V2: Static code analysis phpstan level raised 0=>5 with fixes

phpstan.neon

@@ -1,5 +1,5 @@
 parameters:
-    level: 1
+    level: 5
     paths:
         - src
     excludePaths:

src/User/Bootstrap.php

@@ -15,10 +15,12 @@
 use Da\User\Contracts\AuthManagerInterface;
 use Da\User\Controller\SecurityController;
 use Da\User\Event\FormEvent;
+use Da\User\Form\LoginForm;
 use Da\User\Helper\ClassMapHelper;
 use Da\User\Model\SessionHistory;
 use Da\User\Model\User;
 use Da\User\Search\SessionHistorySearch;
+use Da\User\Traits\ModuleAwareTrait;
 use Yii;
 use yii\authclient\Collection;
 use yii\base\Application;
@@ -37,6 +39,8 @@
  */
 class Bootstrap implements BootstrapInterface
 {
+    use ModuleAwareTrait;
+
     /**
      * {@inheritdoc}
      *
@@ -57,7 +61,9 @@ public function bootstrap($app)
                 $this->initAuthCollection($app);
                 $this->initAuthManager($app);
             } else {
-                /* @var $app ConsoleApplication */
+                if(!($app instanceof ConsoleApplication)) {
+                    throw new InvalidConfigException();
+                }
                 $this->initConsoleCommands($app);
                 $this->initAuthManager($app);
             }
@@ -155,10 +161,12 @@ function () use ($model) {
             }
 
             // Attach an event to check if the password has expired
-            if (null !== Yii::$app->getModule('user')->maxPasswordAge) {
+            if (null !== $this->getModule()->maxPasswordAge) {
                 YiiEvent::on(SecurityController::class, FormEvent::EVENT_AFTER_LOGIN, function (FormEvent $event) {
-                    $user = $event->form->user;
-                    if ($user->password_age >= Yii::$app->getModule('user')->maxPasswordAge) {
+                    /** @var LoginForm $form */
+                    $form = $event->form;
+                    $user = $form->getUser();
+                    if ($user->password_age >= $this->getModule()->maxPasswordAge) {
                         // Force password change
                         Yii::$app->session->setFlash('warning', Yii::t('usuario', 'Your password has expired, you must change it now'));
                         Yii::$app->response->redirect(['/user/settings/account'])->send();
@@ -195,17 +203,17 @@ function () use ($model) {
                     ]
                 ];
 
-            $app->getModule('user')->twoFactorAuthenticationValidators = ArrayHelper::merge(
+            $this->getModule()->twoFactorAuthenticationValidators = ArrayHelper::merge(
                 $defaultTwoFactorAuthenticationValidators,
-                $app->getModule('user')->twoFactorAuthenticationValidators
+                $this->getModule()->twoFactorAuthenticationValidators
             );
 
             if ($app instanceof WebApplication) {
                 // override Yii
                 $di->set(
                     'yii\web\User',
                     [
-                        'enableAutoLogin' => $app->getModule('user')->enableAutoLogin,
+                        'enableAutoLogin' => $this->getModule()->enableAutoLogin,
                         'loginUrl' => ['/user/security/login'],
                         'identityClass' => $di->get(ClassMapHelper::class)->get(User::class),
                     ]
@@ -262,8 +270,7 @@ protected function initAuthManager(Application $app)
      */
     protected function initUrlRoutes(WebApplication $app)
     {
-        /** @var $module Module */
-        $module = $app->getModule('user');
+        $module = $this->getModule();
         $config = [
             'class' => 'yii\web\GroupUrlRule',
             'prefix' => $module->prefix,
@@ -300,19 +307,16 @@ protected function initUrlRestRoutes(WebApplication $app)
 
     /**
      * Ensures required mail parameters needed for the mail service.
-     *
-     * @param Application             $app
-     * @param Module|\yii\base\Module $module
      */
     protected function initMailServiceConfiguration(Application $app, Module $module)
     {
         $defaults = [
             'fromEmail' => '[email protected]',
-            'welcomeMailSubject' => Yii::t('usuario', 'Welcome to {0}', $app->name),
-            'confirmationMailSubject' => Yii::t('usuario', 'Confirm account on {0}', $app->name),
-            'reconfirmationMailSubject' => Yii::t('usuario', 'Confirm email change on {0}', $app->name),
-            'recoveryMailSubject' => Yii::t('usuario', 'Complete password reset on {0}', $app->name),
-            'twoFactorMailSubject' => Yii::t('usuario', 'Code for two factor authentication on {0}', $app->name),
+            'welcomeMailSubject' => Yii::t('usuario', 'Welcome to {0}', [$app->name]),
+            'confirmationMailSubject' => Yii::t('usuario', 'Confirm account on {0}', [$app->name]),
+            'reconfirmationMailSubject' => Yii::t('usuario', 'Confirm email change on {0}', [$app->name]),
+            'recoveryMailSubject' => Yii::t('usuario', 'Complete password reset on {0}', [$app->name]),
+            'twoFactorMailSubject' => Yii::t('usuario', 'Code for two factor authentication on {0}', [$app->name]),
         ];
 
