution configuration that
     * apply for the institution of the user. The only condition is that the user must be listed as RA(A) in the
     * ra_listing.
     *
     * @param IdentityId $actorId
     * @param InstitutionRole $role
     * @return InstitutionCollection
     */
    public function getImplicitInstitutionsFor(IdentityId $actorId, InstitutionRole $role)
    {
        $qb = $this->_em->createQueryBuilder()
            ->select("a.institution")
            ->from(InstitutionAuthorization::class, 'a')
            ->innerJoin(RaListing::class, 'r', Join::WITH, 'r.institution = a.institutionRelation')
            ->where("r.identityId = :identityId")
            ->andWhere("a.institutionRole = :role")
            ->groupBy("a.institution");

        $qb->setParameter('identityId', (string)$actorId);
        $qb->setParameter('role', (string)$role);

        $institutions = $qb->getQuery()->getArrayResult();

        $result = new InstitutionCollection();
        foreach ($institutions as $institution) {
            $result->add(new Institution((string)$institution['institution']));
        }

        return $result;
    }


    /**
     * @param InstitutionRoleSet $roleRequirements
     * @param IdentityId $actorId
     * @return InstitutionCollection
     */
    public function getInstitutionsForRaa(InstitutionRoleSet $roleRequirements, IdentityId $actorId)
    {
        $qb = $this->createQueryBuilder('i')
            ->select("a.institution")
            ->innerJoin(RaListing::class, 'r', Join::WITH, "i.institution = r.raInstitution")
            ->leftJoin(
                InstitutionAuthorization::class,
                'a',
                Join::WITH,
                "i.institution = a.institutionRelation AND a.institutionRole IN (:authorizationRoles)"
            )
            ->where("r.identityId = :identityId AND r.role IN(:roles)")
            ->groupBy("a.institution");

        $qb->setParameter('identityId', (string)$actorId);
        $qb->setParameter(
            'authorizationRoles',
            $this->getAuthorizationRoles(
                $roleRequirements,
                [InstitutionRole::ROLE_USE_RA => InstitutionRole::ROLE_USE_RA, InstitutionRole::ROLE_USE_RAA => InstitutionRole::ROLE_USE_RAA]
            )
        );
        $qb->setParameter(
            'roles',
            $this->getAuthorizationRoles(
                $roleRequirements,
                [InstitutionRole::ROLE_USE_RA => 'ra', InstitutionRole::ROLE_USE_RAA => 'raa']
            )
        );

        $institutions = $qb->getQuery()->getArrayResult();

        $result = new InstitutionCollection();
        foreach ($institutions as $institution) {
            $result->add(new Institution((string)$institution['institution']));
        }

        return $result;
    }

    /**
     * @param IdentityId $actorId
     * @return InstitutionCollection
     */
    public function getInstitutionsForSelectRaa(IdentityId $actorId)
    {
        $qb = $this->createQueryBuilder('i')
            ->select("a.institutionRelation")
            ->innerJoin(RaListing::class, 'r', Join::WITH, "i.institution = r.raInstitution")
            ->leftJoin(
                InstitutionAuthorization::class,
                'a',
                Join::WITH,
                "i.institution = a.institution AND a.institutionRole IN (:authorizationRoles)"
            )
            ->where("r.identityId = :identityId AND r.role IN(:roles)")
            ->groupBy("a.institutionRelation");

        $qb->setParameter('identityId', (string)$actorId);
        $qb->setParameter(
            'authorizationRoles',
            [InstitutionRole::ROLE_SELECT_RAA]
        );
        $qb->setParameter(
            'roles',
            ['raa']
        );
        $institutions = $qb->getQuery()->getArrayResult();

        $result = new InstitutionCollection();
        foreach ($institutions as $institution) {
            $result->add(new Institution((string)$institution['institutionRelation']));
        }

        return $result;
    }


    /**
     * @param Institution $institution
     * @return InstitutionCollection
     */
    public function getInstitutionsForSelectRaaAsSraa(Institution $institution)
    {
        $qb = $this->createQueryBuilder('i')
            ->select("a.institution")
            ->innerJoin(
                InstitutionAuthorization::class,
                'a',
                Join::WITH,
                "i.institution = a.institution AND a.institutionRole IN (:authorizationRoles)"
            )
            ->where("a.institution = :institution")
            ->groupBy("a.institution");

