enwikipedia-acc / waca

includes/Security/RoleConfiguration.php

Indentation +360 added lines, -360 removed lines

@@ -47,391 +47,391 @@
 
 class RoleConfiguration
 {
-    const ACCESS_ALLOW = 1;
-    const ACCESS_DENY = -1;
-    const ACCESS_DEFAULT = 0;
-    const MAIN = 'main';
-    const ALL = '*';
-    /**
-     * A map of roles to rights
-     *
-     * For example:
-     *
-     * array(
-     *   'myrole' => array(
-     *       PageMyPage::class => array(
-     *           'edit' => self::ACCESS_ALLOW,
-     *           'create' => self::ACCESS_DENY,
-     *       )
-     *   )
-     * )
-     *
-     * Note that DENY takes precedence over everything else when roles are combined, followed by ALLOW, followed by
-     * DEFAULT. Thus, if you have the following ([A]llow, [D]eny, [-] (default)) grants in different roles, this should
-     * be the expected result:
-     *
-     * - (-,-,-) = - (default because nothing to explicitly say allowed or denied equates to a denial)
-     * - (A,-,-) = A
-     * - (D,-,-) = D
-     * - (A,D,-) = D (deny takes precedence over allow)
-     * - (A,A,A) = A (repetition has no effect)
-     *
-     * The public role is special, and is applied to all users automatically. Avoid using deny on this role.
-     *
-     * @var array
-     */
-    private $roleConfig = array(
-        'public'            => array(
-            /*
+	const ACCESS_ALLOW = 1;
+	const ACCESS_DENY = -1;
+	const ACCESS_DEFAULT = 0;
+	const MAIN = 'main';
+	const ALL = '*';
+	/**
+	 * A map of roles to rights
+	 *
+	 * For example:
+	 *
+	 * array(
+	 *   'myrole' => array(
+	 *       PageMyPage::class => array(
+	 *           'edit' => self::ACCESS_ALLOW,
+	 *           'create' => self::ACCESS_DENY,
+	 *       )
+	 *   )
+	 * )
+	 *
+	 * Note that DENY takes precedence over everything else when roles are combined, followed by ALLOW, followed by
+	 * DEFAULT. Thus, if you have the following ([A]llow, [D]eny, [-] (default)) grants in different roles, this should
+	 * be the expected result:
+	 *
+	 * - (-,-,-) = - (default because nothing to explicitly say allowed or denied equates to a denial)
+	 * - (A,-,-) = A
+	 * - (D,-,-) = D
+	 * - (A,D,-) = D (deny takes precedence over allow)
+	 * - (A,A,A) = A (repetition has no effect)
+	 *
+	 * The public role is special, and is applied to all users automatically. Avoid using deny on this role.
+	 *
+	 * @var array
+	 */
+	private $roleConfig = array(
+		'public'            => array(
+			/*
              * THIS ROLE IS GRANTED TO ALL LOGGED *OUT* USERS IMPLICITLY.
              *
              * USERS IN THIS ROLE DO NOT HAVE TO BE IDENTIFIED TO GET THE RIGHTS CONFERRED HERE.
              * DO NOT ADD ANY SECURITY-SENSITIVE RIGHTS HERE.
              */
-            '_childRoles'   => array(
-                'publicStats',
-            ),
-            PageTeam::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageXffDemo::class        => array(
-                self::MAIN  => self::ACCESS_ALLOW,
-            )
-        ),
-        'loggedIn'          => array(
-            /*
+			'_childRoles'   => array(
+				'publicStats',
+			),
+			PageTeam::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageXffDemo::class        => array(
+				self::MAIN  => self::ACCESS_ALLOW,
+			)
+		),
+		'loggedIn'          => array(
+			/*
              * THIS ROLE IS GRANTED TO ALL LOGGED IN USERS IMPLICITLY.
              *
              * USERS IN THIS ROLE DO NOT HAVE TO BE IDENTIFIED TO GET THE RIGHTS CONFERRED HERE.
              * DO NOT ADD ANY SECURITY-SENSITIVE RIGHTS HERE.
              */
-            '_childRoles'             => array(
-                'public',
-            ),
-            PagePreferences::class    => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'refreshOAuth' => self::ACCESS_ALLOW,
-            ),
-            PageChangePassword::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageMultiFactor::class    => array(
-                self::MAIN          => self::ACCESS_ALLOW,
-                'scratch'           => self::ACCESS_ALLOW,
-                'enableYubikeyOtp'  => self::ACCESS_ALLOW,
-                'disableYubikeyOtp' => self::ACCESS_ALLOW,
-                'enableTotp'        => self::ACCESS_ALLOW,
-                'disableTotp'       => self::ACCESS_ALLOW,
-            ),
-            PageOAuth::class          => array(
-                'attach' => self::ACCESS_ALLOW,
-                'detach' => self::ACCESS_ALLOW,
-            ),
-        ),
-        'user'              => array(
-            '_description'                       => 'A standard tool user.',
-            '_editableBy'                        => array('admin', 'toolRoot'),
-            '_childRoles'                        => array(
-                'internalStats',
-            ),
-            PageMain::class                      => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageBan::class                       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageEditComment::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageEmailManagement::class           => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'view'     => self::ACCESS_ALLOW,
-            ),
-            PageExpandedRequestList::class       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageLog::class                       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageSearch::class                    => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageWelcomeTemplateManagement::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'select'   => self::ACCESS_ALLOW,
-                'view'     => self::ACCESS_ALLOW,
-            ),
-            PageViewRequest::class               => array(
-                self::MAIN       => self::ACCESS_ALLOW,
-                'seeAllRequests' => self::ACCESS_ALLOW,
-            ),
-            'RequestData'                        => array(
-                'seePrivateDataWhenReserved' => self::ACCESS_ALLOW,
-                'seePrivateDataWithHash'     => self::ACCESS_ALLOW,
-            ),
-            PageCustomClose::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageComment::class                   => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageCloseRequest::class              => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageCreateRequest::class             => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageDeferRequest::class              => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageDropRequest::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageReservation::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageSendToUser::class                => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageBreakReservation::class          => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageJobQueue::class                  => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'view'     => self::ACCESS_ALLOW,
-                'all'      => self::ACCESS_ALLOW,
-            ),
-            'RequestCreation'                    => array(
-                User::CREATION_MANUAL => self::ACCESS_ALLOW,
-            ),
-            'GlobalInfo'                         => array(
-                'viewSiteNotice' => self::ACCESS_ALLOW,
-                'viewOnlineUsers' => self::ACCESS_ALLOW,
-            ),
-        ),
-        'admin'             => array(
-            '_description'                       => 'A tool administrator.',
-            '_editableBy'                        => array('admin', 'toolRoot'),
-            '_childRoles'                        => array(
-                'user',
-                'requestAdminTools',
-            ),
-            PageEmailManagement::class           => array(
-                'edit'   => self::ACCESS_ALLOW,
-                'create' => self::ACCESS_ALLOW,
-            ),
-            PageSiteNotice::class                => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageUserManagement::class            => array(
-                self::MAIN  => self::ACCESS_ALLOW,
-                'approve'   => self::ACCESS_ALLOW,
-                'decline'   => self::ACCESS_ALLOW,
-                'rename'    => self::ACCESS_ALLOW,
-                'editUser'  => self::ACCESS_ALLOW,
-                'suspend'   => self::ACCESS_ALLOW,
-                'editRoles' => self::ACCESS_ALLOW,
-            ),
-            PageWelcomeTemplateManagement::class => array(
-                'edit'   => self::ACCESS_ALLOW,
-                'delete' => self::ACCESS_ALLOW,
-                'add'    => self::ACCESS_ALLOW,
-            ),
-            PageJobQueue::class                  => array(
-                'acknowledge' => self::ACCESS_ALLOW,
-                'requeue'     => self::ACCESS_ALLOW,
-            ),
-        ),
-        'checkuser'         => array(
-            '_description'            => 'A user with CheckUser access',
-            '_editableBy'             => array('checkuser', 'toolRoot'),
-            '_childRoles'             => array(
-                'user',
-                'requestAdminTools',
-            ),
-            PageUserManagement::class => array(
-                self::MAIN  => self::ACCESS_ALLOW,
-                'suspend'   => self::ACCESS_ALLOW,
-                'editRoles' => self::ACCESS_ALLOW,
-            ),
-            'RequestData'             => array(
-                'seeUserAgentData' => self::ACCESS_ALLOW,
-            ),
-        ),
-        'toolRoot'          => array(
-            '_description' => 'A user with shell access to the servers running the tool',
-            '_editableBy'  => array('toolRoot'),
-            '_childRoles'  => array(
-                'admin',
-            ),
-            PageMultiFactor::class => array(
-                'enableU2F'         => self::ACCESS_ALLOW,
-                'disableU2F'        => self::ACCESS_ALLOW,
-            )
-        ),
-        'botCreation'       => array(
-            '_description'    => 'A user allowed to use the bot to perform account creations',
-            '_editableBy'     => array('admin', 'toolRoot'),
-            '_childRoles'     => array(),
-            'RequestCreation' => array(
-                User::CREATION_BOT => self::ACCESS_ALLOW,
-            ),
-        ),
-        'oauthCreation'       => array(
-            '_description'    => 'A user allowed to use the OAuth to perform account creations',
-            '_editableBy'     => array('admin', 'toolRoot'),
-            '_childRoles'     => array(),
-            'RequestCreation'                    => array(
-                User::CREATION_OAUTH  => self::ACCESS_ALLOW,
-            ),
-        ),
+			'_childRoles'             => array(
+				'public',
+			),
+			PagePreferences::class    => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'refreshOAuth' => self::ACCESS_ALLOW,
+			),
+			PageChangePassword::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageMultiFactor::class    => array(
+				self::MAIN          => self::ACCESS_ALLOW,
+				'scratch'           => self::ACCESS_ALLOW,
+				'enableYubikeyOtp'  => self::ACCESS_ALLOW,
+				'disableYubikeyOtp' => self::ACCESS_ALLOW,
+				'enableTotp'        => self::ACCESS_ALLOW,
+				'disableTotp'       => self::ACCESS_ALLOW,
+			),
+			PageOAuth::class          => array(
+				'attach' => self::ACCESS_ALLOW,
+				'detach' => self::ACCESS_ALLOW,
+			),
+		),
+		'user'              => array(
+			'_description'                       => 'A standard tool user.',
+			'_editableBy'                        => array('admin', 'toolRoot'),
+			'_childRoles'                        => array(
+				'internalStats',
+			),
+			PageMain::class                      => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageBan::class                       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageEditComment::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageEmailManagement::class           => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'view'     => self::ACCESS_ALLOW,
+			),
+			PageExpandedRequestList::class       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageLog::class                       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageSearch::class                    => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageWelcomeTemplateManagement::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'select'   => self::ACCESS_ALLOW,
+				'view'     => self::ACCESS_ALLOW,
+			),
+			PageViewRequest::class               => array(
+				self::MAIN       => self::ACCESS_ALLOW,
+				'seeAllRequests' => self::ACCESS_ALLOW,
+			),
+			'RequestData'                        => array(
+				'seePrivateDataWhenReserved' => self::ACCESS_ALLOW,
+				'seePrivateDataWithHash'     => self::ACCESS_ALLOW,
+			),
+			PageCustomClose::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageComment::class                   => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageCloseRequest::class              => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageCreateRequest::class             => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageDeferRequest::class              => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageDropRequest::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageReservation::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageSendToUser::class                => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageBreakReservation::class          => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageJobQueue::class                  => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'view'     => self::ACCESS_ALLOW,
+				'all'      => self::ACCESS_ALLOW,
+			),
+			'RequestCreation'                    => array(
+				User::CREATION_MANUAL => self::ACCESS_ALLOW,
+			),
+			'GlobalInfo'                         => array(
+				'viewSiteNotice' => self::ACCESS_ALLOW,
+				'viewOnlineUsers' => self::ACCESS_ALLOW,
+			),
+		),
+		'admin'             => array(
+			'_description'                       => 'A tool administrator.',
+			'_editableBy'                        => array('admin', 'toolRoot'),
+			'_childRoles'                        => array(
+				'user',
+				'requestAdminTools',
+			),
+			PageEmailManagement::class           => array(
+				'edit'   => self::ACCESS_ALLOW,
+				'create' => self::ACCESS_ALLOW,
+			),
+			PageSiteNotice::class                => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageUserManagement::class            => array(
+				self::MAIN  => self::ACCESS_ALLOW,
+				'approve'   => self::ACCESS_ALLOW,
+				'decline'   => self::ACCESS_ALLOW,
+				'rename'    => self::ACCESS_ALLOW,
+				'editUser'  => self::ACCESS_ALLOW,
+				'suspend'   => self::ACCESS_ALLOW,
+				'editRoles' => self::ACCESS_ALLOW,
+			),
+			PageWelcomeTemplateManagement::class => array(
+				'edit'   => self::ACCESS_ALLOW,
+				'delete' => self::ACCESS_ALLOW,
+				'add'    => self::ACCESS_ALLOW,
+			),
+			PageJobQueue::class                  => array(
+				'acknowledge' => self::ACCESS_ALLOW,
+				'requeue'     => self::ACCESS_ALLOW,
+			),
+		),
+		'checkuser'         => array(
+			'_description'            => 'A user with CheckUser access',
+			'_editableBy'             => array('checkuser', 'toolRoot'),
+			'_childRoles'             => array(
+				'user',
+				'requestAdminTools',
+			),
+			PageUserManagement::class => array(
+				self::MAIN  => self::ACCESS_ALLOW,
+				'suspend'   => self::ACCESS_ALLOW,
+				'editRoles' => self::ACCESS_ALLOW,
+			),
+			'RequestData'             => array(
+				'seeUserAgentData' => self::ACCESS_ALLOW,
+			),
+		),
+		'toolRoot'          => array(
+			'_description' => 'A user with shell access to the servers running the tool',
+			'_editableBy'  => array('toolRoot'),
+			'_childRoles'  => array(
+				'admin',
+			),
+			PageMultiFactor::class => array(
+				'enableU2F'         => self::ACCESS_ALLOW,
+				'disableU2F'        => self::ACCESS_ALLOW,
+			)
+		),
+		'botCreation'       => array(
+			'_description'    => 'A user allowed to use the bot to perform account creations',
+			'_editableBy'     => array('admin', 'toolRoot'),
+			'_childRoles'     => array(),
+			'RequestCreation' => array(
+				User::CREATION_BOT => self::ACCESS_ALLOW,
+			),
+		),
+		'oauthCreation'       => array(
+			'_description'    => 'A user allowed to use the OAuth to perform account creations',
+			'_editableBy'     => array('admin', 'toolRoot'),
+			'_childRoles'     => array(),
+			'RequestCreation'                    => array(
+				User::CREATION_OAUTH  => self::ACCESS_ALLOW,
+			),
+		),
 
