Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-08-20 14:43:49 +00:00
Code Issues Actions Projects Releases Wiki Activity

fix: SA: Fix "...invoked with..." rule.

Browse Source 
SA stands for Static Analysis.
This commit is contained in:
Pol Dellaiera
2021-11-16 12:16:02 +01:00
parent a3eb23478a
commit c68bda5c9b
11 changed files with 183 additions and 355 deletions
Download Patch File Download Diff File Expand all files Collapse all files

114
src/Bundle/ChillMainBundle/CRUD/Controller/ApiController.php
View File

@@ -1,5 +1,7 @@
<?php
declare(strict_types=1);
namespace Chill\MainBundle\CRUD\Controller;
use Symfony\Component\HttpFoundation\Request;
@@ -17,36 +19,36 @@ class ApiController extends AbstractCRUDController
{
/**
* The view action.
*
*
* Some steps may be overriden during this process of rendering:
*
*
* This method:
*
*
* 1. fetch the entity, using `getEntity`
* 2. launch `onPostFetchEntity`. If postfetch is an instance of Response,
* this response is returned.
* 2. throw an HttpNotFoundException if entity is null
* 3. check ACL using `checkACL` ;
* 4. launch `onPostCheckACL`. If the result is an instance of Response,
* 4. launch `onPostCheckACL`. If the result is an instance of Response,
* this response is returned ;
* 5. Serialize the entity and return the result. The serialization context is given by `getSerializationContext`
*
*
*/
protected function entityGet(string $action, Request $request, $id, $_format = 'html'): Response
{
$entity = $this->getEntity($action, $id, $request, $_format);
$entity = $this->getEntity($action, $id, $request);
$postFetch = $this->onPostFetchEntity($action, $request, $entity, $_format);
if ($postFetch instanceof Response) {
return $postFetch;
}
$response = $this->checkACL($action, $request, $_format, $entity);
if ($response instanceof Response) {
return $response;
}
$response = $this->onPostCheckACL($action, $request, $_format, $entity);
if ($response instanceof Response) {
return $response;
@@ -86,7 +88,7 @@ class ApiController extends AbstractCRUDController
case Request::METHOD_PATCH:
return $this->entityPut('_entity', $request, $id, $_format);
case Request::METHOD_POST:
return $this->entityPostAction('_entity', $request, $id, $_format);
return $this->entityPostAction('_entity', $request, $id);
case Request::METHOD_DELETE:
return $this->entityDelete('_entity', $request, $id, $_format);
default:
@@ -112,9 +114,9 @@ class ApiController extends AbstractCRUDController
} catch (NotEncodableValueException $e) {
throw new BadRequestException("invalid json", 400, $e);
}
$errors = $this->validate($action, $request, $_format, $entity);
$response = $this->onAfterValidation($action, $request, $_format, $entity, $errors);
if ($response instanceof Response) {
return $response;
@@ -126,12 +128,12 @@ class ApiController extends AbstractCRUDController
return $response;
}
$response = $this->checkACL($action, $request, $_format, $entity);
if ($response instanceof Response) {
return $response;
}
$response = $this->onPostCheckACL($action, $request, $_format, $entity);
if ($response instanceof Response) {
return $response;
@@ -148,33 +150,33 @@ class ApiController extends AbstractCRUDController
if ($response instanceof Response) {
return $response;
}
return $this->json(
$entity,
Response::HTTP_OK,
[],
[],
$this->getContextForSerializationPostAlter($action, $request, $_format, $entity)
);
}
public function entityPut($action, Request $request, $id, string $_format): Response
{
$entity = $this->getEntity($action, $id, $request, $_format);
$entity = $this->getEntity($action, $id, $request);
$postFetch = $this->onPostFetchEntity($action, $request, $entity, $_format);
if ($postFetch instanceof Response) {
return $postFetch;
}
if (NULL === $entity) {
throw $this->createNotFoundException(sprintf("The %s with id %s "
. "is not found", $this->getCrudName(), $id));
}
$response = $this->checkACL($action, $request, $_format, $entity);
if ($response instanceof Response) {
return $response;
}
$response = $this->onPostCheckACL($action, $request, $_format, $entity);
if ($response instanceof Response) {
return $response;
@@ -184,7 +186,7 @@ class ApiController extends AbstractCRUDController
if ($response instanceof Response) {
return $response;
}
try {
$entity = $this->deserialize($action, $request, $_format, $entity);
} catch (NotEncodableValueException $e) {
@@ -215,13 +217,13 @@ class ApiController extends AbstractCRUDController
return $this->json(
$entity,
Response::HTTP_OK,
[],
[],
$this->getContextForSerializationPostAlter($action, $request, $_format, $entity)
);
}
public function entityDelete($action, Request $request, $id, string $_format): Response
{
$entity = $this->getEntity($action, $id, $request, $_format);
$entity = $this->getEntity($action, $id, $request);
if (NULL === $entity) {
throw $this->createNotFoundException(sprintf("The %s with id %s "
@@ -287,7 +289,7 @@ class ApiController extends AbstractCRUDController
protected function validate(string $action, Request $request, string $_format, $entity, array $more = []): ConstraintViolationListInterface
{
$validationGroups = $this->getValidationGroups($action, $request, $_format, $entity);
