Issues in CredentialProviderBase.php - New Issues - Inspection of "fix database migration" - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — newinternal ( b66232...216d62 )

by Simon

created 2020-05-09 21:44 UTC

CredentialProviders/CredentialProviderBase.php (1 issue)

Labels

Documentation 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/******************************************************************************
 * Wikipedia Account Creation Assistance tool                                 *
 *                                                                            *
 * All code in this file is released into the public domain by the ACC        *
 * Development Team. Please see team.json for a list of contributors.         *
 ******************************************************************************/

namespace Waca\Security\CredentialProviders;

use Waca\DataObjects\Credential;
use Waca\DataObjects\User;
use Waca\PdoDatabase;
use Waca\SiteConfiguration;

abstract class CredentialProviderBase implements ICredentialProvider
{
    /**
     * @var PdoDatabase
     */
    private $database;
    /**
     * @var SiteConfiguration
     */
    private $configuration;
    /** @var string */
    private $type;

    /**
     * CredentialProviderBase constructor.
     *
     * @param PdoDatabase       $database
     * @param SiteConfiguration $configuration
     * @param string            $type
     */
    public function __construct(PdoDatabase $database, SiteConfiguration $configuration, $type)
    {
        $this->database = $database;
        $this->configuration = $configuration;
        $this->type = $type;
    }

    /**
     * @param int  $userId
     *
     * @param bool $disabled
     *
     * @return Credential

     */
    protected function getCredentialData($userId, $disabled = false)
    {
        $sql = 'SELECT * FROM credential WHERE type = :t AND user = :u';
        $parameters = array(
            ':u' => $userId,
            ':t' => $this->type
        );

        if($disabled !== null) {
            $sql .= ' AND disabled = :d';
            $parameters[':d'] = $disabled ? 1 : 0;
        }

        $statement = $this->database->prepare($sql);
        $statement->execute($parameters);

        /** @var Credential $obj */
        $obj = $statement->fetchObject(Credential::class);

        if ($obj === false) {
            return null;
        }

        $obj->setDatabase($this->database);

        $statement->closeCursor();

        return $obj;
    }

    /**
     * @return PdoDatabase
     */
    public function getDatabase()
    {
        return $this->database;
    }

    /**
     * @return SiteConfiguration
     */
    public function getConfiguration()
    {
        return $this->configuration;
    }

    public function deleteCredential(User $user) {
        // get this factor
        $statement = $this->database->prepare('SELECT * FROM credential WHERE user = :user AND type = :type');
        $statement->execute(array(':user' => $user->getId(), ':type' => $this->type));
        /** @var Credential $credential */
        $credential = $statement->fetchObject(Credential::class);
        $credential->setDatabase($this->database);
        $statement->closeCursor();

        $stage = $credential->getFactor();

        $statement = $this->database->prepare('SELECT COUNT(*) FROM credential WHERE user = :user AND factor = :factor');
        $statement->execute(array(':user' => $user->getId(), ':factor' => $stage));
        $alternates = $statement->fetchColumn();
        $statement->closeCursor();

        if($alternates <= 1) {
            // decrement the factor for every stage above this
            $sql = 'UPDATE credential SET factor = factor - 1 WHERE user = :user AND factor > :factor';
            $statement = $this->database->prepare($sql);
            $statement->execute(array(':user' => $user->getId(), ':factor' => $stage));
        }
        else {
            // There are other auth factors at this point. Don't renumber the factors just yet.
        }

        // delete this credential.
        $credential->delete();
    }

    /**
     * @param User $user
     *
     * @return Credential
     */
    protected function createNewCredential(User $user)
    {
        $credential = new Credential();
        $credential->setDatabase($this->getDatabase());
        $credential->setUserId($user->getId());
        $credential->setType($this->type);

        return $credential;
    }

    /**
     * @param int $userId
     *
     * @return bool
     */
    public function userIsEnrolled($userId) {
        $cred = $this->getCredentialData($userId);

        return $cred !== null;
    }
}

1			<?php
2			/******************************************************************************
3			* Wikipedia Account Creation Assistance tool *
4			* *
5			* All code in this file is released into the public domain by the ACC *
6			* Development Team. Please see team.json for a list of contributors. *
7			******************************************************************************/
8
9			namespace Waca\Security\CredentialProviders;
10
11			use Waca\DataObjects\Credential;
12			use Waca\DataObjects\User;
13			use Waca\PdoDatabase;
14			use Waca\SiteConfiguration;
15
16			abstract class CredentialProviderBase implements ICredentialProvider
17			{
18			/**
19			* @var PdoDatabase
20			*/
21			private $database;
22			/**
23			* @var SiteConfiguration
24			*/
25			private $configuration;
26			/** @var string */
27			private $type;
28
29			/**
30			* CredentialProviderBase constructor.
31			*
32			* @param PdoDatabase $database
33			* @param SiteConfiguration $configuration
34			* @param string $type
35			*/
36			public function __construct(PdoDatabase $database, SiteConfiguration $configuration, $type)
37			{
38			$this->database = $database;
39			$this->configuration = $configuration;
40			$this->type = $type;
41			}
42
43			/**
44			* @param int $userId
45			*
46			* @param bool $disabled
47			*
48			* @return Credential
			0 ignored issues – show Documentation introduced 2020-05-01 17:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this Should the return type not be `Credential\|null`? This check compares the return type specified in the `@return` annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch. Loading history...
49			*/
50			protected function getCredentialData($userId, $disabled = false)
51			{
52			$sql = 'SELECT * FROM credential WHERE type = :t AND user = :u';
53			$parameters = array(
54			':u' => $userId,
55			':t' => $this->type
56			);
57
58			if($disabled !== null) {
59			$sql .= ' AND disabled = :d';
60			$parameters[':d'] = $disabled ? 1 : 0;
61			}
62
63			$statement = $this->database->prepare($sql);
64			$statement->execute($parameters);
65
66			/** @var Credential $obj */
67			$obj = $statement->fetchObject(Credential::class);
68
69			if ($obj === false) {
70			return null;
71			}
72
73			$obj->setDatabase($this->database);
74
75			$statement->closeCursor();
76
77			return $obj;
78			}
79
80			/**
81			* @return PdoDatabase
82			*/
83			public function getDatabase()
84			{
85			return $this->database;
86			}
87
88			/**
89			* @return SiteConfiguration
90			*/
91			public function getConfiguration()
92			{
93			return $this->configuration;
94			}
95
96			public function deleteCredential(User $user) {
97			// get this factor
98			$statement = $this->database->prepare('SELECT * FROM credential WHERE user = :user AND type = :type');
99			$statement->execute(array(':user' => $user->getId(), ':type' => $this->type));
100			/** @var Credential $credential */
101			$credential = $statement->fetchObject(Credential::class);
102			$credential->setDatabase($this->database);
103			$statement->closeCursor();
104
105			$stage = $credential->getFactor();
106
107			$statement = $this->database->prepare('SELECT COUNT(*) FROM credential WHERE user = :user AND factor = :factor');
108			$statement->execute(array(':user' => $user->getId(), ':factor' => $stage));
109			$alternates = $statement->fetchColumn();
110			$statement->closeCursor();
111
112			if($alternates <= 1) {
113			// decrement the factor for every stage above this
114			$sql = 'UPDATE credential SET factor = factor - 1 WHERE user = :user AND factor > :factor';
115			$statement = $this->database->prepare($sql);
116			$statement->execute(array(':user' => $user->getId(), ':factor' => $stage));
117			}
118			else {
119			// There are other auth factors at this point. Don't renumber the factors just yet.
120			}
121
122			// delete this credential.
123			$credential->delete();
124			}
125
126			/**
127			* @param User $user
128			*
129			* @return Credential
130			*/
131			protected function createNewCredential(User $user)
132			{
133			$credential = new Credential();
134			$credential->setDatabase($this->getDatabase());
135			$credential->setUserId($user->getId());
136			$credential->setType($this->type);
137
138			return $credential;
139			}
140
141			/**
142			* @param int $userId
143			*
144			* @return bool
145			*/
146			public function userIsEnrolled($userId) {
147			$cred = $this->getCredentialData($userId);
148
149			return $cred !== null;
150			}
151			}

enwikipedia-acc / waca

Push — newinternal ( b66232...216d62 )

CredentialProviders/CredentialProviderBase.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like