User::access() - Code Metrics - Inspection of "Fix display of associated servers when viewing an..." - Pterodactyl/Panel - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( ae6b0f...6dc1c1 )

by Dane

created 2017-05-01 19:28 UTC

User::access() D

↳ Parent: User

Complexity

Conditions	10
Paths	16

Size

Total Lines	31
Code Lines	12

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
c	0
b	0
f	0
dl	0
loc	31
rs	4.8196
cc	10
eloc	12
nc	16
nop	1

How to fix Complexity

<?php
/**
 * Pterodactyl - Panel
 * Copyright (c) 2015 - 2017 Dane Everitt <[email protected]>.
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */

namespace Pterodactyl\Models;

use Hash;
use Google2FA;
use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;
use Pterodactyl\Exceptions\DisplayException;
use Nicolaslopezj\Searchable\SearchableTrait;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Foundation\Auth\Access\Authorizable;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Pterodactyl\Notifications\SendPasswordReset as ResetPasswordNotification;

class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract
{
    use Authenticatable, Authorizable, CanResetPassword, Notifiable, SearchableTrait;

    /**
     * The rules for user passwords.
     *
     * @var string
     */
    const PASSWORD_RULES = 'regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})';

    /**
     * The regex rules for usernames.
     *
     * @var string
     */
    const USERNAME_RULES = 'regex:/^([\w\d\.\-]{1,255})$/';

    /**
     * Level of servers to display when using access() on a user.
     *
     * @var string
     */
    protected $accessLevel = 'all';

    /**
     * The table associated with the model.
     *
     * @var string
     */
    protected $table = 'users';

    /**
     * A list of mass-assignable variables.
     *
     * @var array
     */
    protected $fillable = ['username', 'email', 'name_first', 'name_last', 'password', 'language', 'use_totp', 'totp_secret', 'gravatar', 'root_admin'];

    /**
     * Cast values to correct type.
     *
     * @var array
     */
    protected $casts = [
        'root_admin' => 'integer',
        'use_totp' => 'integer',
        'gravatar' => 'integer',
    ];

    /**
     * The attributes excluded from the model's JSON form.
     *
     * @var array
     */
    protected $hidden = ['password', 'remember_token', 'totp_secret'];

    /**
     * Parameters for search querying.
     *
     * @var array
     */
    protected $searchable = [
        'columns' => [
            'email' => 10,
            'username' => 9,
            'name_first' => 6,
            'name_last' => 6,
            'uuid' => 1,
        ],
    ];

    protected $query;

    /**
     * Enables or disables TOTP on an account if the token is valid.
     *
     * @param  int  $token
     * @return bool
     */
    public function toggleTotp($token)
    {
        if (! Google2FA::verifyKey($this->totp_secret, $token, 1)) {
            return false;
        }

        $this->use_totp = ! $this->use_totp;

        return $this->save();
    }

    /**
     * Set a user password to a new value assuming it meets the following requirements:
     *      - 8 or more characters in length
     *      - at least one uppercase character
     *      - at least one lowercase character
     *      - at least one number.
     *
     * @param  string  $password
     * @param  string  $regex
     * @return void
     */
    public function setPassword($password, $regex = '((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})')
    {
        if (! preg_match($regex, $password)) {
            throw new DisplayException('The password passed did not meet the minimum password requirements.');
        }

        $this->password = Hash::make($password);
        $this->save();
    }

    /**
     * Send the password reset notification.
     *
     * @param  string  $token
     * @return void
     */
    public function sendPasswordResetNotification($token)
    {
        $this->notify(new ResetPasswordNotification($token));
    }

    /**
     * Return true or false depending on wether the user is root admin or not.
     *
     * @return bool
     */
    public function isRootAdmin()
    {
        return $this->root_admin === 1;
    }

    /**
     * Returns the user's daemon secret for a given server.
     *
     * @param  \Pterodactyl\Models\Server  $server
     * @return null|string
     */
    public function daemonToken(Server $server)
    {
        if ($this->id === $server->owner_id || $this->isRootAdmin()) {
            return $server->daemonSecret;
        }

