IndexController::isLoggedIn() - Code Metrics - Inspection of "Add authentication to updater" - owncloud/updater - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#233)

by Lukas

created 2016-02-09 16:52 UTC

IndexController::isLoggedIn() B

↳ Parent: IndexController

Complexity

Conditions	5
Paths	10

Size

Total Lines	16
Code Lines	10

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	30

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
c	1
b	0
f	1
dl	0
loc	16
ccs	0
cts	13
cp	0
rs	8.8571
cc	5
eloc	10
nc	10
nop	0
crap	30

<?php

/**
 * @author Victor Dubiniuk <[email protected]>
 *
 * @copyright Copyright (c) 2015, ownCloud, Inc.
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */

namespace Owncloud\Updater\Controller;

use League\Plates\Extension\URI;
use Owncloud\Updater\Utils\ConfigReader;
use Symfony\Component\Console\Input\StringInput;
use Symfony\Component\Console\Output\BufferedOutput;
use Owncloud\Updater\Formatter\HtmlOutputFormatter;
use Owncloud\Updater\Http\Request;
use League\Plates\Engine;
use League\Plates\Extension\Asset;

class IndexController {

	/** @var \Pimple\Container */
	protected $container;

	/** @var Request */
	protected $request;

	/** @var string $command */
	protected $command;

	public function __construct(\Pimple\Container $container, $request = null){
		$this->container = $container;
		if (is_null($request)){
			$this->request = new Request(['post' => $_POST, 'headers' => $_SERVER]);
		} else {
			$this->request = $request;
		}

		$this->command = $this->request->postParameter('command');
	}

	public function dispatch() {
		// strip index.php and query string (if any) to get a real base url
		$baseUrl = preg_replace('/(index\.php.*|\?.*)$/', '', $_SERVER['REQUEST_URI']);
		$templates = new Engine(CURRENT_DIR . '/src/Resources/views/');
		$templates->loadExtension(new Asset(CURRENT_DIR . '/pub/', false));
		$templates->loadExtension(new URI($baseUrl));

		// Check if the user is logged-in
		if(!$this->isLoggedIn()) {
$a = canBeFalseAndNull();

// Instead of
if ( ! $a) { }

// Better use one of the explicit versions:
if ($a !== null) { }
if ($a !== false) { }
if ($a !== null && $a !== false) { }
			return $this->showLogin($templates);
		}

		if (is_null($this->command)){
			$checkpoints = $this->container['utils.checkpoint']->getAll();
			$content = $templates->render(
					'partials/inner',
					[
						'title' => 'Updater',
						'version' => $this->container['application']->getVersion(),
						'checkpoints' => $checkpoints
					]
			);
		} else {
			header('Content-Type: application/json');
			$content = json_encode($this->ajaxAction(), JSON_UNESCAPED_SLASHES);
		}
		return $content;
	}

	protected function isLoggedIn() {
		/** @var ConfigReader $configReader */
		$configReader = $this->container['utils.configReader'];
		$configReader->init();
		$storedSecret = isset($configReader->get(['system'])['updater.secret']) ? $configReader->get(['system'])['updater.secret'] : null;
		if(is_null($storedSecret)) {
			die('updater.secret is undefined in config/config.php. Please define a secret.');
		}
		$sentAuthHeader = ($this->request->header('Authorization') !== null) ? $this->request->header('Authorization') : '';

		if(hash_equals($storedSecret, $sentAuthHeader)) {
			return true;
		}

		return false;
	}

	public function showLogin(Engine $templates) {
		// If it is a request with invalid token just return "false" so that we can catch this
		$token = ($this->request->header('Authorization') !== null) ? $this->request->header('Authorization') : '';
		if($token !== '') {
			return 'false';
		}

		$content = $templates->render(
			'partials/login',
			[
				'title' => 'Login Required',
			]
		);
		return $content;
	}

	public function loginAction() {

	}

	public function ajaxAction() {
		$application = $this->container['application'];

		$input = new StringInput($this->command);
		$input->setInteractive(false);

		$output = new BufferedOutput();
		$formatter = $output->getFormatter();
		$formatter->setDecorated(true);
		$output->setFormatter(new HtmlOutputFormatter($formatter));

		$application->setAutoExit(false);
		// Some commands  dump things out instead of returning a value
		ob_start();
		$errorCode = $application->run($input, $output);
		if (!$result = $output->fetch()){
			$result = ob_get_contents(); // If empty, replace it by the catched output
		}
		ob_end_clean();
		$result = nl2br($result);
		$result = preg_replace('|<br />\r.*<br />(\r.*?)<br />|', '$1<br />', $result);

		return [
			'input' => $this->command,
			'output' => $result,
			'environment' => '',
			'error_code' => $errorCode
		];
	}

