BusinessUnitAclProvider::getBusinessUnitIds() - Code Metrics - Inspection of "Merge pull request #7491 from laboro/ticket/CRM-54..." - orocrm/platform - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( e32eeb...714cda )

unknown

created 2016-05-19 06:21 UTC

BusinessUnitAclProvider::getBusinessUnitIds() C

↳ Parent: BusinessUnitAclProvider

Complexity

Conditions	7
Paths	6

Size

Total Lines	31
Code Lines	20

Duplication

Lines	6
Ratio	19.35 %

Importance

Changes	2
Bugs	1	Features	1

Metric	Value
dl	6
loc	31
rs	6.7272
c	2
b	1
f	1
cc	7
eloc	20
nc	6
nop	2

<?php

namespace Oro\Bundle\OrganizationBundle\Provider;

use Oro\Bundle\SecurityBundle\Acl\AccessLevel;
use Oro\Bundle\SecurityBundle\Acl\Domain\OneShotIsGrantedObserver;
use Oro\Bundle\SecurityBundle\Acl\Voter\AclVoter;
use Oro\Bundle\SecurityBundle\SecurityFacade;
use Oro\Bundle\SecurityBundle\Owner\OwnerTreeProvider;

class BusinessUnitAclProvider
{
    /** @var SecurityFacade */
    protected $securityFacade;

    /** @var AclVoter */
    protected $aclVoter;

    /** @var OwnerTreeProvider */
    protected $treeProvider;

    /** @var OneShotIsGrantedObserver */
    protected $observer;

    /** @var string */
    protected $accessLevel;

    /**
     * @param SecurityFacade    $securityFacade
     * @param AclVoter          $aclVoter
     * @param OwnerTreeProvider $treeProvider
     */
    public function __construct(
        SecurityFacade $securityFacade,
        AclVoter $aclVoter,
        OwnerTreeProvider $treeProvider
    ) {
        $this->securityFacade      = $securityFacade;
        $this->aclVoter            = $aclVoter;
        $this->treeProvider        = $treeProvider;
        $this->observer            = new OneShotIsGrantedObserver();
    }

    /**
     * Get business units ids for current user and current entity access level
     *
     * @param string $dataClassName
     * @param string $permission
     * @return array
     */
    public function getBusinessUnitIds($dataClassName, $permission = 'VIEW')
    {
        $ids = [];

        $this->accessLevel = $this->getAccessLevel($permission, 'entity:' . $dataClassName);
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
        $currentUser = $this->securityFacade->getLoggedUser();

        if (!$currentUser || !$this->accessLevel) {
0   == false // true
0   == null  // true
123 == false // false
123 == null  // false

// It is often better to use strict comparison
0 === false // false
0 === null  // false
            return $ids;
        }

        if (AccessLevel::SYSTEM_LEVEL === $this->accessLevel) {
            $ids = $this->treeProvider->getTree()->getAllBusinessUnitIds();
        } elseif (AccessLevel::GLOBAL_LEVEL === $this->accessLevel) {
            $ids = $this->treeProvider->getTree()->getOrganizationBusinessUnitIds(
                $this->getOrganizationContextId()
            );
        } elseif (AccessLevel::DEEP_LEVEL === $this->accessLevel) {
            $ids = $this->treeProvider->getTree()->getUserSubordinateBusinessUnitIds(
                $currentUser->getId(),
                $this->getOrganizationContextId()
            );
        } elseif (AccessLevel::LOCAL_LEVEL === $this->accessLevel) {
            $ids = $this->treeProvider->getTree()->getUserBusinessUnitIds(
                $currentUser->getId(),
                $this->getOrganizationContextId()
            );
        }

        return $ids;
    }

    /**
     * @return string
     */
    public function getProcessedEntityAccessLevel()
    {
        return $this->accessLevel;
    }

    /**
     * Get object's access level
     *
     * @param string $permission
     * @param string $object
     * @return null|int
     */
    protected function getAccessLevel($permission, $object)
    {
        $this->aclVoter->addOneShotIsGrantedObserver($this->observer);
        if ($this->securityFacade->isGranted($permission, $object)) {
            return $this->observer->getAccessLevel();
        }

        return null;
    }

    /**
     * @return int
     */
    protected function getOrganizationContextId()
    {
        return $this->securityFacade->getOrganization()->getId();
    }
}


