Issues in UsersController.php - Failed Issues - Inspection of "Add detach device function" - bakaphp/phalcon-api - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — master (#48)

by Rafael

created 2019-02-05 17:24 UTC

api/controllers/UsersController.php (1 issue)

Labels

Severity

Major 1

<?php

declare(strict_types=1);

namespace Gewaer\Api\Controllers;

use Gewaer\Models\Users;
use Gewaer\Models\UserLinkedSources;
use Baka\Auth\Models\Sources;
use Gewaer\Models\Companies;
use Phalcon\Http\Response;
use Phalcon\Validation;
use Phalcon\Validation\Validator\PresenceOf;
use Gewaer\Exception\BadRequestHttpException;
use Gewaer\Exception\UnprocessableEntityHttpException;
use Baka\Http\QueryParser;
use Gewaer\Exception\ModelException;
use Gewaer\Exception\NotFoundHttpException;
use Gewaer\Models\AccessList;

/**
 * Class UsersController
 *
 * @package Gewaer\Api\Controllers
 *
 * @property Users $userData
 * @property Request $request
 * @property Config $config
 */
class UsersController extends \Baka\Auth\UsersController
{
    /*
     * fields we accept to create
     *
     * @var array
     */
    protected $createFields = ['name', 'firstname', 'lastname', 'displayname', 'language', 'email', 'password', 'created_at', 'updated_at', 'default_company', 'family', 'cell_phone_number', 'country_id'];

    /*
     * fields we accept to create
     *
     * @var array
     */
    protected $updateFields = ['name', 'firstname', 'lastname', 'displayname', 'language', 'email', 'password', 'created_at', 'updated_at', 'default_company', 'cell_phone_number', 'country_id'];

    /**
     * set objects
     *
     * @return void
     */
    public function onConstruct()
    {
        $this->model = new Users();

        //if you are not a admin you cant see all the users
        if (!$this->userData->hasRole('Defaults.Admins')) {
            $this->additionalSearchFields = [
                ['id', ':', $this->userData->getId()],
            ];
        } else {
            //admin get all the users for this company
            $this->additionalSearchFields = [
                ['default_company', ':', $this->userData->currentCompanyId()],
            ];
        }
    }

    /**
     * Get Uer
     *
     * @param mixed $id
     *
     * @method GET
     * @url /v1/users/{id}
     *
     * @return Response
     */
    public function getById($id) : Response
    {
        //find the info
        $user = $this->model->findFirst([
            'id = ?0 AND is_deleted = 0',
            'bind' => [$this->userData->getId()],
        ]);

        $user->password = null;

        //get relationship
        if ($this->request->hasQuery('relationships')) {
            $relationships = $this->request->getQuery('relationships', 'string');

            $user = QueryParser::parseRelationShips($relationships, $user);
        }

        //if you search for roles we give you the access for this app
        if (array_key_exists('roles', $user)) {
            $accesList = AccessList::find([
                'conditions' => 'roles_name = ?0 and apps_id = ?1 and allowed = 0',
                'bind' => [$user['roles'][0]->name, $this->config->app->id]
            ]);

            if (count($accesList) > 0) {
                foreach ($accesList as $access) {
                    $user['access_list'][strtolower($access->resources_name)][$access->access_name] = 0;
                }
            }
        }

        if ($user) {
            return $this->response($user);
        } else {
            throw new ModelException('Record not found');
        }
    }

    /**
     * Update a User Info
     *
     * @method PUT
     * @url /v1/users/{id}
     *
     * @return Response
     */
    public function edit($id) : Response
    {
        //none admin users can only edit themselves
        if (!$this->userData->hasRole('Default.Admins')) {
            $id = $this->userData->getId();
        }

        if ($user = $this->model->findFirst($id)) {
            $request = $this->request->getPut();

            if (empty($request)) {
                $request = $this->request->getJsonRawBody(true);
            }

            if (empty($request)) {
                throw new BadRequestHttpException(_('No data to update this account with '));
            }

            //update password
            if (array_key_exists('new_password', $request) && (!empty($request['new_password']) && !empty($request['current_password']))) {
                //Ok let validate user password
                $validation = new Validation();
                $validation->add('new_password', new PresenceOf(['message' => 'The new_password is required.']));
                $validation->add('current_password', new PresenceOf(['message' => 'The current_password is required.']));
                $validation->add('confirm_new_password', new PresenceOf(['message' => 'The confirm_new_password is required.']));
                $messages = $validation->validate($request);

                if (count($messages)) {
                    foreach ($messages as $message) {
                        throw new BadRequestHttpException((string)$message);
                    }
                }

                $user->updatePassword($request['current_password'], $request['new_password'], $request['confirm_new_password']);
            } else {
                //remove on any actino that doesnt involve password
                unset($request['password']);
            }

