profile::fill_optional_profile_data() - Code Metrics - Inspection of "Removed storing result of sign in process and rela..." - nazar-pc/CleverStyle-Framework - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 20774e...ca994b )

by Nazar

created 2016-09-21 21:00 UTC

profile::fill_optional_profile_data() B

↳ Parent: profile

Complexity

Conditions	6
Paths	32

Size

Total Lines	18
Code Lines	11

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	12
CRAP Score	6

Importance

Changes

Metric	Value
cc	6
eloc	11
nc	32
nop	3
dl	0
loc	18
ccs	12
cts	12
cp	1
crap	6
rs	8.8571
c	0
b	0
f	0

<?php
/**
 * @package    CleverStyle Framework
 * @subpackage System module
 * @category   modules
 * @author     Nazar Mokrynskyi <[email protected]>
 * @copyright  Copyright (c) 2015-2016, Nazar Mokrynskyi
 * @license    MIT License, see license.txt
 */
namespace cs\modules\System\api\Controller;
use
	cs\Config,
	cs\Core,
	cs\Event,
	cs\ExitException,
	cs\Language,
	cs\Mail,
	cs\Session,
	cs\User;

/**
 * Provides next events:
 *  api/System/profile/sign_in/before
 *  [
 *    'login'    => $login,   // sha224 hash of login or email actually
 *    'password' => $password // sha512(sha512(password) + public_key)
 *  ]
 *
 *  api/System/profile/sign_in/success
 *
 *  api/System/profile/sign_in/error
 */
trait profile {
	public static function profile_get () {
		$User         = User::instance();
		$fields       = [
			'id',
			'login',
			'username',
			'language',
			'timezone',
			'avatar'
		];
		$result       = $User->get($fields, $User->id);
		$result['id'] = (int)$result['id'];
		if ($User->guest()) {
			$result['username'] = Language::instance()->system_profile_guest;
			$result['avatar']   = $User->avatar();
		}
		return $result;
	}
	/**
	 * @param \cs\Request $Request
	 *
	 * @throws ExitException
	 */
	public static function profile_patch ($Request) {
		$user_data = $Request->data('login', 'username', 'language', 'timezone', 'avatar');
		if (
			!$user_data ||
			!$user_data['login']
		) {
			throw new ExitException(400);
		}
		$User = User::instance();
		if ($User->guest()) {
			throw new ExitException(403);
		}
		$user_data['login'] = mb_strtolower($user_data['login']);
		if (!static::can_change_login_to($User, $user_data['login'])) {
			throw new ExitException(Language::instance()->system_admin_users_login_occupied, 400);
		}
		if (!$User->set($user_data)) {
			throw new ExitException(500);
		}
	}
	/**
	 * Check for changing login to new one and whether it is available
	 *
	 * @param User   $User
	 * @param string $login
	 *
	 * @return bool
	 */
	protected static function can_change_login_to ($User, $login) {
		return
			$login == $User->login ||
			$login == $User->email ||
			(
				!filter_var($login, FILTER_VALIDATE_EMAIL) &&
				$User->get_id(hash('sha224', $login)) === false
			);
	}
	/**
	 * @param \cs\Request $Request
	 *
	 * @throws ExitException
	 */
	public static function profile_change_password ($Request) {
		$data = $Request->data('current_password', 'new_password');
		if (!$data) {
			throw new ExitException(400);
		}
		$User = User::instance();
		if (!$User->user()) {
			throw new ExitException(403);
		}
		$L = Language::prefix('system_profile_');
		if (!$data['new_password']) {
			throw new ExitException($L->please_type_new_password, 400);
		}
		if (!$User->validate_password($data['current_password'], $User->id, true)) {
			throw new ExitException($L->wrong_current_password, 400);
		}
		$id = $User->id;
		if ($User->set_password($data['new_password'], $id, true)) {
			Session::instance()->add($id);
		} else {
			throw new ExitException($L->change_password_server_error, 500);
		}
	}
	/**
	 * @param \cs\Request  $Request
	 * @param \cs\Response $Response
	 *
	 * @throws ExitException
	 */
	public static function profile_registration ($Request, $Response) {
		$Config = Config::instance();
		$L      = Language::prefix('system_profile_registration_');
		$User   = User::instance();
		if (!$User->guest()) {
			throw new ExitException(403);
		}
		if (!$Config->core['allow_user_registration']) {
			throw new ExitException($L->prohibited, 403);
		}
		$email   = $Request->data('email');
		$email   = mb_strtolower($email);
		$result  = static::try_to_register($User, $L, $email);
		$confirm = $result['reg_key'] !== true;
		static::fill_optional_profile_data($Request, $User, $result['id']);
		$username  = $User->username($result['id']);
		$login     = $User->get('login', $result['id']);
		$site_name = $Config->core['site_name'];
		$title     = $L->success_mail($site_name);
		$body      = $L->success_mail($username, $site_name, $Config->core_url().'/profile/settings', $login);
		if ($confirm) {
			$title = $L->need_confirmation_mail($site_name);
			$body  = $L->need_confirmation_mail_body(
				$username,
				$site_name,
