IdentificationVerifier - Code Metrics - Inspection of "Some minor bugfixes for newinternal" - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — newinternal (#285)

by Simon

created 2017-06-05 21:26 UTC

IdentificationVerifier A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	176
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	4

Test Coverage

Coverage

34.78%

Importance

Changes

Metric	Value
dl	0
loc	176
ccs	16
cts	46
cp	0.3478
rs	10
c	0
b	0
f	0
wmc	9
lcom	1
cbo	4

6 Methods

Rating	Name	Size	Complexity
A	__construct()	6	1
A	isUserIdentified()	16	3
A	checkIdentificationCache()	21	1
A	clearExpiredCacheEntries()	10	1
A	cacheIdentificationStatus()	15	1
B	isIdentifiedOnWiki()	26	2

<?php
/******************************************************************************
 * Wikipedia Account Creation Assistance tool                                 *
 *                                                                            *
 * All code in this file is released into the public domain by the ACC        *
 * Development Team. Please see team.json for a list of contributors.         *
 ******************************************************************************/

namespace Waca;

use PDO;

use Waca\Exceptions\CurlException;
use Waca\Exceptions\EnvironmentException;
use Waca\Helpers\HttpHelper;

/**
 * Class IdentificationVerifier
 *
 * Handles automatically verifying if users are identified with the Wikimedia Foundation or not.  Intended to be used
 * as necessary by the User class when a user's "forceidentified" attribute is NULL.
 *
 * @package  Waca
 * @author   Andrew "FastLizard4" Adams
 * @category Security-Critical
 */
class IdentificationVerifier
{
    /**
     * This field is an array of parameters, in key => value format, that should be appended to the Meta Wikimedia
     * Web Service Endpoint URL to query if a user is listed on the Identification Noticeboard.  Note that URL encoding
     * of these values is *not* necessary; this is done automatically.
     *
     * @var string[]
     * @category Security-Critical
     */
    private static $apiQueryParameters = array(
        'action'   => 'query',
        'format'   => 'json',
        'prop'     => 'links',
        'titles'   => 'Access to nonpublic information policy/Noticeboard',
        // Username of the user to be checked, with User: prefix, goes here!  Set in isIdentifiedOnWiki()
        'pltitles' => '',
    );
    /** @var HttpHelper */
    private $httpHelper;
    /** @var SiteConfiguration */
    private $siteConfiguration;
    /** @var PdoDatabase */
    private $dbObject;

    /**
     * IdentificationVerifier constructor.
     *
     * @param HttpHelper        $httpHelper
     * @param SiteConfiguration $siteConfiguration
     * @param PdoDatabase       $dbObject
     */
    public function __construct(HttpHelper $httpHelper, SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
    {
        $this->httpHelper = $httpHelper;
        $this->siteConfiguration = $siteConfiguration;
        $this->dbObject = $dbObject;
    }

    /**
     * Checks if the given user is identified to the Wikimedia Foundation.
     *
     * @param string $onWikiName The Wikipedia username of the user
     *
     * @return bool
     * @category Security-Critical
     */
    public function isUserIdentified($onWikiName)
    {
        if ($this->checkIdentificationCache($onWikiName)) {
            return true;
        }
        else {
            if ($this->isIdentifiedOnWiki($onWikiName)) {
                $this->cacheIdentificationStatus($onWikiName);

                return true;
            }
            else {
                return false;
            }
        }
    }

    /**
     * Checks if the given user has a valid entry in the idcache table.
     *
     * @param string $onWikiName The Wikipedia username of the user
     *
     * @return bool
     * @category Security-Critical
     */
    private function checkIdentificationCache($onWikiName)
    {
        $interval = $this->siteConfiguration->getIdentificationCacheExpiry();

        $query = <<<SQL
			SELECT COUNT(`id`)
			FROM `idcache`
			WHERE `onwikiusername` = :onwikiname
				AND DATE_ADD(`checktime`, INTERVAL {$interval}) >= NOW();
SQL;
        $stmt = $this->dbObject->prepare($query);
        $stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
        $stmt->execute();

        // Guaranteed by the query to only return a single row with a single column
        $results = $stmt->fetch(PDO::FETCH_NUM);

        // I don't expect this to ever be a value other than 0 or 1 since the `onwikiusername` column is declared as a
        // unique key - but meh.
        return $results[0] != 0;
    }

    /**
     * Does pretty much exactly what it says on the label - this method will clear all expired idcache entries from the
     * idcache table.  Meant to be called periodically by a maintenance script.
     *
     * @param SiteConfiguration $siteConfiguration
     * @param PdoDatabase       $dbObject
     *
     * @return void
     */
    public static function clearExpiredCacheEntries(SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
    {
        $interval = $siteConfiguration->getIdentificationCacheExpiry();

