AclMiddleware - Code Metrics - Inspection of "Feature email templates payments subscriptions" - bakaphp/phalcon-api - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#65)

by Rafael

created 2019-03-26 14:21 UTC

AclMiddleware A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	66
Duplicated Lines	0 %

Test Coverage

Coverage

17.14%

Importance

Changes

Metric	Value
eloc	36
dl	0
loc	66
ccs	6
cts	35
cp	0.1714
rs	10
c	0
b	0
f	0
wmc	10

1 Method

Rating	Name	Duplication	Size	Complexity
B	call()	0	57	10

<?php

declare(strict_types=1);

namespace Gewaer\Middleware;

use Phalcon\Mvc\Micro;
use Phalcon\Mvc\Micro\MiddlewareInterface;
use Gewaer\Exception\ServerErrorHttpException;
use Gewaer\Exception\PermissionException;
use Gewaer\Models\CompaniesSettings;
use Phalcon\Di;

/**
 * Class AclMiddleware
 *
 * @package Gewaer\Middleware
 */
class AclMiddleware implements MiddlewareInterface
{
    /**
     * Call me
     *
     * @param Micro $api
     * @todo need to check section for auth here
     * @return bool
     */
    public function call(Micro $api)
    {
        $auth = $api->getService('auth');
        $router = $api->getService('router');
        $request = $api->getService('request');

        if (!$auth->isIgnoreUri()) {
            // explode() by / , postiion #1 is always the controller , so its the resource ^.^
            $matchRouter = explode('/', $router->getMatchedRoute()->getCompiledPattern());
            $resource = ucfirst($matchRouter[2]); //2 is alwasy the controller of the router
            $userData = $api->getService('userData');

            $action = null;
            // GET -> read
            // PUT -> update
            // DELETE -> delete
            // POST -> create

            //Search current company's app setting with key paid to verify payment status for current company
            $subscriptionPaid = CompaniesSettings::findFirst([
                'conditions' => "companies_id = ?0 and name = 'paid' and is_deleted = 0",
                'bind' => [Di::getDefault()->getUserData()->default_company]
            ]);

            if (!$subscriptionPaid->value) {
                throw new ServerErrorHttpException('Subscription is not active.Please contact your admin');
            }

            switch (strtolower($request->getMethod())) {
                case 'get':
                    $action = 'list';
                    if (preg_match("/\/([0-9]+)(?=[^\/]*$)/", $request->getURI())) {
                        $action = 'read';
                    }
                    break;
                case 'post':
                    $action = 'create';
                    break;
                case 'delete':
                    $action = 'delete';
                    break;
                case 'put':
                case 'patch':
                    $action = 'update';
                    break;
                default:
                    throw new ServerErrorHttpException('No Permission define for this action');
                break;
            }

            //do you have permision
            if (!$userData->can($resource . '.' . $action)) {
                throw new PermissionException('You dont have permission to run this action ' . $action . ' at ' . $resource);
            }
        }

        return true;
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		namespace Gewaer\Middleware;
6
7		use Phalcon\Mvc\Micro;
8		use Phalcon\Mvc\Micro\MiddlewareInterface;
9		use Gewaer\Exception\ServerErrorHttpException;
10		use Gewaer\Exception\PermissionException;
11		use Gewaer\Models\CompaniesSettings;
12		use Phalcon\Di;
13
14		/**
15		* Class AclMiddleware
16		*
17		* @package Gewaer\Middleware
18		*/
19		class AclMiddleware implements MiddlewareInterface
20		{
21		/**
22		* Call me
23		*
24		* @param Micro $api
25		* @todo need to check section for auth here
26		* @return bool
27		*/
28	69	public function call(Micro $api)
29		{
30	69	$auth = $api->getService('auth');
31	69	$router = $api->getService('router');
32	69	$request = $api->getService('request');
33
34	69	if (!$auth->isIgnoreUri()) {
35		// explode() by / , postiion #1 is always the controller , so its the resource ^.^
36		$matchRouter = explode('/', $router->getMatchedRoute()->getCompiledPattern());
37		$resource = ucfirst($matchRouter[2]); //2 is alwasy the controller of the router
38		$userData = $api->getService('userData');
39
40		$action = null;
41		// GET -> read
42		// PUT -> update
43		// DELETE -> delete
44		// POST -> create
45
46		//Search current company's app setting with key paid to verify payment status for current company
47		$subscriptionPaid = CompaniesSettings::findFirst([
48		'conditions' => "companies_id = ?0 and name = 'paid' and is_deleted = 0",
49		'bind' => [Di::getDefault()->getUserData()->default_company]
50		]);
51
52		if (!$subscriptionPaid->value) {
53		throw new ServerErrorHttpException('Subscription is not active.Please contact your admin');
54		}
55
56		switch (strtolower($request->getMethod())) {
57		case 'get':
58		$action = 'list';
59		if (preg_match("/\/([0-9]+)(?=[^\/]*$)/", $request->getURI())) {
60		$action = 'read';
61		}
62		break;
63		case 'post':
64		$action = 'create';
65		break;
66		case 'delete':
67		$action = 'delete';
68		break;
69		case 'put':
70		case 'patch':
71		$action = 'update';
72		break;
73		default:
74		throw new ServerErrorHttpException('No Permission define for this action');
75		break;
76		}
77
78		//do you have permision
79		if (!$userData->can($resource . '.' . $action)) {
80		throw new PermissionException('You dont have permission to run this action ' . $action . ' at ' . $resource);
81		}
82		}
83
84	69	return true;
85		}
86		}
87

bakaphp / phalcon-api

Pull Request — master (#65)

AclMiddleware A

Complexity

Size/Duplication

Test Coverage

Importance

1 Method

Duplication Side-by-Side

Filter issues like