checkUSerCRUDRights() - Code Metrics - Inspection of "3.1.2" - nilsteampassnet/TeamPass - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( e2a2dc...f01dee )

by Nils

created 2024-03-09 08:45 UTC

checkUSerCRUDRights() B

↳ Parent: Project

Complexity

Conditions	9
Paths	5

Size

Total Lines	12
Code Lines	10

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	9
eloc	10
nc	5
nop	2
dl	0
loc	12
rs	8.0555
c	0
b	0
f	0

<?php
/**
 * Teampass - a collaborative passwords manager.
 * ---
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * ---
 *
 * @project   Teampass
 * @version    API
 *
 * @file      bootstrap.php
 * ---
 *
 * @author    Nils Laumaillé ([email protected])
 *
 * @copyright 2009-2024 Teampass.net
 *
 * @license   https://spdx.org/licenses/GPL-3.0-only.html#licenseText GPL-3.0
 * ---
 *
 * @see       https://www.teampass.net
 */


define("API_ROOT_PATH", __DIR__ . "/..");

// include main configuration file
require API_ROOT_PATH . '/../sources/main.functions.php';

// init
loadClasses('DB');

// include the base controller file
require API_ROOT_PATH . "/Controller/Api/BaseController.php";

// include the use model file
require API_ROOT_PATH . "/Model/UserModel.php";
require API_ROOT_PATH . "/Model/ItemModel.php";
require API_ROOT_PATH . "/Model/FolderModel.php";

/**
 * Launch expected action for ITEM
 *
 * @param array $actions
 * @param array $userData
 * @return void
 */
function itemAction(array $actions, array $userData)
{
    // Check if user has rights to perform the action
    if (checkUSerCRUDRights($userData, $actions[0]) === false) {
        errorHdl(
            'HTTP/1.1 404 Not Found',
            json_encode(['error' => 'API requested action is not allowed for this user'])
        );
        return false;

    }
    // Perform the action
    require API_ROOT_PATH . "/Controller/Api/ItemController.php";    
    $objFeedController = new ItemController();
    $strMethodName = $actions[0] . 'Action';
    $objFeedController->{$strMethodName}($userData);
}

/**
 * Launch expected action for FOLDER
 *
 * @param array $actions
 * @param array $userData
 * @return void
 */
function folderAction(array $actions, array $userData)
{
    // Check if user has rights to perform the action
    if (checkUSerCRUDRights($userData, $actions[0]) === false) {
        errorHdl(
            'HTTP/1.1 404 Not Found',
            json_encode(['error' => 'API requested action is not allowed for this user'])
        );
        return false;

    }
    // Perform the action
    require API_ROOT_PATH . "/Controller/Api/FolderController.php";
    $objFeedController = new FolderController();
    $strMethodName = $actions[0] . 'Action';
    $objFeedController->{$strMethodName}($userData);
}

function checkUSerCRUDRights($userData, $actionToPerform): bool
{
    if ($actionToPerform === 'create' && $userData['allowed_to_create'] === 1) {
        return true;
    } elseif (in_array($actionToPerform, ['read', 'get', 'inFolders']) === true && $userData['allowed_to_read'] === 1) {
        return true;
    } elseif ($actionToPerform === 'update' && $userData['allowed_to_update'] === 1) {
        return true;
    } elseif ($actionToPerform === 'delete' && $userData['allowed_to_delete'] === 1) {
        return true;
    } else {
        return false;
    }
}

/**
 * Check if API usage is allowed in Teampass settings
 *
 * @return string
 */
function apiIsEnabled(): string
{
    include API_ROOT_PATH . '/../includes/config/tp.config.php';

    if (isset($SETTINGS) === true && isset($SETTINGS['api']) === true && (int) $SETTINGS['api'] === 1) {

        return json_encode(
            [
                'error' => false,
                'error_message' => '',
                'error_header' => '',
            ]
        );
    } else {
        return json_encode(
            [
                'error' => true,
                'error_message' => 'API usage is not allowed',
                'error_header' => 'HTTP/1.1 404 Not Found',
            ]
        );
    }
}


