DeleteReviewVoter::voteOnAttribute() - Code Metrics - tulik/symfony-4-rest-api - Measure and Improve Code Quality continuously with Scrutinizer

DeleteReviewVoter::voteOnAttribute() A
last analyzed 2018-11-29 13:26 UTC

↳ Parent: DeleteReviewVoter

Complexity

Conditions	5
Paths	7

Size

Total Lines	22
Code Lines	9

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	8
CRAP Score	5.2

Importance

Changes

Metric	Value
eloc	9
dl	0
loc	22
ccs	8
cts	10
cp	0.8
rs	9.6111
c	0
b	0
f	0
cc	5
nc	7
nop	3
crap	5.2

<?php

/*
 * (c) Lukasz D. Tulikowski <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace App\Security\Voter\Review;

use App\Entity\Review;
use App\Entity\User;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;

class DeleteReviewVoter extends Voter
{
    public const CAN_DELETE_REVIEW = 'CAN_DELETE_REVIEW';

    /**
     * {@inheritdoc}
     */
    protected function supports($attribute, $subject)
    {
        // you only want to vote if the attribute and subject are what you expect
        return self::CAN_DELETE_REVIEW === $attribute && ($subject instanceof Review || null === $subject);
    }

    /**
     * {@inheritdoc}
     */
    protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
    {
        // our previous business logic indicates that admins can do it regardless
        foreach ($token->getRoles() as $role) {
            if (\in_array($role->getRole(), ['ROLE_ADMIN'])) {
                return true;
            }
        }

        // allow controller handle not found subject
        if (null === $subject) {
            return true;
        }

        $user = $token->getUser();

        // allow user to delete account
        if ($user instanceof User) {
            return $subject->getAuthor()->getId() === $user->getId();
        }

        return false;
    }
}


1		<?php
2
3		/*
4		* (c) Lukasz D. Tulikowski <[email protected]>
5		*
6		* For the full copyright and license information, please view the LICENSE
7		* file that was distributed with this source code.
8		*/
9
10		declare(strict_types=1);
11
12		namespace App\Security\Voter\Review;
13
14		use App\Entity\Review;
15		use App\Entity\User;
16		use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
17		use Symfony\Component\Security\Core\Authorization\Voter\Voter;
18
19		class DeleteReviewVoter extends Voter
20		{
21		public const CAN_DELETE_REVIEW = 'CAN_DELETE_REVIEW';
22
23		/**
24		* {@inheritdoc}
25		*/
26	19	protected function supports($attribute, $subject)
27		{
28		// you only want to vote if the attribute and subject are what you expect
29	19	return self::CAN_DELETE_REVIEW === $attribute && ($subject instanceof Review \|\| null === $subject);
30		}
31
32		/**
33		* {@inheritdoc}
34		*/
35	3	protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
36		{
37		// our previous business logic indicates that admins can do it regardless
38	3	foreach ($token->getRoles() as $role) {
39	2	if (\in_array($role->getRole(), ['ROLE_ADMIN'])) {
40	2	return true;
41		}
42		}
43
44		// allow controller handle not found subject
45	1	if (null === $subject) {
46		return true;
47		}
48
49	1	$user = $token->getUser();
50
51		// allow user to delete account
52	1	if ($user instanceof User) {
53		return $subject->getAuthor()->getId() === $user->getId();
54		}
55
56	1	return false;
57		}
58		}
59

tulik / symfony-4-rest-api

DeleteReviewVoter::voteOnAttribute() A last analyzed 2018-11-29 13:26 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

DeleteReviewVoter::voteOnAttribute() A
last analyzed 2018-11-29 13:26 UTC