ApiChangeAuthenticationData - Code Metrics - wikimedia/mediawiki - Measure and Improve Code Quality continuously with Scrutinizer

ApiChangeAuthenticationData A
last analyzed 2016-11-13 17:42 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	69
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	8

Importance

Changes

Metric	Value
dl	0
loc	69
rs	10
c	0
b	0
f	0
wmc	11
lcom	1
cbo	8

8 Methods

Rating	Name	Size	Complexity
A	__construct()	3	1
A	isWriteMode()	3	1
A	needsToken()	3	1
A	getAllowedParams()	5	1
A	dynamicParameterDocumentation()	3	1
A	getExamplesMessages()	8	1
A	getHelpUrls()	3	1
B	execute()	31	4

<?php
/**
 * Copyright © 2016 Brad Jorsch <[email protected]>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 */

use MediaWiki\Auth\AuthManager;

/**
 * Change authentication data with AuthManager
 *
 * @ingroup API
 */
class ApiChangeAuthenticationData extends ApiBase {

	public function __construct( ApiMain $main, $action ) {
		parent::__construct( $main, $action, 'changeauth' );
	}

	public function execute() {
		if ( !$this->getUser()->isLoggedIn() ) {
			$this->dieUsage( 'Must be logged in to change authentication data', 'notloggedin' );
		}

		$helper = new ApiAuthManagerHelper( $this );
		$manager = AuthManager::singleton();

		// Check security-sensitive operation status
		$helper->securitySensitiveOperation( 'ChangeCredentials' );

		// Fetch the request
		$reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests(
			$helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),
			$this->getConfig()->get( 'ChangeCredentialsBlacklist' )
		);
		if ( count( $reqs ) !== 1 ) {
			$this->dieUsage( 'Failed to create change request', 'badrequest' );
		}
		$req = reset( $reqs );

		// Make the change
		$status = $manager->allowsAuthenticationDataChange( $req, true );
<?php

function getDate($date)
{
    if ($date !== null) {
        return new DateTime($date);
    }

    return false;
}
		Hooks::run( 'ChangeAuthenticationDataAudit', [ $req, $status ] );
		if ( !$status->isGood() ) {
			$this->dieStatus( $status );
		}
		$manager->changeAuthenticationData( $req );
<?php

function getDate($date)
{
    if ($date !== null) {
        return new DateTime($date);
    }

    return false;
}

		$this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );
	}

	public function isWriteMode() {
		return true;
	}

	public function needsToken() {
		return 'csrf';
	}

	public function getAllowedParams() {
		return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,
			'request'
		);
	}

	public function dynamicParameterDocumentation() {
		return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];
	}

	protected function getExamplesMessages() {
		return [
			'action=changeauthenticationdata' .
				'&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .
				'&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'
				=> 'apihelp-changeauthenticationdata-example-password',
		];
	}

	public function getHelpUrls() {
		return 'https://www.mediawiki.org/wiki/API:Manage_authentication_data';
	}
}


1			<?php
2			/**
3			* Copyright © 2016 Brad Jorsch <[email protected]>
4			*
5			* This program is free software; you can redistribute it and/or modify
6			* it under the terms of the GNU General Public License as published by
7			* the Free Software Foundation; either version 2 of the License, or
8			* (at your option) any later version.
9			*
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU General Public License for more details.
14			*
15			* You should have received a copy of the GNU General Public License along
16			* with this program; if not, write to the Free Software Foundation, Inc.,
17			* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18			* http://www.gnu.org/copyleft/gpl.html
19			*
20			* @file
21			*/
22
23			use MediaWiki\Auth\AuthManager;
24
25			/**
26			* Change authentication data with AuthManager
27			*
28			* @ingroup API
29			*/
30			class ApiChangeAuthenticationData extends ApiBase {
31
32			public function __construct( ApiMain $main, $action ) {
33			parent::__construct( $main, $action, 'changeauth' );
34			}
35
36			public function execute() {
37			if ( !$this->getUser()->isLoggedIn() ) {
38			$this->dieUsage( 'Must be logged in to change authentication data', 'notloggedin' );
39			}
40
41			$helper = new ApiAuthManagerHelper( $this );
42			$manager = AuthManager::singleton();
43
44			// Check security-sensitive operation status
45			$helper->securitySensitiveOperation( 'ChangeCredentials' );
46
47			// Fetch the request
48			$reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests(
49			$helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),
50			$this->getConfig()->get( 'ChangeCredentialsBlacklist' )
51			);
52			if ( count( $reqs ) !== 1 ) {
53			$this->dieUsage( 'Failed to create change request', 'badrequest' );
54			}
55			$req = reset( $reqs );
56
57			// Make the change
58			$status = $manager->allowsAuthenticationDataChange( $req, true );
			0 ignored issues – show Security Bug introduced 2016-05-17 17:54 UTC by Report Bug Copy Issue Report It seems like `$req` defined by `reset($reqs)` on line `55` can also be of type `false`; however, `MediaWiki\Auth\AuthManag...henticationDataChange()` does only seem to accept `object<MediaWiki\Auth\AuthenticationRequest>`, did you maybe forget to handle an error condition? This check looks for type mismatches where the missing type is `false`. This is usually indicative of an error condtion. Consider the follow example <?php function getDate($date) { if ($date !== null) { return new DateTime($date); } return false; } This function either returns a new `DateTime` object or false, if there was an error. This is a typical pattern in PHP programming to show that an error has occurred without raising an exception. The calling code should check for this returned `false` before passing on the value to another function or method that may not be able to handle a `false`. Loading history...
59			Hooks::run( 'ChangeAuthenticationDataAudit', [ $req, $status ] );
60			if ( !$status->isGood() ) {
61			$this->dieStatus( $status );
62			}
63			$manager->changeAuthenticationData( $req );
			0 ignored issues – show Security Bug introduced 2016-05-17 17:54 UTC by Report Bug Copy Issue Report It seems like `$req` defined by `reset($reqs)` on line `55` can also be of type `false`; however, `MediaWiki\Auth\AuthManag...ngeAuthenticationData()` does only seem to accept `object<MediaWiki\Auth\AuthenticationRequest>`, did you maybe forget to handle an error condition? This check looks for type mismatches where the missing type is `false`. This is usually indicative of an error condtion. Consider the follow example <?php function getDate($date) { if ($date !== null) { return new DateTime($date); } return false; } This function either returns a new `DateTime` object or false, if there was an error. This is a typical pattern in PHP programming to show that an error has occurred without raising an exception. The calling code should check for this returned `false` before passing on the value to another function or method that may not be able to handle a `false`. Loading history...
64
65			$this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );
66			}
67
68			public function isWriteMode() {
69			return true;
70			}
71
72			public function needsToken() {
73			return 'csrf';
74			}
75
76			public function getAllowedParams() {
77			return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,
78			'request'
79			);
80			}
81
82			public function dynamicParameterDocumentation() {
83			return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];
84			}
85
86			protected function getExamplesMessages() {
87			return [
88			'action=changeauthenticationdata' .
89			'&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .
90			'&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'
91			=> 'apihelp-changeauthenticationdata-example-password',
92			];
93			}
94
95			public function getHelpUrls() {
96			return 'https://www.mediawiki.org/wiki/API:Manage_authentication_data';
97			}
98			}
99

wikimedia / mediawiki

ApiChangeAuthenticationData A last analyzed 2016-11-13 17:42 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Importance

8 Methods

Duplication Side-by-Side

Filter issues like

ApiChangeAuthenticationData A
last analyzed 2016-11-13 17:42 UTC