Issues in onlyofficeCallbackService.php (1.11.x) - Issues in 1.11.x - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2160)

onlyoffice/lib/onlyofficeCallbackService.php (6 issues)

Labels

Severity

Minor 6

<?php
/**
 * (c) Copyright Ascensio System SIA 2025.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
use Onlyoffice\DocsIntegrationSdk\Service\Callback\CallbackService;

class OnlyofficeCallbackService extends CallbackService
{
    private $docData;

    public function __construct($settingsManager, $jwtManager, $docData = [])
    {
        parent::__construct($settingsManager, $jwtManager);
        $this->docData = $docData;
        $this->trackResult = 1;
    }

    public function processTrackerStatusEditing($callback, string $fileid)
    {
        return $this->processTrackerStatusEditingAndClosed($callback, $fileid);
    }

    public function processTrackerStatusMustsave($callback, string $fileid)
    {
        return $this->processTrackerStatusMustsaveAndCorrupted($callback, $fileid);
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
    }

    public function processTrackerStatusCorrupted($callback, string $fileid)
    {
        return $this->processTrackerStatusMustsaveAndCorrupted($callback, $fileid);
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
    }

    public function processTrackerStatusClosed($callback, string $fileid)
    {
        return $this->processTrackerStatusEditingAndClosed($callback, $fileid);
    }

    public function processTrackerStatusForcesave($callback, string $fileid)
    {
        $result['error'] = $this->trackResult;


        return $result;
    }

    public function processTrackerStatusMustsaveAndCorrupted($callback, string $fileid)
    {
        $downloadUri = $callback->getUrl();
        $this->settingsManager->replaceDocumentServerUrlToInternal($downloadUri);
        try {
            if (!empty($this->docData['docId']) && !empty($this->docData['courseCode'])) {
                $docInfo = DocumentManager::get_document_data_by_id($fileid, $this->docData['courseCode'], false, $this->docData['sessionId']);
                if (false === $docInfo) {
                    $result['error'] = 'File not found';


                    return $result;
                }
                $filePath = $docInfo['absolute_path'];
            } else {
                $result['error'] = 'Bad Request';

                return $result;
            }
            list($isAllowToEdit, $isMyDir, $isGroupAccess, $isReadonly) = $this->getPermissionsByDocInfo($docInfo);

            if ($isReadonly) {
                $result['error'] = $this->trackResult;

                return $result;
            }
            if (($new_data = file_get_contents($downloadUri)) === false) {
                $result['error'] = $this->trackResult;

                return $result;
            }

            if ($isAllowToEdit || $isMyDir || $isGroupAccess) {
                $groupInfo = GroupManager::get_group_properties($this->docData['groupId']);

                if ($fp = @fopen($filePath, 'w')) {
                    fputs($fp, $new_data);
                    fclose($fp);
                    api_item_property_update($this->docData['courseInfo'],
                        TOOL_DOCUMENT,
                        $fileid,
                        'DocumentUpdated',
                        $this->docData['userId'],
                        $groupInfo,
                        null,
                        null,
                        null,
                        $this->docData['sessionId']);
                    update_existing_document($this->docData['courseInfo'],
                        $fileid,
                        filesize($filePath),
                        false);
                    $this->trackResult = 0;
                    $result['error'] = $this->trackResult;

                    return $result;
                }
            }
        } catch (UnexpectedValueException $e) {
            $result['error'] = 'Bad Request';

            return $result;
        }
    }

    public function processTrackerStatusEditingAndClosed($callback, string $fileid)
    {
        $this->trackResult = 0;
        $result['error'] = $this->trackResult;


        return $result;
    }

    /**
     * Method checks access rights to document and returns permissions.
     */
    public function getPermissionsByDocInfo(array $docInfo)
    {
        $isAllowToEdit = api_is_allowed_to_edit(true, true);
        $isMyDir = DocumentManager::is_my_shared_folder($this->docData['userId'], $docInfo['absolute_parent_path'], $this->docData['sessionId']);

