AppController::checkReadonlyAccess() - Code Metrics - Inspection of "Improve phpstan config" - phpmyadmin/error-reporting-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 6be3eb...443a01 )

by William

created 2021-03-16 14:39 UTC

AppController::checkReadonlyAccess() A

↳ Parent: AppController

Complexity

Conditions	5
Paths	4

Size

Total Lines	33
Code Lines	18

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	16
CRAP Score	5.0342

Importance

Changes

Metric	Value
cc	5
eloc	18
nc	4
nop	0
dl	0
loc	33
ccs	16
cts	18
cp	0.8889
crap	5.0342
rs	9.3554
c	0
b	0
f	0

<?php

/**
 * Application level Controller.
 *
 * This file is application-wide controller file. You can put all
 * application-wide controller-related methods here.
 *
 * phpMyAdmin Error reporting server
 * Copyright (c) phpMyAdmin project (https://www.phpmyadmin.net/)
 *
 * Licensed under The MIT License
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright Copyright (c) phpMyAdmin project (https://www.phpmyadmin.net/)
 * @license   https://opensource.org/licenses/mit-license.php MIT License
 *
 * @see      https://www.phpmyadmin.net/
 */

namespace App\Controller;

use Cake\Controller\Controller;
use Cake\Event\EventInterface;
use Cake\Http\Response;
use Cake\ORM\TableRegistry;
use Cake\Routing\Router;
use function in_array;
use App\Model\Table\NotificationsTable;
use App\Model\Table\DevelopersTable;

/**
 * Application Controller.
 *
 * Add your application-wide methods in the class below, your controllers
 * will inherit them.
 *
 * @see    http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
 *
 * @property NotificationsTable $Notifications
 * @property DevelopersTable $Developers
 */
class AppController extends Controller
{
    /** @var array */
    public $whitelist = [
        'Developers',
        'Pages',
        'Incidents' => ['create'],
        'Events',
    ];

    /** @var array */
    public $readonly_whitelist = [
        'Developers',
        'Pages',
        'Reports' => [
            'index',
            'view',
            'data_tables',
        ],
        'Incidents' => ['view'],
    ];

    /** @var string[] */
    public $css_files = [
        'jquery.dataTables',
        'jquery.dataTables_themeroller',
        'bootstrap.min',
        'bootstrap-responsive.min',
        'shCore',
        'shThemeDefault',
        'custom',
    ];

    /** @var string[] */
    public $js_files = [
        'jquery',
        'jquery.dataTables.min',
        'bootstrap',
        'shCore',
        'shBrushXml',
        'shBrushJScript',
        'shBrushPhp',
        'raphael-min',
        'g.raphael-min',
        'g.pie-min',
        'g.line-min',
        'g.bar-min',
        'g.dot-min',
        'jquery.jqplot.min',
        'jqplot.barRenderer.min',
        'jqplot.highlighter.min',
        'jqplot.dateAxisRenderer.min',
        'jqplot.categoryAxisRenderer.min',
        'jqplot.pointLabels.min',
        'jqplot.canvasTextRenderer.min',
        'jqplot.canvasAxisTickRenderer.min',
        'jqplot.cursor.min',
        'pie',
        'custom',
    ];

    /**
     * Initialization hook method.
     *
     * Use this method to add common initialization code like loading components.
     *
     * @return void Nothing
     */
    public function initialize(): void
    {
        parent::initialize();
        $this->loadComponent('Flash');
        $this->loadModel('Notifications');
        $this->loadModel('Developers');
        /*  $this->loadComponent(
                'Auth', [
                    'loginAction' => [
                        'controller' => 'Developer',
                        'action' => 'login'
                    ],
                    'authError' => 'Did you really think you are allowed to see that?',
                    'authenticate' => [
                        'Form' => [
                            'fields' => ['username' => 'email']
                        ]
                    ]
                ]
            );
        */
    }

    /**
     * @return Response|void Returns a Response if a redirect is needed
     */
    public function beforeFilter(EventInterface $event)
    {
        $controllerName = $this->request->getParam('controller');
        $this->set('current_controller', $controllerName);
        $notif_count = 0;

        $devId = $this->request->getSession()->read('Developer.id');
        if ($devId) {
            $response = $this->checkReadonlyAccess();
            if ($response !== null) {
                // This is a security check
                // The response can be printed if you remove this line
                return $response;
            }

            $current_developer = TableRegistry::getTableLocator()->get('Developers')->
                    findById($devId)->all()->first();

            $notif_count = TableRegistry::getTableLocator()->get('Notifications')->find(
                'all',
                [
                    'conditions' => ['developer_id' => (int) isset($current_developer) ? $current_developer['id'] : null],
                ]
            )->count();
            $this->set('current_developer', $current_developer);
            $this->set('developer_signed_in', true);

