]> git.agnieray.net Git - galette.git/blobdiff - galette/lib/Galette/Middleware/Authenticate.php
Projects / galette.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Some phpstan lvl 4 checks
[galette.git] / galette / lib / Galette / Middleware / Authenticate.php
diff --git a/galette/lib/Galette/Middleware/Authenticate.php b/galette/lib/Galette/Middleware/Authenticate.php
index 5239fffe506f87e04349395ffac8d1deff117a57..a6717a14be6d78b9fabf7f6423de42c12f3fd005 100644 (file)
--- a/galette/lib/Galette/Middleware/Authenticate.php
+++ b/galette/lib/Galette/Middleware/Authenticate.php
@@ -127,74 +127,72 @@ class Authenticate
                     'Location',
                     $this->routeparser->urlFor('slash')
                 )->withStatus(302);
-        } else {
-            //check for ACLs
-            $routeContext = RouteContext::fromRequest($request);
-            $route = $routeContext->getRoute();
-            $cur_route = $route->getName();
-            $acl = $this->getAclFor($cur_route);
-
-            $go = false;
-            switch ($acl) {
-                case 'superadmin':
-                    if ($this->login->isSuperAdmin()) {
-                        $go = true;
-                    }
-                    break;
-                case 'admin':
-                    if (
-                        $this->login->isSuperAdmin()
-                        || $this->login->isAdmin()
-                    ) {
-                        $go = true;
-                    }
-                    break;
-                case 'staff':
-                    if (
-                        $this->login->isSuperAdmin()
-                        || $this->login->isAdmin()
-                        || $this->login->isStaff()
-                    ) {
-                        $go = true;
-                    }
-                    break;
-                case 'groupmanager':
-                    if (
-                        $this->login->isSuperAdmin()
-                        || $this->login->isAdmin()
-                        || $this->login->isStaff()
-                        || $this->login->isGroupManager()
-                    ) {
-                        $go = true;
-                    }
-                    break;
-                case 'member':
-                    if ($this->login->isLogged()) {
-                        $go = true;
-                    }
-                    break;
-                default:
-                    throw new \RuntimeException(
-                        str_replace(
-                            '%acl',
-                            $acl,
-                            _T("Unknown ACL rule '%acl'!")
-                        )
-                    );
-            }
-            if (!$go) {
-                Analog::log(
-                    'Permission denied for route ' . $cur_route . ' for user ' . $this->login->login,
-                    Analog::DEBUG
-                );
-                $this->flash->addMessage(
-                    'error_detected',
-                    _T("You do not have permission for requested URL.")
+        }
+
+        //check for ACLs
+        $routeContext = RouteContext::fromRequest($request);
+        $route = $routeContext->getRoute();
+        $cur_route = $route->getName();
+        $acl = $this->getAclFor($cur_route);
+
+        $go = false;
+        switch ($acl) {
+            case 'superadmin':
+                if ($this->login->isSuperAdmin()) {
+                    $go = true;
+                }
+                break;
+            case 'admin':
+                if (
+                    $this->login->isSuperAdmin()
+                    || $this->login->isAdmin()
+                ) {
+                    $go = true;
+                }
+                break;
+            case 'staff':
+                if (
+                    $this->login->isSuperAdmin()
+                    || $this->login->isAdmin()
+                    || $this->login->isStaff()
+                ) {
+                    $go = true;
+                }
+                break;
+            case 'groupmanager':
+                if (
+                    $this->login->isSuperAdmin()
+                    || $this->login->isAdmin()
+                    || $this->login->isStaff()
+                    || $this->login->isGroupManager()
+                ) {
+                    $go = true;
+                }
+                break;
+            case 'member':
+                $go = true;
+                break;
+            default:
+                throw new \RuntimeException(
+                    str_replace(
+                        '%acl',
+                        $acl,
+                        _T("Unknown ACL rule '%acl'!")
+                    )
                 );
-                return $response
-                    ->withHeader('Location', $this->routeparser->urlFor('slash'))
-                    ->withStatus(302);
-            }
+        }
+        if (!$go) {
+            Analog::log(
+                'Permission denied for route ' . $cur_route . ' for user ' . $this->login->login,
+                Analog::DEBUG
+            );
+            $this->flash->addMessage(
+                'error_detected',
+                _T("You do not have permission for requested URL.")
+            );
+            return $response
+                ->withHeader('Location', $this->routeparser->urlFor('slash'))
+                ->withStatus(302);
         }
 
         return $handler->handle($request);
Galette membership management web application towards non profit (personal repository) | https://galette.eu