        $qb->setParameter('institution', (string)$institution);
        $qb->setParameter(
            'authorizationRoles',
            [InstitutionRole::ROLE_SELECT_RAA]
        );

        $institutions = $qb->getQuery()->getArrayResult();

        $result = new InstitutionCollection();
        foreach ($institutions as $institution) {
            $result->add(new Institution((string)$institution['institution']));
        }

        return $result;
    }

    /**
     * @param InstitutionRoleSet $roleRequirements
     * @param array $map
     * @return array
     */
    private function getAuthorizationRoles(InstitutionRoleSet $roleRequirements, array $map)
    {
        $result = [];
        foreach ($roleRequirements->getRoles() as $role) {
            $result[] = $map[(string)$role];
        }
        return $result;
    }
}


1			<?php
2
3			/**
4			* Copyright 2014 SURFnet bv
5			*
6			* Licensed under the Apache License, Version 2.0 (the "License");
7			* you may not use this file except in compliance with the License.
8			* You may obtain a copy of the License at
9			*
10			* http://www.apache.org/licenses/LICENSE-2.0
11			*
12			* Unless required by applicable law or agreed to in writing, software
13			* distributed under the License is distributed on an "AS IS" BASIS,
14			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15			* See the License for the specific language governing permissions and
16			* limitations under the License.
17			*/
18
19			namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Repository;
20
21			use Doctrine\ORM\EntityRepository;
22			use Doctrine\ORM\Query\Expr\Join;
23			use Surfnet\Stepup\Configuration\Value\InstitutionRole;
24			use Surfnet\Stepup\Identity\Collection\InstitutionCollection;
25			use Surfnet\Stepup\Identity\Value\IdentityId;
26			use Surfnet\Stepup\Identity\Value\Institution;
27			use Surfnet\StepupMiddleware\ApiBundle\Authorization\Value\InstitutionRoleSet;
28			use Surfnet\StepupMiddleware\ApiBundle\Configuration\Entity\InstitutionAuthorization;
29			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\InstitutionListing;
30			use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaListing;
31
32			class InstitutionListingRepository extends EntityRepository
33			{
34			public function save(InstitutionListing $institution)
35			{
36			$this->getEntityManager()->persist($institution);
37			$this->getEntityManager()->flush();
38			}
39
40			public function addIfNotExists(Institution $institution)
41			{
42			$existsQuery = $this->createQueryBuilder('i')
43			->where('i.institution = :institution')
44			->setParameter('institution', (string) $institution)
45			->getQuery()
46			->getOneOrNullResult();
47
48			if ($existsQuery) {
49			return;
50			}
51
52			$listing = InstitutionListing::createFrom($institution);
53
54			$this->save($listing);
55			}
56
57			/**
58			* Select the implicit roles for an identity
59			*
60			* These are not retrievable by the users appointed roles, but are based on the institution configuration that
61			* apply for the institution of the user. The only condition is that the user must be listed as RA(A) in the
62			* ra_listing.
63			*
64			* @param IdentityId $actorId
65			* @param InstitutionRole $role
66			* @return InstitutionCollection
67			*/
68			public function getImplicitInstitutionsFor(IdentityId $actorId, InstitutionRole $role)
69			{
70			$qb = $this->_em->createQueryBuilder()
71			->select("a.institution")
72			->from(InstitutionAuthorization::class, 'a')
73			->innerJoin(RaListing::class, 'r', Join::WITH, 'r.institution = a.institutionRelation')
74			->where("r.identityId = :identityId")
75			->andWhere("a.institutionRole = :role")
76			->groupBy("a.institution");
77
78			$qb->setParameter('identityId', (string)$actorId);
79			$qb->setParameter('role', (string)$role);
80
81			$institutions = $qb->getQuery()->getArrayResult();
82
83			$result = new InstitutionCollection();
84			foreach ($institutions as $institution) {
85			$result->add(new Institution((string)$institution['institution']));
86			}
87
88			return $result;
89			}
90
91
92			/**