        $subuser = $this->subuserOf->where('server_id', $server->id)->first();

        return ($subuser) ? $subuser->daemonSecret : null;
    }

    /**
     * Returns an array of all servers a user is able to access.
     * Note: does not account for user admin status.
     *
     * @return array
     */
    public function serverAccessArray()
    {
        return Server::select('id')->where('owner_id', $this->id)->union(
            Subuser::select('server_id')->where('user_id', $this->id)
        )->pluck('id')->all();
    }

    /**
     * Change the access level for a given call to `access()` on the user.
     *
     * @param  string  $level can be all, admin, subuser, owner
     * @return void
     */
    public function setAccessLevel($level = 'all')
    {
        if (! in_array($level, ['all', 'admin', 'subuser', 'owner'])) {
            $level = 'all';
        }
        $this->accessLevel = $level;

        return $this;
    }

    /**
     * Returns an array of all servers a user is able to access.
     * Note: does not account for user admin status.
     *
     * @param  array        $load
     * @return \Illuiminate\Database\Eloquent\Builder
     */
    public function access(...$load)
    {
        if (count($load) > 0 && is_null($load[0])) {
            $query = Server::query();
        } else {
            $query = Server::with(! empty($load) ? $load : ['service', 'node', 'allocation']);
        }

        // If access level is set to owner, only display servers
        // that the user owns.
        if ($this->accessLevel === 'owner') {
            $query->where('owner_id', $this->id);
class A
{
    public function foo() { }
}

class B extends A
{
    public function bar() { }
}

/**
 * @param A|B $x
 */
function someFunction($x)
{
    $x->foo(); // This call is fine as the method exists in A and B.
    $x->bar(); // This method only exists in B and might cause an error.
}
        }

        // If set to all, display all servers they can access, including
        // those they access as an admin.
        //
        // If set to subuser, only return the servers they can access because
        // they are owner, or marked as a subuser of the server.
        if (($this->accessLevel === 'all' && ! $this->isRootAdmin()) || $this->accessLevel === 'subuser') {
            $query->whereIn('id', $this->serverAccessArray());
        }

        // If set to admin, only display the servers a user can access
        // as an administrator (leaves out owned and subuser of).
        if ($this->accessLevel === 'admin' && $this->isRootAdmin()) {
            $query->whereNotIn('id', $this->serverAccessArray());
        }

        return $query;
    }

    /**
     * Returns all permissions that a user has.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
     */
    public function permissions()
    {
        return $this->hasManyThrough(Permission::class, Subuser::class);
    }

    /**
     * Returns all servers that a user owns.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function servers()
    {
        return $this->hasMany(Server::class, 'owner_id');
    }

    /**
     * Return all servers that user is listed as a subuser of directly.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function subuserOf()
    {
        return $this->hasMany(Subuser::class);
    }
}


GitHub Access Token became invalid

Push — develop ( ae6b0f...6dc1c1 )

