Security - Code Metrics - Inspection of "Improved tests cases" - psfs/core - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 08392e...cc821f )

by Fran

created 2017-12-11 21:58 UTC

Security C

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	401
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	7

Test Coverage

Coverage

95.77%

Importance

Changes	1
Bugs	1	Features	0

Metric	Value
dl	0
loc	401
ccs	136
cts	142
cp	0.9577
rs	6.3005
c	1
b	1
f	0
wmc	58
lcom	1
cbo	7

27 Methods

Rating	Name	Size	Complexity
A	updateUser()	4	1
A	clearFlashes()	6	1
A	getProfiles()	8	1
A	getAdmins()	4	1
A	initSession()	9	4
A	getFlashes()	6	2
A	isSuperAdmin()	11	2
B	init()	15	6
A	getAdminProfiles()	4	1
A	getCleanProfiles()	8	1
A	getAdminCleanProfiles()	4	1
A	save()	10	2
A	saveUser()	8	2
A	updateAdmin()	7	1
C	checkAdmin()	38	13
A	getAdminFromCookie()	10	2
A	getHash()	4	1
A	getUser()	4	1
A	getAdmin()	4	1
A	canAccessRestrictedAdmin()	4	2
A	notAuthorized()	6	1
A	getSessionKey()	9	2
A	setSessionKey()	6	1
A	setFlash()	9	2
A	getFlash()	6	3
A	updateSession()	14	2
A	closeSession()	7	1

How to fix Complexity

<?php
namespace PSFS\base;

use PSFS\base\exception\ConfigException;
use PSFS\base\types\helpers\ResponseHelper;
use PSFS\base\types\traits\SecureTrait;
use PSFS\base\types\traits\SingletonTrait;

/**
 * Class Security
 * @package PSFS
 */
class Security
{
    // sha1('user')
    const USER_ID_TOKEN = '12dea96fec20593566ab75692c9949596833adc9';
    // sha1('admin')
    const MANAGER_ID_TOKEN = 'd033e22ae348aeb5660fc2140aec35850c4da997';
    // sha1('superadmin')
    const ADMIN_ID_TOKEN = '889a3a791b3875cfae413574b53da4bb8a90d53e';
    // sha1('FLASHES')
    const FLASH_MESSAGE_TOKEN = '4680c68435db1bfbf17c3fcc4f7b39d2c6122504';
    const LOGGED_USER_TOKEN = '__U_T_L__';

    use SecureTrait;
    use SingletonTrait;
    /**
     * @var array $user
     */
    private $user = null;

    /**
     * @var array $admin
     */
    private $admin = null;

    /**
     * @var bool $authorized
     */
    private $authorized = FALSE;

    /**
     * @var bool $checked
     */
    private $checked = false;

    /**
     * @var array $session
     */
    protected $session;

    /**
     * Constructor por defecto
     */
    public function init()
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        $this->initSession();
        $this->session = null === $_SESSION ? array() : $_SESSION;
        if (NULL === $this->getSessionKey('__FLASH_CLEAR__')) {
            $this->clearFlashes();
            $this->setSessionKey('__FLASH_CLEAR__', microtime(TRUE));
        }
        $this->user = array_key_exists(self::USER_ID_TOKEN, $this->session) ? unserialize($this->session[self::USER_ID_TOKEN]) : NULL;

        $this->admin = array_key_exists(self::ADMIN_ID_TOKEN, $this->session) ? unserialize($this->session[self::ADMIN_ID_TOKEN]) : NULL;

        if (null === $this->admin) {
            $this->checkAdmin();
        }
        $this->setLoaded(true);
    }

    private function initSession() {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
        if (PHP_SESSION_NONE === session_status() && !headers_sent()) {
            session_start();
        }
        // Fix for phpunits
        if(!isset($_SESSION)) {
            $_SESSION = [];
        }
    }

    /**
     * @return array
     */
    public static function getProfiles()
    {
        return array(
            self::ADMIN_ID_TOKEN => _('Administrador'),
            self::MANAGER_ID_TOKEN => _('Gestor'),
            self::USER_ID_TOKEN => _('Usuario'),
        );
    }

    /**
     * @return array
     */
    public function getAdminProfiles()
    {
        return static::getProfiles();
    }

    /**
     * @return array

     */
    public static function getCleanProfiles()
    {
        return array(
            '__SUPER_ADMIN__' => self::ADMIN_ID_TOKEN,
            '__ADMIN__' => self::MANAGER_ID_TOKEN,
            '__USER__' => self::USER_ID_TOKEN,
        );
    }