				$Config->core_url()."/profile/registration_confirmation/$result[reg_key]",
				$L->time($Config->core['registration_confirmation_time'], 'd')
			);
		} elseif (!$Request->data('password') && $result['password']) {
			$body = $L->success_mail_with_password_body($username, $site_name, $Config->core_url().'/profile/settings', $login, $result['password']);
		}
		if (!Mail::instance()->send_to($email, $title, $body)) {
			$User->registration_cancel();
			throw new ExitException($L->mail_sending_error, 500);
		}
		$Response->code = $confirm ? 202 : 201;
	}
	/**
	 * @param User            $User
	 * @param Language\Prefix $L
	 * @param string          $email
	 *
	 * @return array
	 *
	 * @throws ExitException
	 */
	protected static function try_to_register ($User, $L, $email) {
		$result = $User->registration($email);
		if ($result === false) {
			throw new ExitException($L->please_type_correct_email, 400);
		}
		if ($result == 'error') {
			throw new ExitException($L->server_error, 500);
		}
		if ($result == 'exists') {
			throw new ExitException($L->error_exists, 400);
		}
		return $result;
	}
	/**
	 * @param \cs\Request $Request
	 * @param User        $User
	 * @param int         $user_id
	 */
	protected static function fill_optional_profile_data ($Request, $User, $user_id) {
		if ($Request->data('username')) {
			$User->set('username', $Request->data['username'], $user_id);
		}
		// Actually `sha512(sha512(password) + public_key)` instead of plain password
		if ($Request->data('password')) {
			$User->set_password($Request->data['password'], $user_id, true);
		}
		if ($Request->data('language')) {
			$User->set('language', $Request->data['language'], $user_id);
		}
		if ($Request->data('timezone')) {
			$User->set('timezone', $Request->data['timezone'], $user_id);
		}
		if ($Request->data('avatar')) {
			$User->set('avatar', $Request->data['avatar'], $user_id);
		}
	}
	/**
	 * @param \cs\Request $Request
	 *
	 * @throws ExitException
	 */
	public static function profile_restore_password ($Request) {
		$User = User::instance();
		if (!$User->guest()) {
			throw new ExitException(403);
		}
		$L     = Language::prefix('system_profile_restore_password_');
		$email = $Request->data('email');
		if (!$email) {
			throw new ExitException($L->please_type_your_email, 400);
		}
		$id = $User->get_id(mb_strtolower($email));
		if (!$id) {
			throw new ExitException($L->user_with_such_login_email_not_found, 400);
		}
		$key    = $User->restore_password($id);
		$Config = Config::instance();
		if (
			!$key ||
			!Mail::instance()->send_to(
				$User->get('email', $id),
				$L->confirmation_mail($Config->core['site_name']),
				$L->confirmation_mail_body(
					$User->username($id),
					$Config->core['site_name'],
					$Config->core_url()."/profile/restore_password_confirmation/$key",
					$L->time($Config->core['registration_confirmation_time'], 'd')
				)
			)
		) {
			throw new ExitException($L->server_error, 500);
		}
	}
	/**
	 * @param \cs\Request $Request
	 *
	 * @throws ExitException
	 */
	public static function profile_sign_in ($Request) {
		$L    = Language::prefix('system_profile_sign_in_');
		$User = User::instance();
		$data = $Request->data('login', 'password');
		if (!$data) {
			throw new ExitException(400);
		}
		if (!$User->guest()) {
			return;
		}
		$Event = Event::instance();
		if (!$Event->fire('api/System/profile/sign_in/before', $data)) {
			throw new ExitException(403);
		}
		$id = $User->get_id($data['login']);
		if ($id && $User->validate_password($data['password'], $id, true)) {
			$status = $User->get('status', $id);
			if ($status == User::STATUS_NOT_ACTIVATED) {
				throw new ExitException($L->your_account_is_not_active, 403);
			}
			if ($status == User::STATUS_INACTIVE) {
				throw new ExitException($L->your_account_disabled, 403);
			}
			Session::instance()->add($id);
			$Event->fire('api/System/profile/sign_in/success');
		} else {
			$Event->fire('api/System/profile/sign_in/error');
			throw new ExitException($L->authentication_error, 400);
		}
	}
	/**
	 * @param \cs\Request  $Request
	 * @param \cs\Response $Response
	 *
	 * @throws ExitException
	 */
	public static function profile_sign_out (
		/** @noinspection PhpUnusedParameterInspection */
		$Request,
		$Response
	) {
		if (User::instance()->guest()) {
			return;
		}
		if (!Session::instance()->del()) {
			throw new ExitException(500);
		}
		/**
		 * Hack for 403 after sign out in administration
		 */
		$Response->cookie('sign_out', 1, time() + 5, true);
	}
	public static function profile_configuration () {
		$Config = Config::instance();
		return [
			'public_key'            => Core::instance()->public_key,
			'password_min_length'   => (int)$Config->core['password_min_length'],
			'password_min_strength' => (int)$Config->core['password_min_strength']
		];
	}
}


