PrivilegeQuery - Code Metrics - YetiForceCompany/YetiForceCRM - Measure and Improve Code Quality continuously with Scrutinizer

PrivilegeQuery A
last analyzed 2024-09-13 12:00 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	133
Duplicated Lines	0 %

Test Coverage

Coverage

23.44%

Importance

Changes

Metric	Value
wmc	33
eloc	72
dl	0
loc	133
ccs	15
cts	64
cp	0.2344
rs	9.76
c	0
b	0
f	0

3 Methods

Rating	Name	Size	Complexity
A	getConditions()	6	3
A	setPermissionInterpreter()	3	1
F	getPrivilegeQuery()	84	29

<?php

namespace App;

/**
 * Privilege File basic class.
 *
 * @package App
 *
 * @copyright YetiForce S.A.
 * @license   YetiForce Public License 6.5 (licenses/LicenseEN.txt or yetiforce.com)
 * @author    Mariusz Krzaczkowski <[email protected]>
 * @author    Radosław Skrzypczak <[email protected]>
 */
class PrivilegeQuery
{
	/**
	 * Interpreter for privilege.
	 *
	 * @var string
	 */
	private static $interpreter;

	/**
	 * Sets interpreter.
	 *
	 * @param string $className
	 *
	 * @return void
	 */
	public static function setPermissionInterpreter(string $className)
	{
		static::$interpreter = $className;

	}

	/**
	 * Undocumented function.
	 *
	 * @param \App\Db\Query $query
	 * @param string        $moduleName
	 * @param int           $user
	 * @param int           $relatedRecord
	 *
	 * @return void
	 */
	public static function getConditions(Db\Query $query, string $moduleName, $user = false, $relatedRecord = null)
	{
		if (!empty(static::$interpreter) && class_exists(static::$interpreter)) {

			return (static::$interpreter)::getConditions($query, $moduleName, $user, $relatedRecord);
		}
		static::getPrivilegeQuery($query, $moduleName, $user, $relatedRecord);
	}

	/**
	 * Undocumented function.
	 *
	 * @param \App\Db\Query $query
	 * @param string        $moduleName
	 * @param int|\App\User $user
	 * @param int           $relatedRecord
	 *
	 * @return void
	 */
	public static function getPrivilegeQuery(Db\Query $query, $moduleName, $user = false, $relatedRecord = null)
	{
		if ($user && $user instanceof User) {
			$userId = $user->getId();
		} elseif (!$user) {
			$userId = \App\User::getCurrentUserId();
		}
		$userModel = \Users_Privileges_Model::getInstanceById($userId);

		if (!$userModel->isAdminUser() && \App\Config::security('PERMITTED_BY_PRIVATE_FIELD') && ($fieldInfo = \App\Field::getFieldInfo('private', $moduleName)) && \in_array($fieldInfo['presence'], [0, 2])) {
			$owners = array_merge([$userId], $userModel->groups);

			$conditions = ['or'];
			$conditions[] = ['vtiger_crmentity.private' => 0];
			$subConditions = ['or', ['vtiger_crmentity.smownerid' => $owners]];
			if (\App\Config::security('PERMITTED_BY_SHARED_OWNERS')) {
				$subQuery = (new \App\Db\Query())->select(['crmid'])->distinct()
					->from('u_yf_crmentity_showners')
					->where(['userid' => $owners]);
				$subConditions[] = ['vtiger_crmentity.crmid' => $subQuery];
			}
			$conditions[] = ['and', ['vtiger_crmentity.private' => 1], $subConditions];
			$query->andWhere($conditions);
		}
		if (\App\Config::security('PERMITTED_BY_RECORD_HIERARCHY') && !empty($relatedRecord)) {
			$role = $userModel->getRoleDetail();
			if (2 == $role->get('listrelatedrecord')) {
				$parentRecord = \Users_Privileges_Model::getParentRecord($relatedRecord, false, $role->get('listrelatedrecord'));
				if ($parentRecord) {
					$relatedRecord = $parentRecord;
				}
			}
			if (0 != $role->get('listrelatedrecord')) {

