These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php /** MicroDbACL */ |
||
2 | |||
3 | namespace Micro\auth; |
||
4 | |||
5 | use Micro\mvc\models\Query; |
||
6 | |||
7 | /** |
||
8 | * Database ACL class file. |
||
9 | * |
||
10 | * ACL security logic with DB |
||
11 | * |
||
12 | * @author Oleg Lunegov <[email protected]> |
||
13 | * @link https://github.com/lugnsk/micro |
||
14 | * @copyright Copyright © 2013 Oleg Lunegov |
||
15 | * @license /LICENSE |
||
16 | * @package micro |
||
17 | * @subpackage auth |
||
18 | * @version 1.0 |
||
19 | * @since 1.0 |
||
20 | */ |
||
21 | class DbAcl extends Acl |
||
22 | { |
||
23 | /** |
||
24 | * Constructor DB acl |
||
25 | * |
||
26 | * @access public |
||
27 | * |
||
28 | * @param array $params config array |
||
29 | * |
||
30 | * @result void |
||
31 | */ |
||
32 | public function __construct(array $params = []) |
||
33 | { |
||
34 | parent::__construct($params); |
||
35 | |||
36 | $tables = $this->container->db->listTables(); |
||
0 ignored issues
–
show
|
|||
37 | View Code Duplication | if (empty($tables['acl_role'])) { |
|
38 | $this->container->db->createTable('acl_role', [ |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
39 | '`id` int(10) unsigned NOT NULL AUTO_INCREMENT', |
||
40 | '`name` varchar(255) NOT NULL', |
||
41 | 'PRIMARY KEY (`id`)' |
||
42 | ], 'ENGINE=MyISAM DEFAULT CHARSET=utf8'); |
||
43 | } |
||
44 | View Code Duplication | if (empty($tables['acl_perm'])) { |
|
45 | $this->container->db->createTable('acl_perm', [ |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
46 | '`id` int(10) unsigned NOT NULL AUTO_INCREMENT', |
||
47 | '`name` varchar(255) NOT NULL', |
||
48 | 'PRIMARY KEY (`id`)' |
||
49 | ], 'ENGINE=MyISAM DEFAULT CHARSET=utf8'); |
||
50 | } |
||
51 | View Code Duplication | if (empty($tables['acl_role_perm'])) { |
|
52 | $this->container->db->createTable('acl_role_perm', [ |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
53 | '`id` int(10) unsigned NOT NULL AUTO_INCREMENT', |
||
54 | '`role` int(11) unsigned DEFAULT NOT NULL', |
||
55 | '`perm` int(11) unsigned DEFAULT NOT NULL', |
||
56 | 'PRIMARY KEY (`id`)' |
||
57 | ], 'ENGINE=MyISAM DEFAULT CHARSET=utf8'); |
||
58 | } |
||
59 | } |
||
60 | |||
61 | /** |
||
62 | * Check user access to permission |
||
63 | * |
||
64 | * @access public |
||
65 | * |
||
66 | * @param integer $userId user id |
||
67 | * @param string $permission checked permission |
||
68 | * @param array $data for compatible, not used! |
||
69 | * |
||
70 | * @return bool |
||
71 | * @throws \Micro\base\Exception |
||
72 | */ |
||
73 | public function check($userId, $permission, array $data = []) |
||
74 | { |
||
75 | $query = new Query($this->container->db); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
76 | $query->select = '*'; |
||
77 | $query->table = '`acl_user` AS `au`'; |
||
78 | |||
79 | $query->addJoin('`acl_perm` AS `ap`', '`ap`.`id` = `au`.`perm`'); |
||
80 | $query->addJoin('`acl_role_perm` AS `arp`', '`arp`.`role` = `au`.`role`'); |
||
81 | $query->addJoin('`acl_perm` AS `ap1`', '`ap1`.`id` = `arp`.`perm`'); |
||
82 | |||
83 | $query->addWhere('`au`.`user`=' . $userId); |
||
84 | $query->addWhere('`ap`.`name`=:perm OR `ap1`.`name`=:perm'); |
||
85 | |||
86 | $query->limit = 1; |
||
87 | |||
88 | $query->params = [':perm' => $permission]; |
||
89 | $query->single = true; |
||
90 | |||
91 | return (bool)$query->run(); |
||
92 | } |
||
93 | |||
94 | /** |
||
95 | * Create new role |
||
96 | * |
||
97 | * @access public |
||
98 | * |
||
99 | * @param string $name role name |
||
100 | * |
||
101 | * @return void |
||
102 | */ |
||
103 | public function createRole($name) |
||
104 | { |
||
105 | View Code Duplication | if (!$this->container->db->exists('acl_role', ['name' => $name])) { |
|
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
106 | $this->container->db->insert('acl_role', ['name' => $name]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
107 | } |
||
108 | } |
||
109 | |||
110 | /** |
||
111 | * Create new permission |
||
112 | * |
||
113 | * @access public |
||
114 | * |
||
115 | * @param string $name permission name |
||
116 | * |
||
117 | * @return void |
||
118 | */ |
||
119 | public function createPermission($name) |
||
120 | { |
||
121 | View Code Duplication | if (!$this->container->db->exists('acl_role', ['name' => $name])) { |
|
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
122 | $this->container->db->insert('acl_role', ['name' => $name]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
123 | } |
||
124 | } |
||
125 | |||
126 | /** |