return $this->getValidator()->validate($entity, null, $validationGroups);
}
@@ -309,7 +311,7 @@ class ApiController extends AbstractCRUDController
return $this->getSerializer()->deserialize($request->getContent(), $this->getEntityClass(), $_format, $context);
}
/**
* Base action for indexing entities
@@ -327,11 +329,11 @@ class ApiController extends AbstractCRUDController
/**
* Build an index page.
*
*
* Some steps may be overriden during this process of rendering.
*
*
* This method:
*
*
* 1. Launch `onPreIndex`
* x. check acl. If it does return a response instance, return it
* x. launch `onPostCheckACL`. If it does return a response instance, return it
@@ -342,7 +344,7 @@ class ApiController extends AbstractCRUDController
* x. fetch the results, using `getQueryResult`
* x. Launch `onPostIndexFetchQuery`. If it does return a response instance, return it
* 4. Serialize the entities in a Collection, using `SerializeCollection`
*
*
* @param string $action
* @param Request $request
* @return type
@@ -350,50 +352,50 @@ class ApiController extends AbstractCRUDController
protected function indexApiAction($action, Request $request, $_format)
{
$this->onPreIndex($action, $request, $_format);
$response = $this->checkACL($action, $request, $_format);
if ($response instanceof Response) {
return $response;
}
if (!isset($entity)) {
$entity = '';
}
$response = $this->onPostCheckACL($action, $request, $_format, $entity);
if ($response instanceof Response) {
return $response;
}
$totalItems = $this->countEntities($action, $request, $_format);
$paginator = $this->getPaginatorFactory()->create($totalItems);
$response = $this->onPreIndexBuildQuery($action, $request, $_format, $totalItems,
$response = $this->onPreIndexBuildQuery($action, $request, $_format, $totalItems,
$paginator);
if ($response instanceof Response) {
return $response;
}
$query = $this->queryEntities($action, $request, $_format, $paginator);
$response = $this->onPostIndexBuildQuery($action, $request, $_format, $totalItems,
$response = $this->onPostIndexBuildQuery($action, $request, $_format, $totalItems,
$paginator, $query);
if ($response instanceof Response) {
return $response;
}
$entities = $this->getQueryResult($action, $request, $_format, $totalItems, $paginator, $query);
$response = $this->onPostIndexFetchQuery($action, $request, $_format, $totalItems,
$response = $this->onPostIndexFetchQuery($action, $request, $_format, $totalItems,
$paginator, $entities);
if ($response instanceof Response) {
return $response;
}
return $this->serializeCollection($action, $request, $_format, $paginator, $entities);
return $this->serializeCollection($action, $request, $_format, $paginator, $entities);
}
/**
@@ -402,7 +404,7 @@ class ApiController extends AbstractCRUDController
* This method:
*
* 1. Fetch the base entity (throw 404 if not found)
* 2. checkACL,
* 2. checkACL,
* 3. run onPostCheckACL, return response if any,
* 4. deserialize posted data into the entity given by $postedDataType, with the context in $postedDataContext
* 5. run 'add+$property' for POST method, or 'remove+$property' for DELETE method
@@ -410,7 +412,7 @@ class ApiController extends AbstractCRUDController
* 7. run onAfterValidation
* 8. if errors, return a 422 response with errors
* 9. if $forcePersist === true, persist the entity
* 10. flush the data
* 10. flush the data
* 11. run onAfterFlush
* 12. return a 202 response for DELETE with empty body, or HTTP 200 for post with serialized posted entity
*
@@ -425,7 +427,7 @@ class ApiController extends AbstractCRUDController
* @throw BadRequestException if unable to deserialize the posted data
* @throw BadRequestException if the method is not POST or DELETE
*
*/
*/
protected function addRemoveSomething(string $action, $id, Request $request, string $_format, string $property, string $postedDataType, array $postedDataContext = [], bool $forcePersist = false): Response
{
$entity = $this->getEntity($action, $id, $request);
@@ -500,14 +502,14 @@ class ApiController extends AbstractCRUDController
return $this->json(
$postedData,
Response::HTTP_OK,
[],
[],
$this->getContextForSerializationPostAlter($action, $request, $_format, $entity, [$postedData])
);
}
throw new \Exception('Unable to handle such request method.');
}
/**
* Serialize collections
*
@@ -520,7 +522,7 @@ class ApiController extends AbstractCRUDController
return $this->json($model, Response::HTTP_OK, [], $context);
}
protected function getContextForSerialization(string $action, Request $request, string $_format, $entity): array
{
@@ -537,7 +539,7 @@ class ApiController extends AbstractCRUDController
}
/**
* Get the context for serialization post alter query (in case of
* Get the context for serialization post alter query (in case of
* PATCH, PUT, or POST method)
*
* This is called **after** the entity was altered.
@@ -565,7 +567,7 @@ class ApiController extends AbstractCRUDController
throw new \RuntimeException(sprintf("the config does not have any role for the ".
"method %s nor a global role for the whole action. Add those to your ".
"configuration or override the required method", $request->getMethod()));
}
protected function getSerializer(): SerializerInterface