User::access() D

Complexity

Size

Duplication

Importance

How to fix Complexity

Long Method

Available Fixes

1			<?php
2			/**
3			* Pterodactyl - Panel
4			* Copyright (c) 2015 - 2017 Dane Everitt <[email protected]>.
5			*
6			* Permission is hereby granted, free of charge, to any person obtaining a copy
7			* of this software and associated documentation files (the "Software"), to deal
8			* in the Software without restriction, including without limitation the rights
9			* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10			* copies of the Software, and to permit persons to whom the Software is
11			* furnished to do so, subject to the following conditions:
12			*
13			* The above copyright notice and this permission notice shall be included in all
14			* copies or substantial portions of the Software.
15			*
16			* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17			* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18			* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19			* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20			* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21			* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22			* SOFTWARE.
23			*/
24
25			namespace Pterodactyl\Models;
26
27			use Hash;
28			use Google2FA;
29			use Illuminate\Auth\Authenticatable;
30			use Illuminate\Database\Eloquent\Model;
31			use Illuminate\Notifications\Notifiable;
32			use Pterodactyl\Exceptions\DisplayException;
33			use Nicolaslopezj\Searchable\SearchableTrait;
34			use Illuminate\Auth\Passwords\CanResetPassword;
35			use Illuminate\Foundation\Auth\Access\Authorizable;
36			use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
37			use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
38			use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
39			use Pterodactyl\Notifications\SendPasswordReset as ResetPasswordNotification;
40
41			class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract
42			{
43			use Authenticatable, Authorizable, CanResetPassword, Notifiable, SearchableTrait;
44
45			/**
46			* The rules for user passwords.
47			*
48			* @var string
49			*/
50			const PASSWORD_RULES = 'regex:((?=.\d)(?=.[a-z])(?=.*[A-Z]).{8,})';
51
52			/**
53			* The regex rules for usernames.
54			*
55			* @var string
56			*/
57			const USERNAME_RULES = 'regex:/^([\w\d\.\-]{1,255})$/';
58
59			/**
60			* Level of servers to display when using access() on a user.
61			*
62			* @var string
63			*/
64			protected $accessLevel = 'all';
65
66			/**
67			* The table associated with the model.
68			*
69			* @var string
70			*/
71			protected $table = 'users';
72
73			/**
74			* A list of mass-assignable variables.
75			*
76			* @var array
77			*/
78			protected $fillable = ['username', 'email', 'name_first', 'name_last', 'password', 'language', 'use_totp', 'totp_secret', 'gravatar', 'root_admin'];
79
80			/**
81			* Cast values to correct type.
82			*
83			* @var array
84			*/
85			protected $casts = [
86			'root_admin' => 'integer',
87			'use_totp' => 'integer',
88			'gravatar' => 'integer',
89			];
90
91			/**
92			* The attributes excluded from the model's JSON form.
93			*
94			* @var array
95			*/
96			protected $hidden = ['password', 'remember_token', 'totp_secret'];
97
98			/**
99			* Parameters for search querying.
100			*
101			* @var array
102			*/
103			protected $searchable = [
104			'columns' => [
105			'email' => 10,
106			'username' => 9,
107			'name_first' => 6,
108			'name_last' => 6,
109			'uuid' => 1,
110			],
111			];
112
113			protected $query;
114
115			/**
116			* Enables or disables TOTP on an account if the token is valid.
117			*
118			* @param int $token
119			* @return bool
120			*/
121			public function toggleTotp($token)
122			{
123			if (! Google2FA::verifyKey($this->totp_secret, $token, 1)) {
124			return false;
125			}
126
127			$this->use_totp = ! $this->use_totp;
128
129			return $this->save();
130			}
131
132			/**
133			* Set a user password to a new value assuming it meets the following requirements:
134			* - 8 or more characters in length
135			* - at least one uppercase character
136			* - at least one lowercase character
137			* - at least one number.
138			*
139			* @param string $password
140			* @param string $regex
141			* @return void
142			*/
143			public function setPassword($password, $regex = '((?=.\d)(?=.[a-z])(?=.*[A-Z]).{8,})')
144			{
145			if (! preg_match($regex, $password)) {
146			throw new DisplayException('The password passed did not meet the minimum password requirements.');
147			}
148
149			$this->password = Hash::make($password);
150			$this->save();
151			}
152
153			/**
154			* Send the password reset notification.
155			*
156			* @param string $token
157			* @return void
158			*/
159			public function sendPasswordResetNotification($token)
160			{
161			$this->notify(new ResetPasswordNotification($token));
