Controller - Code Metrics - Inspection of "injecting all dependencies into the Controller ins..." - philiplb/CRUDlex - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( a58675...bb050a )

by Philip

created 2018-06-14 16:38 UTC

Controller D

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	571
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	16

Test Coverage

Coverage

100%

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	58
c	1
b	0
f	0
lcom	1
cbo	16
dl	0
loc	571
ccs	226
cts	226
cp	1
rs	4.5205

17 Methods

Rating	Name	Size	Complexity
A	modifyFilesAndSetFlashBag()	14	3
A	setValidationFailedFlashes()	7	2
C	modifyEntity()	33	7
A	getAfterDeleteRedirectParameters()	15	3
C	buildUpListFilter()	25	8
A	__construct()	8	1
A	getNotFoundPage()	9	1
A	setLocaleAndCheckEntity()	9	2
A	create()	7	1
B	showList()	46	4
B	show()	35	5
A	edit()	10	2
B	delete()	30	5
A	renderFile()	11	4
A	deleteFile()	17	4
A	staticFile()	23	3
A	setLocale()	14	3

How to fix Complexity

<?php

/*
 * This file is part of the CRUDlex package.
 *
 * (c) Philip Lehmann-Böhm <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace CRUDlex;

use League\Flysystem\FilesystemInterface;
use League\Flysystem\Util\MimeType;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\StreamedResponse;
use Symfony\Component\Translation\Translator;
use Twig_Environment;


/**
 * This is the Controller offering all CRUD pages.
 *
 * It offers functions for this routes:
 *
 * "/resource/static" serving static resources
 *
 * "/{entity}/create" creation page of the entity
 *
 * "/{entity}" list page of the entity
 *
 * "/{entity}/{id}" details page of a single entity instance
 *
 * "/{entity}/{id}/edit" edit page of a single entity instance
 *
 * "/{entity}/{id}/delete" POST only deletion route for an entity instance
 *
 * "/{entity}/{id}/{field}/file" renders a file field of an entity instance
 *
 * "/{entity}/{id}/{field}/delete" POST only deletion of a file field of an entity instance
 */
class Controller {

    /**
     * Holds the filesystme.
     * @var FilesystemInterface
     */
    protected $filesystem;

    /**
     * Holds the session.
     * @var Session
     */
    protected $session;

    /**
     * Holds the translator.
     * @var Translator
     */
    protected $translator;

    /**
     * Holds the service.
     * @var Service
     */
    protected $service;

    /**
     * Holds the Twig instance.
     * @var Twig_Environment
     */
    protected $twig;

    /**
     * Postprocesses the entity after modification by handling the uploaded
     * files and setting the flash.
     *
     * @param Request $request
     * the current request
     * @param AbstractData $crudData
     * the data instance of the entity
     * @param Entity $instance
     * the entity
     * @param string $entity
     * the name of the entity
     * @param string $mode
     * whether to 'edit' or to 'create' the entity
     *
     * @return null|\Symfony\Component\HttpFoundation\RedirectResponse
     * the HTTP response of this modification
     */
    protected function modifyFilesAndSetFlashBag(Request $request, AbstractData $crudData, Entity $instance, $entity, $mode)
    {
        $id          = $instance->get('id');
        $fileHandler = new FileHandler($this->filesystem, $crudData->getDefinition());
        $result      = $mode == 'edit' ? $fileHandler->updateFiles($crudData, $request, $instance, $entity) : $fileHandler->createFiles($crudData, $request, $instance, $entity);
        if (!$result) {
            return null;
        }
        $this->session->getFlashBag()->add('success', $this->translator->trans('crudlex.'.$mode.'.success', [
            '%label%' => $crudData->getDefinition()->getLabel(),
            '%id%' => $id
        ]));
        return new RedirectResponse($this->service->generateURL('crudShow', ['entity' => $entity, 'id' => $id]));
// for HTML
$sanitized = htmlentities($tainted, ENT_QUOTES);

// for URLs
$sanitized = urlencode($tainted);
    }

    /**
     * Sets the flashes of a failed entity modification.
     *
     * @param boolean $optimisticLocking
     * whether the optimistic locking failed
     * @param string $mode
     * the modification mode, either 'create' or 'edit'
     */
    protected function setValidationFailedFlashes($optimisticLocking, $mode)
    {
        $this->session->getFlashBag()->add('danger', $this->translator->trans('crudlex.'.$mode.'.error'));
        if ($optimisticLocking) {
            $this->session->getFlashBag()->add('danger', $this->translator->trans('crudlex.edit.locked'));
        }
    }