            //change my default company
            if (array_key_exists('default_company', $request)) {
                if ($company = Companies::findFirst($request['default_company'])) {
                    if ($company->userAssociatedToCompany($this->userData)) {
                        $user->default_company = $company->getId();
                        unset($request['default_company']);
                    }
                }
            }

            //update
            if ($user->update($request, $this->updateFields)) {
                $user->password = null;
                return $this->response($user);
            } else {
                //didnt work
                throw new ModelException((string)current($user->getMessages()));
            }
        } else {
            throw new NotFoundHttpException('Record not found');
        }
    }

    /**
     * Add users notifications
     *
     * @param int $id
     * @method PUT
     * @return Response
     */
    public function updateNotifications(int $id) : Response
    {
        //get the notification array
        //delete the current ones
        //iterate and save into users

        return $this->response(['OK' => $id]);
    }

    /**
     * Associate a Device with the corrent loggedin user
     *
     * @url /users/{id}/device
     * @method POST
     * @return Response
     */
    public function devices() : Response
    {
        //Ok let validate user password
        $validation = new Validation();
        $validation->add('app', new PresenceOf(['message' => _('App name is required.')]));
        $validation->add('deviceId', new PresenceOf(['message' => _('device ID is required.')]));
        $msg = null;

        //validate this form for password
        $messages = $validation->validate($this->request->getPost());
        if (count($messages)) {
            foreach ($messages as $message) {
                throw new BadRequestHttpException((string)$message);
            }
        }

        $app = $this->request->getPost('app', 'string');
        $deviceId = $this->request->getPost('deviceId', 'string');

        //get the app source
        if ($source = Sources::getByTitle($app)) {
            $userSource = UserLinkedSources::findFirst([
                'conditions' => 'users_id = ?0 and source_users_id_text = ?1',
                'bind' => [$this->userData->getId(), $deviceId]
            ]);

            if (!is_object($userSource)) {
                $userSource = new UserLinkedSources();
                $userSource->users_id = $this->userData->getId();
                $userSource->source_id = $source->getId();
                $userSource->source_users_id = $this->userData->getId();
                $userSource->source_users_id_text = $deviceId;
                $userSource->source_username = $this->userData->displayname . ' ' . $app;

                if (!$userSource->save()) {
                    throw new UnprocessableEntityHttpException((string) current($userSource->getMessages()));
                }

                $msg = 'User Device Associated';
            } else {
                $msg = 'User Device Already Associated';
            }
        }

        //clean password @todo move this to a better place
        $this->userData->password = null;

        return $this->response([
            'msg' => $msg,
            'user' => $this->userData
        ]);
    }

    /**
     * Detach user's devices
     * @param integer $deviceId User's devices id
     * @return Response
     */
    public function detachDevice(int $deviceId): Response
    {
        //Validation
        $validation = new Validation();
        $validation->add('app', new PresenceOf(['message' => _('App name is required.')]));

        //validate this form for password
        $messages = $validation->validate($this->request->getPost());
        if (count($messages)) {
            foreach ($messages as $message) {
                throw new BadRequestHttpException((string)$message);
            }
        }

        $app = $this->request->getPost('app', 'string');

        //Get Source
        if ($source = Sources::getByTitle($app)) {
            $userSource = UserLinkedSources::findFirst([
                'conditions' => 'users_id = ?0 and source_id = ?1 and source_users_id_text = ?2',
                'bind' => [$this->userData->getId(), $source->getId(), $deviceId]
            ]);

            //Check if User Linked Sources exists by users_id and source_users_id_text
            if (!is_object($userSource)) {
                throw new NotFoundHttpException('User Linked Source not found');
            }

            if (!$userSource->delete()) {
                throw new UnprocessableEntityHttpException((string) current($userSource->getMessages()));
            }

            return $this->response([
                'msg' => 'User Device detached',
                'user' => $this->userData
            ]);
        }
interface ReturnsInt {
    public function returnsIntHinted(): int;
}