    /**
     * @return array

     */
    public function getAdminCleanProfiles()
    {
        return static::getCleanProfiles();
    }

    /**
     * @param mixed $user
     * @return bool
     * @throws exception\GeneratorException
     * @throws ConfigException
     */
    public static function save($user)
    {
        $saved = true;
        $admins = Cache::getInstance()->getDataFromFile(CONFIG_DIR . DIRECTORY_SEPARATOR . 'admins.json', Cache::JSONGZ, true) ?: [];

        $admins[$user['username']]['hash'] = sha1($user['username'] . $user['password']);
        $admins[$user['username']]['profile'] = $user['profile'];

        Cache::getInstance()->storeData(CONFIG_DIR . DIRECTORY_SEPARATOR . 'admins.json', $admins, Cache::JSONGZ, true);
        return $saved;
    }

    /**
     * @param mixed $user
     * @return bool
     * @throws exception\GeneratorException
     */
    public function saveUser($user)
    {
        $saved = false;
        if (!empty($user)) {
            $saved = static::save($user);
        }
        return $saved;
    }

    /**
     * @param mixed $user
     */
    public function updateUser($user)
    {
        $this->user = $user;
    }

    /**
     * @param $alias
     * @param $profile
     */
    public function updateAdmin($alias, $profile) {
        $this->admin = array(
            'alias' => $alias,
            'profile' => $profile,
        );
        $this->setSessionKey(self::ADMIN_ID_TOKEN, serialize($this->admin));
    }

    /**
     * @return array|null
     */
    public function getAdmins()
    {
        return Cache::getInstance()->getDataFromFile(CONFIG_DIR . DIRECTORY_SEPARATOR . 'admins.json', Cache::JSONGZ, true);

    }

    /**
     * @param string $user

     * @param string $pass

     * @param boolean $force
     *
     * @return bool
     */
    public function checkAdmin($user = NULL, $pass = NULL, $force = false)
    {
        Logger::log('Checking admin session');
        if ((!$this->authorized && !$this->checked) || $force) {
            $admins = $this->getAdmins();
            if (null !== $admins) {
                $request = Request::getInstance();
                //Sacamos las credenciales de la petición
                $user = $user ?: $request->getServer('PHP_AUTH_USER');
                $pass = $pass ?: $request->getServer('PHP_AUTH_PW');
                if (NULL === $user || (array_key_exists($user, $admins) && empty($admins[$user]))) {
                    list($user, $pass) = $this->getAdminFromCookie();
                }
                if (!empty($user) && !empty($admins[$user])) {
                    $auth = $admins[$user]['hash'];
                    $this->authorized = ($auth === sha1($user . $pass));
                    if ($this->authorized) {
                        $this->updateAdmin($user , $admins[$user]['profile']);
                        ResponseHelper::setCookieHeaders([
                            [
                                'name' => $this->getHash(),
                                'value' => base64_encode("$user:$pass"),
                                'http' => true,
                                'domain' => '',
                            ]
                        ]);
                        $this->setSessionKey(self::LOGGED_USER_TOKEN, base64_encode("{$user}:{$pass}"));
                    }
                } else {
                    $this->admin = null;
                    $this->setSessionKey(self::ADMIN_ID_TOKEN, null);
                }
                $this->checked = true;
            }
        }

        return $this->authorized;
    }

    /**
     * Método que obtiene el usuario y contraseña de la cookie de sesión de administración
     * @return array
     */
    protected function getAdminFromCookie()
    {
        $auth_cookie = Request::getInstance()->getCookie($this->getHash());
        $user = $pass = array();
        if (!empty($auth_cookie)) {
            list($user, $pass) = explode(':', base64_decode($auth_cookie));
        }

        return array($user, $pass);
    }

    /**
     * Método privado para la generación del hash de la cookie de administración
     * @return string
     */
    public function getHash()
    {
        return substr(self::MANAGER_ID_TOKEN, 0, 8);
    }

    /**
     * Método que devuelve el usuario logado
     * @return array
     */
    public function getUser()
    {
        return $this->user;
    }

    /**
     * Método que devuelve el usuario administrador logado
     * @return array
     */
    public function getAdmin()
    {
        return $this->admin;
    }

    /**
     * Método que calcula si se está logado o para acceder a administración
     * @return bool
     */
    public function canAccessRestrictedAdmin()
    {
        return null !== $this->admin && !preg_match('/^\/admin\/login/i', Request::requestUri());
    }

