rspec/rules/S5808/php/rule.adoc

== Why is this an issue?

include::../description.adoc[]

=== Noncompliant code example

In a Symfony web application:

* the ``++vote++`` method of a https://symfony.com/doc/current/security/voters.html[VoterInterface] type is not compliant when it returns only an affirmative decision (``++ACCESS_GRANTED++``):

[source,php]
----
class NoncompliantVoterInterface implements VoterInterface
{
    public function vote(TokenInterface $token, $subject, array $attributes)
    {
        return self::ACCESS_GRANTED; // Noncompliant
    }
}
----

* the ``++voteOnAttribute++`` method of a https://symfony.com/doc/current/security/voters.html[Voter] type is not compliant when it returns only an affirmative decision (``++true++``):

[source,php]
----
class NoncompliantVoter extends Voter
{
    protected function supports(string $attribute, $subject)
    {
        return true;
    }

    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token)
    {
        return true; // Noncompliant
    }
}
----

In a Laravel web application:

* the ``++define++``, ``++before++``, and ``++after++`` methods of a https://laravel.com/docs/8.x/authorization[Gate] are not compliant when they return only an affirmative decision (``++true++`` or ``++Response::allow()++``):

[source,php]
----
class NoncompliantGuard
{
    public function boot()
    {
        Gate::define('xxx', function ($user) {
            return true; // Noncompliant
        });

        Gate::define('xxx', function ($user) {
            return Response::allow(); // Noncompliant
        });
    }
}
----

=== Compliant solution

In a Symfony web application:

* the ``++vote++`` method of a https://symfony.com/doc/current/security/voters.html[VoterInterface] type should return a negative decision (``++ACCESS_DENIED++``) or abstain from making a decision (``++ACCESS_ABSTAIN++``):

[source,php]
----
class CompliantVoterInterface implements VoterInterface
{
    public function vote(TokenInterface $token, $subject, array $attributes)
    {
        if (foo()) {
            return self::ACCESS_GRANTED; // Compliant
        } else if (bar()) {
            return self::ACCESS_ABSTAIN;
        }
        return self::ACCESS_DENIED;
    }
}
----

* the ``++voteOnAttribute++`` method of a https://symfony.com/doc/current/security/voters.html[Voter] type should return a negative decision (``++false++``):

[source,php]
----
class CompliantVoter extends Voter
{
    protected function supports(string $attribute, $subject)
    {
        return true;
    }

    protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token)
    {
        if (foo()) {
            return true; // Compliant
        }
        return false;
    }
}
----

In a Laravel web application:

* the ``++define++``, ``++before++``, and ``++after++`` methods of a https://laravel.com/docs/8.x/authorization[Gate] should return a negative decision (``++false++`` or ``++Response::deny()++``) or abstain from making a decision (``++null++``):

[source,php]
----
class NoncompliantGuard
{
    public function boot()
    {
        Gate::define('xxx', function ($user) {
            if (foo()) {
                return true; // Compliant
            }
            return false;
        });

        Gate::define('xxx', function ($user) {
            if (foo()) {
                return Response::allow(); // Compliant
            }
            return Response::deny();
        });
    }
}
----

include::../see.adoc[]
ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::message.adoc[]

include::highlighting.adoc[]

endif::env-github,rspecator-view[]
migrate rule descriptions to new education format 2023-05-03 11:06:20 +02:00			`== Why is this an issue?`

Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`include::../description.adoc[]`

migrate rule descriptions to new education format 2023-05-03 11:06:20 +02:00			`=== Noncompliant code example`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
			`In a Symfony web application:`

make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00			* the ``++vote++`` method of a https://symfony.com/doc/current/security/voters.html[VoterInterface] type is not compliant when it returns only an affirmative decision (``++ACCESS_GRANTED++``):
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,php]`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`----`
			`class NoncompliantVoterInterface implements VoterInterface`
			`{`
			`public function vote(TokenInterface $token, $subject, array $attributes)`
			`{`
			`return self::ACCESS_GRANTED; // Noncompliant`
			`}`
			`}`
			`----`

make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00			* the ``++voteOnAttribute++`` method of a https://symfony.com/doc/current/security/voters.html[Voter] type is not compliant when it returns only an affirmative decision (``++true++``):
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,php]`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`----`
			`class NoncompliantVoter extends Voter`
			`{`
			`protected function supports(string $attribute, $subject)`
			`{`
			`return true;`
			`}`

			`protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token)`
			`{`
			`return true; // Noncompliant`
			`}`
			`}`
			`----`

			`In a Laravel web application:`

make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00			* the ``++define++``, ``++before++``, and ``++after++`` methods of a https://laravel.com/docs/8.x/authorization[Gate] are not compliant when they return only an affirmative decision (``++true++`` or ``++Response::allow()++``):
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,php]`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`----`
			`class NoncompliantGuard`
			`{`
			`public function boot()`
			`{`
			`Gate::define('xxx', function ($user) {`
			`return true; // Noncompliant`
			`});`

			`Gate::define('xxx', function ($user) {`
			`return Response::allow(); // Noncompliant`
			`});`
			`}`
			`}`
			`----`

migrate rule descriptions to new education format 2023-05-03 11:06:20 +02:00			`=== Compliant solution`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
			`In a Symfony web application:`

make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00			* the ``++vote++`` method of a https://symfony.com/doc/current/security/voters.html[VoterInterface] type should return a negative decision (``++ACCESS_DENIED++``) or abstain from making a decision (``++ACCESS_ABSTAIN++``):
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,php]`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`----`
			`class CompliantVoterInterface implements VoterInterface`
			`{`
			`public function vote(TokenInterface $token, $subject, array $attributes)`
			`{`
			`if (foo()) {`
			`return self::ACCESS_GRANTED; // Compliant`
			`} else if (bar()) {`
			`return self::ACCESS_ABSTAIN;`
			`}`
			`return self::ACCESS_DENIED;`
			`}`
			`}`
			`----`

make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00			* the ``++voteOnAttribute++`` method of a https://symfony.com/doc/current/security/voters.html[Voter] type should return a negative decision (``++false++``):
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,php]`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`----`
			`class CompliantVoter extends Voter`
			`{`
			`protected function supports(string $attribute, $subject)`
			`{`
			`return true;`
			`}`

			`protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token)`
			`{`
			`if (foo()) {`
			`return true; // Compliant`
			`}`
			`return false;`
			`}`
			`}`
			`----`

			`In a Laravel web application:`

make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00			* the ``++define++``, ``++before++``, and ``++after++`` methods of a https://laravel.com/docs/8.x/authorization[Gate] should return a negative decision (``++false++`` or ``++Response::deny()++``) or abstain from making a decision (``++null++``):
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,php]`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`----`
			`class NoncompliantGuard`
			`{`
			`public function boot()`
			`{`
			`Gate::define('xxx', function ($user) {`
			`if (foo()) {`
			`return true; // Compliant`
			`}`
			`return false;`
			`});`

			`Gate::define('xxx', function ($user) {`
			`if (foo()) {`
			`return Response::allow(); // Compliant`
			`}`
			`return Response::deny();`
			`});`
			`}`
			`}`
			`----`

			`include::../see.adoc[]`
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346) 2021-09-20 15:38:42 +02:00			`ifdef::env-github,rspecator-view[]`

			`'''`
			`== Implementation Specification`
			`(visible only on this page)`

			`include::message.adoc[]`

			`include::highlighting.adoc[]`

			`endif::env-github,rspecator-view[]`