Issues in Tenant.php (master) - Issues in master - vivait/AuthBundle - Measure and Improve Code Quality continuously with Scrutinizer

Issues (65)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Entity/Tenant.php (1 issue)

Labels

Documentation 1

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Vivait\AuthBundle\Entity;

use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Validator\Constraints as Assert;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Gedmo\Mapping\Annotation as Gedmo;
use JMS\Serializer\Annotation as Serializer;

/**
 * Tenant
 * @ORM\Table()
 * @ORM\Entity(repositoryClass="Vivait\AuthBundle\Entity\TenantRepository")
 * @Gedmo\SoftDeleteable(fieldName="deletedAt", timeAware=false)
 * @UniqueEntity("code")
 */
class Tenant {
	/**
	 * @var integer
	 * @ORM\Column(name="id", type="guid")
	 * @ORM\Id
	 * @ORM\GeneratedValue(strategy="UUID")
     * @Serializer\Groups({"basic"})
	 */
	private $id;

	/**
	 * @var string
	 * @ORM\Column(name="tenant", type="string", length=255)
	 * @Assert\Type(type="string")
	 * @Assert\NotBlank()
	 * @Assert\Length(min = "3", max="255");
     * @Serializer\Groups({"basic"})
	 */
	private $tenant;

	/**
	 * @var integer
	 * @ORM\Column(name="priority", type="integer")
	 * @Assert\Type(type="integer")
	 */
	private $priority;

	/**
	 * @var string
	 * @ORM\Column(name="code", type="string", length=64, unique=true)
	 * @Assert\Type(type="string")
	 * @Assert\NotBlank()
		 * @Assert\Length(min = "3", max="64");
     * @Serializer\Groups({"basic"})
	 */
	private $code;

	/**
	 * @ORM\Column(name="active", type="boolean")
	 */
	private $active;

	/**
	 * @ORM\Column(name="licenseduntil", type="datetime")
	 */
	private $licenseduntil;

		/**
		 * @ORM\ManyToMany(targetEntity="Vivait\AuthBundle\Entity\User", mappedBy="tenants")
		 */
		private $users;

	/**
	 * @ORM\Column(name="deletedAt", type="datetime", nullable=true)
	 */
	private $deletedAt;
		/**
		 * @var Group[]|ArrayCollection
		 * @ORM\ManyToMany(targetEntity="Vivait\AuthBundle\Entity\Group", inversedBy="tenants")
		 */
		private $groups;

	/**
	 * Get id
	 * @return integer
	 */
	public function getId() {
		return $this->id;
	}

	/**
	 * Set tenant
	 *
	 * @param string $tenant
	 *
	 * @return Tenant
	 */
	public function setTenant( $tenant ) {
		$this->tenant = $tenant;

		return $this;
	}

	/**
	 * Get tenant
	 * @return string
	 */
	public function getTenant() {
		return $this->tenant;
	}

	/**
	 * Set code
	 *
	 * @param string $code
	 *
	 * @return Tenant
	 */
	public function setCode( $code ) {
		$this->code = strtoupper( $code );

		return $this;
	}

	/**
	 * Get code
	 * @return string
	 */
	public function getCode() {
		return $this->code;
	}

	/**
	 * Constructor
	 */
	public function __construct( $code = null, $tenant = null, $licensed_until = null ) {
		$this->users          = new ArrayCollection();
			$this->groups    = new ArrayCollection();
		$this->priority       = 100;
		$this->active         = 1;
		$this->code           = $code;
		$this->tenant         = $tenant;
		$this->licenseduntil  = $licensed_until ?: new \DateTime('+1 month');
	}

	/**
	 * Add users
	 *
	 * @param User $users
	 *
	 * @return Tenant
	 */
	public function addUser( User $users ) {
		$this->users[] = $users;
		$users->addTenant( $this );

		return $this;
	}

	/**
	 * Remove users
	 *
	 * @param User $users
	 */
	public function removeUser( User $users ) {
		$this->users->removeElement( $users );
		$users->removeTenant( $this );
	}

	/**
	 * Get users
	 * @return ArrayCollection|User[]
	 */
	public function getUsers() {
		return $this->users;
	}

	public function getDeletedAt() {
		return $this->deletedAt;
	}

	public function setDeletedAt( $deletedAt ) {
		$this->deletedAt = $deletedAt;
	}

	/**
	 * Set priority
	 *
	 * @param integer $priority
	 *
	 * @return Tenant
	 */
	public function setPriority( $priority ) {
		$this->priority = $priority;

		return $this;
	}

	/**
	 * Get priority
	 *
	 * @return integer
	 */
	public function getPriority() {
		return $this->priority;
	}