    /**
     * Servicio que devuelve una pantalla de error porque se necesita estar authenticado
     *
     * @param string|null $route
     *
     * @return string|null
     */
    public function notAuthorized($route)
    {
        return Template::getInstance()->render('notauthorized.html.twig', array(
            'route' => $route,
        ));
    }

    /**
     * @return bool
     */
    public function isSuperAdmin()
    {
        $users = $this->getAdmins();
        $logged = $this->getAdmin();
        if ($users[$logged['alias']]) {
            $security = $users[$logged['alias']]['profile'];
            return self::ADMIN_ID_TOKEN === $security;
        }

        return FALSE;
    }

    /**
     *
     * @param string $key
     *
     * @return mixed
     */
    public function getSessionKey($key)
    {
        $data = NULL;
        if (array_key_exists($key, $this->session)) {
            $data = $this->session[$key];
        }

        return $data;
    }

    /**
     *
     * @param string $key
     * @param mixed $data
     *
     * @return Security
     */
    public function setSessionKey($key, $data = NULL)
    {
        $this->session[$key] = $data;

        return $this;
    }

    /**
     * @return mixed
     */
    public function getFlashes()
    {
        $flashes = $this->getSessionKey(self::FLASH_MESSAGE_TOKEN);

        return (NULL !== $flashes) ? $flashes : array();
    }

    /**
     * @return $this
     */
    public function clearFlashes()
    {
        $this->setSessionKey(self::FLASH_MESSAGE_TOKEN, NULL);

        return $this;
    }

    /**
     *
     * @param string $key
     * @param mixed $data
     */
    public function setFlash($key, $data = NULL)
    {
        $flashes = $this->getFlashes();
        if (!is_array($flashes)) {
            $flashes = [];
        }
        $flashes[$key] = $data;
        $this->setSessionKey(self::FLASH_MESSAGE_TOKEN, $flashes);
    }

    /**
     *
     * @param string $key
     *
     * @return mixed
     */
    public function getFlash($key)
    {
        $flashes = $this->getFlashes();

        return (NULL !== $key && array_key_exists($key, $flashes)) ? $flashes[$key] : NULL;
    }

    /**
     *
     * @param boolean $closeSession
     *
     * @return Security
     */
    public function updateSession($closeSession = FALSE)
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        Logger::log('Update session');
        $_SESSION = $this->session;
        $_SESSION[self::USER_ID_TOKEN] = serialize($this->user);
        $_SESSION[self::ADMIN_ID_TOKEN] = serialize($this->admin);
        if ($closeSession) {
            Logger::log('Close session');
            @session_write_close();
            @session_start();
        }
        Logger::log('Session updated');
        return $this;
    }

    public function closeSession()
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        unset($_SESSION);
        @session_destroy();
        @session_regenerate_id(TRUE);
        @session_start();
    }

