These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | use Symfony\Component\HttpFoundation\Request; |
||
4 | |||
5 | /** |
||
6 | * @todo Configure the AdminController to be behind a Symfony firewall |
||
7 | */ |
||
8 | class AdminController extends HTMLController |
||
9 | { |
||
10 | private static $wipeableModels = ['Ban', 'Map', 'Match', 'News', 'NewsCategory', 'Page', 'Server', 'Team']; |
||
0 ignored issues
–
show
|
|||
11 | |||
12 | public function listAction() |
||
13 | { |
||
14 | $rolesToDisplay = Role::getLeaderRoles(); |
||
15 | $roles = array(); |
||
16 | |||
17 | foreach ($rolesToDisplay as $role) { |
||
18 | $roleMembers = $role->getUsers(); |
||
19 | |||
20 | if (count($roleMembers) > 0) { |
||
21 | $roles[] = array( |
||
22 | "role" => $role, |
||
23 | "members" => $roleMembers |
||
24 | ); |
||
25 | } |
||
26 | } |
||
27 | |||
28 | return array("role_sections" => $roles); |
||
29 | } |
||
30 | |||
31 | public function landingAction(Player $me) |
||
32 | { |
||
33 | if (!$me->isValid()) { |
||
34 | throw new ForbiddenException('Please log in to view this page.'); |
||
35 | } |
||
36 | |||
37 | // @todo Model editing should be a generic permission |
||
38 | $canViewModelEditor = true; |
||
39 | $canViewPageEditor = $this->isEditorFor(Page::class, $me); |
||
40 | $canViewRoleEditor = $this->isEditorFor(Role::class, $me); |
||
41 | $canViewVisitLog = $me->hasPermission(Permission::VIEW_VISITOR_LOG); |
||
42 | |||
43 | if (!$canViewPageEditor && !$canViewRoleEditor && !$canViewVisitLog) { |
||
44 | throw new ForbiddenException('Contact a site administrator if you feel you should have access to this page.'); |
||
45 | } |
||
46 | |||
47 | return [ |
||
48 | 'canViewPageEditor' => $canViewPageEditor, |
||
49 | 'canViewRoleEditor' => $canViewRoleEditor, |
||
50 | 'canViewModelEditor' => $canViewModelEditor, |
||
51 | 'canViewVisitLog' => $canViewVisitLog, |
||
52 | ]; |
||
53 | } |
||
54 | |||
55 | View Code Duplication | public function pageListAction(Player $me) |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
56 | { |
||
57 | if (!$me->isValid()) { |
||
58 | throw new ForbiddenException('Please log in to view this page.'); |
||
59 | } |
||
60 | |||
61 | if (!$this->isEditorFor(Page::class, $me)) { |
||
62 | throw new ForbiddenException('Contact a site administrator if you feel you should have access to this page.'); |
||
63 | } |
||
64 | |||
65 | $pages = Page::getQueryBuilder() |
||
66 | ->where('status')->notEquals('deleted') |
||
67 | ->getModels(true) |
||
68 | ; |
||
69 | |||
70 | return [ |
||
71 | 'pages' => $pages, |
||
72 | 'canCreate' => $me->hasPermission(Page::CREATE_PERMISSION), |
||
73 | 'canEdit' => $me->hasPermission(Page::EDIT_PERMISSION), |
||
74 | 'canDelete' => $me->hasPermission(Page::SOFT_DELETE_PERMISSION), |
||
75 | 'canWipe' => $me->hasPermission(Page::HARD_DELETE_PERMISSION), |
||
76 | ]; |
||
77 | } |
||
78 | |||
79 | View Code Duplication | public function roleListAction(Player $me) |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
80 | { |
||
81 | if (!$me->isValid()) { |
||
82 | throw new ForbiddenException('Please log in to view this page.'); |
||
83 | } |
||
84 | |||
85 | if (!$this->isEditorFor(Role::class, $me)) { |
||
86 | throw new ForbiddenException('Contact a site administrator if you feel you should have access to this page.'); |
||
87 | } |
||
88 | |||
89 | $roles = Role::getQueryBuilder() |
||
90 | ->sortBy('display_order') |
||
91 | ->getModels($fast = true) |
||
92 | ; |
||
93 | |||
94 | return [ |
||
95 | 'roles' => $roles, |
||
96 | 'canCreate' => $me->hasPermission(Role::CREATE_PERMISSION), |
||
97 | 'canEdit' => $me->hasPermission(Role::EDIT_PERMISSION), |
||
98 | 'canDelete' => $me->hasPermission(Role::SOFT_DELETE_PERMISSION), |
||