1		<?php
2
3		namespace Oro\Bundle\OrganizationBundle\Provider;
4
5		use Oro\Bundle\SecurityBundle\Acl\AccessLevel;
6		use Oro\Bundle\SecurityBundle\Acl\Domain\OneShotIsGrantedObserver;
7		use Oro\Bundle\SecurityBundle\Acl\Voter\AclVoter;
8		use Oro\Bundle\SecurityBundle\SecurityFacade;
9		use Oro\Bundle\SecurityBundle\Owner\OwnerTreeProvider;
10
11		class BusinessUnitAclProvider
12		{
13		/** @var SecurityFacade */
14		protected $securityFacade;
15
16		/** @var AclVoter */
17		protected $aclVoter;
18
19		/** @var OwnerTreeProvider */
20		protected $treeProvider;
21
22		/** @var OneShotIsGrantedObserver */
23		protected $observer;
24
25		/** @var string */
26		protected $accessLevel;
27
28		/**
29		* @param SecurityFacade $securityFacade
30		* @param AclVoter $aclVoter
31		* @param OwnerTreeProvider $treeProvider
32		*/
33		public function __construct(
34		SecurityFacade $securityFacade,
35		AclVoter $aclVoter,
36		OwnerTreeProvider $treeProvider
37		) {
38		$this->securityFacade = $securityFacade;
39		$this->aclVoter = $aclVoter;
40		$this->treeProvider = $treeProvider;
41		$this->observer = new OneShotIsGrantedObserver();
42		}
43
44		/**
45		* Get business units ids for current user and current entity access level
46		*
47		* @param string $dataClassName
48		* @param string $permission
49		* @return array
50		*/
51		public function getBusinessUnitIds($dataClassName, $permission = 'VIEW')
52		{
53		$ids = [];
54
55		$this->accessLevel = $this->getAccessLevel($permission, 'entity:' . $dataClassName);
		0 ignored issues – show Documentation Bug introduced 2016-05-19 07:50 UTC by Report Bug Copy Issue Report It seems like `$this->getAccessLevel($p...ity:' . $dataClassName)` can also be of type `integer`. However, the property `$accessLevel` is declared as type `string`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
56		$currentUser = $this->securityFacade->getLoggedUser();
57
58		if (!$currentUser \|\| !$this->accessLevel) {
		0 ignored issues – show Bug Best Practice introduced 2016-05-19 07:50 UTC by Report Bug Copy Issue Report The expression `$this->accessLevel` of type `null\|integer` is loosely compared to `false`; this is ambiguous if the integer can be zero. You might want to explicitly use `=== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `integer` values, zero is a special case, in particular the following results might be unexpected: 0 == false // true 0 == null // true 123 == false // false 123 == null // false // It is often better to use strict comparison 0 === false // false 0 === null // false Loading history...
59		return $ids;
60		}
61
62		if (AccessLevel::SYSTEM_LEVEL === $this->accessLevel) {
63		$ids = $this->treeProvider->getTree()->getAllBusinessUnitIds();
64		} elseif (AccessLevel::GLOBAL_LEVEL === $this->accessLevel) {
65		$ids = $this->treeProvider->getTree()->getOrganizationBusinessUnitIds(
66		$this->getOrganizationContextId()
67		);
68	View Code Duplication	} elseif (AccessLevel::DEEP_LEVEL === $this->accessLevel) {
69		$ids = $this->treeProvider->getTree()->getUserSubordinateBusinessUnitIds(
70		$currentUser->getId(),
71		$this->getOrganizationContextId()
72		);
73		} elseif (AccessLevel::LOCAL_LEVEL === $this->accessLevel) {
74		$ids = $this->treeProvider->getTree()->getUserBusinessUnitIds(
75		$currentUser->getId(),
76		$this->getOrganizationContextId()
77		);
78		}
79
80		return $ids;
81		}
82
83		/**
84		* @return string
85		*/
86		public function getProcessedEntityAccessLevel()
87		{
88		return $this->accessLevel;
89		}
90
91		/**
92		* Get object's access level
93		*
94		* @param string $permission
95		* @param string $object
96		* @return null\|int
97		*/
98		protected function getAccessLevel($permission, $object)
99		{
100		$this->aclVoter->addOneShotIsGrantedObserver($this->observer);
101		if ($this->securityFacade->isGranted($permission, $object)) {
102		return $this->observer->getAccessLevel();
103		}
104
105		return null;
106		}
107
108		/**
109		* @return int
110		*/
111		protected function getOrganizationContextId()
112		{
113		return $this->securityFacade->getOrganization()->getId();
114		}
115		}
116

orocrm / platform

Push — master ( e32eeb...714cda )

BusinessUnitAclProvider::getBusinessUnitIds() C

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like