Issues in CredentialMapper.php - Failed Issues - Inspection of "Merge branch 'binsky08-migrations-2'" - nextcloud/passman - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( e8410d...a45585 )

by Marcos

created 2021-05-16 22:45 UTC

lib/Db/CredentialMapper.php (1 issue)

Labels

Bug 1

Severity

Critical 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Nextcloud - passman
 *
 * @copyright Copyright (c) 2016, Sander Brand ([email protected])
 * @copyright Copyright (c) 2016, Marcos Zuriaga Miguel ([email protected])
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 */

namespace OCA\Passman\Db;

use OCA\Passman\Utility\Utils;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Db\Entity;
use OCP\AppFramework\Db\MultipleObjectsReturnedException;
use OCP\AppFramework\Db\QBMapper;
use OCP\DB\QueryBuilder\IQueryBuilder;
use OCP\IDBConnection;

class CredentialMapper extends QBMapper {
	const TABLE_NAME = 'passman_credentials';
	private Utils $utils;


	public function __construct(IDBConnection $db, Utils $utils) {
		parent::__construct($db, self::TABLE_NAME);
		$this->utils = $utils;
	}


	/**
	 * Obtains the credentials by vault id (not guid)
	 *
	 * @param string $vault_id
	 * @param string $user_id
	 * @return Entity[]
	 */
	public function getCredentialsByVaultId(string $vault_id, string $user_id) {
		$qb = $this->db->getQueryBuilder();
		$qb->select('*')
			->from(self::TABLE_NAME)
			->where($qb->expr()->eq('user_id', $qb->createNamedParameter($user_id, IQueryBuilder::PARAM_STR)))
			->andWhere($qb->expr()->eq('vault_id', $qb->createNamedParameter($vault_id, IQueryBuilder::PARAM_STR)));

		return $this->findEntities($qb);
	}

	/**
	 * Get a random credential from a vault
	 *
	 * @param string $vault_id
	 * @param string $user_id
	 * @return Credential[]
	 */
	public function getRandomCredentialByVaultId(string $vault_id, string $user_id) {
		$qb = $this->db->getQueryBuilder();
		$qb->select('*')
			->from(self::TABLE_NAME)
			->where($qb->expr()->eq('user_id', $qb->createNamedParameter($user_id, IQueryBuilder::PARAM_STR)))
			->andWhere($qb->expr()->eq('vault_id', $qb->createNamedParameter($vault_id, IQueryBuilder::PARAM_STR)))
			->andWhere($qb->expr()->isNull('shared_key'))
			->setMaxResults(20);

		$entities = $this->findEntities($qb);
		$count = count($entities) - 1;

		/** @var Credential[] $entity */
		$entity = array_splice($entities, rand(0, $count), 1);
		return $entity;
	}

	/**
	 * Get expired credentials
	 *
	 * @param int $timestamp
	 * @return Entity[]
	 */
	public function getExpiredCredentials(int $timestamp) {
		$qb = $this->db->getQueryBuilder();
		$qb->select('*')
			->from(self::TABLE_NAME)
			->where($qb->expr()->gt('expire_time', $qb->createNamedParameter(0, IQueryBuilder::PARAM_INT)))
			->andWhere($qb->expr()->lt('expire_time', $qb->createNamedParameter($timestamp, IQueryBuilder::PARAM_INT)));

		return $this->findEntities($qb);
	}

	/**
	 * Get an credential by id.
	 * Optional user id
	 *
	 * @param int $credential_id
	 * @param string|null $user_id
	 * @return Entity
	 * @throws DoesNotExistException
	 * @throws MultipleObjectsReturnedException
	 */
	public function getCredentialById(int $credential_id, string $user_id = null) {
		$qb = $this->db->getQueryBuilder();
		$qb->select('*')
			->from(self::TABLE_NAME)
			->where($qb->expr()->eq('id', $qb->createNamedParameter($credential_id, IQueryBuilder::PARAM_INT)));

		if ($user_id !== null) {
			$qb->andWhere($qb->expr()->eq('user_id', $qb->createNamedParameter($user_id, IQueryBuilder::PARAM_STR)));
		}

		return $this->findEntity($qb);
	}

	/**
	 * Get credential label by id
	 *
	 * @param int $credential_id
	 * @return Entity
	 * @throws DoesNotExistException
	 * @throws MultipleObjectsReturnedException
	 */
	public function getCredentialLabelById(int $credential_id) {
		$qb = $this->db->getQueryBuilder();
		$qb->select(['id', 'label'])
			->from(self::TABLE_NAME)
			->where($qb->expr()->eq('id', $qb->createNamedParameter($credential_id, IQueryBuilder::PARAM_INT)));

		return $this->findEntity($qb);
	}

	/**
	 * Save credential to the database.
	 *
	 * @param $raw_credential
	 * @return Credential
	 */
	public function create($raw_credential) {
		$credential = new Credential();

