Completed
Push — master ( f27d62...9e71bf )
by Sander
10s
created

GdprController::validateRequest()   A

Complexity

Conditions 2
Paths 2

Size

Total Lines 7
Code Lines 3

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 2
eloc 3
nc 2
nop 1
dl 0
loc 7
rs 10
c 0
b 0
f 0
1
<?php
2
3
namespace Soved\Laravel\Gdpr\Http\Controllers;
4
5
use App\Http\Controllers\Controller;
0 ignored issues
show
Bug introduced by
The type App\Http\Controllers\Controller was not found. Maybe you did not declare it correctly or list all dependencies?

The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. excluded_paths: ["lib/*"], you can move it to the dependency path list as follows:

filter:
    dependency_paths: ["lib/*"]

For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths

Loading history...
6
use Illuminate\Support\Facades\Auth;
7
use Illuminate\Foundation\Http\FormRequest;
8
use Soved\Laravel\Gdpr\Events\GdprDownloaded;
9
use Soved\Laravel\Gdpr\Http\Requests\GdprDownload;
10
11
class GdprController extends Controller
12
{
13
    /**
14
     * Download the GDPR compliant data portability JSON file.
15
     *
16
     * @param  \Soved\Laravel\Gdpr\Http\Requests\GdprDownload  $request
17
     * @return \Illuminate\Http\JsonResponse
18
     */
19
    public function download(GdprDownload $request)
20
    {
21
        if (!$this->validateRequest($request)) {
22
            return $this->sendFailedLoginResponse();
0 ignored issues
show
Bug Best Practice introduced by
The expression return $this->sendFailedLoginResponse() returns the type void which is incompatible with the documented return type Illuminate\Http\JsonResponse.
Loading history...
Bug introduced by
Are you sure the usage of $this->sendFailedLoginResponse() targeting Soved\Laravel\Gdpr\Http\...ndFailedLoginResponse() seems to always return null.

This check looks for function or method calls that always return null and whose return value is used.

class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {

The method getObject() can return nothing but null, so it makes no sense to use the return value.

The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.

Loading history...
23
        }
24
25
        $data = $request->user()->portable();
26
27
        event(new GdprDownloaded($request->user()));
28
29
        // Backward compatible streamDownload() behavior
30
31
        return response()->json(
32
            $data,
33
            200,
34
            [
35
                'Content-Disposition' => 'attachment; filename="user.json"',
36
            ]
37
        );
38
    }
39
40
    /**
41
     * Validate the request.
42
     *
43
     * @param  \Illuminate\Foundation\Http\FormRequest  $request
44
     * @return bool
45
     */
46
    protected function validateRequest(FormRequest $request)
47
    {
48
        if (config('gdpr.re-authenticate', true)) {
49
            return $this->hasValidCredentials($request);
50
        }
51
52
        return Auth::check();
53
    }
54
55
    /**
56
     * Validate a user's credentials.
57
     *
58
     * @param  \Illuminate\Foundation\Http\FormRequest  $request
59
     * @return bool
60
     */
61
    protected function hasValidCredentials(FormRequest $request)
62
    {
63
        $credentials = [
64
            $request->user()->getAuthIdentifierName() => $request->user()->getAuthIdentifier(),
65
            'password'                                => $request->input('password'),
66
        ];
67
68
        return Auth::validate($credentials);
69
    }
70
71
    /**
72
     * Get the failed login response.
73
     *
74
     * @return void
75
     */
76
    protected function sendFailedLoginResponse()
77
    {
78
        abort(403, 'Unauthorized.');
79
    }
80
}
81