sunnysideup / silverstripe-health-check-provider

src/Control/HealthCheckController.php

<?php

namespace Sunnysideup\HealthCheckProvider\Control;

use SilverStripe\Control\Controller;
use SilverStripe\Core\Environment;
use Sunnysideup\HealthCheckProvider\Model\HealthCheckProvider;
use Sunnysideup\HealthCheckProvider\Model\HealthCheckProviderSecurity;

class HealthCheckController extends Controller
{
    protected $editorID = 0;

    private static $url_segment = 'health-check-provider';

The private property $url_segment is not used, and could be removed.

    private static $allowed_actions = [

The private property $allowed_actions is not used, and could be removed.

        'ping' => '->canProvide',
        'provide' => '->canProvide',
        'confirmreceipt' => '->canProvide',
    ];

    public function index($request)

The parameter $request is not used and could be removed.

    {
        return $this->httpError(404);
    }

    public function ping()
    {
        $this->getResponse()->addHeader('Content-type', 'application/json');
        return '{"Success": ' . ($this->canProvide() ? 'true' : 'false') . '}';
    }

    public function provide($request)
    {
        $check = $this->checkSecurity($request);
        if ($check !== 'all-good') {
            return $check;
        }

        //we are ready!~
        $this->getResponse()->addHeader('Content-type', 'application/json');
        return $this->provideData();
    }

    public function confirmreceipt($request)
    {
        $check = $this->checkSecurity($request);
        if ($check !== 'all-good') {
            return $check;
        }

        $outcome = $this->recordReceipt($request);

        $this->getResponse()->addHeader('Content-type', 'application/json');

        return '{"Success": ' . $outcome . '}';
    }

    protected function provideData(): string
    {
        $obj = HealthCheckProvider::create();
        $obj->EditorID = $this->editorID;
        $obj->SendNow = true;
        $id = $obj->write();
        sleep(2);
        HealthCheckProvider::get()->byID($id);
        return (string) $obj->Data;
    }

    protected function recordReceipt($request): bool
    {
        $success = false;
        $id = (int) $request->param('ID');
        $code = $request->param('OtherID');
        /** @var HealthCheckProvider|null $obj */
        $obj = HealthCheckProvider::get()->byID($id);
        if ($obj) {

$obj is of type Sunnysideup\HealthCheckProvider\Model\HealthCheckProvider, thus it always evaluated to true.

            if (! $code) {
                $code = 'no code provided';
            }
            $obj->ResponseCode = $code;

The property ResponseCode does not exist on Sunnysideup\HealthCheckProvider\Model\HealthCheckProvider. Since you implemented __set, consider adding a @property annotation.

            $obj->Sent = true;

The property Sent does not exist on Sunnysideup\HealthCheckProvider\Model\HealthCheckProvider. Since you implemented __set, consider adding a @property annotation.

            $obj->SendNow = false;

The property SendNow does not exist on Sunnysideup\HealthCheckProvider\Model\HealthCheckProvider. Since you implemented __set, consider adding a @property annotation.

            $obj->write();
            $success = $obj->getCodesMatch();
        }

        return $success;
    }

    protected function checkSecurity($request)
    {
        $headers = $request->getHeaders();
        $key = $headers['handshake'] ?? '';
        $ip = $request->getIp();
        $outcome = HealthCheckProviderSecurity::check($key, $ip);
        if ($outcome) {
            $this->editorID = HealthCheckProviderSecurity::get_editor_id($key, $ip);

            return 'all-good';
        }
        return $this->httpError(403, 'Sorry, we can not provide access.');
    }

    protected function canProvide(): bool
    {
        if (Environment::getEnv('SS_HEALTH_CHECK_PROVIDER_ALLOW_RETRIEVAL')) {
            return true;
        }
        die('Please set SS_HEALTH_CHECK_PROVIDER_ALLOW_RETRIEVAL to use this facility.');

In this branch, the function will implicitly return null which is incompatible with the type-hinted return boolean. Consider adding a return statement or allowing null as return value.

Using exit here is not recommended.

    }
}