Permissions - Code Metrics - Inspection of "Merge pull request #3492 from elkarte/patch_1-1-7" - elkarte/Elkarte - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( fcbd1b...c90017 )

by Spuds

created 2021-04-25 18:28 UTC

Permissions A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	270
Duplicated Lines	0 %

Test Coverage

Coverage

49.54%

Importance

Changes	1
Bugs	1	Features	0

Metric	Value
eloc	116
dl	0
loc	270
ccs	54
cts	109
cp	0.4954
rs	10
c	1
b	1
f	0
wmc	28

7 Methods

Rating	Name	Size	Complexity
A	deletePermissions()	14	2
D	updateChild()	122	19
A	loadIllegal()	14	3
A	loadIllegalGuest()	6	1
A	getIllegalPermissions()	3	1
A	getIllegalGuestPermissions()	3	1
A	__construct()	5	1

<?php

/**
 * Functions to support the permissions controller
 *
 * @name      ElkArte Forum
 * @copyright ElkArte Forum contributors
 * @license   BSD http://opensource.org/licenses/BSD-3-Clause
 *
 * @version 1.1.6
 */
class Permissions
{
	private $db;

	/**
	 * @var array
	 */
	protected $reserved_permissions = array(
		'admin_forum',
		'manage_membergroups',
		'manage_permissions',
	);

	/**
	 * @var string[]
	 */
	private $illegal_permissions = array();

	/**
	 * @var array
	 */
	protected $illegal_guest_permissions = array(
		'delete_replies',
		'karma_edit',
		'poll_add_own',
		'pm_read',
		'pm_send',
		'profile_identity',
		'profile_extra',
		'profile_title',
		'profile_remove',
		'profile_set_avatar',
		'profile_view_own',
		'mark_any_notify',
		'mark_notify',
		'admin_forum',
		'manage_boards',
		'manage_attachments',
		'manage_smileys',
		'edit_news',
		'access_mod_center',
		'moderate_forum',
		'issue_warning',
		'manage_membergroups',
		'manage_permissions',
		'manage_bans',
		'move_own',
		'modify_replies',
		'send_mail',
		'approve_posts',
		'postby_email',
		'approve_emails',
		'like_posts',
	);

	/**
	 * Load a few illegal permissions into the class and context.
	 *
	 * - Calls hook: integrate_load_illegal_permissions
	 * - Calls hook: integrate_load_illegal_guest_permissions
	 */
	public function __construct()
	{
		$this->db = database();
		$this->loadIllegal();
		$this->loadIllegalGuest();
	}

	/**
	 * Return the list of illegal permissions
	 *
	 * @return string[]
	 */
	public function getIllegalPermissions()
	{
		return $this->illegal_permissions;
	}

	/**
	 * Return the list of illegal guest permissions
	 *
	 * @return string[]
	 */
	public function getIllegalGuestPermissions()
	{
		return $this->illegal_guest_permissions;
	}

	/**
	 * Loads those reserved permissions into context.
	 */
	public function loadIllegal()
	{
		global $context;

		foreach ($this->reserved_permissions as $illegal_permission)
		{
			if (!allowedTo($illegal_permission))
			{
				$this->illegal_permissions[] = $illegal_permission;
			}
		}

		$context['illegal_permissions'] = &$this->illegal_permissions;
		call_integration_hook('integrate_load_illegal_permissions', array(&$this->illegal_permissions));
	}

	/**
	 * Loads those permissions guests cannot have, into context.
	 */
	public function loadIllegalGuest()
	{
		global $context;

		$context['non_guest_permissions'] = &$this->illegal_guest_permissions;
		call_integration_hook('integrate_load_illegal_guest_permissions', array(&$this->illegal_guest_permissions));
	}

	/**
	 * Deletes permissions.
	 *
	 * @param string[] $permissions
	 * @param string[] $where
	 * @param mixed[]  $where_parameters = array() or values used in the where statement
	 */
	public function deletePermissions($permissions, $where = array(), $where_parameters = array())
	{
		if (count($this->illegal_permissions) > 0)
		{
			$where[] = 'permission NOT IN ({array_string:illegal_permissions})';
			$where_parameters['illegal_permissions'] = $this->illegal_permissions;
		}
		$where[] = 'permission IN ({array_string:permissions})';
		$where_parameters['permissions'] = $permissions;