99 | 'canWipe' => $me->hasPermission(Role::HARD_DELETE_PERMISSION), |
||
100 | ]; |
||
101 | } |
||
102 | |||
103 | public function modelsAction(Player $me) |
||
104 | { |
||
105 | if (!$me->isValid()) { |
||
106 | throw new ForbiddenException('Please log in to view this page.'); |
||
107 | } |
||
108 | |||
109 | // @todo Implement a new and proper "Model Editor" permission |
||
110 | if (!$me->hasPermission(Team::SOFT_DELETE_PERMISSION)) { |
||
111 | throw new ForbiddenException('Contact a site administrator if you feel you should have access to this page.'); |
||
112 | } |
||
113 | |||
114 | return [ |
||
115 | |||
116 | ]; |
||
117 | } |
||
118 | |||
119 | public function modelListAction(Request $request, Player $me, $type) |
||
120 | { |
||
121 | $type = ucfirst($type); |
||
122 | |||
123 | if (!$me->isValid()) { |
||
124 | throw new ForbiddenException('Please log in to view this page.'); |
||
125 | } |
||
126 | |||
127 | if (!$me->hasPermission($type::SOFT_DELETE_PERMISSION)) { |
||
128 | throw new ForbiddenException('Contact a site administrator if you feel you should have access to this page.'); |
||
129 | } |
||
130 | |||
131 | $searchTerm = $request->get('search'); |
||
132 | |||
133 | $currentPage = $this->getCurrentPage(); |
||
134 | |||
135 | /** @var QueryBuilder $qb */ |
||
136 | $qb = $type::getQueryBuilder() |
||
137 | ->where('status')->equals('deleted') |
||
138 | ->sortBy('name') |
||
139 | ; |
||
140 | |||
141 | if ($searchTerm !== null) { |
||
142 | $qb->where('name')->isLike($searchTerm); |
||
143 | } |
||
144 | |||
145 | $models = $qb |
||
146 | ->limit(15) |
||
147 | ->fromPage($currentPage) |
||
148 | ->getModels() |
||
149 | ; |
||
150 | |||
151 | return [ |
||
152 | 'type' => $type, |
||
153 | 'models' => $models, |
||
154 | 'canRestore' => $me->hasPermission($type::SOFT_DELETE_PERMISSION), |
||
155 | 'canWipe' => $me->hasPermission($type::HARD_DELETE_PERMISSION), |
||
156 | 'currentPage' => $currentPage, |
||
157 | 'totalPages' => $qb->countPages(), |
||
158 | 'searchTerm' => $searchTerm, |
||
159 | ]; |
||
160 | } |
||
161 | |||
162 | public function wipeAction(Player $me) |
||
163 | { |
||
164 | $canViewThisPage = false; |
||
165 | $wipeable = array('Ban', 'Map', 'Match', 'News', 'NewsCategory', 'Page', 'Server', 'Team'); |
||
166 | $models = array(); |
||
167 | |||
168 | foreach ($wipeable as $type) { |
||
169 | if (!$me->hasPermission($type::HARD_DELETE_PERMISSION)) { |
||
170 | continue; |
||
171 | } |
||
172 | |||
173 | $canViewThisPage = true; |
||
174 | $models = array_merge($models, $type::getQueryBuilder() |
||
175 | ->where('status')->equals('deleted') |
||
176 | ->getModels()); |
||
177 | } |
||
178 | |||
179 | // Permission checking |
||
180 | if (!$me->isValid()) { |
||
181 | throw new ForbiddenException("Please log in to view this page."); |
||
182 | } |
||
183 | if (!$canViewThisPage) { |
||
184 | throw new ForbiddenException("Contact a site administrator if you feel you should have access to this page."); |
||
185 | } |
||
186 | |||
187 | return array('models' => $models); |
||
188 | } |
||
189 | |||
190 | private function isEditorFor($className, Player $me) |
||
191 | { |
||
192 | $permissionConstants = [ |
||
193 | 'CREATE_PERMISSION', |
||
194 | 'EDIT_PERMISSION', |
||
195 | 'SOFT_DELETE_PERMISSION', |
||
196 | 'HARD_DELETE_PERMISSION', |
||
197 | ]; |
||
198 | |||
199 | $reflector = new ReflectionClass($className); |
||
200 | |||
201 | foreach ($permissionConstants as $permission) { |
||
202 | $permissionName = $reflector->getConstant($permission); |
||
203 | |||
204 | if ($me->hasPermission($permissionName)) { |
||
205 | return true; |
||
206 | } |
||
207 | } |
||
208 | |||
209 | return false; |
||
210 | } |
||
211 | } |
||
212 |
This check marks private properties in classes that are never used. Those properties can be removed.