13
src/Bundle/ChillMainBundle/CRUD/Controller/CRUDController.php
View File

@@ -52,7 +52,7 @@ class CRUDController extends AbstractController
*/
protected function deleteAction(string $action, Request $request, $id, $formClass = null): Response
{
$this->onPreDelete($action, $request, $id);
$this->onPreDelete($action, $request);
$entity = $this->getEntity($action, $id, $request);
@@ -311,11 +311,12 @@ class CRUDController extends AbstractController
*/
protected function buildQueryEntities(string $action, Request $request)
{
$query = $this->getDoctrine()->getManager()
$query = $this
->getDoctrine()
->getManager()
->createQueryBuilder()
->select('e')
->from($this->getEntityClass(), 'e')
;
->from($this->getEntityClass(), 'e');
$this->customizeQuery($action, $request, $query);
@@ -340,7 +341,7 @@ class CRUDController extends AbstractController
*/
protected function queryEntities(string $action, Request $request, PaginatorInterface $paginator, ?FilterOrderHelper $filterOrder = null)
{
$query = $this->buildQueryEntities($action, $request, $filterOrder)
$query = $this->buildQueryEntities($action, $request)
->setFirstResult($paginator->getCurrentPage()->getFirstItemNumber())
->setMaxResults($paginator->getItemsPerPage());
@@ -389,7 +390,7 @@ class CRUDController extends AbstractController
*/
protected function countEntities(string $action, Request $request, ?FilterOrderHelper $filterOrder = null): int
{
return $this->buildQueryEntities($action, $request, $filterOrder)
return $this->buildQueryEntities($action, $request)
->select('COUNT(e)')
->getQuery()
->getSingleScalarResult()

