Check for implicit conversion of array to boolean.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript; |
||
3 | |||
4 | use function array_key_exists; |
||
5 | use function array_merge; |
||
6 | use function in_array; |
||
7 | use function is_array; |
||
8 | use function json_decode; |
||
9 | |||
10 | /** |
||
11 | * parent class to authenticate the user |
||
12 | * |
||
13 | * @since 3.0.0 |
||
14 | * |
||
15 | * @package Redaxscript |
||
16 | * @category Auth |
||
17 | * @author Henry Ruhs |
||
18 | * |
||
19 | * @method bool getPermissionNew(string $type) |
||
20 | * @method bool getPermissionInstall(string $type) |
||
21 | * @method bool getPermissionEdit(string $type) |
||
22 | * @method bool getPermissionDelete(string $type) |
||
23 | * @method bool getPermissionUninstall(string $type) |
||
24 | * @method bool getFilter() |
||
25 | */ |
||
26 | |||
27 | class Auth |
||
28 | { |
||
29 | /** |
||
30 | * instance of the request class |
||
31 | * |
||
32 | * @var Request |
||
33 | */ |
||
34 | |||
35 | protected $_request; |
||
36 | |||
37 | /** |
||
38 | * array of the user |
||
39 | * |
||
40 | * @var array |
||
41 | */ |
||
42 | |||
43 | protected $_userArray = []; |
||
44 | |||
45 | /** |
||
46 | * array of the permission |
||
47 | * |
||
48 | * @var array |
||
49 | */ |
||
50 | |||
51 | protected $_permissionArray = []; |
||
52 | |||
53 | /** |
||
54 | * array of the type |
||
55 | * |
||
56 | * @var array |
||
57 | */ |
||
58 | |||
59 | protected $_typeArray = |
||
60 | [ |
||
61 | 'categories', |
||
62 | 'articles', |
||
63 | 'extras', |
||
64 | 'comments', |
||
65 | 'groups', |
||
66 | 'users', |
||
67 | 'modules', |
||
68 | 'settings', |
||
69 | 'filter' |
||
70 | ]; |
||
71 | |||
72 | /** |
||
73 | * array of the call |
||
74 | * |
||
75 | * @var array |
||
76 | */ |
||
77 | |||
78 | protected $_callArray = |
||
79 | [ |
||
80 | 'categories' => |
||
81 | [ |
||
82 | 'getPermissionNew' => 1, |
||
83 | 'getPermissionEdit' => 2, |
||
84 | 'getPermissionDelete' => 3 |
||
85 | ], |
||
86 | 'articles' => |
||
87 | [ |
||
88 | 'getPermissionNew' => 1, |
||
89 | 'getPermissionEdit' => 2, |
||
90 | 'getPermissionDelete' => 3 |
||
91 | ], |
||
92 | 'extras' => |
||
93 | [ |
||
94 | 'getPermissionNew' => 1, |
||
95 | 'getPermissionEdit' => 2, |
||
96 | 'getPermissionDelete' => 3 |
||
97 | ], |
||
98 | 'comments' => |
||
99 | [ |
||
100 | 'getPermissionNew' => 1, |
||
101 | 'getPermissionEdit' => 2, |
||
102 | 'getPermissionDelete' => 3 |
||
103 | ], |
||
104 | 'groups' => |
||
105 | [ |
||
106 | 'getPermissionNew' => 1, |
||
107 | 'getPermissionEdit' => 2, |
||
108 | 'getPermissionDelete' => 3 |
||
109 | ], |
||
110 | 'users' => |
||
111 | [ |
||
112 | 'getPermissionNew' => 1, |
||
113 | 'getPermissionEdit' => 2, |
||
114 | 'getPermissionDelete' => 3 |
||
115 | ], |
||
116 | 'modules' => |
||
117 | [ |
||
118 | 'getPermissionInstall' => 1, |
||
119 | 'getPermissionEdit' => 2, |
||
120 | 'getPermissionUninstall' => 3 |
||
121 | ], |
||
122 | 'settings' => |
||
123 | [ |
||
124 | 'getPermissionEdit' => 1 |
||
125 | ], |
||
126 | 'filter' => |
||
127 | [ |
||
128 | 'getFilter' => 0 |
||
129 | ] |
||
130 | ]; |
||
131 | |||
132 | /** |
||
133 | * constructor of the class |
||
134 | * |
||
135 | * @since 3.0.0 |
||
136 | * |
||
137 | * @param Request $request instance of the request class |
||
138 | */ |
||
139 | |||
140 | 27 | public function __construct(Request $request) |
|
141 | { |
||
142 | 27 | $this->_request = $request; |
|
143 | 27 | } |
|
144 | |||
145 | /** |
||
146 | * call method as needed |
||
147 | * |
||
148 | * @since 3.0.0 |
||
149 | * |
||
150 | * @param string $method name of the method |
||
151 | * @param array $argumentArray arguments of the method |
||
152 | * |
||
153 | * @return bool |
||
154 | */ |
||
155 | |||
156 | 24 | public function __call(string $method = null, array $argumentArray = []) : bool |
|
157 | { |
||
158 | 24 | $type = $argumentArray[0]; |
|
159 | 24 | if (is_array($this->_callArray[$type]) && array_key_exists($method, $this->_callArray[$type])) |
|
160 | { |
||
