admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix SonarQube: inject appSecret via constructor, add constants, reduce scan returns

Browse Source 
ApiLiveController:
- Inject appSecret via constructor (was 6x in method params)
- Add ERR_EVENT/ERR_BILLET/ERR_CATEGORY constants
- Extract processScan() to reduce scan() from 7→3 returns

ApiSandboxController:
- Inject appSecret via constructor (was 6x in method params)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
2026-03-23 21:39:23 +01:00
parent dad4a5fc50
commit 867eaadddf
2 changed files with 54 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
src/Controller/Api/ApiLiveController.php
View File

@@ -21,10 +21,19 @@ class ApiLiveController extends AbstractController
{
use ApiAuthTrait;
private const ERR_EVENT = 'Evenement introuvable.';
private const ERR_BILLET = 'Billet introuvable.';
private const ERR_CATEGORY = 'Categorie introuvable.';
public function __construct(
#[Autowire('%kernel.secret%')] private string $appSecret,
) {
}
#[Route('/events', name: 'app_api_live_events', methods: ['GET'])]
public function events(Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function events(Request $request, EntityManagerInterface $em): JsonResponse
{
$user = $this->authenticateRequest($request, $em, $appSecret);
$user = $this->authenticateRequest($request, $em, $this->appSecret);
if ($user instanceof JsonResponse) {
return $user;
}
@@ -48,16 +57,16 @@ class ApiLiveController extends AbstractController
}
#[Route('/events/{id}', name: 'app_api_live_event', requirements: ['id' => '\d+'], methods: ['GET'])]
public function event(int $id, Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function event(int $id, Request $request, EntityManagerInterface $em): JsonResponse
{
$user = $this->authenticateRequest($request, $em, $appSecret);
$user = $this->authenticateRequest($request, $em, $this->appSecret);
if ($user instanceof JsonResponse) {
return $user;
}
$event = $em->getRepository(Event::class)->find($id);
if (!$event || $event->getAccount()->getId() !== $user->getId()) {
return $this->error('Evenement introuvable.', 404);
return $this->error(self::ERR_EVENT, 404);
}
return $this->success([
@@ -76,16 +85,16 @@ class ApiLiveController extends AbstractController
}
#[Route('/events/{id}/categories', name: 'app_api_live_categories', requirements: ['id' => '\d+'], methods: ['GET'])]
public function categories(int $id, Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function categories(int $id, Request $request, EntityManagerInterface $em): JsonResponse
{
$user = $this->authenticateRequest($request, $em, $appSecret);
$user = $this->authenticateRequest($request, $em, $this->appSecret);
if ($user instanceof JsonResponse) {
return $user;
}
$event = $em->getRepository(Event::class)->find($id);
if (!$event || $event->getAccount()->getId() !== $user->getId()) {
return $this->error('Evenement introuvable.', 404);
return $this->error(self::ERR_EVENT, 404);
}
$categories = $em->getRepository(Category::class)->findBy(['event' => $event], ['position' => 'ASC']);
@@ -104,16 +113,16 @@ class ApiLiveController extends AbstractController
}
#[Route('/categories/{id}/billets', name: 'app_api_live_billets', requirements: ['id' => '\d+'], methods: ['GET'])]
public function billets(int $id, Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function billets(int $id, Request $request, EntityManagerInterface $em): JsonResponse
{
$user = $this->authenticateRequest($request, $em, $appSecret);
$user = $this->authenticateRequest($request, $em, $this->appSecret);
if ($user instanceof JsonResponse) {
return $user;
}
$category = $em->getRepository(Category::class)->find($id);
if (!$category || $category->getEvent()->getAccount()->getId() !== $user->getId()) {
return $this->error('Categorie introuvable.', 404);
return $this->error(self::ERR_CATEGORY, 404);
}
$billets = $em->getRepository(Billet::class)->findBy(['category' => $category], ['position' => 'ASC']);
@@ -150,16 +159,16 @@ class ApiLiveController extends AbstractController
}
#[Route('/billets/{id}', name: 'app_api_live_billet', requirements: ['id' => '\d+'], methods: ['GET'])]
public function billet(int $id, Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function billet(int $id, Request $request, EntityManagerInterface $em): JsonResponse
{
$user = $this->authenticateRequest($request, $em, $appSecret);
$user = $this->authenticateRequest($request, $em, $this->appSecret);
if ($user instanceof JsonResponse) {
return $user;
}
$billet = $em->getRepository(Billet::class)->find($id);
if (!$billet || $billet->getCategory()->getEvent()->getAccount()->getId() !== $user->getId()) {
return $this->error('Billet introuvable.', 404);
return $this->error(self::ERR_BILLET, 404);
}
$sold = $em->createQueryBuilder()
@@ -189,43 +198,36 @@ class ApiLiveController extends AbstractController
}
#[Route('/scan', name: 'app_api_live_scan', methods: ['POST'])]
public function scan(Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function scan(Request $request, EntityManagerInterface $em): JsonResponse
{
$user = $this->authenticateRequest($request, $em, $appSecret);
$user = $this->authenticateRequest($request, $em, $this->appSecret);
if ($user instanceof JsonResponse) {
return $user;
}
$data = json_decode($request->getContent(), true);
$reference = $data['reference'] ?? '';
$reference = (json_decode($request->getContent(), true) ?? [])['reference'] ?? '';
$ticket = '' !== $reference ? $em->getRepository(BilletOrder::class)->findOneBy(['reference' => $reference]) : null;
if ('' === $reference) {
return $this->error('Reference requise.', 400);
if (!$ticket || $ticket->getBilletBuyer()->getEvent()->getAccount()->getId() !== $user->getId()) {
return $this->error(!$ticket && '' === $reference ? 'Reference requise.' : self::ERR_BILLET, '' === $reference ? 400 : 404);
}
$ticket = $em->getRepository(BilletOrder::class)->findOneBy(['reference' => $reference]);
if (!$ticket) {
return $this->error('Billet introuvable.', 404);
}
return $this->success($this->processScan($ticket, $em));
}
$event = $ticket->getBilletBuyer()->getEvent();
if ($event->getAccount()->getId() !== $user->getId()) {
return $this->error('Billet introuvable.', 404);
}
$reasonMap = [
BilletOrder::STATE_INVALID => 'invalid',
BilletOrder::STATE_EXPIRED => 'expired',
];
/**
* @return array<string, mixed>
*/
private function processScan(BilletOrder $ticket, EntityManagerInterface $em): array
{
$reasonMap = [BilletOrder::STATE_INVALID => 'invalid', BilletOrder::STATE_EXPIRED => 'expired'];
if (isset($reasonMap[$ticket->getState()])) {
return $this->success($this->buildScanResponse('refused', $reasonMap[$ticket->getState()], $ticket));
return $this->buildScanResponse('refused', $reasonMap[$ticket->getState()], $ticket);
}
$hasDefinedExit = $ticket->getBillet()?->hasDefinedExit() ?? false;
if (null !== $ticket->getFirstScannedAt() && $hasDefinedExit) {
return $this->success($this->buildScanResponse('refused', 'exit_definitive', $ticket));
if (null !== $ticket->getFirstScannedAt() && ($ticket->getBillet()?->hasDefinedExit() ?? false)) {
return $this->buildScanResponse('refused', 'exit_definitive', $ticket);
}
if (null === $ticket->getFirstScannedAt()) {
@@ -233,7 +235,7 @@ class ApiLiveController extends AbstractController
$em->flush();
}
return $this->success($this->buildScanResponse('accepted', null, $ticket));
return $this->buildScanResponse('accepted', null, $ticket);
}
/**

