This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | declare(strict_types=1); |
||
4 | |||
5 | /* |
||
6 | * This file is part of the Sonata Project package. |
||
7 | * |
||
8 | * (c) Thomas Rabaix <[email protected]> |
||
9 | * |
||
10 | * For the full copyright and license information, please view the LICENSE |
||
11 | * file that was distributed with this source code. |
||
12 | */ |
||
13 | |||
14 | namespace Sonata\AdminBundle\Command; |
||
15 | |||
16 | use Doctrine\Persistence\ManagerRegistry; |
||
17 | use Sonata\AdminBundle\Admin\AdminInterface; |
||
18 | use Sonata\AdminBundle\Admin\Pool; |
||
19 | use Sonata\AdminBundle\Util\ObjectAclManipulatorInterface; |
||
20 | use Symfony\Component\Console\Input\InputInterface; |
||
21 | use Symfony\Component\Console\Input\InputOption; |
||
22 | use Symfony\Component\Console\Output\OutputInterface; |
||
23 | use Symfony\Component\DependencyInjection\Exception\ServiceNotFoundException; |
||
24 | use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; |
||
25 | |||
26 | /** |
||
27 | * @author Thomas Rabaix <[email protected]> |
||
28 | */ |
||
29 | final class GenerateObjectAclCommand extends QuestionableCommand |
||
30 | { |
||
31 | protected static $defaultName = 'sonata:admin:generate-object-acl'; |
||
32 | |||
33 | /** |
||
34 | * @var string |
||
35 | */ |
||
36 | private $userModelClass = ''; |
||
37 | |||
38 | /** |
||
39 | * @var Pool |
||
40 | */ |
||
41 | private $pool; |
||
42 | |||
43 | /** |
||
44 | * An array of object ACL manipulators indexed by their service ids. |
||
45 | * |
||
46 | * @var ObjectAclManipulatorInterface[] |
||
47 | */ |
||
48 | private $aclObjectManipulators = []; |
||
49 | |||
50 | /** |
||
51 | * @var ManagerRegistry|null |
||
52 | */ |
||
53 | private $registry; |
||
54 | |||
55 | public function __construct(Pool $pool, array $aclObjectManipulators, ?ManagerRegistry $registry = null) |
||
56 | { |
||
57 | $this->pool = $pool; |
||
58 | $this->aclObjectManipulators = $aclObjectManipulators; |
||
59 | $this->registry = $registry; |
||
60 | |||
61 | parent::__construct(); |
||
62 | } |
||
63 | |||
64 | public function configure(): void |
||
65 | { |
||
66 | $this |
||
67 | ->setDescription('Install ACL for the objects of the Admin Classes.') |
||
68 | ->addOption('object_owner', null, InputOption::VALUE_OPTIONAL, 'If set, the task will set the object owner for each admin.') |
||
69 | ->addOption('user_model', null, InputOption::VALUE_OPTIONAL, 'Shortcut notation like <comment>AcmeDemoBundle:User</comment>. If not set, it will be asked the first time an object owner is set.') |
||
70 | ->addOption('step', null, InputOption::VALUE_NONE, 'If set, the task will ask for each admin if the ACLs need to be generated and what object owner to set, if any.') |
||
71 | ; |
||
72 | } |
||
73 | |||
74 | public function execute(InputInterface $input, OutputInterface $output): int |
||
75 | { |
||
76 | $output->writeln('Welcome to the AdminBundle object ACL generator'); |
||
77 | $output->writeln([ |
||
0 ignored issues
–
show
|
|||
78 | '', |
||
79 | 'This command helps you to generate ACL entities for the objects handled by the AdminBundle.', |
||
80 | '', |
||
81 | 'If the step option is used, you will be asked if you want to generate the object ACL entities for each Admin.', |
||
82 | 'You must use the shortcut notation like <comment>AcmeDemoBundle:User</comment> if you want to set an object owner.', |
||
83 | '', |
||
84 | ]); |
||
85 | |||
86 | if (!$this->registry) { |
||
87 | throw new ServiceNotFoundException('doctrine', static::class, null, [], sprintf( |
||
88 | 'The command "%s" has a dependency on a non-existent service "doctrine".', |
||
89 | static::$defaultName |
||
90 | )); |
||
91 | } |
||
92 | |||
93 | if ($input->getOption('user_model')) { |
||
94 | try { |
||
95 | $this->getUserModelClass($input, $output); |
||
96 | } catch (\Exception $e) { |
||
97 | $output->writeln(sprintf('<error>%s</error>', $e->getMessage())); |
||
98 | |||
99 | return 1; |
||
100 | } |
||
101 | } |
||
102 | |||
103 | if (!$this->aclObjectManipulators) { |
||
0 ignored issues
–
show
The expression
$this->aclObjectManipulators of type Sonata\AdminBundle\Util\...lManipulatorInterface[] is implicitly converted to a boolean; are you sure this is intended? If so, consider using empty($expr) instead to make it clear that you intend to check for an array without elements.