        $isGroupAccess = false;
        if (!empty($groupId)) {

            $courseInfo = api_get_course_info($this->docData['courseCode']);
            Session::write('_real_cid', $courseInfo['real_id']);
            $groupProperties = GroupManager::get_group_properties($this->docData['groupId']);
            $docInfoGroup = api_get_item_property_info($courseInfo['real_id'], 'document', $docInfo['id'], $this->docData['sessionId']);
            $isGroupAccess = GroupManager::allowUploadEditDocument($this->docData['userId'], $this->docData['courseCode'], $groupProperties, $docInfoGroup);
        }

        $isReadonly = $docInfo['readonly'];

        return [$isAllowToEdit, $isMyDir, $isGroupAccess, $isReadonly];
    }
}


1			<?php
2			/**
3			* (c) Copyright Ascensio System SIA 2025.
4			*
5			* Licensed under the Apache License, Version 2.0 (the "License");
6			* you may not use this file except in compliance with the License.
7			* You may obtain a copy of the License at
8			*
9			* http://www.apache.org/licenses/LICENSE-2.0
10			*
11			* Unless required by applicable law or agreed to in writing, software
12			* distributed under the License is distributed on an "AS IS" BASIS,
13			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14			* See the License for the specific language governing permissions and
15			* limitations under the License.
16			*/
17			use Onlyoffice\DocsIntegrationSdk\Service\Callback\CallbackService;
18
19			class OnlyofficeCallbackService extends CallbackService
20			{
21			private $docData;
22
23			public function __construct($settingsManager, $jwtManager, $docData = [])
24			{
25			parent::__construct($settingsManager, $jwtManager);
26			$this->docData = $docData;
27			$this->trackResult = 1;
28			}
29
30			public function processTrackerStatusEditing($callback, string $fileid)
31			{
32			return $this->processTrackerStatusEditingAndClosed($callback, $fileid);
33			}
34
35			public function processTrackerStatusMustsave($callback, string $fileid)
36			{
37			return $this->processTrackerStatusMustsaveAndCorrupted($callback, $fileid);
			0 ignored issues – show Bug introduced 2024-10-18 13:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this Are you sure the usage of `$this->processTrackerSta...ted($callback, $fileid)` targeting `OnlyofficeCallbackServic...sMustsaveAndCorrupted()` seems to always return null. This check looks for function or method calls that always return null and whose return value is used. class A { function getObject() { return null; } } $a = new A(); if ($a->getObject()) { The method `getObject()` can return nothing but null, so it makes no sense to use the return value. The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. Loading history...
38			}
39
40			public function processTrackerStatusCorrupted($callback, string $fileid)
41			{
42			return $this->processTrackerStatusMustsaveAndCorrupted($callback, $fileid);
			0 ignored issues – show Bug introduced 2024-10-18 13:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this Are you sure the usage of `$this->processTrackerSta...ted($callback, $fileid)` targeting `OnlyofficeCallbackServic...sMustsaveAndCorrupted()` seems to always return null. This check looks for function or method calls that always return null and whose return value is used. class A { function getObject() { return null; } } $a = new A(); if ($a->getObject()) { The method `getObject()` can return nothing but null, so it makes no sense to use the return value. The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. Loading history...
43			}
44
45			public function processTrackerStatusClosed($callback, string $fileid)
46			{
47			return $this->processTrackerStatusEditingAndClosed($callback, $fileid);
48			}
49
50			public function processTrackerStatusForcesave($callback, string $fileid)
51			{
52			$result['error'] = $this->trackResult;
			0 ignored issues – show Comprehensibility Best Practice introduced 2024-10-18 13:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$result` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$result = array();` before regardless. Loading history...