        $query = <<<SQL
			DELETE FROM `idcache`
			WHERE DATE_ADD(`checktime`, INTERVAL {$interval}) < NOW();
SQL;
        $dbObject->prepare($query)->execute();
    }

    /**
     * This method will add an entry to the idcache that the given Wikipedia user has been verified as identified.  This
     * is so we don't have to hit the API every single time we check.  The cache entry is valid for as long as specified
     * in the ACC configuration (validity enforced by checkIdentificationCache() and clearExpiredCacheEntries()).
     *
     * @param string $onWikiName The Wikipedia username of the user
     *
     * @return void
     * @category Security-Critical
     */
    private function cacheIdentificationStatus($onWikiName)
    {
        $query = <<<SQL
			INSERT INTO `idcache`
				(`onwikiusername`)
			VALUES
				(:onwikiname)
			ON DUPLICATE KEY UPDATE
				`onwikiusername` = VALUES(`onwikiusername`),
				`checktime` = CURRENT_TIMESTAMP;
SQL;
        $stmt = $this->dbObject->prepare($query);
        $stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
        $stmt->execute();
    }

    /**
     * Queries the Wikimedia API to determine if the specified user is listed on the identification noticeboard.
     *
     * @param string $onWikiName The Wikipedia username of the user
     *
     * @return bool
     * @throws EnvironmentException
     * @category Security-Critical
     */
    private function isIdentifiedOnWiki($onWikiName)
    {
        $strings = new StringFunctions();

        // First character of Wikipedia usernames is always capitalized.
        $onWikiName = $strings->ucfirst($onWikiName);

        $parameters = self::$apiQueryParameters;
        $parameters['pltitles'] = "User:" . $onWikiName;

        try {
            $endpoint = $this->siteConfiguration->getMetaWikimediaWebServiceEndpoint();
            $response = $this->httpHelper->get($endpoint, $parameters);
            $response = json_decode($response, true);
        } catch (CurlException $ex) {
            // failed getting identification status, so throw a nicer error.
            $m = 'Could not contact metawiki API to determine user\' identification status. '
                . 'This is probably a transient error, so please try again.';

            throw new EnvironmentException($m, 0, $ex);

        }

        $page = @array_pop($response['query']['pages']);