161 | 20 | $permissionArray = $this->getPermission($type); |
|
162 | 20 | return is_array($permissionArray) && in_array($this->_callArray[$type][$method], $permissionArray); |
|
163 | } |
||
164 | 24 | if ($method === 'getFilter') |
|
165 | { |
||
166 | 4 | $permissionArray = $this->getPermission('filter'); |
|
167 | 4 | return !is_array($permissionArray) || !in_array($this->_callArray['filter'][$method], $permissionArray); |
|
168 | } |
||
169 | 20 | return false; |
|
170 | } |
||
171 | |||
172 | /** |
||
173 | * init the class |
||
174 | * |
||
175 | * @since 3.0.0 |
||
176 | */ |
||
177 | |||
178 | 1 | public function init() : void |
|
179 | { |
||
180 | 1 | $authArray = $this->_getAuth(); |
|
181 | 1 | if (is_array($authArray) && array_key_exists('user', $authArray)) |
|
182 | { |
||
183 | 1 | $this->_userArray = $authArray['user']; |
|
184 | } |
||
185 | 1 | if (is_array($authArray) && array_key_exists('permission', $authArray)) |
|
186 | { |
||
187 | 1 | $this->_permissionArray = $authArray['permission']; |
|
188 | } |
||
189 | 1 | } |
|
190 | |||
191 | /** |
||
192 | * login the user |
||
193 | * |
||
194 | * @since 3.0.0 |
||
195 | * |
||
196 | * @param int $userId identifier of the user |
||
197 | * |
||
198 | * @return int |
||
199 | */ |
||
200 | |||
201 | 26 | public function login(int $userId = null) : int |
|
202 | { |
||
203 | 26 | $userModel = new Model\User(); |
|
204 | 26 | $user = $userModel->getById($userId); |
|
205 | |||
206 | /* handle user */ |
||
207 | |||
208 | 26 | if ($user->user && $user->password && $user->status) |
|
209 | { |
||
210 | 26 | $groupArray = (array)json_decode($user->groups); |
|
211 | 26 | if ($groupArray) |
|
212 | { |
||
213 | 20 | $groups = Db::forTablePrefix('groups') |
|
214 | 20 | ->whereIdIn($groupArray) |
|
215 | 20 | ->where('status', 1) |
|
216 | 20 | ->select($this->_typeArray) |
|
217 | 20 | ->findArray(); |
|
218 | |||
219 | /* set the filter */ |
||
220 | |||
221 | 20 | $this->setPermission('filter', |
|
222 | [ |
||
223 | 20 | 1 |
|
224 | ]); |
||
225 | |||
226 | /* process groups */ |
||
227 | |||
228 | 20 | foreach ($groups as $value) |
|
229 | { |
||
230 | 14 | foreach ($value as $keySub => $valueSub) |
|
231 | { |
||
232 | 14 | $valueArray = (array)json_decode($valueSub); |
|
233 | 14 | $this->setPermission($keySub, $valueArray); |
|
234 | } |
||
235 | } |
||
236 | } |
||
237 | |||
238 | /* set the user */ |
||
239 | |||
240 | 26 | $this->setUser('id', $user->id); |
|
241 | 26 | $this->setUser('name', $user->name); |
|
242 | 26 | $this->setUser('user', $user->user); |
|
243 | 26 | $this->setUser('email', $user->email); |
|
244 | 26 | $this->setUser('language', $user->language); |
|
245 | 26 | $this->setUser('groups', $user->groups); |
|
246 | |||
247 | /* save user and permission */ |
||
248 | |||
249 | 26 | $this->save(); |
|
250 | } |
||
251 | 26 | return $this->getStatus(); |
|
252 | } |
||
253 | |||
254 | /** |
||
255 | * logout the user |
||
256 | * |
||
257 | * @since 3.0.0 |
||
258 | * |
||
259 | * @return bool |
||
260 | */ |
||
261 | |||
262 | 1 | public function logout() : bool |
|
263 | { |
||
264 | 1 | if ($this->getStatus()) |
|
265 | { |
||
266 | 1 | $this->_setAuth(); |
|
267 | 1 | $this->_request->setSession('language', null); |
|
268 | 1 | return !$this->getStatus(); |
|
269 | } |
||
270 | 1 | return false; |
|
271 | } |
||
272 | |||
273 | /** |
||
274 | * get the value from user |
||
275 | * |
||
276 | * @since 3.0.0 |
||
277 | * |
||
278 | * @param string $key key of the user |
||
279 | * |
||
280 | * @return string|null |
||
281 | */ |
||
282 | |||
283 | 27 | public function getUser(string $key = null) : ?string |
|
284 | { |
||
285 | 27 | if (is_array($this->_userArray) && array_key_exists($key, $this->_userArray)) |
|
286 | { |
||
287 | 1 | return $this->_userArray[$key]; |
|
288 | } |
||
289 | 26 | return null; |
|
290 | } |
||
291 | 26 | ||
292 | /** |
||
293 | 1 | * get the array from user |
|
294 | * |
||
295 | * @since 4.0.0 |
||
296 | * |
||
297 | * @return array |
||
298 | */ |
||
299 | |||
300 | public function getUserArray() : array |
||
301 | { |
||
302 | return $this->_userArray; |