	/**
	 * Set active
	 *
	 * @param boolean $active
	 *
	 * @return Tenant
	 */
	public function setActive( $active ) {
		$this->active = $active;

		return $this;
	}

	/**
	 * Get active
	 *
	 * @return boolean

	 */
	public function getActive() {
		return $this->active;
	}

	/**
	 * Set licenseduntil
	 *
	 * @param \DateTime $licenseduntil
	 *
	 * @return Tenant
	 */
	public function setLicenseduntil( $licenseduntil ) {
		$this->licenseduntil = $licenseduntil;

		return $this;
	}

	/**
	 * Get licenseduntil
	 *
	 * @return \DateTime
	 */
	public function getLicenseduntil() {
		return $this->licenseduntil;
	}

		/**
		 * Add groups
		 * @param Group $groups
		 * @return User
		 */
		public function addGroup(Group $groups) {
			$this->groups[] = $groups;

			return $this;
		}

		/**
		 * Remove groups
		 * @param Group $groups
		 */
		public function removeGroup(Group $groups) {
			$this->groups->removeElement($groups);
		}

		/**
		 * Get groups
		 * @return Group[]|ArrayCollection
		 */
		public function getGroups() {
			return $this->groups;
		}

		/**
		 * (PHP 5 &gt;= 5.4.0)<br/>
		 * Specify data which should be serialized to JSON
		 * @link http://php.net/manual/en/jsonserializable.jsonserialize.php
		 * @return mixed data which can be serialized by <b>json_encode</b>,
		 * which is a value of any type other than a resource.
		 */
		public function jsonSerialize() {
			return [
				'id'       => $this->id,
				'code'     => $this->code,
				'tenant'   => $this->tenant
			];
		}


      public function __toString()
      {
          return $this->getTenant();
      }
}