/**
 * Check if connection is authorized
 *
 * @return string
 */
function verifyAuth(): string
{
    include_once API_ROOT_PATH . '/inc/jwt_utils.php';
    $bearer_token = get_bearer_token();

    if (empty($bearer_token) === false && is_jwt_valid($bearer_token) === true) {
        return json_encode(
            [
                'error' => false,
                'error_message' => '',
                'error_header' => '',
            ]
        );
    } else {
        return json_encode(
            [
                'error' => true,
                'error_message' => 'Access denied',
                'error_header' => 'HTTP/1.1 404 Not Found',
            ]
        );
    }
}


/**
 * Get the payload from bearer
 *
 * @return string
 */
function getDataFromToken(): string
{
    include_once API_ROOT_PATH . '/inc/jwt_utils.php';
    $bearer_token = get_bearer_token();

    if (empty($bearer_token) === false) {
        return json_encode(
            [
                'data' => get_bearer_data($bearer_token),
                'error' => false,
                'error_message' => '',
                'error_header' => '',
            ]
        );
    } else {
        return json_encode(
            [
                'error' => true,
                'error_message' => 'Access denied2',
                'error_header' => 'HTTP/1.1 404 Not Found',
            ]
        );
    }
}


/**
 * Send error output
 *
 * @param string $errorHeader
 * @param string $errorValues
 * @return void
 */
function errorHdl(string $errorHeader, string $errorValues)
{
    header_remove('Set-Cookie');

    header($errorHeader);