		$this->db->query('', '
			DELETE FROM {db_prefix}permissions
			WHERE ' . implode(' AND ', $where),
			$where_parameters
		);
	}

	/**
	 * This function updates the permissions of any groups based on the given groups.
	 *
	 * @param mixed[]|int $parents (array or int) group or groups whose children are to be updated
	 * @param int|null    $profile = null an int or null for the customized profile, if any
	 */
	public function updateChild($parents, $profile = null)
	{
		// All the parent groups to sort out.
		if (!is_array($parents))
		{
			$parents = array($parents);
		}

		// Find all the children of this group.
		$request = $this->db->query('', '
			SELECT id_parent, id_group
			FROM {db_prefix}membergroups
			WHERE id_parent != {int:not_inherited}
				' . (empty($parents) ? '' : 'AND id_parent IN ({array_int:parent_list})'),
			array(
				'parent_list' => $parents,
				'not_inherited' => -2,
			)
		);
		$children = array();
		$parents = array();
		$child_groups = array();
		while ($row = $this->db->fetch_assoc($request))
		{
			$children[$row['id_parent']][] = $row['id_group'];
			$child_groups[] = $row['id_group'];
			$parents[] = $row['id_parent'];
		}
		$this->db->free_result($request);

		$parents = array_unique($parents);

		// Not a sausage, or a child?
		if (empty($children))
		{
			return false;
		}

		// Need functions that modify permissions...
		require_once(SUBSDIR . '/ManagePermissions.subs.php');

		// First off, are we doing general permissions?
		if ($profile < 1 || $profile === null)
		{
			// Fetch all the parent permissions.
			$request = $this->db->query('', '
				SELECT id_group, permission, add_deny
				FROM {db_prefix}permissions
				WHERE id_group IN ({array_int:parent_list})',
				array(
					'parent_list' => $parents,
				)
			);
			$permissions = array();
			while ($row = $this->db->fetch_assoc($request))
			{
				foreach ($children[$row['id_group']] as $child)
				{
					$permissions[] = array(
						'id_group' => (int) $child,
						'permission' => $row['permission'],
						'add_deny' => $row['add_deny'],
					);
				}
			}
			$this->db->free_result($request);

			$this->db->query('', '
				DELETE FROM {db_prefix}permissions
				WHERE id_group IN ({array_int:child_groups})',
				array(
					'child_groups' => $child_groups,
				)
			);

			// Finally insert.
			if (!empty($permissions))
			{
				replacePermission($permissions);
			}
		}

		// Then, what about board profiles?
		if ($profile != -1)
		{
			$profileQuery = $profile === null ? '' : ' AND id_profile = {int:current_profile}';

			// Again, get all the parent permissions.
			$request = $this->db->query('', '
				SELECT id_profile, id_group, permission, add_deny
				FROM {db_prefix}board_permissions
				WHERE id_group IN ({array_int:parent_groups})
					' . $profileQuery,
				array(
					'parent_groups' => $parents,
					'current_profile' => $profile !== null && $profile ? $profile : 1,
				)
			);
			$permissions = array();
			while ($row = $this->db->fetch_assoc($request))
			{
				foreach ($children[$row['id_group']] as $child)
				{
					$permissions[] = array($row['permission'], $child, $row['add_deny'], $row['id_profile']);
				}
			}
			$this->db->free_result($request);

			$this->db->query('', '
				DELETE FROM {db_prefix}board_permissions
				WHERE id_group IN ({array_int:child_groups})
					' . $profileQuery,
				array(
					'child_groups' => $child_groups,
					'current_profile' => $profile !== null && $profile ? $profile : 1,
				)
			);

			// Do the insert.
			if (!empty($permissions))
			{
				replaceBoardPermission($permissions);
			}
		}
	}
}


