Issues in FeatureSecurity.php - Failed Issues - Inspection of "Doctrine entity annotations" - adespresso/FeatureBundle - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — master (#12)

by Emanuele

created 2016-03-31 20:59 UTC

Security/FeatureSecurity.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Ae\FeatureBundle\Security;

use Symfony\Component\Security\Core\SecurityContextInterface;
use Ae\FeatureBundle\Entity\Feature;

/**
 * Controls access to a Feature.
 *
 * @author Carlo Forghieri <[email protected]>
 */
class FeatureSecurity
{
    protected $context;

    /**
     * @param \Symfony\Component\Security\Core\SecurityContextInterface $context
     */
    public function __construct(SecurityContextInterface $context = null)
    {
        $this->context = $context;
    }

    /**
     * @param \Ae\FeatureBundle\Entity\Feature $feature
     *
     * @return bool
     */
    public function isGranted(Feature $feature)
    {
        if (null === $this->context) {
            return false;
        }

        if (!$feature->isEnabled()) {
            return false;
        }

        if ($feature->getRole()) {
            if (!$this->context->isGranted($feature->getRole())) {
                return false;
            }
        }

        if ($feature->getParentRole()) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            if (!$this->context->isGranted($feature->getParentRole())) {
                return false;
            }
        }

        return true;
    }
}


1		<?php
2
3		namespace Ae\FeatureBundle\Security;
4
5		use Symfony\Component\Security\Core\SecurityContextInterface;
6		use Ae\FeatureBundle\Entity\Feature;
7
8		/**
9		* Controls access to a Feature.
10		*
11		* @author Carlo Forghieri <[email protected]>
12		*/
13		class FeatureSecurity
14		{
15		protected $context;
16
17		/**
18		* @param \Symfony\Component\Security\Core\SecurityContextInterface $context
19		*/
20	4	public function __construct(SecurityContextInterface $context = null)
21		{
22	4	$this->context = $context;
23	4	}
24
25		/**
26		* @param \Ae\FeatureBundle\Entity\Feature $feature
27		*
28		* @return bool
29		*/
30	4	public function isGranted(Feature $feature)
31		{
32	4	if (null === $this->context) {
33		return false;
34		}
35
36	4	if (!$feature->isEnabled()) {
37	1	return false;
38		}
39
40	3	if ($feature->getRole()) {
41	2	if (!$this->context->isGranted($feature->getRole())) {
42		return false;
43		}
44	2	}
45
46	3	if ($feature->getParentRole()) {
		0 ignored issues – show Bug Best Practice introduced 2016-01-29 19:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$feature->getParentRole()` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
47	1	if (!$this->context->isGranted($feature->getParentRole())) {
48	1	return false;
49		}
50		}
51
52	2	return true;
53		}
54		}
55

adespresso / FeatureBundle

Pull Request — master (#12)

Security/FeatureSecurity.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like