    /**
     * Validates and saves the new or updated entity and returns the appropriate HTTP
     * response.
     *
     * @param Request $request
     * the current request
     * @param AbstractData $crudData
     * the data instance of the entity
     * @param Entity $instance
     * the entity
     * @param string $entity
     * the name of the entity
     * @param boolean $edit
     * whether to edit (true) or to create (false) the entity
     *
     * @return Response

     * the HTTP response of this modification
     */
    protected function modifyEntity(Request $request, AbstractData $crudData, Entity $instance, $entity, $edit)
    {
        $fieldErrors = [];
        $mode        = $edit ? 'edit' : 'create';
        if ($request->getMethod() == 'POST') {
            $instance->populateViaRequest($request);
            $validator  = new EntityValidator($instance);
            $validation = $validator->validate($crudData, intval($request->get('version')));

            $fieldErrors = $validation['errors'];
            if (!$validation['valid']) {
                $optimisticLocking = isset($fieldErrors['version']);
                $this->setValidationFailedFlashes($optimisticLocking, $mode);
            } else {
                $modified = $edit ? $crudData->update($instance) : $crudData->create($instance);
                $response = $modified ? $this->modifyFilesAndSetFlashBag($request, $crudData, $instance, $entity, $mode) : false;
                if ($response) {
                    return $response;
                }
                $this->session->getFlashBag()->add('danger', $this->translator->trans('crudlex.'.$mode.'.failed'));
            }
        }

        return $this->twig->render($this->service->getTemplate('template', 'form', $entity), [
            'crud' => $this->service,
            'crudEntity' => $entity,
            'crudData' => $crudData,
            'entity' => $instance,
            'mode' => $mode,
            'fieldErrors' => $fieldErrors,
            'layout' => $this->service->getTemplate('layout', $mode, $entity)
        ]);
    }

    /**
     * Gets the parameters for the redirection after deleting an entity.
     *
     * @param Request $request
     * the current request
     * @param string $entity
     * the entity name
     * @param string $redirectPage
     * reference, where the page to redirect to will be stored
     *
     * @return array<string,string>
     * the parameters of the redirection, entity and id
     */
    protected function getAfterDeleteRedirectParameters(Request $request, $entity, &$redirectPage)
    {
        $redirectPage       = 'crudList';
        $redirectParameters = ['entity' => $entity];
        $redirectEntity     = $request->get('redirectEntity');
        $redirectId         = $request->get('redirectId');
        if ($redirectEntity && $redirectId) {
            $redirectPage       = 'crudShow';
            $redirectParameters = [
                'entity' => $redirectEntity,
                'id' => $redirectId
            ];
        }
        return $redirectParameters;
    }

    /**
     * Builds up the parameters of the list page filters.
     *
     * @param Request $request
     * the current request
     * @param EntityDefinition $definition
     * the current entity definition
     * @param array &$filter
     * will hold a map of fields to request parameters for the filters
     * @param boolean $filterActive
     * reference, will be true if at least one filter is active
     * @param array $filterToUse
     * reference, will hold a map of fields to integers (0 or 1) which boolean filters are active
     * @param array $filterOperators
     * reference, will hold a map of fields to operators for AbstractData::listEntries()
     */
    protected function buildUpListFilter(Request $request, EntityDefinition $definition, &$filter, &$filterActive, &$filterToUse, &$filterOperators)
    {
        foreach ($definition->getFilter() as $filterField) {
            $type                 = $definition->getType($filterField);
            $filter[$filterField] = $request->get('crudFilter'.$filterField);
            if ($filter[$filterField]) {
                $filterActive                  = true;
                $filterToUse[$filterField]     = $filter[$filterField];
                $filterOperators[$filterField] = '=';
                if ($type === 'boolean') {
                    $filterToUse[$filterField] = $filter[$filterField] == 'true' ? 1 : 0;
                } else if ($type === 'reference') {
                    $filter[$filterField] = ['id' => $filter[$filterField]];
                } else if ($type === 'many') {
                    $filter[$filterField] = array_map(function($value) {
                        return ['id' => $value];
                    }, $filter[$filterField]);
                    $filterToUse[$filterField] = $filter[$filterField];
                } else if (in_array($type, ['text', 'multiline', 'fixed'])) {
                    $filterToUse[$filterField]     = '%'.$filter[$filterField].'%';
                    $filterOperators[$filterField] = 'LIKE';
                }
            }
        }
    }