		$credential->setGuid($this->utils->GUID());
		$credential->setVaultId($raw_credential['vault_id']);
		$credential->setUserId($raw_credential['user_id']);
		$credential->setLabel($raw_credential['label']);
		$credential->setDescription($raw_credential['description']);
		$credential->setCreated($this->utils->getTime());
		$credential->setChanged($this->utils->getTime());
		$credential->setTags($raw_credential['tags']);
		$credential->setEmail($raw_credential['email']);
		$credential->setUsername($raw_credential['username']);
		$credential->setPassword($raw_credential['password']);
		$credential->setUrl($raw_credential['url']);
		$credential->setIcon($raw_credential['icon']);
		$credential->setRenewInterval($raw_credential['renew_interval']);
		$credential->setExpireTime($raw_credential['expire_time']);
		$credential->setDeleteTime($raw_credential['delete_time']);
		$credential->setFiles($raw_credential['files']);
		$credential->setCustomFields($raw_credential['custom_fields']);
		$credential->setOtp($raw_credential['otp']);
		$credential->setHidden($raw_credential['hidden']);
		$credential->setCompromised($raw_credential['compromised']);
		if (isset($raw_credential['shared_key'])) {
			$credential->setSharedKey($raw_credential['shared_key']);
		}
		return parent::insert($credential);
	}

	/**
	 * @param $raw_credential array An array containing all the credential fields
	 * @param $useRawUser bool
	 * @return Credential|Entity The updated credential
	 * @throws DoesNotExistException
	 * @throws MultipleObjectsReturnedException
	 */
	public function updateCredential($raw_credential, bool $useRawUser) {
		$original = $this->getCredentialByGUID($raw_credential['guid']);
		$uid = ($useRawUser) ? $raw_credential['user_id'] : $original->getUserId();

		$credential = new Credential();
		$credential->setId($original->getId());
		$credential->setGuid($original->getGuid());
		$credential->setVaultId($original->getVaultId());
		$credential->setUserId($uid);
		$credential->setLabel($raw_credential['label']);
		$credential->setDescription($raw_credential['description']);
		$credential->setCreated($original->getCreated());
		$credential->setChanged($this->utils->getTime());
		$credential->setTags($raw_credential['tags']);
		$credential->setEmail($raw_credential['email']);
		$credential->setUsername($raw_credential['username']);
		$credential->setPassword($raw_credential['password']);
		$credential->setUrl($raw_credential['url']);
		$credential->setIcon($raw_credential['icon']);
		$credential->setRenewInterval($raw_credential['renew_interval']);
		$credential->setExpireTime($raw_credential['expire_time']);
		$credential->setFiles($raw_credential['files']);
		$credential->setCustomFields($raw_credential['custom_fields']);
		$credential->setOtp($raw_credential['otp']);
		$credential->setHidden($raw_credential['hidden']);
		$credential->setDeleteTime($raw_credential['delete_time']);
		$credential->setCompromised($raw_credential['compromised']);

		if (isset($raw_credential['shared_key'])) {
			$credential->setSharedKey($raw_credential['shared_key']);
		}
		return parent::update($credential);
	}

	public function deleteCredential(Credential $credential) {
		return $this->delete($credential);
	}

	public function upd(Credential $credential) {
		$this->update($credential);
	}

	/**
	 * Finds a credential by the given guid
	 *
	 * @param string $credential_guid
	 * @param string|null $user_id
	 * @return Entity
	 * @throws DoesNotExistException
	 * @throws MultipleObjectsReturnedException
	 */
	public function getCredentialByGUID(string $credential_guid, string $user_id = null) {
		$qb = $this->db->getQueryBuilder();
		$qb->select('*')
			->from(self::TABLE_NAME)
			->where($qb->expr()->eq('guid', $qb->createNamedParameter($credential_guid, IQueryBuilder::PARAM_STR)));

		if ($user_id !== null) {
			$qb->andWhere($qb->expr()->eq('user_id', $qb->createNamedParameter($user_id, IQueryBuilder::PARAM_STR)));
		}

