ManagersController::isCurrentUserAdmin() - Code Metrics - Inspection of "add user change password in admin" - allan-simon/oauth2-symfony2-vagrant-fosuserbundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#28)

unknown

created 2015-11-30 02:55 UTC

ManagersController::isCurrentUserAdmin() A

↳ Parent: ManagersController

Complexity

Conditions	1
Paths	1

Size

Total Lines	7
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	4
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
c	1
b	0
f	1
dl	0
loc	7
ccs	4
cts	4
cp	1
rs	9.4286
cc	1
eloc	4
nc	1
nop	0
crap	1

<?php

namespace SMG\ManagerBundle\Controller;

use FOS\RestBundle\Controller\Annotations;
use SMG\UserBundle\Entity\User;
use FOS\RestBundle\View\View;
use FOS\RestBundle\Controller\FOSRestController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Request;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;

class ManagersController extends FOSRestController
{
    use Traits\TokenFromHeaderTrait;
    use Traits\HandleUserTrait;

    /**
     * NOTE: use annotation for routing here even
     * if the FOSRestBundle is automatically able
     * to handle them. In fact, ParamConverter is
     * not supported by FOSRestController.
     *
     * @Annotations\Post("/users")
     * @ParamConverter("user", converter="fos_rest.request_body")
     */
    public function postUserAction(User $user)
    {
        $this->throwIfClientNot('backend');

        // TODO: 13 - refactor common parameters
        // settings in the HandleUserTrait.
        $manager = $this->get('fos_user.user_manager');
        $manager->deleteIfNonEnabledExists($user);

        //TODO: 16 - use the mobile_app_registration
        //group for now, but should be renamed
        //for the backend
        $errors = $this->validates(
            $user,
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
            'mobile_app_registration'
        );
        if (count($errors) > 0) {
            return $this->handleView(
                new View($errors, Response::HTTP_BAD_REQUEST)
            );
        }

        $newUser = $manager->createUser();

        $phoneNumber = $user->getPhoneNumber();
        if (!is_null($phoneNumber)) {
            $phoneNumber = str_replace('+', '00', $phoneNumber);
        }

        $newUser->setPhoneNumber($phoneNumber);
        $newUser->setEmail($user->getEmail());
        $newUser->setUsername($user->getUsername());
        $newUser->setPlainPassword($user->getPlainPassword());
        $newUser->setRoles($user->getRoles());
        $newUser->setEnabled(true);
        $newUser->setLocked(false);
        $manager->updateUser($newUser);

        return $this->handleView(
            new View(
                array(
                    'id' => $newUser->getId(),
                ),
                Response::HTTP_CREATED
            )
        );
    }

    /**
     * @Annotations\Put("/users/{id}")
     *
     * @ParamConverter("updatedUser", converter="fos_rest.request_body")
     *
     * @param User $user
     * @param User $updatedUser
     */
    public function putUserAction(
        User $user,
        User $updatedUser
    ) {
        $this->throwIfClientNot('backend');

        $errors = $this->validates(
            $updatedUser,
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
            'backend_user_edit'
        );
        if (count($errors) > 0) {
            return $this->handleView(
                new View($errors, Response::HTTP_BAD_REQUEST)
            );
        }

        $user->setUsername($updatedUser->getUsername());
        $user->setEmail($updatedUser->getEmail());
        $user->setPhoneNumber($updatedUser->getPhoneNumber());
        $user->setRoles($updatedUser->getRoles());

        $this->get('fos_user.user_manager')->updateUser($user);

        return $this->handleView(
            new View(
                array(
                    'id' => $user->getId(),
                ),
                Response::HTTP_OK
            )
        );
    }

    /**
     * @param User    $user
     * @param Request $request
     */
    public function putUserRolesAction(
        User $user,
        Request $request
    ) {
        $this->throwIfClientNot('backend');

        $roles = json_decode($request->getContent(), true);

        $user->setRoles($roles);

        $this->get('fos_user.user_manager')->updateUser($user);
    }

    /**
     * @param User $user
     */
    public function getUserAction(User $user)
    {
        $this->throwIfClientNot('backend');

        return $user;
    }

    /**
     * Disable one given user.
     *
     * @param User $user
     */
    public function patchUserDisableAction(User $user)
    {
        $this->throwIfClientNot('backend');

        $user->setEnabled(false);

        $this->get('fos_user.user_manager')->updateUser($user);
    }

    /**
     * @param User $user
     */
    public function patchUserEnableAction(User $user)
    {
        $this->throwIfClientNot('backend');

        $user->setEnabled(true);

