LDAPChangePasswordForm::__construct() - Code Metrics - Inspection of "Tweaks (#71)" - silverstripe/silverstripe-activedirectory - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( e18afa...9fbdf0 )

by Mateusz

created 2016-07-12 00:35 UTC

LDAPChangePasswordForm::__construct() D

↳ Parent: LDAPChangePasswordForm

Complexity

Conditions	9
Paths	50

Size

Total Lines	38
Code Lines	22

Duplication

Lines	11
Ratio	28.95 %

Importance

Changes	3
Bugs	0	Features	0

Metric	Value
c	3
b	0
f	0
dl	11
loc	38
rs	4.909
cc	9
eloc	22
nc	50
nop	4

<?php

class LDAPChangePasswordForm extends ChangePasswordForm
namespace YourVendor;

class YourClass { }
{
    /**
     * The sole purpose for overriding the constructor is surfacing the username to the user.
     */
    public function __construct($controller, $name, $fields = null, $actions = null)
    {
        parent::__construct($controller, $name, $fields, $actions);

        // Obtain the Member object. If the user got this far, they must have already been synced.
        $member = Member::currentUser();
        if (!$member) {

            if (Session::get('AutoLoginHash')) {
                $member = Member::member_from_autologinhash(Session::get('AutoLoginHash'));
            }

            // The user is not logged in and no valid auto login hash is available
            if (!$member) {
                Session::clear('AutoLoginHash');
                return $this->controller->redirect($this->controller->Link('login'));

            }
        }

        $data = Injector::inst()->get('LDAPService')->getUserByGUID($member->GUID, array('samaccountname'));

        $emailField = null;
        $usernameField = null;
        if (Config::inst()->get('LDAPAuthenticator', 'allow_email_login')==='yes' && !empty($member->Email)) {
            $emailField = new TextField('Email', _t('LDAPLoginForm.USERNAMEOREMAIL', 'Email'), $member->Email, null, $this);
        }
        if (!empty($data['samaccountname'])) {
            $usernameField = new TextField('Username', _t('LDAPLoginForm.USERNAME', 'Username'), $data['samaccountname'], null, $this);
        }

        if ($emailField) {
            $emailFieldReadonly = $emailField->performDisabledTransformation();
            $this->Fields()->unshift($emailFieldReadonly);
        }
        if ($usernameField) {
            $usernameFieldReadonly = $usernameField->performDisabledTransformation();
            $this->Fields()->unshift($usernameFieldReadonly);
        }
    }

    /**
     * Change the password
     *
     * @param array $data The user submitted data
     * @return SS_HTTPResponse
     */
    public function doChangePassword(array $data)
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        /**
         * @var LDAPService $service
         */
        $service = Injector::inst()->get('LDAPService');
        $member = Member::currentUser();
        if ($member) {
            try {
                $userData = $service->getUserByGUID($member->GUID);
            } catch (Exception $e) {
                SS_Log::log($e->getMessage(), SS_Log::ERR);
                $this->clearMessage();
                $this->sessionMessage(
                    _t('LDAPAuthenticator.NOUSER', 'Your account hasn\'t been setup properly, please contact an administrator.'),
                    'bad'
                );
                return $this->controller->redirect($this->controller->Link('changepassword'));

            }
            $loginResult = $service->authenticate($userData['samaccountname'], $data['OldPassword']);
            if (!$loginResult['success']) {

                $this->clearMessage();
                $this->sessionMessage(
                    _t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"),
                    "bad"
                );
                // redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
                return $this->controller->redirect($this->controller->Link('changepassword'));

            }
        }

        if (!$member) {

            if (Session::get('AutoLoginHash')) {
                $member = Member::member_from_autologinhash(Session::get('AutoLoginHash'));
            }

            // The user is not logged in and no valid auto login hash is available
            if (!$member) {
                Session::clear('AutoLoginHash');
                return $this->controller->redirect($this->controller->Link('login'));

            }
        }

        // Check the new password
        if (empty($data['NewPassword1'])) {
            $this->clearMessage();
            $this->sessionMessage(
                _t('Member.EMPTYNEWPASSWORD', "The new password can't be empty, please try again"),
                "bad");

            // redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
            return $this->controller->redirect($this->controller->Link('changepassword'));

        } elseif ($data['NewPassword1'] == $data['NewPassword2']) {
            $isValid = $service->setPassword($member, $data['NewPassword1']);

            // try to catch connection and other errors LDAPService may throw
            if ($isValid->valid()) {
                $member->logIn();