 
-        // Child roles go below this point
-        'publicStats'       => array(
-            '_hidden'               => true,
-            StatsUsers::class       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'detail'   => self::ACCESS_ALLOW,
-            ),
-            StatsTopCreators::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-        ),
-        'internalStats'     => array(
-            '_hidden'                    => true,
-            StatsMain::class             => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsFastCloses::class       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsInactiveUsers::class    => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsMonthlyStats::class     => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsReservedRequests::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsTemplateStats::class    => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-        ),
-        'requestAdminTools' => array(
-            '_hidden'                   => true,
-            PageBan::class              => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'set'      => self::ACCESS_ALLOW,
-                'remove'   => self::ACCESS_ALLOW,
-            ),
-            PageEditComment::class      => array(
-                'editOthers' => self::ACCESS_ALLOW,
-            ),
-            PageBreakReservation::class => array(
-                'force' => self::ACCESS_ALLOW,
-            ),
-            PageCustomClose::class      => array(
-                'skipCcMailingList' => self::ACCESS_ALLOW,
-            ),
-            'RequestData'               => array(
-                'reopenOldRequest'      => self::ACCESS_ALLOW,
-                'alwaysSeePrivateData'  => self::ACCESS_ALLOW,
-                'alwaysSeeHash'         => self::ACCESS_ALLOW,
-                'seeRestrictedComments' => self::ACCESS_ALLOW,
-            ),
-        ),
-    );
-    /** @var array
-     * List of roles which are *exempt* from the identification requirements
-     *
-     * Think twice about adding roles to this list.
-     *
-     * @category Security-Critical
-     */
-    private $identificationExempt = array('public', 'loggedIn');
+		// Child roles go below this point
+		'publicStats'       => array(
+			'_hidden'               => true,
+			StatsUsers::class       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'detail'   => self::ACCESS_ALLOW,
+			),
+			StatsTopCreators::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+		),
+		'internalStats'     => array(
+			'_hidden'                    => true,
+			StatsMain::class             => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsFastCloses::class       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsInactiveUsers::class    => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsMonthlyStats::class     => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsReservedRequests::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsTemplateStats::class    => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+		),
+		'requestAdminTools' => array(
+			'_hidden'                   => true,
+			PageBan::class              => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'set'      => self::ACCESS_ALLOW,
+				'remove'   => self::ACCESS_ALLOW,
+			),
+			PageEditComment::class      => array(
+				'editOthers' => self::ACCESS_ALLOW,
+			),
+			PageBreakReservation::class => array(
+				'force' => self::ACCESS_ALLOW,
+			),
+			PageCustomClose::class      => array(
+				'skipCcMailingList' => self::ACCESS_ALLOW,
+			),
+			'RequestData'               => array(
+				'reopenOldRequest'      => self::ACCESS_ALLOW,
+				'alwaysSeePrivateData'  => self::ACCESS_ALLOW,
+				'alwaysSeeHash'         => self::ACCESS_ALLOW,
+				'seeRestrictedComments' => self::ACCESS_ALLOW,
+			),
+		),
+	);
+	/** @var array
+	 * List of roles which are *exempt* from the identification requirements
+	 *
+	 * Think twice about adding roles to this list.
+	 *
+	 * @category Security-Critical
+	 */
+	private $identificationExempt = array('public', 'loggedIn');
 
-    /**
-     * RoleConfiguration constructor.
-     *
-     * @param array $roleConfig           Set to non-null to override the default configuration.
-     * @param array $identificationExempt Set to non-null to override the default configuration.
-     */
-    public function __construct(array $roleConfig = null, array $identificationExempt = null)
-    {
-        if ($roleConfig !== null) {
-            $this->roleConfig = $roleConfig;
-        }
+	/**
+	 * RoleConfiguration constructor.
+	 *
+	 * @param array $roleConfig           Set to non-null to override the default configuration.
+	 * @param array $identificationExempt Set to non-null to override the default configuration.
+	 */
+	public function __construct(array $roleConfig = null, array $identificationExempt = null)
+	{
+		if ($roleConfig !== null) {
+			$this->roleConfig = $roleConfig;
+		}
 
-        if ($identificationExempt !== null) {
-            $this->identificationExempt = $identificationExempt;
-        }
-    }
+		if ($identificationExempt !== null) {
+			$this->identificationExempt = $identificationExempt;
+		}
+	}
 
-    /**
-     * @param array $roles The roles to check
-     *
-     * @return array
-     */
-    public function getApplicableRoles(array $roles)
-    {
-        $available = array();
+	/**
+	 * @param array $roles The roles to check
+	 *
+	 * @return array
+	 */
+	public function getApplicableRoles(array $roles)
+	{
+		$available = array();
 
-        foreach ($roles as $role) {
-            if (!isset($this->roleConfig[$role])) {
-                // wat
-                continue;
-            }
+		foreach ($roles as $role) {
+			if (!isset($this->roleConfig[$role])) {
+				// wat
+				continue;
+			}
 
-            $available[$role] = $this->roleConfig[$role];
+			$available[$role] = $this->roleConfig[$role];
 
-            if (isset($available[$role]['_childRoles'])) {
-                $childRoles = $this->getApplicableRoles($available[$role]['_childRoles']);
-                $available = array_merge($available, $childRoles);
+			if (isset($available[$role]['_childRoles'])) {
+				$childRoles = $this->getApplicableRoles($available[$role]['_childRoles']);
+				$available = array_merge($available, $childRoles);
 
-                unset($available[$role]['_childRoles']);
-            }
+				unset($available[$role]['_childRoles']);
+			}
 
-            foreach (array('_hidden', '_editableBy', '_description') as $item) {
-                if (isset($available[$role][$item])) {
-                    unset($available[$role][$item]);
-                }
-            }
-        }
+			foreach (array('_hidden', '_editableBy', '_description') as $item) {
+				if (isset($available[$role][$item])) {
+					unset($available[$role][$item]);
+				}
+			}
+		}
 
-        return $available;
-    }
+		return $available;
+	}
 
-    public function getAvailableRoles()
-    {
-        $possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn'));
+	public function getAvailableRoles()
+	{
+		$possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn'));
 
-        $actual = array();
+		$actual = array();
 
-        foreach ($possible as $role) {
-            if (!isset($this->roleConfig[$role]['_hidden'])) {
-                $actual[$role] = array(
-                    'description' => $this->roleConfig[$role]['_description'],
-                    'editableBy'  => $this->roleConfig[$role]['_editableBy'],
-                );
-            }
-        }
+		foreach ($possible as $role) {
+			if (!isset($this->roleConfig[$role]['_hidden'])) {
+				$actual[$role] = array(
+					'description' => $this->roleConfig[$role]['_description'],
+					'editableBy'  => $this->roleConfig[$role]['_editableBy'],
+				);
+			}
+		}
 
-        return $actual;
-    }
+		return $actual;
+	}
 
-    /**
-     * @param string $role
-     *
-     * @return bool
-     */
-    public function roleNeedsIdentification($role)
-    {
-        if (in_array($role, $this->identificationExempt)) {
-            return false;
-        }
+	/**
+	 * @param string $role
+	 *
+	 * @return bool
+	 */
+	public function roleNeedsIdentification($role)
+	{
+		if (in_array($role, $this->identificationExempt)) {
+			return false;
+		}
 
-        return true;
-    }
+		return true;
+	}
 }

includes/Offline.php

Indentation +37 added lines, -37 removed lines

@@ -17,16 +17,16 @@ 
  */
 class Offline
 {
-    /**
-     * Determines if the tool is offline
-     * @return bool
-     */
-    public static function isOffline()
-    {
-        global $dontUseDb;
+	/**
+	 * Determines if the tool is offline
+	 * @return bool
+	 */
+	public static function isOffline()
+	{
+		global $dontUseDb;
 
-        return (bool)$dontUseDb;
-    }
+		return (bool)$dontUseDb;
+	}
 
 	/**
 	 * Gets the offline message
@@ -37,38 +37,38 @@ 
 	 * @return string
 	 * @throws SmartyException
 	 */
-    public static function getOfflineMessage($external, $message = null)
-    {
-        global $dontUseDbCulprit, $dontUseDbReason, $baseurl;
+	public static function getOfflineMessage($external, $message = null)
+	{
+		global $dontUseDbCulprit, $dontUseDbReason, $baseurl;
 
-        $smarty = new Smarty();
-        $smarty->assign("baseurl", $baseurl);
-        $smarty->assign("alerts", []);
-        $smarty->assign("toolversion", Environment::getToolVersion());
+		$smarty = new Smarty();
+		$smarty->assign("baseurl", $baseurl);
+		$smarty->assign("alerts", []);
+		$smarty->assign("toolversion", Environment::getToolVersion());
 
-        if (!headers_sent()) {
-            header("HTTP/1.1 503 Service Unavailable");
-        }
+		if (!headers_sent()) {
+			header("HTTP/1.1 503 Service Unavailable");
+		}
 
-        if ($external) {
-            return $smarty->fetch("offline/external.tpl");
-        }
-        else {
-            $hideCulprit = true;
+		if ($external) {
+			return $smarty->fetch("offline/external.tpl");
+		}
+		else {
+			$hideCulprit = true;
 
-            // Use the provided message if possible
-            if ($message === null) {
-                $hideCulprit = false;
-                $message = $dontUseDbReason;
-            }
+			// Use the provided message if possible
+			if ($message === null) {
+				$hideCulprit = false;
+				$message = $dontUseDbReason;
+			}
 
-            $smarty->assign("hideCulprit", $hideCulprit);
-            $smarty->assign("dontUseDbCulprit", $dontUseDbCulprit);
-            $smarty->assign("dontUseDbReason", $message);
-            $smarty->assign("alerts", array());
-            $smarty->assign('currentUser', User::getCommunity());
+			$smarty->assign("hideCulprit", $hideCulprit);
+			$smarty->assign("dontUseDbCulprit", $dontUseDbCulprit);
+			$smarty->assign("dontUseDbReason", $message);
+			$smarty->assign("alerts", array());
+			$smarty->assign('currentUser', User::getCommunity());
 