||
127 | * Delete permission by name |
||
128 | * |
||
129 | * @access public |
||
130 | * |
||
131 | * @param string $name permission name |
||
132 | * |
||
133 | * @return void |
||
134 | */ |
||
135 | public function deletePermission($name) |
||
136 | { |
||
137 | $this->container->db->delete('acl_perm', ['name' => $name]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
138 | } |
||
139 | |||
140 | /** |
||
141 | * Delete role by name |
||
142 | * |
||
143 | * @access public |
||
144 | * |
||
145 | * @param string $name role name |
||
146 | * |
||
147 | * @return void |
||
148 | * @throws \Micro\base\Exception |
||
149 | */ |
||
150 | public function deleteRole($name) |
||
151 | { |
||
152 | foreach ($this->rolePerms($name) AS $perm) { |
||
153 | $this->container->db->delete('acl_role_perm', ['id' => $perm['perm']]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
154 | } |
||
155 | $this->container->db->delete('acl_role', ['name' => $name]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
156 | } |
||
157 | |||
158 | /** |
||
159 | * Get role perms |
||
160 | * |
||
161 | * @access public |
||
162 | * |
||
163 | * @param string $role role name |
||
164 | * |
||
165 | * @return array |
||
166 | * @throws \Micro\base\Exception |
||
167 | */ |
||
168 | protected function rolePerms($role) |
||
169 | { |
||
170 | $query = new Query($this->container->db); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
171 | $query->select = '*'; |
||
172 | $query->table = 'acl_role_perm'; |
||
173 | $query->addWhere('role=' . $role); |
||
174 | $query->single = false; |
||
175 | |||
176 | return $query->run(); |
||
177 | } |
||
178 | |||
179 | /** |
||
180 | * Assign role permission |
||
181 | * |
||
182 | * @access public |
||
183 | * |
||
184 | * @param string $role role name |
||
185 | * @param string $permission permission name |
||
186 | * |
||
187 | * @return void |
||
188 | */ |
||
189 | public function assignRolePermission($role, $permission) |
||
190 | { |
||
191 | $this->container->db->insert('acl_role_perm', ['role' => $role, 'perm' => $permission]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
192 | } |
||
193 | |||
194 | /** |
||
195 | * Revoke role permission |
||
196 | * |
||
197 | * @access public |
||
198 | * |
||
199 | * @param string $role role name |
||
200 | * @param string $permission permission name |
||
201 | * |
||
202 | * @return void |
||
203 | */ |
||
204 | public function revokeRolePermission($role, $permission) |
||
205 | { |
||
206 | $this->container->db->delete('acl_role_perm', ['role' => $role, 'perm' => $permission]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
207 | } |
||
208 | |||
209 | /** |
||
210 | * Grant privilege to user |
||
211 | * |
||
212 | * @access public |
||
213 | * |
||
214 | * @param integer $userId user ID |
||
215 | * @param integer $privilege privilege ID |
||
216 | * @param boolean $asRole as role? |
||
217 | * |
||
218 | * @return void |
||
219 | */ |
||
220 | public function grantPrivilege($userId, $privilege = null, $asRole = true) |
||
221 | { |
||
222 | if ($asRole) { |
||
223 | $this->container->db->insert('acl_user', ['user' => $userId, 'role' => $privilege]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
224 | } else { |
||
225 | $this->container->db->insert('acl_user', ['user' => $userId, 'perm' => $privilege]); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
226 | } |
||
227 | } |
||
228 | |||
229 | /** |
||
230 | * Forbid privilege |
||
231 | * |
||
232 | * @access public |
||
233 | * |
||
234 | * @param integer $userId user ID |
||
235 | * @param integer $privilege privilege ID |
||
236 | * @param bool $asRole as role? |
||
237 | */ |
||
238 | public function forbidPrivilege($userId, $privilege = null, $asRole = true) |
||
239 | { |
||
240 | if ($asRole) { |
||
241 | $this->container->db->delete('acl_user', '`user`="' . $userId . '" AND `role`="' . $privilege . '"'); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
242 | } else { |
||
243 | $this->container->db->delete('acl_user', '`user`="' . $userId . '" AND `perm`="' . $privilege . '"'); |
||
0 ignored issues
–
show
Accessing
db on the interface Micro\base\IContainer suggest that you code against a concrete implementation. How about adding an instanceof check?
If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes
Loading history...
|
|||
244 | } |
||
245 | } |
||
246 | } |
||
247 |
If you access a property on an interface, you most likely code against a concrete implementation of the interface.
Available Fixes
Adding an additional type check:
Changing the type hint: