ResourceAC::asEverybody() - Code Metrics - Inspection of "Finish 5.5.0" - Schlaefer/Saito - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 7d085e...e849bf )

by Schlaefer

created 2019-11-16 20:41 UTC

ResourceAC::asEverybody() A

↳ Parent: ResourceAC

Complexity

Conditions	2
Paths	2

Size

Total Lines	8
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	2
eloc	4
c	1
b	0
f	0
nc	2
nop	0
dl	0
loc	8
rs	10

<?php

declare(strict_types=1);

/**
 * Saito - The Threaded Web Forum
 *
 * @copyright Copyright (c) the Saito Project Developers
 * @link https://github.com/Schlaefer/Saito
 * @license http://opensource.org/licenses/MIT
 */

namespace Saito\User\Permission;

use Saito\App\Registry;

/**
 * Resource Access Control
 */
class ResourceAC
{
    /** @var array Roles as array_keys [<roleName> => true] */
    protected $asRole = [];

    /** @var array Roles as array_keys [<roleName> => true] */
    protected $onRole = [];

    protected $onOwn = false;

    protected $everybody = false;

    protected $locked = false;

    /**
     * Lock the permision and disallow further changes
     *
     * @return self
     */
    public function lock(): self
    {
        $this->locked = true;

        return $this;
    }

    /**
     * Permission granted as role
     *
     * @param string $role role
     * @return self
     */
    public function asRole(string $role): self
    {
        if ($this->locked) {
            $this->handleLocked();
        }
        $this->asRole[$role] = true;

        return $this;
    }

    /**
     * Permission granted on role
     *
     * @param string $role role
     * @return self
     */
    public function onRole(string $role): self
    {
        if ($this->locked) {
            $this->handleLocked();
        }
        $this->onRole[$role] = true;

        return $this;
    }

    /**
     * Permissions granted on roles
     *
     * @param string ...$roles Roles
     * @return self
     */
    public function onRoles(...$roles): self
    {
        foreach ($roles as $role) {
            $this->onRole($role);
        }

        return $this;
    }

    /**
     * Permission granted on owner
     *
     * @return self
     */
    public function onOwn(): self
    {
        if ($this->locked) {
            $this->handleLocked();
        }
        $this->onOwn = true;

        return $this;
    }

    /**
     * Permission granted for everybody
     *
     * @return self
     */
    public function asEverybody(): self
    {
        if ($this->locked) {
            $this->handleLocked();
        }
        $this->everybody = true;

        return $this;
    }

    /**
     * Check permission against identity-provider
     *
     * @param ResourceAI $identity identity
     * @return bool
     */
    public function check(ResourceAI $identity): bool
    {
        if (!empty($this->onRole)) {
            $role = $identity->getRole();
            if ($role === null || !isset($this->onRole[$role])) {
                return false;
            }
        }

        if ($this->everybody === true) {
            return true;
        }

        if ($this->onOwn === true) {
            $CU = $identity->getUser();
            $owner = $identity->getOwner();
            if ($CU !== null && $owner !== null && $CU->getId() === $owner) {
                return true;
            }
        }

        if (!empty($this->asRole)) {
            $CU = $identity->getUser();
            if ($CU !== null) {
                // @td Attach to CU
                $roles = Registry::get('Permissions')->getRoles();
                $allRoles = $roles->get($CU->getRole());
                foreach ($allRoles as $role) {
                    if (isset($this->asRole[$role])) {
                        return true;
                    }
                }
            }
        }

        return false;
    }

    /**
     * Handle access to locked permission config
     *
     * @return void
     * @throws \RuntimeException
     */
    protected function handleLocked(): void
    {
        throw new \RuntimeException('PermissionProvider is locked.', 1573820147);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/**
6			* Saito - The Threaded Web Forum
7			*
8			* @copyright Copyright (c) the Saito Project Developers
9			* @link https://github.com/Schlaefer/Saito
10			* @license http://opensource.org/licenses/MIT
11			*/
12
13			namespace Saito\User\Permission;
14
15			use Saito\App\Registry;
16
17			/**
18			* Resource Access Control
19			*/
20			class ResourceAC
21			{
22			/** @var array Roles as array_keys [<roleName> => true] */
23			protected $asRole = [];
24
25			/** @var array Roles as array_keys [<roleName> => true] */
26			protected $onRole = [];
27
28			protected $onOwn = false;
29
30			protected $everybody = false;
31
32			protected $locked = false;
33
34			/**
35			* Lock the permision and disallow further changes
36			*
37			* @return self
38			*/
39			public function lock(): self
40			{
41			$this->locked = true;
42
43			return $this;
44			}
45
46			/**
47			* Permission granted as role
48			*
49			* @param string $role role
50			* @return self
51			*/
52			public function asRole(string $role): self
53			{
54			if ($this->locked) {
55			$this->handleLocked();
56			}
57			$this->asRole[$role] = true;
58
59			return $this;
60			}
61
62			/**
63			* Permission granted on role
64			*
65			* @param string $role role
66			* @return self
67			*/
68			public function onRole(string $role): self
69			{
70			if ($this->locked) {
71			$this->handleLocked();
72			}
73			$this->onRole[$role] = true;
74
75			return $this;
76			}
77
78			/**
79			* Permissions granted on roles
80			*
81			* @param string ...$roles Roles
82			* @return self
83			*/
84			public function onRoles(...$roles): self
85			{
86			foreach ($roles as $role) {
87			$this->onRole($role);
88			}
89
90			return $this;
91			}
92
93			/**
94			* Permission granted on owner
95			*
96			* @return self
97			*/
98			public function onOwn(): self
99			{
100			if ($this->locked) {
101			$this->handleLocked();
102			}
103			$this->onOwn = true;
104
105			return $this;
106			}
107
108			/**
109			* Permission granted for everybody
110			*
111			* @return self
112			*/
113			public function asEverybody(): self
114			{
115			if ($this->locked) {
116			$this->handleLocked();
117			}
118			$this->everybody = true;
119
120			return $this;
121			}
122
123			/**
124			* Check permission against identity-provider
125			*
126			* @param ResourceAI $identity identity
127			* @return bool
128			*/
129			public function check(ResourceAI $identity): bool
130			{
131			if (!empty($this->onRole)) {
132			$role = $identity->getRole();
133			if ($role === null \|\| !isset($this->onRole[$role])) {
134			return false;
135			}
136			}
137
138			if ($this->everybody === true) {
139			return true;
140			}
141
142			if ($this->onOwn === true) {
143			$CU = $identity->getUser();
144			$owner = $identity->getOwner();
145			if ($CU !== null && $owner !== null && $CU->getId() === $owner) {
146			return true;
147			}
148			}
149
150			if (!empty($this->asRole)) {
151			$CU = $identity->getUser();
152			if ($CU !== null) {
153			// @td Attach to CU
154			$roles = Registry::get('Permissions')->getRoles();
155			$allRoles = $roles->get($CU->getRole());
156			foreach ($allRoles as $role) {
157			if (isset($this->asRole[$role])) {
158			return true;
159			}
160			}
161			}
162			}
163
164			return false;
165			}
166
167			/**
168			* Handle access to locked permission config
169			*
170			* @return void
171			* @throws \RuntimeException
172			*/
173			protected function handleLocked(): void
174			{
175			throw new \RuntimeException('PermissionProvider is locked.', 1573820147);
176			}
177			}
178

Schlaefer / Saito

Push — master ( 7d085e...e849bf )

ResourceAC::asEverybody() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like