-            return $smarty->fetch("offline/internal.tpl");
-        }
-    }
+			return $smarty->fetch("offline/internal.tpl");
+		}
+	}
 }

includes/Router/RequestRouter.php

Indentation +441 added lines, -441 removed lines

@@ -63,445 +63,445 @@
  */
 class RequestRouter implements IRequestRouter
 {
-    /**
-     * This is the core routing table for the application. The basic idea is:
-     *
-     *      array(
-     *          "foo" =>
-     *              array(
-     *                  "class"   => PageFoo::class,
-     *                  "actions" => array("bar", "other")
-     *              ),
-     * );
-     *
-     * Things to note:
-     *     - If no page is requested, we go to PageMain. PageMain can't have actions defined.
-     *
-     *     - If a page is defined and requested, but no action is requested, go to that page's main() method
-     *     - If a page is defined and requested, and an action is defined and requested, go to that action's method.
-     *     - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main()
-     *       method.
-     *     - If a page is NOT defined and requested, go to Page404 and it's main() method.
-     *
-     *     - Query parameters are ignored.
-     *
-     * The key point here is request routing with validation that this is allowed, before we start hitting the
-     * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested
-     * before we start calling random methods through the web UI.
-     *
-     * Examples:
-     * /internal.php                => returns instance of PageMain, routed to main()
-     * /internal.php?query          => returns instance of PageMain, routed to main()
-     * /internal.php/foo            => returns instance of PageFoo, routed to main()
-     * /internal.php/foo?query      => returns instance of PageFoo, routed to main()
-     * /internal.php/foo/bar        => returns instance of PageFoo, routed to bar()
-     * /internal.php/foo/bar?query  => returns instance of PageFoo, routed to bar()
-     * /internal.php/foo/baz        => returns instance of Page404, routed to main()
-     * /internal.php/foo/baz?query  => returns instance of Page404, routed to main()
-     * /internal.php/bar            => returns instance of Page404, routed to main()
-     * /internal.php/bar?query      => returns instance of Page404, routed to main()
-     * /internal.php/bar/baz        => returns instance of Page404, routed to main()
-     * /internal.php/bar/baz?query  => returns instance of Page404, routed to main()
-     *
-     * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need
-     * to change the key, then you'll likely have to update a lot of files.
-     *
-     * @var array
-     */
-    private $routeMap = array(
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Login and registration
-        'logout'                      =>
-            array(
-                'class'   => PageLogout::class,
-                'actions' => array(),
-            ),
-        'login'                       =>
-            array(
-                'class'   => PagePasswordLogin::class,
-                'actions' => array(),
-            ),
-        'login/otp'                   =>
-            array(
-                'class'   => PageOtpLogin::class,
-                'actions' => array(),
-            ),
-        'login/u2f'                   =>
-            array(
-                'class'   => PageU2FLogin::class,
-                'actions' => array(),
-            ),
-        'forgotPassword'              =>
-            array(
-                'class'   => PageForgotPassword::class,
-                'actions' => array('reset'),
-            ),
-        'register'                    =>
-            array(
-                'class'   => PageRegisterOption::class,
-                'actions' => array(),
-            ),
-        'register/standard'           =>
-            array(
-                'class'   => PageRegisterStandard::class,
-                'actions' => array('done'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Discovery
-        'search'                      =>
-            array(
-                'class'   => PageSearch::class,
-                'actions' => array(),
-            ),
-        'logs'                        =>
-            array(
-                'class'   => PageLog::class,
-                'actions' => array(),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Administration
-        'bans'                        =>
-            array(
-                'class'   => PageBan::class,
-                'actions' => array('set', 'remove'),
-            ),
-        'userManagement'              =>
-            array(
-                'class'   => PageUserManagement::class,
-                'actions' => array(
-                    'approve',
-                    'decline',
-                    'rename',
-                    'editUser',
-                    'suspend',
-                    'editRoles',
-                ),
-            ),
-        'siteNotice'                  =>
-            array(
-                'class'   => PageSiteNotice::class,
-                'actions' => array(),
-            ),
-        'emailManagement'             =>
-            array(
-                'class'   => PageEmailManagement::class,
-                'actions' => array('create', 'edit', 'view'),
-            ),
-        'jobQueue'                    =>
-            array(
-                'class'   => PageJobQueue::class,
-                'actions' => array('acknowledge', 'requeue', 'view', 'all'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Personal preferences
-        'preferences'                 =>
-            array(
-                'class'   => PagePreferences::class,
-                'actions' => array(
-                    'refreshOAuth'
-                ),
-            ),
-        'changePassword'              =>
-            array(
-                'class'   => PageChangePassword::class,
-                'actions' => array(),
-            ),
-        'multiFactor'                 =>
-            array(
-                'class'   => PageMultiFactor::class,
-                'actions' => array(
-                    'scratch',
-                    'enableYubikeyOtp',
-                    'disableYubikeyOtp',
-                    'enableTotp',
-                    'disableTotp',
-                    'enableU2F',
-                    'disableU2F',
-                ),
-            ),
-        'oauth'                       =>
-            array(
-                'class'   => PageOAuth::class,
-                'actions' => array('detach', 'attach'),
-            ),
-        'oauth/callback'              =>
-            array(
-                'class'   => PageOAuthCallback::class,
-                'actions' => array('authorise', 'create'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Welcomer configuration
-        'welcomeTemplates'            =>
-            array(
-                'class'   => PageWelcomeTemplateManagement::class,
-                'actions' => array('select', 'edit', 'delete', 'add', 'view'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Statistics
-        'statistics'                  =>
-            array(
-                'class'   => StatsMain::class,
-                'actions' => array(),
-            ),
-        'statistics/fastCloses'       =>
-            array(
-                'class'   => StatsFastCloses::class,
-                'actions' => array(),
-            ),
-        'statistics/inactiveUsers'    =>
-            array(
-                'class'   => StatsInactiveUsers::class,
-                'actions' => array(),
-            ),
-        'statistics/monthlyStats'     =>
-            array(
-                'class'   => StatsMonthlyStats::class,
-                'actions' => array(),
-            ),
-        'statistics/reservedRequests' =>
-            array(
-                'class'   => StatsReservedRequests::class,
-                'actions' => array(),
-            ),
-        'statistics/templateStats'    =>
-            array(
-                'class'   => StatsTemplateStats::class,
-                'actions' => array(),
-            ),
-        'statistics/topCreators'      =>
-            array(
-                'class'   => StatsTopCreators::class,
-                'actions' => array(),
-            ),
-        'statistics/users'            =>
-            array(
-                'class'   => StatsUsers::class,
-                'actions' => array('detail'),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Zoom page
-        'viewRequest'                 =>
-            array(
-                'class'   => PageViewRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/reserve'         =>
-            array(
-                'class'   => PageReservation::class,
-                'actions' => array(),
-            ),
-        'viewRequest/breakReserve'    =>
-            array(
-                'class'   => PageBreakReservation::class,
-                'actions' => array(),
-            ),
-        'viewRequest/defer'           =>
-            array(
-                'class'   => PageDeferRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/comment'         =>
-            array(
-                'class'   => PageComment::class,
-                'actions' => array(),
-            ),
-        'viewRequest/sendToUser'      =>
-            array(
-                'class'   => PageSendToUser::class,
-                'actions' => array(),
-            ),
-        'viewRequest/close'           =>
-            array(
-                'class'   => PageCloseRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/create'          =>
-            array(
-                'class'   => PageCreateRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/drop'            =>
-            array(
-                'class'   => PageDropRequest::class,
-                'actions' => array(),
-            ),
-        'viewRequest/custom'          =>
-            array(
-                'class'   => PageCustomClose::class,
-                'actions' => array(),
-            ),
-        'editComment'                 =>
-            array(
-                'class'   => PageEditComment::class,
-                'actions' => array(),
-            ),
-
-        //////////////////////////////////////////////////////////////////////////////////////////////////
-        // Misc stuff
-        'team'                        =>
-            array(
-                'class'   => PageTeam::class,
-                'actions' => array(),
-            ),
-        'requestList'                 =>
-            array(
-                'class'   => PageExpandedRequestList::class,
-                'actions' => array(),
-            ),
-        'xffdemo'                     =>
-            array(
-                'class'   => PageXffDemo::class,
-                'actions' => array(),
-            ),
-    );
-
-    /**
-     * @return IRoutedTask
-     * @throws Exception
-     */
-    final public function route()
-    {
-        $pathInfo = WebRequest::pathInfo();
-
-        list($pageClass, $action) = $this->getRouteFromPath($pathInfo);
-
-        /** @var IRoutedTask $page */
-        $page = new $pageClass();
-
-        // Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so
-        // let's use our own.
-        if (!($page instanceof IRoutedTask)) {
-            throw new Exception('Expected a page, but this is not a page.');
-        }
-
-        // OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it
-        // inherits PageBase and has been created from the routing map.
-        $page->setRoute($action);
-
-        return $page;
-    }
-
-    /**
-     * @param $pathInfo
-     *
-     * @return array
-     */
-    protected function getRouteFromPath($pathInfo)
-    {
-        if (count($pathInfo) === 0) {
-            // No pathInfo, so no page to load. Load the main page.
-            return $this->getDefaultRoute();
-        }
-        elseif (count($pathInfo) === 1) {
-            // Exactly one path info segment, it's got to be a page.
-            $classSegment = $pathInfo[0];
-
-            return $this->routeSinglePathSegment($classSegment);
-        }
-
-        // OK, we have two or more segments now.
-        if (count($pathInfo) > 2) {
-            // Let's handle more than two, and collapse it down into two.
-            $requestedAction = array_pop($pathInfo);
-            $classSegment = implode('/', $pathInfo);
-        }
-        else {
-            // Two path info segments.
-            $classSegment = $pathInfo[0];
-            $requestedAction = $pathInfo[1];
-        }
-
-        $routeMap = $this->routePathSegments($classSegment, $requestedAction);
-
-        if ($routeMap[0] === Page404::class) {
-            $routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction);
-        }
-
-        return $routeMap;
-    }
-
-    /**
-     * @param $classSegment
-     *
-     * @return array
-     */
-    final protected function routeSinglePathSegment($classSegment)
-    {
-        $routeMap = $this->getRouteMap();
-        if (array_key_exists($classSegment, $routeMap)) {
-            // Route exists, but we don't have an action in path info, so default to main.
-            $pageClass = $routeMap[$classSegment]['class'];
-            $action = 'main';
-
-            return array($pageClass, $action);
-        }
-        else {
-            // Doesn't exist in map. Fall back to 404
-            $pageClass = Page404::class;
-            $action = "main";
