VerifyPermission::handle() - Code Metrics - Inspection of "Re-add scrutinizer" - XetaIO/Xetaravel - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — master (a6481d)

by Fèvre

created 2017-05-04 00:16 UTC

VerifyPermission::handle() B

↳ Parent: VerifyPermission

Complexity

Conditions	5
Paths	3

Size

Total Lines	12
Code Lines	6

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
dl	0
loc	12
rs	8.8571
c	1
b	0
f	0
cc	5
eloc	6
nc	3
nop	3

<?php
namespace Xetaravel\Http\Middleware;

use Closure;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Http\Request;
use Ultraware\Roles\Exceptions\PermissionDeniedException;

class VerifyPermission
{
    /**
     * @var Guard
     */
    protected $auth;

    /**
     * Create a new filter instance.
     *
     * @param Guard $auth
     */
    public function __construct(Guard $auth)
    {
        $this->auth = $auth;
    }

    /**
     * Handle an incoming request.
     *
     * @param Request $request
     * @param \Closure $next
     * @param int|string $permission

     * @return mixed
     * @throws \Ultraware\Roles\Exceptions\PermissionDeniedException
     */
    public function handle($request, Closure $next, ...$permission)
    {
        if (!$this->auth->check() && in_array('allowGuest', $permission)) {
            return $next($request);
        }
        
        if ($this->auth->check() && $this->auth->user()->hasPermission($permission[0])) {
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
            return $next($request);
        }

        throw new PermissionDeniedException($permission[0]);
    }
}


1			<?php
2			namespace Xetaravel\Http\Middleware;
3
4			use Closure;
5			use Illuminate\Contracts\Auth\Guard;
6			use Illuminate\Http\Request;
7			use Ultraware\Roles\Exceptions\PermissionDeniedException;
8
9			class VerifyPermission
10			{
11			/**
12			* @var Guard
13			*/
14			protected $auth;
15
16			/**
17			* Create a new filter instance.
18			*
19			* @param Guard $auth
20			*/
21			public function __construct(Guard $auth)
22			{
23			$this->auth = $auth;
24			}
25
26			/**
27			* Handle an incoming request.
28			*
29			* @param Request $request
30			* @param \Closure $next
31			* @param int\|string $permission
			0 ignored issues – show Documentation introduced 2017-05-04 00:08 UTC by Report Bug Copy Issue Report Should the type for parameter `$permission` not be `array<integer\|string>`? This check looks for `@param` annotations where the type inferred by our type inference engine differs from the declared type. It makes a suggestion as to what type it considers more descriptive. Most often this is a case of a parameter that can be null in addition to its declared types. Loading history...
32			* @return mixed
33			* @throws \Ultraware\Roles\Exceptions\PermissionDeniedException
34			*/
35			public function handle($request, Closure $next, ...$permission)
36			{
37			if (!$this->auth->check() && in_array('allowGuest', $permission)) {
38			return $next($request);
39			}
40
41			if ($this->auth->check() && $this->auth->user()->hasPermission($permission[0])) {
			0 ignored issues – show Bug introduced 2017-05-03 18:29 UTC by Report Bug Copy Issue Report It seems like you code against a concrete implementation and not the interface `Illuminate\Contracts\Auth\Authenticatable` as the method `hasPermission()` does only exist in the following implementations of said interface: `Xetaravel\Models\User`. Let’s take a look at an example: interface User { /** @return string / public function getPassword(); } class MyUser implements User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the interface: interface User { /** @return string / public function getPassword(); /* @return string */ public function getDisplayName(); } Loading history...
42			return $next($request);
43			}
44
45			throw new PermissionDeniedException($permission[0]);
46			}
47			}
48

XetaIO / Xetaravel

Branch — master (a6481d)

VerifyPermission::handle() B

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like