            $read_only = false;
            if ($this->request->getSession()->read('read_only')) {
                $read_only = true;
            }
            $this->set('read_only', $read_only);
        } else {
            $this->set('developer_signed_in', false);
            $this->set('read_only', true);
            $response = $this->checkAccess();
            if ($response !== null) {
                // This is a security check
                // The response can be printed if you remove this line
                return $response;
            }
        }
        $this->set('notif_count', $notif_count);
        $this->set('js_files', $this->js_files);
        $this->set('css_files', $this->css_files);
        $this->set('baseURL', Router::url('/', true));
    }

    protected function checkAccess(): ?Response
    {
        $controllerName = $this->request->getParam('controller');
        $action = $this->request->getParam('action');

        if (in_array($controllerName, $this->whitelist)) {
            return null;
        }
        if (isset($this->whitelist[$controllerName])
            && in_array($action, $this->whitelist[$controllerName])
        ) {
            return null;
        }
        $flash_class = 'alert';
        $this->Flash->set(
            'You need to be signed in to do this',
            ['params' => ['class' => $flash_class]]
        );

        // save the return url
        $ret_url = Router::url($this->request->getRequestTarget(), true);
        $this->request->getSession()->write('last_page', $ret_url);

        return $this->redirect('/');
    }

    protected function checkReadonlyAccess(): ?Response
    {
        $controllerName = $this->request->getParam('controller');
        $action = $this->request->getParam('action');
        $read_only = $this->request->getSession()->read('read_only');

        // If developer has commit access on phpmyadmin/phpmyadmin
        if (! $read_only) {
            return null;
        }

        if (in_array($controllerName, $this->readonly_whitelist)) {
            return null;
        }
        if (isset($this->readonly_whitelist[$controllerName])
            && in_array($action, $this->readonly_whitelist[$controllerName])
        ) {
            return null;
        }

        $this->request->getSession()->destroy();
        $this->request->getSession()->write('last_page', '');

        $flash_class = 'alert';
        $this->Flash->set(
            'You need to have commit access on phpmyadmin/phpmyadmin '
            . 'repository on Github.com to do this',
            [
                'params' => ['class' => $flash_class],
            ]
        );