-
-            return array($pageClass, $action);
-        }
-    }
-
-    /**
-     * @param $classSegment
-     * @param $requestedAction
-     *
-     * @return array
-     */
-    final protected function routePathSegments($classSegment, $requestedAction)
-    {
-        $routeMap = $this->getRouteMap();
-        if (array_key_exists($classSegment, $routeMap)) {
-            // Route exists, but we don't have an action in path info, so default to main.
-
-            if (isset($routeMap[$classSegment]['actions'])
-                && array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false
-            ) {
-                // Action exists in allowed action list. Allow both the page and the action
-                $pageClass = $routeMap[$classSegment]['class'];
-                $action = $requestedAction;
-
-                return array($pageClass, $action);
-            }
-            else {
-                // Valid page, invalid action. 404 our way out.
-                $pageClass = Page404::class;
-                $action = 'main';
-
-                return array($pageClass, $action);
-            }
-        }
-        else {
-            // Class doesn't exist in map. Fall back to 404
-            $pageClass = Page404::class;
-            $action = 'main';
-
-            return array($pageClass, $action);
-        }
-    }
-
-    /**
-     * @return array
-     */
-    protected function getRouteMap()
-    {
-        return $this->routeMap;
-    }
-
-    /**
-     * @return array
-     */
-    protected function getDefaultRoute()
-    {
-        return array(PageMain::class, "main");
-    }
+	/**
+	 * This is the core routing table for the application. The basic idea is:
+	 *
+	 *      array(
+	 *          "foo" =>
+	 *              array(
+	 *                  "class"   => PageFoo::class,
+	 *                  "actions" => array("bar", "other")
+	 *              ),
+	 * );
+	 *
+	 * Things to note:
+	 *     - If no page is requested, we go to PageMain. PageMain can't have actions defined.
+	 *
+	 *     - If a page is defined and requested, but no action is requested, go to that page's main() method
+	 *     - If a page is defined and requested, and an action is defined and requested, go to that action's method.
+	 *     - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main()
+	 *       method.
+	 *     - If a page is NOT defined and requested, go to Page404 and it's main() method.
+	 *
+	 *     - Query parameters are ignored.
+	 *
+	 * The key point here is request routing with validation that this is allowed, before we start hitting the
+	 * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested
+	 * before we start calling random methods through the web UI.
+	 *
+	 * Examples:
+	 * /internal.php                => returns instance of PageMain, routed to main()
+	 * /internal.php?query          => returns instance of PageMain, routed to main()
+	 * /internal.php/foo            => returns instance of PageFoo, routed to main()
+	 * /internal.php/foo?query      => returns instance of PageFoo, routed to main()
+	 * /internal.php/foo/bar        => returns instance of PageFoo, routed to bar()
+	 * /internal.php/foo/bar?query  => returns instance of PageFoo, routed to bar()
+	 * /internal.php/foo/baz        => returns instance of Page404, routed to main()
+	 * /internal.php/foo/baz?query  => returns instance of Page404, routed to main()
+	 * /internal.php/bar            => returns instance of Page404, routed to main()
+	 * /internal.php/bar?query      => returns instance of Page404, routed to main()
+	 * /internal.php/bar/baz        => returns instance of Page404, routed to main()
+	 * /internal.php/bar/baz?query  => returns instance of Page404, routed to main()
+	 *
+	 * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need
+	 * to change the key, then you'll likely have to update a lot of files.
+	 *
+	 * @var array
+	 */
+	private $routeMap = array(
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Login and registration
+		'logout'                      =>
+			array(
+				'class'   => PageLogout::class,
+				'actions' => array(),
+			),
+		'login'                       =>
+			array(
+				'class'   => PagePasswordLogin::class,
+				'actions' => array(),
+			),
+		'login/otp'                   =>
+			array(
+				'class'   => PageOtpLogin::class,
+				'actions' => array(),
+			),
+		'login/u2f'                   =>
+			array(
+				'class'   => PageU2FLogin::class,
+				'actions' => array(),
+			),
+		'forgotPassword'              =>
+			array(
+				'class'   => PageForgotPassword::class,
+				'actions' => array('reset'),
+			),
+		'register'                    =>
+			array(
+				'class'   => PageRegisterOption::class,
+				'actions' => array(),
+			),
+		'register/standard'           =>
+			array(
+				'class'   => PageRegisterStandard::class,
+				'actions' => array('done'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Discovery
+		'search'                      =>
+			array(
+				'class'   => PageSearch::class,
+				'actions' => array(),
+			),
+		'logs'                        =>
+			array(
+				'class'   => PageLog::class,
+				'actions' => array(),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Administration
+		'bans'                        =>
+			array(
+				'class'   => PageBan::class,
+				'actions' => array('set', 'remove'),
+			),
+		'userManagement'              =>
+			array(
+				'class'   => PageUserManagement::class,
+				'actions' => array(
+					'approve',
+					'decline',
+					'rename',
+					'editUser',
+					'suspend',
+					'editRoles',
+				),
+			),
+		'siteNotice'                  =>
+			array(
+				'class'   => PageSiteNotice::class,
+				'actions' => array(),
+			),
+		'emailManagement'             =>
+			array(
+				'class'   => PageEmailManagement::class,
+				'actions' => array('create', 'edit', 'view'),
+			),
+		'jobQueue'                    =>
+			array(
+				'class'   => PageJobQueue::class,
+				'actions' => array('acknowledge', 'requeue', 'view', 'all'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Personal preferences
+		'preferences'                 =>
+			array(
+				'class'   => PagePreferences::class,
+				'actions' => array(
+					'refreshOAuth'
+				),
+			),
+		'changePassword'              =>
+			array(
+				'class'   => PageChangePassword::class,
+				'actions' => array(),
+			),
+		'multiFactor'                 =>
+			array(
+				'class'   => PageMultiFactor::class,
+				'actions' => array(
+					'scratch',
+					'enableYubikeyOtp',
+					'disableYubikeyOtp',
+					'enableTotp',
+					'disableTotp',
+					'enableU2F',
+					'disableU2F',
+				),
+			),
+		'oauth'                       =>
+			array(
+				'class'   => PageOAuth::class,
+				'actions' => array('detach', 'attach'),
+			),
+		'oauth/callback'              =>
+			array(
+				'class'   => PageOAuthCallback::class,
+				'actions' => array('authorise', 'create'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Welcomer configuration
+		'welcomeTemplates'            =>
+			array(
+				'class'   => PageWelcomeTemplateManagement::class,
+				'actions' => array('select', 'edit', 'delete', 'add', 'view'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Statistics
+		'statistics'                  =>
+			array(
+				'class'   => StatsMain::class,
+				'actions' => array(),
+			),
+		'statistics/fastCloses'       =>
+			array(
+				'class'   => StatsFastCloses::class,
+				'actions' => array(),
+			),
+		'statistics/inactiveUsers'    =>
+			array(
+				'class'   => StatsInactiveUsers::class,
+				'actions' => array(),
+			),
+		'statistics/monthlyStats'     =>
+			array(
+				'class'   => StatsMonthlyStats::class,
+				'actions' => array(),
+			),
+		'statistics/reservedRequests' =>
+			array(
+				'class'   => StatsReservedRequests::class,
+				'actions' => array(),
+			),
+		'statistics/templateStats'    =>
+			array(
+				'class'   => StatsTemplateStats::class,
+				'actions' => array(),
+			),
+		'statistics/topCreators'      =>
+			array(
+				'class'   => StatsTopCreators::class,
+				'actions' => array(),
+			),
+		'statistics/users'            =>
+			array(
+				'class'   => StatsUsers::class,
+				'actions' => array('detail'),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Zoom page
+		'viewRequest'                 =>
+			array(
+				'class'   => PageViewRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/reserve'         =>
+			array(
+				'class'   => PageReservation::class,
+				'actions' => array(),
+			),
+		'viewRequest/breakReserve'    =>
+			array(
+				'class'   => PageBreakReservation::class,
+				'actions' => array(),
+			),
+		'viewRequest/defer'           =>
+			array(
+				'class'   => PageDeferRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/comment'         =>
+			array(
+				'class'   => PageComment::class,
+				'actions' => array(),
+			),
+		'viewRequest/sendToUser'      =>
+			array(
+				'class'   => PageSendToUser::class,
+				'actions' => array(),
+			),
+		'viewRequest/close'           =>
+			array(
+				'class'   => PageCloseRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/create'          =>
+			array(
+				'class'   => PageCreateRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/drop'            =>
+			array(
+				'class'   => PageDropRequest::class,
+				'actions' => array(),
+			),
+		'viewRequest/custom'          =>
+			array(
+				'class'   => PageCustomClose::class,
+				'actions' => array(),
+			),
+		'editComment'                 =>
+			array(
+				'class'   => PageEditComment::class,
+				'actions' => array(),
+			),
+
+		//////////////////////////////////////////////////////////////////////////////////////////////////
+		// Misc stuff
+		'team'                        =>
+			array(
+				'class'   => PageTeam::class,
+				'actions' => array(),
+			),
+		'requestList'                 =>
+			array(
+				'class'   => PageExpandedRequestList::class,
+				'actions' => array(),
+			),
+		'xffdemo'                     =>
+			array(
+				'class'   => PageXffDemo::class,
+				'actions' => array(),
+			),
+	);
+
+	/**
+	 * @return IRoutedTask
+	 * @throws Exception
+	 */
+	final public function route()
+	{
+		$pathInfo = WebRequest::pathInfo();
+
+		list($pageClass, $action) = $this->getRouteFromPath($pathInfo);
+
+		/** @var IRoutedTask $page */
+		$page = new $pageClass();
+
+		// Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so
+		// let's use our own.
+		if (!($page instanceof IRoutedTask)) {
+			throw new Exception('Expected a page, but this is not a page.');
+		}
+
+		// OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it
+		// inherits PageBase and has been created from the routing map.
+		$page->setRoute($action);
+
+		return $page;
+	}
+
+	/**
+	 * @param $pathInfo
+	 *
+	 * @return array
+	 */
+	protected function getRouteFromPath($pathInfo)
+	{
+		if (count($pathInfo) === 0) {
+			// No pathInfo, so no page to load. Load the main page.
+			return $this->getDefaultRoute();
+		}
+		elseif (count($pathInfo) === 1) {
+			// Exactly one path info segment, it's got to be a page.
+			$classSegment = $pathInfo[0];
+
+			return $this->routeSinglePathSegment($classSegment);
+		}
+
+		// OK, we have two or more segments now.
+		if (count($pathInfo) > 2) {
+			// Let's handle more than two, and collapse it down into two.
+			$requestedAction = array_pop($pathInfo);
+			$classSegment = implode('/', $pathInfo);
+		}
+		else {
+			// Two path info segments.
+			$classSegment = $pathInfo[0];
+			$requestedAction = $pathInfo[1];
+		}
+
+		$routeMap = $this->routePathSegments($classSegment, $requestedAction);
+
+		if ($routeMap[0] === Page404::class) {
+			$routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction);
+		}
+
+		return $routeMap;
+	}
+
+	/**
+	 * @param $classSegment
+	 *
+	 * @return array
+	 */
+	final protected function routeSinglePathSegment($classSegment)
+	{
+		$routeMap = $this->getRouteMap();
+		if (array_key_exists($classSegment, $routeMap)) {
+			// Route exists, but we don't have an action in path info, so default to main.
+			$pageClass = $routeMap[$classSegment]['class'];
+			$action = 'main';
+
+			return array($pageClass, $action);
+		}
+		else {
+			// Doesn't exist in map. Fall back to 404
+			$pageClass = Page404::class;
+			$action = "main";
+
+			return array($pageClass, $action);
+		}
+	}
+
+	/**
+	 * @param $classSegment
+	 * @param $requestedAction
+	 *
+	 * @return array
+	 */
+	final protected function routePathSegments($classSegment, $requestedAction)
+	{
+		$routeMap = $this->getRouteMap();
+		if (array_key_exists($classSegment, $routeMap)) {
+			// Route exists, but we don't have an action in path info, so default to main.
+
+			if (isset($routeMap[$classSegment]['actions'])
+				&& array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false
+			) {
+				// Action exists in allowed action list. Allow both the page and the action
+				$pageClass = $routeMap[$classSegment]['class'];
+				$action = $requestedAction;
+
+				return array($pageClass, $action);
+			}
+			else {
+				// Valid page, invalid action. 404 our way out.
+				$pageClass = Page404::class;
+				$action = 'main';
+
+				return array($pageClass, $action);
+			}
+		}
+		else {
+			// Class doesn't exist in map. Fall back to 404
+			$pageClass = Page404::class;
+			$action = 'main';
+
+			return array($pageClass, $action);
+		}
+	}
+
+	/**
+	 * @return array
+	 */
+	protected function getRouteMap()
+	{
+		return $this->routeMap;
+	}
+
+	/**
+	 * @return array
+	 */
+	protected function getDefaultRoute()
+	{
+		return array(PageMain::class, "main");
+	}
 }