                Session::clear('AutoLoginHash');

                // Clear locked out status
                $member->LockedOutUntil = null;
                $member->FailedLoginCount = null;
                $member->write();

                if (!empty($_REQUEST['BackURL'])
                    // absolute redirection URLs may cause spoofing
                    && Director::is_site_url($_REQUEST['BackURL'])
                ) {
                    $url = Director::absoluteURL($_REQUEST['BackURL']);
                    return $this->controller->redirect($url);
                } else {
                    // Redirect to default location - the login form saying "You are logged in as..."
                    $redirectURL = HTTP::setGetVar(
                        'BackURL',
                        Director::absoluteBaseURL(), $this->controller->Link('login')

                    );
                    return $this->controller->redirect($redirectURL);
                }
            } else {
                $this->clearMessage();
                $this->sessionMessage($isValid->message(), "bad");
                // redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
                return $this->controller->redirect($this->controller->Link('changepassword'));

            }
        } else {

            $this->clearMessage();
            $this->sessionMessage(
                _t('Member.ERRORNEWPASSWORD', "You have entered your new password differently, try again"),
                "bad");

            // redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
            return $this->controller->redirect($this->controller->Link('changepassword'));

        }
    }
}


1		<?php
2
3		class LDAPChangePasswordForm extends ChangePasswordForm
		0 ignored issues – show Coding Style Compatibility introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions. You can fix this by adding a namespace to your class: namespace YourVendor; class YourClass { } When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries. Loading history...
4		{
5		/**
6		* The sole purpose for overriding the constructor is surfacing the username to the user.
7		*/
8		public function __construct($controller, $name, $fields = null, $actions = null)
9		{
10		parent::__construct($controller, $name, $fields, $actions);
11
12		// Obtain the Member object. If the user got this far, they must have already been synced.
13		$member = Member::currentUser();
14	View Code Duplication	if (!$member) {
		0 ignored issues – show Duplication introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
15		if (Session::get('AutoLoginHash')) {
16		$member = Member::member_from_autologinhash(Session::get('AutoLoginHash'));
17		}
18
19		// The user is not logged in and no valid auto login hash is available
20		if (!$member) {
21		Session::clear('AutoLoginHash');
22		return $this->controller->redirect($this->controller->Link('login'));
		0 ignored issues – show Unused Code introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report The call to `Controller::Link()` has too many arguments starting with `'login'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history... Bug introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report Constructors do not have meaningful return values, anything that is returned from here is discarded. Are you sure this is correct? Loading history...
23		}
24		}
25
26		$data = Injector::inst()->get('LDAPService')->getUserByGUID($member->GUID, array('samaccountname'));
27
28		$emailField = null;
29		$usernameField = null;
30		if (Config::inst()->get('LDAPAuthenticator', 'allow_email_login')==='yes' && !empty($member->Email)) {
31		$emailField = new TextField('Email', _t('LDAPLoginForm.USERNAMEOREMAIL', 'Email'), $member->Email, null, $this);
32		}
33		if (!empty($data['samaccountname'])) {
34		$usernameField = new TextField('Username', _t('LDAPLoginForm.USERNAME', 'Username'), $data['samaccountname'], null, $this);
35		}
36
37		if ($emailField) {
38		$emailFieldReadonly = $emailField->performDisabledTransformation();
39		$this->Fields()->unshift($emailFieldReadonly);
40		}
41		if ($usernameField) {
42		$usernameFieldReadonly = $usernameField->performDisabledTransformation();
43		$this->Fields()->unshift($usernameFieldReadonly);
44		}
45		}
46
47		/**
48		* Change the password
49		*
50		* @param array $data The user submitted data
51		* @return SS_HTTPResponse
52		*/
53		public function doChangePassword(array $data)
		0 ignored issues – show Coding Style introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report `doChangePassword` uses the super-global variable `$_REQUEST` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
54		{
55		/**
56		* @var LDAPService $service
57		*/
58		$service = Injector::inst()->get('LDAPService');
59		$member = Member::currentUser();
60		if ($member) {
61		try {
62		$userData = $service->getUserByGUID($member->GUID);
63		} catch (Exception $e) {
64		SS_Log::log($e->getMessage(), SS_Log::ERR);
65		$this->clearMessage();
66		$this->sessionMessage(
67		_t('LDAPAuthenticator.NOUSER', 'Your account hasn\'t been setup properly, please contact an administrator.'),
68		'bad'
69		);
70		return $this->controller->redirect($this->controller->Link('changepassword'));
		0 ignored issues – show Unused Code introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report The call to `Controller::Link()` has too many arguments starting with `'changepassword'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
