QueryAccessCheck::access() - Code Metrics - Inspection of "Refactoring towards webonyx/graphql-php." - drupal-graphql/graphql - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — 8.x-3.x (#525)

by Philipp

created 2018-02-18 10:06 UTC

QueryAccessCheck::access() B

↳ Parent: QueryAccessCheck

Complexity

Conditions	4
Paths	4

Size

Total Lines	22
Code Lines	9

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	4
eloc	9
c	1
b	0
f	0
nc	4
nop	1
dl	0
loc	22
rs	8.9197

<?php

namespace Drupal\graphql\Access;

use Drupal\Core\Access\AccessResult;
use Drupal\Core\Routing\Access\AccessInterface;
use Drupal\Core\Session\AccountInterface;
use Symfony\Component\HttpFoundation\RequestStack;

class QueryAccessCheck implements AccessInterface {

  /**
   * The request stack.
   *
   * @var \Symfony\Component\HttpFoundation\RequestStack
   */
  protected $requestStack;

  /**
   * QueryAccessCheck constructor.
   *
   * @param \Symfony\Component\HttpFoundation\RequestStack $requestStack
   *   The request stack.
   */
  public function __construct(RequestStack $requestStack) {
    $this->requestStack = $requestStack;
  }

  /**
   * Checks access.
   *
   * @param \Drupal\Core\Session\AccountInterface $account
   *   The currently logged in account.
   *
   * @return \Drupal\Core\Access\AccessResultInterface
   *   The access result.
   */
  public function access(AccountInterface $account) {
    // If the user has the global permission to execute any query, let them.
    if ($account->hasPermission('execute graphql requests')) {
      return AccessResult::allowed();
    }

    $request = $this->requestStack->getCurrentRequest();
    /** @var \GraphQL\Server\OperationParams[] $operations */
    $operations = (array) $request->attributes->get('operations');

    foreach ($operations as $operation) {
      // If a query was provided by the user, this is an arbitrary query (it's
      // not a persisted query). Hence, we only grant access if the user has the
      // permission to execute any query.
      if ($operation->getOriginalInput('query')) {
        return AccessResult::allowedIfHasPermission($account, 'execute graphql requests');
      }
    }

    // If we reach this point, this is a persisted query.
    return AccessResult::allowedIfHasPermission($account, 'execute persisted graphql requests');
  }

}


1			<?php
2
3			namespace Drupal\graphql\Access;
4
5			use Drupal\Core\Access\AccessResult;
6			use Drupal\Core\Routing\Access\AccessInterface;
7			use Drupal\Core\Session\AccountInterface;
8			use Symfony\Component\HttpFoundation\RequestStack;
9
10			class QueryAccessCheck implements AccessInterface {
11
12			/**
13			* The request stack.
14			*
15			* @var \Symfony\Component\HttpFoundation\RequestStack
16			*/
17			protected $requestStack;
18
19			/**
20			* QueryAccessCheck constructor.
21			*
22			* @param \Symfony\Component\HttpFoundation\RequestStack $requestStack
23			* The request stack.
24			*/
25			public function __construct(RequestStack $requestStack) {
26			$this->requestStack = $requestStack;
27			}
28
29			/**
30			* Checks access.
31			*
32			* @param \Drupal\Core\Session\AccountInterface $account
33			* The currently logged in account.
34			*
35			* @return \Drupal\Core\Access\AccessResultInterface
36			* The access result.
37			*/
38			public function access(AccountInterface $account) {
39			// If the user has the global permission to execute any query, let them.
40			if ($account->hasPermission('execute graphql requests')) {
41			return AccessResult::allowed();
42			}
43
44			$request = $this->requestStack->getCurrentRequest();
45			/** @var \GraphQL\Server\OperationParams[] $operations */
46			$operations = (array) $request->attributes->get('operations');
47
48			foreach ($operations as $operation) {
49			// If a query was provided by the user, this is an arbitrary query (it's
50			// not a persisted query). Hence, we only grant access if the user has the
51			// permission to execute any query.
52			if ($operation->getOriginalInput('query')) {
53			return AccessResult::allowedIfHasPermission($account, 'execute graphql requests');
54			}
55			}
56
57			// If we reach this point, this is a persisted query.
58			return AccessResult::allowedIfHasPermission($account, 'execute persisted graphql requests');
59			}
60
61			}
62

drupal-graphql / graphql

Pull Request — 8.x-3.x (#525)

QueryAccessCheck::access() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like