83
src/Bundle/ChillMainBundle/Controller/UserController.php
View File

@@ -1,5 +1,7 @@
<?php
declare(strict_types=1);
namespace Chill\MainBundle\Controller;
use Chill\MainBundle\CRUD\Controller\AbstractCRUDController;
@@ -7,6 +9,7 @@ use Chill\MainBundle\CRUD\Controller\CRUDController;
use Chill\MainBundle\Pagination\PaginatorInterface;
use Doctrine\ORM\EntityManagerInterface;
use Psr\Log\LoggerInterface;
use Symfony\Component\Form\Form;
use Symfony\Component\Form\FormInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
@@ -16,40 +19,23 @@ use Chill\MainBundle\Form\UserType;
use Chill\MainBundle\Entity\GroupCenter;
use Chill\MainBundle\Form\Type\ComposedGroupCenterType;
use Chill\MainBundle\Form\UserPasswordType;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
use Symfony\Component\Validator\Validator\ValidatorInterface;
use Symfony\Component\Routing\Annotation\Route;
use Sensio\Bundle\FrameworkExtraBundle\Request\ParamConverter;
/**
* Class UserController
*
* @package Chill\MainBundle\Controller
*/
class UserController extends CRUDController
{
const FORM_GROUP_CENTER_COMPOSED = 'composed_groupcenter';
/**
* @var \Psr\Log\LoggerInterface
*/
private $logger;
private LoggerInterface $logger;
/**
* @var ValidatorInterface
*/
private $validator;
private ValidatorInterface $validator;
private UserPasswordEncoderInterface $passwordEncoder;
/**
* UserController constructor.
*
* @param LoggerInterface $logger
* @param ValidatorInterface $validator
*/
public function __construct(
LoggerInterface $chillLogger,
ValidatorInterface $validator,
@@ -121,7 +107,7 @@ class UserController extends CRUDController
*/
public function editPasswordAction(User $user, Request $request)
{
$editForm = $this->createEditPasswordForm($user, $request);
$editForm = $this->createEditPasswordForm($user);
$editForm->handleRequest($request);
if ($editForm->isSubmitted() && $editForm->isValid()) {
@@ -208,7 +194,7 @@ class UserController extends CRUDController
* @Route("/{_locale}/admin/main/user/{uid}/add_link_groupcenter",
* name="admin_user_add_groupcenter")
*/
public function addLinkGroupCenterAction(Request $request, $uid): RedirectResponse
public function addLinkGroupCenterAction(Request $request, $uid): Response
{
$em = $this->getDoctrine()->getManager();
@@ -238,23 +224,22 @@ class UserController extends CRUDController
return $this->redirect($this->generateUrl('chill_crud_admin_user_edit',
\array_merge(['id' => $uid], $returnPathParams)));
} else {
foreach($this->validator->validate($user) as $error)
}
foreach($this->validator->validate($user) as $error) {
$this->addFlash('error', $error->getMessage());
}
}
return $this->render('@ChillMain/User/edit.html.twig', array(
return $this->render('@ChillMain/User/edit.html.twig', [
'entity' => $user,
'edit_form' => $this->createEditForm($user)->createView(),
'add_groupcenter_form' => $this->createAddLinkGroupCenterForm($user)->createView(),
'add_groupcenter_form' => $this->createAddLinkGroupCenterForm($user, $request)->createView(),
'delete_groupcenter_form' => array_map(
function(\Symfony\Component\Form\Form $form) {
return $form->createView();
},
iterator_to_array($this->getDeleteLinkGroupCenterByUser($user), true))
));
static fn(Form $form) => $form->createView(),
iterator_to_array($this->getDeleteLinkGroupCenterByUser($user, $request), true)
)
]);
}
private function getPersistedGroupCenter(GroupCenter $groupCenter)
@@ -279,10 +264,8 @@ class UserController extends CRUDController
* Creates a form to delete a link to a GroupCenter
*
* @param mixed $permissionsGroup The entity id
*
* @return \Symfony\Component\Form\Form The form
*/
private function createDeleteLinkGroupCenterForm(User $user, GroupCenter $groupCenter, $request)
private function createDeleteLinkGroupCenterForm(User $user, GroupCenter $groupCenter, $request): FormInterface
{
$returnPathParams = $request->query->has('returnPath') ? ['returnPath' => $request->query->get('returnPath')] : [];
@@ -291,39 +274,29 @@ class UserController extends CRUDController
array_merge($returnPathParams, ['uid' => $user->getId(), 'gcid' => $groupCenter->getId()])))
->setMethod('DELETE')
->add('submit', SubmitType::class, array('label' => 'Delete'))
->getForm()
;
->getForm();
}
/**
* create a form to add a link to a groupcenter
*
* @param User $user
* @return \Symfony\Component\Form\Form
* Create a form to add a link to a groupcenter.
*/
private function createAddLinkGroupCenterForm(User $user, Request $request)
private function createAddLinkGroupCenterForm(User $user, Request $request): FormInterface
{
$returnPathParams = $request->query->has('returnPath') ? ['returnPath' => $request->query->get('returnPath')] : [];
return $this->createFormBuilder()
->setAction($this->generateUrl('admin_user_add_groupcenter',
array_merge($returnPathParams, ['uid' => $user->getId()])))
->setMethod('POST')
->add(self::FORM_GROUP_CENTER_COMPOSED, ComposedGroupCenterType::class)
->add('submit', SubmitType::class, array('label' => 'Add a new groupCenter'))
->getForm()
;
->setAction($this->generateUrl('admin_user_add_groupcenter',
array_merge($returnPathParams, ['uid' => $user->getId()])))
->setMethod('POST')
->add(self::FORM_GROUP_CENTER_COMPOSED, ComposedGroupCenterType::class)
->add('submit', SubmitType::class, array('label' => 'Add a new groupCenter'))
->getForm();
}
/**
*
* @param User $user
*/
private function getDeleteLinkGroupCenterByUser(User $user, Request $request)
{
foreach ($user->getGroupCenters() as $groupCenter) {
yield $groupCenter->getId() => $this
->createDeleteLinkGroupCenterForm($user, $groupCenter, $request);
yield $groupCenter->getId() => $this->createDeleteLinkGroupCenterForm($user, $groupCenter, $request);
}
}
}

9
src/Bundle/ChillMainBundle/Search/SearchApi.php
View File

@@ -1,5 +1,7 @@
<?php
declare(strict_types=1);
namespace Chill\MainBundle\Search;
use Chill\MainBundle\Search\Entity\SearchUserApiProvider;
@@ -13,8 +15,6 @@ use Doctrine\ORM\Query\ResultSetMappingBuilder;
use Chill\MainBundle\Search\SearchProvider;
use Symfony\Component\VarDumper\Resources\functions\dump;
/**
*/
class SearchApi
{
private EntityManagerInterface $em;
@@ -28,8 +28,7 @@ class SearchApi
ThirdPartyApiSearch $thirdPartyApiSearch,
SearchUserApiProvider $searchUser,
PaginatorFactory $paginator
)
{
) {
$this->em = $em;
$this->providers[] = $searchPerson;
$this->providers[] = $thirdPartyApiSearch;
@@ -126,7 +125,7 @@ class SearchApi
private function fetchRawResult($queries, $types, $parameters, $paginator): array
{
list($union, $parameters) = $this->buildUnionQuery($queries, $types, $parameters, $paginator);
list($union, $parameters) = $this->buildUnionQuery($queries, $types, $parameters);
$rsm = new ResultSetMappingBuilder($this->em);
$rsm->addScalarResult('key', 'key', Types::STRING)
->addScalarResult('metadata', 'metadata', Types::JSON)

38
src/Bundle/ChillMainBundle/Security/Authorization/AuthorizationHelper.php
View File

@@ -1,21 +1,6 @@
<?php
/*
* Copyright (C) 2015 Julien Fastré <julien.fastre@champs-libres.coop>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
declare(strict_types=1);
namespace Chill\MainBundle\Security\Authorization;
@@ -43,7 +28,6 @@ use Chill\MainBundle\Entity\RoleScope;
* Helper for authorizations.
*
* Provides methods for user and entities information.
*
*/
class AuthorizationHelper implements AuthorizationHelperInterface
{
@@ -74,11 +58,7 @@ class AuthorizationHelper implements AuthorizationHelperInterface
/**
* Determines if a user is active on this center
*
* If
*
* @param User $user
* @param Center|Center[] $center May be an array of center
* @return bool
*/
public function userCanReachCenter(User $user, $center): bool
{
@@ -89,7 +69,9 @@ class AuthorizationHelper implements AuthorizationHelperInterface
}
}
return false;
} elseif ($center instanceof Center) {
}
if ($center instanceof Center) {
foreach ($user->getGroupCenters() as $groupCenter) {
if ($center->getId() === $groupCenter->getCenter()->getId()) {
return true;
@@ -99,12 +81,16 @@ class AuthorizationHelper implements AuthorizationHelperInterface
return false;
}
throw new \UnexpectedValueException(sprintf("The entity given is not an ".
"instance of %s, %s given", Center::class, get_class($center)));
throw new \UnexpectedValueException(
sprintf(
'The entity given is not an instance of %s, %s given',
Center::class,
get_class($center)
)
);
}
/**
*
* Determines if the user has access to the given entity.
*
* if the entity implements Chill\MainBundle\Entity\HasScopeInterface,
@@ -243,7 +229,7 @@ class AuthorizationHelper implements AuthorizationHelperInterface
}
foreach ($centers as $center) {
if ($this->userCanReachCenter($user, $center, $role)) {
if ($this->userCanReachCenter($user, $center)) {
$results[] = $center;
}
}