Controller - Code Metrics - Inspection of "Controller" - zortje/mvc - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#2)

by René

created 2016-07-09 15:14 UTC

Controller B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	394
Duplicated Lines	1.78 %

Coupling/Cohesion

Components	1
Dependencies	8

Importance

Changes	13
Bugs	0	Features	0

Metric	Value
wmc	36
c	13
b	0
f	0
lcom	1
cbo	8
dl	7
loc	394
rs	8.8

13 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	7	7	1
A	getShortName()	0	4	1
A	setArguments()	0	4	1
B	setAction()	0	25	6
C	callAction()	0	67	9
A	beforeAction()	0	4	1
A	afterAction()	0	3	1
A	set()	0	4	1
A	setFlash()	0	7	1
A	redirect()	0	9	1
A	getLayoutTemplate()	0	10	2
A	getViewTemplate()	0	10	2
B	setResponseCode()	0	54	9

How to fix Duplicated Code

<?php
declare(strict_types = 1);

namespace Zortje\MVC\Controller;

use Zortje\MVC\Configuration\Configuration;
use Zortje\MVC\Controller\Exception\ControllerActionNonexistentException;
use Zortje\MVC\Controller\Exception\ControllerActionPrivateInsufficientAuthenticationException;
use Zortje\MVC\Controller\Exception\ControllerActionProtectedInsufficientAuthenticationException;
use Zortje\MVC\Model\Table\Entity\Entity;
use Zortje\MVC\Network\Request;
use Zortje\MVC\Network\Response;
use Zortje\MVC\View\Render\HtmlRender;

/**
 * Class Controller
 *
 * @package Zortje\MVC\Controller
 */
class Controller
{

    /**
     * Controller action is publicly accessible
     */
    const ACTION_PUBLIC = 0;

    /**
     * Controller action requires authentication
     * Will redirect to sign in page if not authenticated
     */
    const ACTION_PROTECTED = 1;

    /**
     * Controller action requires authentication
     * Will result in an 404 if not authenticated
     */
    const ACTION_PRIVATE = 2;

    /**
     * @var array Controller action access rules
     */
    protected $access = [];

    /**
     * @var \PDO PDO
     */
    protected $pdo;

    /**
     * @var Configuration
     */
    protected $configuration;

    /**
     * @var Request
     */
    protected $request;

    /**
     * @var Entity|null User
     */
    protected $user;

    /**
     * @var array URL Arguments
     */
    protected $arguments;

    /**
     * @var string Controller action
     */
    protected $action;

    /**
     * @var array View variables
     */
    protected $variables = [];

    /**
     * @var bool Should render view for controller action
     */
    protected $render = true;

    /**
     * @var string File path for layout template file
     */
    protected $layout;

    /**
     * @var string File path for view template file
     */
    protected $view;

    /**
     * @var string Content type
     */
    protected $contentType = 'html';

    /**
     * @var array Headers for output
     */
    protected $headers = [];

    /**
     * Controller constructor.
     *
     * @param \PDO          $pdo
     * @param Configuration $configuration
     * @param Request       $request
     * @param Entity|null   $user
     */
    public function __construct(\PDO $pdo, Configuration $configuration, Request $request, Entity $user = null)

    {
        $this->pdo           = $pdo;
        $this->configuration = $configuration;
        $this->request       = $request;
        $this->user          = $user;
    }

    /**
     * Get short controller name
     *
     * @return string Controller name without namespace
     */
    public function getShortName(): string
    {
        return str_replace('Controller', null, (new \ReflectionClass($this))->getShortName());
    }

    /**
     * Set URL arguments
     *
     * @param array $arguments
     */
    public function setArguments(array $arguments)
    {
        $this->arguments = $arguments;
    }

    /**
     * Set controller action
     *
     * @param string $action Controller action
     *
     * @throws ControllerActionNonexistentException
     * @throws ControllerActionPrivateInsufficientAuthenticationException
     * @throws ControllerActionProtectedInsufficientAuthenticationException
     */
    public function setAction(string $action)
    {
        /**
         * Check if method exists and that access has been defined
         */
        if (!method_exists($this, $action) || !isset($this->access[$action])) {
            throw new ControllerActionNonexistentException([get_class($this), $action]);
        }