71		}
72		$loginResult = $service->authenticate($userData['samaccountname'], $data['OldPassword']);
73	View Code Duplication	if (!$loginResult['success']) {
		0 ignored issues – show Duplication introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
74		$this->clearMessage();
75		$this->sessionMessage(
76		_t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"),
77		"bad"
78		);
79		// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
80		return $this->controller->redirect($this->controller->Link('changepassword'));
		0 ignored issues – show Unused Code introduced 2016-07-12 00:33 UTC by Report Bug Copy Issue Report The call to `Controller::Link()` has too many arguments starting with `'changepassword'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
81		}
82		}
83
84	View Code Duplication	if (!$member) {
		0 ignored issues – show Duplication introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
85		if (Session::get('AutoLoginHash')) {
86		$member = Member::member_from_autologinhash(Session::get('AutoLoginHash'));
87		}
88
89		// The user is not logged in and no valid auto login hash is available
90		if (!$member) {
91		Session::clear('AutoLoginHash');
92		return $this->controller->redirect($this->controller->Link('login'));
		0 ignored issues – show Unused Code introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report The call to `Controller::Link()` has too many arguments starting with `'login'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
93		}
94		}
95
96		// Check the new password
97		if (empty($data['NewPassword1'])) {
98		$this->clearMessage();
99		$this->sessionMessage(
100		_t('Member.EMPTYNEWPASSWORD', "The new password can't be empty, please try again"),
101		"bad");
102
103		// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
104		return $this->controller->redirect($this->controller->Link('changepassword'));
		0 ignored issues – show Unused Code introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report The call to `Controller::Link()` has too many arguments starting with `'changepassword'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
105		} elseif ($data['NewPassword1'] == $data['NewPassword2']) {
106		$isValid = $service->setPassword($member, $data['NewPassword1']);
		0 ignored issues – show Compatibility introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report `$member` of type `object<DataObject>` is not a sub-type of `object<Member>`. It seems like you assume a child class of the class `DataObject` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history...
107		// try to catch connection and other errors LDAPService may throw
108		if ($isValid->valid()) {
109		$member->logIn();
110
111		Session::clear('AutoLoginHash');
112
113		// Clear locked out status
114		$member->LockedOutUntil = null;
115		$member->FailedLoginCount = null;
116		$member->write();
117
118		if (!empty($_REQUEST['BackURL'])
119		// absolute redirection URLs may cause spoofing
120		&& Director::is_site_url($_REQUEST['BackURL'])
121		) {
122		$url = Director::absoluteURL($_REQUEST['BackURL']);
123		return $this->controller->redirect($url);
124		} else {
125		// Redirect to default location - the login form saying "You are logged in as..."
126		$redirectURL = HTTP::setGetVar(
127		'BackURL',
128		Director::absoluteBaseURL(), $this->controller->Link('login')
		0 ignored issues – show Unused Code introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report The call to `Controller::Link()` has too many arguments starting with `'login'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history... Security Bug introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report It seems like `\Director::absoluteBaseURL()` targeting `Director::absoluteBaseURL()` can also be of type `false`; however, `HTTP::setGetVar()` does only seem to accept `string`, did you maybe forget to handle an error condition? Loading history...
129		);
130		return $this->controller->redirect($redirectURL);
131		}
132		} else {
133		$this->clearMessage();
134		$this->sessionMessage($isValid->message(), "bad");
135		// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
136		return $this->controller->redirect($this->controller->Link('changepassword'));
		0 ignored issues – show Unused Code introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report The call to `Controller::Link()` has too many arguments starting with `'changepassword'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
137		}
138	View Code Duplication	} else {
		0 ignored issues – show Duplication introduced 2016-03-22 20:04 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
139		$this->clearMessage();
140		$this->sessionMessage(
141		_t('Member.ERRORNEWPASSWORD', "You have entered your new password differently, try again"),
142		"bad");
143
144		// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
145		return $this->controller->redirect($this->controller->Link('changepassword'));
		0 ignored issues – show Unused Code introduced 2016-07-12 00:33 UTC by Report Bug Copy Issue Report The call to `Controller::Link()` has too many arguments starting with `'changepassword'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
146		}
147		}
148		}
149

silverstripe / silverstripe-activedirectory

Push — master ( e18afa...9fbdf0 )

LDAPChangePasswordForm::__construct() D

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like