		return $this->findEntity($qb);
	}
}


1			<?php
2			/**
3			* Nextcloud - passman
4			*
5			* @copyright Copyright (c) 2016, Sander Brand ([email protected])
6			* @copyright Copyright (c) 2016, Marcos Zuriaga Miguel ([email protected])
7			* @license GNU AGPL version 3 or any later version
8			*
9			* This program is free software: you can redistribute it and/or modify
10			* it under the terms of the GNU Affero General Public License as
11			* published by the Free Software Foundation, either version 3 of the
12			* License, or (at your option) any later version.
13			*
14			* This program is distributed in the hope that it will be useful,
15			* but WITHOUT ANY WARRANTY; without even the implied warranty of
16			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17			* GNU Affero General Public License for more details.
18			*
19			* You should have received a copy of the GNU Affero General Public License
20			* along with this program. If not, see <http://www.gnu.org/licenses/>.
21			*
22			*/
23
24			namespace OCA\Passman\Db;
25
26			use OCA\Passman\Utility\Utils;
27			use OCP\AppFramework\Db\DoesNotExistException;
28			use OCP\AppFramework\Db\Entity;
29			use OCP\AppFramework\Db\MultipleObjectsReturnedException;
30			use OCP\AppFramework\Db\QBMapper;
31			use OCP\DB\QueryBuilder\IQueryBuilder;
32			use OCP\IDBConnection;
33
34			class CredentialMapper extends QBMapper {
35			const TABLE_NAME = 'passman_credentials';
36			private Utils $utils;
			0 ignored issues – show Bug introduced 2021-03-22 15:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code did not parse for me. Apparently, there is an error somewhere around this line: Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST Loading history...
37
38			public function __construct(IDBConnection $db, Utils $utils) {
39			parent::__construct($db, self::TABLE_NAME);
40			$this->utils = $utils;
41			}
42
43
44			/**
45			* Obtains the credentials by vault id (not guid)
46			*
47			* @param string $vault_id
48			* @param string $user_id
49			* @return Entity[]
50			*/
51			public function getCredentialsByVaultId(string $vault_id, string $user_id) {
52			$qb = $this->db->getQueryBuilder();
53			$qb->select('*')
54			->from(self::TABLE_NAME)
55			->where($qb->expr()->eq('user_id', $qb->createNamedParameter($user_id, IQueryBuilder::PARAM_STR)))
56			->andWhere($qb->expr()->eq('vault_id', $qb->createNamedParameter($vault_id, IQueryBuilder::PARAM_STR)));
57
58			return $this->findEntities($qb);
59			}
60
61			/**
62			* Get a random credential from a vault
63			*
64			* @param string $vault_id
65			* @param string $user_id
66			* @return Credential[]
67			*/
68			public function getRandomCredentialByVaultId(string $vault_id, string $user_id) {
69			$qb = $this->db->getQueryBuilder();
70			$qb->select('*')
71			->from(self::TABLE_NAME)
72			->where($qb->expr()->eq('user_id', $qb->createNamedParameter($user_id, IQueryBuilder::PARAM_STR)))
73			->andWhere($qb->expr()->eq('vault_id', $qb->createNamedParameter($vault_id, IQueryBuilder::PARAM_STR)))
74			->andWhere($qb->expr()->isNull('shared_key'))
75			->setMaxResults(20);
76
77			$entities = $this->findEntities($qb);
78			$count = count($entities) - 1;
79
80			/** @var Credential[] $entity */
81			$entity = array_splice($entities, rand(0, $count), 1);
82			return $entity;
83			}
84
85			/**
86			* Get expired credentials
87			*
88			* @param int $timestamp
89			* @return Entity[]
90			*/
91			public function getExpiredCredentials(int $timestamp) {
92			$qb = $this->db->getQueryBuilder();
93			$qb->select('*')
94			->from(self::TABLE_NAME)
95			->where($qb->expr()->gt('expire_time', $qb->createNamedParameter(0, IQueryBuilder::PARAM_INT)))
96			->andWhere($qb->expr()->lt('expire_time', $qb->createNamedParameter($timestamp, IQueryBuilder::PARAM_INT)));
97
98			return $this->findEntities($qb);
99			}
100
101			/**
102			* Get an credential by id.
103			* Optional user id
104			*
105			* @param int $credential_id
106			* @param string\|null $user_id
107			* @return Entity
108			* @throws DoesNotExistException
109			* @throws MultipleObjectsReturnedException
110			*/
111			public function getCredentialById(int $credential_id, string $user_id = null) {
112			$qb = $this->db->getQueryBuilder();
113			$qb->select('*')
114			->from(self::TABLE_NAME)
115			->where($qb->expr()->eq('id', $qb->createNamedParameter($credential_id, IQueryBuilder::PARAM_INT)));
116
117			if ($user_id !== null) {
118			$qb->andWhere($qb->expr()->eq('user_id', $qb->createNamedParameter($user_id, IQueryBuilder::PARAM_STR)));
119			}
120
121			return $this->findEntity($qb);
122			}
123
124			/**
125			* Get credential label by id
126			*
127			* @param int $credential_id
128			* @return Entity
129			* @throws DoesNotExistException
130			* @throws MultipleObjectsReturnedException
131			*/
132			public function getCredentialLabelById(int $credential_id) {
133			$qb = $this->db->getQueryBuilder();
