AclAction::run() - Code Metrics - Inspection of "Adding ACLAction to support access control lists v..." - charlesportwoodii/yii2-api-rest-components - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 1f4231...1ce40e )

by Charles

created 2017-12-15 23:10 UTC

AclAction::run() C

↳ Parent: AclAction

Complexity

Conditions	7
Paths	4

Size

Total Lines	23
Code Lines	11

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	23
rs	6.7272
c	0
b	0
f	0
cc	7
eloc	11
nc	4
nop	1

<?php

namespace yrc\rest;

use yrc\rest\Action;
use Yii;

use yii\web\ForbiddenHttpException;
use yii\web\UnauthorizedHttpException;
use yii\web\HttpException;

abstract class AclAction extends Action
{
    /**
     * Access Control List
     * @var array $acl
     */
    public $acl = [];

    /**
     * Action runner
     *
     * @param array $args
     * @return mixed
     * @throws HttpException
     */
    public function run(array $args = [])
    {
        $method = strtolower(Yii::$app->request->method);
        
        // If the requested HTTP method exists AND an ACL is defined for it, apply ACL rules
        if (isset($this->acl[$method]) && method_exists(get_called_class(), $method)) {
            foreach ($this->acl[$method] as $role) {
                // @ is a special symbol meaning a user must be authenticated
                if ($role === '@') {
                    if (Yii::$app->user->isGuest) {
                        throw new UnauthorizedHttpException;
                    }
                } else {
                    // All other items are considered to be a role or permissions within RBAC
                    if (!Yii::$app->user->can($role)) {
                        throw new ForbiddenHttpException;
                    }
                }
            }
        }

        return parent::run($args);
    }
}

1			<?php
2
3			namespace yrc\rest;
4
5			use yrc\rest\Action;
6			use Yii;
7
8			use yii\web\ForbiddenHttpException;
9			use yii\web\UnauthorizedHttpException;
10			use yii\web\HttpException;
11
12			abstract class AclAction extends Action
13			{
14			/**
15			* Access Control List
16			* @var array $acl
17			*/
18			public $acl = [];
19
20			/**
21			* Action runner
22			*
23			* @param array $args
24			* @return mixed
25			* @throws HttpException
26			*/
27			public function run(array $args = [])
28			{
29			$method = strtolower(Yii::$app->request->method);
30
31			// If the requested HTTP method exists AND an ACL is defined for it, apply ACL rules
32			if (isset($this->acl[$method]) && method_exists(get_called_class(), $method)) {
33			foreach ($this->acl[$method] as $role) {
34			// @ is a special symbol meaning a user must be authenticated
35			if ($role === '@') {
36			if (Yii::$app->user->isGuest) {
37			throw new UnauthorizedHttpException;
38			}
39			} else {
40			// All other items are considered to be a role or permissions within RBAC
41			if (!Yii::$app->user->can($role)) {
42			throw new ForbiddenHttpException;
43			}
44			}
45			}
46			}
47
48			return parent::run($args);
49			}
50			}

charlesportwoodii / yii2-api-rest-components

Push — master ( 1f4231...1ce40e )

AclAction::run() C

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like