    /**
     * Controller constructor.
     *
     * @param Service $service
     * the CRUDlex service
     * @param FilesystemInterface $filesystem
     * the used filesystem
     * @param Twig_Environment $twig
     * the Twig environment
     * @param Session $session
     * the session service
     * @param Translator $translator
     * the translation service
     */
    public function __construct(Service $service, FilesystemInterface $filesystem, Twig_Environment $twig, Session $session, Translator $translator)
    {
        $this->service    = $service;
        $this->filesystem = $filesystem;
        $this->twig       = $twig;
        $this->session    = $session;
        $this->translator = $translator;
    }

    /**
     * Generates the not found page.
     *
     * @param string $error
     * the cause of the not found error
     *
     * @return Response
     * the rendered not found page with the status code 404
     */
    public function getNotFoundPage($error)
    {
        return new Response($this->twig->render('@crud/notFound.twig', [
            'crud' => $this->service,
            'error' => $error,
            'crudEntity' => '',
            'layout' => $this->service->getTemplate('layout', '', '')
        ]), 404);
    }

    /**
     * Transfers the locale from the translator to CRUDlex and
     *
     * @param Request $request
     * the current request
     * @return Response|null
     * null if everything is ok, a 404 response else
     */
    public function setLocaleAndCheckEntity(Request $request)
    {
        $locale = $this->translator->getLocale();
        $this->service->setLocale($locale);
        if (!$this->service->getData($request->get('entity'))) {
            return $this->getNotFoundPage($this->translator->trans('crudlex.entityNotFound'));
        }
        return null;
    }

    /**
     * The controller for the "create" action.
     *
     * @param Request $request
     * the current request
     * @param string $entity
     * the current entity
     *
     * @return Response

     * the HTTP response of this action
     */
    public function create(Request $request, $entity)
    {
        $crudData = $this->service->getData($entity);
        $instance = $crudData->createEmpty();
        $instance->populateViaRequest($request);
        return $this->modifyEntity($request, $crudData, $instance, $entity, false);
    }

    /**
     * The controller for the "show list" action.
     *
     * @param Request $request
     * the current request
     * @param string $entity
     * the current entity
     *
     * @return Response

     * the HTTP response of this action or 404 on invalid input
     */
    public function showList(Request $request, $entity)
    {
        $crudData   = $this->service->getData($entity);
        $definition = $crudData->getDefinition();

        $filter          = [];
        $filterActive    = false;
        $filterToUse     = [];
        $filterOperators = [];
        $this->buildUpListFilter($request, $definition, $filter, $filterActive, $filterToUse, $filterOperators);

        $pageSize = $definition->getPageSize();
        $total    = $crudData->countBy($definition->getTable(), $filterToUse, $filterOperators, true);
        $page     = abs(intval($request->get('crudPage', 0)));
        $maxPage  = intval($total / $pageSize);
        if ($total % $pageSize == 0) {
            $maxPage--;
        }
        if ($page > $maxPage) {
            $page = $maxPage;
        }
        $skip = $page * $pageSize;

        $sortField            = $request->get('crudSortField', $definition->getInitialSortField());
        $sortAscendingRequest = $request->get('crudSortAscending');
        $sortAscending        = $sortAscendingRequest !== null ? $sortAscendingRequest === 'true' : $definition->isInitialSortAscending();

        $entities = $crudData->listEntries($filterToUse, $filterOperators, $skip, $pageSize, $sortField, $sortAscending);

        return $this->twig->render($this->service->getTemplate('template', 'list', $entity), [
            'crud' => $this->service,
            'crudEntity' => $entity,
            'crudData' => $crudData,
            'definition' => $definition,
            'entities' => $entities,
            'pageSize' => $pageSize,
            'maxPage' => $maxPage,
            'page' => $page,
            'total' => $total,
            'filter' => $filter,
            'filterActive' => $filterActive,
            'sortField' => $sortField,
            'sortAscending' => $sortAscending,
            'layout' => $this->service->getTemplate('layout', 'list', $entity)
        ]);
    }

    /**
     * The controller for the "show" action.
     *
     * @param string $entity
     * the current entity
     * @param string $id
     * the instance id to show
     *
     * @return Response
     * the HTTP response of this action or 404 on invalid input
     */
    public function show($entity, $id)
    {
        $crudData = $this->service->getData($entity);
        $instance = $crudData->get($id);
        if (!$instance) {
            return $this->getNotFoundPage($this->translator->trans('crudlex.instanceNotFound'));
        }
        $definition = $crudData->getDefinition();

