PermissionConditions - Code Metrics - Inspection of "upgrade scrutinizer to 8.3" - zemit-cms/core - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( 507036...762659 )

by Julien

created 2024-10-31 18:21 UTC

PermissionConditions A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	135
Duplicated Lines	0 %

Test Coverage

Coverage

Importance

Changes	3
Bugs	0	Features	1

Metric	Value
eloc	34
c	3
b	0
f	1
dl	0
loc	135
ccs	0
cts	36
cp	0
rs	10
wmc	10

6 Methods

Rating	Name	Size	Complexity
A	getSuperRoles()	3	1
A	setPermissionConditions()	3	1
A	getCreatedByColumns()	3	1
A	defaultPermissionCondition()	38	5
A	getPermissionConditions()	3	1
A	initializePermissionConditions()	5	1

<?php

/**
 * This file is part of the Zemit Framework.
 *
 * (c) Zemit Team <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE.txt
 * file that was distributed with this source code.
 */

namespace Zemit\Mvc\Controller\Traits\Query\Conditions;

use Phalcon\Db\Column;
use Phalcon\Support\Collection;
use Zemit\Mvc\Controller\Traits\Abstracts\AbstractInjectable;
use Zemit\Mvc\Controller\Traits\Abstracts\AbstractModel;
use Zemit\Mvc\Controller\Traits\Abstracts\AbstractQuery;

/**
 * This trait provides methods for managing permission conditions for the query.
 */
trait PermissionConditions
{
    use AbstractInjectable;
    use AbstractModel;
    use AbstractQuery;
    
    /**
     * Holds the permission conditions collection.
     *
     * This variable stores the permission conditions in an associative array format. Each key represents a permission,
     * and the corresponding value represents the conditions associated with that permission. The conditions can be
     * nested within sub-arrays to handle complex permission structures.
     *
     * @var Collection|null
     */
    protected ?Collection $permissionConditions;
    
    /**
     * Initializes the permission conditions for the object.
     *
     * Sets the permission conditions using a new instance of Collection class.
     * The default permission condition is set using the defaultPermissionCondition method.
     *
     * @return void
     */
    public function initializePermissionConditions(): void
    {
        $this->setPermissionConditions(new Collection([
            'default' => $this->defaultPermissionCondition(),
        ], false));
    }
    
    /**
     * Sets the permission conditions for the current user's identity and role.
     *
     * @param Collection|null $permissionConditions The permission conditions to be set. Pass null if no conditions are required.
     *                                               A Collection object that contains the permission conditions.
     *                                               Each permission condition is expected to be an array with the following elements:
     *                                               - The condition string formed by joining the columns with 'or' operators.
     *                                               - An array of bind values for the condition.
     *                                               - An array of bind types for the condition.
     *                                               Example: [
     *                                                   'column1 = :value1:',
     *                                                   ['value1' => 'some value'],
     *                                                   ['value1' => Column::BIND_PARAM_STR],
     *                                               ]
     * @return void
     */
    public function setPermissionConditions(?Collection $permissionConditions): void
    {
        $this->permissionConditions = $permissionConditions;
    }
    
    /**
     * Retrieves the collection of permission conditions.
     *
     * @return Collection|null Returns the collection of permission conditions, or null if it is not set.
     */
    public function getPermissionConditions(): ?Collection
    {
        return $this->permissionConditions;
    }
    
    /**
     * Builds the permission condition based on the current user's identity and role.
     *
     * @return array|string|null Returns an array with the following elements:
     *                         - If permission columns are empty, returns null.
     *                         - If no permission is found, returns ['false'].
     *                         - If the current user role is a super admin, returns ['true'].
     *                         - If permission conditions are found, returns an array with the following elements:
     *                           - The condition string formed by joining the columns with 'or' operators.
     *                           - An array of bind values for the condition.
     *                           - An array of bind types for the condition.
     */
    public function defaultPermissionCondition(): array|string|null
    {
        $columns = $this->getCreatedByColumns();
        $superRoleList = $this->getSuperRoles();
        
        if (empty($columns)) {
            return null;
        }
        
        // no identity found
        if (!isset($this->identity)) {
            return ['false'];
        }
        
        // check if current user role is a super admin
        if ($this->identity->hasRole($superRoleList)) {
            return ['true'];
        }
        
        $query = [];
        $bind = [];
        $bindTypes = [];
        $userId = (int)$this->identity->getUserId();
        
        foreach ($columns as $column) {
            $field = $this->appendModelName($column);
            $value = $this->generateBindKey('deleted');
            
            $bind[$field] = $userId;
            $bindTypes[$field] = Column::BIND_PARAM_INT;
            
            $query [] = "{$field} = :{$value}:";
        }
        
        return [
            implode(' or ', $query),
            $bind,
            $bindTypes,
        ];
    }
    
    /**
     * Retrieves the owner id columns of the current model.
     *
     * @return array Returns an array of strings representing the column names containing the "created by" information.
     */
    public function getCreatedByColumns(): array
    {
        return ['createdBy'];
    }
    
    /**
     * Retrieves the list of super admins roles.
     * These roles are authorized through the Permission Conditions
     *
     * @return array The list of super roles, which by default includes 'dev' and 'admin'.
     */
    public function getSuperRoles(): array
    {
        return ['dev', 'admin'];
    }
}