				$recordMetaData = \vtlib\Functions::getCRMRecordMetadata($relatedRecord);
				$recordPermission = Privilege::isPermitted($recordMetaData['setype'], 'DetailView', $relatedRecord, $userId);
				if ($recordPermission) {
					return '';

				}
			}
		}
		$tabId = Module::getModuleId($moduleName);
		if (!$userModel->isAdminUser() && 1 == $userModel->profile_global_permission[1] && 1 == $userModel->profile_global_permission[2] && 3 === ($userModel->defaultOrgSharingPermission[$tabId] ?? null)) {

			$conditions = ['or'];
			$conditions[] = ['vtiger_crmentity.smownerid' => $userId];
			if (!empty($userModel->groups)) {
				$conditions[] = ['vtiger_crmentity.smownerid' => $userModel->groups];
			}
			if (($modules = \App\Config::security('permittedModulesByCreatorField')) && \in_array($moduleName, $modules)) {
				$conditions[] = ['vtiger_crmentity.smcreatorid' => $userId];
			}
			if (\App\Config::security('PERMITTED_BY_ROLES')) {
				$parentRoleSeq = $userModel->parent_role_seq;

				$subQuery = (new \App\Db\Query())->select(['userid'])
					->from('vtiger_user2role')
					->innerJoin('vtiger_users', 'vtiger_user2role.userid = vtiger_users.id')
					->innerJoin('vtiger_role', 'vtiger_user2role.roleid = vtiger_role.roleid')
					->where(['like', 'vtiger_role.parentrole', "$parentRoleSeq::%", false]);
				$conditions[] = ['vtiger_crmentity.smownerid' => $subQuery];
			}
			if (\App\Config::security('PERMITTED_BY_SHARING')) {
				$sharingPrivileges = \App\User::getSharingFile($userId);
				if (isset($sharingPrivileges['permission'][$moduleName])) {
					$sharingPrivilegesModule = $sharingPrivileges['permission'][$moduleName];
					$sharingRuleInfo = $sharingPrivilegesModule['read'];
					if (!empty($sharingRuleInfo['ROLE'])) {
						$subQuery = (new \App\Db\Query())->select(['shareduserid'])
							->from('vtiger_tmp_read_user_sharing_per')
							->where(['userid' => $userId, 'tabid' => $tabId]);
						$conditions[] = ['vtiger_crmentity.smownerid' => $subQuery];
					}
					if (!empty($sharingRuleInfo['GROUP'])) {
						$subQuery = (new \App\Db\Query())->select(['sharedgroupid'])
							->from('vtiger_tmp_read_group_sharing_per')
							->where(['userid' => $userId, 'tabid' => $tabId]);
						$conditions[] = ['vtiger_crmentity.smownerid' => $subQuery];
					}
				}
			}
			if (\App\Config::security('PERMITTED_BY_SHARED_OWNERS')) {
				$subQuery = (new \App\Db\Query())->select(['crmid'])->distinct()
					->from('u_yf_crmentity_showners')
					->where(['userid' => array_merge([$userId], $userModel->groups)]);
				$conditions[] = ['vtiger_crmentity.crmid' => $subQuery];
			}
			if (!empty($conditions)) {
				$query->andWhere($conditions);
			}
		}
	}
}


