crocodicstudio\crudbooster\controllers\DeveloperPluginStoreController

Complexity

Total Complexity

41

Size/Duplication

Total Lines	224
Duplicated Lines	0 %

Importance

Changes	2
Bugs	0	Features	0

8 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	3	1
A	postLoginAccount()	0	19	4
A	getIndex()	0	10	2
A	postRequestBuyPlugin()	0	22	3
C	getInstall()	0	70	12
A	getUninstall()	0	21	6
B	fetchPluginData()	0	41	8
A	recursiveCopy()	0	14	5

<?php
/**
 * Created by PhpStorm.
 * User: User
 * Date: 4/25/2019
 * Time: 9:28 PM
 */

namespace crocodicstudio\crudbooster\controllers;

use crocodicstudio\crudbooster\exceptions\CBValidationException;
use crocodicstudio\crudbooster\helpers\ComposerHelper;
use crocodicstudio\crudbooster\helpers\CurlHelper;
use crocodicstudio\crudbooster\helpers\ModuleGenerator;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;

class DeveloperPluginStoreController extends Controller
{

    private $view = "crudbooster::dev_layouts.modules.plugin";

    public function __construct()
    {
        view()->share(['page_title'=>'Plugin Store']);
    }


    public function getIndex() {

        if(request("refresh")) {
            $this->fetchPluginData(false );
            return cb()->redirectBack("Plugin list has been refreshed!","success");
        }

        $data = [];
        $data['result'] = $this->fetchPluginData();
        return view($this->view.'.index',$data);
    }

    public function postLoginAccount() {
        $curl = new CurlHelper("http://crudbooster.com/api/login_member");
        $curl->headers([
            "Access-Token"=>"bVc/ZnpYNSZrMVZYOHE5U2tqcSU=",
            "User-Agent"=>"CRUDBooster-Bot-Client"
        ]);
        $curl->data([
            "email"=>request("email"),
            "password"=>request("password")
        ]);
        $response = $curl->send();

        if($respArray = json_decode($response, true)) {
            if($respArray['status'] && isset($respArray['token'])) {
                session(['account_token'=>$respArray['token']]);
            }
            return response()->make($response,200,["Content-Type"=>"application/json"]);
        } else {
            return response()->json(['status'=>false,'message'=>'failed']);
        }
    }

    public function postRequestBuyPlugin() {
        $curl = new CurlHelper("http://crudbooster.com/api/request_buy_plugin");
        $curl->headers([
            "Access-Token"=>"bVc/ZnpYNSZrMVZYOHE5U2tqcSU=",
            "User-Agent"=>"CRUDBooster-Bot-Client"
        ]);
        $curl->data([
            "key"=>base64_encode(request("key")),

It seems like request('key') can also be of type array; however, parameter $data of base64_encode() does only seem to accept string, maybe add an additional type check?

            "token"=>base64_encode(request("token")),
            "ref"=>base64_encode(cb()->getDeveloperUrl("plugins"))
        ]);
        $response = $curl->send();

        if($respArray = json_decode($response, true)) {
            if($respArray['status']) {
                $form = base64_decode($respArray['payment']);
                return response()->json(['status'=>true,'form'=>$form]);
            } else {
                return response()->json($respArray);
            }
        } else {
            return response()->json(['status'=>false,'message'=>'failed','raw'=>$response]);
        }
    }

    public function getUninstall($key)
    {
        $pluginData = $this->fetchPluginData();

        if(isset($pluginData[$key])) {
            if(file_exists(app_path("CBPlugins/".$key))) {

                if(isset($pluginData['source']) && $pluginData['source'] == 'composer') {
                    if(isset($pluginData['package'])) {
                        ComposerHelper::composerRemove($pluginData['package']);
                    }
                }

                rrmdir(app_path("CBPlugins/".$key));

                return response()->json(['status'=>true, 'message'=>'Plugin has been uninstalled!']);
            }else{
                return response()->json(['status'=>false,'message'=>'Failed to uninstall, plugin is not found']);
            }
        }else {
            return response()->json(['status'=>false,'message'=>'Failed to uninstall, plugin key is not found']);
        }
    }

    private function recursiveCopy($src,$dst) {
        $dir = opendir($src);
        @mkdir($dst);

It seems like you do not handle an error condition for mkdir(). This can introduce security issues, and is generally not recommended.

        while(false !== ( $file = readdir($dir)) ) {

It seems like $dir can also be of type false; however, parameter $dir_handle of readdir() does only seem to accept resource, maybe add an additional type check?

            if (( $file != '.' ) && ( $file != '..' )) {
                if ( is_dir($src . '/' . $file) ) {
                    $this->recursiveCopy($src . '/' . $file,$dst . '/' . $file);
                }
                else {
                    copy($src . '/' . $file,$dst . '/' . $file);
                }
            }
        }
        closedir($dir);

It seems like $dir can also be of type false; however, parameter $dir_handle of closedir() does only seem to accept resource, maybe add an additional type check?

