silverstripe /
silverstripe-mfa
| Conditions | 7 |
| Paths | 6 |
| Total Lines | 85 |
| Code Lines | 50 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 32 | public function reset(HTTPRequest $request): HTTPResponse |
||
| 33 | { |
||
| 34 | if (!$request->isPOST() || !$request->param('ID')) { |
||
| 35 | return $this->owner |
||
| 36 | ->getResponse() |
||
| 37 | ->setStatusCode(400) |
||
| 38 | ->addHeader('Content-Type', 'application/json') |
||
| 39 | ->setBody(json_encode( |
||
| 40 | [ |
||
| 41 | 'error' => _t(__CLASS__ . '.BAD_REQUEST', 'Invalid request') |
||
| 42 | ] |
||
| 43 | )); |
||
| 44 | } |
||
| 45 | |||
| 46 | $body = json_decode($request->getBody(), true); |
||
| 47 | |||
| 48 | if (!SecurityToken::inst()->check($body['csrf_token'] ?? null)) { |
||
| 49 | return $this->owner |
||
| 50 | ->getResponse() |
||
| 51 | ->setStatusCode(400) |
||
| 52 | ->addHeader('Content-Type', 'application/json') |
||
| 53 | ->setBody(json_encode( |
||
| 54 | [ |
||
| 55 | 'error' => _t(__CLASS__ . '.INVALID_CSRF_TOKEN', 'Invalid or missing CSRF token') |
||
| 56 | ] |
||
| 57 | )); |
||
| 58 | } |
||
| 59 | |||
| 60 | if (!Permission::check(MemberMFAExtension::MFA_ADMINISTER_REGISTERED_METHODS)) { |
||
| 61 | return $this->owner |
||
| 62 | ->getResponse() |
||
| 63 | ->setStatusCode(403) |
||
| 64 | ->addHeader('Content-Type', 'application/json') |
||
| 65 | ->setBody(json_encode( |
||
| 66 | [ |
||
| 67 | 'error' => _t( |
||
| 68 | __CLASS__ . '.INSUFFICIENT_PERMISSIONS', |
||
| 69 | 'Insufficient permissions to reset user' |
||
| 70 | ) |
||
| 71 | ] |
||
| 72 | )); |
||
| 73 | } |
||
| 74 | |||
| 75 | /** @var Member $memberToReset */ |
||
| 76 | $memberToReset = Member::get()->byID($request->param('ID')); |
||
| 77 | |||
| 78 | if ($memberToReset === null) { |
||
| 79 | return $this->owner |
||
| 80 | ->getResponse() |
||
| 81 | ->setStatusCode(403) |
||
| 82 | ->addHeader('Content-Type', 'application/json') |
||
| 83 | ->setBody(json_encode( |
||
| 84 | [ |
||
| 85 | 'error' => _t( |
||
| 86 | __CLASS__ . '.INVALID_MEMBER', |
||
| 87 | 'Requested member for reset not found' |
||
| 88 | ) |
||
| 89 | ] |
||
| 90 | )); |
||
| 91 | } |
||
| 92 | |||
| 93 | $sent = $this->sendResetEmail($memberToReset); |
||
| 94 | |||
| 95 | if (!$sent) { |
||
| 96 | return $this->owner |
||
| 97 | ->getResponse() |
||
| 98 | ->setStatusCode(500) |
||
| 99 | ->addHeader('Content-Type', 'application/json') |
||
| 100 | ->setBody(json_encode( |
||
| 101 | [ |
||
| 102 | 'error' => _t( |
||
| 103 | __CLASS__ . '.EMAIL_NOT_SENT', |
||
| 104 | 'Email sending failed' |
||
| 105 | ) |
||
| 106 | ] |
||
| 107 | )); |
||
| 108 | } |
||
| 109 | |||
| 110 | return $this->owner |
||
| 111 | ->getResponse() |
||
| 112 | ->setStatusCode(200) |
||
| 113 | ->addHeader('Content-Type', 'application/json') |
||
| 114 | ->setBody(json_encode( |
||
| 115 | [ |
||
| 116 | 'success' => true, |
||
| 117 | ] |
||
| 158 |
Loading history...
