These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace OpenOrchestra\FunctionalTests\ApiBundle\Controller; |
||
4 | |||
5 | use OpenOrchestra\FunctionalTests\Utils\AbstractAuthenticatedTest; |
||
6 | |||
7 | /** |
||
8 | * Class ApiControllersSecurityTest |
||
9 | * |
||
10 | * @group apiFunctional |
||
11 | */ |
||
12 | class ApiControllersSecurityTest extends AbstractAuthenticatedTest |
||
13 | { |
||
14 | protected $username = "userNoAccess"; |
||
15 | protected $password = "userNoAccess"; |
||
16 | |||
17 | /** |
||
18 | * @param string $url |
||
19 | * @param string $method |
||
20 | * |
||
21 | * @dataProvider provideApiUrl |
||
22 | */ |
||
23 | public function testApi($url, $method = 'GET') |
||
24 | { |
||
25 | $this->client->request($method, $url . '?access_token=' . $this->getAccessToken()); |
||
26 | $this->assertEquals(403, $this->client->getResponse()->getStatusCode()); |
||
27 | } |
||
28 | |||
29 | /** |
||
30 | * @return array |
||
31 | */ |
||
32 | public function provideApiUrl() |
||
33 | { |
||
34 | return array( |
||
35 | 1 => array('/api/node/show/root/2/fr'), |
||
36 | 3 => array('/api/node/root/delete', "DELETE"), |
||
37 | 4 => array('/api/node/root/children/update/order', 'PUT'), |
||
38 | 5 => array('/api/block/list/shared/fr'), |
||
39 | 6 => array('/api/block/list/block-component'), |
||
40 | 8 => array('/api/content-type'), |
||
41 | 12 => array('/api/site'), |
||
42 | 17 => array('/api/keyword'), |
||
43 | //18 => array('/api/trashcan/list'), |
||
0 ignored issues
–
show
|
|||
44 | //19 => array('/api/trashcan/fake_id/restore','PUT'), |
||
0 ignored issues
–
show
Unused Code
Comprehensibility
introduced
by
73% of this comment could be valid code. Did you maybe forget this after debugging?
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them.
Loading history...
|
|||
45 | 20 => array('/api/group/list'), |
||
46 | 21 => array('/api/group/user/list'), |
||
47 | 22 => array('/api/group/duplicate', "POST"), |
||
48 | 23 => array('/api/content/list/lorem_ipsum/2/fr'), |
||
49 | 24 => array('/api/content/duplicate', "POST"), |
||
50 | 25 => array('/api/content/lorem_ipsum/delete', "DELETE"), |
||
51 | 29 => array('/api/content/list-version/lorem_ipsum/fr'), |
||
52 | 30 => array('/api/redirection'), |
||
53 | 32 => array('/api/redirection/node/2/root/fr'), |
||
54 | 33 => array('/api/status'), |
||
55 | 35 => array('/api/content/new-version/r5_3_portes/fr/2', 'POST'), |
||
56 | 36 => array('/api/node/new-version/root/fr/1', 'POST'), |
||
57 | ); |
||
58 | } |
||
59 | } |
||
60 |
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.