    }

    public function getInstall($key)
    {
        ini_set("memory_limit","192M");
        set_time_limit(500);

        $pluginData = $this->fetchPluginData();

        try {
            if(isset($pluginData[$key])) {
                $plugin = $pluginData[$key];

                if(isset($plugin['source']) && $plugin['source'] == "composer") {

                    if(isset($plugin['package']) && isset($plugin['service_provider'])) {
                        // Make a composer
                        $output = ComposerHelper::composerRequire($plugin['package'], $plugin['service_provider']);

                        return response()->json(['status'=>true,'message'=>$output]);
                    } else {
                        return response()->json(['status'=>true,'message'=>'Installation is failed, there is no package and or service provider']);
                    }

                } else {
                    // Create temp file of zip plugin
                    $temp = tmpfile();
                    fwrite($temp, file_get_contents($plugin['url_download']));

It seems like $temp can also be of type false; however, parameter $handle of fwrite() does only seem to accept resource, maybe add an additional type check?

                    $filename = stream_get_meta_data($temp)['uri'];

It seems like $temp can also be of type false; however, parameter $stream of stream_get_meta_data() does only seem to accept resource, maybe add an additional type check?

                    // Extract zip plugin
                    $zip = new \ZipArchive;
                    $res = $zip->open($filename);
                    if ($res === TRUE) {
                        $zip->extractTo(app_path('CBPlugins'));
                        $dirName = $zip->getNameIndex(0);
                        $zip->close();
                        fclose($temp);

It seems like $temp can also be of type false; however, parameter $handle of fclose() does only seem to accept resource, maybe add an additional type check?

                        // Rename
                        if(file_exists(app_path("CBPlugins/".$key))) rrmdir(app_path("CBPlugins/".$key));
                        rename(app_path("CBPlugins/".$dirName), app_path("CBPlugins/".$key));

                        // Read Plugin JSON
                        $pluginJson = json_decode(file_get_contents(app_path("CBPlugins/".$key."/plugin.json")), true);

                        // Check if has asset
                        if($pluginJson && $pluginJson['asset']) {
                            // Check destination folder is ready
                            if(file_exists(public_path("cb_asset/".$key))) {
                                rrmdir(public_path("cb_asset/".$key));
                            }

                            // Create directory empty
                            mkdir(public_path("cb_asset/".$key));

                            // Copy asset
                            $this->recursiveCopy(app_path("CBPlugins/".$key."/".$pluginJson['asset']), public_path("cb_asset/".$key));
                        }

                        return response()->json(['status'=>true,'message'=>'Install / update plugin has been succesfull!']);

                    } else {
                        return response()->json(['status'=>false,'message'=>"Failed to install/update, can't open the plugin archive"]);
                    }
                }

            }else{
                return response()->json(['status'=>false,'message'=>'Failed to install/update, plugin key is not found']);
            }
        } catch (\Exception $e) {
            return response()->json(['status'=>false,'message'=>'Something went wrong!']);
        }
    }

    private function fetchPluginData($cache = true)
    {
        if($cache === true && $data = Cache::get("plugin_store_data")) {
            return $data;
        }

        $result = [];

        try {
            $no_cache = ($cache)?0:1;
            $opts = [
                "http" => [
                    "method" => "GET",
                    "header" => "Access-Token: bVc/ZnpYNSZrMVZYOHE5U2tqcSU=\r\n".
                                "User-Agent: CRUDBooster-Bot-Client\r\n".
                                "No-Cache: ".$no_cache
                ]
            ];
            Log::debug("Headers: ".print_r($opts,true));
            $context = stream_context_create($opts);
            $data = file_get_contents(base64_decode("aHR0cDovL2NydWRib29zdGVyLmNvbS9hcGkvcGx1Z2luP2FjY2Vzc190b2tlbj1iVmMvWm5wWU5TWnJNVlpZT0hFNVUydHFjU1U9"), false, $context);
            Log::debug("Plugin API : ".$data);
            if($data) {
                $data = json_decode($data, true);
                if($data['status']==true) {

                    foreach($data['data'] as $item) {
                        $key = $item['key'];
                        $result[ $key ] = $item;
                    }

                    $result = collect($result)->sortBy("name")->all();

                    Cache::put("plugin_store_data", $result, now()->addDays(3));
                }
            }
        } catch (\Exception $e) {

Consider adding a comment why this CATCH block is empty.

        }

        return $result;
    }
}