         $module->mailParams = array_merge($defaults, $module->mailParams);
@@ -339,7 +343,7 @@ protected function initAuthCollection(WebApplication $app)
      */
     protected function initConsoleCommands(ConsoleApplication $app)
     {
-        $app->getModule('user')->controllerNamespace = $app->getModule('user')->consoleControllerNamespace;
+        $this->getModule()->controllerNamespace = $this->getModule()->consoleControllerNamespace;
     }
 
     /**
@@ -349,7 +353,6 @@ protected function initConsoleCommands(ConsoleApplication $app)
      */
     protected function initControllerNamespace(WebApplication $app)
     {
-        $app->getModule('user')->controllerNamespace = $app->getModule('user')->controllerNamespace;
         $app->getModule('user')->setViewPath($app->getModule('user')->viewPath);
     }
 

src/User/Command/CreateController.php

@@ -64,7 +64,7 @@ public function actionIndex($email, $username, $password = null, $role = null)
     protected function assignRole(User $user, $role)
     {
         $auth = Yii::$app->getAuthManager();
-        if (false === $auth) {
+        if (empty($auth)) {
             $this->stdout(
                 Yii::t(
                     'usuario',

src/User/Command/PasswordController.php

@@ -43,7 +43,7 @@ public function __construct($id, Module $module, UserQuery $userQuery, array $co
      */
     public function actionIndex($usernameOrEmail, $password)
     {
-        /** @var User $user */
+        /** @var ?User $user */
         $user = $this->userQuery->whereUsernameOrEmail($usernameOrEmail)->one();
 
         if ($user === null) {

src/User/Component/AuthDbManagerComponent.php

@@ -16,6 +16,7 @@
 use yii\db\Expression;
 use yii\db\Query;
 use yii\rbac\DbManager;
+use yii\rbac\Item;
 use yii\rbac\Role;
 
 class AuthDbManagerComponent extends DbManager implements AuthManagerInterface
@@ -24,7 +25,7 @@ class AuthDbManagerComponent extends DbManager implements AuthManagerInterface
      * @param int|null $type         If null will return all auth items
      * @param array    $excludeItems Items that should be excluded from result array
      *
-     * @return array
+     * @return Item[]
      */
     public function getItems($type = null, $excludeItems = [])
     {

src/User/Contracts/AuthManagerInterface.php

@@ -11,6 +11,7 @@
 
 namespace Da\User\Contracts;
 
+use yii\rbac\Item;
 use yii\rbac\ManagerInterface;
 
 interface AuthManagerInterface extends ManagerInterface
@@ -19,7 +20,7 @@ interface AuthManagerInterface extends ManagerInterface
      * @param int|null $type
      * @param array    $excludeItems
      *
-     * @return mixed
+     * @return Item[]
      */
     public function getItems($type = null, $excludeItems = []);
 

src/User/Controller/AdminController.php

@@ -36,6 +36,7 @@
 use yii\filters\VerbFilter;
 use yii\helpers\Url;
 use yii\web\Controller;
+use yii\web\NotFoundHttpException;
 
 class AdminController extends Controller
 {
@@ -140,7 +141,6 @@ public function actionCreate()
 
         /** @var UserEvent $event */
         $event = $this->make(UserEvent::class, [$user]);
-
         $this->make(AjaxRequestModelValidator::class, [$user])->validate();
 
         if ($user->load(Yii::$app->request->post()) && $user->validate()) {
@@ -161,7 +161,11 @@ public function actionCreate()
 
     public function actionUpdate($id)
     {
+        /** @var ?User $user */
         $user = $this->userQuery->where(['id' => $id])->one();
+        if($user === null) {
+            throw new NotFoundHttpException();
+        }
         $user->setScenario('update');
         /** @var UserEvent $event */
         $event = $this->make(UserEvent::class, [$user]);
@@ -187,9 +191,8 @@ public function actionUpdate($id)
 
     public function actionUpdateProfile($id)
     {
-        /** @var User $user */
+        /** @var ?User $user */
         $user = $this->userQuery->where(['id' => $id])->one();
-        /** @var Profile $profile */
         $profile = $user->profile;
         if ($profile === null) {
             $profile = $this->make(Profile::class);

src/User/Controller/RecoveryController.php

@@ -134,7 +134,7 @@ public function actionReset($id, $code)
         if (!$this->module->allowPasswordRecovery && !$this->module->allowAdminPasswordRecovery) {
             throw new NotFoundHttpException();
         }
-        /** @var Token $token */
+        /** @var ?Token $token */
         $token = $this->tokenQuery->whereUserId($id)->whereCode($code)->whereIsRecoveryType()->one();
         /** @var ResetPasswordEvent $event */
         $event = $this->make(ResetPasswordEvent::class, [$token]);

src/User/Controller/RegistrationController.php

@@ -157,7 +157,7 @@ public function actionConnect($code)
             throw new NotFoundHttpException();
         }
 