134			$qb->select(['id', 'label'])
135			->from(self::TABLE_NAME)
136			->where($qb->expr()->eq('id', $qb->createNamedParameter($credential_id, IQueryBuilder::PARAM_INT)));
137
138			return $this->findEntity($qb);
139			}
140
141			/**
142			* Save credential to the database.
143			*
144			* @param $raw_credential
145			* @return Credential
146			*/
147			public function create($raw_credential) {
148			$credential = new Credential();
149
150			$credential->setGuid($this->utils->GUID());
151			$credential->setVaultId($raw_credential['vault_id']);
152			$credential->setUserId($raw_credential['user_id']);
153			$credential->setLabel($raw_credential['label']);
154			$credential->setDescription($raw_credential['description']);
155			$credential->setCreated($this->utils->getTime());
156			$credential->setChanged($this->utils->getTime());
157			$credential->setTags($raw_credential['tags']);
158			$credential->setEmail($raw_credential['email']);
159			$credential->setUsername($raw_credential['username']);
160			$credential->setPassword($raw_credential['password']);
161			$credential->setUrl($raw_credential['url']);
162			$credential->setIcon($raw_credential['icon']);
163			$credential->setRenewInterval($raw_credential['renew_interval']);
164			$credential->setExpireTime($raw_credential['expire_time']);
165			$credential->setDeleteTime($raw_credential['delete_time']);
166			$credential->setFiles($raw_credential['files']);
167			$credential->setCustomFields($raw_credential['custom_fields']);
168			$credential->setOtp($raw_credential['otp']);
169			$credential->setHidden($raw_credential['hidden']);
170			$credential->setCompromised($raw_credential['compromised']);
171			if (isset($raw_credential['shared_key'])) {
172			$credential->setSharedKey($raw_credential['shared_key']);
173			}
174			return parent::insert($credential);
175			}
176
177			/**
178			* @param $raw_credential array An array containing all the credential fields
179			* @param $useRawUser bool
180			* @return Credential\|Entity The updated credential
181			* @throws DoesNotExistException
182			* @throws MultipleObjectsReturnedException
183			*/
184			public function updateCredential($raw_credential, bool $useRawUser) {
185			$original = $this->getCredentialByGUID($raw_credential['guid']);
186			$uid = ($useRawUser) ? $raw_credential['user_id'] : $original->getUserId();
187
188			$credential = new Credential();
189			$credential->setId($original->getId());
190			$credential->setGuid($original->getGuid());
191			$credential->setVaultId($original->getVaultId());
192			$credential->setUserId($uid);
193			$credential->setLabel($raw_credential['label']);
194			$credential->setDescription($raw_credential['description']);
195			$credential->setCreated($original->getCreated());
196			$credential->setChanged($this->utils->getTime());
197			$credential->setTags($raw_credential['tags']);
198			$credential->setEmail($raw_credential['email']);
199			$credential->setUsername($raw_credential['username']);
200			$credential->setPassword($raw_credential['password']);
201			$credential->setUrl($raw_credential['url']);
202			$credential->setIcon($raw_credential['icon']);
203			$credential->setRenewInterval($raw_credential['renew_interval']);
204			$credential->setExpireTime($raw_credential['expire_time']);
205			$credential->setFiles($raw_credential['files']);
206			$credential->setCustomFields($raw_credential['custom_fields']);
207			$credential->setOtp($raw_credential['otp']);
208			$credential->setHidden($raw_credential['hidden']);
209			$credential->setDeleteTime($raw_credential['delete_time']);
210			$credential->setCompromised($raw_credential['compromised']);
211
212			if (isset($raw_credential['shared_key'])) {
213			$credential->setSharedKey($raw_credential['shared_key']);
214			}
215			return parent::update($credential);
216			}
217
218			public function deleteCredential(Credential $credential) {
219			return $this->delete($credential);
220			}
221
222			public function upd(Credential $credential) {
223			$this->update($credential);
224			}
225
226			/**
227			* Finds a credential by the given guid
228			*
229			* @param string $credential_guid
230			* @param string\|null $user_id
231			* @return Entity
232			* @throws DoesNotExistException
233			* @throws MultipleObjectsReturnedException
234			*/
235			public function getCredentialByGUID(string $credential_guid, string $user_id = null) {
236			$qb = $this->db->getQueryBuilder();
237			$qb->select('*')
238			->from(self::TABLE_NAME)
239			->where($qb->expr()->eq('guid', $qb->createNamedParameter($credential_guid, IQueryBuilder::PARAM_STR)));
240
241			if ($user_id !== null) {
242			$qb->andWhere($qb->expr()->eq('user_id', $qb->createNamedParameter($user_id, IQueryBuilder::PARAM_STR)));
243			}
244
245			return $this->findEntity($qb);
246			}
247			}
248

nextcloud / passman

Push — master ( e8410d...a45585 )

lib/Db/CredentialMapper.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like