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using
Loading history...
|
|||
104 | $output->writeln('No manipulators are implemented : <info>ignoring</info>'); |
||
105 | |||
106 | return 1; |
||
107 | } |
||
108 | |||
109 | foreach ($this->pool->getAdminServiceIds() as $id) { |
||
110 | try { |
||
111 | $admin = $this->pool->getInstance($id); |
||
112 | } catch (\Exception $e) { |
||
113 | $output->writeln('<error>Warning : The admin class cannot be initiated from the command line</error>'); |
||
114 | $output->writeln(sprintf('<error>%s</error>', $e->getMessage())); |
||
115 | |||
116 | continue; |
||
117 | } |
||
118 | |||
119 | if ($input->getOption('step') && !$this->askConfirmation($input, $output, sprintf("<question>Generate ACLs for the object instances handled by \"%s\"?</question>\n", $id), 'no')) { |
||
120 | continue; |
||
121 | } |
||
122 | |||
123 | $securityIdentity = null; |
||
124 | if ($input->getOption('step') && $this->askConfirmation($input, $output, "<question>Set an object owner?</question>\n", 'no')) { |
||
125 | $username = $this->askAndValidate($input, $output, 'Please enter the username: ', '', 'Sonata\AdminBundle\Command\Validators::validateUsername'); |
||
126 | |||
127 | $securityIdentity = new UserSecurityIdentity($username, $this->getUserModelClass($input, $output)); |
||
128 | } |
||
129 | if (!$input->getOption('step') && $input->getOption('object_owner')) { |
||
130 | $securityIdentity = new UserSecurityIdentity($input->getOption('object_owner'), $this->getUserModelClass($input, $output)); |
||
131 | } |
||
132 | |||
133 | $manipulatorId = sprintf('sonata.admin.manipulator.acl.object.%s', $admin->getManagerType()); |
||
134 | if (!$manipulator = $this->aclObjectManipulators[$manipulatorId] ?? null) { |
||
135 | $output->writeln('Admin class is using a manager type that has no manipulator implemented : <info>ignoring</info>'); |
||
136 | |||
137 | continue; |
||
138 | } |
||
139 | if (!$manipulator instanceof ObjectAclManipulatorInterface) { |
||
140 | $output->writeln(sprintf('The interface "ObjectAclManipulatorInterface" is not implemented for %s: <info>ignoring</info>', \get_class($manipulator))); |
||
141 | |||
142 | continue; |
||
143 | } |
||
144 | |||
145 | \assert($admin instanceof AdminInterface); |
||
146 | $manipulator->batchConfigureAcls($output, $admin, $securityIdentity); |
||
147 | } |
||
148 | |||
149 | return 0; |
||
150 | } |
||
151 | |||
152 | protected function initialize(InputInterface $input, OutputInterface $output) |
||
153 | { |
||
154 | parent::initialize($input, $output); |
||
155 | } |
||
156 | |||
157 | private function getUserModelClass(InputInterface $input, OutputInterface $output): string |
||
158 | { |
||
159 | if ('' === $this->userModelClass) { |
||
160 | if ($input->getOption('user_model')) { |
||
161 | [$userBundle, $userModel] = Validators::validateEntityName($input->getOption('user_model')); |
||
0 ignored issues
–
show
|
|||
162 | } else { |
||
163 | [$userBundle, $userModel] = $this->askAndValidate( |
||
164 | $input, |
||
165 | $output, |
||
166 | 'Please enter the User Entity shortcut name: ', |
||
167 | '', |
||
168 | 'Sonata\AdminBundle\Command\Validators::validateEntityName' |
||
169 | ); |
||
170 | } |
||
171 | |||
172 | $namespace = $this->registry->getAliasNamespace($userBundle); |
||
173 | |||
174 | $this->userModelClass = sprintf('%s\%s', $namespace, $userModel); |
||
175 | } |
||
176 | |||
177 | return $this->userModelClass; |
||
178 | } |
||
179 | } |
||
180 |
It seems like the type of the argument is not accepted by the function/method which you are calling.
In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.
We suggest to add an explicit type cast like in the following example: