mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-07-01 05:54:32 +02:00
Fixed some inspection issues.
This commit is contained in:
Jan Böhmer
parent
eef26f7ae6
commit
639829f5c5
97 changed files with 305 additions and 185 deletions
|
|
@ -61,6 +61,8 @@ use Twig\TwigFilter;
|
|||
use Twig\TwigFunction;
|
||||
use Twig\TwigTest;
|
||||
|
||||
use function get_class;
|
||||
|
||||
class AppExtension extends AbstractExtension
|
||||
{
|
||||
protected $entityURLGenerator;
|
||||
|
|
@ -128,7 +130,7 @@ class AppExtension extends AbstractExtension
|
|||
|
||||
public function treeData(AbstractDBElement $element, string $type = 'newEdit'): string
|
||||
{
|
||||
$tree = $this->treeBuilder->getTreeView(\get_class($element), null, $type, $element);
|
||||
$tree = $this->treeBuilder->getTreeView(get_class($element), null, $type, $element);
|
||||
|
||||
return json_encode($tree);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,13 +24,14 @@ declare(strict_types=1);
|
|||
namespace App\Twig;
|
||||
|
||||
use App\Entity\LogSystem\AbstractLogEntry;
|
||||
use App\Repository\LogEntryRepository;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
use Twig\Extension\AbstractExtension;
|
||||
use Twig\TwigFunction;
|
||||
|
||||
class LastUserExtension extends AbstractExtension
|
||||
{
|
||||
/** @var \App\Repository\LogEntryRepository */
|
||||
/** @var LogEntryRepository */
|
||||
private $repo;
|
||||
|
||||
public function __construct(EntityManagerInterface $em)
|
||||
|
|
|
|||
|
|
@ -22,6 +22,10 @@ use Twig\Sandbox\SecurityNotAllowedTagError;
|
|||
use Twig\Sandbox\SecurityPolicyInterface;
|
||||
use Twig\Template;
|
||||
|
||||
use function get_class;
|
||||
use function in_array;
|
||||
use function is_array;
|
||||
|
||||
/**
|
||||
* Represents a security policy which need to be enforced when sandbox mode is enabled.
|
||||
*
|
||||
|
|
@ -61,7 +65,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
|
|||
$this->allowedMethods = [];
|
||||
foreach ($methods as $class => $m) {
|
||||
$this->allowedMethods[$class] = array_map(
|
||||
static function ($value) { return strtr($value, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'); }, \is_array($m) ? $m : [$m]);
|
||||
static function ($value) { return strtr($value, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'); }, is_array($m) ? $m : [$m]);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -78,19 +82,19 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
|
|||
public function checkSecurity($tags, $filters, $functions): void
|
||||
{
|
||||
foreach ($tags as $tag) {
|
||||
if (!\in_array($tag, $this->allowedTags, true)) {
|
||||
if (!in_array($tag, $this->allowedTags, true)) {
|
||||
throw new SecurityNotAllowedTagError(sprintf('Tag "%s" is not allowed.', $tag), $tag);
|
||||
}
|
||||
}
|
||||
|
||||
foreach ($filters as $filter) {
|
||||
if (!\in_array($filter, $this->allowedFilters, true)) {
|
||||
if (!in_array($filter, $this->allowedFilters, true)) {
|
||||
throw new SecurityNotAllowedFilterError(sprintf('Filter "%s" is not allowed.', $filter), $filter);
|
||||
}
|
||||
}
|
||||
|
||||
foreach ($functions as $function) {
|
||||
if (!\in_array($function, $this->allowedFunctions, true)) {
|
||||
if (!in_array($function, $this->allowedFunctions, true)) {
|
||||
throw new SecurityNotAllowedFunctionError(sprintf('Function "%s" is not allowed.', $function), $function);
|
||||
}
|
||||
}
|
||||
|
|
@ -106,7 +110,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
|
|||
$method = strtr($method, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
|
||||
foreach ($this->allowedMethods as $class => $methods) {
|
||||
if ($obj instanceof $class) {
|
||||
$allowed = \in_array($method, $methods, true);
|
||||
$allowed = in_array($method, $methods, true);
|
||||
|
||||
//CHANGED: Only break if we the method is allowed, otherwise try it on the other methods
|
||||
if ($allowed) {
|
||||
|
|
@ -116,7 +120,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
|
|||
}
|
||||
|
||||
if (!$allowed) {
|
||||
$class = \get_class($obj);
|
||||
$class = get_class($obj);
|
||||
|
||||
throw new SecurityNotAllowedMethodError(sprintf('Calling "%s" method on a "%s" object is not allowed.', $method, $class), $class, $method);
|
||||
}
|
||||
|
|
@ -127,7 +131,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
|
|||
$allowed = false;
|
||||
foreach ($this->allowedProperties as $class => $properties) {
|
||||
if ($obj instanceof $class) {
|
||||
$allowed = \in_array($property, \is_array($properties) ? $properties : [$properties], true);
|
||||
$allowed = in_array($property, is_array($properties) ? $properties : [$properties], true);
|
||||
|
||||
//CHANGED: Only break if we the method is allowed, otherwise try it on the other methods
|
||||
if ($allowed) {
|
||||
|
|
@ -137,7 +141,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
|
|||
}
|
||||
|
||||
if (!$allowed) {
|
||||
$class = \get_class($obj);
|
||||
$class = get_class($obj);
|
||||
|
||||
throw new SecurityNotAllowedPropertyError(sprintf('Calling "%s" property on a "%s" object is not allowed.', $property, $class), $class, $property);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue