Request::init() - Code Metrics - Inspection of "change csrf param name for admin requests #1778" - luyadev/luya - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( cb5a6f...710c0a )

by Basil

created 2018-03-12 16:06 UTC

Request::init() A

↳ Parent: Project

Complexity

Conditions	2
Paths	2

Size

Total Lines	9
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
c	1
b	0
f	0
dl	0
loc	9
rs	9.6666
cc	2
eloc	4
nc	2
nop	0

<?php

namespace luya\web;

/**
 * Request Component.
 *
 * Extending the {{yii\web\Request}} class by predefine values and add ability to verify whether the request is in admin context or not.
 *
 * @property boolean $isAdmin Whether the request is admin or not.
 *
 * @author Basil Suter <[email protected]>
 * @since 1.0.0
 */
class Request extends \yii\web\Request
{
    /**
     * @var boolean Force web request to enable unit tests with simulated web requests
     */
    public $forceWebRequest = false;

    /**
     * @var string The validation cookie for cookies, should be overwritten in your configuration.
     *
     * The cookie validation key is generated randomly or by any new release but should be overriten in your config.
     *
     * http://randomkeygen.com using a 504-bit WPA Key
     */
    public $cookieValidationKey = '(`1gq(|TI2Zxx7zZH<Zk052a9a$@l2EtD9wT`lkTO@7uy{cPaJt4y70mxh4q(3';
    
    /**
     * @var array A list of default available parsers.
     */
    public $parsers = [
        'application/json' => 'yii\web\JsonParser',
    ];
    
    /**
     * @inheritdoc
     */
    public function init()
    {
        parent::init();
        
        // if an admin request is detected, change the csrf param.
        if ($this->isAdmin) {
            $this->csrfParam = '_csrf-admin';
        }
    }
    
    private $_isAdmin;
    
    /**
     * Setter method to force isAdmin request.
     *
     * @param boolean $state Whether its an admin request or not
     */
    public function setIsAdmin($state)
    {
        $this->_isAdmin = $state;
    }

    /**
     * Getter method resolves the current url request and check if admin context.
     *
     * This is mostly used in order to bootstrap more modules and application logic in admin context.
     *
     * @return boolean If the current request is in admin context return value is true, otherwise false.
     */
    public function getIsAdmin()
    {
        if ($this->_isAdmin === null) {
            if ($this->getIsConsoleRequest() && !$this->forceWebRequest) {
                $this->_isAdmin = false;
            } else {
                $resolver = (new Composition($this))->getResolvedPathInfo($this);
                $parts = explode('/', $resolver['route']);
                $first = reset($parts);
                
                if (preg_match('/admin/i', $first, $results)) {
                    $this->_isAdmin = true;
                } else {
                    $this->_isAdmin = false;
                }
            }
        }
        
        return $this->_isAdmin;
    }
    
    /**
     * Get the user client language.
     *
     * @param string $defaultValue Return if not set.
     * @return string
     */
    public function getClientLanguage($defaultValue)
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        return isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2) : $defaultValue;
    }
}


1			<?php
2
3			namespace luya\web;
4
5			/**
6			* Request Component.
7			*
8			* Extending the {{yii\web\Request}} class by predefine values and add ability to verify whether the request is in admin context or not.
9			*
10			* @property boolean $isAdmin Whether the request is admin or not.
11			*
12			* @author Basil Suter <[email protected]>
13			* @since 1.0.0
14			*/
15			class Request extends \yii\web\Request
16			{
17			/**
18			* @var boolean Force web request to enable unit tests with simulated web requests
19			*/
20			public $forceWebRequest = false;
21
22			/**
23			* @var string The validation cookie for cookies, should be overwritten in your configuration.
24			*
25			* The cookie validation key is generated randomly or by any new release but should be overriten in your config.
26			*
27			* http://randomkeygen.com using a 504-bit WPA Key
28			*/
29			public $cookieValidationKey = '(`1gq(\|TI2Zxx7zZH<Zk052a9a$@l2EtD9wT`lkTO@7uy{cPaJt4y70mxh4q(3';
30
31			/**
32			* @var array A list of default available parsers.
33			*/
34			public $parsers = [
35			'application/json' => 'yii\web\JsonParser',
36			];
37
38			/**
39			* @inheritdoc
40			*/
41			public function init()
42			{
43			parent::init();
44
45			// if an admin request is detected, change the csrf param.
46			if ($this->isAdmin) {
47			$this->csrfParam = '_csrf-admin';
48			}
49			}
50
51			private $_isAdmin;
52
53			/**
54			* Setter method to force isAdmin request.
55			*
56			* @param boolean $state Whether its an admin request or not
57			*/
58			public function setIsAdmin($state)
59			{
60			$this->_isAdmin = $state;
61			}
62
63			/**
64			* Getter method resolves the current url request and check if admin context.
65			*
66			* This is mostly used in order to bootstrap more modules and application logic in admin context.
67			*
68			* @return boolean If the current request is in admin context return value is true, otherwise false.
69			*/
70			public function getIsAdmin()
71			{
72			if ($this->_isAdmin === null) {
73			if ($this->getIsConsoleRequest() && !$this->forceWebRequest) {
74			$this->_isAdmin = false;
75			} else {
76			$resolver = (new Composition($this))->getResolvedPathInfo($this);
77			$parts = explode('/', $resolver['route']);
78			$first = reset($parts);
79
80			if (preg_match('/admin/i', $first, $results)) {
81			$this->_isAdmin = true;
82			} else {
83			$this->_isAdmin = false;
84			}
85			}
86			}
87
88			return $this->_isAdmin;
89			}
90
91			/**
92			* Get the user client language.
93			*
94			* @param string $defaultValue Return if not set.
95			* @return string
96			*/
97			public function getClientLanguage($defaultValue)
			0 ignored issues – show Coding Style introduced 2017-07-31 09:35 UTC by Report Bug Copy Issue Report `getClientLanguage` uses the super-global variable `$_SERVER` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
98			{
99			return isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2) : $defaultValue;
100			}
101			}
102

luyadev / luya

Push — master ( cb5a6f...710c0a )

Request::init() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like