Conditions | 13 |
Paths | 42 |
Total Lines | 84 |
Code Lines | 32 |
Lines | 18 |
Ratio | 21.43 % |
Changes | 1 | ||
Bugs | 0 | Features | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
1 | <?php |
||
100 | public function resolvePermission( |
||
101 | $module, |
||
102 | $function, |
||
103 | Permission $permission, |
||
104 | ValueObject $object, |
||
105 | UserReference $userReference, |
||
106 | array $targets = [] |
||
107 | ) { |
||
108 | if (empty($targets)) { |
||
109 | $targets = null; |
||
110 | } |
||
111 | |||
112 | /** |
||
113 | * First deal with Role limitation if any. |
||
114 | * |
||
115 | * Here we accept ACCESS_GRANTED and ACCESS_ABSTAIN, the latter in cases where $object and $targets |
||
116 | * are not supported by limitation. |
||
117 | * |
||
118 | * @var \eZ\Publish\API\Repository\Values\User\Limitation[] |
||
119 | */ |
||
120 | if ($permission->limitation instanceof Limitation) { |
||
121 | $type = $this->limitationService->getLimitationType($permission->limitation->getIdentifier()); |
||
122 | $accessVote = $type->evaluate($permission->limitation, $userReference, $object, $targets); |
||
|
|||
123 | if ($accessVote === LimitationType::ACCESS_DENIED) { |
||
124 | return false; |
||
125 | } |
||
126 | } |
||
127 | |||
128 | /** |
||
129 | * Loop over all policies. |
||
130 | * |
||
131 | * These are already filtered by hasAccess and given hasAccess did not return boolean |
||
132 | * there must be some, so only return true if one of them says yes. |
||
133 | * |
||
134 | * @var \eZ\Publish\API\Repository\Values\User\Policy $policy |
||
135 | */ |
||
136 | foreach ($permission->policies as $policy) { |
||
137 | if (!($policy->module === $module || $policy->module === '*')) { |
||
138 | continue; |
||
139 | } |
||
140 | |||
141 | if (!($policy->function === $function || $policy->function === '*')) { |
||
142 | continue; |
||
143 | } |
||
144 | |||
145 | $limitations = $policy->getLimitations(); |
||
146 | |||
147 | /* |
||
148 | * Return true if policy gives full access (aka no limitations) |
||
149 | */ |
||
150 | if ($limitations === '*') { |
||
151 | return true; |
||
152 | } |
||
153 | |||
154 | /* |
||
155 | * Loop over limitations, all must return ACCESS_GRANTED for policy to pass. |
||
156 | * If limitations was empty array this means same as '*' |
||
157 | */ |
||
158 | $limitationsPass = true; |
||
159 | View Code Duplication | foreach ($limitations as $limitation) { |
|
160 | $type = $this->limitationService->getLimitationType($limitation->getIdentifier()); |
||
161 | $accessVote = $type->evaluate($limitation, $userReference, $object, $targets); |
||
162 | /* |
||
163 | * For policy limitation atm only support ACCESS_GRANTED |
||
164 | * |
||
165 | * Reasoning: Right now, use of a policy limitation not valid for a policy is per definition a |
||
166 | * BadState. To reach this you would have to configure the "policyMap" wrongly, like using |
||
167 | * Node (Location) limitation on state/assign. So in this case Role Limitations will return |
||
168 | * ACCESS_ABSTAIN (== no access here), and other limitations will throw InvalidArgument above, |
||
169 | * both cases forcing dev to investigate to find miss configuration. This might be relaxed in |
||
170 | * the future if valid use cases for ACCESS_ABSTAIN on policy limitations becomes known. |
||
171 | */ |
||
172 | if ($accessVote !== LimitationType::ACCESS_GRANTED) { |
||
173 | $limitationsPass = false; |
||
174 | break;// Break to next policy, all limitations must pass |
||
175 | } |
||
176 | } |
||
177 | if ($limitationsPass) { |
||
178 | return true; |
||
179 | } |
||
180 | } |
||
181 | |||
182 | return false; |
||
183 | } |
||
184 | |||
229 |
This check looks at variables that have been passed in as parameters and are passed out again to other methods.
If the outgoing method call has stricter type requirements than the method itself, an issue is raised.
An additional type check may prevent trouble.