Ajde_Acl_Controller::getAclConditions() - Code Metrics - nabble/ajde - Measure and Improve Code Quality continuously with Scrutinizer

Ajde_Acl_Controller::getAclConditions() B
last analyzed 2016-09-18 20:02 UTC

↳ Parent: Ajde_Acl_Controller

Complexity

Conditions	5
Paths	16

Size

Total Lines	10
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	5
eloc	7
nc	16
nop	0
dl	0
loc	10
rs	8.8571
c	0
b	0
f	0

<?php

abstract class Ajde_Acl_Controller extends Ajde_User_Controller
{
    protected $_allowedActions = [];

    /* ACL sets this to true or false to grant/prevent access in beforeInvoke() */
    private $_hasAccess;

    public function beforeInvoke($allowed = [])
    {
        if (!in_array($this->getAction(),
                array_merge($this->_allowedActions, $allowed)) && $this->hasAccess() === false
        ) {
            Ajde_Log::_('ACL firewall hit', Ajde_Log::CHANNEL_SECURITY, Ajde_Log::LEVEL_INFORMATIONAL,
                implode(PHP_EOL, Ajde_Acl::$log));
            Ajde::app()->getRequest()->set('message', trans('You may not have the required permission to view this page'));
            Ajde::app()->getResponse()->dieOnCode(Ajde_Http_Response::RESPONSE_TYPE_UNAUTHORIZED);
        } else {
            return true;
        }
    }

    protected function getOwnerId()
    {
        return false;
    }

    protected function getAclParam()
    {
        return parent::getAclParam();
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
    }

    protected function setAclParam($param)
    {
        parent::setAclParam($param);
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
    }

    private function getAclConditions()
    {
        $module = $this->getModule();
        $action = $this->getAction();
        $param = $this->hasAclParam() ? $this->getAclParam() : '';
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $controller = $this->getRoute()->hasController() ? $this->getRoute()->getController() : '';
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $extra = $controller.($controller && $param ? ':' : '').$param;

        return ['module' => $module, 'action' => $action, 'extra' => $extra];
    }

    public function validateAccess($conditions = null)
    {
        if (!isset($conditions)) {
            $conditions = $this->getAclConditions();
        }

        return Ajde_Acl::validateController($conditions['module'], $conditions['action'], $conditions['extra']);
    }

    protected function hasAccess()
    {
        if (!isset($this->_hasAccess)) {
            $conditions = $this->getAclConditions();
            $aclTimer = Ajde::app()->addTimer('<i>ACL validation for '.implode('/', $conditions).'</i>');
            $this->_hasAccess = $this->validateAccess($conditions);
            Ajde::app()->endTimer($aclTimer);
        }

        return $this->_hasAccess;
    }
}


1			<?php
2
3			abstract class Ajde_Acl_Controller extends Ajde_User_Controller
4			{
5			protected $_allowedActions = [];
6
7			/* ACL sets this to true or false to grant/prevent access in beforeInvoke() */
8			private $_hasAccess;
9
10			public function beforeInvoke($allowed = [])
11			{
12			if (!in_array($this->getAction(),
13			array_merge($this->_allowedActions, $allowed)) && $this->hasAccess() === false
14			) {
15			Ajde_Log::_('ACL firewall hit', Ajde_Log::CHANNEL_SECURITY, Ajde_Log::LEVEL_INFORMATIONAL,
16			implode(PHP_EOL, Ajde_Acl::$log));
17			Ajde::app()->getRequest()->set('message', trans('You may not have the required permission to view this page'));
18			Ajde::app()->getResponse()->dieOnCode(Ajde_Http_Response::RESPONSE_TYPE_UNAUTHORIZED);
19			} else {
20			return true;
21			}
22			}
23
24			protected function getOwnerId()
25			{
26			return false;
27			}
28
29			protected function getAclParam()
30			{
31			return parent::getAclParam();
			0 ignored issues – show Bug introduced 2015-12-10 15:15 UTC by Report Bug Copy Issue Report It seems like you code against a specific sub-type and not the parent class `Ajde_User_Controller` as the method `getAclParam()` does only exist in the following sub-classes of `Ajde_User_Controller`: `AclController`, `AdminAclController`, `AdminCmsController`, `AdminController`, `AdminEmailController`, `AdminFormController`, `AdminMediaController`, `AdminMenuController`, `AdminNodeController`, `AdminSetupController`, `AdminShopController`, `AdminSystemController`, `AdminTagController`, `AdminUserController`, `Ajde_Acl_Controller`, `Ajde_Api_Controller`, `ApiController`, `ApiV1Controller`, `MediaController`, `ShopCartController`, `ShopController`, `ShopTransactionController`, `_coreCrudController`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
32			}
33
34			protected function setAclParam($param)
35			{
36			parent::setAclParam($param);
			0 ignored issues – show Bug introduced 2015-12-10 15:15 UTC by Report Bug Copy Issue Report It seems like you code against a specific sub-type and not the parent class `Ajde_User_Controller` as the method `setAclParam()` does only exist in the following sub-classes of `Ajde_User_Controller`: `AclController`, `AdminAclController`, `AdminCmsController`, `AdminController`, `AdminEmailController`, `AdminFormController`, `AdminMediaController`, `AdminMenuController`, `AdminNodeController`, `AdminSetupController`, `AdminShopController`, `AdminSystemController`, `AdminTagController`, `AdminUserController`, `Ajde_Acl_Controller`, `Ajde_Api_Controller`, `ApiController`, `ApiV1Controller`, `MediaController`, `ShopCartController`, `ShopController`, `ShopTransactionController`, `_coreCrudController`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
37			}
38
39			private function getAclConditions()
40			{
41			$module = $this->getModule();
42			$action = $this->getAction();
43			$param = $this->hasAclParam() ? $this->getAclParam() : '';
			0 ignored issues – show Documentation Bug introduced 2015-12-10 15:15 UTC by Report Bug Copy Issue Report The method `hasAclParam` does not exist on `object<Ajde_Acl_Controller>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
44			$controller = $this->getRoute()->hasController() ? $this->getRoute()->getController() : '';
			0 ignored issues – show Documentation Bug introduced 2015-12-10 15:15 UTC by Report Bug Copy Issue Report The method `hasController` does not exist on `object<Ajde_Core_Route>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
45			$extra = $controller.($controller && $param ? ':' : '').$param;
46
47			return ['module' => $module, 'action' => $action, 'extra' => $extra];
48			}
49
50			public function validateAccess($conditions = null)
51			{
52			if (!isset($conditions)) {
53			$conditions = $this->getAclConditions();
54			}
55
56			return Ajde_Acl::validateController($conditions['module'], $conditions['action'], $conditions['extra']);
57			}
58
59			protected function hasAccess()
60			{
61			if (!isset($this->_hasAccess)) {
62			$conditions = $this->getAclConditions();
63			$aclTimer = Ajde::app()->addTimer('<i>ACL validation for '.implode('/', $conditions).'</i>');
64			$this->_hasAccess = $this->validateAccess($conditions);
65			Ajde::app()->endTimer($aclTimer);
66			}
67
68			return $this->_hasAccess;
69			}
70			}
71

nabble / ajde

Ajde_Acl_Controller::getAclConditions() B last analyzed 2016-09-18 20:02 UTC

Complexity

Size

Duplication

Importance

Available Fixes

Available Fixes

Duplication Side-by-Side

Filter issues like

Ajde_Acl_Controller::getAclConditions() B
last analyzed 2016-09-18 20:02 UTC