SecureEditableFileFieldTest::testCreateFolder() - Code Metrics - Inspection of "API Upgrade for SS4 compatibility" - silverstripe/silverstripe-userforms - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#647)

by Robbie

created 2017-08-22 00:15 UTC

SecureEditableFileFieldTest::testCreateFolder() A

↳ Parent: SecureEditableFileFieldTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	10
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	10
rs	9.4285
c	0
b	0
f	0
cc	1
eloc	8
nc	1
nop	0

<?php

namespace SilverStripe\UserForms\Tests\Model\EditableFormField;

use SilverStripe\Assets\Filesystem;
use SilverStripe\Assets\Folder;
use SilverStripe\Core\Config\Config;
use SilverStripe\Dev\SapphireTest;
use SilverStripe\UserForms\Model\EditableFormField\EditableFileField;

/**
 * Tests integration of EditableFileField with the securefiles module
 *
 * @todo
 * @author dmooyman
 */
class SecureEditableFileFieldTest extends SapphireTest
{
    protected $usesDatabase = true;

    protected function setUp()
    {
        parent::setUp();

        if (!class_exists('SecureFileExtension')) {
            $this->skipTest = true;
class MyClass { }

$x = new MyClass();
$x->foo = true;
            $this->markTestSkipped(get_class() . ' skipped unless running with securefiles');
        }
        Config::modify()->set(EditableFileField::class, 'secure_folder_name', 'SecureEditableFileFieldTest/SecureUploads');
        $this->clearPath();
    }

    protected function tearDown()
    {
        $this->clearPath();
        parent::tearDown();
    }

    protected function clearPath()
    {
        if (file_exists(ASSETS_PATH . '/SecureEditableFileFieldTest')) {
            Filesystem::removeFolder(ASSETS_PATH . '/SecureEditableFileFieldTest');
        }
    }

    /**
     * Test that newly created folders are secure
     */
    public function testCreateFolder()
    {
        $field = new EditableFileField();
        $field->write();
        $this->assertTrue($field->getIsSecure());
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $this->assertTrue($field->Folder()->exists());
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $this->assertEquals('assets/SecureEditableFileFieldTest/SecureUploads/', $field->Folder()->Filename);
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $this->assertEquals('OnlyTheseUsers', $field->Folder()->CanViewType);
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $this->assertEquals(1, $field->Folder()->ViewerGroups()->first()->Permissions()->filter('code', 'ADMIN')->count());
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
    }

    /**
     * Test new folders that are created without security enabled
     */
    public function testCreateInsecure()
    {
        Config::modify()->set(EditableFileField::class, 'disable_security', true);

        // Esure folder is created without a folder
        $field = new EditableFileField();
        $field->write();
        $this->assertFalse($field->getIsSecure());
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $this->assertFalse($field->Folder()->exists());
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }

        // Assigning a non-secure folder doesn't secure this
        $folder = Folder::find_or_make('SecureEditableFileFieldTest/PublicFolder');
        $field->FolderID = $folder->ID;
<?php

/**
 * @property int $x
 * @property int $y
 * @property string $text
 */
class MyLabel
{
    private $properties;

    private $allowedProperties = array('x', 'y', 'text');

    public function __get($name)
    {
        if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) {
            return $properties[$name];
        } else {
            return null;
        }
    }

    public function __set($name, $value)
    {
        if (in_array($name, $this->allowedProperties)) {
            $properties[$name] = $value;
        } else {
            throw new \LogicException("Property $name is not defined.");
        }
    }

}
        $field->write();

        $this->assertFalse($field->getIsSecure());
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $this->assertTrue($field->Folder()->exists());
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $this->assertEquals('assets/SecureEditableFileFieldTest/PublicFolder/', $field->Folder()->Filename);
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }
        $this->assertEquals('Inherit', $field->Folder()->CanViewType);
class ParentClass {
    private $data = array();

    public function __call($method, array $args) {
        if (0 === strpos($method, 'get')) {
            return $this->data[strtolower(substr($method, 3))];
        }

        throw new \LogicException(sprintf('Unsupported method: %s', $method));
    }
}

/**
 * If this class knows which fields exist, you can specify the methods here:
 *
 * @method string getName()
 */
class SomeClass extends ParentClass { }

        // Enabling security and re-saving will force this field to be made secure (but not changed)
        Config::modify()->set(EditableFileField::class, 'disable_security', false);
        singleton(EditableFileField::class)->requireDefaultRecords();

        // Reload record from DB
        $field = EditableFileField::get()->byID($field->ID);

        // Existing folder is now secured (retro-actively secures any old uploads)
        $this->assertTrue($field->getIsSecure());
        $this->assertTrue($field->Folder()->exists());
        $this->assertEquals('assets/SecureEditableFileFieldTest/PublicFolder/', $field->Folder()->Filename);
        $this->assertEquals('OnlyTheseUsers', $field->Folder()->CanViewType);
        $this->assertEquals(1, $field->Folder()->ViewerGroups()->first()->Permissions()->filter('code', 'ADMIN')->count());
    }
}