        return @$page['links'][0]['title'] === "User:" . $onWikiName;
    }
}


1		<?php
2		/******************************************************************************
3		* Wikipedia Account Creation Assistance tool *
4		* *
5		* All code in this file is released into the public domain by the ACC *
6		* Development Team. Please see team.json for a list of contributors. *
7		******************************************************************************/
8
9		namespace Waca;
10
11		use PDO;
12
13		use Waca\Exceptions\CurlException;
14		use Waca\Exceptions\EnvironmentException;
15		use Waca\Helpers\HttpHelper;
16
17		/**
18		* Class IdentificationVerifier
19		*
20		* Handles automatically verifying if users are identified with the Wikimedia Foundation or not. Intended to be used
21		* as necessary by the User class when a user's "forceidentified" attribute is NULL.
22		*
23		* @package Waca
24		* @author Andrew "FastLizard4" Adams
25		* @category Security-Critical
26		*/
27		class IdentificationVerifier
28		{
29		/**
30		* This field is an array of parameters, in key => value format, that should be appended to the Meta Wikimedia
31		* Web Service Endpoint URL to query if a user is listed on the Identification Noticeboard. Note that URL encoding
32		* of these values is not necessary; this is done automatically.
33		*
34		* @var string[]
35		* @category Security-Critical
36		*/
37		private static $apiQueryParameters = array(
38		'action' => 'query',
39		'format' => 'json',
40		'prop' => 'links',
41		'titles' => 'Access to nonpublic information policy/Noticeboard',
42		// Username of the user to be checked, with User: prefix, goes here! Set in isIdentifiedOnWiki()
43		'pltitles' => '',
44		);
45		/** @var HttpHelper */
46		private $httpHelper;
47		/** @var SiteConfiguration */
48		private $siteConfiguration;
49		/** @var PdoDatabase */
50		private $dbObject;
51
52		/**
53		* IdentificationVerifier constructor.
54		*
55		* @param HttpHelper $httpHelper
56		* @param SiteConfiguration $siteConfiguration
57		* @param PdoDatabase $dbObject
58		*/
59	1	public function __construct(HttpHelper $httpHelper, SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
60		{
61	1	$this->httpHelper = $httpHelper;
62	1	$this->siteConfiguration = $siteConfiguration;
63	1	$this->dbObject = $dbObject;
64	1	}
65
66		/**
67		* Checks if the given user is identified to the Wikimedia Foundation.
68		*
69		* @param string $onWikiName The Wikipedia username of the user
70		*
71		* @return bool
72		* @category Security-Critical
73		*/
74		public function isUserIdentified($onWikiName)
75		{
76		if ($this->checkIdentificationCache($onWikiName)) {
77		return true;
78		}
79		else {
80		if ($this->isIdentifiedOnWiki($onWikiName)) {
81		$this->cacheIdentificationStatus($onWikiName);
82
83		return true;
84		}
85		else {
86		return false;
87		}
88		}
89		}
90
91		/**
92		* Checks if the given user has a valid entry in the idcache table.
93		*
94		* @param string $onWikiName The Wikipedia username of the user
95		*
96		* @return bool
97		* @category Security-Critical
98		*/
99		private function checkIdentificationCache($onWikiName)
100		{
101		$interval = $this->siteConfiguration->getIdentificationCacheExpiry();
102
103		$query = <<<SQL
104		SELECT COUNT(`id`)
105		FROM `idcache`
106		WHERE `onwikiusername` = :onwikiname
107		AND DATE_ADD(`checktime`, INTERVAL {$interval}) >= NOW();
108		SQL;
109		$stmt = $this->dbObject->prepare($query);
110		$stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
111		$stmt->execute();
112
113		// Guaranteed by the query to only return a single row with a single column
114		$results = $stmt->fetch(PDO::FETCH_NUM);
115
116		// I don't expect this to ever be a value other than 0 or 1 since the `onwikiusername` column is declared as a
117		// unique key - but meh.
118		return $results[0] != 0;
119		}
120
121		/**
122		* Does pretty much exactly what it says on the label - this method will clear all expired idcache entries from the
123		* idcache table. Meant to be called periodically by a maintenance script.
124		*
125		* @param SiteConfiguration $siteConfiguration
126		* @param PdoDatabase $dbObject
127		*
128		* @return void
129		*/
130		public static function clearExpiredCacheEntries(SiteConfiguration $siteConfiguration, PdoDatabase $dbObject)
131		{
132		$interval = $siteConfiguration->getIdentificationCacheExpiry();
133
134		$query = <<<SQL
135		DELETE FROM `idcache`
136		WHERE DATE_ADD(`checktime`, INTERVAL {$interval}) < NOW();
137		SQL;
138		$dbObject->prepare($query)->execute();
139		}
140
141		/**
142		* This method will add an entry to the idcache that the given Wikipedia user has been verified as identified. This
143		* is so we don't have to hit the API every single time we check. The cache entry is valid for as long as specified
144		* in the ACC configuration (validity enforced by checkIdentificationCache() and clearExpiredCacheEntries()).
145		*
146		* @param string $onWikiName The Wikipedia username of the user
147		*
148		* @return void
149		* @category Security-Critical
150		*/
151		private function cacheIdentificationStatus($onWikiName)
152		{
153		$query = <<<SQL
154		INSERT INTO `idcache`
155		(`onwikiusername`)
156		VALUES
157		(:onwikiname)
158		ON DUPLICATE KEY UPDATE
159		`onwikiusername` = VALUES(`onwikiusername`),
160		`checktime` = CURRENT_TIMESTAMP;
161		SQL;
162		$stmt = $this->dbObject->prepare($query);
163		$stmt->bindValue(':onwikiname', $onWikiName, PDO::PARAM_STR);
164		$stmt->execute();
165		}
166
167		/**
168		* Queries the Wikimedia API to determine if the specified user is listed on the identification noticeboard.
169		*
170		* @param string $onWikiName The Wikipedia username of the user
171		*
172		* @return bool
173		* @throws EnvironmentException
174		* @category Security-Critical
175		*/
176	1	private function isIdentifiedOnWiki($onWikiName)
177		{
178	1	$strings = new StringFunctions();
179
180		// First character of Wikipedia usernames is always capitalized.
181	1	$onWikiName = $strings->ucfirst($onWikiName);
182
183	1	$parameters = self::$apiQueryParameters;
184	1	$parameters['pltitles'] = "User:" . $onWikiName;
185
186		try {
187	1	$endpoint = $this->siteConfiguration->getMetaWikimediaWebServiceEndpoint();
188	1	$response = $this->httpHelper->get($endpoint, $parameters);
189	1	$response = json_decode($response, true);
190	1	} catch (CurlException $ex) {
191		// failed getting identification status, so throw a nicer error.
192		$m = 'Could not contact metawiki API to determine user\' identification status. '
193		. 'This is probably a transient error, so please try again.';
194
195		throw new EnvironmentException($m, 0, $ex);
		0 ignored issues – show Unused Code introduced 2017-01-29 14:39 UTC by Report Bug Copy Issue Report The call to `EnvironmentException::__construct()` has too many arguments starting with `0`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
196		}
197
198	1	$page = @array_pop($response['query']['pages']);
199
200	1	return @$page['links'][0]['title'] === "User:" . $onWikiName;
201		}
202		}
203

enwikipedia-acc / waca

Pull Request — newinternal (#285)

IdentificationVerifier A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

6 Methods

Duplication Side-by-Side

Filter issues like