includes/Helpers/BotMediaWikiClient.php

Indentation +132 added lines, -132 removed lines

@@ -16,136 +16,136 @@
 
 class BotMediaWikiClient implements IMediaWikiClient
 {
-    /**
-     * @var HttpHelper
-     */
-    private $httpHelper;
-    /** @var string */
-    private $mediawikiWebServiceEndpoint;
-    /** @var string */
-    private $creationBotUsername;
-    /** @var string */
-    private $creationBotPassword;
-    /** @var bool */
-    private $knownLoggedIn = false;
-
-    /**
-     * BotMediaWikiClient constructor.
-     *
-     * @param SiteConfiguration $siteConfiguration
-     */
-    public function __construct(SiteConfiguration $siteConfiguration)
-    {
-        $this->mediawikiWebServiceEndpoint = $siteConfiguration->getMediawikiWebServiceEndpoint();
-
-        $this->creationBotUsername = $siteConfiguration->getCreationBotUsername();
-        $this->creationBotPassword = $siteConfiguration->getCreationBotPassword();
-
-        $this->httpHelper = new HttpHelper(
-            $siteConfiguration->getUserAgent(),
-            $siteConfiguration->getCurlDisableVerifyPeer(),
-            $siteConfiguration->getCurlCookieJar()
-        );
-    }
-
-    public function doApiCall($apiParams, $method = 'GET')
-    {
-        $this->ensureLoggedIn();
-        $apiParams['assert'] = 'user';
-
-        return $this->callApi($apiParams, $method);
-    }
-
-    private function ensureLoggedIn()
-    {
-        if ($this->knownLoggedIn) {
-            return;
-        }
-
-        $userinfoResult = $this->callApi(array('action' => 'query', 'meta' => 'userinfo'), 'GET');
-        if (isset($userinfoResult->query->userinfo->anon)) {
-            // not logged in.
-            $this->logIn();
-
-            // retest
-            $userinfoResult = $this->callApi(array('action' => 'query', 'meta' => 'userinfo'), 'GET');
-            if (isset($userinfoResult->query->userinfo->anon)) {
-                throw new MediaWikiApiException('Unable to log in.');
-            }
-            else {
-                $this->knownLoggedIn = true;
-            }
-        }
-        else {
-            $this->knownLoggedIn = true;
-        }
-    }
-
-    /**
-     * @param $apiParams
-     * @param $method
-     *
-     * @return mixed
-     * @throws ApplicationLogicException
-     * @throws CurlException
-     */
-    private function callApi($apiParams, $method)
-    {
-        $apiParams['format'] = 'json';
-
-        if ($method == 'GET') {
-            $data = $this->httpHelper->get($this->mediawikiWebServiceEndpoint, $apiParams);
-        }
-        elseif ($method == 'POST') {
-            $data = $this->httpHelper->post($this->mediawikiWebServiceEndpoint, $apiParams);
-        }
-        else {
-            throw new ApplicationLogicException('Unsupported HTTP Method');
-        }
-
-        if ($data === false) {
-            throw new CurlException('Curl error: ' . $this->httpHelper->getError());
-        }
-
-        $result = json_decode($data);
-
-        return $result;
-    }
-
-    private function logIn()
-    {
-        // get token
-        $tokenParams = array(
-            'action' => 'query',
-            'meta'   => 'tokens',
-            'type'   => 'login',
-        );
-
-        $response = $this->callApi($tokenParams, 'POST');
-
-        if (isset($response->error)) {
-            throw new MediaWikiApiException($response->error->code . ': ' . $response->error->info);
-        }
-
-        $token = $response->query->tokens->logintoken;
-
-        if ($token === null) {
-            throw new MediaWikiApiException('Edit token could not be acquired');
-        }
-
-        $params = array(
-            'action' => 'login',
-            'lgname' => $this->creationBotUsername,
-            'lgpassword' => $this->creationBotPassword,
-            'lgtoken' => $token,
-        );
-
-        $loginResponse = $this->callApi($params, 'POST');
-
-        if($loginResponse->login->result == 'Success'){
-            return;
-        }
-
-        throw new ApplicationLogicException(json_encode($loginResponse));
-    }
+	/**
+	 * @var HttpHelper
+	 */
+	private $httpHelper;
+	/** @var string */
+	private $mediawikiWebServiceEndpoint;
+	/** @var string */
+	private $creationBotUsername;
+	/** @var string */
+	private $creationBotPassword;
+	/** @var bool */
+	private $knownLoggedIn = false;
+
+	/**
+	 * BotMediaWikiClient constructor.
+	 *
+	 * @param SiteConfiguration $siteConfiguration
+	 */
+	public function __construct(SiteConfiguration $siteConfiguration)
+	{
+		$this->mediawikiWebServiceEndpoint = $siteConfiguration->getMediawikiWebServiceEndpoint();
+
+		$this->creationBotUsername = $siteConfiguration->getCreationBotUsername();
+		$this->creationBotPassword = $siteConfiguration->getCreationBotPassword();
+
+		$this->httpHelper = new HttpHelper(
+			$siteConfiguration->getUserAgent(),
+			$siteConfiguration->getCurlDisableVerifyPeer(),
+			$siteConfiguration->getCurlCookieJar()
+		);
+	}
+
+	public function doApiCall($apiParams, $method = 'GET')
+	{
+		$this->ensureLoggedIn();
+		$apiParams['assert'] = 'user';
+
+		return $this->callApi($apiParams, $method);
+	}
+
+	private function ensureLoggedIn()
+	{
+		if ($this->knownLoggedIn) {
+			return;
+		}
+
+		$userinfoResult = $this->callApi(array('action' => 'query', 'meta' => 'userinfo'), 'GET');
+		if (isset($userinfoResult->query->userinfo->anon)) {
+			// not logged in.
+			$this->logIn();
+
+			// retest
+			$userinfoResult = $this->callApi(array('action' => 'query', 'meta' => 'userinfo'), 'GET');
+			if (isset($userinfoResult->query->userinfo->anon)) {
+				throw new MediaWikiApiException('Unable to log in.');
+			}
+			else {
+				$this->knownLoggedIn = true;
+			}
+		}
+		else {
+			$this->knownLoggedIn = true;
+		}
+	}
+
+	/**
+	 * @param $apiParams
+	 * @param $method
+	 *
+	 * @return mixed
+	 * @throws ApplicationLogicException
+	 * @throws CurlException
+	 */
+	private function callApi($apiParams, $method)
+	{
+		$apiParams['format'] = 'json';
+
+		if ($method == 'GET') {
+			$data = $this->httpHelper->get($this->mediawikiWebServiceEndpoint, $apiParams);
+		}
+		elseif ($method == 'POST') {
+			$data = $this->httpHelper->post($this->mediawikiWebServiceEndpoint, $apiParams);
+		}
+		else {
+			throw new ApplicationLogicException('Unsupported HTTP Method');
+		}
+
+		if ($data === false) {
+			throw new CurlException('Curl error: ' . $this->httpHelper->getError());
+		}
+
+		$result = json_decode($data);
+
+		return $result;
+	}
+
+	private function logIn()
+	{
+		// get token
+		$tokenParams = array(
+			'action' => 'query',
+			'meta'   => 'tokens',
+			'type'   => 'login',
+		);
+
+		$response = $this->callApi($tokenParams, 'POST');
+
+		if (isset($response->error)) {
+			throw new MediaWikiApiException($response->error->code . ': ' . $response->error->info);
+		}
+
+		$token = $response->query->tokens->logintoken;
+
+		if ($token === null) {
+			throw new MediaWikiApiException('Edit token could not be acquired');
+		}
+
+		$params = array(
+			'action' => 'login',
+			'lgname' => $this->creationBotUsername,
+			'lgpassword' => $this->creationBotPassword,
+			'lgtoken' => $token,
+		);
+
+		$loginResponse = $this->callApi($params, 'POST');
+
+		if($loginResponse->login->result == 'Success'){
+			return;
+		}
+
+		throw new ApplicationLogicException(json_encode($loginResponse));
+	}
 }
\ No newline at end of file

includes/Helpers/SearchHelpers/SearchHelperBase.php

Indentation +271 added lines, -271 removed lines

@@ -16,275 +16,275 @@
 
 abstract class SearchHelperBase
 {
-    /** @var PdoDatabase */
-    protected $database;
-    /** @var array */
-    protected $parameterList = array();
-    /** @var null|int */
-    private $limit = null;
-    /** @var null|int */
-    private $offset = null;
-    private $orderBy = null;
-    /**
-     * @var string The where clause.
-     *
-     * (the 1=1 condition will be optimised out of the query by the query planner, and simplifies our code here). Note
-     * that we use positional parameters instead of named parameters because we don't know many times different options
-     * will be called (looking at excluding() here, but there's the option for others).
-     */
-    protected $whereClause = ' WHERE 1 = 1';
-    /** @var string */
-    protected $table;
-    protected $joinClause = '';
-    protected $groupByClause = '';
-    protected $modifiersClause = '';
-    private $targetClass;
-
-    /**
-     * SearchHelperBase constructor.
-     *
-     * @param PdoDatabase $database
-     * @param string      $table
-     * @param             $targetClass
-     * @param null|string $order Order by clause, excluding ORDER BY.
-     */
-    protected function __construct(PdoDatabase $database, $table, $targetClass, $order = null)
-    {
-        $this->database = $database;
-        $this->table = $table;
-        $this->orderBy = $order;
-        $this->targetClass = $targetClass;
-    }
-
-    /**
-     * Finalises the database query, and executes it, returning a set of objects.
-     *
-     * @return DataObject[]
-     */
-    public function fetch()
-    {
-        $statement = $this->getData();
-
-        /** @var DataObject[] $returnedObjects */
-        $returnedObjects = $statement->fetchAll(PDO::FETCH_CLASS, $this->targetClass);
-        foreach ($returnedObjects as $req) {
-            $req->setDatabase($this->database);
-        }
-
-        return $returnedObjects;
-    }
-
-    /**
-     * @param string $whereClauseSection
-     * @param array  $values
-     *
-     * @return array
-     */
-    protected function fetchByParameter($whereClauseSection, $values)
-    {
-        $this->whereClause .= $whereClauseSection;
-
-        $countQuery = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
-        $countQuery .= $this->joinClause . $this->whereClause;
-
-        $query = $this->buildQuery(array('*'));
-        $query .= $this->applyOrder();
-
-        // shuffle around hackily TODO: fix this abomination - T593
-        $localParameterList = $this->parameterList;
-        $this->parameterList = array();
-
-        $query .= $this->applyLimit();
-
-        $limitParameters = $this->parameterList;
-
-        $statement = $this->database->prepare($query);
-        $countStatement = $this->database->prepare($countQuery);
-
-        $result = array();
-        foreach ($values as $v) {
-            // reset parameter list
-            $params = $localParameterList;
-            $params[] = $v;
-
-            $countStatement->execute($params);
-
-            // reapply the limit parameters
-            $params = array_merge($params, $limitParameters);
-
-            $statement->execute($params);
-
-            /** @var DataObject[] $returnedObjects */
-            $returnedObjects = $statement->fetchAll(PDO::FETCH_CLASS, $this->targetClass);
-            foreach ($returnedObjects as $req) {
-                $req->setDatabase($this->database);
-            }
-
-            $result[$v] = array(
-                'count' => $countStatement->fetchColumn(0),
-                'data'  => $returnedObjects,
-            );
-        }
-
-        return $result;
-    }
-
-    /**
-     * Finalises the database query, and executes it, returning only the requested column.
-     *
-     * @param string $column The required column
-     *
-     * @param bool   $distinct
-     *
-     * @return array
-     * @throws ApplicationLogicException
-     */
-    public function fetchColumn($column, $distinct = false)
-    {
-        if ($distinct) {
-            if ($this->groupByClause !== '') {
-                throw new ApplicationLogicException('Cannot apply distinct to column fetch already using group by');
-            }
-
-            $this->groupByClause = ' GROUP BY origin.' . $column;
-        }
-
-        $statement = $this->getData(array($column));
-
-        return $statement->fetchAll(PDO::FETCH_COLUMN);
-    }
-
-    public function fetchMap($column)
-    {
-        $statement = $this->getData(array('id', $column));
-
-        $data = $statement->fetchAll(PDO::FETCH_ASSOC);
-        $map = array();
-
-        foreach ($data as $row) {
-            $map[$row['id']] = $row[$column];
-        }
-
-        return $map;
-    }
-
-    /**
-     * @param int $count Returns the record count of the result set
-     *
-     * @return $this
-     */
-    public function getRecordCount(&$count)
-    {
-        $query = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
-        $query .= $this->joinClause . $this->whereClause;
-
-        $statement = $this->database->prepare($query);
-        $statement->execute($this->parameterList);
-
-        $count = $statement->fetchColumn(0);
-        $statement->closeCursor();
-
-        return $this;
-    }
-
-    /**
-     * Limits the results
-     *
-     * @param integer      $limit
-     * @param integer|null $offset
-     *
-     * @return $this
-     *
-     */
-    public function limit($limit, $offset = null)
-    {
-        $this->limit = $limit;
-        $this->offset = $offset;
-
-        return $this;
-    }
-
-    private function applyLimit()
-    {
-        $clause = '';
-        if ($this->limit !== null) {
-            $clause = ' LIMIT ?';
-            $this->parameterList[] = $this->limit;
-
-            if ($this->offset !== null) {
-                $clause .= ' OFFSET ?';
-                $this->parameterList[] = $this->offset;
-            }
-        }
-
-        return $clause;
-    }
-
-    private function applyOrder()
-    {
-        if ($this->orderBy !== null) {
-            return ' ORDER BY ' . $this->orderBy;
-        }
-
-        return '';
-    }
-
-    /**
-     * @param array $columns
-     *
-     * @return PDOStatement
-     */
-    private function getData($columns = array('*'))
-    {
-        $query = $this->buildQuery($columns);
-        $query .= $this->applyOrder();
-        $query .= $this->applyLimit();
-
-        /** @var PDOStatement $statement */
-        $statement = $this->database->prepare($query);
-        $statement->execute($this->parameterList);
-
-        return $statement;
-    }
-
-    /**
-     * @param array $columns
-     *
-     * @return string
-     */
-    protected function buildQuery($columns)
-    {
-        $colData = array();
-        foreach ($columns as $c) {
-            $colData[] = 'origin.' . $c;
-        }
-
-        $query = "SELECT {$this->modifiersClause} /* SearchHelper */ " . implode(', ', $colData) . ' FROM ' . $this->table . ' origin ';
-        $query .= $this->joinClause . $this->whereClause . $this->groupByClause;
-
-        return $query;
-    }
-
-    public function inIds($idList)
-    {
-        $this->inClause('id', $idList);
-
-        return $this;
-    }
-
-    protected function inClause($column, $values)
-    {
-        if (count($values) === 0) {
-            return;
-        }
-
-        // Urgh. OK. You can't use IN() with parameters directly, so let's munge something together.
-        $valueCount = count($values);
-
-        // Firstly, let's create a string of question marks, which will do as positional parameters.
-        $inSection = str_repeat('?,', $valueCount - 1) . '?';
-
-        $this->whereClause .= " AND {$column} IN ({$inSection})";
-        $this->parameterList = array_merge($this->parameterList, $values);
-    }
+	/** @var PdoDatabase */
+	protected $database;
+	/** @var array */
+	protected $parameterList = array();
+	/** @var null|int */
+	private $limit = null;
+	/** @var null|int */
+	private $offset = null;
+	private $orderBy = null;
+	/**
+	 * @var string The where clause.
+	 *
+	 * (the 1=1 condition will be optimised out of the query by the query planner, and simplifies our code here). Note
+	 * that we use positional parameters instead of named parameters because we don't know many times different options
+	 * will be called (looking at excluding() here, but there's the option for others).
+	 */
+	protected $whereClause = ' WHERE 1 = 1';
+	/** @var string */
+	protected $table;
+	protected $joinClause = '';
+	protected $groupByClause = '';
+	protected $modifiersClause = '';
+	private $targetClass;
+
+	/**
+	 * SearchHelperBase constructor.
+	 *
+	 * @param PdoDatabase $database
+	 * @param string      $table
+	 * @param             $targetClass
+	 * @param null|string $order Order by clause, excluding ORDER BY.
+	 */
+	protected function __construct(PdoDatabase $database, $table, $targetClass, $order = null)
+	{
+		$this->database = $database;
+		$this->table = $table;
+		$this->orderBy = $order;
+		$this->targetClass = $targetClass;
+	}
+
+	/**
+	 * Finalises the database query, and executes it, returning a set of objects.
+	 *
+	 * @return DataObject[]
+	 */
+	public function fetch()
+	{
+		$statement = $this->getData();
+
+		/** @var DataObject[] $returnedObjects */
+		$returnedObjects = $statement->fetchAll(PDO::FETCH_CLASS, $this->targetClass);
+		foreach ($returnedObjects as $req) {
+			$req->setDatabase($this->database);
+		}
+
+		return $returnedObjects;
+	}
+
+	/**
+	 * @param string $whereClauseSection
+	 * @param array  $values
+	 *
+	 * @return array
+	 */
+	protected function fetchByParameter($whereClauseSection, $values)
+	{
+		$this->whereClause .= $whereClauseSection;
+
+		$countQuery = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
+		$countQuery .= $this->joinClause . $this->whereClause;
+
+		$query = $this->buildQuery(array('*'));
+		$query .= $this->applyOrder();
+
+		// shuffle around hackily TODO: fix this abomination - T593
+		$localParameterList = $this->parameterList;
+		$this->parameterList = array();
+
+		$query .= $this->applyLimit();
+
+		$limitParameters = $this->parameterList;
+
+		$statement = $this->database->prepare($query);
+		$countStatement = $this->database->prepare($countQuery);
+
+		$result = array();
+		foreach ($values as $v) {
+			// reset parameter list
+			$params = $localParameterList;
+			$params[] = $v;
+
+			$countStatement->execute($params);
+
+			// reapply the limit parameters
+			$params = array_merge($params, $limitParameters);
+
+			$statement->execute($params);
+
+			/** @var DataObject[] $returnedObjects */
+			$returnedObjects = $statement->fetchAll(PDO::FETCH_CLASS, $this->targetClass);
+			foreach ($returnedObjects as $req) {
+				$req->setDatabase($this->database);
+			}
+
+			$result[$v] = array(
+				'count' => $countStatement->fetchColumn(0),
+				'data'  => $returnedObjects,
+			);
+		}
+
+		return $result;
+	}
+
+	/**
+	 * Finalises the database query, and executes it, returning only the requested column.
+	 *
+	 * @param string $column The required column
+	 *
+	 * @param bool   $distinct
+	 *
+	 * @return array
+	 * @throws ApplicationLogicException
+	 */
+	public function fetchColumn($column, $distinct = false)
+	{
+		if ($distinct) {
+			if ($this->groupByClause !== '') {
+				throw new ApplicationLogicException('Cannot apply distinct to column fetch already using group by');
+			}
+
+			$this->groupByClause = ' GROUP BY origin.' . $column;
+		}
+
+		$statement = $this->getData(array($column));
+
+		return $statement->fetchAll(PDO::FETCH_COLUMN);
+	}
+
+	public function fetchMap($column)
+	{
+		$statement = $this->getData(array('id', $column));
+
+		$data = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$map = array();
+
+		foreach ($data as $row) {
+			$map[$row['id']] = $row[$column];
+		}
+
+		return $map;
+	}
+
+	/**
+	 * @param int $count Returns the record count of the result set
+	 *
+	 * @return $this
+	 */
+	public function getRecordCount(&$count)
+	{
+		$query = 'SELECT /* SearchHelper */ COUNT(*) FROM ' . $this->table . ' origin ';
+		$query .= $this->joinClause . $this->whereClause;
+
+		$statement = $this->database->prepare($query);
+		$statement->execute($this->parameterList);
+
+		$count = $statement->fetchColumn(0);
+		$statement->closeCursor();
+
+		return $this;
+	}
+
+	/**
+	 * Limits the results
+	 *
+	 * @param integer      $limit
+	 * @param integer|null $offset
+	 *
+	 * @return $this
+	 *
+	 */
+	public function limit($limit, $offset = null)
+	{
+		$this->limit = $limit;
+		$this->offset = $offset;
+
+		return $this;
+	}
+
+	private function applyLimit()
+	{
+		$clause = '';
+		if ($this->limit !== null) {
+			$clause = ' LIMIT ?';
+			$this->parameterList[] = $this->limit;
+
+			if ($this->offset !== null) {
+				$clause .= ' OFFSET ?';
+				$this->parameterList[] = $this->offset;
+			}
+		}
+
+		return $clause;
+	}
+
+	private function applyOrder()
+	{
+		if ($this->orderBy !== null) {
+			return ' ORDER BY ' . $this->orderBy;
+		}
+
+		return '';
+	}
+
+	/**
+	 * @param array $columns
+	 *
+	 * @return PDOStatement
+	 */
+	private function getData($columns = array('*'))
+	{
+		$query = $this->buildQuery($columns);
+		$query .= $this->applyOrder();
+		$query .= $this->applyLimit();
+
+		/** @var PDOStatement $statement */
+		$statement = $this->database->prepare($query);
+		$statement->execute($this->parameterList);
+
+		return $statement;
+	}
+
+	/**
+	 * @param array $columns
+	 *
+	 * @return string
+	 */
+	protected function buildQuery($columns)
+	{
+		$colData = array();
+		foreach ($columns as $c) {
+			$colData[] = 'origin.' . $c;
+		}
+
+		$query = "SELECT {$this->modifiersClause} /* SearchHelper */ " . implode(', ', $colData) . ' FROM ' . $this->table . ' origin ';
+		$query .= $this->joinClause . $this->whereClause . $this->groupByClause;
+
+		return $query;
+	}
+
+	public function inIds($idList)
+	{
+		$this->inClause('id', $idList);
+
+		return $this;
+	}
+
+	protected function inClause($column, $values)
+	{
+		if (count($values) === 0) {
+			return;
+		}
+
+		// Urgh. OK. You can't use IN() with parameters directly, so let's munge something together.
+		$valueCount = count($values);
+
+		// Firstly, let's create a string of question marks, which will do as positional parameters.
+		$inSection = str_repeat('?,', $valueCount - 1) . '?';
+
+		$this->whereClause .= " AND {$column} IN ({$inSection})";
+		$this->parameterList = array_merge($this->parameterList, $values);
+	}
 }