162			}
163
164			/**
165			* Return true or false depending on wether the user is root admin or not.
166			*
167			* @return bool
168			*/
169			public function isRootAdmin()
170			{
171			return $this->root_admin === 1;
172			}
173
174			/**
175			* Returns the user's daemon secret for a given server.
176			*
177			* @param \Pterodactyl\Models\Server $server
178			* @return null\|string
179			*/
180			public function daemonToken(Server $server)
181			{
182			if ($this->id === $server->owner_id \|\| $this->isRootAdmin()) {
183			return $server->daemonSecret;
184			}
185
186			$subuser = $this->subuserOf->where('server_id', $server->id)->first();
187
188			return ($subuser) ? $subuser->daemonSecret : null;
189			}
190
191			/**
192			* Returns an array of all servers a user is able to access.
193			* Note: does not account for user admin status.
194			*
195			* @return array
196			*/
197			public function serverAccessArray()
198			{
199			return Server::select('id')->where('owner_id', $this->id)->union(
200			Subuser::select('server_id')->where('user_id', $this->id)
201			)->pluck('id')->all();
202			}
203
204			/**
205			* Change the access level for a given call to `access()` on the user.
206			*
207			* @param string $level can be all, admin, subuser, owner
208			* @return void
209			*/
210			public function setAccessLevel($level = 'all')
211			{
212			if (! in_array($level, ['all', 'admin', 'subuser', 'owner'])) {
213			$level = 'all';
214			}
215			$this->accessLevel = $level;
216
217			return $this;
218			}
219
220			/**
221			* Returns an array of all servers a user is able to access.
222			* Note: does not account for user admin status.
223			*
224			* @param array $load
225			* @return \Illuiminate\Database\Eloquent\Builder
226			*/
227			public function access(...$load)
228			{
229			if (count($load) > 0 && is_null($load[0])) {
230			$query = Server::query();
231			} else {
232			$query = Server::with(! empty($load) ? $load : ['service', 'node', 'allocation']);
233			}
234
235			// If access level is set to owner, only display servers
236			// that the user owns.
237			if ($this->accessLevel === 'owner') {
238			$query->where('owner_id', $this->id);
			0 ignored issues – show Bug introduced 2017-05-01 19:31 UTC by Report Bug Copy Issue Report The method `where` does only exist in `Illuminate\Database\Eloquent\Builder`, but not in `Illuminate\Database\Eloquent\Model`. It seems like the method you are trying to call exists only in some of the possible types. Let’s take a look at an example: class A { public function foo() { } } class B extends A { public function bar() { } } /** * @param A\|B $x / function someFunction($x) { $x->foo(); // This call is fine as the method exists in A and B. $x->bar(); // This method only exists in B and might cause an error. } Available Fixes Add an additional type-check: /* * @param A\|B $x / function someFunction($x) { $x->foo(); if ($x instanceof B) { $x->bar(); } } Only allow a single type to be passed if the variable comes from a parameter: function someFunction(B $x) { /* ... */ } Loading history...
239			}
240
241			// If set to all, display all servers they can access, including
242			// those they access as an admin.
243			//
244			// If set to subuser, only return the servers they can access because
245			// they are owner, or marked as a subuser of the server.
246			if (($this->accessLevel === 'all' && ! $this->isRootAdmin()) \|\| $this->accessLevel === 'subuser') {
247			$query->whereIn('id', $this->serverAccessArray());
248			}
249
250			// If set to admin, only display the servers a user can access
251			// as an administrator (leaves out owned and subuser of).
252			if ($this->accessLevel === 'admin' && $this->isRootAdmin()) {
253			$query->whereNotIn('id', $this->serverAccessArray());
254			}
255
256			return $query;
257			}
258
259			/**
260			* Returns all permissions that a user has.
261			*
262			* @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
263			*/
264			public function permissions()
265			{
266			return $this->hasManyThrough(Permission::class, Subuser::class);
267			}
268
269			/**
270			* Returns all servers that a user owns.
271			*
272			* @return \Illuminate\Database\Eloquent\Relations\HasMany
273			*/
274			public function servers()
275			{
276			return $this->hasMany(Server::class, 'owner_id');
277			}
278
279			/**
280			* Return all servers that user is listed as a subuser of directly.
281			*
282			* @return \Illuminate\Database\Eloquent\Relations\HasMany
283			*/
284			public function subuserOf()
285			{
286			return $this->hasMany(Subuser::class);
287			}
288			}
289

Pterodactyl / Panel

GitHub Access Token became invalid

Push — develop ( ae6b0f...6dc1c1 )

User::access() D

Complexity

Size

Duplication

Importance

How to fix Complexity

Long Method

Available Fixes

Duplication Side-by-Side

Filter issues like