1		<?php
2
3		/**
4		* Functions to support the permissions controller
5		*
6		* @name ElkArte Forum
7		* @copyright ElkArte Forum contributors
8		* @license BSD http://opensource.org/licenses/BSD-3-Clause
9		*
10		* @version 1.1.6
11		*/
12		class Permissions
13		{
14		private $db;
15
16		/**
17		* @var array
18		*/
19		protected $reserved_permissions = array(
20		'admin_forum',
21		'manage_membergroups',
22		'manage_permissions',
23		);
24
25		/**
26		* @var string[]
27		*/
28		private $illegal_permissions = array();
29
30		/**
31		* @var array
32		*/
33		protected $illegal_guest_permissions = array(
34		'delete_replies',
35		'karma_edit',
36		'poll_add_own',
37		'pm_read',
38		'pm_send',
39		'profile_identity',
40		'profile_extra',
41		'profile_title',
42		'profile_remove',
43		'profile_set_avatar',
44		'profile_view_own',
45		'mark_any_notify',
46		'mark_notify',
47		'admin_forum',
48		'manage_boards',
49		'manage_attachments',
50		'manage_smileys',
51		'edit_news',
52		'access_mod_center',
53		'moderate_forum',
54		'issue_warning',
55		'manage_membergroups',
56		'manage_permissions',
57		'manage_bans',
58		'move_own',
59		'modify_replies',
60		'send_mail',
61		'approve_posts',
62		'postby_email',
63		'approve_emails',
64		'like_posts',
65		);
66
67		/**
68		* Load a few illegal permissions into the class and context.
69		*
70		* - Calls hook: integrate_load_illegal_permissions
71		* - Calls hook: integrate_load_illegal_guest_permissions
72		*/
73	7	public function __construct()
74		{
75	7	$this->db = database();
76	7	$this->loadIllegal();
77	7	$this->loadIllegalGuest();
78	7	}
79
80		/**
81		* Return the list of illegal permissions
82		*
83		* @return string[]
84		*/
85	5	public function getIllegalPermissions()
86		{
87	5	return $this->illegal_permissions;
88		}
89
90		/**
91		* Return the list of illegal guest permissions
92		*
93		* @return string[]
94		*/
95	6	public function getIllegalGuestPermissions()
96		{
97	6	return $this->illegal_guest_permissions;
98		}
99
100		/**
101		* Loads those reserved permissions into context.
102		*/
103	7	public function loadIllegal()
104		{
105	7	global $context;
106
107	7	foreach ($this->reserved_permissions as $illegal_permission)
108		{
109	7	if (!allowedTo($illegal_permission))
110	7	{
111	7	$this->illegal_permissions[] = $illegal_permission;
112	7	}
113	7	}
114
115	7	$context['illegal_permissions'] = &$this->illegal_permissions;
116	7	call_integration_hook('integrate_load_illegal_permissions', array(&$this->illegal_permissions));
117	7	}
118
119		/**
120		* Loads those permissions guests cannot have, into context.
121		*/
122	7	public function loadIllegalGuest()
123		{
124	7	global $context;
125
126	7	$context['non_guest_permissions'] = &$this->illegal_guest_permissions;
127	7	call_integration_hook('integrate_load_illegal_guest_permissions', array(&$this->illegal_guest_permissions));
128	7	}
129
130		/**
131		* Deletes permissions.
132		*
133		* @param string[] $permissions
134		* @param string[] $where
135		* @param mixed[] $where_parameters = array() or values used in the where statement
136		*/
137	2	public function deletePermissions($permissions, $where = array(), $where_parameters = array())
138		{
139	2	if (count($this->illegal_permissions) > 0)
140	2	{
141	2	$where[] = 'permission NOT IN ({array_string:illegal_permissions})';
142	2	$where_parameters['illegal_permissions'] = $this->illegal_permissions;
143	2	}
144	2	$where[] = 'permission IN ({array_string:permissions})';
145	2	$where_parameters['permissions'] = $permissions;
146
147	2	$this->db->query('', '
148		DELETE FROM {db_prefix}permissions
149	2	WHERE ' . implode(' AND ', $where),
150		$where_parameters
151	2	);
152	2	}
153
154		/**
155		* This function updates the permissions of any groups based on the given groups.
156		*
