Issues in AclMiddleware.php - New Issues - Inspection of "add ACL middleware" - bakaphp/phalcon-api - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( 02c765...419434 )

by Maximo

created 2018-11-29 04:28 UTC

library/Middleware/AclMiddleware.php (2 issues)

Labels

Severity

<?php


declare(strict_types=1);

namespace Gewaer\Middleware;

use Phalcon\Mvc\Micro;
use Phalcon\Mvc\Micro\MiddlewareInterface;
use Gewaer\Exception\ServerErrorHttpException;
use Gewaer\Exception\PermissionException;

/**
 * Class AclMiddleware
 *
 * @package Gewaer\Middleware
 */
class AclMiddleware implements MiddlewareInterface
{
    /**
     * Call me
     *
     * @param Micro $api
     * @todo need to check section for auth here
     * @return bool
     */
    public function call(Micro $api)
    {
        $auth = $api->getService('auth');
        $router = $api->getService('router');
        $request = $api->getService('request');

        if (!$auth->isIgnoreUri()) {
            // explode() by / , postiion #1 is always the controller , so its the resource ^.^
            $matchRouter = explode('/', $router->getMatchedRoute()->getCompiledPattern());
            $resource = ucfirst($matchRouter[2]); //2 is alwasy the controller of the router
            $userData = $api->getService('userData');

            $action = null;
            // GET -> read
            // PUT -> update
            // DELETE -> delete
            // POST -> create

            switch (strtolower($request->getMethod())) {
                case 'get':
                    $action = 'read';
                break;
                case 'post':
                    $action = 'create';
                break;
                case 'delete':
                    $action = 'delete';
                break;
                case 'pute':
                    $action = 'update';
                break;
                default:
                    throw new ServerErrorHttpException('No Permission define for this action');
                break;
            }

            //do you have permision
            if (!$userData->can($resource . '.' . $action)) {
                throw new PermissionException('You dont have permission to run this action ' . $action . ' at ' . $resource);
                $api->stop();
function fx() {
    try {
        doSomething();
        return true;
    }
    catch (\Exception $e) {
        return false;
    }

    return false;
}
                return false;
            }
        }

        return true;
    }
}


1		<?php
		0 ignored issues – show Coding Style introduced 2018-11-29 04:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this End of line character is invalid; expected "\n" but found "\r\n" Loading history...
2
3		declare(strict_types=1);
4
5		namespace Gewaer\Middleware;
6
7		use Phalcon\Mvc\Micro;
8		use Phalcon\Mvc\Micro\MiddlewareInterface;
9		use Gewaer\Exception\ServerErrorHttpException;
10		use Gewaer\Exception\PermissionException;
11
12		/**
13		* Class AclMiddleware
14		*
15		* @package Gewaer\Middleware
16		*/
17		class AclMiddleware implements MiddlewareInterface
18		{
19		/**
20		* Call me
21		*
22		* @param Micro $api
23		* @todo need to check section for auth here
24		* @return bool
25		*/
26	2	public function call(Micro $api)
27		{
28	2	$auth = $api->getService('auth');
29	2	$router = $api->getService('router');
30	2	$request = $api->getService('request');
31
32	2	if (!$auth->isIgnoreUri()) {
33		// explode() by / , postiion #1 is always the controller , so its the resource ^.^
34		$matchRouter = explode('/', $router->getMatchedRoute()->getCompiledPattern());
35		$resource = ucfirst($matchRouter[2]); //2 is alwasy the controller of the router
36		$userData = $api->getService('userData');
37
38		$action = null;
39		// GET -> read
40		// PUT -> update
41		// DELETE -> delete
42		// POST -> create
43
44		switch (strtolower($request->getMethod())) {
45		case 'get':
46		$action = 'read';
47		break;
48		case 'post':
49		$action = 'create';
50		break;
51		case 'delete':
52		$action = 'delete';
53		break;
54		case 'pute':
55		$action = 'update';
56		break;
57		default:
58		throw new ServerErrorHttpException('No Permission define for this action');
59		break;
60		}
61
62		//do you have permision
63		if (!$userData->can($resource . '.' . $action)) {
64		throw new PermissionException('You dont have permission to run this action ' . $action . ' at ' . $resource);
65		$api->stop();
		0 ignored issues – show Unused Code introduced 2018-11-29 04:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$api->stop()` is not reachable. This check looks for unreachable code. It uses sophisticated control flow analysis techniques to find statements which will never be executed. Unreachable code is most often the result of `return`, `die` or `exit` statements that have been added for debug purposes. function fx() { try { doSomething(); return true; } catch (\Exception $e) { return false; } return false; } In the above example, the last `return false` will never be executed, because a return statement has already been met in every possible execution path. Loading history...
66		return false;
67		}
68		}
69
70	2	return true;
71		}
72		}
73

bakaphp / phalcon-api

Push — master ( 02c765...419434 )

library/Middleware/AclMiddleware.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like