1		<?php
2		/**
3		* @package CleverStyle Framework
4		* @subpackage System module
5		* @category modules
6		* @author Nazar Mokrynskyi <[email protected]>
7		* @copyright Copyright (c) 2015-2016, Nazar Mokrynskyi
8		* @license MIT License, see license.txt
9		*/
10		namespace cs\modules\System\api\Controller;
11		use
12		cs\Config,
13		cs\Core,
14		cs\Event,
15		cs\ExitException,
16		cs\Language,
17		cs\Mail,
18		cs\Session,
19		cs\User;
20
21		/**
22		* Provides next events:
23		* api/System/profile/sign_in/before
24		* [
25		* 'login' => $login, // sha224 hash of login or email actually
26		* 'password' => $password // sha512(sha512(password) + public_key)
27		* ]
28		*
29		* api/System/profile/sign_in/success
30		*
31		* api/System/profile/sign_in/error
32		*/
33		trait profile {
34	2	public static function profile_get () {
35	2	$User = User::instance();
36		$fields = [
37	2	'id',
38		'login',
39		'username',
40		'language',
41		'timezone',
42		'avatar'
43		];
44	2	$result = $User->get($fields, $User->id);
45	2	$result['id'] = (int)$result['id'];
46	2	if ($User->guest()) {
47	2	$result['username'] = Language::instance()->system_profile_guest;
48	2	$result['avatar'] = $User->avatar();
49		}
50	2	return $result;
51		}
52		/**
53		* @param \cs\Request $Request
54		*
55		* @throws ExitException
56		*/
57	2	public static function profile_patch ($Request) {
58	2	$user_data = $Request->data('login', 'username', 'language', 'timezone', 'avatar');
59		if (
60	2	!$user_data \|\|
61	2	!$user_data['login']
62		) {
63	2	throw new ExitException(400);
64		}
65	2	$User = User::instance();
66	2	if ($User->guest()) {
67	2	throw new ExitException(403);
68		}
69	2	$user_data['login'] = mb_strtolower($user_data['login']);
70	2	if (!static::can_change_login_to($User, $user_data['login'])) {
71	2	throw new ExitException(Language::instance()->system_admin_users_login_occupied, 400);
72		}
73	2	if (!$User->set($user_data)) {
74		throw new ExitException(500);
75		}
76	2	}
77		/**
78		* Check for changing login to new one and whether it is available
79		*
80		* @param User $User
81		* @param string $login
82		*
83		* @return bool
84		*/
85	2	protected static function can_change_login_to ($User, $login) {
86		return
87	2	$login == $User->login \|\|
88	2	$login == $User->email \|\|
89		(
90	2	!filter_var($login, FILTER_VALIDATE_EMAIL) &&
91	2	$User->get_id(hash('sha224', $login)) === false
92		);
93		}
94		/**
95		* @param \cs\Request $Request
96		*
97		* @throws ExitException
98		*/
99	2	public static function profile_change_password ($Request) {
100	2	$data = $Request->data('current_password', 'new_password');
101	2	if (!$data) {
102	2	throw new ExitException(400);
103		}
104	2	$User = User::instance();
105	2	if (!$User->user()) {
106	2	throw new ExitException(403);
107		}
108	2	$L = Language::prefix('system_profile_');
109	2	if (!$data['new_password']) {
110	2	throw new ExitException($L->please_type_new_password, 400);
111		}
112	2	if (!$User->validate_password($data['current_password'], $User->id, true)) {
113	2	throw new ExitException($L->wrong_current_password, 400);
114		}
115	2	$id = $User->id;
116	2	if ($User->set_password($data['new_password'], $id, true)) {
117	2	Session::instance()->add($id);
118		} else {
119	2	throw new ExitException($L->change_password_server_error, 500);
120		}
121	2	}
