Issues in AccessControl.php - Fixed Issues - Inspection of "AccessControl : remove loosely comparing preg_matc..." - SimLibaud/SilRouteSecurityBundle - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 60c0c3...bf6775 )

by Simon

created 2017-07-24 09:58 UTC

Security/AccessControl.php (2 issues)

Labels

Severity

Major 2

<?php
/**
 * User: Simon Libaud
 * Date: 19/03/2017
 * Email: [email protected]
 */

namespace Sil\RouteSecurityBundle\Security;

use Sil\RouteSecurityBundle\Interfaces\NamingStrategyInterface;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * Class AccessControl
 * @package Sil\RouteSecurityBundl\Security
 */
class AccessControl
{

    private $router;
    private $routeToRoleConverter;
    private $is_access_control_enable;
    private $secured_routes;
    private $secured_routes_format;
    private $ignored_routes;
    private $ignored_routes_format;

    public function __construct(RouterInterface $router, NamingStrategyInterface $routeToRoleConverter, $configuration)
    {
        $this->router = $router;
        $this->routeToRoleConverter = $routeToRoleConverter;

        $this->is_access_control_enable = $configuration['enable_access_control'];
        $this->secured_routes = $configuration['secured_routes'];
        $this->secured_routes_format = $configuration['secured_routes_format'];
        $this->ignored_routes = $configuration['ignored_routes'];
        $this->ignored_routes_format = $configuration['ignored_routes_format'];
    }

    /**
     * Verify if  user has access to a specific route
     *
     * @param UserInterface $user
     * @param string $route
     * @return bool
     */
    public function hasUserAccessToRoute(UserInterface $user, $route)
    {
        if (false === $this->is_access_control_enable || false === $this->isRouteSecure($route)) {
            return true;
        }

        $role = $this->routeToRoleConverter->generateRoleForRoute($route);
        return in_array($role, $user->getRoles());
    }

    /**
     * Verify if user has access to all routes
     *
     * @param UserInterface $user
     * @param array $routes
     * @return bool
     */
    public function hasUserAccessToRoutes(UserInterface $user, $routes)
    {
        foreach ($routes as $route) {
            if (false === $this->hasUserAccessToRoute($user, $route)) {
                return false;
            }
        }

        return true;
    }

    /**
     * Verify if user has access to one of routes
     *
     * @param UserInterface $user
     * @param $routes
     * @return bool
     */
    public function hasUserAccessAtLeastOneRoute(UserInterface $user, $routes)
    {
        foreach ($routes as $route) {
            if (true === $this->hasUserAccessToRoute($user, $route)) {
                return true;
            }
        }

        return false;
    }


    /**
     * Check if the given route is manage by the bundle depending of the configuration
     *
     * @param string $route
     * @return bool
     */
    public function isRouteSecure($route)
    {
        return in_array($route, $this->getSecuredRoutes());
    }

    /**
     * Return the secured routes depending of the bundle configuration
     *
     * @return array $secured_routes
     */
    public function getSecuredRoutes()
    {
        $configured_routes = array_keys($this->router->getRouteCollection()->all());
        $secured_routes = [];

        foreach ($configured_routes as $route) {

            // Ignored routes
            if (in_array($route, $this->ignored_routes)) {
                continue;
            }

            // Ignored routes format
            if (null !== $this->ignored_routes_format && true == preg_match($this->ignored_routes_format, $route)) {

                continue;
            }

            // Secured routes
            if (true === in_array($route, $this->secured_routes)) {
                $secured_routes[] = $route;
                continue;
            }

            // Secured routes format
            if (null !== $this->secured_routes_format && true == preg_match($this->secured_routes_format, $route)) {

                $secured_routes[] = $route;
                continue;
            }
        }

        return $secured_routes;
    }

    /**
     * @return bool
     */
    public function isEnable()
    {
        return $this->is_access_control_enable;
    }

