Completed
Pull Request — develop (#269)
by
unknown
09:29 queued 03:22
created

ProfileService::createProfile()   A

Complexity

Conditions 2
Paths 2

Size

Total Lines 24

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
dl 0
loc 24
rs 9.536
c 0
b 0
f 0
cc 2
nc 2
nop 1
1
<?php
2
3
/**
4
 * Copyright 2019 SURFnet B.V.
5
 *
6
 * Licensed under the Apache License, Version 2.0 (the "License");
7
 * you may not use this file except in compliance with the License.
8
 * You may obtain a copy of the License at
9
 *
10
 *     http://www.apache.org/licenses/LICENSE-2.0
11
 *
12
 * Unless required by applicable law or agreed to in writing, software
13
 * distributed under the License is distributed on an "AS IS" BASIS,
14
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
 * See the License for the specific language governing permissions and
16
 * limitations under the License.
17
 */
18
19
namespace Surfnet\StepupMiddleware\ApiBundle\Identity\Service;
20
21
use Surfnet\Stepup\Configuration\Value\InstitutionRole;
22
use Surfnet\Stepup\Identity\Value\IdentityId;
23
use Surfnet\StepupMiddleware\ApiBundle\Authorization\Service\InstitutionAuthorizationService;
24
use Surfnet\StepupMiddleware\ApiBundle\Identity\Repository\InstitutionListingRepository;
25
use Surfnet\StepupMiddleware\ApiBundle\Identity\Repository\RaListingRepository;
26
use Surfnet\StepupMiddleware\ApiBundle\Identity\Value\AuthorizedInstitutionCollection;
27
use Surfnet\StepupMiddleware\ApiBundle\Identity\Value\Profile;
28
29
class ProfileService extends AbstractSearchService
30
{
31
    /**
32
     * @var RaListingRepository
33
     */
34
    private $raListingRepository;
35
36
    /**
37
     * @var IdentityService
38
     */
39
    private $identityService;
40
41
    /**
42
     * @var InstitutionListingRepository
43
     */
44
    private $institutionListingRepository;
45
    /**
46
     * @var InstitutionAuthorizationService
47
     */
48
    private $authorizationService;
49
50
    public function __construct(
51
        RaListingRepository $raListingRepository,
52
        InstitutionListingRepository $institutionListingRepository,
53
        IdentityService $identityService,
54
        InstitutionAuthorizationService $institutionAuthorizationService
55
    ) {
56
        $this->raListingRepository = $raListingRepository;
57
        $this->institutionListingRepository = $institutionListingRepository;
58
        $this->identityService = $identityService;
59
        $this->authorizationService = $institutionAuthorizationService;
60
    }
61
62
    /**
63
     * Uses the identityId to first load the ra credentials (if present)
64
     * These credentials are then used to test what type of administrator we are dealing with ((S)RA(A)). Next the
65
     * authorizations are retrieved from the InstitutionAuthorizationRepository. Finally identity is retrieved for the
66
     * provided identityId. This data is then merged in a Profile value object.
67
     *
68
     * When the profile is incorrect, for example because no identity can be found, null is returned instead of a
69
     * Profile. Its possible to retrieve profile data for a non RA user, in that case no authorization data is set
70
     * on the profile. The same goes for the SRAA user. As that user is allowed all authorizations for all institutions.
71
     * An additional isSraa flag is set to true for these administrators.
72
     *
73
     * @param string $identityId
74
     * @return Profile|null
75
     */
76
    public function createProfile($identityId)
77
    {
78
        $identity = $this->identityService->find($identityId);
79
        if ($identity === null) {
80
            return null;
81
        }
82
83
        $authorizationContextRa = $this->authorizationService->buildInstitutionAuthorizationContext(
84
            new IdentityId($identityId),
85
            new InstitutionRole(InstitutionRole::ROLE_USE_RA)
86
        );
87
88
        $authorizationContextRaa = $this->authorizationService->buildInstitutionAuthorizationContext(
89
            new IdentityId($identityId),
90
            new InstitutionRole(InstitutionRole::ROLE_USE_RAA)
91
        );
92
93
        $authorizations = AuthorizedInstitutionCollection::from(
94
            $authorizationContextRa->getInstitutions(),
0 ignored issues
show
Bug introduced by
It seems like $authorizationContextRa->getInstitutions() can be null; however, from() does not accept null, maybe add an additional type check?

Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code:

/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}
Loading history...
95
            $authorizationContextRaa->getInstitutions()
96
        );
97
98
        return new Profile($identity, $authorizations, $authorizationContextRa->isActorSraa());
99
    }
100
}
101