122		/**
123		* @param \cs\Request $Request
124		* @param \cs\Response $Response
125		*
126		* @throws ExitException
127		*/
128	2	public static function profile_registration ($Request, $Response) {
129	2	$Config = Config::instance();
130	2	$L = Language::prefix('system_profile_registration_');
131	2	$User = User::instance();
132	2	if (!$User->guest()) {
133	2	throw new ExitException(403);
134		}
135	2	if (!$Config->core['allow_user_registration']) {
136	2	throw new ExitException($L->prohibited, 403);
137		}
138	2	$email = $Request->data('email');
139	2	$email = mb_strtolower($email);
140	2	$result = static::try_to_register($User, $L, $email);
141	2	$confirm = $result['reg_key'] !== true;
142	2	static::fill_optional_profile_data($Request, $User, $result['id']);
143	2	$username = $User->username($result['id']);
144	2	$login = $User->get('login', $result['id']);
145	2	$site_name = $Config->core['site_name'];
146	2	$title = $L->success_mail($site_name);
147	2	$body = $L->success_mail($username, $site_name, $Config->core_url().'/profile/settings', $login);
148	2	if ($confirm) {
149	2	$title = $L->need_confirmation_mail($site_name);
150	2	$body = $L->need_confirmation_mail_body(
151		$username,
152		$site_name,
153	2	$Config->core_url()."/profile/registration_confirmation/$result[reg_key]",
154	2	$L->time($Config->core['registration_confirmation_time'], 'd')
155		);
156	2	} elseif (!$Request->data('password') && $result['password']) {
157	2	$body = $L->success_mail_with_password_body($username, $site_name, $Config->core_url().'/profile/settings', $login, $result['password']);
158		}
159	2	if (!Mail::instance()->send_to($email, $title, $body)) {
160	2	$User->registration_cancel();
161	2	throw new ExitException($L->mail_sending_error, 500);
162		}
163	2	$Response->code = $confirm ? 202 : 201;
164	2	}
165		/**
166		* @param User $User
167		* @param Language\Prefix $L
168		* @param string $email
169		*
170		* @return array
171		*
172		* @throws ExitException
173		*/
174	2	protected static function try_to_register ($User, $L, $email) {
175	2	$result = $User->registration($email);
176	2	if ($result === false) {
177	2	throw new ExitException($L->please_type_correct_email, 400);
178		}
179	2	if ($result == 'error') {
180		throw new ExitException($L->server_error, 500);
181		}
182	2	if ($result == 'exists') {
183	2	throw new ExitException($L->error_exists, 400);
184		}
185	2	return $result;
186		}
187		/**
188		* @param \cs\Request $Request
189		* @param User $User
190		* @param int $user_id
191		*/
192	2	protected static function fill_optional_profile_data ($Request, $User, $user_id) {
193	2	if ($Request->data('username')) {
194	2	$User->set('username', $Request->data['username'], $user_id);
195		}
196		// Actually `sha512(sha512(password) + public_key)` instead of plain password
197	2	if ($Request->data('password')) {
198	2	$User->set_password($Request->data['password'], $user_id, true);
199		}
200	2	if ($Request->data('language')) {
201	2	$User->set('language', $Request->data['language'], $user_id);
202		}
203	2	if ($Request->data('timezone')) {
204	2	$User->set('timezone', $Request->data['timezone'], $user_id);
205		}
206	2	if ($Request->data('avatar')) {
207	2	$User->set('avatar', $Request->data['avatar'], $user_id);
208		}
209	2	}
210		/**
211		* @param \cs\Request $Request
212		*