        /**
         * Check controller action access level if user is not authenticated
         */
        if (!$this->user) {
            if ($this->access[$action] === self::ACTION_PRIVATE) {
                throw new ControllerActionPrivateInsufficientAuthenticationException([get_class($this), $action]);
            } elseif ($this->access[$action] === self::ACTION_PROTECTED) {
                throw new ControllerActionProtectedInsufficientAuthenticationException([get_class($this), $action]);
            }
        }

        /**
         * Set controller action
         */
        $this->action = $action;
    }

    /**
     * Call action
     *
     * @return Response
     *
     * @throws \LogicException If controller action is not set
     */
    public function callAction(): Response
    {
        if (!isset($this->action)) {
            throw new \LogicException('Controller action must be set before being called');
        }

        /**
         * Before controller action hook
         */
        if ($this->beforeAction()) {
            /**
             * Call controller action
             */
            $action = $this->action;

            $this->$action();
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}

            /**
             * After controller action hook
             */
            $this->afterAction();
        }

        /**
         * Render view
         */
        if ($this->render && $this->contentType === 'html') {
            if ($this->request->getCookie()->exists('Flash.Message') && $this->request->getCookie()->exists('Flash.Type')) {
                $this->set('_flash', [
                    'message' => $this->request->getCookie()->get('Flash.Message'),
                    'type'    => $this->request->getCookie()->get('Flash.Type')
                ]);

                $this->request->getCookie()->remove('Flash.Message');
                $this->request->getCookie()->remove('Flash.Type');
            }

            /**
             * Set content type header
             */
            $this->headers['content-type'] = 'Content-Type: text/html; charset=utf-8';

            /**
             * Render output
             */
            $render = new HtmlRender($this->variables);

            $output = $render->render(['_view' => $this->getViewTemplate(), '_layout' => $this->getLayoutTemplate()]);

            /**
             * Return response
             */
            return new Response($this->headers, $this->request->getCookie(), $output);
        } elseif ($this->render && $this->contentType === 'json') {
            /**
             * Set content type header
             */
            $this->headers['content-type'] = 'Content-Type: application/javascript;';

            /**
             * Return response
             */
            return new Response($this->headers, null, json_encode($this->variables));
        }

        return new Response($this->headers, null, '');
    }

    /**
     * Before controller action hook
     *
     * Called right before controller action is called
     *
     * If FALSE is returned, the action will not be called
     *
     * @return bool
     */
    protected function beforeAction(): bool
    {
        return true;
    }

    /**
     * After controller action hook
     *
     * Called right after controller action is called, before rendering of the view
     *
     * Only called if action is called
     */
    protected function afterAction()
    {
    }

    /**
     * Set view variable
     *
     * @param string $variable
     * @param mixed  $value
     */
    protected function set(string $variable, $value)
    {
        $this->variables[$variable] = $value;
    }

    /**
     * Set flash message
     *
     * Recommended types: error, warning, success & info
     *
     * @param string $message Flash message
     * @param string $type    Flash type
     */
    protected function setFlash(string $message, string $type)
    {
        $cookie = $this->request->getCookie();

        $cookie->set('Flash.Message', $message);
        $cookie->set('Flash.Type', $type);
    }

    /**
     * Set a redirect header in the response
     *
     * @param string $url URL for redirect
     */
    protected function redirect(string $url)
    {
        $this->headers['location'] = "Location: $url";

        /**
         * Disable rendering if redirecting
         */
        $this->render = false;
    }