}


1			<?php
2
3			/**
4			* @author Victor Dubiniuk <[email protected]>
5			*
6			* @copyright Copyright (c) 2015, ownCloud, Inc.
7			* @license AGPL-3.0
8			*
9			* This code is free software: you can redistribute it and/or modify
10			* it under the terms of the GNU Affero General Public License, version 3,
11			* as published by the Free Software Foundation.
12			*
13			* This program is distributed in the hope that it will be useful,
14			* but WITHOUT ANY WARRANTY; without even the implied warranty of
15			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16			* GNU Affero General Public License for more details.
17			*
18			* You should have received a copy of the GNU Affero General Public License, version 3,
19			* along with this program. If not, see <http://www.gnu.org/licenses/>
20			*
21			*/
22
23			namespace Owncloud\Updater\Controller;
24
25			use League\Plates\Extension\URI;
26			use Owncloud\Updater\Utils\ConfigReader;
27			use Symfony\Component\Console\Input\StringInput;
28			use Symfony\Component\Console\Output\BufferedOutput;
29			use Owncloud\Updater\Formatter\HtmlOutputFormatter;
30			use Owncloud\Updater\Http\Request;
31			use League\Plates\Engine;
32			use League\Plates\Extension\Asset;
33
34			class IndexController {
35
36			/** @var \Pimple\Container */
37			protected $container;
38
39			/** @var Request */
40			protected $request;
41
42			/** @var string $command */
43			protected $command;
44
45			public function __construct(\Pimple\Container $container, $request = null){
46			$this->container = $container;
47			if (is_null($request)){
48			$this->request = new Request(['post' => $_POST, 'headers' => $_SERVER]);
49			} else {
50			$this->request = $request;
51			}
52
53			$this->command = $this->request->postParameter('command');
54			}
55
56			public function dispatch() {
57			// strip index.php and query string (if any) to get a real base url
58			$baseUrl = preg_replace('/(index\.php.\|\?.)$/', '', $_SERVER['REQUEST_URI']);
59			$templates = new Engine(CURRENT_DIR . '/src/Resources/views/');
60			$templates->loadExtension(new Asset(CURRENT_DIR . '/pub/', false));
61			$templates->loadExtension(new URI($baseUrl));
62
63			// Check if the user is logged-in
64			if(!$this->isLoggedIn()) {
			0 ignored issues – show Bug Best Practice introduced 2016-02-09 16:55 UTC by Report Bug Copy Issue Report The expression `$this->isLoggedIn()` of type `null\|boolean` is loosely compared to `false`; this is ambiguous if the boolean can be false. You might want to explicitly use `!== null` instead. If an expression can have both `false`, and `null` as possible values. It is generally a good practice to always use strict comparison to clearly distinguish between those two values. $a = canBeFalseAndNull(); // Instead of if ( ! $a) { } // Better use one of the explicit versions: if ($a !== null) { } if ($a !== false) { } if ($a !== null && $a !== false) { } Loading history...
65			return $this->showLogin($templates);
66			}
67
68			if (is_null($this->command)){
69			$checkpoints = $this->container['utils.checkpoint']->getAll();
70			$content = $templates->render(
71			'partials/inner',
72			[
73			'title' => 'Updater',
74			'version' => $this->container['application']->getVersion(),
75			'checkpoints' => $checkpoints
76			]
77			);
78			} else {
79			header('Content-Type: application/json');
80			$content = json_encode($this->ajaxAction(), JSON_UNESCAPED_SLASHES);
81			}
82			return $content;
83			}
84
85			protected function isLoggedIn() {
86			/** @var ConfigReader $configReader */
87			$configReader = $this->container['utils.configReader'];
88			$configReader->init();
89			$storedSecret = isset($configReader->get(['system'])['updater.secret']) ? $configReader->get(['system'])['updater.secret'] : null;
90			if(is_null($storedSecret)) {
91			die('updater.secret is undefined in config/config.php. Please define a secret.');
92			}
93			$sentAuthHeader = ($this->request->header('Authorization') !== null) ? $this->request->header('Authorization') : '';
94
95			if(hash_equals($storedSecret, $sentAuthHeader)) {
96			return true;
97			}
98
99			return false;
100			}
101
102			public function showLogin(Engine $templates) {
103			// If it is a request with invalid token just return "false" so that we can catch this
104			$token = ($this->request->header('Authorization') !== null) ? $this->request->header('Authorization') : '';
105			if($token !== '') {
106			return 'false';
107			}
108
109			$content = $templates->render(
110			'partials/login',
111			[
112			'title' => 'Login Required',
113			]
114			);
115			return $content;
116			}
117
118			public function loginAction() {
119
120			}
121
122			public function ajaxAction() {
123			$application = $this->container['application'];
124
125			$input = new StringInput($this->command);
126			$input->setInteractive(false);
127
128			$output = new BufferedOutput();
129			$formatter = $output->getFormatter();
130			$formatter->setDecorated(true);
131			$output->setFormatter(new HtmlOutputFormatter($formatter));
132
133			$application->setAutoExit(false);
134			// Some commands dump things out instead of returning a value
135			ob_start();
136			$errorCode = $application->run($input, $output);
137			if (!$result = $output->fetch()){
138			$result = ob_get_contents(); // If empty, replace it by the catched output
139			}
140			ob_end_clean();
141			$result = nl2br($result);
142			$result = preg_replace('\|<br />\r.<br />(\r.?)<br />\|', '$1<br />', $result);
143
144			return [
145			'input' => $this->command,
146			'output' => $result,
147			'environment' => '',
148			'error_code' => $errorCode
149			];
150			}
151
152			}
153

owncloud / updater

Pull Request — master (#233)

IndexController::isLoggedIn() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like