1			<?php
2
3			namespace SilverStripe\UserForms\Tests\Model\EditableFormField;
4
5			use SilverStripe\Assets\Filesystem;
6			use SilverStripe\Assets\Folder;
7			use SilverStripe\Core\Config\Config;
8			use SilverStripe\Dev\SapphireTest;
9			use SilverStripe\UserForms\Model\EditableFormField\EditableFileField;
10
11			/**
12			* Tests integration of EditableFileField with the securefiles module
13			*
14			* @todo
15			* @author dmooyman
16			*/
17			class SecureEditableFileFieldTest extends SapphireTest
18			{
19			protected $usesDatabase = true;
20
21			protected function setUp()
22			{
23			parent::setUp();
24
25			if (!class_exists('SecureFileExtension')) {
26			$this->skipTest = true;
			0 ignored issues – show Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The property `skipTest` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
27			$this->markTestSkipped(get_class() . ' skipped unless running with securefiles');
28			}
29			Config::modify()->set(EditableFileField::class, 'secure_folder_name', 'SecureEditableFileFieldTest/SecureUploads');
30			$this->clearPath();
31			}
32
33			protected function tearDown()
34			{
35			$this->clearPath();
36			parent::tearDown();
37			}
38
39			protected function clearPath()
40			{
41			if (file_exists(ASSETS_PATH . '/SecureEditableFileFieldTest')) {
42			Filesystem::removeFolder(ASSETS_PATH . '/SecureEditableFileFieldTest');
43			}
44			}
45
46			/**
47			* Test that newly created folders are secure
48			*/
49			public function testCreateFolder()
50			{
51			$field = new EditableFileField();
52			$field->write();
53			$this->assertTrue($field->getIsSecure());
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `getIsSecure` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
54			$this->assertTrue($field->Folder()->exists());
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `Folder` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
55			$this->assertEquals('assets/SecureEditableFileFieldTest/SecureUploads/', $field->Folder()->Filename);
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `Folder` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
56			$this->assertEquals('OnlyTheseUsers', $field->Folder()->CanViewType);
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `Folder` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
57			$this->assertEquals(1, $field->Folder()->ViewerGroups()->first()->Permissions()->filter('code', 'ADMIN')->count());
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `Folder` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
58			}
59
60			/**
61			* Test new folders that are created without security enabled
62			*/
63			public function testCreateInsecure()
64			{
65			Config::modify()->set(EditableFileField::class, 'disable_security', true);
66
67			// Esure folder is created without a folder
68			$field = new EditableFileField();
69			$field->write();
70			$this->assertFalse($field->getIsSecure());
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `getIsSecure` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
71			$this->assertFalse($field->Folder()->exists());
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `Folder` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
72
73			// Assigning a non-secure folder doesn't secure this
74			$folder = Folder::find_or_make('SecureEditableFileFieldTest/PublicFolder');
75			$field->FolderID = $folder->ID;
			0 ignored issues – show Documentation introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The property `FolderID` does not exist on `object<SilverStripe\User...ield\EditableFileField>`. Since you implemented `__set`, maybe consider adding a @property annotation. Since your code implements the magic setter `_set`, this function will be called for any write access on an undefined variable. You can add the `@property` annotation to your class or interface to document the existence of this variable. <?php /** * @property int $x * @property int $y * @property string $text */ class MyLabel { private $properties; private $allowedProperties = array('x', 'y', 'text'); public function __get($name) { if (isset($properties[$name]) && in_array($name, $this->allowedProperties)) { return $properties[$name]; } else { return null; } } public function __set($name, $value) { if (in_array($name, $this->allowedProperties)) { $properties[$name] = $value; } else { throw new \LogicException("Property $name is not defined."); } } } Since the property has write access only, you can use the @property-write annotation instead. Of course, you may also just have mistyped another name, in which case you should fix the error. See also the PhpDoc documentation for @property. Loading history...
76			$field->write();
77
78			$this->assertFalse($field->getIsSecure());
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `getIsSecure` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
79			$this->assertTrue($field->Folder()->exists());
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `Folder` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
80			$this->assertEquals('assets/SecureEditableFileFieldTest/PublicFolder/', $field->Folder()->Filename);
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `Folder` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
81			$this->assertEquals('Inherit', $field->Folder()->CanViewType);
			0 ignored issues – show Documentation Bug introduced 2017-08-16 02:04 UTC by Report Bug Copy Issue Report The method `Folder` does not exist on `object<SilverStripe\User...ield\EditableFileField>`? Since you implemented `__call`, maybe consider adding a @method annotation. If you implement `__call` and you know which methods are available, you can improve IDE auto-completion and static analysis by adding a @method annotation to the class. This is often the case, when `__call` is implemented by a parent class and only the child class knows which methods exist: class ParentClass { private $data = array(); public function __call($method, array $args) { if (0 === strpos($method, 'get')) { return $this->data[strtolower(substr($method, 3))]; } throw new \LogicException(sprintf('Unsupported method: %s', $method)); } } /** * If this class knows which fields exist, you can specify the methods here: * * @method string getName() */ class SomeClass extends ParentClass { } Loading history...
82
83			// Enabling security and re-saving will force this field to be made secure (but not changed)
84			Config::modify()->set(EditableFileField::class, 'disable_security', false);
85			singleton(EditableFileField::class)->requireDefaultRecords();
86
87			// Reload record from DB
88			$field = EditableFileField::get()->byID($field->ID);
89
90			// Existing folder is now secured (retro-actively secures any old uploads)
91			$this->assertTrue($field->getIsSecure());
92			$this->assertTrue($field->Folder()->exists());
93			$this->assertEquals('assets/SecureEditableFileFieldTest/PublicFolder/', $field->Folder()->Filename);
94			$this->assertEquals('OnlyTheseUsers', $field->Folder()->CanViewType);
95			$this->assertEquals(1, $field->Folder()->ViewerGroups()->first()->Permissions()->filter('code', 'ADMIN')->count());
96			}
97			}
98

silverstripe / silverstripe-userforms

Pull Request — master (#647)

SecureEditableFileFieldTest::testCreateFolder() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like