RequestAuthorizationMiddleware::setMethod() - Code Metrics - Inspection of "Changing the BeforePolicyInterface" - Phauthentic/authorization - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( 59e8b7...7608ba )

by Florian

created 2018-10-29 15:00 UTC

RequestAuthorizationMiddleware::setMethod() A

↳ Parent: RequestAuthorizationMiddleware

Complexity

Conditions	1
Paths	1

Size

Total Lines	5
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	2
dl	0
loc	5
c	0
b	0
f	0
rs	10
cc	1
nc	1
nop	1

<?php
/**
 * CakePHP(tm) : Rapid Development Framework (https://cakephp.org)
 * Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org)
 *
 * Licensed under The MIT License
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org)
 * @link          https://cakephp.org CakePHP(tm) Project
 * @since         1.0.0
 * @license       https://opensource.org/licenses/mit-license.php MIT License
 */
namespace Phauthentic\Authorization\Middleware;

use Phauthentic\Authorization\AuthorizationServiceInterface;
use Phauthentic\Authorization\Exception\ForbiddenException;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use RuntimeException;

/**
 * Request Authorization Middleware
 *
 * This MUST be added after the Authorization, Authentication and
 * RoutingMiddleware in the Middleware Queue!
 *
 * This middleware is useful when you want to authorize your requests, for example
 * each controller and action, against a role based access system or any other
 * kind of authorization process that controls access to certain actions.
 */
class RequestAuthorizationMiddleware
{
    /**
     * @var string
     */
    protected $authorizationAttribute = 'authorization';

    /**
     * @var string
     */
    protected $identityAttribute = 'identity';

    /**
     * @var string
     */
    protected $method = 'access';

    /**
     * Gets the authorization service from the request attribute
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request Server request.
     * @return \Phauthentic\Authorization\AuthorizationServiceInterface
     */
    protected function getServiceFromRequest(ServerRequestInterface $request)
    {
        $service = ($request->getAttribute($this->authorizationAttribute));

        if (!$service instanceof AuthorizationServiceInterface) {
            $errorMessage = __CLASS__ . ' could not find the authorization service in the request attribute. ' .
                'Make sure you added the AuthorizationMiddleware before this middleware or that you ' .
                'somehow else added the service to the requests `' . $this->authorizationAttribute . '` attribute.';

            throw new RuntimeException($errorMessage);
        }

        return $service;
    }

    /**
     * Callable implementation for the middleware stack.
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request Server request.
     * @param \Psr\Http\Message\ResponseInterface $response Response.
     * @param callable $next The next middleware to call.
     * @return ResponseInterface A response.
     */
    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, $next)
    {
        $service = $this->getServiceFromRequest($request);
        $identity = $request->getAttribute($this->identityAttribute);

        if (!$service->can($identity, $this->method, $request)) {
            throw new ForbiddenException();
        }

        return $next($request, $response);
    }

    public function setAuthorizationAttribute(string $attributeName): self
    {
        $this->authorizationAttribute = $attributeName;

        return $this;
    }

    public function setIdentityAttribute(string $attributeName): self
    {
        $this->identityAttribute = $attributeName;

        return $this;
    }

    public function setMethod(string $method): self
    {
        $this->method = $method;

        return $this;
    }
}


1			<?php
2			/**
3			* CakePHP(tm) : Rapid Development Framework (https://cakephp.org)
4			* Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org)
5			*
6			* Licensed under The MIT License
7			* For full copyright and license information, please see the LICENSE.txt
8			* Redistributions of files must retain the above copyright notice.
9			*
10			* @copyright Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org)
11			* @link https://cakephp.org CakePHP(tm) Project
12			* @since 1.0.0
13			* @license https://opensource.org/licenses/mit-license.php MIT License
14			*/
15			namespace Phauthentic\Authorization\Middleware;
16
17			use Phauthentic\Authorization\AuthorizationServiceInterface;
18			use Phauthentic\Authorization\Exception\ForbiddenException;
19			use Psr\Http\Message\ResponseInterface;
20			use Psr\Http\Message\ServerRequestInterface;
21			use RuntimeException;
22
23			/**
24			* Request Authorization Middleware
25			*
26			* This MUST be added after the Authorization, Authentication and
27			* RoutingMiddleware in the Middleware Queue!
28			*
29			* This middleware is useful when you want to authorize your requests, for example
30			* each controller and action, against a role based access system or any other
31			* kind of authorization process that controls access to certain actions.
32			*/
33			class RequestAuthorizationMiddleware
34			{
35			/**
36			* @var string
37			*/
38			protected $authorizationAttribute = 'authorization';
39
40			/**
41			* @var string
42			*/
43			protected $identityAttribute = 'identity';
44
45			/**
46			* @var string
47			*/
48			protected $method = 'access';
49
50			/**
51			* Gets the authorization service from the request attribute
52			*
53			* @param \Psr\Http\Message\ServerRequestInterface $request Server request.
54			* @return \Phauthentic\Authorization\AuthorizationServiceInterface
55			*/
56			protected function getServiceFromRequest(ServerRequestInterface $request)
57			{
58			$service = ($request->getAttribute($this->authorizationAttribute));
59
60			if (!$service instanceof AuthorizationServiceInterface) {
61			$errorMessage = __CLASS__ . ' could not find the authorization service in the request attribute. ' .
62			'Make sure you added the AuthorizationMiddleware before this middleware or that you ' .
63			'somehow else added the service to the requests `' . $this->authorizationAttribute . '` attribute.';
64
65			throw new RuntimeException($errorMessage);
66			}
67
68			return $service;
69			}
70
71			/**
72			* Callable implementation for the middleware stack.
73			*
74			* @param \Psr\Http\Message\ServerRequestInterface $request Server request.
75			* @param \Psr\Http\Message\ResponseInterface $response Response.
76			* @param callable $next The next middleware to call.
77			* @return ResponseInterface A response.
78			*/
79			public function __invoke(ServerRequestInterface $request, ResponseInterface $response, $next)
80			{
81			$service = $this->getServiceFromRequest($request);
82			$identity = $request->getAttribute($this->identityAttribute);
83
84			if (!$service->can($identity, $this->method, $request)) {
85			throw new ForbiddenException();
86			}
87
88			return $next($request, $response);
89			}
90
91			public function setAuthorizationAttribute(string $attributeName): self
92			{
93			$this->authorizationAttribute = $attributeName;
94
95			return $this;
96			}
97
98			public function setIdentityAttribute(string $attributeName): self
99			{
100			$this->identityAttribute = $attributeName;
101
102			return $this;
103			}
104
105			public function setMethod(string $method): self
106			{
107			$this->method = $method;
108
109			return $this;
110			}
111			}
112

Phauthentic / authorization

Push — master ( 59e8b7...7608ba )

RequestAuthorizationMiddleware::setMethod() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like