1		<?php
2
3		namespace App;
4
5		/**
6		* Privilege File basic class.
7		*
8		* @package App
9		*
10		* @copyright YetiForce S.A.
11		* @license YetiForce Public License 6.5 (licenses/LicenseEN.txt or yetiforce.com)
12		* @author Mariusz Krzaczkowski <[email protected]>
13		* @author Radosław Skrzypczak <[email protected]>
14		*/
15		class PrivilegeQuery
16		{
17		/**
18		* Interpreter for privilege.
19		*
20		* @var string
21		*/
22		private static $interpreter;
23
24		/**
25		* Sets interpreter.
26		*
27		* @param string $className
28		*
29		* @return void
30		*/
31		public static function setPermissionInterpreter(string $className)
32		{
33		static::$interpreter = $className;
		0 ignored issues – show Bug introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report Since `$interpreter` is declared private, accessing it with `static` will lead to errors in possible sub-classes; you can either use `self`, or increase the visibility of `$interpreter` to at least protected. Loading history...
34		}
35
36		/**
37		* Undocumented function.
38		*
39		* @param \App\Db\Query $query
40		* @param string $moduleName
41		* @param int $user
42		* @param int $relatedRecord
43	3	*
44		* @return void
45	3	*/
46		public static function getConditions(Db\Query $query, string $moduleName, $user = false, $relatedRecord = null)
47		{
48	3	if (!empty(static::$interpreter) && class_exists(static::$interpreter)) {
		0 ignored issues – show Bug introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report Since `$interpreter` is declared private, accessing it with `static` will lead to errors in possible sub-classes; you can either use `self`, or increase the visibility of `$interpreter` to at least protected. Loading history...
49	3	return (static::$interpreter)::getConditions($query, $moduleName, $user, $relatedRecord);
50		}
51		static::getPrivilegeQuery($query, $moduleName, $user, $relatedRecord);
52		}
53
54		/**
55		* Undocumented function.
56		*
57		* @param \App\Db\Query $query
58		* @param string $moduleName
59		* @param int\|\App\User $user
60		* @param int $relatedRecord
61	3	*
62		* @return void
63	3	*/
64	3	public static function getPrivilegeQuery(Db\Query $query, $moduleName, $user = false, $relatedRecord = null)
65		{
66		if ($user && $user instanceof User) {
67		$userId = $user->getId();
68	3	} elseif (!$user) {
69	3	$userId = \App\User::getCurrentUserId();
70	3	}
71	3	$userModel = \Users_Privileges_Model::getInstanceById($userId);
		0 ignored issues – show Comprehensibility Best Practice introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report The variable `$userId` does not seem to be defined for all execution paths leading up to this point. Loading history...
72		if (!$userModel->isAdminUser() && \App\Config::security('PERMITTED_BY_PRIVATE_FIELD') && ($fieldInfo = \App\Field::getFieldInfo('private', $moduleName)) && \in_array($fieldInfo['presence'], [0, 2])) {
73		$owners = array_merge([$userId], $userModel->groups);
		0 ignored issues – show Bug introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report The property `groups` does not seem to exist on `Users_Privileges_Model`. Loading history...
74		$conditions = ['or'];
75		$conditions[] = ['vtiger_crmentity.private' => 0];
76		$subConditions = ['or', ['vtiger_crmentity.smownerid' => $owners]];
77	3	if (\App\Config::security('PERMITTED_BY_SHARED_OWNERS')) {
78		$subQuery = (new \App\Db\Query())->select(['crmid'])->distinct()
79		->from('u_yf_crmentity_showners')
80		->where(['userid' => $owners]);
81		$subConditions[] = ['vtiger_crmentity.crmid' => $subQuery];
82		}
83		$conditions[] = ['and', ['vtiger_crmentity.private' => 1], $subConditions];
84		$query->andWhere($conditions);
85	3	}
86	3	if (\App\Config::security('PERMITTED_BY_RECORD_HIERARCHY') && !empty($relatedRecord)) {
87		$role = $userModel->getRoleDetail();
88		if (2 == $role->get('listrelatedrecord')) {
89		$parentRecord = \Users_Privileges_Model::getParentRecord($relatedRecord, false, $role->get('listrelatedrecord'));
90		if ($parentRecord) {
91		$relatedRecord = $parentRecord;
92		}
93		}
94		if (0 != $role->get('listrelatedrecord')) {
