AdminAclManipulator - Code Metrics - Inspection of "Merge remote-tracking branch 'origin/3.x'" - sonata-project/SonataAdminBundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 2ff8b4...848fca )

by Grégoire

created 2017-12-17 17:01 UTC

AdminAclManipulator A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	93
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	5

Importance

Changes

Metric	Value
wmc	16
lcom	1
cbo	5
dl	0
loc	93
rs	10
c	0
b	0
f	0

3 Methods

Rating	Name	Size	Complexity
A	__construct()	4	1
B	configureAcls()	27	5
C	addAdminClassAces()	49	10

<?php

declare(strict_types=1);

/*
 * This file is part of the Sonata Project package.
 *
 * (c) Thomas Rabaix <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Sonata\AdminBundle\Util;

use Sonata\AdminBundle\Admin\AdminInterface;
use Sonata\AdminBundle\Security\Handler\AclSecurityHandlerInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
use Symfony\Component\Security\Acl\Model\AclInterface;

/**
 * @author Thomas Rabaix <[email protected]>
 */
class AdminAclManipulator implements AdminAclManipulatorInterface
{
    /**
     * @var string
     */
    protected $maskBuilderClass;

    /**
     * @param string $maskBuilderClass
     */
    public function __construct($maskBuilderClass)
    {
        $this->maskBuilderClass = $maskBuilderClass;
    }

    public function configureAcls(OutputInterface $output, AdminInterface $admin): void
    {
        $securityHandler = $admin->getSecurityHandler();
        if (!$securityHandler instanceof AclSecurityHandlerInterface) {
            $output->writeln(sprintf('Admin `%s` is not configured to use ACL : <info>ignoring</info>', $admin->getCode()));

            return;
        }

        $objectIdentity = ObjectIdentity::fromDomainObject($admin);
        $newAcl = false;
        if (null === ($acl = $securityHandler->getObjectAcl($objectIdentity))) {
            $acl = $securityHandler->createAcl($objectIdentity);
            $newAcl = true;
        }

        // create admin ACL
        $output->writeln(sprintf(' > install ACL for %s', $admin->getCode()));
        $configResult = $this->addAdminClassAces($output, $acl, $securityHandler, $securityHandler->buildSecurityInformation($admin));

        if ($configResult) {
            $securityHandler->updateAcl($acl);
        } else {
            $output->writeln(sprintf('   - %s , no roles and permissions found', ($newAcl ? 'skip' : 'removed')));
            $securityHandler->deleteAcl($objectIdentity);
        }
    }

    public function addAdminClassAces(
        OutputInterface $output,
        AclInterface $acl,
        AclSecurityHandlerInterface $securityHandler,
        array $roleInformation = []
    ) {
        if (count($securityHandler->getAdminPermissions()) > 0) {
            $builder = new $this->maskBuilderClass();

            foreach ($roleInformation as $role => $permissions) {
                $aceIndex = $securityHandler->findClassAceIndexByRole($acl, $role);
                $roleAdminPermissions = [];

                foreach ($permissions as $permission) {
                    // add only the admin permissions
                    if (in_array($permission, $securityHandler->getAdminPermissions())) {
                        $builder->add($permission);
                        $roleAdminPermissions[] = $permission;
                    }
                }

                if (count($roleAdminPermissions) > 0) {
                    if (false === $aceIndex) {
                        $acl->insertClassAce(new RoleSecurityIdentity($role), $builder->get());
                        $action = 'add';
                    } else {
                        $acl->updateClassAce($aceIndex, $builder->get());
                        $action = 'update';
                    }

                    if (null !== $output) {
                        $output->writeln(sprintf('   - %s role: %s, permissions: %s', $action, $role, json_encode($roleAdminPermissions)));
                    }

