feat: add NoUserEntityGetStoreTokenRule

shyim · shyim · commit c7e0b430a01f · 2025-01-30T21:41:31.000+01:00
diff --git a/phpstan.neon b/phpstan.neon
@@ -3,10 +3,3 @@ parameters:
     paths:
         - src
 
-rules:
-    - Shopware\PhpStan\Rule\InternalFunctionCallRule
-    - Shopware\PhpStan\Rule\InternalMethodCallRule
-    - Shopware\PhpStan\Rule\DisallowFunctionsRule
-    - Shopware\PhpStan\Rule\DisallowDefaultContextCreation
-    - Shopware\PhpStan\Rule\SetForeignKeyRule
-    - Shopware\PhpStan\Rule\ScheduledTaskTooLowIntervalRule
diff --git a/rules.neon b/rules.neon
@@ -1,13 +1,15 @@
 rules:
+    - Shopware\PhpStan\Rule\DisallowDefaultContextCreation
+    - Shopware\PhpStan\Rule\ForbidGlobBraceRule
+    - Shopware\PhpStan\Rule\DisallowFunctionsRule
+    - Shopware\PhpStan\Rule\InternalClassExtendsRule
     - Shopware\PhpStan\Rule\InternalFunctionCallRule
     - Shopware\PhpStan\Rule\InternalMethodCallRule
-    - Shopware\PhpStan\Rule\DisallowFunctionsRule
-    - Shopware\PhpStan\Rule\DisallowDefaultContextCreation
-    - Shopware\PhpStan\Rule\SetForeignKeyRule
     - Shopware\PhpStan\Rule\MethodBecomesAbstractRule
+    - Shopware\PhpStan\Rule\NoUserEntityGetStoreTokenRule
+    - Shopware\PhpStan\Rule\NoUserEntityGetStoreTokenRule
     - Shopware\PhpStan\Rule\ScheduledTaskTooLowIntervalRule
-    - Shopware\PhpStan\Rule\InternalClassExtendsRule
-    - Shopware\PhpStan\Rule\ForbidGlobBraceRule
+    - Shopware\PhpStan\Rule\SetForeignKeyRule
 
 services:
     -
diff --git a/src/Rule/NoUserEntityGetStoreTokenRule.php b/src/Rule/NoUserEntityGetStoreTokenRule.php
@@ -0,0 +1,47 @@
+<?php
+
+namespace Shopware\PhpStan\Rule;
+
+use PhpParser\Node;
+use PhpParser\Node\Expr\MethodCall;
+use PHPStan\Analyser\Scope;
+use PHPStan\Rules\Rule;
+use PHPStan\Rules\RuleErrorBuilder;
+use PHPStan\Type\ObjectType;
+use Shopware\Core\System\User\UserEntity;
+
+/**
+ * @implements Rule<MethodCall>
+ */
+class NoUserEntityGetStoreTokenRule implements Rule
+{
+    public function getNodeType(): string
+    {
+        return MethodCall::class;
+    }
+
+    public function processNode(Node $node, Scope $scope): array
+    {
+        if (!$node->name instanceof Node\Identifier) {
+            return [];
+        }
+
+        if ($node->name->toString() !== 'getStoreToken') {
+            return [];
+        }
+
+        $callerType = $scope->getType($node->var);
+        $userEntityType = new ObjectType(UserEntity::class);
+
+        if (!$userEntityType->isSuperTypeOf($callerType)->yes()) {
+            return [];
+        }
+
+        return [
+            RuleErrorBuilder::message('Its not allowed to gather the store token')
+                ->identifier('shopware.noUserEntityGetStoreToken')
+                ->line($node->getLine())
+                ->build(),
+        ];
+    }
+}
diff --git a/src/Rule/SetForeignKeyRule.php b/src/Rule/SetForeignKeyRule.php
@@ -8,6 +8,7 @@
 use PHPStan\Rules\Rule;
 use PHPStan\Rules\RuleErrorBuilder;
 use Shopware\Core\Framework\Migration\MigrationStep;
+use Shopware\Core\Framework\Plugin;
 
 /**
  * @implements Rule<Node\Stmt\ClassMethod>
@@ -27,14 +28,13 @@ public function processNode(Node $node, Scope $scope): array
             return [];
         }
 
-
         $class = $scope->getClassReflection();
 
         if ($class === null) {
             return [];
         }
 
-        if ($class->getParentClass()?->getName() !== MigrationStep::class) {
+        if ($class->getParentClass()?->getName() !== MigrationStep::class && $class->getParentClass()?->getName() !== Plugin::class) {
             return [];
         }
 
diff --git a/tests/Rule/NoUserEntityGetStoreTokenRuleTest.php b/tests/Rule/NoUserEntityGetStoreTokenRuleTest.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Shopware\PhpStan\Tests\Rule;
+
+use PHPStan\Rules\Rule;
+use PHPStan\Testing\RuleTestCase;
+use Shopware\PhpStan\Rule\NoUserEntityGetStoreTokenRule;
+
+class NoUserEntityGetStoreTokenRuleTest extends RuleTestCase
+{
+    public function testAnalyse(): void
+    {
+        $this->analyse([__DIR__ . '/../data/NoUserEntityGetStoreTokenRule/context.php'], [
+            [
+                'Its not allowed to gather the store token',
+                6,
+            ],
+        ]);
+    }
+
+
+    protected function getRule(): Rule
+    {
+        return new NoUserEntityGetStoreTokenRule();
+    }
+}
diff --git a/tests/data/NoUserEntityGetStoreTokenRule/context.php b/tests/data/NoUserEntityGetStoreTokenRule/context.php
@@ -0,0 +1,6 @@
+<?php
+
+use Shopware\Core\System\User\UserEntity;
+
+$user = new UserEntity();
+$user->getStoreToken();

Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@`
`8`	`8`	`use PHPStan\Rules\Rule;`
`9`	`9`	`use PHPStan\Rules\RuleErrorBuilder;`
`10`	`10`	`use Shopware\Core\Framework\Migration\MigrationStep;`
	`11`	`+use Shopware\Core\Framework\Plugin;`
`11`	`12`
`12`	`13`	`/**`
`13`	`14`	`* @implements Rule<Node\Stmt\ClassMethod>`
`@@ -27,14 +28,13 @@ public function processNode(Node $node, Scope $scope): array`
`27`	`28`	`return [];`
`28`	`29`	`}`
`29`	`30`
`30`		`-`
`31`	`31`	`$class = $scope->getClassReflection();`
`32`	`32`
`33`	`33`	`if ($class === null) {`
`34`	`34`	`return [];`
`35`	`35`	`}`
`36`	`36`
`37`		`- if ($class->getParentClass()?->getName() !== MigrationStep::class) {`
	`37`	`+ if ($class->getParentClass()?->getName() !== MigrationStep::class && $class->getParentClass()?->getName() !== Plugin::class) {`
`38`	`38`	`return [];`
`39`	`39`	`}`
`40`	`40`