        $this->get('fos_user.user_manager')->updateUser($user);
    }

    /**
     * @param User    $user
     * @param Request $request
     *
     * @Annotations\put("/users/{id}/password")
     *
     * @return Response
     */
    public function putUsersPasswordAction(User $user, Request $request)
    {
        $this->throwIfClientNot('backend');

        if (!$this->isCurrentUserAdmin()) {
            return $this->handleView(
                new View(
                    ['message' => 'bst.admin.only'],
                    Response::HTTP_FORBIDDEN
                )
            );
        }

        $requestData = $this->requestIsJsonWithKeysOrThrow(
            $request,
            ['new_password']
        );

        $user->setPlainPassword($requestData['new_password']);

        $this->get('fos_user.user_manager')->updateUser($user);

        return $this->handleView(
            new View(
                null,
                Response::HTTP_NO_CONTENT
            )
        );
    }

    /**
     * Check if the JSON sent data is correct
     * for the current called action
     * and throws a bad request exception if the input is wrong.
     *
     * @param Request $request
     * @param array   $keys
     * @param string  $message
     *
     * @return array
     *
     * @throws BadRequestHttpException
     */
    private function requestIsJsonWithKeysOrThrow(

        Request $request,
        array $keys,
        $message = 'bst.json.field_missing'
    ) {
        $json = json_decode($request->getContent(), true);

        foreach ($keys as $key) {
            if (empty($json[$key])) {
                throw new BadRequestHttpException($message);
            }
        }

        return $json;
    }

    private function isCurrentUserAdmin()
    {
        return in_array(
            'ROLE_ADMINPANEL',
            $this->getCurrentUser()->getRoles()
        );
    }
}