class MyClass implements ReturnsInt {
    public function returnsIntHinted(): int
    {
        if (foo()) {
            return 123;
        }
        // here: null is implicitly returned
    }
}
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace Gewaer\Api\Controllers;
6
7			use Gewaer\Models\Users;
8			use Gewaer\Models\UserLinkedSources;
9			use Baka\Auth\Models\Sources;
10			use Gewaer\Models\Companies;
11			use Phalcon\Http\Response;
12			use Phalcon\Validation;
13			use Phalcon\Validation\Validator\PresenceOf;
14			use Gewaer\Exception\BadRequestHttpException;
15			use Gewaer\Exception\UnprocessableEntityHttpException;
16			use Baka\Http\QueryParser;
17			use Gewaer\Exception\ModelException;
18			use Gewaer\Exception\NotFoundHttpException;
19			use Gewaer\Models\AccessList;
20
21			/**
22			* Class UsersController
23			*
24			* @package Gewaer\Api\Controllers
25			*
26			* @property Users $userData
27			* @property Request $request
28			* @property Config $config
29			*/
30			class UsersController extends \Baka\Auth\UsersController
31			{
32			/*
33			* fields we accept to create
34			*
35			* @var array
36			*/
37			protected $createFields = ['name', 'firstname', 'lastname', 'displayname', 'language', 'email', 'password', 'created_at', 'updated_at', 'default_company', 'family', 'cell_phone_number', 'country_id'];
38
39			/*
40			* fields we accept to create
41			*
42			* @var array
43			*/
44			protected $updateFields = ['name', 'firstname', 'lastname', 'displayname', 'language', 'email', 'password', 'created_at', 'updated_at', 'default_company', 'cell_phone_number', 'country_id'];
45
46			/**
47			* set objects
48			*
49			* @return void
50			*/
51			public function onConstruct()
52			{
53			$this->model = new Users();
54
55			//if you are not a admin you cant see all the users
56			if (!$this->userData->hasRole('Defaults.Admins')) {
57			$this->additionalSearchFields = [
58			['id', ':', $this->userData->getId()],
59			];
60			} else {
61			//admin get all the users for this company
62			$this->additionalSearchFields = [
63			['default_company', ':', $this->userData->currentCompanyId()],
64			];
65			}
66			}
67
68			/**
69			* Get Uer
70			*
71			* @param mixed $id
72			*
73			* @method GET
74			* @url /v1/users/{id}
75			*
76			* @return Response
77			*/
78			public function getById($id) : Response
79			{
80			//find the info
81			$user = $this->model->findFirst([
82			'id = ?0 AND is_deleted = 0',
83			'bind' => [$this->userData->getId()],
84			]);
85
86			$user->password = null;
87
88			//get relationship
89			if ($this->request->hasQuery('relationships')) {
90			$relationships = $this->request->getQuery('relationships', 'string');
91
92			$user = QueryParser::parseRelationShips($relationships, $user);
93			}
94
95			//if you search for roles we give you the access for this app
96			if (array_key_exists('roles', $user)) {
97			$accesList = AccessList::find([
98			'conditions' => 'roles_name = ?0 and apps_id = ?1 and allowed = 0',
99			'bind' => [$user['roles'][0]->name, $this->config->app->id]
100			]);
101
102			if (count($accesList) > 0) {
103			foreach ($accesList as $access) {
104			$user['access_list'][strtolower($access->resources_name)][$access->access_name] = 0;
105			}
106			}
107			}
108
109			if ($user) {
110			return $this->response($user);
111			} else {
112			throw new ModelException('Record not found');
113			}
114			}
115
116			/**
117			* Update a User Info
118			*
119			* @method PUT
120			* @url /v1/users/{id}
121			*
122			* @return Response
123			*/
124			public function edit($id) : Response
125			{
126			//none admin users can only edit themselves
127			if (!$this->userData->hasRole('Default.Admins')) {
128			$id = $this->userData->getId();
129			}
130
131			if ($user = $this->model->findFirst($id)) {
132			$request = $this->request->getPut();
133
134			if (empty($request)) {
135			$request = $this->request->getJsonRawBody(true);
136			}
137
138			if (empty($request)) {
139			throw new BadRequestHttpException(_('No data to update this account with '));
140			}
141
142			//update password
143			if (array_key_exists('new_password', $request) && (!empty($request['new_password']) && !empty($request['current_password']))) {
144			//Ok let validate user password
145			$validation = new Validation();
146			$validation->add('new_password', new PresenceOf(['message' => 'The new_password is required.']));
147			$validation->add('current_password', new PresenceOf(['message' => 'The current_password is required.']));
148			$validation->add('confirm_new_password', new PresenceOf(['message' => 'The confirm_new_password is required.']));
149			$messages = $validation->validate($request);
150
151			if (count($messages)) {
152			foreach ($messages as $message) {
153			throw new BadRequestHttpException((string)$message);
154			}
155			}
156
157			$user->updatePassword($request['current_password'], $request['new_password'], $request['confirm_new_password']);
158			} else {
159			//remove on any actino that doesnt involve password
160			unset($request['password']);
161			}
162
163			//change my default company
164			if (array_key_exists('default_company', $request)) {
165			if ($company = Companies::findFirst($request['default_company'])) {