213		* @throws ExitException
214		*/
215	2	public static function profile_restore_password ($Request) {
216	2	$User = User::instance();
217	2	if (!$User->guest()) {
218	2	throw new ExitException(403);
219		}
220	2	$L = Language::prefix('system_profile_restore_password_');
221	2	$email = $Request->data('email');
222	2	if (!$email) {
223	2	throw new ExitException($L->please_type_your_email, 400);
224		}
225	2	$id = $User->get_id(mb_strtolower($email));
226	2	if (!$id) {
227	2	throw new ExitException($L->user_with_such_login_email_not_found, 400);
228		}
229	2	$key = $User->restore_password($id);
230	2	$Config = Config::instance();
231		if (
232	2	!$key \|\|
233	2	!Mail::instance()->send_to(
234	2	$User->get('email', $id),
235	2	$L->confirmation_mail($Config->core['site_name']),
236	2	$L->confirmation_mail_body(
237	2	$User->username($id),
238	2	$Config->core['site_name'],
239	2	$Config->core_url()."/profile/restore_password_confirmation/$key",
240	2	$L->time($Config->core['registration_confirmation_time'], 'd')
241		)
242		)
243		) {
244	2	throw new ExitException($L->server_error, 500);
245		}
246	2	}
247		/**
248		* @param \cs\Request $Request
249		*
250		* @throws ExitException
251		*/
252	2	public static function profile_sign_in ($Request) {
253	2	$L = Language::prefix('system_profile_sign_in_');
254	2	$User = User::instance();
255	2	$data = $Request->data('login', 'password');
256	2	if (!$data) {
257	2	throw new ExitException(400);
258		}
259	2	if (!$User->guest()) {
260	2	return;
261		}
262	2	$Event = Event::instance();
263	2	if (!$Event->fire('api/System/profile/sign_in/before', $data)) {
264	2	throw new ExitException(403);
265		}
266	2	$id = $User->get_id($data['login']);
267	2	if ($id && $User->validate_password($data['password'], $id, true)) {
268	2	$status = $User->get('status', $id);
269	2	if ($status == User::STATUS_NOT_ACTIVATED) {
270	2	throw new ExitException($L->your_account_is_not_active, 403);
271		}
272	2	if ($status == User::STATUS_INACTIVE) {
273	2	throw new ExitException($L->your_account_disabled, 403);
274		}
275	2	Session::instance()->add($id);
276	2	$Event->fire('api/System/profile/sign_in/success');
277		} else {
278	2	$Event->fire('api/System/profile/sign_in/error');
279	2	throw new ExitException($L->authentication_error, 400);
280		}
281	2	}
282		/**
283		* @param \cs\Request $Request
284		* @param \cs\Response $Response
285		*
286		* @throws ExitException
287		*/
288	2	public static function profile_sign_out (
289		/** @noinspection PhpUnusedParameterInspection */
290		$Request,
291		$Response
292		) {
293	2	if (User::instance()->guest()) {
294	2	return;
295		}
296	2	if (!Session::instance()->del()) {
297		throw new ExitException(500);
298		}
299		/**
300		* Hack for 403 after sign out in administration
301		*/
302	2	$Response->cookie('sign_out', 1, time() + 5, true);
303	2	}
304	2	public static function profile_configuration () {
305	2	$Config = Config::instance();
306		return [
307	2	'public_key' => Core::instance()->public_key,
308	2	'password_min_length' => (int)$Config->core['password_min_length'],
309	2	'password_min_strength' => (int)$Config->core['password_min_strength']
310		];
311		}
312		}
313

nazar-pc / CleverStyle-Framework

Push — master ( 20774e...ca994b )

profile::fill_optional_profile_data() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like