||
303 | } |
||
304 | |||
305 | 26 | /** |
|
306 | * set the user |
||
307 | 26 | * |
|
308 | 26 | * @since 3.0.0 |
|
309 | * |
||
310 | * @param string $key key of the user |
||
311 | * @param string|array|null $value value of the user |
||
312 | */ |
||
313 | |||
314 | public function setUser(string $key = null, $value = null) : void |
||
315 | { |
||
316 | $this->_userArray[$key] = $value; |
||
317 | } |
||
318 | |||
319 | /** |
||
320 | 27 | * get the value from permission |
|
321 | * |
||
322 | 27 | * @since 3.0.0 |
|
323 | * |
||
324 | 14 | * @param string $key key of the permission |
|
325 | * |
||
326 | 26 | * @return string|array|null |
|
327 | */ |
||
328 | 26 | ||
329 | public function getPermission(string $key = null) |
||
330 | 11 | { |
|
331 | if (is_array($this->_permissionArray) && array_key_exists($key, $this->_permissionArray)) |
||
332 | { |
||
333 | return $this->_permissionArray[$key]; |
||
334 | } |
||
335 | return null; |
||
336 | } |
||
337 | |||
338 | /** |
||
339 | * get the array from permission |
||
340 | * |
||
341 | * @since 4.0.0 |
||
342 | 20 | * |
|
343 | * @return array |
||
344 | 20 | */ |
|
345 | |||
346 | 14 | public function getPermissionArray() : array |
|
347 | { |
||
348 | 20 | return $this->_permissionArray; |
|
349 | 20 | } |
|
350 | |||
351 | /** |
||
352 | * set the permission |
||
353 | * |
||
354 | * @since 3.0.0 |
||
355 | * |
||
356 | * @param string $key key of the permission |
||
357 | * @param array $permissionArray array of the permission |
||
358 | */ |
||
359 | 26 | ||
360 | public function setPermission(string $key = null, array $permissionArray = []) : void |
||
361 | 26 | { |
|
362 | 26 | if (is_array($this->_permissionArray[$key])) |
|
363 | { |
||
364 | $permissionArray = array_merge($this->_permissionArray[$key], $permissionArray); |
||
365 | } |
||
366 | $this->_permissionArray[$key] = $permissionArray; |
||
367 | } |
||
368 | |||
369 | /** |
||
370 | * get the auth status |
||
371 | 26 | * |
|
372 | * @since 3.0.0 |
||
373 | 26 | * |
|
374 | 26 | * @return int |
|
375 | */ |
||
376 | |||
377 | public function getStatus() : int |
||
378 | 26 | { |
|
379 | $authArray = $this->_getAuth(); |
||
380 | 20 | return is_array($authArray) && array_key_exists('user', $authArray) && array_key_exists('permission', $authArray) ? 1 : 0; |
|
381 | } |
||
382 | 20 | ||
383 | 20 | /** |
|
384 | * save user and permission |
||
385 | 20 | * |
|
386 | * @since 3.0.0 |
||
387 | 26 | */ |
|
388 | |||
389 | public function save() : void |
||
390 | { |
||
391 | $userArray = $this->getUserArray(); |
||
392 | $permissionArray = $this->getPermissionArray(); |
||
393 | |||
394 | /* set the session */ |
||
395 | |||
396 | if ($userArray && $permissionArray) |
||
0 ignored issues
–
show
The expression
$permissionArray of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using
Loading history...
|
|||
397 | 27 | { |
|
398 | $this->_setAuth( |
||
399 | 27 | [ |
|
400 | 27 | 'user' => $userArray, |
|
401 | 'permission' => $permissionArray |
||
402 | ]); |
||
403 | $this->_request->setSession('language', $userArray['language']); |
||
404 | } |
||
405 | } |
||
406 | |||
407 | /** |
||
408 | * get the auth from session |
||
409 | * |
||
410 | * @since 3.0.0 |
||
411 | 20 | * |
|
412 | * @return array|null |
||
413 | 20 | */ |
|
414 | 20 | ||
415 | 20 | protected function _getAuth() : ?array |
|
416 | { |
||
417 | $root = new Server\Root($this->_request); |
||
418 | return $this->_request->getSession($root->getOutput() . '/auth'); |
||
419 | } |
||
420 | |||
421 | /** |
||
422 | * set the auth to session |
||
423 | * |
||
424 | * @since 3.0.0 |
||
425 | * |
||
426 | * @param array $authArray |
||
427 | */ |
||
428 | |||
429 | protected function _setAuth(array $authArray = []) : void |
||
430 | { |
||
431 | $root = new Server\Root($this->_request); |
||
432 | $this->_request->setSession($root->getOutput() . '/auth', $authArray); |
||
433 | } |
||
434 | } |
||
435 |
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.
Consider making the comparison explicit by using
empty(..)
or! empty(...)
instead.