                    $builder->reset();
                } elseif (false !== $aceIndex) {
                    $acl->deleteClassAce($aceIndex);

                    if (null !== $output) {
                        $output->writeln(sprintf('   - remove role: %s', $role));
                    }
                }
            }

            return true;
        }

        return false;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* This file is part of the Sonata Project package.
7			*
8			* (c) Thomas Rabaix <[email protected]>
9			*
10			* For the full copyright and license information, please view the LICENSE
11			* file that was distributed with this source code.
12			*/
13
14			namespace Sonata\AdminBundle\Util;
15
16			use Sonata\AdminBundle\Admin\AdminInterface;
17			use Sonata\AdminBundle\Security\Handler\AclSecurityHandlerInterface;
18			use Symfony\Component\Console\Output\OutputInterface;
19			use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
20			use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
21			use Symfony\Component\Security\Acl\Model\AclInterface;
22
23			/**
24			* @author Thomas Rabaix <[email protected]>
25			*/
26			class AdminAclManipulator implements AdminAclManipulatorInterface
27			{
28			/**
29			* @var string
30			*/
31			protected $maskBuilderClass;
32
33			/**
34			* @param string $maskBuilderClass
35			*/
36			public function __construct($maskBuilderClass)
37			{
38			$this->maskBuilderClass = $maskBuilderClass;
39			}
40
41			public function configureAcls(OutputInterface $output, AdminInterface $admin): void
42			{
43			$securityHandler = $admin->getSecurityHandler();
44			if (!$securityHandler instanceof AclSecurityHandlerInterface) {
45			$output->writeln(sprintf('Admin `%s` is not configured to use ACL : <info>ignoring</info>', $admin->getCode()));
46
47			return;
48			}
49
50			$objectIdentity = ObjectIdentity::fromDomainObject($admin);
51			$newAcl = false;
52			if (null === ($acl = $securityHandler->getObjectAcl($objectIdentity))) {
53			$acl = $securityHandler->createAcl($objectIdentity);
54			$newAcl = true;
55			}
56
57			// create admin ACL
58			$output->writeln(sprintf(' > install ACL for %s', $admin->getCode()));
59			$configResult = $this->addAdminClassAces($output, $acl, $securityHandler, $securityHandler->buildSecurityInformation($admin));
60
61			if ($configResult) {
62			$securityHandler->updateAcl($acl);
63			} else {
64			$output->writeln(sprintf(' - %s , no roles and permissions found', ($newAcl ? 'skip' : 'removed')));
65			$securityHandler->deleteAcl($objectIdentity);
66			}
67			}
68
69			public function addAdminClassAces(
70			OutputInterface $output,
71			AclInterface $acl,
72			AclSecurityHandlerInterface $securityHandler,
73			array $roleInformation = []
74			) {
75			if (count($securityHandler->getAdminPermissions()) > 0) {
76			$builder = new $this->maskBuilderClass();
77
78			foreach ($roleInformation as $role => $permissions) {
79			$aceIndex = $securityHandler->findClassAceIndexByRole($acl, $role);
80			$roleAdminPermissions = [];
81
82			foreach ($permissions as $permission) {
83			// add only the admin permissions
84			if (in_array($permission, $securityHandler->getAdminPermissions())) {
85			$builder->add($permission);
86			$roleAdminPermissions[] = $permission;
87			}
88			}
89
90			if (count($roleAdminPermissions) > 0) {
91			if (false === $aceIndex) {
92			$acl->insertClassAce(new RoleSecurityIdentity($role), $builder->get());
93			$action = 'add';
94			} else {
95			$acl->updateClassAce($aceIndex, $builder->get());
96			$action = 'update';
97			}
98
99			if (null !== $output) {
100			$output->writeln(sprintf(' - %s role: %s, permissions: %s', $action, $role, json_encode($roleAdminPermissions)));
101			}
102
103			$builder->reset();
104			} elseif (false !== $aceIndex) {
105			$acl->deleteClassAce($aceIndex);
106
107			if (null !== $output) {
108			$output->writeln(sprintf(' - remove role: %s', $role));
109			}
110			}
111			}
112
113			return true;
114			}
115
116			return false;
117			}
118			}
119

sonata-project / SonataAdminBundle

Push — master ( 2ff8b4...848fca )

AdminAclManipulator A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

3 Methods

Duplication Side-by-Side

Filter issues like