includes/Helpers/LogHelper.php

Indentation +403 added lines, -403 removed lines

@@ -27,414 +27,414 @@
 
 class LogHelper
 {
-    /**
-     * Summary of getRequestLogsWithComments
-     *
-     * @param int             $requestId
-     * @param PdoDatabase     $db
-     * @param SecurityManager $securityManager
-     *
-     * @return DataObject[]
-     */
-    public static function getRequestLogsWithComments($requestId, PdoDatabase $db, SecurityManager $securityManager)
-    {
-        $logs = LogSearchHelper::get($db)->byObjectType('Request')->byObjectId($requestId)->fetch();
-
-        $currentUser = User::getCurrent($db);
-        $securityResult = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser);
-        $showAllComments = $securityResult === SecurityManager::ALLOWED;
-
-        $comments = Comment::getForRequest($requestId, $db, $showAllComments, $currentUser->getId());
-
-        $items = array_merge($logs, $comments);
-
-        /**
-         * @param DataObject $item
-         *
-         * @return int
-         */
-        $sortKey = function(DataObject $item) {
-            if ($item instanceof Log) {
-                return $item->getTimestamp()->getTimestamp();
-            }
-
-            if ($item instanceof Comment) {
-                return $item->getTime()->getTimestamp();
-            }
-
-            return 0;
-        };
-
-        do {
-            $flag = false;
-
-            $loopLimit = (count($items) - 1);
-            for ($i = 0; $i < $loopLimit; $i++) {
-                // are these two items out of order?
-                if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) {
-                    // swap them
-                    $swap = $items[$i];
-                    $items[$i] = $items[$i + 1];
-                    $items[$i + 1] = $swap;
-
-                    // set a flag to say we've modified the array this time around
-                    $flag = true;
-                }
-            }
-        }
-        while ($flag);
-
-        return $items;
-    }
-
-    /**
-     * Summary of getLogDescription
-     *
-     * @param Log $entry
-     *
-     * @return string
-     */
-    public static function getLogDescription(Log $entry)
-    {
-        $text = "Deferred to ";
-        if (substr($entry->getAction(), 0, strlen($text)) == $text) {
-            // Deferred to a different queue
-            // This is exactly what we want to display.
-            return $entry->getAction();
-        }
-
-        $text = "Closed custom-n";
-        if ($entry->getAction() == $text) {
-            // Custom-closed
-            return "closed (custom reason - account not created)";
-        }
-
-        $text = "Closed custom-y";
-        if ($entry->getAction() == $text) {
-            // Custom-closed
-            return "closed (custom reason - account created)";
-        }
-
-        $text = "Closed 0";
-        if ($entry->getAction() == $text) {
-            // Dropped the request - short-circuit the lookup
-            return "dropped request";
-        }
-
-        $text = "Closed ";
-        if (substr($entry->getAction(), 0, strlen($text)) == $text) {
-            // Closed with a reason - do a lookup here.
-            $id = substr($entry->getAction(), strlen($text));
-            /** @var EmailTemplate $template */
-            $template = EmailTemplate::getById((int)$id, $entry->getDatabase());
-
-            if ($template != false) {
-                return "closed (" . $template->getName() . ")";
-            }
-        }
-
-        // Fall back to the basic stuff
-        $lookup = array(
-            'Reserved'            => 'reserved',
-            'Email Confirmed'     => 'email-confirmed',
-            'Unreserved'          => 'unreserved',
-            'Approved'            => 'approved',
-            'Suspended'           => 'suspended',
-            'RoleChange'          => 'changed roles',
-            'Banned'              => 'banned',
-            'Edited'              => 'edited interface message',
-            'Declined'            => 'declined',
-            'EditComment-c'       => 'edited a comment',
-            'EditComment-r'       => 'edited a comment',
-            'Unbanned'            => 'unbanned',
-            'Promoted'            => 'promoted to tool admin',
-            'BreakReserve'        => 'forcibly broke the reservation',
-            'Prefchange'          => 'changed user preferences',
-            'Renamed'             => 'renamed',
-            'Demoted'             => 'demoted from tool admin',
-            'ReceiveReserved'     => 'received the reservation',
-            'SendReserved'        => 'sent the reservation',
-            'EditedEmail'         => 'edited email',
-            'DeletedTemplate'     => 'deleted template',
-            'EditedTemplate'      => 'edited template',
-            'CreatedEmail'        => 'created email',
-            'CreatedTemplate'     => 'created template',
-            'SentMail'            => 'sent an email to the requestor',
-            'Registered'          => 'registered a tool account',
-            'JobIssue'            => 'ran a background job unsuccessfully',
-            'JobCompleted'        => 'completed a background job',
-            'JobAcknowledged'     => 'acknowledged a job failure',
-            'JobRequeued'         => 'requeued a job for re-execution',
-            'EnqueuedJobQueue'    => 'scheduled for creation',
-            'Hospitalised'        => 'sent to the hospital',
-        );
-
-        if (array_key_exists($entry->getAction(), $lookup)) {
-            return $lookup[$entry->getAction()];
-        }
-
-        // OK, I don't know what this is. Fall back to something sane.
-        return "performed an unknown action ({$entry->getAction()})";
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return array
-     */
-    public static function getLogActions(PdoDatabase $database)
-    {
-        $lookup = array(
-            'Reserved'            => 'reserved',
-            'Email Confirmed'     => 'email-confirmed',
-            'Unreserved'          => 'unreserved',
-            'Approved'            => 'approved',
-            'Suspended'           => 'suspended',
-            'RoleChange'          => 'changed roles',
-            'Banned'              => 'banned',
-            'Edited'              => 'edited interface message',
-            'Declined'            => 'declined',
-            'EditComment-c'       => 'edited a comment (by comment ID)',
-            'EditComment-r'       => 'edited a comment (by request)',
-            'Unbanned'            => 'unbanned',
-            'Promoted'            => 'promoted to tool admin',
-            'BreakReserve'        => 'forcibly broke the reservation',
-            'Prefchange'          => 'changed user preferences',
-            'Renamed'             => 'renamed',
-            'Demoted'             => 'demoted from tool admin',
-            'ReceiveReserved'     => 'received the reservation',
-            'SendReserved'        => 'sent the reservation',
-            'EditedEmail'         => 'edited email',
-            'DeletedTemplate'     => 'deleted template',
-            'EditedTemplate'      => 'edited template',
-            'CreatedEmail'        => 'created email',
-            'CreatedTemplate'     => 'created template',
-            'SentMail'            => 'sent an email to the requestor',
-            'Registered'          => 'registered a tool account',
-            'Closed 0'            => 'dropped request',
-            'JobIssue'            => 'ran a background job unsuccessfully',
-            'JobCompleted'        => 'completed a background job',
-            'JobAcknowledged'     => 'acknowledged a job failure',
-            'JobRequeued'         => 'requeued a job for re-execution',
-            'EnqueuedJobQueue'    => 'scheduled for creation',
-            'Hospitalised'        => 'sent to the hospital',
-        );
-
-        $statement = $database->query(<<<SQL
+	/**
+	 * Summary of getRequestLogsWithComments
+	 *
+	 * @param int             $requestId
+	 * @param PdoDatabase     $db
+	 * @param SecurityManager $securityManager
+	 *
+	 * @return DataObject[]
+	 */
+	public static function getRequestLogsWithComments($requestId, PdoDatabase $db, SecurityManager $securityManager)
+	{
+		$logs = LogSearchHelper::get($db)->byObjectType('Request')->byObjectId($requestId)->fetch();
+
+		$currentUser = User::getCurrent($db);
+		$securityResult = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser);
+		$showAllComments = $securityResult === SecurityManager::ALLOWED;
+
+		$comments = Comment::getForRequest($requestId, $db, $showAllComments, $currentUser->getId());
+
+		$items = array_merge($logs, $comments);
+
+		/**
+		 * @param DataObject $item
+		 *
+		 * @return int
+		 */
+		$sortKey = function(DataObject $item) {
+			if ($item instanceof Log) {
+				return $item->getTimestamp()->getTimestamp();
+			}
+
+			if ($item instanceof Comment) {
+				return $item->getTime()->getTimestamp();
+			}
+
+			return 0;
+		};
+
+		do {
+			$flag = false;
+
+			$loopLimit = (count($items) - 1);
+			for ($i = 0; $i < $loopLimit; $i++) {
+				// are these two items out of order?
+				if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) {
+					// swap them
+					$swap = $items[$i];
+					$items[$i] = $items[$i + 1];
+					$items[$i + 1] = $swap;
+
+					// set a flag to say we've modified the array this time around
+					$flag = true;
+				}
+			}
+		}
+		while ($flag);
+
+		return $items;
+	}
+
+	/**
+	 * Summary of getLogDescription
+	 *
+	 * @param Log $entry
+	 *
+	 * @return string
+	 */
+	public static function getLogDescription(Log $entry)
+	{
+		$text = "Deferred to ";
+		if (substr($entry->getAction(), 0, strlen($text)) == $text) {
+			// Deferred to a different queue
+			// This is exactly what we want to display.
+			return $entry->getAction();
+		}
+
+		$text = "Closed custom-n";
+		if ($entry->getAction() == $text) {
+			// Custom-closed
+			return "closed (custom reason - account not created)";
+		}
+
+		$text = "Closed custom-y";
+		if ($entry->getAction() == $text) {
+			// Custom-closed
+			return "closed (custom reason - account created)";
+		}
+
+		$text = "Closed 0";
+		if ($entry->getAction() == $text) {
+			// Dropped the request - short-circuit the lookup
+			return "dropped request";
+		}
+
+		$text = "Closed ";
+		if (substr($entry->getAction(), 0, strlen($text)) == $text) {
+			// Closed with a reason - do a lookup here.
+			$id = substr($entry->getAction(), strlen($text));
+			/** @var EmailTemplate $template */
+			$template = EmailTemplate::getById((int)$id, $entry->getDatabase());
+
+			if ($template != false) {
+				return "closed (" . $template->getName() . ")";
+			}
+		}
+
+		// Fall back to the basic stuff
+		$lookup = array(
+			'Reserved'            => 'reserved',
+			'Email Confirmed'     => 'email-confirmed',
+			'Unreserved'          => 'unreserved',
+			'Approved'            => 'approved',
+			'Suspended'           => 'suspended',
+			'RoleChange'          => 'changed roles',
+			'Banned'              => 'banned',
+			'Edited'              => 'edited interface message',
+			'Declined'            => 'declined',
+			'EditComment-c'       => 'edited a comment',
+			'EditComment-r'       => 'edited a comment',
+			'Unbanned'            => 'unbanned',
+			'Promoted'            => 'promoted to tool admin',
+			'BreakReserve'        => 'forcibly broke the reservation',
+			'Prefchange'          => 'changed user preferences',
+			'Renamed'             => 'renamed',
+			'Demoted'             => 'demoted from tool admin',
+			'ReceiveReserved'     => 'received the reservation',
+			'SendReserved'        => 'sent the reservation',
+			'EditedEmail'         => 'edited email',
+			'DeletedTemplate'     => 'deleted template',
+			'EditedTemplate'      => 'edited template',
+			'CreatedEmail'        => 'created email',
+			'CreatedTemplate'     => 'created template',
+			'SentMail'            => 'sent an email to the requestor',
+			'Registered'          => 'registered a tool account',
+			'JobIssue'            => 'ran a background job unsuccessfully',
+			'JobCompleted'        => 'completed a background job',
+			'JobAcknowledged'     => 'acknowledged a job failure',
+			'JobRequeued'         => 'requeued a job for re-execution',
+			'EnqueuedJobQueue'    => 'scheduled for creation',
+			'Hospitalised'        => 'sent to the hospital',
+		);
+
+		if (array_key_exists($entry->getAction(), $lookup)) {
+			return $lookup[$entry->getAction()];
+		}
+
+		// OK, I don't know what this is. Fall back to something sane.
+		return "performed an unknown action ({$entry->getAction()})";
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return array
+	 */
+	public static function getLogActions(PdoDatabase $database)
+	{
+		$lookup = array(
+			'Reserved'            => 'reserved',
+			'Email Confirmed'     => 'email-confirmed',
+			'Unreserved'          => 'unreserved',
+			'Approved'            => 'approved',
+			'Suspended'           => 'suspended',
+			'RoleChange'          => 'changed roles',
+			'Banned'              => 'banned',
+			'Edited'              => 'edited interface message',
+			'Declined'            => 'declined',
+			'EditComment-c'       => 'edited a comment (by comment ID)',
+			'EditComment-r'       => 'edited a comment (by request)',
+			'Unbanned'            => 'unbanned',
+			'Promoted'            => 'promoted to tool admin',
+			'BreakReserve'        => 'forcibly broke the reservation',
+			'Prefchange'          => 'changed user preferences',
+			'Renamed'             => 'renamed',
+			'Demoted'             => 'demoted from tool admin',
+			'ReceiveReserved'     => 'received the reservation',
+			'SendReserved'        => 'sent the reservation',
+			'EditedEmail'         => 'edited email',
+			'DeletedTemplate'     => 'deleted template',
+			'EditedTemplate'      => 'edited template',
+			'CreatedEmail'        => 'created email',
+			'CreatedTemplate'     => 'created template',
+			'SentMail'            => 'sent an email to the requestor',
+			'Registered'          => 'registered a tool account',
+			'Closed 0'            => 'dropped request',
+			'JobIssue'            => 'ran a background job unsuccessfully',
+			'JobCompleted'        => 'completed a background job',
+			'JobAcknowledged'     => 'acknowledged a job failure',
+			'JobRequeued'         => 'requeued a job for re-execution',
+			'EnqueuedJobQueue'    => 'scheduled for creation',