        $childrenLabelFields = $definition->getChildrenLabelFields();
        $children            = [];
        if (count($childrenLabelFields) > 0) {
            foreach ($definition->getChildren() as $child) {
                $childField      = $child[1];
                $childEntity     = $child[2];
                $childLabelField = array_key_exists($childEntity, $childrenLabelFields) ? $childrenLabelFields[$childEntity] : 'id';
                $childCrud       = $this->service->getData($childEntity);
                $children[]      = [
                    $childCrud->getDefinition()->getLabel(),
                    $childEntity,
                    $childLabelField,
                    $childCrud->listEntries([$childField => $instance->get('id')]),
                    $childField
                ];
            }
        }

        return $this->twig->render($this->service->getTemplate('template', 'show', $entity), [
            'crud' => $this->service,
            'crudEntity' => $entity,
            'entity' => $instance,
            'children' => $children,
            'layout' => $this->service->getTemplate('layout', 'show', $entity)
        ]);
    }

    /**
     * The controller for the "edit" action.
     *
     * @param Request $request
     * the current request
     * @param string $entity
     * the current entity
     * @param string $id
     * the instance id to edit
     *
     * @return Response
     * the HTTP response of this action or 404 on invalid input
     */
    public function edit(Request $request, $entity, $id)
    {
        $crudData = $this->service->getData($entity);
        $instance = $crudData->get($id);
        if (!$instance) {
            return $this->getNotFoundPage($this->translator->trans('crudlex.instanceNotFound'));
        }

        return $this->modifyEntity($request, $crudData, $instance, $entity, true);
    }

    /**
     * The controller for the "delete" action.
     *
     * @param Request $request
     * the current request
     * @param string $entity
     * the current entity
     * @param string $id
     * the instance id to delete
     *
     * @return Response
     * redirects to the entity list page or 404 on invalid input
     */
    public function delete(Request $request, $entity, $id)
    {
        $crudData = $this->service->getData($entity);
        $instance = $crudData->get($id);
        if (!$instance) {
            return $this->getNotFoundPage($this->translator->trans('crudlex.instanceNotFound'));
        }

        $fileHandler  = new FileHandler($this->filesystem, $crudData->getDefinition());
        $filesDeleted = $fileHandler->deleteFiles($crudData, $instance, $entity);
        $deleted      = $filesDeleted ? $crudData->delete($instance) : AbstractData::DELETION_FAILED_EVENT;

        if ($deleted === AbstractData::DELETION_FAILED_EVENT) {
            $this->session->getFlashBag()->add('danger', $this->translator->trans('crudlex.delete.failed'));
            return new RedirectResponse($this->service->generateURL('crudShow', ['entity' => $entity, 'id' => $id]));
// for HTML
$sanitized = htmlentities($tainted, ENT_QUOTES);

// for URLs
$sanitized = urlencode($tainted);
        } elseif ($deleted === AbstractData::DELETION_FAILED_STILL_REFERENCED) {
            $this->session->getFlashBag()->add('danger', $this->translator->trans('crudlex.delete.error', [
                '%label%' => $crudData->getDefinition()->getLabel()
            ]));
            return new RedirectResponse($this->service->generateURL('crudShow', ['entity' => $entity, 'id' => $id]));
// for HTML
$sanitized = htmlentities($tainted, ENT_QUOTES);

// for URLs
$sanitized = urlencode($tainted);
        }

        $redirectPage       = 'crudList';
        $redirectParameters = $this->getAfterDeleteRedirectParameters($request, $entity, $redirectPage);

        $this->session->getFlashBag()->add('success', $this->translator->trans('crudlex.delete.success', [
            '%label%' => $crudData->getDefinition()->getLabel()
        ]));
        return new RedirectResponse($this->service->generateURL($redirectPage, $redirectParameters));
// for HTML
$sanitized = htmlentities($tainted, ENT_QUOTES);

// for URLs
$sanitized = urlencode($tainted);
    }

    /**
     * The controller for the "render file" action.
     *
     * @param string $entity
     * the current entity
     * @param string $id
     * the instance id
     * @param string $field
     * the field of the file to render of the instance
     *
     * @return Response
     * the rendered file
     */
    public function renderFile($entity, $id, $field)
    {
        $crudData   = $this->service->getData($entity);
        $instance   = $crudData->get($id);
        $definition = $crudData->getDefinition();
        if (!$instance || $definition->getType($field) != 'file' || !$instance->get($field)) {
            return $this->getNotFoundPage($this->translator->trans('crudlex.instanceNotFound'));
        }
        $fileHandler = new FileHandler($this->filesystem, $definition);
        return $fileHandler->renderFile($instance, $entity, $field);
    }

