PermissionMiddleware::handle() - Code Metrics - Inspection of "Add dynamic redirect on middleware, and config for..." - spatie/laravel-permission - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#517)

by Chris

created 2017-10-18 13:01 UTC

PermissionMiddleware::handle() C

↳ Parent: PermissionMiddleware

Complexity

Conditions	7
Paths	21

Size

Total Lines	28
Code Lines	17

Duplication

Lines	28
Ratio	100 %

Importance

Changes	1
Bugs	1	Features	0

Metric	Value
cc	7
eloc	17
c	1
b	1
f	0
nc	21
nop	3
dl	28
loc	28
rs	6.7272

<?php

namespace Spatie\Permission\Middlewares;

use Closure;
use Illuminate\Support\Facades\Auth;

class PermissionMiddleware

{
    public function handle($request, Closure $next, $permission)
    {
        $routeNameRedirect = config('permission.unauthorized_route_name_redirect');

        if (Auth::guest()) {
            if (! is_null($routeNameRedirect)) {
                return redirect()
                    ->route($routeNameRedirect);
            }
            abort(403);
        }

        $permissions = is_array($permission)
            ? $permission
            : explode('|', $permission);

        foreach ($permissions as $permission) {
            if (Auth::user()->can($permission)) {
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
                return $next($request);
            }
        }

        if (! is_null($routeNameRedirect)) {
            return redirect()
                ->route($routeNameRedirect);
        }
        abort(403);
    }
}


1		<?php
2
3		namespace Spatie\Permission\Middlewares;
4
5		use Closure;
6		use Illuminate\Support\Facades\Auth;
7
8	View Code Duplication	class PermissionMiddleware
		0 ignored issues – show Duplication introduced 2017-07-31 17:47 UTC by Report Bug Copy Issue Report This class seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
9		{
10		public function handle($request, Closure $next, $permission)
11		{
12		$routeNameRedirect = config('permission.unauthorized_route_name_redirect');
13
14		if (Auth::guest()) {
15		if (! is_null($routeNameRedirect)) {
16		return redirect()
17		->route($routeNameRedirect);
18		}
19		abort(403);
20		}
21
22		$permissions = is_array($permission)
23		? $permission
24		: explode('\|', $permission);
25
26		foreach ($permissions as $permission) {
27		if (Auth::user()->can($permission)) {
		0 ignored issues – show Bug introduced 2017-09-02 11:00 UTC by Report Bug Copy Issue Report It seems like you code against a concrete implementation and not the interface `Illuminate\Contracts\Auth\Authenticatable` as the method `can()` does only exist in the following implementations of said interface: `Illuminate\Foundation\Auth\User`. Let’s take a look at an example: interface User { /** @return string / public function getPassword(); } class MyUser implements User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the interface: interface User { /** @return string / public function getPassword(); /* @return string */ public function getDisplayName(); } Loading history...
28		return $next($request);
29		}
30		}
31
32		if (! is_null($routeNameRedirect)) {
33		return redirect()
34		->route($routeNameRedirect);
35		}
36		abort(403);
37		}
38		}
39

spatie / laravel-permission

Pull Request — master (#517)

PermissionMiddleware::handle() C

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like