TokenAuthentication::checkForRole() - Code Metrics - Inspection of "security fixes" - brainexe/core - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( fd6c7c...1f9fde )

by Matze

created 2016-06-24 19:05 UTC

TokenAuthentication::checkForRole() A

↳ Parent: TokenAuthentication

Complexity

Conditions	3
Paths	3

Size

Total Lines	9
Code Lines	5

Duplication

Lines	9
Ratio	100 %

Code Coverage

Tests	0
CRAP Score	12

Importance

Changes

Metric	Value
c	0
b	0
f	0
dl	9
loc	9
ccs	0
cts	6
cp	0
rs	9.6666
cc	3
eloc	5
nc	3
nop	2
crap	12

<?php

namespace BrainExe\Core\Middleware;

use BrainExe\Annotations\Annotations\Inject;
use BrainExe\Core\Annotations\Middleware;
use BrainExe\Core\Application\UserException;
use BrainExe\Core\Authentication\AnonymusUserVO;
use BrainExe\Core\Authentication\Exception\UserNotFoundException;
use BrainExe\Core\Authentication\LoadUser;
use BrainExe\Core\Authentication\Token;
use BrainExe\Core\Authentication\UserVO;
use BrainExe\Core\Translation\TranslationTrait;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Exception\MethodNotAllowedException;
use Symfony\Component\Routing\Route;

/**
 * @Middleware("Middleware.TokenAuthentication")
 */
class TokenAuthentication extends AbstractMiddleware
{
    use TranslationTrait;

    /**
     * @var LoadUser
     */
    private $loadUser;

    /**
     * @var Token
     */
    private $token;

    /**
     * @Inject({
     *  "@Core.Authentication.LoadUser",
     *  "@Core.Authentication.Token",
     * })
     * @param LoadUser $loadUser
     * @param Token $token
     */
    public function __construct(LoadUser $loadUser, Token $token)
    {
        $this->loadUser = $loadUser;
        $this->token    = $token;
    }

    /**
     * {@inheritdoc}
     */
    public function processRequest(Request $request, Route $route)
    {
        $token = $request->get('accessToken');

        if (empty($token)) {
            return null;
        }

        $userId = $this->token->hasUserForRole($token);
        if (empty($userId)) {
            return null;
        }

        $user = $this->loadUser($userId);

        $request->attributes->set('user', $user);
    }

    /**
     * @param Route $route
     * @param UserVO $user
     * @throws MethodNotAllowedException
     */
    protected function checkForRole(Route $route, UserVO $user)

    {
        if ($route->hasDefault('_role')) {
            $role = $route->getDefault('_role');
            if (!in_array($role, $user->roles)) {
                throw new MethodNotAllowedException([], sprintf('Need role %s', $role));
            }
        }
    }

    /**
     * @param int $userId
     * @return AnonymusUserVO|UserVO
     */
    private function loadUser(int $userId) : UserVO

    {
        if ($userId > 0) {
            try {
                return $this->loadUser->loadUserById($userId);
            } catch (UserNotFoundException $e) {
                return new AnonymusUserVO();
            }
        } else {
            return new AnonymusUserVO();
        }
    }

    /**
     * @param Request $request
     * @return RedirectResponse
     * @throws UserException
     */
    private function handleNotAuthenticatedRequest(Request $request)

    {
        if ($request->isXmlHttpRequest()) {
            throw new UserException($this->translate('Not logged in'));
        }

        return new RedirectResponse('#/login');
    }
}


1		<?php
2
3		namespace BrainExe\Core\Middleware;
4
5		use BrainExe\Annotations\Annotations\Inject;
6		use BrainExe\Core\Annotations\Middleware;
7		use BrainExe\Core\Application\UserException;
8		use BrainExe\Core\Authentication\AnonymusUserVO;
9		use BrainExe\Core\Authentication\Exception\UserNotFoundException;
10		use BrainExe\Core\Authentication\LoadUser;
11		use BrainExe\Core\Authentication\Token;
12		use BrainExe\Core\Authentication\UserVO;
13		use BrainExe\Core\Translation\TranslationTrait;
14		use Symfony\Component\HttpFoundation\RedirectResponse;
15		use Symfony\Component\HttpFoundation\Request;
16		use Symfony\Component\HttpFoundation\Response;
17		use Symfony\Component\Routing\Exception\MethodNotAllowedException;
18		use Symfony\Component\Routing\Route;
19
20		/**
21		* @Middleware("Middleware.TokenAuthentication")
22		*/
23		class TokenAuthentication extends AbstractMiddleware
24		{
25		use TranslationTrait;
26
27		/**
28		* @var LoadUser
29		*/
30		private $loadUser;
31
32		/**
33		* @var Token
34		*/
35		private $token;
36
37		/**
38		* @Inject({
39		* "@Core.Authentication.LoadUser",
40		* "@Core.Authentication.Token",
41		* })
42		* @param LoadUser $loadUser
43		* @param Token $token
44		*/
45		public function __construct(LoadUser $loadUser, Token $token)
46		{
47		$this->loadUser = $loadUser;
48		$this->token = $token;
49		}
50
51		/**
52		* {@inheritdoc}
53		*/
54		public function processRequest(Request $request, Route $route)
55		{
56		$token = $request->get('accessToken');
57
58		if (empty($token)) {
59		return null;
60		}
61
62		$userId = $this->token->hasUserForRole($token);
63		if (empty($userId)) {
64		return null;
65		}
66
67		$user = $this->loadUser($userId);
68
69		$request->attributes->set('user', $user);
70		}
71
72		/**
73		* @param Route $route
74		* @param UserVO $user
75		* @throws MethodNotAllowedException
76		*/
77	View Code Duplication	protected function checkForRole(Route $route, UserVO $user)
		0 ignored issues – show Duplication introduced 2016-06-24 19:14 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
78		{
79		if ($route->hasDefault('_role')) {
80		$role = $route->getDefault('_role');
81		if (!in_array($role, $user->roles)) {
82		throw new MethodNotAllowedException([], sprintf('Need role %s', $role));
83		}
84		}
85		}
86
87		/**
88		* @param int $userId
89		* @return AnonymusUserVO\|UserVO
90		*/
91	View Code Duplication	private function loadUser(int $userId) : UserVO
		0 ignored issues – show Duplication introduced 2016-06-24 19:14 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
92		{
93		if ($userId > 0) {
94		try {
95		return $this->loadUser->loadUserById($userId);
96		} catch (UserNotFoundException $e) {
97		return new AnonymusUserVO();
98		}
99		} else {
100		return new AnonymusUserVO();
101		}
102		}
103
104		/**
105		* @param Request $request
106		* @return RedirectResponse
107		* @throws UserException
108		*/
109		private function handleNotAuthenticatedRequest(Request $request)
		0 ignored issues – show Unused Code introduced 2016-06-24 19:14 UTC by Report Bug Copy Issue Report This method is not used, and could be removed. Loading history...
110		{
111		if ($request->isXmlHttpRequest()) {
112		throw new UserException($this->translate('Not logged in'));
113		}
114
115		return new RedirectResponse('#/login');
116		}
117		}
118

brainexe / core

Push — master ( fd6c7c...1f9fde )

TokenAuthentication::checkForRole() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like