UserModel::cannotDeleteAdmin() - Code Metrics - Inspection of "back to ValidationService" - jidaikobo-shibata/kontiki-framework - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — main ( 4cfd43...9ceccf )

by Nobufumi

created 2025-03-18 14:00 UTC

UserModel::cannotDeleteAdmin() A

↳ Parent: UserModel

Complexity

Conditions	3
Paths	3

Size

Total Lines	19
Code Lines	11

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
eloc	11
c	0
b	0
f	0
nc	3
nop	1
dl	0
loc	19
rs	9.9

<?php

namespace Jidaikobo\Kontiki\Models;

class UserModel extends BaseModel
{
    use Traits\CRUDTrait;
    use Traits\MetaDataTrait;

    use Traits\IndexTrait;

    protected string $table = 'users';

    protected function defineFieldDefinitions(): void
    {
        // add dynamic rules at $this->processFieldDefinitions()
        $this->fieldDefinitions = [
            'id' => $this->getIdField(),

            'username' => $this->getField(
                __('username'),
                [
                    'rules' => [
                        'required',
                        ['lengthMin', 3]
                    ],
                    'display_in_list' => true
                ]
            ),

            'password' => $this->getField(
                __('password'),
                [
                    'type' => 'password',
                    'rules' => [
                        'required',
                        ['lengthMin', 8]
                    ],
                    'filter' => FILTER_UNSAFE_RAW,
                ]
            ),

            'role' => $this->getField(
                __('role'),
                [
                    'type' => 'select',
                    'options' => [
                        'editor' => __('editor'),
                        'admin' => __('admin'),
                    ],
                    'rules' => [
                        'required',
                    ],
                    'attributes' => [
                        'class' => 'form-control form-select'
                    ],
                    'display_in_list' => true
                ]
            ),

            'created_at' => $this->getReadOnlyField(
                __('created_at', 'Created'),
                [
                    'display_in_list' => true
                ]
            ),
        ];
    }

    protected function processFieldDefinitions(
        string $context = '',
        array $data = [],
        int $id = null
    ): void {
        // add rule
        $this->fieldDefinitions['username']['rules'][] = [
            'unique',
            $this->table,
            'username',
            $id
        ];

        if ($context == 'create') {
            return;
        }

        // Exclude `required` from password's rules
        // No password specified means no change
        $this->fieldDefinitions['password']['rules'] = array_filter(
            $this->fieldDefinitions['password']['rules'],
            fn($rule) => $rule !== 'required'
        );

        $this->fieldDefinitions['password']['description'] = __('users_edit_message');

        // disable form elements
        if (in_array($context, ['trash', 'restore', 'delete'])) {
            $this->disableFormFieldsForContext();
        }
    }

    public function validate(array $data, array $context): array
    {
        $result = parent::validate($data, $context);
        $adminCheck = $this->atLeastOneAdmin($data, $context);
        $deleteCheck = $this->cannotDeleteAdmin($context);

        return [
            'valid' => $result['valid'] && $adminCheck['valid'] && $deleteCheck['valid'],
            'errors' => array_merge_recursive(
                $result['errors'],
                $adminCheck['errors'],
                $deleteCheck['errors']
            )
        ];
    }

    private function atLeastOneAdmin(array $data, array $context): array
    {
        $result = [
            'valid' => true,
            'errors' => []
        ];

        $id = $context['id'] ?? 0;
        if (!$id || !isset($data['role'])) {
            return $result;
        }

        // Retrieve the target user's data from the database
        $targetUser = $this->getById($id);

        // If the user is an "admin" and is attempting to change their role
        if ($targetUser && $targetUser['role'] === 'admin' && $data['role'] !== 'admin') {
            // Count the number of other admins in the system
            $adminCount = $this->db->table($this->table)
                ->where('role', 'admin')
                ->where('id', '!=', $targetUser['id']) // Exclude the current user
                ->count();

            // If no other admins remain, return a validation error
            if ($adminCount === 0) {
                $result['valid'] = false;
                $result['errors']['role']['messages'] = [__('at_least_one_admin')];
            }
        }

        return $result;
    }

    private function cannotDeleteAdmin(array $context): array
    {
        $result = [
            'valid' => true,
            'errors' => []
        ];

        if (($context['context'] ?? '') !== 'delete') {
            return $result;
        }

        $id = $context['id'] ?? 0;
        $targetUser = $this->getById($id);

        if ($targetUser['role'] !== 'admin') return $result;
        $result['valid'] = false;
        $result['errors']['role']['messages'] = [__('cannot_delete_admin')];

        return $result;
    }

    private function hashPassword(string $password): string
    {
        return password_hash($password, PASSWORD_BCRYPT);

    }

    protected function processDataForForm(string $actionType, array $data): array
    {
        if ($actionType == 'edit') {
            $data['password'] = '';
        }
        return $data;
    }

    protected function afterProcessDataBeforeSave(string $context, array $data): array
    {
        if ($context == 'create') {
            $data['password'] = $this->hashPassword($data['password']);
        }

        if ($context == 'update') {
            // Branching password processing
            if (isset($data['password'])) {
                if (trim($data['password']) === '') {
                    unset($data['password']);
                } else {
                    $data['password'] = $this->hashPassword($data['password']);
                }
            }
        }
        return $data;
    }
}


