UserController::update() - Code Metrics - Inspection of "[Security] Bump stringstream from 0.0.5 to 0.0.6" - thinktomorrow/chief - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — dependabot/npm_and_yarn/string... ( b56eb5...bc569b )

unknown

created 2019-06-13 07:11 UTC

UserController::update() B

↳ Parent: Project

Complexity

Conditions	7
Paths	4

Size

Total Lines	29
Code Lines	16

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	16
CRAP Score	7.0099

Importance

Changes

Metric	Value
cc	7
eloc	16
nc	4
nop	2
dl	0
loc	29
ccs	16
cts	17
cp	0.9412
crap	7.0099
rs	8.8333
c	0
b	0
f	0

<?php

namespace Thinktomorrow\Chief\App\Http\Controllers\Back\Users;

use Illuminate\Auth\Access\AuthorizationException;
use Thinktomorrow\Chief\Users\User;
use Illuminate\Http\Request;
use Thinktomorrow\Chief\Authorization\Role;
use Thinktomorrow\Chief\App\Http\Controllers\Controller;
use Thinktomorrow\Chief\Users\Invites\Application\InviteUser;

class UserController extends Controller
{
    public function index()
    {
        $this->authorize('view-user');

        $users = User::all();
        return view('chief::back.users.index')->with('users', $users);
    }

    /**
     * Show the invite form
     *
     * @return \Illuminate\Http\Response
     */
    public function create()
    {
        $this->authorize('create-user');

        return view('chief::back.users.create', [
            'user'      => new User(),
            'roleNames' => Role::rolesForSelect(chiefAdmin()->hasRole('developer')),
        ]);
    }

    public function store(Request $request)
    {
        $this->authorize('create-user');

        // Sanitize an empty array that is passed as [null]
        $requestRoles = $request->get('roles');
        if (is_array($requestRoles) && count($requestRoles) == 1 && reset($requestRoles) === null) {
            $request = $request->merge(['roles' => []]);
        }

        $this->validate($request, [
            'firstname' => 'required',
            'lastname' => 'required',
            'email' =>  'required|email|unique:'.(new User())->getTable(),
            'roles' => 'required|array',
        ]);

        $user = User::create(
            $request->only(['firstname', 'lastname', 'email'])
        );

        $user->assignRole($request->get('roles', []));

        app(InviteUser::class)->handle($user, auth()->guard('chief')->user());

        return redirect()->route('chief.back.users.index')
            ->with('messages.success', 'De nieuwe gebruiker is uitgenodigd en zal zodra een bevestiging ontvangen via mail.');
    }

    public function edit($id)
    {
        $this->authorize('update-user');

        return view('chief::back.users.edit', [
            'user'      => User::findOrFail($id),
            'roleNames' => Role::rolesForSelect(chiefAdmin()->hasRole('developer'))
        ]);
    }

    public function update(Request $request, $id)
    {
        $this->authorize('update-user');

        // Sanitize an empty array that is passed as [null]
        $requestRoles = $request->get('roles');
        if (is_array($requestRoles) && count($requestRoles) == 1 && reset($requestRoles) === null) {
            $request = $request->merge(['roles' => []]);
        }

        $this->validate($request, [
            'firstname' => 'required',
            'lastname' => 'required',
            'email' =>  'required|email|unique:'.(new User())->getTable().',email,'.$id,
            'roles' => 'required|array',
        ]);

        $user = User::findOrFail($id);

        // Only another developer can change another developer.
        if (!chiefAdmin()->hasRole('developer') && ($user->hasRole('developer') || in_array('developer', $request->get('roles', [])))) {
            throw new AuthorizationException('Constraint: Only an user with role developer can update an user with developer role.');
        }

        $user->update($request->only(['firstname', 'lastname', 'email']));
        $user->syncRoles($request->get('roles', []));

        return redirect()->route('chief.back.users.index')
            ->with('messages.success', 'Gegevens van de gebruiker zijn aangepast.');
    }
}


1			<?php
2
3			namespace Thinktomorrow\Chief\App\Http\Controllers\Back\Users;
4
5			use Illuminate\Auth\Access\AuthorizationException;
6			use Thinktomorrow\Chief\Users\User;
7			use Illuminate\Http\Request;
8			use Thinktomorrow\Chief\Authorization\Role;
9			use Thinktomorrow\Chief\App\Http\Controllers\Controller;
10			use Thinktomorrow\Chief\Users\Invites\Application\InviteUser;
11
12			class UserController extends Controller
13			{
14			public function index()
15			{
16			$this->authorize('view-user');
17
18			$users = User::all();
19			return view('chief::back.users.index')->with('users', $users);
20			}
21
22			/**
23			* Show the invite form
24			*
25			* @return \Illuminate\Http\Response
26			*/
27			public function create()
28			{
29			$this->authorize('create-user');
30
31			return view('chief::back.users.create', [
32			'user' => new User(),
33			'roleNames' => Role::rolesForSelect(chiefAdmin()->hasRole('developer')),
34			]);
35			}
36
37			public function store(Request $request)
38			{
39			$this->authorize('create-user');
40
41			// Sanitize an empty array that is passed as [null]
42			$requestRoles = $request->get('roles');
43			if (is_array($requestRoles) && count($requestRoles) == 1 && reset($requestRoles) === null) {
44			$request = $request->merge(['roles' => []]);
45			}
46
47			$this->validate($request, [
48			'firstname' => 'required',
49			'lastname' => 'required',
50			'email' => 'required\|email\|unique:'.(new User())->getTable(),
51			'roles' => 'required\|array',
52			]);
53
54			$user = User::create(
55			$request->only(['firstname', 'lastname', 'email'])
56			);
57
58			$user->assignRole($request->get('roles', []));
59
60			app(InviteUser::class)->handle($user, auth()->guard('chief')->user());
61
62			return redirect()->route('chief.back.users.index')
63			->with('messages.success', 'De nieuwe gebruiker is uitgenodigd en zal zodra een bevestiging ontvangen via mail.');
64			}
65
66			public function edit($id)
67			{
68			$this->authorize('update-user');
69
70			return view('chief::back.users.edit', [
71			'user' => User::findOrFail($id),
72			'roleNames' => Role::rolesForSelect(chiefAdmin()->hasRole('developer'))
73			]);
74			}
75
76			public function update(Request $request, $id)
77			{
78			$this->authorize('update-user');
79
80			// Sanitize an empty array that is passed as [null]
81			$requestRoles = $request->get('roles');
82			if (is_array($requestRoles) && count($requestRoles) == 1 && reset($requestRoles) === null) {
83			$request = $request->merge(['roles' => []]);
84			}
85
86			$this->validate($request, [
87			'firstname' => 'required',
88			'lastname' => 'required',
89			'email' => 'required\|email\|unique:'.(new User())->getTable().',email,'.$id,
90			'roles' => 'required\|array',
91			]);
92
93			$user = User::findOrFail($id);
94
95			// Only another developer can change another developer.
96			if (!chiefAdmin()->hasRole('developer') && ($user->hasRole('developer') \|\| in_array('developer', $request->get('roles', [])))) {
97			throw new AuthorizationException('Constraint: Only an user with role developer can update an user with developer role.');
98			}
99
100			$user->update($request->only(['firstname', 'lastname', 'email']));
101			$user->syncRoles($request->get('roles', []));
102
103			return redirect()->route('chief.back.users.index')
104			->with('messages.success', 'Gegevens van de gebruiker zijn aangepast.');
105			}
106			}
107

thinktomorrow / chief

Push — dependabot/npm_and_yarn/string... ( b56eb5...bc569b )

UserController::update() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like