}


1		<?php
2		namespace PSFS\base;
3
4		use PSFS\base\exception\ConfigException;
5		use PSFS\base\types\helpers\ResponseHelper;
6		use PSFS\base\types\traits\SecureTrait;
7		use PSFS\base\types\traits\SingletonTrait;
8
9		/**
10		* Class Security
11		* @package PSFS
12		*/
13		class Security
14		{
15		// sha1('user')
16		const USER_ID_TOKEN = '12dea96fec20593566ab75692c9949596833adc9';
17		// sha1('admin')
18		const MANAGER_ID_TOKEN = 'd033e22ae348aeb5660fc2140aec35850c4da997';
19		// sha1('superadmin')
20		const ADMIN_ID_TOKEN = '889a3a791b3875cfae413574b53da4bb8a90d53e';
21		// sha1('FLASHES')
22		const FLASH_MESSAGE_TOKEN = '4680c68435db1bfbf17c3fcc4f7b39d2c6122504';
23		const LOGGED_USER_TOKEN = '__U_T_L__';
24
25		use SecureTrait;
26		use SingletonTrait;
27		/**
28		* @var array $user
29		*/
30		private $user = null;
31
32		/**
33		* @var array $admin
34		*/
35		private $admin = null;
36
37		/**
38		* @var bool $authorized
39		*/
40		private $authorized = FALSE;
41
42		/**
43		* @var bool $checked
44		*/
45		private $checked = false;
46
47		/**
48		* @var array $session
49		*/
50		protected $session;
51
52		/**
53		* Constructor por defecto
54		*/
55	2	public function init()
		0 ignored issues – show Coding Style introduced 2017-08-03 10:43 UTC by Report Bug Copy Issue Report `init` uses the super-global variable `$_SESSION` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
56		{
57	2	$this->initSession();
58	2	$this->session = null === $_SESSION ? array() : $_SESSION;
59	2	if (NULL === $this->getSessionKey('__FLASH_CLEAR__')) {
60	2	$this->clearFlashes();
61	2	$this->setSessionKey('__FLASH_CLEAR__', microtime(TRUE));
62		}
63	2	$this->user = array_key_exists(self::USER_ID_TOKEN, $this->session) ? unserialize($this->session[self::USER_ID_TOKEN]) : NULL;
		0 ignored issues – show Coding Style introduced 2016-08-18 23:39 UTC by Report Bug Copy Issue Report This line exceeds maximum limit of 120 characters; contains 134 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
64	2	$this->admin = array_key_exists(self::ADMIN_ID_TOKEN, $this->session) ? unserialize($this->session[self::ADMIN_ID_TOKEN]) : NULL;
		0 ignored issues – show Coding Style introduced 2016-08-18 23:39 UTC by Report Bug Copy Issue Report This line exceeds maximum limit of 120 characters; contains 137 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
65	2	if (null === $this->admin) {
66	2	$this->checkAdmin();
67		}
68	2	$this->setLoaded(true);
69	2	}
70
71	2	private function initSession() {
		0 ignored issues – show Coding Style introduced 2017-08-03 10:43 UTC by Report Bug Copy Issue Report `initSession` uses the super-global variable `$_SESSION` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
72	2	if (PHP_SESSION_NONE === session_status() && !headers_sent()) {
73		session_start();
74		}
75		// Fix for phpunits
76	2	if(!isset($_SESSION)) {
77	1	$_SESSION = [];
78		}
79	2	}
80
81		/**
82		* @return array
83		*/
84	2	public static function getProfiles()
85		{
86		return array(
87	2	self::ADMIN_ID_TOKEN => _('Administrador'),
88	2	self::MANAGER_ID_TOKEN => _('Gestor'),
89	2	self::USER_ID_TOKEN => _('Usuario'),
90		);
91		}
92
93		/**
94		* @return array
95		*/
96	1	public function getAdminProfiles()
97		{
98	1	return static::getProfiles();
99		}
100
101		/**
102		* @return array
		0 ignored issues – show Documentation introduced 2017-12-11 22:07 UTC by Report Bug Copy Issue Report Consider making the return type a bit more specific; maybe use `array<string,string>`. This check looks for the generic type `array` as a return type and suggests a more specific type. This type is inferred from the actual code. Loading history...
103		*/
104	2	public static function getCleanProfiles()
105		{
106		return array(
107	2	'__SUPER_ADMIN__' => self::ADMIN_ID_TOKEN,
108	2	'__ADMIN__' => self::MANAGER_ID_TOKEN,
109	2	'__USER__' => self::USER_ID_TOKEN,
110		);
111		}
112
113		/**
114		* @return array
		0 ignored issues – show Documentation introduced 2017-12-11 22:07 UTC by Report Bug Copy Issue Report Consider making the return type a bit more specific; maybe use `array<string,string>`. This check looks for the generic type `array` as a return type and suggests a more specific type. This type is inferred from the actual code. Loading history...
115		*/
116	1	public function getAdminCleanProfiles()
117		{
118	1	return static::getCleanProfiles();
119		}
120
121		/**
122		* @param mixed $user
123		* @return bool
124		* @throws exception\GeneratorException
125		* @throws ConfigException
126		*/