    /**
     * Get layout template
     *
     * @return string Layout template file path
     */
    protected function getLayoutTemplate(): string
    {
        $layout = $this->layout;

        if (empty($layout)) {
            $layout = 'View/Layout/default';
        }

        return "{$this->configuration->get('App.Path')}$layout.layout";
    }

    /**
     * Get view template
     *
     * @return string View template file path
     */
    protected function getViewTemplate(): string
    {
        $view = $this->view;

        if (empty($view)) {
            $view = sprintf('View/%s/%s', $this->getShortName(), $this->action);
        }

        return "{$this->configuration->get('App.Path')}$view.view";
    }

    /**
     * Set response code
     *
     * Supports 200 OK, 403 Forbidden, 404 Not Found & 500 Internal Server Error
     *
     * @param int $code HTTP response code
     *
     * @throws \InvalidArgumentException If unsupported code is provided
     */
    protected function setResponseCode(int $code)
    {
        switch ($code) {
            /**
             * Success
             */
            case 200:
                $text = 'OK';
                break;

            case 201:
                $text = 'Created';
                break;

            case 202:
                $text = 'Accepted';
                break;

            case 204:
                $text = 'No Content';
                break;

            /**
             * Client error
             */
            case 400:
                $text = 'Bad Request';
                break;

            case 403:
                $text = 'Forbidden';
                break;

            case 404:
                $text = 'Not Found';
                break;

            /**
             * Server error
             */
            case 500:
                $text = 'Internal Server Error';
                break;

            default:
                throw new \InvalidArgumentException("HTTP status '$code' is not implemented");
        }

        /**
         * Set header
         */
        // @todo test that running response code multiple times only results in one response code header
        $this->headers['response_code'] = "HTTP/1.1 $code $text";
    }
}


Pull Request — master (#2)