25
src/Controller/Api/ApiSandboxController.php
View File

@@ -22,13 +22,14 @@ class ApiSandboxController extends AbstractController
public function __construct(
#[Autowire('%kernel.project_dir%')] private string $projectDir,
#[Autowire('%kernel.secret%')] private string $appSecret,
) {
}
#[Route('/events', name: 'app_api_sandbox_events', methods: ['GET'])]
public function events(Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function events(Request $request, EntityManagerInterface $em): JsonResponse
{
$auth = $this->authenticateRequest($request, $em, $appSecret);
$auth = $this->authenticateRequest($request, $em, $this->appSecret);
if ($auth instanceof JsonResponse) {
return $auth;
}
@@ -39,9 +40,9 @@ class ApiSandboxController extends AbstractController
}
#[Route('/events/{id}', name: 'app_api_sandbox_event', requirements: ['id' => '\d+'], methods: ['GET'])]
public function event(int $id, Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function event(int $id, Request $request, EntityManagerInterface $em): JsonResponse
{
$auth = $this->authenticateRequest($request, $em, $appSecret);
$auth = $this->authenticateRequest($request, $em, $this->appSecret);
if ($auth instanceof JsonResponse) {
return $auth;
}
@@ -57,9 +58,9 @@ class ApiSandboxController extends AbstractController
}
#[Route('/events/{id}/categories', name: 'app_api_sandbox_categories', requirements: ['id' => '\d+'], methods: ['GET'])]
public function categories(int $id, Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function categories(int $id, Request $request, EntityManagerInterface $em): JsonResponse
{
$auth = $this->authenticateRequest($request, $em, $appSecret);
$auth = $this->authenticateRequest($request, $em, $this->appSecret);
if ($auth instanceof JsonResponse) {
return $auth;
}
@@ -70,9 +71,9 @@ class ApiSandboxController extends AbstractController
}
#[Route('/categories/{id}/billets', name: 'app_api_sandbox_billets', requirements: ['id' => '\d+'], methods: ['GET'])]
public function billets(int $id, Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function billets(int $id, Request $request, EntityManagerInterface $em): JsonResponse
{
$auth = $this->authenticateRequest($request, $em, $appSecret);
$auth = $this->authenticateRequest($request, $em, $this->appSecret);
if ($auth instanceof JsonResponse) {
return $auth;
}
@@ -83,9 +84,9 @@ class ApiSandboxController extends AbstractController
}
#[Route('/billets/{id}', name: 'app_api_sandbox_billet', requirements: ['id' => '\d+'], methods: ['GET'])]
public function billet(int $id, Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function billet(int $id, Request $request, EntityManagerInterface $em): JsonResponse
{
$auth = $this->authenticateRequest($request, $em, $appSecret);
$auth = $this->authenticateRequest($request, $em, $this->appSecret);
if ($auth instanceof JsonResponse) {
return $auth;
}
@@ -101,9 +102,9 @@ class ApiSandboxController extends AbstractController
}
#[Route('/scan', name: 'app_api_sandbox_scan', methods: ['POST'])]
public function scan(Request $request, EntityManagerInterface $em, #[Autowire('%kernel.secret%')] string $appSecret): JsonResponse
public function scan(Request $request, EntityManagerInterface $em): JsonResponse
{
$auth = $this->authenticateRequest($request, $em, $appSecret);
$auth = $this->authenticateRequest($request, $em, $this->appSecret);
if ($auth instanceof JsonResponse) {
return $auth;
}