+			'Hospitalised'        => 'sent to the hospital',
+		);
+
+		$statement = $database->query(<<<SQL
 SELECT CONCAT('Closed ', id) AS k, CONCAT('closed (',name,')') AS v
 FROM emailtemplate;
 SQL
-        );
-        foreach ($statement->fetchAll(PDO::FETCH_ASSOC) as $row) {
-            $lookup[$row['k']] = $row['v'];
-        }
-
-        return $lookup;
-    }
-
-    public static function getObjectTypes()
-    {
-        return array(
-            'Ban'             => 'Ban',
-            'Comment'         => 'Comment',
-            'EmailTemplate'   => 'Email template',
-            'JobQueue'        => 'Job queue item',
-            'Request'         => 'Request',
-            'SiteNotice'      => 'Site notice',
-            'User'            => 'User',
-            'WelcomeTemplate' => 'Welcome template',
-        );
-    }
-
-    /**
-     * This returns a HTML
-     *
-     * @param string            $objectId
-     * @param string            $objectType
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $configuration
-     *
-     * @return null|string
-     * @category Security-Critical
-     */
-    private static function getObjectDescription(
-        $objectId,
-        $objectType,
-        PdoDatabase $database,
-        SiteConfiguration $configuration
-    ) {
-        if ($objectType == '') {
-            return null;
-        }
-
-        $baseurl = $configuration->getBaseUrl();
-
-        switch ($objectType) {
-            case 'Ban':
-                /** @var Ban $ban */
-                $ban = Ban::getById($objectId, $database);
-
-                if ($ban === false) {
-                    return 'Ban #' . $objectId . "</a>";
-                }
-
-                return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
-            case 'EmailTemplate':
-                /** @var EmailTemplate $emailTemplate */
-                $emailTemplate = EmailTemplate::getById($objectId, $database);
-                $name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8');
-
-                return <<<HTML
+		);
+		foreach ($statement->fetchAll(PDO::FETCH_ASSOC) as $row) {
+			$lookup[$row['k']] = $row['v'];
+		}
+
+		return $lookup;
+	}
+
+	public static function getObjectTypes()
+	{
+		return array(
+			'Ban'             => 'Ban',
+			'Comment'         => 'Comment',
+			'EmailTemplate'   => 'Email template',
+			'JobQueue'        => 'Job queue item',
+			'Request'         => 'Request',
+			'SiteNotice'      => 'Site notice',
+			'User'            => 'User',
+			'WelcomeTemplate' => 'Welcome template',
+		);
+	}
+
+	/**
+	 * This returns a HTML
+	 *
+	 * @param string            $objectId
+	 * @param string            $objectType
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @return null|string
+	 * @category Security-Critical
+	 */
+	private static function getObjectDescription(
+		$objectId,
+		$objectType,
+		PdoDatabase $database,
+		SiteConfiguration $configuration
+	) {
+		if ($objectType == '') {
+			return null;
+		}
+
+		$baseurl = $configuration->getBaseUrl();
+
+		switch ($objectType) {
+			case 'Ban':
+				/** @var Ban $ban */
+				$ban = Ban::getById($objectId, $database);
+
+				if ($ban === false) {
+					return 'Ban #' . $objectId . "</a>";
+				}
+
+				return 'Ban #' . $objectId . " (" . htmlentities($ban->getTarget()) . ")</a>";
+			case 'EmailTemplate':
+				/** @var EmailTemplate $emailTemplate */
+				$emailTemplate = EmailTemplate::getById($objectId, $database);
+				$name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8');
+
+				return <<<HTML
 <a href="{$baseurl}/internal.php/emailManagement/view?id={$objectId}">Email Template #{$objectId} ({$name})</a>
 HTML;
-            case 'SiteNotice':
-                return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>";
-            case 'Request':
-                /** @var Request $request */
-                $request = Request::getById($objectId, $database);
-                $name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
-
-                return <<<HTML
+			case 'SiteNotice':
+				return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>";
+			case 'Request':
+				/** @var Request $request */
+				$request = Request::getById($objectId, $database);
+				$name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
+
+				return <<<HTML
 <a href="{$baseurl}/internal.php/viewRequest?id={$objectId}">Request #{$objectId} ({$name})</a>
 HTML;
-            case 'User':
-                /** @var User $user */
-                $user = User::getById($objectId, $database);
-                $username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8');
-
-                return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>";
-            case 'WelcomeTemplate':
-                /** @var WelcomeTemplate $welcomeTemplate */
-                $welcomeTemplate = WelcomeTemplate::getById($objectId, $database);
-
-                // some old templates have been completely deleted and lost to the depths of time.
-                if ($welcomeTemplate === false) {
-                    return "Welcome template #{$objectId}";
-                }
-                else {
-                    $userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8');
-
-                    return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
-                }
-            case 'JobQueue':
-                /** @var JobQueue $job */
-                $job = JobQueue::getById($objectId, $database);
-
-                $taskDescriptions = JobQueue::getTaskDescriptions();
-
-                $task = $job->getTask();
-                if(isset($taskDescriptions[$task])){
-                    $description = $taskDescriptions[$task];
-                } else {
-                    $description = 'Unknown task';
-                }
-
-                return "<a href=\"{$baseurl}/internal.php/jobQueue/view?id={$objectId}\">Job #{$job->getId()} ({$description})</a>";
-            default:
-                return '[' . $objectType . " " . $objectId . ']';
-        }
-    }
-
-    /**
-     * @param Log[]             $logs
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $configuration
-     *
-     * @return array
-     * @throws Exception
-     */
-    public static function prepareLogsForTemplate($logs, PdoDatabase $database, SiteConfiguration $configuration)
-    {
-        $userIds = array();
-
-	    foreach ($logs as $logEntry) {
-            if (!$logEntry instanceof Log) {
-                // if this happens, we've done something wrong with passing back the log data.
-                throw new Exception('Log entry is not an instance of a Log, this should never happen.');
-            }
-
-            $user = $logEntry->getUser();
-            if ($user === -1) {
-                continue;
-            }
-
-            if (!array_search($user, $userIds)) {
-                $userIds[] = $user;
-            }
-        }
-
-        $users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username');
-        $users[-1] = User::getCommunity()->getUsername();
-
-        $logData = array();
-
-	    foreach ($logs as $logEntry) {
-            $objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(),
-                $database, $configuration);
-
-            // initialise to sane default
-            $comment = null;
-
-            switch ($logEntry->getAction()) {
-                case 'Renamed':
-                    $renameData = unserialize($logEntry->getComment());
-                    $oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
-                    $newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
-                    $comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
-                    break;
-                case 'RoleChange':
-                    $roleChangeData = unserialize($logEntry->getComment());
-
-                    $removed = array();
-                    foreach ($roleChangeData['removed'] as $r) {
-                        $removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
-                    }
-
-                    $added = array();
-                    foreach ($roleChangeData['added'] as $r) {
-                        $added[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
-                    }
-
-                    $reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
-
-                    $roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
-                    $comment = $roleDelta . ' with comment: ' . $reason;
-                    break;
-                case 'JobIssue':
-                    $jobIssueData = unserialize($logEntry->getComment());
-                    $errorMessage = $jobIssueData['error'];
-                    $status = $jobIssueData['status'];
-
-                    $comment = 'Job ' . htmlentities($status, ENT_COMPAT, 'UTF-8') . ': ';
-                    $comment .= htmlentities($errorMessage, ENT_COMPAT, 'UTF-8');
-                    break;
-                case 'JobIssueRequest':
-                case 'JobCompletedRequest':
-                    $jobData = unserialize($logEntry->getComment());
-
-                    /** @var JobQueue $job */
-                    $job = JobQueue::getById($jobData['job'], $database);
-                    $descs = JobQueue::getTaskDescriptions();
-                    $comment = htmlentities($descs[$job->getTask()], ENT_COMPAT, 'UTF-8');
-                    break;
-
-                case 'JobCompleted':
-                    break;
-                default:
-                    $comment = $logEntry->getComment();
-                    break;
-            }
-
-            $logData[] = array(
-                'timestamp'         => $logEntry->getTimestamp(),
-                'userid'            => $logEntry->getUser(),
-                'username'          => $users[$logEntry->getUser()],
-                'description'       => self::getLogDescription($logEntry),
-                'objectdescription' => $objectDescription,
-                'comment'           => $comment,
-            );
-        }
-
-        return array($users, $logData);
-    }
+			case 'User':
+				/** @var User $user */
+				$user = User::getById($objectId, $database);
+				$username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8');
+
+				return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>";
+			case 'WelcomeTemplate':
+				/** @var WelcomeTemplate $welcomeTemplate */
+				$welcomeTemplate = WelcomeTemplate::getById($objectId, $database);
+
+				// some old templates have been completely deleted and lost to the depths of time.
+				if ($welcomeTemplate === false) {
+					return "Welcome template #{$objectId}";
+				}
+				else {
+					$userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8');
+
+					return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>";
+				}
+			case 'JobQueue':
+				/** @var JobQueue $job */
+				$job = JobQueue::getById($objectId, $database);
+
+				$taskDescriptions = JobQueue::getTaskDescriptions();
+
+				$task = $job->getTask();
+				if(isset($taskDescriptions[$task])){
+					$description = $taskDescriptions[$task];
+				} else {
+					$description = 'Unknown task';
+				}
+
+				return "<a href=\"{$baseurl}/internal.php/jobQueue/view?id={$objectId}\">Job #{$job->getId()} ({$description})</a>";
+			default:
+				return '[' . $objectType . " " . $objectId . ']';
+		}
+	}
+
+	/**
+	 * @param Log[]             $logs
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $configuration
+	 *
+	 * @return array
+	 * @throws Exception
+	 */
+	public static function prepareLogsForTemplate($logs, PdoDatabase $database, SiteConfiguration $configuration)
+	{
+		$userIds = array();
+
+		foreach ($logs as $logEntry) {
+			if (!$logEntry instanceof Log) {
+				// if this happens, we've done something wrong with passing back the log data.
+				throw new Exception('Log entry is not an instance of a Log, this should never happen.');
+			}
+
+			$user = $logEntry->getUser();
+			if ($user === -1) {
+				continue;
+			}
+
+			if (!array_search($user, $userIds)) {
+				$userIds[] = $user;
+			}
+		}
+
+		$users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username');
+		$users[-1] = User::getCommunity()->getUsername();
+
+		$logData = array();
+
+		foreach ($logs as $logEntry) {
+			$objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(),
+				$database, $configuration);
+
+			// initialise to sane default
+			$comment = null;
+
+			switch ($logEntry->getAction()) {
+				case 'Renamed':
+					$renameData = unserialize($logEntry->getComment());
+					$oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8');
+					$newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8');
+					$comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.';
+					break;
+				case 'RoleChange':
+					$roleChangeData = unserialize($logEntry->getComment());
+
+					$removed = array();
+					foreach ($roleChangeData['removed'] as $r) {
+						$removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
+					}
+
+					$added = array();
+					foreach ($roleChangeData['added'] as $r) {
+						$added[] = htmlentities($r, ENT_COMPAT, 'UTF-8');
+					}
+
+					$reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8');
+
+					$roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']';
+					$comment = $roleDelta . ' with comment: ' . $reason;
+					break;
+				case 'JobIssue':
+					$jobIssueData = unserialize($logEntry->getComment());
+					$errorMessage = $jobIssueData['error'];
+					$status = $jobIssueData['status'];
+
+					$comment = 'Job ' . htmlentities($status, ENT_COMPAT, 'UTF-8') . ': ';
+					$comment .= htmlentities($errorMessage, ENT_COMPAT, 'UTF-8');
+					break;
+				case 'JobIssueRequest':
+				case 'JobCompletedRequest':
+					$jobData = unserialize($logEntry->getComment());
+
+					/** @var JobQueue $job */
+					$job = JobQueue::getById($jobData['job'], $database);
+					$descs = JobQueue::getTaskDescriptions();
+					$comment = htmlentities($descs[$job->getTask()], ENT_COMPAT, 'UTF-8');
+					break;
+
+				case 'JobCompleted':
+					break;
+				default:
+					$comment = $logEntry->getComment();
+					break;
+			}
+
+			$logData[] = array(
+				'timestamp'         => $logEntry->getTimestamp(),
+				'userid'            => $logEntry->getUser(),
+				'username'          => $users[$logEntry->getUser()],
+				'description'       => self::getLogDescription($logEntry),
+				'objectdescription' => $objectDescription,
+				'comment'           => $comment,
+			);
+		}
+
+		return array($users, $logData);
+	}
 }

