Improve auth middleware logic

williamdes · williamdes · commit bbb2973f5a2f · 2026-02-20T12:15:06.000+01:00
diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon
@@ -108,12 +108,6 @@ parameters:
 			count: 1
 			path: src/Controller/DevelopersController.php
 
-		-
-			message: '#^Method `redirect\(\)` must be used to prevent unreachable code\. Use `return \$this\-\>redirect\(\)` or assign it to a variable\.$#'
-			identifier: cake.controller.redirectMustBeUsed
-			count: 1
-			path: src/Controller/DevelopersController.php
-
 		-
 			message: '#^Parameter \#1 \$payload of method App\\Controller\\EventsController\:\:getHash\(\) expects string, string\|false given\.$#'
 			identifier: argument.type
diff --git a/src/Middleware/AuthenticationMiddleware.php b/src/Middleware/AuthenticationMiddleware.php
@@ -134,16 +134,19 @@ protected function isWriteAccessRequired(ServerRequest $request): bool
 
         // Check for the controller name
         if (! isset(self::READ_ONLY_ACCESS_CONTROL_LIST[$controllerName])) {
-            // Not public
-            return false;
+            return false;// The controller is not in the list
         }
 
         // Require for all actions ?
         if (self::READ_ONLY_ACCESS_CONTROL_LIST[$controllerName] === '*') {
-            return true;
+            return true;// Needs write access
         }
 
         // Check for the specific action name
-        return in_array($action, self::READ_ONLY_ACCESS_CONTROL_LIST[$controllerName]);
+        if (in_array($action, self::READ_ONLY_ACCESS_CONTROL_LIST[$controllerName])) {// phpcs:ignore SlevomatCodingStandard.ControlStructures.UselessIfConditionWithReturn.UselessIfCondition
+            return true;// Needs write access
+        }
+
+        return false;// phpcs:ignore SlevomatCodingStandard.ControlStructures.UselessIfConditionWithReturn.UselessIfCondition
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -134,16 +134,19 @@ protected function isWriteAccessRequired(ServerRequest $request): bool`
`134`	`134`
`135`	`135`	`// Check for the controller name`
`136`	`136`	`if (! isset(self::READ_ONLY_ACCESS_CONTROL_LIST[$controllerName])) {`
`137`		`- // Not public`
`138`		`- return false;`
	`137`	`+ return false;// The controller is not in the list`
`139`	`138`	`}`
`140`	`139`
`141`	`140`	`// Require for all actions ?`
`142`	`141`	`if (self::READ_ONLY_ACCESS_CONTROL_LIST[$controllerName] === '*') {`
`143`		`- return true;`
	`142`	`+ return true;// Needs write access`
`144`	`143`	`}`
`145`	`144`
`146`	`145`	`// Check for the specific action name`
`147`		`- return in_array($action, self::READ_ONLY_ACCESS_CONTROL_LIST[$controllerName]);`
	`146`	`+ if (in_array($action, self::READ_ONLY_ACCESS_CONTROL_LIST[$controllerName])) {// phpcs:ignore SlevomatCodingStandard.ControlStructures.UselessIfConditionWithReturn.UselessIfCondition`
	`147`	`+ return true;// Needs write access`
	`148`	`+ }`
	`149`	`+`
	`150`	`+ return false;// phpcs:ignore SlevomatCodingStandard.ControlStructures.UselessIfConditionWithReturn.UselessIfCondition`
`148`	`151`	`}`
`149`	`152`	`}`