93			* @param InstitutionRoleSet $roleRequirements
94			* @param IdentityId $actorId
95			* @return InstitutionCollection
96			*/
97			public function getInstitutionsForRaa(InstitutionRoleSet $roleRequirements, IdentityId $actorId)
98			{
99			$qb = $this->createQueryBuilder('i')
100			->select("a.institution")
101			->innerJoin(RaListing::class, 'r', Join::WITH, "i.institution = r.raInstitution")
102			->leftJoin(
103			InstitutionAuthorization::class,
104			'a',
105			Join::WITH,
106			"i.institution = a.institutionRelation AND a.institutionRole IN (:authorizationRoles)"
107			)
108			->where("r.identityId = :identityId AND r.role IN(:roles)")
109			->groupBy("a.institution");
110
111			$qb->setParameter('identityId', (string)$actorId);
112			$qb->setParameter(
113			'authorizationRoles',
114			$this->getAuthorizationRoles(
115			$roleRequirements,
116			[InstitutionRole::ROLE_USE_RA => InstitutionRole::ROLE_USE_RA, InstitutionRole::ROLE_USE_RAA => InstitutionRole::ROLE_USE_RAA]
117			)
118			);
119			$qb->setParameter(
120			'roles',
121			$this->getAuthorizationRoles(
122			$roleRequirements,
123			[InstitutionRole::ROLE_USE_RA => 'ra', InstitutionRole::ROLE_USE_RAA => 'raa']
124			)
125			);
126
127			$institutions = $qb->getQuery()->getArrayResult();
128
129			$result = new InstitutionCollection();
130			foreach ($institutions as $institution) {
131			$result->add(new Institution((string)$institution['institution']));
132			}
133
134			return $result;
135			}
136
137			/**
138			* @param IdentityId $actorId
139			* @return InstitutionCollection
140			*/
141			public function getInstitutionsForSelectRaa(IdentityId $actorId)
142			{
143			$qb = $this->createQueryBuilder('i')
144			->select("a.institutionRelation")
145			->innerJoin(RaListing::class, 'r', Join::WITH, "i.institution = r.raInstitution")
146			->leftJoin(
147			InstitutionAuthorization::class,
148			'a',
149			Join::WITH,
150			"i.institution = a.institution AND a.institutionRole IN (:authorizationRoles)"
151			)
152			->where("r.identityId = :identityId AND r.role IN(:roles)")
153			->groupBy("a.institutionRelation");
154
155			$qb->setParameter('identityId', (string)$actorId);
156			$qb->setParameter(
157			'authorizationRoles',
158			[InstitutionRole::ROLE_SELECT_RAA]
159			);
160			$qb->setParameter(
161			'roles',
162			['raa']
163			);
164			$institutions = $qb->getQuery()->getArrayResult();
165
166			$result = new InstitutionCollection();
167			foreach ($institutions as $institution) {
168			$result->add(new Institution((string)$institution['institutionRelation']));
169			}
170
171			return $result;
172			}
173
174
175			/**
176			* @param Institution $institution
177			* @return InstitutionCollection
178			*/
179			public function getInstitutionsForSelectRaaAsSraa(Institution $institution)
180			{
181			$qb = $this->createQueryBuilder('i')
182			->select("a.institution")
183			->innerJoin(
184			InstitutionAuthorization::class,
185			'a',
186			Join::WITH,
187			"i.institution = a.institution AND a.institutionRole IN (:authorizationRoles)"
188			)
189			->where("a.institution = :institution")
190			->groupBy("a.institution");
191
192			$qb->setParameter('institution', (string)$institution);
193			$qb->setParameter(
194			'authorizationRoles',
195			[InstitutionRole::ROLE_SELECT_RAA]
196			);
197
198			$institutions = $qb->getQuery()->getArrayResult();
199
200			$result = new InstitutionCollection();
201			foreach ($institutions as $institution) {
202			$result->add(new Institution((string)$institution['institution']));
203			}
204
205			return $result;
206			}
207
208			/**
209			* @param InstitutionRoleSet $roleRequirements
210			* @param array $map
211			* @return array
212			*/
213			private function getAuthorizationRoles(InstitutionRoleSet $roleRequirements, array $map)
214			{
215			$result = [];
216			foreach ($roleRequirements->getRoles() as $role) {
217			$result[] = $map[(string)$role];
218			}
219			return $result;
220			}
221			}
222

OpenConext / Stepup-Middleware

Push — feature/profile-retrieve-impli... ( 3a9ede )

getImplicitInstitutionsFor() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like