1			<?php
2
3			namespace Jidaikobo\Kontiki\Models;
4
5			class UserModel extends BaseModel
6			{
7			use Traits\CRUDTrait;
8			use Traits\MetaDataTrait;
			0 ignored issues – show introduced 2025-03-09 11:13 UTC by Report Bug Copy Issue Report The trait `Jidaikobo\Kontiki\Models\Traits\MetaDataTrait` requires some properties which are not provided by `Jidaikobo\Kontiki\Models\UserModel`: `$meta_key`, `$meta_value` Loading history...
9			use Traits\IndexTrait;
10
11			protected string $table = 'users';
12
13			protected function defineFieldDefinitions(): void
14			{
15			// add dynamic rules at $this->processFieldDefinitions()
16			$this->fieldDefinitions = [
17			'id' => $this->getIdField(),
18
19			'username' => $this->getField(
20			__('username'),
21			[
22			'rules' => [
23			'required',
24			['lengthMin', 3]
25			],
26			'display_in_list' => true
27			]
28			),
29
30			'password' => $this->getField(
31			__('password'),
32			[
33			'type' => 'password',
34			'rules' => [
35			'required',
36			['lengthMin', 8]
37			],
38			'filter' => FILTER_UNSAFE_RAW,
39			]
40			),
41
42			'role' => $this->getField(
43			__('role'),
44			[
45			'type' => 'select',
46			'options' => [
47			'editor' => __('editor'),
48			'admin' => __('admin'),
49			],
50			'rules' => [
51			'required',
52			],
53			'attributes' => [
54			'class' => 'form-control form-select'
55			],
56			'display_in_list' => true
57			]
58			),
59
60			'created_at' => $this->getReadOnlyField(
61			__('created_at', 'Created'),
62			[
63			'display_in_list' => true
64			]
65			),
66			];
67			}
68
69			protected function processFieldDefinitions(
70			string $context = '',
71			array $data = [],
72			int $id = null
73			): void {
74			// add rule
75			$this->fieldDefinitions['username']['rules'][] = [
76			'unique',
77			$this->table,
78			'username',
79			$id
80			];
81
82			if ($context == 'create') {
83			return;
84			}
85
86			// Exclude `required` from password's rules
87			// No password specified means no change
88			$this->fieldDefinitions['password']['rules'] = array_filter(
89			$this->fieldDefinitions['password']['rules'],
90			fn($rule) => $rule !== 'required'
91			);
92
93			$this->fieldDefinitions['password']['description'] = __('users_edit_message');
94
95			// disable form elements
96			if (in_array($context, ['trash', 'restore', 'delete'])) {
97			$this->disableFormFieldsForContext();
98			}
99			}
100
101			public function validate(array $data, array $context): array
102			{
103			$result = parent::validate($data, $context);
104			$adminCheck = $this->atLeastOneAdmin($data, $context);
105			$deleteCheck = $this->cannotDeleteAdmin($context);
106
107			return [
108			'valid' => $result['valid'] && $adminCheck['valid'] && $deleteCheck['valid'],
109			'errors' => array_merge_recursive(
110			$result['errors'],
111			$adminCheck['errors'],
112			$deleteCheck['errors']
113			)
114			];
115			}
116
117			private function atLeastOneAdmin(array $data, array $context): array
118			{
119			$result = [
120			'valid' => true,
121			'errors' => []
122			];
123
124			$id = $context['id'] ?? 0;
125			if (!$id \|\| !isset($data['role'])) {
126			return $result;
127			}
128
129			// Retrieve the target user's data from the database
130			$targetUser = $this->getById($id);
131
132			// If the user is an "admin" and is attempting to change their role
133			if ($targetUser && $targetUser['role'] === 'admin' && $data['role'] !== 'admin') {
134			// Count the number of other admins in the system
135			$adminCount = $this->db->table($this->table)
136			->where('role', 'admin')
137			->where('id', '!=', $targetUser['id']) // Exclude the current user
138			->count();
139
140			// If no other admins remain, return a validation error
141			if ($adminCount === 0) {
142			$result['valid'] = false;
143			$result['errors']['role']['messages'] = [__('at_least_one_admin')];
144			}
145			}
146
147			return $result;
148			}
149
150			private function cannotDeleteAdmin(array $context): array
151			{
152			$result = [
153			'valid' => true,
154			'errors' => []
155			];
156
157			if (($context['context'] ?? '') !== 'delete') {
158			return $result;
159			}
160
161			$id = $context['id'] ?? 0;
162			$targetUser = $this->getById($id);
163
164			if ($targetUser['role'] !== 'admin') return $result;
165			$result['valid'] = false;
166			$result['errors']['role']['messages'] = [__('cannot_delete_admin')];
167
168			return $result;
169			}
170
171			private function hashPassword(string $password): string
172			{
173			return password_hash($password, PASSWORD_BCRYPT);
			0 ignored issues – show Bug Best Practice introduced 2025-03-14 11:45 UTC by Report Bug Copy Issue Report The expression `return password_hash($pa...Models\PASSWORD_BCRYPT)` could return the type `null` which is incompatible with the type-hinted return `string`. Consider adding an additional type-check to rule them out. Loading history...
174			}
175
176			protected function processDataForForm(string $actionType, array $data): array
177			{
178			if ($actionType == 'edit') {
179			$data['password'] = '';
180			}
181			return $data;
182			}
183
184			protected function afterProcessDataBeforeSave(string $context, array $data): array
185			{
186			if ($context == 'create') {
187			$data['password'] = $this->hashPassword($data['password']);
188			}
189
190			if ($context == 'update') {
191			// Branching password processing
192			if (isset($data['password'])) {
193			if (trim($data['password']) === '') {
194			unset($data['password']);
195			} else {
196			$data['password'] = $this->hashPassword($data['password']);
197			}
198			}
199			}
200			return $data;
201			}
202			}
203

jidaikobo-shibata / kontiki-framework

Push — main ( 4cfd43...9ceccf )

UserModel::cannotDeleteAdmin() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like