Controller B

Complexity

Size/Duplication

Coupling/Cohesion

Importance

13 Methods

How to fix Duplicated Code

Duplicated Code

1 path for user data to reach this point

General Strategies to prevent injection

1		<?php
2		declare(strict_types = 1);
3
4		namespace Zortje\MVC\Controller;
5
6		use Zortje\MVC\Configuration\Configuration;
7		use Zortje\MVC\Controller\Exception\ControllerActionNonexistentException;
8		use Zortje\MVC\Controller\Exception\ControllerActionPrivateInsufficientAuthenticationException;
9		use Zortje\MVC\Controller\Exception\ControllerActionProtectedInsufficientAuthenticationException;
10		use Zortje\MVC\Model\Table\Entity\Entity;
11		use Zortje\MVC\Network\Request;
12		use Zortje\MVC\Network\Response;
13		use Zortje\MVC\View\Render\HtmlRender;
14
15		/**
16		* Class Controller
17		*
18		* @package Zortje\MVC\Controller
19		*/
20		class Controller
21		{
22
23		/**
24		* Controller action is publicly accessible
25		*/
26		const ACTION_PUBLIC = 0;
27
28		/**
29		* Controller action requires authentication
30		* Will redirect to sign in page if not authenticated
31		*/
32		const ACTION_PROTECTED = 1;
33
34		/**
35		* Controller action requires authentication
36		* Will result in an 404 if not authenticated
37		*/
38		const ACTION_PRIVATE = 2;
39
40		/**
41		* @var array Controller action access rules
42		*/
43		protected $access = [];
44
45		/**
46		* @var \PDO PDO
47		*/
48		protected $pdo;
49
50		/**
51		* @var Configuration
52		*/
53		protected $configuration;
54
55		/**
56		* @var Request
57		*/
58		protected $request;
59
60		/**
61		* @var Entity\|null User
62		*/
63		protected $user;
64
65		/**
66		* @var array URL Arguments
67		*/
68		protected $arguments;
69
70		/**
71		* @var string Controller action
72		*/
73		protected $action;
74
75		/**
76		* @var array View variables
77		*/
78		protected $variables = [];
79
80		/**
81		* @var bool Should render view for controller action
82		*/
83		protected $render = true;
84
85		/**
86		* @var string File path for layout template file
87		*/
88		protected $layout;
89
90		/**
91		* @var string File path for view template file
92		*/
93		protected $view;
94
95		/**
96		* @var string Content type
97		*/
98		protected $contentType = 'html';
99
100		/**
101		* @var array Headers for output
102		*/
103		protected $headers = [];
104
105		/**
106		* Controller constructor.
107		*
108		* @param \PDO $pdo
109		* @param Configuration $configuration
110		* @param Request $request
111		* @param Entity\|null $user
112		*/
113	View Code Duplication	public function __construct(\PDO $pdo, Configuration $configuration, Request $request, Entity $user = null)
		0 ignored issues – show Duplication introduced 2016-03-06 23:43 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
114		{
115		$this->pdo = $pdo;
116		$this->configuration = $configuration;
117		$this->request = $request;
118		$this->user = $user;
119		}
120
121		/**
122		* Get short controller name
123		*
124		* @return string Controller name without namespace
125		*/
126		public function getShortName(): string
127		{
128		return str_replace('Controller', null, (new \ReflectionClass($this))->getShortName());
129		}
130
131		/**
132		* Set URL arguments
133		*
134		* @param array $arguments
135		*/
136		public function setArguments(array $arguments)
137		{
138		$this->arguments = $arguments;
139		}
140
141		/**
142		* Set controller action
143		*
144		* @param string $action Controller action
145		*
146		* @throws ControllerActionNonexistentException
147		* @throws ControllerActionPrivateInsufficientAuthenticationException
148		* @throws ControllerActionProtectedInsufficientAuthenticationException
149		*/
150		public function setAction(string $action)
151		{
152		/**
153		* Check if method exists and that access has been defined
154		*/
155		if (!method_exists($this, $action) \|\| !isset($this->access[$action])) {
156		throw new ControllerActionNonexistentException([get_class($this), $action]);
157		}
158
159		/**
160		* Check controller action access level if user is not authenticated
161		*/
162		if (!$this->user) {
163		if ($this->access[$action] === self::ACTION_PRIVATE) {
164		throw new ControllerActionPrivateInsufficientAuthenticationException([get_class($this), $action]);
165		} elseif ($this->access[$action] === self::ACTION_PROTECTED) {
166		throw new ControllerActionProtectedInsufficientAuthenticationException([get_class($this), $action]);
167		}
168		}
169
170		/**
171		* Set controller action
172		*/
173		$this->action = $action;
174		}
175
176		/**
177		* Call action
178		*
179		* @return Response
180		*
181		* @throws \LogicException If controller action is not set
182		*/
183		public function callAction(): Response
184		{
185		if (!isset($this->action)) {
186		throw new \LogicException('Controller action must be set before being called');
187		}
188
189		/**
190		* Before controller action hook
191		*/
192		if ($this->beforeAction()) {
193		/**
194		* Call controller action
195		*/
196		$action = $this->action;
197
198		$this->$action();
		0 ignored issues – show Security Code Execution introduced 2016-07-06 21:32 UTC by Report Bug Copy Issue Report `$action` can contain request data and is used in code execution context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Entered via action parameter `$action` in vendor/src/Controller/Controller.php on line 150 Controller::$action is assigned in src/Controller/Controller.php on line 173 Tainted property Controller::$action is read, and `$action` is assigned in src/Controller/Controller.php on line 196 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