53
54			return $result;
55			}
56
57			public function processTrackerStatusMustsaveAndCorrupted($callback, string $fileid)
58			{
59			$downloadUri = $callback->getUrl();
60			$this->settingsManager->replaceDocumentServerUrlToInternal($downloadUri);
61			try {
62			if (!empty($this->docData['docId']) && !empty($this->docData['courseCode'])) {
63			$docInfo = DocumentManager::get_document_data_by_id($fileid, $this->docData['courseCode'], false, $this->docData['sessionId']);
64			if (false === $docInfo) {
65			$result['error'] = 'File not found';
			0 ignored issues – show Comprehensibility Best Practice introduced 2024-10-18 13:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$result` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$result = array();` before regardless. Loading history...
66
67			return $result;
68			}
69			$filePath = $docInfo['absolute_path'];
70			} else {
71			$result['error'] = 'Bad Request';
72
73			return $result;
74			}
75			list($isAllowToEdit, $isMyDir, $isGroupAccess, $isReadonly) = $this->getPermissionsByDocInfo($docInfo);
76
77			if ($isReadonly) {
78			$result['error'] = $this->trackResult;
79
80			return $result;
81			}
82			if (($new_data = file_get_contents($downloadUri)) === false) {
83			$result['error'] = $this->trackResult;
84
85			return $result;
86			}
87
88			if ($isAllowToEdit \|\| $isMyDir \|\| $isGroupAccess) {
89			$groupInfo = GroupManager::get_group_properties($this->docData['groupId']);
90
91			if ($fp = @fopen($filePath, 'w')) {
92			fputs($fp, $new_data);
93			fclose($fp);
94			api_item_property_update($this->docData['courseInfo'],
95			TOOL_DOCUMENT,
96			$fileid,
97			'DocumentUpdated',
98			$this->docData['userId'],
99			$groupInfo,
100			null,
101			null,
102			null,
103			$this->docData['sessionId']);
104			update_existing_document($this->docData['courseInfo'],
105			$fileid,
106			filesize($filePath),
107			false);
108			$this->trackResult = 0;
109			$result['error'] = $this->trackResult;
110
111			return $result;
112			}
113			}
114			} catch (UnexpectedValueException $e) {
115			$result['error'] = 'Bad Request';
116
117			return $result;
118			}
119			}
120
121			public function processTrackerStatusEditingAndClosed($callback, string $fileid)
122			{
123			$this->trackResult = 0;
124			$result['error'] = $this->trackResult;
			0 ignored issues – show Comprehensibility Best Practice introduced 2024-10-18 13:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$result` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$result = array();` before regardless. Loading history...
125
126			return $result;
127			}
128
129			/**
130			* Method checks access rights to document and returns permissions.
131			*/
132			public function getPermissionsByDocInfo(array $docInfo)
133			{
134			$isAllowToEdit = api_is_allowed_to_edit(true, true);
135			$isMyDir = DocumentManager::is_my_shared_folder($this->docData['userId'], $docInfo['absolute_parent_path'], $this->docData['sessionId']);
136
137			$isGroupAccess = false;
138			if (!empty($groupId)) {
			0 ignored issues – show Comprehensibility Best Practice introduced 2024-10-18 13:07 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$groupId` seems to never exist and therefore `empty` should always be `true`. Loading history...
139			$courseInfo = api_get_course_info($this->docData['courseCode']);
140			Session::write('_real_cid', $courseInfo['real_id']);
141			$groupProperties = GroupManager::get_group_properties($this->docData['groupId']);
142			$docInfoGroup = api_get_item_property_info($courseInfo['real_id'], 'document', $docInfo['id'], $this->docData['sessionId']);
143			$isGroupAccess = GroupManager::allowUploadEditDocument($this->docData['userId'], $this->docData['courseCode'], $groupProperties, $docInfoGroup);
144			}
145
146			$isReadonly = $docInfo['readonly'];
147
148			return [$isAllowToEdit, $isMyDir, $isGroupAccess, $isReadonly];
149			}
150			}
151

chamilo / chamilo-lms

Issues (2160)

onlyoffice/lib/onlyofficeCallbackService.php (6 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like