View GitHub Repository sarala-laravel

Schedule Inspection
Subscribe

Issues (21)

src/Query/ApiRequestInspector.php (2 issues)

← previous file next file →
Code
1 
<?php
2 

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    3
                

                                    
                                                    
                
                
                
declare(strict_types=1);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    4
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    5
                

                                    
                                                    
                
                
                
namespace Sarala\Query;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    6
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    7
                

                                    
                                                    
                
                
                
use Illuminate\Http\Request;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    8
                

                                    
                                                    
                
                
                
use Illuminate\Support\Str;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    9
                

                                    
                                                    
                
                
                
use Sarala\Exceptions\UnauthorizedIncludeException;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    10
                

                                    
                                                    
                
                
                
use Sarala\Http\Requests\ApiRequestAbstract;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    11
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    12
                

                                    
                                                    
                
                
                
class ApiRequestInspector

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    13
                

                                    
                                                    
                
                
                
{

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    14
                

                                    
                                                    
                
                
                
    /** @var ApiRequestAbstract */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    15
                

                                    
                                                    
                
                
                
    private $request = null;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    16
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    17
                

                                    
                                                    
                
                
                
    public function __construct(array $parameters)

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    18
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    19
                

                                    
                                                    
                
                
                
        $this->setRequestReceivedAtApiEndpoint($parameters);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    20
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    21
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    22
                

                                    
                                                    
                
                
                
    public function inspect()

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    23
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    24
                

                                    
                                                    
                
                
                
        $this->sanitizeIncludes();

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    25
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    26
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    27
                

                                    
                                                    
                
                
                
    private function setRequestReceivedAtApiEndpoint(array $parameters)

            


            
                                                                        
                            
            
                                    
            
            

                
                    28
                

                                    
                                                    
                
                
                
    {

            


            
                                                                        
                            
            
                                    
            
            

                
                    29
                

                                    
                                                    
                
                
                
        foreach ($parameters as $parameter) {

            


            
                                                                        
                            
            
                                    
            
            

                
                    30
                

                                    
                                                    
                
                
                
            if ($parameter instanceof Request) {

            


            
                                                                        
                            
            
                                    
            
            

                
                    31
                

                                    
                                                    
                
                
                
                $this->request = $parameter;

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Documentation
            Bug
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                                
                            
                        

                                        
$parameter is of type Illuminate\Http\Request, but the property $request was declared to be of type Sarala\Http\Requests\ApiRequestAbstract. Are you sure that you always receive this specific sub-class here, or does it make sense to add an instanceof check?
                                                                                                                                                                                                                                                            

                    
                                            

                            

                            

                                
                                    
                                
                            


                            
Our type inference engine has found a suspicous assignment of a value to a property.
This check raises an issue when a value that can be of a given class or a super-class
is assigned to a property that is type hinted more strictly.


Either this assignment is in error or an instanceof check should be added for that assignment.


class Alien {}

class Dalek extends Alien {}

class Plot
{
    /** @var  Dalek */
    public $villain;
}

$alien = new Alien();
$plot = new Plot();
if ($alien instanceof Dalek) {
    $plot->villain = $alien;
}





                        

                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                                        
                            
            
                                    
            
            

                
                    32
                

                                    
                                                    
                
                
                
            }

            


            
                                                                        
                            
            
                                    
            
            

                
                    33
                

                                    
                                                    
                
                
                
        }

            


            
                                                                        
                            
            
                                    
            
            

                
                    34
                

                                    
                                                    
                
                
                
    }

            


            
                                                                        
                            
            
                                    
            
            

                
                    35
                

                                    
                                                    
                
                
                

            


            
                                                                        
                            
            
                                    
            
            

                
                    36
                

                                    
                                                    
                
                
                
    private function sanitizeIncludes()

            


            
                                                                        
                            
            
                                    
            
            

                
                    37
                

                                    
                                                    
                
                
                
    {

            


            
                                                                        
                            
            
                                    
            
            

                
                    38
                

                                    
                                                    
                
                
                
        $this->request->includes()->each(function ($params, $field) {

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Bug
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                        

                                        
The method includes() does not exist on Sarala\Http\Requests\ApiRequestAbstract. Since you implemented __call, consider adding a @method annotation.
                                                                                   (
                                     Ignorable by Annotation
                                )
                                

                                    
 If this is a false-positive, you can also ignore this issue in your code via the ignore-call   annotation

                                    

                                        

                                            38
                                            
                                                
        $this->request->/** @scrutinizer ignore-call */ 

                                        

                                                                                

                                            39
                                            
                                                
                        includes()->each(function ($params, $field) {

                                        

                                                                            

                                

                                                                                                                                                                                                                                    

                    
                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                                        
                            
            
                                    
            
            

                
                    39
                

                                    
                                                    
                
                
                
            if (! $this->isIncludeAllowed($field)) {

            


            
                                                                        
                            
            
                                    
            
            

                
                    40
                

                                    
                                                    
                
                
                
                throw new UnauthorizedIncludeException($field, $this->request->allowedIncludes());

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    41
                

                                    
                                                    
                
                
                
            }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    42
                

                                    
                                                    
                
                
                
        });

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    43
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    44
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    45
                

                                    
                                                    
                
                
                
    private function isIncludeAllowed($field): bool

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    46
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    47
                

                                    
                                                    
                
                
                
        foreach ($this->request->allowedIncludes() as $allowedInclude) {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    48
                

                                    
                                                    
                
                
                
            if (Str::startsWith($allowedInclude, $field)) {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    49
                

                                    
                                                    
                
                
                
                return true;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    50
                

                                    
                                                    
                
                
                
            }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    51
                

                                    
                                                    
                
                
                
        }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    52
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    53
                

                                    
                                                    
                
                
                
        return false;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    54
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    55
                

                                    
                                                    
                
                
                
}

            


            
                                                        
            
                                    
            
            

                
                    56