157		* @param mixed[]\|int $parents (array or int) group or groups whose children are to be updated
158		* @param int\|null $profile = null an int or null for the customized profile, if any
159		*/
160	2	public function updateChild($parents, $profile = null)
161		{
162		// All the parent groups to sort out.
163	2	if (!is_array($parents))
164	2	{
165		$parents = array($parents);
166		}
167
168		// Find all the children of this group.
169	2	$request = $this->db->query('', '
170		SELECT id_parent, id_group
171		FROM {db_prefix}membergroups
172		WHERE id_parent != {int:not_inherited}
173	2	' . (empty($parents) ? '' : 'AND id_parent IN ({array_int:parent_list})'),
174		array(
175	2	'parent_list' => $parents,
176	2	'not_inherited' => -2,
177		)
178	2	);
179	2	$children = array();
180	2	$parents = array();
181	2	$child_groups = array();
182	2	while ($row = $this->db->fetch_assoc($request))
183		{
184		$children[$row['id_parent']][] = $row['id_group'];
185		$child_groups[] = $row['id_group'];
186		$parents[] = $row['id_parent'];
187		}
188	2	$this->db->free_result($request);
189
190	2	$parents = array_unique($parents);
191
192		// Not a sausage, or a child?
193	2	if (empty($children))
194	2	{
195	2	return false;
196		}
197
198		// Need functions that modify permissions...
199		require_once(SUBSDIR . '/ManagePermissions.subs.php');
200
201		// First off, are we doing general permissions?
202		if ($profile < 1 \|\| $profile === null)
203		{
204		// Fetch all the parent permissions.
205		$request = $this->db->query('', '
206		SELECT id_group, permission, add_deny
207		FROM {db_prefix}permissions
208		WHERE id_group IN ({array_int:parent_list})',
209		array(
210		'parent_list' => $parents,
211		)
212		);
213		$permissions = array();
214		while ($row = $this->db->fetch_assoc($request))
215		{
216		foreach ($children[$row['id_group']] as $child)
217		{
218		$permissions[] = array(
219		'id_group' => (int) $child,
220		'permission' => $row['permission'],
221		'add_deny' => $row['add_deny'],
222		);
223		}
224		}
225		$this->db->free_result($request);
226
227		$this->db->query('', '
228		DELETE FROM {db_prefix}permissions
229		WHERE id_group IN ({array_int:child_groups})',
230		array(
231		'child_groups' => $child_groups,
232		)
233		);
234
235		// Finally insert.
236		if (!empty($permissions))
237		{
238		replacePermission($permissions);
239		}
240		}
241
242		// Then, what about board profiles?
243		if ($profile != -1)
244		{
245		$profileQuery = $profile === null ? '' : ' AND id_profile = {int:current_profile}';
246
247		// Again, get all the parent permissions.
248		$request = $this->db->query('', '
249		SELECT id_profile, id_group, permission, add_deny
250		FROM {db_prefix}board_permissions
251		WHERE id_group IN ({array_int:parent_groups})
252		' . $profileQuery,
253		array(
254		'parent_groups' => $parents,
255		'current_profile' => $profile !== null && $profile ? $profile : 1,
256		)
257		);
258		$permissions = array();
259		while ($row = $this->db->fetch_assoc($request))
260		{
261		foreach ($children[$row['id_group']] as $child)
262		{
263		$permissions[] = array($row['permission'], $child, $row['add_deny'], $row['id_profile']);
264		}
265		}
266		$this->db->free_result($request);
267
268		$this->db->query('', '
269		DELETE FROM {db_prefix}board_permissions
270		WHERE id_group IN ({array_int:child_groups})
271		' . $profileQuery,
272		array(
273		'child_groups' => $child_groups,
274		'current_profile' => $profile !== null && $profile ? $profile : 1,
275		)
276		);
277
278		// Do the insert.
279		if (!empty($permissions))
280		{
281		replaceBoardPermission($permissions);
282		}
283		}
284		}
285		}
286

elkarte / Elkarte

Push — master ( fcbd1b...c90017 )

Permissions A

Complexity

Size/Duplication

Test Coverage

Importance

7 Methods

Duplication Side-by-Side

Filter issues like