199
200		/**
201		* After controller action hook
202		*/
203		$this->afterAction();
204		}
205
206		/**
207		* Render view
208		*/
209		if ($this->render && $this->contentType === 'html') {
210		if ($this->request->getCookie()->exists('Flash.Message') && $this->request->getCookie()->exists('Flash.Type')) {
211		$this->set('_flash', [
212		'message' => $this->request->getCookie()->get('Flash.Message'),
213		'type' => $this->request->getCookie()->get('Flash.Type')
214		]);
215
216		$this->request->getCookie()->remove('Flash.Message');
217		$this->request->getCookie()->remove('Flash.Type');
218		}
219
220		/**
221		* Set content type header
222		*/
223		$this->headers['content-type'] = 'Content-Type: text/html; charset=utf-8';
224
225		/**
226		* Render output
227		*/
228		$render = new HtmlRender($this->variables);
229
230		$output = $render->render(['_view' => $this->getViewTemplate(), '_layout' => $this->getLayoutTemplate()]);
231
232		/**
233		* Return response
234		*/
235		return new Response($this->headers, $this->request->getCookie(), $output);
236		} elseif ($this->render && $this->contentType === 'json') {
237		/**
238		* Set content type header
239		*/
240		$this->headers['content-type'] = 'Content-Type: application/javascript;';
241
242		/**
243		* Return response
244		*/
245		return new Response($this->headers, null, json_encode($this->variables));
246		}
247
248		return new Response($this->headers, null, '');
249		}
250
251		/**
252		* Before controller action hook
253		*
254		* Called right before controller action is called
255		*
256		* If FALSE is returned, the action will not be called
257		*
258		* @return bool
259		*/
260		protected function beforeAction(): bool
261		{
262		return true;
263		}
264
265		/**
266		* After controller action hook
267		*
268		* Called right after controller action is called, before rendering of the view
269		*
270		* Only called if action is called
271		*/
272		protected function afterAction()
273		{
274		}
275
276		/**
277		* Set view variable
278		*
279		* @param string $variable
280		* @param mixed $value
281		*/
282		protected function set(string $variable, $value)
283		{
284		$this->variables[$variable] = $value;
285		}
286
287		/**
288		* Set flash message
289		*
290		* Recommended types: error, warning, success & info
291		*
292		* @param string $message Flash message
293		* @param string $type Flash type
294		*/
295		protected function setFlash(string $message, string $type)
296		{
297		$cookie = $this->request->getCookie();
298
299		$cookie->set('Flash.Message', $message);
300		$cookie->set('Flash.Type', $type);
301		}
302
303		/**
304		* Set a redirect header in the response
305		*
306		* @param string $url URL for redirect
307		*/
308		protected function redirect(string $url)
309		{
310		$this->headers['location'] = "Location: $url";
311
312		/**
313		* Disable rendering if redirecting
314		*/
315		$this->render = false;
316		}
317
318		/**
319		* Get layout template
320		*
321		* @return string Layout template file path
322		*/
323		protected function getLayoutTemplate(): string
324		{
325		$layout = $this->layout;
326
327		if (empty($layout)) {
328		$layout = 'View/Layout/default';
329		}
330
331		return "{$this->configuration->get('App.Path')}$layout.layout";
332		}
333
334		/**
335		* Get view template
336		*
337		* @return string View template file path
338		*/
339		protected function getViewTemplate(): string
340		{
341		$view = $this->view;
342
343		if (empty($view)) {
344		$view = sprintf('View/%s/%s', $this->getShortName(), $this->action);
345		}
346
347		return "{$this->configuration->get('App.Path')}$view.view";
348		}
349
350		/**
351		* Set response code
352		*
353		* Supports 200 OK, 403 Forbidden, 404 Not Found & 500 Internal Server Error
354		*
355		* @param int $code HTTP response code
356		*
357		* @throws \InvalidArgumentException If unsupported code is provided
358		*/
359		protected function setResponseCode(int $code)
360		{
361		switch ($code) {
362		/**
363		* Success
364		*/
365		case 200:
366		$text = 'OK';
367		break;
368
369		case 201:
370		$text = 'Created';
371		break;
372
373		case 202:
374		$text = 'Accepted';
375		break;
376
377		case 204:
378		$text = 'No Content';
379		break;
380
381		/**
382		* Client error
383		*/
384		case 400:
385		$text = 'Bad Request';
386		break;
387
388		case 403:
389		$text = 'Forbidden';
390		break;
391
392		case 404:
393		$text = 'Not Found';
394		break;
395
396		/**
397		* Server error
398		*/
399		case 500:
400		$text = 'Internal Server Error';
401		break;
402
403		default:
404		throw new \InvalidArgumentException("HTTP status '$code' is not implemented");
405		}
406
407		/**
408		* Set header
409		*/
410		// @todo test that running response code multiple times only results in one response code header
411		$this->headers['response_code'] = "HTTP/1.1 $code $text";
412		}
413		}
414

zortje / mvc

Pull Request — master (#2)

Controller B

Complexity

Size/Duplication

Coupling/Cohesion

Importance

13 Methods

How to fix Duplicated Code

Duplicated Code

1 path for user data to reach this point

General Strategies to prevent injection

Duplication Side-by-Side

Filter issues like