        return $this->redirect('/');
    }
}


1		<?php
2
3		/**
4		* Application level Controller.
5		*
6		* This file is application-wide controller file. You can put all
7		* application-wide controller-related methods here.
8		*
9		* phpMyAdmin Error reporting server
10		* Copyright (c) phpMyAdmin project (https://www.phpmyadmin.net/)
11		*
12		* Licensed under The MIT License
13		* For full copyright and license information, please see the LICENSE.txt
14		* Redistributions of files must retain the above copyright notice.
15		*
16		* @copyright Copyright (c) phpMyAdmin project (https://www.phpmyadmin.net/)
17		* @license https://opensource.org/licenses/mit-license.php MIT License
18		*
19		* @see https://www.phpmyadmin.net/
20		*/
21
22		namespace App\Controller;
23
24		use Cake\Controller\Controller;
25		use Cake\Event\EventInterface;
26		use Cake\Http\Response;
27		use Cake\ORM\TableRegistry;
28		use Cake\Routing\Router;
29		use function in_array;
30		use App\Model\Table\NotificationsTable;
31		use App\Model\Table\DevelopersTable;
32
33		/**
34		* Application Controller.
35		*
36		* Add your application-wide methods in the class below, your controllers
37		* will inherit them.
38		*
39		* @see http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
40		*
41		* @property NotificationsTable $Notifications
42		* @property DevelopersTable $Developers
43		*/
44		class AppController extends Controller
45		{
46		/** @var array */
47		public $whitelist = [
48		'Developers',
49		'Pages',
50		'Incidents' => ['create'],
51		'Events',
52		];
53
54		/** @var array */
55		public $readonly_whitelist = [
56		'Developers',
57		'Pages',
58		'Reports' => [
59		'index',
60		'view',
61		'data_tables',
62		],
63		'Incidents' => ['view'],
64		];
65
66		/** @var string[] */
67		public $css_files = [
68		'jquery.dataTables',
69		'jquery.dataTables_themeroller',
70		'bootstrap.min',
71		'bootstrap-responsive.min',
72		'shCore',
73		'shThemeDefault',
74		'custom',
75		];
76
77		/** @var string[] */
78		public $js_files = [
79		'jquery',
80		'jquery.dataTables.min',
81		'bootstrap',
82		'shCore',
83		'shBrushXml',
84		'shBrushJScript',
85		'shBrushPhp',
86		'raphael-min',
87		'g.raphael-min',
88		'g.pie-min',
89		'g.line-min',
90		'g.bar-min',
91		'g.dot-min',
92		'jquery.jqplot.min',
93		'jqplot.barRenderer.min',
94		'jqplot.highlighter.min',
95		'jqplot.dateAxisRenderer.min',
96		'jqplot.categoryAxisRenderer.min',
97		'jqplot.pointLabels.min',
98		'jqplot.canvasTextRenderer.min',
99		'jqplot.canvasAxisTickRenderer.min',
100		'jqplot.cursor.min',
101		'pie',
102		'custom',
103		];
104
105		/**
106		* Initialization hook method.
107		*
108		* Use this method to add common initialization code like loading components.
109		*
110		* @return void Nothing
111		*/
112	154	public function initialize(): void
113		{
114	154	parent::initialize();
115	154	$this->loadComponent('Flash');
116	154	$this->loadModel('Notifications');
117	154	$this->loadModel('Developers');
118		/* $this->loadComponent(
119		'Auth', [
120		'loginAction' => [
121		'controller' => 'Developer',
122		'action' => 'login'
123		],
124		'authError' => 'Did you really think you are allowed to see that?',
125		'authenticate' => [
126		'Form' => [
127		'fields' => ['username' => 'email']
128		]
129		]
130		]
131		);
132		*/
133	154	}
134
135		/**
136		* @return Response\|void Returns a Response if a redirect is needed
137		*/
138	147	public function beforeFilter(EventInterface $event)
139		{
140	147	$controllerName = $this->request->getParam('controller');
141	147	$this->set('current_controller', $controllerName);
142	147	$notif_count = 0;
143
144	147	$devId = $this->request->getSession()->read('Developer.id');
145	147	if ($devId) {
146	133	$response = $this->checkReadonlyAccess();
147	133	if ($response !== null) {
148		// This is a security check
149		// The response can be printed if you remove this line
150	7	return $response;
151		}
152
153	126	$current_developer = TableRegistry::getTableLocator()->get('Developers')->
154	126	findById($devId)->all()->first();
155
156	126	$notif_count = TableRegistry::getTableLocator()->get('Notifications')->find(
157	126	'all',
158		[
159	126	'conditions' => ['developer_id' => (int) isset($current_developer) ? $current_developer['id'] : null],
160		]
161	126	)->count();
162	126	$this->set('current_developer', $current_developer);
163	126	$this->set('developer_signed_in', true);
164
165	126	$read_only = false;
166	126	if ($this->request->getSession()->read('read_only')) {
167		$read_only = true;
168		}
169	126	$this->set('read_only', $read_only);
170		} else {
171	14	$this->set('developer_signed_in', false);
172	14	$this->set('read_only', true);
173	14	$response = $this->checkAccess();
174	14	if ($response !== null) {
175		// This is a security check
176		// The response can be printed if you remove this line
177		return $response;
178		}
179		}
180	140	$this->set('notif_count', $notif_count);
181	140	$this->set('js_files', $this->js_files);
182	140	$this->set('css_files', $this->css_files);
183	140	$this->set('baseURL', Router::url('/', true));
184	140	}
185
186	14	protected function checkAccess(): ?Response
187		{
188	14	$controllerName = $this->request->getParam('controller');
189	14	$action = $this->request->getParam('action');
190
191	14	if (in_array($controllerName, $this->whitelist)) {
192	14	return null;
193		}
194		if (isset($this->whitelist[$controllerName])
195		&& in_array($action, $this->whitelist[$controllerName])
196		) {
197		return null;
198		}
199		$flash_class = 'alert';
200		$this->Flash->set(
201		'You need to be signed in to do this',
202		['params' => ['class' => $flash_class]]
203		);
204
205		// save the return url
206		$ret_url = Router::url($this->request->getRequestTarget(), true);
207		$this->request->getSession()->write('last_page', $ret_url);
208
209		return $this->redirect('/');
210		}
211
212	133	protected function checkReadonlyAccess(): ?Response
213		{
214	133	$controllerName = $this->request->getParam('controller');
215	133	$action = $this->request->getParam('action');
216	133	$read_only = $this->request->getSession()->read('read_only');
217
218		// If developer has commit access on phpmyadmin/phpmyadmin
219	133	if (! $read_only) {
220	126	return null;
221		}
222
223	7	if (in_array($controllerName, $this->readonly_whitelist)) {
224		return null;
225		}
226	7	if (isset($this->readonly_whitelist[$controllerName])
227	7	&& in_array($action, $this->readonly_whitelist[$controllerName])
228		) {
229		return null;
230		}
231
232	7	$this->request->getSession()->destroy();
233	7	$this->request->getSession()->write('last_page', '');
234
235	7	$flash_class = 'alert';
236	7	$this->Flash->set(
237		'You need to have commit access on phpmyadmin/phpmyadmin '
238	7	. 'repository on Github.com to do this',
239		[
240	7	'params' => ['class' => $flash_class],
241		]
242		);
243
244	7	return $this->redirect('/');
245		}
246		}
247

phpmyadmin / error-reporting-server

Push — master ( 6be3eb...443a01 )

AppController::checkReadonlyAccess() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like