AuthenticateSuperadmin::handle() - Code Metrics - Inspection of "[Security] Bump stringstream from 0.0.5 to 0.0.6" - thinktomorrow/chief - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — dependabot/npm_and_yarn/string... ( b56eb5...bc569b )

unknown

created 2019-06-13 07:11 UTC

AuthenticateSuperadmin::handle() A

↳ Parent: Project

Complexity

Conditions	4
Paths	3

Size

Total Lines	13
Code Lines	6

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	20

Importance

Changes

Metric	Value
cc	4
eloc	6
nc	3
nop	2
dl	0
loc	13
ccs	0
cts	6
cp	0
crap	20
rs	10
c	0
b	0
f	0

<?php

namespace Thinktomorrow\Chief\App\Http\Middleware;

use Closure;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;

class AuthenticateSuperadmin
{
    use AuthorizesRequests;
    /**
     * The Guard implementation.
     *
     * @var Guard
     */
    protected $auth;

    /**
     * Create a new middleware instance.
     *
     * @param  Guard  $auth
     * @return void
     */
    public function __construct(Guard $auth)
    {
        $this->auth = $auth;
    }

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        // Low level way to only allow TT users
        // this is not a safe way to handle security and is only used for convenience, not to secure page restriction!!
        if (!$this->auth->user() || !$this->authorize('update-squanto')) {
            if ($request->ajax()) {
                return response('Unauthorized.', 401);
            } else {
                return redirect()->guest('admin/login');
            }
        }

        return $next($request);
    }
}


1			<?php
2
3			namespace Thinktomorrow\Chief\App\Http\Middleware;
4
5			use Closure;
6			use Illuminate\Contracts\Auth\Guard;
7			use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
8
9			class AuthenticateSuperadmin
10			{
11			use AuthorizesRequests;
12			/**
13			* The Guard implementation.
14			*
15			* @var Guard
16			*/
17			protected $auth;
18
19			/**
20			* Create a new middleware instance.
21			*
22			* @param Guard $auth
23			* @return void
24			*/
25			public function __construct(Guard $auth)
26			{
27			$this->auth = $auth;
28			}
29
30			/**
31			* Handle an incoming request.
32			*
33			* @param \Illuminate\Http\Request $request
34			* @param \Closure $next
35			* @return mixed
36			*/
37			public function handle($request, Closure $next)
38			{
39			// Low level way to only allow TT users
40			// this is not a safe way to handle security and is only used for convenience, not to secure page restriction!!
41			if (!$this->auth->user() \|\| !$this->authorize('update-squanto')) {
42			if ($request->ajax()) {
43			return response('Unauthorized.', 401);
44			} else {
45			return redirect()->guest('admin/login');
46			}
47			}
48
49			return $next($request);
50			}
51			}
52

thinktomorrow / chief

Push — dependabot/npm_and_yarn/string... ( b56eb5...bc569b )

AuthenticateSuperadmin::handle() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like