includes/ConsoleTasks/RunJobQueueTask.php

Indentation +114 added lines, -114 removed lines

@@ -21,118 +21,118 @@
 
 class RunJobQueueTask extends ConsoleTaskBase
 {
-    private $taskList = array(
-        WelcomeUserTask::class,
-        BotCreationTask::class,
-        UserCreationTask::class
-    );
-
-    public function execute()
-    {
-        $database = $this->getDatabase();
-
-        // ensure we're running inside a tx here.
-        if (!$database->hasActiveTransaction()) {
-            $database->beginTransaction();
-        }
-
-        $sql = 'SELECT * FROM jobqueue WHERE status = :status ORDER BY enqueue LIMIT :lim';
-        $statement = $database->prepare($sql);
-        $statement->execute(array(':status' => JobQueue::STATUS_READY, ':lim' => 10));
-        /** @var JobQueue[] $queuedJobs */
-        $queuedJobs = $statement->fetchAll(PDO::FETCH_CLASS, JobQueue::class);
-
-        // mark all the jobs as running, and commit the txn so we're not holding onto long-running transactions.
-        // We'll re-lock the row when we get to it.
-        foreach ($queuedJobs as $job) {
-            $job->setDatabase($database);
-            $job->setStatus(JobQueue::STATUS_WAITING);
-            $job->setError(null);
-            $job->setAcknowledged(null);
-            $job->save();
-        }
-
-        $database->commit();
-
-        set_error_handler(array(RunJobQueueTask::class, 'errorHandler'), E_ALL);
-
-        foreach ($queuedJobs as $job) {
-            try {
-                // refresh from the database
-                /** @var JobQueue $job */
-                $job = JobQueue::getById($job->getId(), $database);
-
-                if ($job->getStatus() !== JobQueue::STATUS_WAITING) {
-                    continue;
-                }
-
-                $database->beginTransaction();
-                $job->setStatus(JobQueue::STATUS_RUNNING);
-                $job->save();
-                $database->commit();
-
-                $database->beginTransaction();
-
-                // re-lock the job
-                $job->setStatus(JobQueue::STATUS_RUNNING);
-                $job->save();
-
-                // validate we're allowed to run the requested task (whitelist)
-                if (!in_array($job->getTask(), $this->taskList)) {
-                    throw new ApplicationLogicException('Job task not registered');
-                }
-
-                // Create a task.
-                $taskName = $job->getTask();
-
-                if(!class_exists($taskName)) {
-                    throw new ApplicationLogicException('Job task does not exist');
-                }
-
-                /** @var BackgroundTaskBase $task */
-                $task = new $taskName;
-
-                $this->setupTask($task, $job);
-                $task->run();
-            }
-            catch (Exception $ex) {
-                $database->rollBack();
-                $database->beginTransaction();
-
-                /** @var JobQueue $job */
-                $job = JobQueue::getById($job->getId(), $database);
-                $job->setDatabase($database);
-                $job->setStatus(JobQueue::STATUS_FAILED);
-                $job->setError($ex->getMessage());
-                $job->setAcknowledged(0);
-                $job->save();
-
-                Logger::backgroundJobIssue($this->getDatabase(), $job);
-
-                $database->commit();
-            }
-            finally {
-                $database->commit();
-            }
-        }
-    }
-
-    /**
-     * @param BackgroundTaskBase $task
-     * @param JobQueue           $job
-     */
-    private function setupTask(BackgroundTaskBase $task, JobQueue $job)
-    {
-        $task->setJob($job);
-        $task->setDatabase($this->getDatabase());
-        $task->setHttpHelper($this->getHttpHelper());
-        $task->setOauthProtocolHelper($this->getOAuthProtocolHelper());
-        $task->setEmailHelper($this->getEmailHelper());
-        $task->setSiteConfiguration($this->getSiteConfiguration());
-        $task->setNotificationHelper($this->getNotificationHelper());
-    }
-
-    public static function errorHandler($errno, $errstr, $errfile, $errline) {
-        throw new Exception($errfile . "@" . $errline . ": " . $errstr);
-    }
+	private $taskList = array(
+		WelcomeUserTask::class,
+		BotCreationTask::class,
+		UserCreationTask::class
+	);
+
+	public function execute()
+	{
+		$database = $this->getDatabase();
+
+		// ensure we're running inside a tx here.
+		if (!$database->hasActiveTransaction()) {
+			$database->beginTransaction();
+		}
+
+		$sql = 'SELECT * FROM jobqueue WHERE status = :status ORDER BY enqueue LIMIT :lim';
+		$statement = $database->prepare($sql);
+		$statement->execute(array(':status' => JobQueue::STATUS_READY, ':lim' => 10));
+		/** @var JobQueue[] $queuedJobs */
+		$queuedJobs = $statement->fetchAll(PDO::FETCH_CLASS, JobQueue::class);
+
+		// mark all the jobs as running, and commit the txn so we're not holding onto long-running transactions.
+		// We'll re-lock the row when we get to it.
+		foreach ($queuedJobs as $job) {
+			$job->setDatabase($database);
+			$job->setStatus(JobQueue::STATUS_WAITING);
+			$job->setError(null);
+			$job->setAcknowledged(null);
+			$job->save();
+		}
+
+		$database->commit();
+
+		set_error_handler(array(RunJobQueueTask::class, 'errorHandler'), E_ALL);
+
+		foreach ($queuedJobs as $job) {
+			try {
+				// refresh from the database
+				/** @var JobQueue $job */
+				$job = JobQueue::getById($job->getId(), $database);
+
+				if ($job->getStatus() !== JobQueue::STATUS_WAITING) {
+					continue;
+				}
+
+				$database->beginTransaction();
+				$job->setStatus(JobQueue::STATUS_RUNNING);
+				$job->save();
+				$database->commit();
+
+				$database->beginTransaction();
+
+				// re-lock the job
+				$job->setStatus(JobQueue::STATUS_RUNNING);
+				$job->save();
+
+				// validate we're allowed to run the requested task (whitelist)
+				if (!in_array($job->getTask(), $this->taskList)) {
+					throw new ApplicationLogicException('Job task not registered');
+				}
+
+				// Create a task.
+				$taskName = $job->getTask();
+
+				if(!class_exists($taskName)) {
+					throw new ApplicationLogicException('Job task does not exist');
+				}
+
+				/** @var BackgroundTaskBase $task */
+				$task = new $taskName;
+
+				$this->setupTask($task, $job);
+				$task->run();
+			}
+			catch (Exception $ex) {
+				$database->rollBack();
+				$database->beginTransaction();
+
+				/** @var JobQueue $job */
+				$job = JobQueue::getById($job->getId(), $database);
+				$job->setDatabase($database);
+				$job->setStatus(JobQueue::STATUS_FAILED);
+				$job->setError($ex->getMessage());
+				$job->setAcknowledged(0);
+				$job->save();
+
+				Logger::backgroundJobIssue($this->getDatabase(), $job);
+
+				$database->commit();
+			}
+			finally {
+				$database->commit();
+			}
+		}
+	}
+
+	/**
+	 * @param BackgroundTaskBase $task
+	 * @param JobQueue           $job
+	 */
+	private function setupTask(BackgroundTaskBase $task, JobQueue $job)
+	{
+		$task->setJob($job);
+		$task->setDatabase($this->getDatabase());
+		$task->setHttpHelper($this->getHttpHelper());
+		$task->setOauthProtocolHelper($this->getOAuthProtocolHelper());
+		$task->setEmailHelper($this->getEmailHelper());
+		$task->setSiteConfiguration($this->getSiteConfiguration());
+		$task->setNotificationHelper($this->getNotificationHelper());
+	}
+
+	public static function errorHandler($errno, $errstr, $errfile, $errline) {
+		throw new Exception($errfile . "@" . $errline . ": " . $errstr);
+	}
 }