1			<?php
2
3			/**
4			* This file is part of the Zemit Framework.
5			*
6			* (c) Zemit Team <[email protected]>
7			*
8			* For the full copyright and license information, please view the LICENSE.txt
9			* file that was distributed with this source code.
10			*/
11
12			namespace Zemit\Mvc\Controller\Traits\Query\Conditions;
13
14			use Phalcon\Db\Column;
15			use Phalcon\Support\Collection;
16			use Zemit\Mvc\Controller\Traits\Abstracts\AbstractInjectable;
17			use Zemit\Mvc\Controller\Traits\Abstracts\AbstractModel;
18			use Zemit\Mvc\Controller\Traits\Abstracts\AbstractQuery;
19
20			/**
21			* This trait provides methods for managing permission conditions for the query.
22			*/
23			trait PermissionConditions
24			{
25			use AbstractInjectable;
26			use AbstractModel;
27			use AbstractQuery;
28
29			/**
30			* Holds the permission conditions collection.
31			*
32			* This variable stores the permission conditions in an associative array format. Each key represents a permission,
33			* and the corresponding value represents the conditions associated with that permission. The conditions can be
34			* nested within sub-arrays to handle complex permission structures.
35			*
36			* @var Collection\|null
37			*/
38			protected ?Collection $permissionConditions;
39
40			/**
41			* Initializes the permission conditions for the object.
42			*
43			* Sets the permission conditions using a new instance of Collection class.
44			* The default permission condition is set using the defaultPermissionCondition method.
45			*
46			* @return void
47			*/
48			public function initializePermissionConditions(): void
49			{
50			$this->setPermissionConditions(new Collection([
51			'default' => $this->defaultPermissionCondition(),
52			], false));
53			}
54
55			/**
56			* Sets the permission conditions for the current user's identity and role.
57			*
58			* @param Collection\|null $permissionConditions The permission conditions to be set. Pass null if no conditions are required.
59			* A Collection object that contains the permission conditions.
60			* Each permission condition is expected to be an array with the following elements:
61			* - The condition string formed by joining the columns with 'or' operators.
62			* - An array of bind values for the condition.
63			* - An array of bind types for the condition.
64			* Example: [
65			* 'column1 = :value1:',
66			* ['value1' => 'some value'],
67			* ['value1' => Column::BIND_PARAM_STR],
68			* ]
69			* @return void
70			*/
71			public function setPermissionConditions(?Collection $permissionConditions): void
72			{
73			$this->permissionConditions = $permissionConditions;
74			}
75
76			/**
77			* Retrieves the collection of permission conditions.
78			*
79			* @return Collection\|null Returns the collection of permission conditions, or null if it is not set.
80			*/
81			public function getPermissionConditions(): ?Collection
82			{
83			return $this->permissionConditions;
84			}
85
86			/**
87			* Builds the permission condition based on the current user's identity and role.
88			*
89			* @return array\|string\|null Returns an array with the following elements:
90			* - If permission columns are empty, returns null.
91			* - If no permission is found, returns ['false'].
92			* - If the current user role is a super admin, returns ['true'].
93			* - If permission conditions are found, returns an array with the following elements:
94			* - The condition string formed by joining the columns with 'or' operators.
95			* - An array of bind values for the condition.
96			* - An array of bind types for the condition.
97			*/
98			public function defaultPermissionCondition(): array\|string\|null
99			{
100			$columns = $this->getCreatedByColumns();
101			$superRoleList = $this->getSuperRoles();
102
103			if (empty($columns)) {
104			return null;
105			}
106
107			// no identity found
108			if (!isset($this->identity)) {
109			return ['false'];
110			}
111
112			// check if current user role is a super admin
113			if ($this->identity->hasRole($superRoleList)) {
114			return ['true'];
115			}
116
117			$query = [];
118			$bind = [];
119			$bindTypes = [];
120			$userId = (int)$this->identity->getUserId();
121
122			foreach ($columns as $column) {
123			$field = $this->appendModelName($column);
124			$value = $this->generateBindKey('deleted');
125
126			$bind[$field] = $userId;
127			$bindTypes[$field] = Column::BIND_PARAM_INT;
128
129			$query [] = "{$field} = :{$value}:";
130			}
131
132			return [
133			implode(' or ', $query),
134			$bind,
135			$bindTypes,
136			];
137			}
138
139			/**
140			* Retrieves the owner id columns of the current model.
141			*
142			* @return array Returns an array of strings representing the column names containing the "created by" information.
143			*/
144			public function getCreatedByColumns(): array
145			{
146			return ['createdBy'];
147			}
148
149			/**
150			* Retrieves the list of super admins roles.
151			* These roles are authorized through the Permission Conditions
152			*
153			* @return array The list of super roles, which by default includes 'dev' and 'admin'.
154			*/
155			public function getSuperRoles(): array
156			{
157			return ['dev', 'admin'];
158			}
159			}
160

zemit-cms / core

Push — master ( 507036...762659 )

PermissionConditions A

Complexity

Size/Duplication

Test Coverage

Importance

6 Methods

Duplication Side-by-Side

Filter issues like