Issues in AuthServiceProvider.php (2.x) - Issues in 2.x - area17/twill - Measure and Improve Code Quality continuously with Scrutinizer

Issues (426)

src/AuthServiceProvider.php (2 issues)

Labels

Severity

Major 2

<?php

namespace A17\Twill;

use A17\Twill\Models\Enums\UserRole;
use A17\Twill\Models\User;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;

class AuthServiceProvider extends ServiceProvider
{
    const SUPERADMIN = 'SUPERADMIN';

    protected function authorize($user, $callback)
    {
        if (!$user->isPublished()) {
            return false;
        }

        if ($user->isSuperAdmin()) {
            return true;
        }

        return $callback($user);
    }

    protected function userHasRole($user, $roles)
    {
        return in_array($user->role_value, $roles);
    }

    public function boot()
    {
        Gate::define('list', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::VIEWONLY, UserRole::PUBLISHER, UserRole::ADMIN]);
            });
        });

        Gate::define('edit', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
            });
        });

        Gate::define('reorder', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
            });
        });

        Gate::define('publish', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
            });
        });

        Gate::define('feature', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
            });
        });

        Gate::define('delete', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
            });
        });

        Gate::define('duplicate', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
            });
        });

        Gate::define('upload', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
            });
        });

        Gate::define('manage-users', function ($user) {
            return $this->authorize($user, function ($user) {
                return $this->userHasRole($user, [UserRole::ADMIN]);
            });
        });

        // As an admin, I can edit users, except superadmins
        // As a non-admin, I can edit myself only
        Gate::define('edit-user', function ($user, $editedUser = null) {
            return $this->authorize($user, function ($user) use ($editedUser) {
                $editedUserObject = User::find($editedUser);
                return ($this->userHasRole($user, [UserRole::ADMIN]) || $user->id == $editedUser)
                    && ($editedUserObject ? $editedUserObject->role !== self::SUPERADMIN : true);

            });
        });

        Gate::define('publish-user', function ($user) {
            return $this->authorize($user, function ($user) {
                $editedUserObject = User::find(request('id'));
                return $this->userHasRole($user, [UserRole::ADMIN]) && ($editedUserObject ? $user->id !== $editedUserObject->id && $editedUserObject->role !== self::SUPERADMIN : false);

            });
        });

        Gate::define('impersonate', function ($user) {
            return $user->role === self::SUPERADMIN;
        });

    }
}


1		<?php
2
3		namespace A17\Twill;
4
5		use A17\Twill\Models\Enums\UserRole;
6		use A17\Twill\Models\User;
7		use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
8		use Illuminate\Support\Facades\Gate;
9
10		class AuthServiceProvider extends ServiceProvider
11		{
12		const SUPERADMIN = 'SUPERADMIN';
13
14	49	protected function authorize($user, $callback)
15		{
16	49	if (!$user->isPublished()) {
17	2	return false;
18		}
19
20	49	if ($user->isSuperAdmin()) {
21	49	return true;
22		}
23
24		return $callback($user);
25		}
26
27		protected function userHasRole($user, $roles)
28		{
29		return in_array($user->role_value, $roles);
30		}
31
32	73	public function boot()
33		{
34	73	Gate::define('list', function ($user) {
35	49	return $this->authorize($user, function ($user) {
36		return $this->userHasRole($user, [UserRole::VIEWONLY, UserRole::PUBLISHER, UserRole::ADMIN]);
37	49	});
38	73	});
39
40	73	Gate::define('edit', function ($user) {
41	35	return $this->authorize($user, function ($user) {
42		return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
43	35	});
44	73	});
45
46	73	Gate::define('reorder', function ($user) {
47	16	return $this->authorize($user, function ($user) {
48		return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
49	16	});
50	73	});
51
52	73	Gate::define('publish', function ($user) {
53	10	return $this->authorize($user, function ($user) {
54		return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
55	10	});
56	73	});
57
58	73	Gate::define('feature', function ($user) {
59	6	return $this->authorize($user, function ($user) {
60		return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
61	6	});
62	73	});
63
64	73	Gate::define('delete', function ($user) {
65	11	return $this->authorize($user, function ($user) {
66		return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
67	11	});
68	73	});
69
70	73	Gate::define('duplicate', function ($user) {
71	6	return $this->authorize($user, function ($user) {
72		return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
73	6	});
74	73	});
75
76	73	Gate::define('upload', function ($user) {
77	49	return $this->authorize($user, function ($user) {
78		return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]);
79	49	});
80	73	});
81
82	73	Gate::define('manage-users', function ($user) {
83	49	return $this->authorize($user, function ($user) {
84		return $this->userHasRole($user, [UserRole::ADMIN]);
85	49	});
86	73	});
87
88		// As an admin, I can edit users, except superadmins
89		// As a non-admin, I can edit myself only
90	73	Gate::define('edit-user', function ($user, $editedUser = null) {
91	5	return $this->authorize($user, function ($user) use ($editedUser) {
92		$editedUserObject = User::find($editedUser);
93		return ($this->userHasRole($user, [UserRole::ADMIN]) \|\| $user->id == $editedUser)
94		&& ($editedUserObject ? $editedUserObject->role !== self::SUPERADMIN : true);
		0 ignored issues – show Bug Best Practice introduced 2019-10-18 18:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `role` does not exist on `A17\Twill\Models\User`. Since you implemented `__get`, consider adding a @property annotation. Loading history...
95	5	});
96	73	});
97
98	73	Gate::define('publish-user', function ($user) {
99		return $this->authorize($user, function ($user) {
100		$editedUserObject = User::find(request('id'));
101		return $this->userHasRole($user, [UserRole::ADMIN]) && ($editedUserObject ? $user->id !== $editedUserObject->id && $editedUserObject->role !== self::SUPERADMIN : false);
		0 ignored issues – show Bug Best Practice introduced 2019-10-18 18:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `role` does not exist on `A17\Twill\Models\User`. Since you implemented `__get`, consider adding a @property annotation. Loading history...
102		});
103	73	});
104
105	73	Gate::define('impersonate', function ($user) {
106	2	return $user->role === self::SUPERADMIN;
107	73	});
108
109	73	}
110		}
111

area17 / twill

Issues (426)

src/AuthServiceProvider.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like