127	1	public static function save($user)
128		{
129	1	$saved = true;
130	1	$admins = Cache::getInstance()->getDataFromFile(CONFIG_DIR . DIRECTORY_SEPARATOR . 'admins.json', Cache::JSONGZ, true) ?: [];
		0 ignored issues – show Coding Style introduced 2017-02-17 23:01 UTC by Report Bug Copy Issue Report This line exceeds maximum limit of 120 characters; contains 133 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
131	1	$admins[$user['username']]['hash'] = sha1($user['username'] . $user['password']);
132	1	$admins[$user['username']]['profile'] = $user['profile'];
133
134	1	Cache::getInstance()->storeData(CONFIG_DIR . DIRECTORY_SEPARATOR . 'admins.json', $admins, Cache::JSONGZ, true);
135	1	return $saved;
136		}
137
138		/**
139		* @param mixed $user
140		* @return bool
141		* @throws exception\GeneratorException
142		*/
143	1	public function saveUser($user)
144		{
145	1	$saved = false;
146	1	if (!empty($user)) {
147	1	$saved = static::save($user);
148		}
149	1	return $saved;
150		}
151
152		/**
153		* @param mixed $user
154		*/
155	1	public function updateUser($user)
156		{
157	1	$this->user = $user;
158	1	}
159
160		/**
161		* @param $alias
162		* @param $profile
163		*/
164	1	public function updateAdmin($alias, $profile) {
165	1	$this->admin = array(
166	1	'alias' => $alias,
167	1	'profile' => $profile,
168		);
169	1	$this->setSessionKey(self::ADMIN_ID_TOKEN, serialize($this->admin));
170	1	}
171
172		/**
173		* @return array\|null
174		*/
175	4	public function getAdmins()
176		{
177	4	return Cache::getInstance()->getDataFromFile(CONFIG_DIR . DIRECTORY_SEPARATOR . 'admins.json', Cache::JSONGZ, true);
		0 ignored issues – show Coding Style introduced 2017-02-17 23:01 UTC by Report Bug Copy Issue Report This line exceeds maximum limit of 120 characters; contains 124 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
178		}
179
180		/**
181		* @param string $user
		0 ignored issues – show Documentation introduced 2017-12-11 22:07 UTC by Report Bug Copy Issue Report Should the type for parameter `$user` not be `string\|null`? This check looks for `@param` annotations where the type inferred by our type inference engine differs from the declared type. It makes a suggestion as to what type it considers more descriptive. Most often this is a case of a parameter that can be null in addition to its declared types. Loading history...
182		* @param string $pass
		0 ignored issues – show Documentation introduced 2017-12-11 22:07 UTC by Report Bug Copy Issue Report Should the type for parameter `$pass` not be `string\|null`? This check looks for `@param` annotations where the type inferred by our type inference engine differs from the declared type. It makes a suggestion as to what type it considers more descriptive. Most often this is a case of a parameter that can be null in addition to its declared types. Loading history...
183		* @param boolean $force
184		*
185		* @return bool
186		*/
187	3	public function checkAdmin($user = NULL, $pass = NULL, $force = false)
188		{
189	3	Logger::log('Checking admin session');
190	3	if ((!$this->authorized && !$this->checked) \|\| $force) {
191	3	$admins = $this->getAdmins();
192	3	if (null !== $admins) {
193	1	$request = Request::getInstance();
194		//Sacamos las credenciales de la petición
195	1	$user = $user ?: $request->getServer('PHP_AUTH_USER');
196	1	$pass = $pass ?: $request->getServer('PHP_AUTH_PW');
197	1	if (NULL === $user \|\| (array_key_exists($user, $admins) && empty($admins[$user]))) {
198	1	list($user, $pass) = $this->getAdminFromCookie();
199		}
200	1	if (!empty($user) && !empty($admins[$user])) {
201	1	$auth = $admins[$user]['hash'];
202	1	$this->authorized = ($auth === sha1($user . $pass));
203	1	if ($this->authorized) {
204	1	$this->updateAdmin($user , $admins[$user]['profile']);
205	1	ResponseHelper::setCookieHeaders([
206		[
207	1	'name' => $this->getHash(),
208	1	'value' => base64_encode("$user:$pass"),
209		'http' => true,
210	1	'domain' => '',
211		]
212		]);
213	1	$this->setSessionKey(self::LOGGED_USER_TOKEN, base64_encode("{$user}:{$pass}"));
214		}
215		} else {
216	1	$this->admin = null;
217	1	$this->setSessionKey(self::ADMIN_ID_TOKEN, null);
218		}
219	1	$this->checked = true;
220		}
221		}
222
223	3	return $this->authorized;
224		}
225
226		/**
227		* Método que obtiene el usuario y contraseña de la cookie de sesión de administración
228		* @return array
229		*/
230	1	protected function getAdminFromCookie()
231		{
232	1	$auth_cookie = Request::getInstance()->getCookie($this->getHash());