    echo $errorValues;
}

1			<?php
2			/**
3			* Teampass - a collaborative passwords manager.
4			* ---
5			* This library is distributed in the hope that it will be useful,
6			* but WITHOUT ANY WARRANTY; without even the implied warranty of
7			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
8			* ---
9			*
10			* @project Teampass
11			* @version API
12			*
13			* @file bootstrap.php
14			* ---
15			*
16			* @author Nils Laumaillé ([email protected])
17			*
18			* @copyright 2009-2024 Teampass.net
19			*
20			* @license https://spdx.org/licenses/GPL-3.0-only.html#licenseText GPL-3.0
21			* ---
22			*
23			* @see https://www.teampass.net
24			*/
25
26
27			define("API_ROOT_PATH", __DIR__ . "/..");
28
29			// include main configuration file
30			require API_ROOT_PATH . '/../sources/main.functions.php';
31
32			// init
33			loadClasses('DB');
34
35			// include the base controller file
36			require API_ROOT_PATH . "/Controller/Api/BaseController.php";
37
38			// include the use model file
39			require API_ROOT_PATH . "/Model/UserModel.php";
40			require API_ROOT_PATH . "/Model/ItemModel.php";
41			require API_ROOT_PATH . "/Model/FolderModel.php";
42
43			/**
44			* Launch expected action for ITEM
45			*
46			* @param array $actions
47			* @param array $userData
48			* @return void
49			*/
50			function itemAction(array $actions, array $userData)
51			{
52			// Check if user has rights to perform the action
53			if (checkUSerCRUDRights($userData, $actions[0]) === false) {
54			errorHdl(
55			'HTTP/1.1 404 Not Found',
56			json_encode(['error' => 'API requested action is not allowed for this user'])
57			);
58			return false;
			0 ignored issues – show Bug Best Practice introduced 2024-03-09 08:50 UTC by Report Bug Copy Issue Report The expression `return false` returns the type `false` which is incompatible with the documented return type `void`. Loading history...
59			}
60			// Perform the action
61			require API_ROOT_PATH . "/Controller/Api/ItemController.php";
62			$objFeedController = new ItemController();
63			$strMethodName = $actions[0] . 'Action';
64			$objFeedController->{$strMethodName}($userData);
65			}
66
67			/**
68			* Launch expected action for FOLDER
69			*
70			* @param array $actions
71			* @param array $userData
72			* @return void
73			*/
74			function folderAction(array $actions, array $userData)
75			{
76			// Check if user has rights to perform the action
77			if (checkUSerCRUDRights($userData, $actions[0]) === false) {
78			errorHdl(
79			'HTTP/1.1 404 Not Found',
80			json_encode(['error' => 'API requested action is not allowed for this user'])
81			);
82			return false;
			0 ignored issues – show Bug Best Practice introduced 2024-03-09 08:50 UTC by Report Bug Copy Issue Report The expression `return false` returns the type `false` which is incompatible with the documented return type `void`. Loading history...
83			}
84			// Perform the action
85			require API_ROOT_PATH . "/Controller/Api/FolderController.php";
86			$objFeedController = new FolderController();
87			$strMethodName = $actions[0] . 'Action';
88			$objFeedController->{$strMethodName}($userData);
89			}
90
91			function checkUSerCRUDRights($userData, $actionToPerform): bool
92			{
93			if ($actionToPerform === 'create' && $userData['allowed_to_create'] === 1) {
94			return true;
95			} elseif (in_array($actionToPerform, ['read', 'get', 'inFolders']) === true && $userData['allowed_to_read'] === 1) {
96			return true;
97			} elseif ($actionToPerform === 'update' && $userData['allowed_to_update'] === 1) {
98			return true;
99			} elseif ($actionToPerform === 'delete' && $userData['allowed_to_delete'] === 1) {
100			return true;
101			} else {
102			return false;
103			}
104			}
105
106			/**
107			* Check if API usage is allowed in Teampass settings
108			*
109			* @return string
110			*/
111			function apiIsEnabled(): string
112			{
113			include API_ROOT_PATH . '/../includes/config/tp.config.php';
114
115			if (isset($SETTINGS) === true && isset($SETTINGS['api']) === true && (int) $SETTINGS['api'] === 1) {
			1 ignored issue – show Comprehensibility Best Practice introduced 2023-11-12 08:41 UTC by Report Bug Copy Issue Report The variable `$SETTINGS` seems to never exist and therefore `isset` should always be `false`. Loading history...
116			return json_encode(
117			[
118			'error' => false,
119			'error_message' => '',
120			'error_header' => '',
121			]
122			);
123			} else {
124			return json_encode(
125			[
126			'error' => true,
127			'error_message' => 'API usage is not allowed',
128			'error_header' => 'HTTP/1.1 404 Not Found',
129			]
130			);
131			}
132			}
133
134
135			/**
136			* Check if connection is authorized
137			*
138			* @return string
139			*/
140			function verifyAuth(): string
141			{
142			include_once API_ROOT_PATH . '/inc/jwt_utils.php';
143			$bearer_token = get_bearer_token();
144
145			if (empty($bearer_token) === false && is_jwt_valid($bearer_token) === true) {
146			return json_encode(
147			[
148			'error' => false,
149			'error_message' => '',
150			'error_header' => '',
151			]
152			);
153			} else {
154			return json_encode(
155			[
156			'error' => true,
157			'error_message' => 'Access denied',
158			'error_header' => 'HTTP/1.1 404 Not Found',
159			]
160			);
161			}
162			}
163
164
165			/**
166			* Get the payload from bearer
167			*
168			* @return string
169			*/
170			function getDataFromToken(): string
171			{
172			include_once API_ROOT_PATH . '/inc/jwt_utils.php';
173			$bearer_token = get_bearer_token();
174
175			if (empty($bearer_token) === false) {
176			return json_encode(
177			[
178			'data' => get_bearer_data($bearer_token),
179			'error' => false,
180			'error_message' => '',
181			'error_header' => '',
182			]
183			);
184			} else {
185			return json_encode(
186			[
187			'error' => true,
188			'error_message' => 'Access denied2',
189			'error_header' => 'HTTP/1.1 404 Not Found',
190			]
191			);
192			}
193			}
194
195
196			/**
197			* Send error output
198			*
199			* @param string $errorHeader
200			* @param string $errorValues
201			* @return void
202			*/
203			function errorHdl(string $errorHeader, string $errorValues)
204			{
205			header_remove('Set-Cookie');
206
207			header($errorHeader);
208
209			echo $errorValues;
210			}

nilsteampassnet / TeamPass

Push — master ( e2a2dc...f01dee )

checkUSerCRUDRights() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like