		0 ignored issues – show Bug Best Practice introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing `$role->get('listrelatedrecord')` of type `mixed\|null` to `0`; this is ambiguous as not only `0 == 0` is true, but `null == 0` is true, too. Consider using a strict comparison `===`. Loading history...
95		$recordMetaData = \vtlib\Functions::getCRMRecordMetadata($relatedRecord);
96		$recordPermission = Privilege::isPermitted($recordMetaData['setype'], 'DetailView', $relatedRecord, $userId);
97		if ($recordPermission) {
98		return '';
		0 ignored issues – show Bug Best Practice introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report The expression `return ''` returns the type `string` which is incompatible with the documented return type `void`. Loading history...
99		}
100		}
101		}
102		$tabId = Module::getModuleId($moduleName);
103		if (!$userModel->isAdminUser() && 1 == $userModel->profile_global_permission[1] && 1 == $userModel->profile_global_permission[2] && 3 === ($userModel->defaultOrgSharingPermission[$tabId] ?? null)) {
		0 ignored issues – show Bug introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report The property `defaultOrgSharingPermission` does not seem to exist on `Users_Privileges_Model`. Loading history... Bug introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report The property `profile_global_permission` does not seem to exist on `Users_Privileges_Model`. Loading history...
104		$conditions = ['or'];
105		$conditions[] = ['vtiger_crmentity.smownerid' => $userId];
106		if (!empty($userModel->groups)) {
107		$conditions[] = ['vtiger_crmentity.smownerid' => $userModel->groups];
108		}
109		if (($modules = \App\Config::security('permittedModulesByCreatorField')) && \in_array($moduleName, $modules)) {
110		$conditions[] = ['vtiger_crmentity.smcreatorid' => $userId];
111		}
112		if (\App\Config::security('PERMITTED_BY_ROLES')) {
113		$parentRoleSeq = $userModel->parent_role_seq;
		0 ignored issues – show Bug introduced 2021-04-24 21:59 UTC by Report Bug Copy Issue Report The property `parent_role_seq` does not seem to exist on `Users_Privileges_Model`. Loading history...
114		$subQuery = (new \App\Db\Query())->select(['userid'])
115		->from('vtiger_user2role')
116		->innerJoin('vtiger_users', 'vtiger_user2role.userid = vtiger_users.id')
117		->innerJoin('vtiger_role', 'vtiger_user2role.roleid = vtiger_role.roleid')
118		->where(['like', 'vtiger_role.parentrole', "$parentRoleSeq::%", false]);
119		$conditions[] = ['vtiger_crmentity.smownerid' => $subQuery];
120		}
121		if (\App\Config::security('PERMITTED_BY_SHARING')) {
122		$sharingPrivileges = \App\User::getSharingFile($userId);
123		if (isset($sharingPrivileges['permission'][$moduleName])) {
124		$sharingPrivilegesModule = $sharingPrivileges['permission'][$moduleName];
125		$sharingRuleInfo = $sharingPrivilegesModule['read'];
126		if (!empty($sharingRuleInfo['ROLE'])) {
127		$subQuery = (new \App\Db\Query())->select(['shareduserid'])
128		->from('vtiger_tmp_read_user_sharing_per')
129		->where(['userid' => $userId, 'tabid' => $tabId]);
130		$conditions[] = ['vtiger_crmentity.smownerid' => $subQuery];
131		}
132		if (!empty($sharingRuleInfo['GROUP'])) {
133	3	$subQuery = (new \App\Db\Query())->select(['sharedgroupid'])
134		->from('vtiger_tmp_read_group_sharing_per')
135		->where(['userid' => $userId, 'tabid' => $tabId]);
136		$conditions[] = ['vtiger_crmentity.smownerid' => $subQuery];
137		}
138		}
139		}
140		if (\App\Config::security('PERMITTED_BY_SHARED_OWNERS')) {
141		$subQuery = (new \App\Db\Query())->select(['crmid'])->distinct()
142		->from('u_yf_crmentity_showners')
143		->where(['userid' => array_merge([$userId], $userModel->groups)]);
144		$conditions[] = ['vtiger_crmentity.crmid' => $subQuery];
145		}
146		if (!empty($conditions)) {
147		$query->andWhere($conditions);
148		}
149		}
150		}
151		}
152

YetiForceCompany / YetiForceCRM

PrivilegeQuery A last analyzed 2024-09-13 12:00 UTC

Complexity

Size/Duplication

Test Coverage

Importance

3 Methods

Duplication Side-by-Side

Filter issues like

PrivilegeQuery A
last analyzed 2024-09-13 12:00 UTC