1			<?php
2
3			namespace SMG\ManagerBundle\Controller;
4
5			use FOS\RestBundle\Controller\Annotations;
6			use SMG\UserBundle\Entity\User;
7			use FOS\RestBundle\View\View;
8			use FOS\RestBundle\Controller\FOSRestController;
9			use Symfony\Component\HttpFoundation\Response;
10			use Symfony\Component\HttpFoundation\Request;
11			use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
12			use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
13
14			class ManagersController extends FOSRestController
15			{
16			use Traits\TokenFromHeaderTrait;
17			use Traits\HandleUserTrait;
18
19			/**
20			* NOTE: use annotation for routing here even
21			* if the FOSRestBundle is automatically able
22			* to handle them. In fact, ParamConverter is
23			* not supported by FOSRestController.
24			*
25			* @Annotations\Post("/users")
26			* @ParamConverter("user", converter="fos_rest.request_body")
27			*/
28			public function postUserAction(User $user)
29			{
30			$this->throwIfClientNot('backend');
31
32			// TODO: 13 - refactor common parameters
33			// settings in the HandleUserTrait.
34			$manager = $this->get('fos_user.user_manager');
35			$manager->deleteIfNonEnabledExists($user);
36
37			//TODO: 16 - use the mobile_app_registration
38			//group for now, but should be renamed
39			//for the backend
40			$errors = $this->validates(
41			$user,
			0 ignored issues – show Documentation introduced 2015-11-24 09:12 UTC by Report Bug Copy Issue Report `$user` is of type `object<SMG\UserBundle\Entity\User>`, but the function expects a `object<SMG\ManagerBundle\Controller\Traits\User>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
42			'mobile_app_registration'
43			);
44			if (count($errors) > 0) {
45			return $this->handleView(
46			new View($errors, Response::HTTP_BAD_REQUEST)
47			);
48			}
49
50			$newUser = $manager->createUser();
51
52			$phoneNumber = $user->getPhoneNumber();
53			if (!is_null($phoneNumber)) {
54			$phoneNumber = str_replace('+', '00', $phoneNumber);
55			}
56
57			$newUser->setPhoneNumber($phoneNumber);
58			$newUser->setEmail($user->getEmail());
59			$newUser->setUsername($user->getUsername());
60			$newUser->setPlainPassword($user->getPlainPassword());
61			$newUser->setRoles($user->getRoles());
62			$newUser->setEnabled(true);
63			$newUser->setLocked(false);
64			$manager->updateUser($newUser);
65
66			return $this->handleView(
67			new View(
68			array(
69			'id' => $newUser->getId(),
70			),
71			Response::HTTP_CREATED
72			)
73			);
74			}
75
76			/**
77			* @Annotations\Put("/users/{id}")
78			*
79			* @ParamConverter("updatedUser", converter="fos_rest.request_body")
80			*
81			* @param User $user
82			* @param User $updatedUser
83			*/
84			public function putUserAction(
85			User $user,
86			User $updatedUser
87			) {
88			$this->throwIfClientNot('backend');
89
90			$errors = $this->validates(
91			$updatedUser,
			0 ignored issues – show Documentation introduced 2015-11-24 09:12 UTC by Report Bug Copy Issue Report `$updatedUser` is of type `object<SMG\UserBundle\Entity\User>`, but the function expects a `object<SMG\ManagerBundle\Controller\Traits\User>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
92			'backend_user_edit'
93			);
94			if (count($errors) > 0) {
95			return $this->handleView(
96			new View($errors, Response::HTTP_BAD_REQUEST)
97			);
98			}
99
100			$user->setUsername($updatedUser->getUsername());
101			$user->setEmail($updatedUser->getEmail());
102			$user->setPhoneNumber($updatedUser->getPhoneNumber());
103			$user->setRoles($updatedUser->getRoles());
104
105			$this->get('fos_user.user_manager')->updateUser($user);
106
107			return $this->handleView(
108			new View(
109			array(
110			'id' => $user->getId(),
111			),
112			Response::HTTP_OK
113			)
114			);
115			}
116
117			/**
118			* @param User $user
119			* @param Request $request
120			*/
121			public function putUserRolesAction(
122			User $user,
123			Request $request
124			) {
125			$this->throwIfClientNot('backend');
126
127			$roles = json_decode($request->getContent(), true);
128
129			$user->setRoles($roles);
130
131			$this->get('fos_user.user_manager')->updateUser($user);
132			}
133
134			/**
135			* @param User $user
136			*/
137			public function getUserAction(User $user)
138			{
139			$this->throwIfClientNot('backend');
140
141			return $user;
142			}
143
144			/**
145			* Disable one given user.
146			*
147			* @param User $user
148			*/
149			public function patchUserDisableAction(User $user)
150			{
151			$this->throwIfClientNot('backend');
152
153			$user->setEnabled(false);
154
155			$this->get('fos_user.user_manager')->updateUser($user);
156			}
157
158			/**
159			* @param User $user
160			*/
161			public function patchUserEnableAction(User $user)
162			{
163			$this->throwIfClientNot('backend');
164
165			$user->setEnabled(true);
166
167			$this->get('fos_user.user_manager')->updateUser($user);
168			}
169
170			/**
171			* @param User $user
172			* @param Request $request
173			*
174			* @Annotations\put("/users/{id}/password")
175			*
176			* @return Response
177			*/
178	2		public function putUsersPasswordAction(User $user, Request $request)
179			{
180	2		$this->throwIfClientNot('backend');
181
182	2		if (!$this->isCurrentUserAdmin()) {
183	1		return $this->handleView(
184	1		new View(
185	1		['message' => 'bst.admin.only'],
186	1		Response::HTTP_FORBIDDEN
187			)
188			);
189			}
190
191	1		$requestData = $this->requestIsJsonWithKeysOrThrow(
192			$request,
193	1		['new_password']
194			);
195
196	1		$user->setPlainPassword($requestData['new_password']);
197
198	1		$this->get('fos_user.user_manager')->updateUser($user);
199
200	1		return $this->handleView(
201	1		new View(
202	1		null,
203	1		Response::HTTP_NO_CONTENT
204			)
205			);
206			}
207
208			/**
209			* Check if the JSON sent data is correct
210			* for the current called action
211			* and throws a bad request exception if the input is wrong.
212			*
213			* @param Request $request
214			* @param array $keys
215			* @param string $message
216			*
217			* @return array
218			*
219			* @throws BadRequestHttpException
220			*/
221	1	View Code Duplication	private function requestIsJsonWithKeysOrThrow(
			0 ignored issues – show Duplication introduced 2015-11-24 09:12 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
222			Request $request,
223			array $keys,
224			$message = 'bst.json.field_missing'
225			) {
226	1		$json = json_decode($request->getContent(), true);
227
228	1		foreach ($keys as $key) {
229	1		if (empty($json[$key])) {
230	1		throw new BadRequestHttpException($message);
231			}
232			}
233
234	1		return $json;
235			}
236
237	2		private function isCurrentUserAdmin()
238			{
239	2		return in_array(
240	2		'ROLE_ADMINPANEL',
241	2		$this->getCurrentUser()->getRoles()
242			);
243			}
244			}
245

allan-simon / oauth2-symfony2-vagrant-fosuserbundle

Pull Request — master (#28)

ManagersController::isCurrentUserAdmin() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like