166			if ($company->userAssociatedToCompany($this->userData)) {
167			$user->default_company = $company->getId();
168			unset($request['default_company']);
169			}
170			}
171			}
172
173			//update
174			if ($user->update($request, $this->updateFields)) {
175			$user->password = null;
176			return $this->response($user);
177			} else {
178			//didnt work
179			throw new ModelException((string)current($user->getMessages()));
180			}
181			} else {
182			throw new NotFoundHttpException('Record not found');
183			}
184			}
185
186			/**
187			* Add users notifications
188			*
189			* @param int $id
190			* @method PUT
191			* @return Response
192			*/
193			public function updateNotifications(int $id) : Response
194			{
195			//get the notification array
196			//delete the current ones
197			//iterate and save into users
198
199			return $this->response(['OK' => $id]);
200			}
201
202			/**
203			* Associate a Device with the corrent loggedin user
204			*
205			* @url /users/{id}/device
206			* @method POST
207			* @return Response
208			*/
209			public function devices() : Response
210			{
211			//Ok let validate user password
212			$validation = new Validation();
213			$validation->add('app', new PresenceOf(['message' => _('App name is required.')]));
214			$validation->add('deviceId', new PresenceOf(['message' => _('device ID is required.')]));
215			$msg = null;
216
217			//validate this form for password
218			$messages = $validation->validate($this->request->getPost());
219			if (count($messages)) {
220			foreach ($messages as $message) {
221			throw new BadRequestHttpException((string)$message);
222			}
223			}
224
225			$app = $this->request->getPost('app', 'string');
226			$deviceId = $this->request->getPost('deviceId', 'string');
227
228			//get the app source
229			if ($source = Sources::getByTitle($app)) {
230			$userSource = UserLinkedSources::findFirst([
231			'conditions' => 'users_id = ?0 and source_users_id_text = ?1',
232			'bind' => [$this->userData->getId(), $deviceId]
233			]);
234
235			if (!is_object($userSource)) {
236			$userSource = new UserLinkedSources();
237			$userSource->users_id = $this->userData->getId();
238			$userSource->source_id = $source->getId();
239			$userSource->source_users_id = $this->userData->getId();
240			$userSource->source_users_id_text = $deviceId;
241			$userSource->source_username = $this->userData->displayname . ' ' . $app;
242
243			if (!$userSource->save()) {
244			throw new UnprocessableEntityHttpException((string) current($userSource->getMessages()));
245			}
246
247			$msg = 'User Device Associated';
248			} else {
249			$msg = 'User Device Already Associated';
250			}
251			}
252
253			//clean password @todo move this to a better place
254			$this->userData->password = null;
255
256			return $this->response([
257			'msg' => $msg,
258			'user' => $this->userData
259			]);
260			}
261
262			/**
263			* Detach user's devices
264			* @param integer $deviceId User's devices id
265			* @return Response
266			*/
267			public function detachDevice(int $deviceId): Response
268			{
269			//Validation
270			$validation = new Validation();
271			$validation->add('app', new PresenceOf(['message' => _('App name is required.')]));
272
273			//validate this form for password
274			$messages = $validation->validate($this->request->getPost());
275			if (count($messages)) {
276			foreach ($messages as $message) {
277			throw new BadRequestHttpException((string)$message);
278			}
279			}
280
281			$app = $this->request->getPost('app', 'string');
282
283			//Get Source
284			if ($source = Sources::getByTitle($app)) {
285			$userSource = UserLinkedSources::findFirst([
286			'conditions' => 'users_id = ?0 and source_id = ?1 and source_users_id_text = ?2',
287			'bind' => [$this->userData->getId(), $source->getId(), $deviceId]
288			]);
289
290			//Check if User Linked Sources exists by users_id and source_users_id_text
291			if (!is_object($userSource)) {
292			throw new NotFoundHttpException('User Linked Source not found');
293			}
294
295			if (!$userSource->delete()) {
296			throw new UnprocessableEntityHttpException((string) current($userSource->getMessages()));
297			}
298
299			return $this->response([
300			'msg' => 'User Device detached',
301			'user' => $this->userData
302			]);
303			}
			0 ignored issues – show Bug Best Practice introduced 2019-02-05 17:29 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function implicitly returns `null` when the `if` condition on line 284 is `false`. This is incompatible with the type-hinted return `Phalcon\Http\Response`. Consider adding a return statement or allowing `null` as return value. For hinted functions/methods where all return statements with the correct type are only reachable via conditions, ?null? gets implicitly returned which may be incompatible with the hinted type. Let?s take a look at an example: interface ReturnsInt { public function returnsIntHinted(): int; } class MyClass implements ReturnsInt { public function returnsIntHinted(): int { if (foo()) { return 123; } // here: null is implicitly returned } } Loading history...
304			}
305			}
306

bakaphp / phalcon-api

Pull Request — master (#48)

api/controllers/UsersController.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like