}

1		<?php
2		/**
3		* User: Simon Libaud
4		* Date: 19/03/2017
5		* Email: [email protected]
6		*/
7
8		namespace Sil\RouteSecurityBundle\Security;
9
10		use Sil\RouteSecurityBundle\Interfaces\NamingStrategyInterface;
11		use Symfony\Component\Routing\RouterInterface;
12		use Symfony\Component\Security\Core\User\UserInterface;
13
14		/**
15		* Class AccessControl
16		* @package Sil\RouteSecurityBundl\Security
17		*/
18		class AccessControl
19		{
20
21		private $router;
22		private $routeToRoleConverter;
23		private $is_access_control_enable;
24		private $secured_routes;
25		private $secured_routes_format;
26		private $ignored_routes;
27		private $ignored_routes_format;
28
29		public function __construct(RouterInterface $router, NamingStrategyInterface $routeToRoleConverter, $configuration)
30		{
31		$this->router = $router;
32		$this->routeToRoleConverter = $routeToRoleConverter;
33
34		$this->is_access_control_enable = $configuration['enable_access_control'];
35		$this->secured_routes = $configuration['secured_routes'];
36		$this->secured_routes_format = $configuration['secured_routes_format'];
37		$this->ignored_routes = $configuration['ignored_routes'];
38		$this->ignored_routes_format = $configuration['ignored_routes_format'];
39		}
40
41		/**
42		* Verify if user has access to a specific route
43		*
44		* @param UserInterface $user
45		* @param string $route
46		* @return bool
47		*/
48		public function hasUserAccessToRoute(UserInterface $user, $route)
49		{
50		if (false === $this->is_access_control_enable \|\| false === $this->isRouteSecure($route)) {
51		return true;
52		}
53
54		$role = $this->routeToRoleConverter->generateRoleForRoute($route);
55		return in_array($role, $user->getRoles());
56		}
57
58		/**
59		* Verify if user has access to all routes
60		*
61		* @param UserInterface $user
62		* @param array $routes
63		* @return bool
64		*/
65	View Code Duplication	public function hasUserAccessToRoutes(UserInterface $user, $routes)
66		{
67		foreach ($routes as $route) {
68		if (false === $this->hasUserAccessToRoute($user, $route)) {
69		return false;
70		}
71		}
72
73		return true;
74		}
75
76		/**
77		* Verify if user has access to one of routes
78		*
79		* @param UserInterface $user
80		* @param $routes
81		* @return bool
82		*/
83	View Code Duplication	public function hasUserAccessAtLeastOneRoute(UserInterface $user, $routes)
84		{
85		foreach ($routes as $route) {
86		if (true === $this->hasUserAccessToRoute($user, $route)) {
87		return true;
88		}
89		}
90
91		return false;
92		}
93
94
95		/**
96		* Check if the given route is manage by the bundle depending of the configuration
97		*
98		* @param string $route
99		* @return bool
100		*/
101		public function isRouteSecure($route)
102		{
103		return in_array($route, $this->getSecuredRoutes());
104		}
105
106		/**
107		* Return the secured routes depending of the bundle configuration
108		*
109		* @return array $secured_routes
110		*/
111		public function getSecuredRoutes()
112		{
113		$configured_routes = array_keys($this->router->getRouteCollection()->all());
114		$secured_routes = [];
115
116		foreach ($configured_routes as $route) {
117
118		// Ignored routes
119		if (in_array($route, $this->ignored_routes)) {
120		continue;
121		}
122
123		// Ignored routes format
124		if (null !== $this->ignored_routes_format && true == preg_match($this->ignored_routes_format, $route)) {
		0 ignored issues – show Bug Best Practice introduced 2017-07-24 08:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing `preg_match($this->ignored_routes_format, $route)` of type `integer` to the boolean `true`. If you are specifically checking for non-zero, consider using something more explicit like `> 0` or `!== 0` instead. Loading history...
125		continue;
126		}
127
128		// Secured routes
129		if (true === in_array($route, $this->secured_routes)) {
130		$secured_routes[] = $route;
131		continue;
132		}
133
134		// Secured routes format
135		if (null !== $this->secured_routes_format && true == preg_match($this->secured_routes_format, $route)) {
		0 ignored issues – show Bug Best Practice introduced 2017-07-24 08:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing `preg_match($this->secured_routes_format, $route)` of type `integer` to the boolean `true`. If you are specifically checking for non-zero, consider using something more explicit like `> 0` or `!== 0` instead. Loading history...
136		$secured_routes[] = $route;
137		continue;
138		}
139		}
140
141		return $secured_routes;
142		}
143
144		/**
145		* @return bool
146		*/
147		public function isEnable()
148		{
149		return $this->is_access_control_enable;
150		}
151
152		}

SimLibaud / SilRouteSecurityBundle

Push — master ( 60c0c3...bf6775 )

Security/AccessControl.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like