    /**
     * The controller for the "delete file" action.
     *
     * @param string $entity
     * the current entity
     * @param string $id
     * the instance id
     * @param string $field
     * the field of the file to delete of the instance
     *
     * @return Response
     * redirects to the instance details page or 404 on invalid input
     */
    public function deleteFile($entity, $id, $field)
    {
        $crudData = $this->service->getData($entity);
        $instance = $crudData->get($id);
        if (!$instance) {
            return $this->getNotFoundPage($this->translator->trans('crudlex.instanceNotFound'));
        }
        $fileHandler = new FileHandler($this->filesystem, $crudData->getDefinition());
        if (!$crudData->getDefinition()->getField($field, 'required', false) && $fileHandler->deleteFile($crudData, $instance, $entity, $field)) {
            $instance->set($field, '');
            $crudData->update($instance);
            $this->session->getFlashBag()->add('success', $this->translator->trans('crudlex.file.deleted'));
        } else {
            $this->session->getFlashBag()->add('danger', $this->translator->trans('crudlex.file.notDeleted'));
        }
        return new RedirectResponse($this->service->generateURL('crudShow', ['entity' => $entity, 'id' => $id]));
// for HTML
$sanitized = htmlentities($tainted, ENT_QUOTES);

// for URLs
$sanitized = urlencode($tainted);
    }

    /**
     * The controller for serving static files.
     *
     * @param Request $request
     * the current request
     *
     * @return Response
     * redirects to the instance details page or 404 on invalid input
     */
    public function staticFile(Request $request)
    {
        $fileParam = str_replace('..', '', $request->get('file'));
        $file      = __DIR__.'/../static/'.$fileParam;
        if (!$fileParam || !file_exists($file)) {
            return $this->getNotFoundPage($this->translator->trans('crudlex.resourceNotFound'));
        }

        $mimeType = MimeType::detectByFilename($file);
        $size     = filesize($file);

        $streamedFileResponse = new StreamedFileResponse();
        $response             = new StreamedResponse($streamedFileResponse->getStreamedFileFunction($file), 200, [
            'Content-Type' => $mimeType,
            'Content-Disposition' => 'attachment; filename="'.basename($file).'"',
            'Content-length' => $size
        ]);

        $response->setETag(filemtime($file))->setPublic()->isNotModified($request);
        $response->send();

        return $response;
    }

    /**
     * The controller for setting the locale.
     *
     * @param Request $request
     * the current request
     * @param string $locale
     * the new locale
     *
     * @return Response
     * redirects to the instance details page or 404 on invalid input
     */
    public function setLocale(Request $request, $locale)
    {

        if (!in_array($locale, $this->service->getLocales())) {
            return $this->getNotFoundPage('Locale '.$locale.' not found.');
        }

        $manageI18n = $this->service->isManageI18n();
        if ($manageI18n) {
            $this->session->set('locale', $locale);
        }
        $redirect = $request->get('redirect');
        return new RedirectResponse($redirect);
// for HTML
$sanitized = htmlentities($tainted, ENT_QUOTES);

// for URLs
$sanitized = urlencode($tainted);
    }
}


Push — master ( a58675...bb050a )

Controller D

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

17 Methods

How to fix Complexity

Complex Class

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

1			<?php
2
3			/*
4			* This file is part of the CRUDlex package.
5			*
6			* (c) Philip Lehmann-Böhm <[email protected]>
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace CRUDlex;
13
14			use League\Flysystem\FilesystemInterface;
15			use League\Flysystem\Util\MimeType;
16			use Symfony\Component\HttpFoundation\RedirectResponse;
17			use Symfony\Component\HttpFoundation\Request;
18			use Symfony\Component\HttpFoundation\Response;
19			use Symfony\Component\HttpFoundation\Session\Session;
20			use Symfony\Component\HttpFoundation\StreamedResponse;
21			use Symfony\Component\Translation\Translator;
22			use Twig_Environment;
23
24
25			/**
26			* This is the Controller offering all CRUD pages.
27			*
28			* It offers functions for this routes:
29			*
30			* "/resource/static" serving static resources
31			*
32			* "/{entity}/create" creation page of the entity
33			*
34			* "/{entity}" list page of the entity
35			*
36			* "/{entity}/{id}" details page of a single entity instance
37			*
38			* "/{entity}/{id}/edit" edit page of a single entity instance
39			*
40			* "/{entity}/{id}/delete" POST only deletion route for an entity instance

philiplb / CRUDlex

Push — master ( a58675...bb050a )

Controller D

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

17 Methods

How to fix Complexity

Complex Class

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

8 paths for user data to reach this point

Used in output context

Preventing Cross-Site-Scripting Attacks

General Strategies to prevent injection

Duplication Side-by-Side

Filter issues like