233	1	$user = $pass = array();
234	1	if (!empty($auth_cookie)) {
235	1	list($user, $pass) = explode(':', base64_decode($auth_cookie));
236		}
237
238	1	return array($user, $pass);
239		}
240
241		/**
242		* Método privado para la generación del hash de la cookie de administración
243		* @return string
244		*/
245	1	public function getHash()
246		{
247	1	return substr(self::MANAGER_ID_TOKEN, 0, 8);
248		}
249
250		/**
251		* Método que devuelve el usuario logado
252		* @return array
253		*/
254	2	public function getUser()
255		{
256	2	return $this->user;
257		}
258
259		/**
260		* Método que devuelve el usuario administrador logado
261		* @return array
262		*/
263	2	public function getAdmin()
264		{
265	2	return $this->admin;
266		}
267
268		/**
269		* Método que calcula si se está logado o para acceder a administración
270		* @return bool
271		*/
272	3	public function canAccessRestrictedAdmin()
273		{
274	3	return null !== $this->admin && !preg_match('/^\/admin\/login/i', Request::requestUri());
275		}
276
277		/**
278		* Servicio que devuelve una pantalla de error porque se necesita estar authenticado
279		*
280		* @param string\|null $route
281		*
282		* @return string\|null
283		*/
284		public function notAuthorized($route)
285		{
286		return Template::getInstance()->render('notauthorized.html.twig', array(
287		'route' => $route,
288		));
289		}
290
291		/**
292		* @return bool
293		*/
294	1	public function isSuperAdmin()
295		{
296	1	$users = $this->getAdmins();
297	1	$logged = $this->getAdmin();
298	1	if ($users[$logged['alias']]) {
299	1	$security = $users[$logged['alias']]['profile'];
300	1	return self::ADMIN_ID_TOKEN === $security;
301		}
302
303		return FALSE;
304		}
305
306		/**
307		*
308		* @param string $key
309		*
310		* @return mixed
311		*/
312	7	public function getSessionKey($key)
313		{
314	7	$data = NULL;
315	7	if (array_key_exists($key, $this->session)) {
316	5	$data = $this->session[$key];
317		}
318
319	7	return $data;
320		}
321
322		/**
323		*
324		* @param string $key
325		* @param mixed $data
326		*
327		* @return Security
328		*/
329	6	public function setSessionKey($key, $data = NULL)
330		{
331	6	$this->session[$key] = $data;
332
333	6	return $this;
334		}
335
336		/**
337		* @return mixed
338		*/
339	2	public function getFlashes()
340		{
341	2	$flashes = $this->getSessionKey(self::FLASH_MESSAGE_TOKEN);
342
343	2	return (NULL !== $flashes) ? $flashes : array();
344		}
345
346		/**
347		* @return $this
348		*/
349	3	public function clearFlashes()
350		{
351	3	$this->setSessionKey(self::FLASH_MESSAGE_TOKEN, NULL);
352
353	3	return $this;
354		}
355
356		/**
357		*
358		* @param string $key
359		* @param mixed $data
360		*/
361	1	public function setFlash($key, $data = NULL)
362		{
363	1	$flashes = $this->getFlashes();
364	1	if (!is_array($flashes)) {
365		$flashes = [];
366		}
367	1	$flashes[$key] = $data;
368	1	$this->setSessionKey(self::FLASH_MESSAGE_TOKEN, $flashes);
369	1	}
370
371		/**
372		*
373		* @param string $key
374		*
375		* @return mixed
376		*/
377	2	public function getFlash($key)
378		{
379	2	$flashes = $this->getFlashes();
380
381	2	return (NULL !== $key && array_key_exists($key, $flashes)) ? $flashes[$key] : NULL;
382		}
383
384		/**
385		*
386		* @param boolean $closeSession
387		*
388		* @return Security
389		*/
390	2	public function updateSession($closeSession = FALSE)
		0 ignored issues – show Coding Style introduced 2017-08-03 10:43 UTC by Report Bug Copy Issue Report `updateSession` uses the super-global variable `$_SESSION` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
391		{
392	2	Logger::log('Update session');
393	2	$_SESSION = $this->session;
394	2	$_SESSION[self::USER_ID_TOKEN] = serialize($this->user);
395	2	$_SESSION[self::ADMIN_ID_TOKEN] = serialize($this->admin);
396	2	if ($closeSession) {
397	1	Logger::log('Close session');
398	1	@session_write_close();
399	1	@session_start();
400		}
401	2	Logger::log('Session updated');
402	2	return $this;
403		}
404
405	1	public function closeSession()
		0 ignored issues – show Coding Style introduced 2017-08-03 10:43 UTC by Report Bug Copy Issue Report `closeSession` uses the super-global variable `$_SESSION` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
406		{
407	1	unset($_SESSION);
408	1	@session_destroy();
409	1	@session_regenerate_id(TRUE);
410	1	@session_start();
411	1	}
412
413		}
414

psfs / core

Push — master ( 08392e...cc821f )

Security C

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

27 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like