Issues in Authorization.php (master) - Issues in master - eddy8/LightCMS - Measure and Improve Code Quality continuously with Scrutinizer

Issues (40)

app/Http/Middleware/Admin/Authorization.php (2 issues)

Labels

Severity

<?php

namespace App\Http\Middleware\Admin;

use App\Model\Admin\Menu;
use Closure;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Route;

class Authorization
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param   string
     * @return mixed
     */
    public function handle($request, Closure $next, $guard)
    {
        $user = Auth::guard($guard)->user();
        if (in_array($user->id, config('light.superAdmin'))) {

            return $next($request);
        }

        $route = Route::current();
        $routeName = $route->getName();
        $permission = Menu::where('route', $routeName)->where('route_params', '')->first();
        if ($permission && $user->can($permission->name)) {
            return $next($request);
        }

        $routeParams = $route->parameters();
        if (!empty($routeParams)) {
            foreach ($routeParams as $k => $v) {
                $val = "{$k}:{$v}";
                break;
            }

            $permission = Menu::where('route', $routeName)->where('route_params', $val)->first();

            if ($permission && $user->can($permission->name)) {
                return $next($request);
            }
        }

        if ($request->expectsJson()) {
            return response()->json(['code' => 401, 'msg' => "未授权操作（路由别名：{$routeName}）"], 401);
        }
        abort(401, "未授权操作（路由别名：{$routeName}）");
    }
}


1			<?php
2
3			namespace App\Http\Middleware\Admin;
4
5			use App\Model\Admin\Menu;
6			use Closure;
7			use Illuminate\Support\Facades\Auth;
8			use Illuminate\Support\Facades\Route;
9
10			class Authorization
11			{
12			/**
13			* Handle an incoming request.
14			*
15			* @param \Illuminate\Http\Request $request
16			* @param \Closure $next
17			* @param string
18			* @return mixed
19			*/
20			public function handle($request, Closure $next, $guard)
21			{
22			$user = Auth::guard($guard)->user();
23			if (in_array($user->id, config('light.superAdmin'))) {
			0 ignored issues – show Bug introduced 2020-05-27 07:13 UTC by Report Bug Copy Issue Report Show Similar Issues like this Accessing `id` on the interface `Illuminate\Contracts\Auth\Authenticatable` suggest that you code against a concrete implementation. How about adding an `instanceof` check? Loading history...
24			return $next($request);
25			}
26
27			$route = Route::current();
28			$routeName = $route->getName();
29			$permission = Menu::where('route', $routeName)->where('route_params', '')->first();
30			if ($permission && $user->can($permission->name)) {
31			return $next($request);
32			}
33
34			$routeParams = $route->parameters();
35			if (!empty($routeParams)) {
36			foreach ($routeParams as $k => $v) {
37			$val = "{$k}:{$v}";
38			break;
39			}
40
41			$permission = Menu::where('route', $routeName)->where('route_params', $val)->first();
			0 ignored issues – show Comprehensibility Best Practice introduced 2020-03-09 08:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$val` does not seem to be defined for all execution paths leading up to this point. Loading history...
42			if ($permission && $user->can($permission->name)) {
43			return $next($request);
44			}
45			}
46
47			if ($request->expectsJson()) {
48			return response()->json(['code' => 401, 'msg' => "未授权操作（路由别名：{$routeName}）"], 401);
49			}
50			abort(401, "未授权操作（路由别名：{$routeName}）");
51			}
52			}
53

eddy8 / LightCMS

Issues (40)

app/Http/Middleware/Admin/Authorization.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like