1			<?php
2
3			namespace Vivait\AuthBundle\Entity;
4
5			use Doctrine\Common\Collections\ArrayCollection;
6			use Doctrine\ORM\Mapping as ORM;
7			use Symfony\Component\Validator\Constraints as Assert;
8			use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
9			use Gedmo\Mapping\Annotation as Gedmo;
10			use JMS\Serializer\Annotation as Serializer;
11
12			/**
13			* Tenant
14			* @ORM\Table()
15			* @ORM\Entity(repositoryClass="Vivait\AuthBundle\Entity\TenantRepository")
16			* @Gedmo\SoftDeleteable(fieldName="deletedAt", timeAware=false)
17			* @UniqueEntity("code")
18			*/
19			class Tenant {
20			/**
21			* @var integer
22			* @ORM\Column(name="id", type="guid")
23			* @ORM\Id
24			* @ORM\GeneratedValue(strategy="UUID")
25			* @Serializer\Groups({"basic"})
26			*/
27			private $id;
28
29			/**
30			* @var string
31			* @ORM\Column(name="tenant", type="string", length=255)
32			* @Assert\Type(type="string")
33			* @Assert\NotBlank()
34			* @Assert\Length(min = "3", max="255");
35			* @Serializer\Groups({"basic"})
36			*/
37			private $tenant;
38
39			/**
40			* @var integer
41			* @ORM\Column(name="priority", type="integer")
42			* @Assert\Type(type="integer")
43			*/
44			private $priority;
45
46			/**
47			* @var string
48			* @ORM\Column(name="code", type="string", length=64, unique=true)
49			* @Assert\Type(type="string")
50			* @Assert\NotBlank()
51			* @Assert\Length(min = "3", max="64");
52			* @Serializer\Groups({"basic"})
53			*/
54			private $code;
55
56			/**
57			* @ORM\Column(name="active", type="boolean")
58			*/
59			private $active;
60
61			/**
62			* @ORM\Column(name="licenseduntil", type="datetime")
63			*/
64			private $licenseduntil;
65
66			/**
67			* @ORM\ManyToMany(targetEntity="Vivait\AuthBundle\Entity\User", mappedBy="tenants")
68			*/
69			private $users;
70
71			/**
72			* @ORM\Column(name="deletedAt", type="datetime", nullable=true)
73			*/
74			private $deletedAt;
75			/**
76			* @var Group[]\|ArrayCollection
77			* @ORM\ManyToMany(targetEntity="Vivait\AuthBundle\Entity\Group", inversedBy="tenants")
78			*/
79			private $groups;
80
81			/**
82			* Get id
83			* @return integer
84			*/
85			public function getId() {
86			return $this->id;
87			}
88
89			/**
90			* Set tenant
91			*
92			* @param string $tenant
93			*
94			* @return Tenant
95			*/
96			public function setTenant( $tenant ) {
97			$this->tenant = $tenant;
98
99			return $this;
100			}
101
102			/**
103			* Get tenant
104			* @return string
105			*/
106			public function getTenant() {
107			return $this->tenant;
108			}
109
110			/**
111			* Set code
112			*
113			* @param string $code
114			*
115			* @return Tenant
116			*/
117			public function setCode( $code ) {
118			$this->code = strtoupper( $code );
119
120			return $this;
121			}
122
123			/**
124			* Get code
125			* @return string
126			*/
127			public function getCode() {
128			return $this->code;
129			}
130
131			/**
132			* Constructor
133			*/
134			public function __construct( $code = null, $tenant = null, $licensed_until = null ) {
135			$this->users = new ArrayCollection();
136			$this->groups = new ArrayCollection();
137			$this->priority = 100;
138			$this->active = 1;
139			$this->code = $code;
140			$this->tenant = $tenant;
141			$this->licenseduntil = $licensed_until ?: new \DateTime('+1 month');
142			}
143
144			/**
145			* Add users
146			*
147			* @param User $users
148			*
149			* @return Tenant
150			*/
151			public function addUser( User $users ) {
152			$this->users[] = $users;
153			$users->addTenant( $this );
154
155			return $this;
156			}
157
158			/**
159			* Remove users
160			*
161			* @param User $users
162			*/
163			public function removeUser( User $users ) {
164			$this->users->removeElement( $users );
165			$users->removeTenant( $this );
166			}
167
168			/**
169			* Get users
170			* @return ArrayCollection\|User[]
171			*/
172			public function getUsers() {
173			return $this->users;
174			}
175
176			public function getDeletedAt() {
177			return $this->deletedAt;
178			}
179
180			public function setDeletedAt( $deletedAt ) {
181			$this->deletedAt = $deletedAt;
182			}
183
184			/**
185			* Set priority
186			*
187			* @param integer $priority
188			*
189			* @return Tenant
190			*/
191			public function setPriority( $priority ) {
192			$this->priority = $priority;
193
194			return $this;
195			}
196
197			/**
198			* Get priority
199			*
200			* @return integer
201			*/
202			public function getPriority() {
203			return $this->priority;
204			}
205
206			/**
207			* Set active
208			*
209			* @param boolean $active
210			*
211			* @return Tenant
212			*/
213			public function setActive( $active ) {
214			$this->active = $active;
215
216			return $this;
217			}
218
219			/**
220			* Get active
221			*
222			* @return boolean
			0 ignored issues – show Documentation introduced 2016-05-05 09:56 UTC by Report Bug Copy Issue Report Show Similar Issues like this Should the return type not be `integer\|boolean`? This check compares the return type specified in the `@return` annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch. Loading history...
223			*/
224			public function getActive() {
225			return $this->active;
226			}
227
228			/**
229			* Set licenseduntil
230			*
231			* @param \DateTime $licenseduntil
232			*
233			* @return Tenant
234			*/
235			public function setLicenseduntil( $licenseduntil ) {
236			$this->licenseduntil = $licenseduntil;
237
238			return $this;
239			}
240
241			/**
242			* Get licenseduntil
243			*
244			* @return \DateTime
245			*/
246			public function getLicenseduntil() {
247			return $this->licenseduntil;
248			}
249
250			/**
251			* Add groups
252			* @param Group $groups
253			* @return User
254			*/
255			public function addGroup(Group $groups) {
256			$this->groups[] = $groups;
257
258			return $this;
259			}
260
261			/**
262			* Remove groups
263			* @param Group $groups
264			*/
265			public function removeGroup(Group $groups) {
266			$this->groups->removeElement($groups);
267			}
268
269			/**
270			* Get groups
271			* @return Group[]\|ArrayCollection
272			*/
273			public function getGroups() {
274			return $this->groups;
275			}
276
277			/**
278			* (PHP 5 >= 5.4.0)<br/>
279			* Specify data which should be serialized to JSON
280			* @link http://php.net/manual/en/jsonserializable.jsonserialize.php
281			* @return mixed data which can be serialized by <b>json_encode</b>,
282			* which is a value of any type other than a resource.
283			*/
284			public function jsonSerialize() {
285			return [
286			'id' => $this->id,
287			'code' => $this->code,
288			'tenant' => $this->tenant
289			];
290			}
291
292
293			public function __toString()
294			{
295			return $this->getTenant();
296			}
297			}
298

vivait / AuthBundle

Issues (65)

Security Analysis not enabled

Entity/Tenant.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like