-        /** @var SocialNetworkAccount $account */
+        /** @var ?SocialNetworkAccount $account */
         $account = $this->socialNetworkAccountQuery->whereCode($code)->one();
         if ($account === null || $account->getIsConnected()) {
             throw new NotFoundHttpException();
@@ -205,7 +205,7 @@ public function actionConnect($code)
      */
     public function actionConfirm($id, $code)
     {
-        /** @var User $user */
+        /** @var ?User $user */
         $user = $this->userQuery->whereId($id)->one();
 
         if ($user === null || $this->module->enableEmailConfirmation === false) {
@@ -254,7 +254,7 @@ public function actionResend()
         $this->make(AjaxRequestModelValidator::class, [$form])->validate();
 
         if ($form->load(Yii::$app->request->post()) && $form->validate()) {
-            /** @var User $user */
+            /** @var ?User $user */
             $user = $this->userQuery->whereEmail($form->email)->one();
             $success = true;
             if ($user !== null) {

src/User/Controller/RuleController.php

@@ -21,6 +21,7 @@
 use Yii;
 use yii\filters\AccessControl;
 use yii\filters\VerbFilter;
+use yii\rbac\DbManager;
 use yii\web\Controller;
 use yii\web\NotFoundHttpException;
 
@@ -135,7 +136,9 @@ public function actionDelete($name)
         $rule = $this->findRule($name);
 
         $this->getAuthManager()->remove($rule);
-        $this->getAuthManager()->invalidateCache();
+        if($this->getAuthManager() instanceof DbManager) {
+            $this->getAuthManager()->invalidateCache();
+        }
 
         Yii::$app->getSession()->setFlash('success', Yii::t('usuario', 'Authorization rule has been removed.'));
         return $this->redirect(['index']);

src/User/Controller/SecurityController.php

@@ -217,7 +217,7 @@ public function actionConfirm()
                 return $this->goBack();
             }
         } else {
-            $module = Yii::$app->getModule('user');
+            $module = $this->getModule();
             $validators = $module->twoFactorAuthenticationValidators;
             $credentials = Yii::$app->session->get('credentials');
             $login = $credentials['login'];

src/User/Controller/SettingsController.php

@@ -38,6 +38,7 @@
 use Da\User\Validator\TwoFactorCodeValidator;
 use Da\User\Validator\TwoFactorEmailValidator;
 use Da\User\Validator\TwoFactorTextMessageValidator;
+use http\Exception\InvalidArgumentException;
 use Yii;
 use yii\base\DynamicModel;
 use yii\base\InvalidParamException;
@@ -463,7 +464,7 @@ public function actionTwoFactor($id)
         }
 
         $choice = Yii::$app->request->post('choice');
-        /** @var User $user */
+        /** @var ?User $user */
         $user = $this->userQuery->whereId($id)->one();
 
         if (null === $user) {
@@ -483,7 +484,7 @@ public function actionTwoFactor($id)
                 $smsCode = $this->make(TwoFactorSmsCodeGeneratorService::class, [$user])->run();
                 return $this->renderAjax('two-factor-sms', ['id' => $id, 'code' => $smsCode, 'mobilePhone' => $mobilePhone]);
             default:
-                throw new InvalidParamException("Invalid 2FA choice");
+                throw new InvalidArgumentException("Invalid 2FA choice");
         }
     }
 
@@ -495,7 +496,7 @@ public function actionTwoFactorEnable($id)
 
         Yii::$app->response->format = Response::FORMAT_JSON;
 
-        /** @var User $user */
+        /** @var ?User $user */
         $user = $this->userQuery->whereId($id)->one();
 
         if (null === $user) {
@@ -505,7 +506,7 @@ public function actionTwoFactorEnable($id)
             ];
         }
         $code = Yii::$app->request->get('code');
-        $module = Yii::$app->getModule('user');
+        $module = $this->getModule();
         $validators = $module->twoFactorAuthenticationValidators;
         $choice = Yii::$app->request->get('choice');
         $codeDurationTime = ArrayHelper::getValue($validators, $choice.'.codeDurationTime', 300);
@@ -533,9 +534,7 @@ public function actionTwoFactorDisable($id)
             throw new ForbiddenHttpException();
         }
 
-        /**
-        * @var User $user
-        */
+        /** @var ?User $user */
         $user = $this->userQuery->whereId($id)->one();
 
         if (null === $user) {
@@ -585,11 +584,7 @@ public function actionTwoFactorMobilePhone($id)
     {
         Yii::$app->response->format = Response::FORMAT_JSON;
 
-        /**
-        *
-        *
-        * @var User $user
-        */
+        /** @var ?User $user */
         $user = $this->userQuery->whereId($id)->one();
 
         if (null === $user) {
@@ -626,11 +621,7 @@ public function actionTwoFactorMobilePhone($id)
      */
     protected function disconnectSocialNetwork($id)
     {
-        /**
-        *
-        *
-        * @var SocialNetworkAccount $account
-        */
+        /** @var ?SocialNetworkAccount $account */
         $account = $this->socialNetworkAccountQuery->whereId($id)->one();
 
         if ($account === null) {