enwikipedia-acc /
waca
@@ -10,9 +10,9 @@ |
||
| 10 | 10 | |
| 11 | 11 | use DateTimeImmutable; |
| 12 | 12 | use Exception; |
| 13 | -use stdClass; |
|
| 14 | 13 | use Waca\DataObject; |
| 15 | 14 | use Waca\Exceptions\OptimisticLockFailedException; |
| 15 | +use stdClass; |
|
| 16 | 16 | |
| 17 | 17 | class OAuthIdentity extends DataObject |
| 18 | 18 | { |
@@ -16,51 +16,51 @@ discard block |
||
| 16 | 16 | |
| 17 | 17 | class OAuthIdentity extends DataObject |
| 18 | 18 | { |
| 19 | - #region Fields |
|
| 20 | - /** @var int */ |
|
| 21 | - private $user; |
|
| 22 | - /** @var string */ |
|
| 23 | - private $iss; |
|
| 24 | - /** @var int */ |
|
| 25 | - private $sub; |
|
| 26 | - /** @var string */ |
|
| 27 | - private $aud; |
|
| 28 | - /** @var int */ |
|
| 29 | - private $exp; |
|
| 30 | - /** @var int */ |
|
| 31 | - private $iat; |
|
| 32 | - /** @var string */ |
|
| 33 | - private $username; |
|
| 34 | - /** @var int */ |
|
| 35 | - private $editcount; |
|
| 36 | - /** @var int */ |
|
| 37 | - private $confirmed_email; |
|
| 38 | - /** @var int */ |
|
| 39 | - private $blocked; |
|
| 40 | - /** @var string */ |
|
| 41 | - private $registered; |
|
| 42 | - /** @var int */ |
|
| 43 | - private $checkuser; |
|
| 44 | - /** @var int */ |
|
| 45 | - private $grantbasic; |
|
| 46 | - /** @var int */ |
|
| 47 | - private $grantcreateaccount; |
|
| 48 | - /** @var int */ |
|
| 49 | - private $granthighvolume; |
|
| 50 | - /** @var int */ |
|
| 51 | - private $grantcreateeditmovepage; |
|
| 52 | - #endregion |
|
| 53 | - |
|
| 54 | - /** |
|
| 55 | - * Saves a data object to the database, either updating or inserting a record. |
|
| 56 | - * @return void |
|
| 57 | - * @throws Exception |
|
| 58 | - * @throws OptimisticLockFailedException |
|
| 59 | - */ |
|
| 60 | - public function save() |
|
| 61 | - { |
|
| 62 | - if ($this->isNew()) { |
|
| 63 | - $statement = $this->dbObject->prepare(<<<SQL |
|
| 19 | + #region Fields |
|
| 20 | + /** @var int */ |
|
| 21 | + private $user; |
|
| 22 | + /** @var string */ |
|
| 23 | + private $iss; |
|
| 24 | + /** @var int */ |
|
| 25 | + private $sub; |
|
| 26 | + /** @var string */ |
|
| 27 | + private $aud; |
|
| 28 | + /** @var int */ |
|
| 29 | + private $exp; |
|
| 30 | + /** @var int */ |
|
| 31 | + private $iat; |
|
| 32 | + /** @var string */ |
|
| 33 | + private $username; |
|
| 34 | + /** @var int */ |
|
| 35 | + private $editcount; |
|
| 36 | + /** @var int */ |
|
| 37 | + private $confirmed_email; |
|
| 38 | + /** @var int */ |
|
| 39 | + private $blocked; |
|
| 40 | + /** @var string */ |
|
| 41 | + private $registered; |
|
| 42 | + /** @var int */ |
|
| 43 | + private $checkuser; |
|
| 44 | + /** @var int */ |
|
| 45 | + private $grantbasic; |
|
| 46 | + /** @var int */ |
|
| 47 | + private $grantcreateaccount; |
|
| 48 | + /** @var int */ |
|
| 49 | + private $granthighvolume; |
|
| 50 | + /** @var int */ |
|
| 51 | + private $grantcreateeditmovepage; |
|
| 52 | + #endregion |
|
| 53 | + |
|
| 54 | + /** |
|
| 55 | + * Saves a data object to the database, either updating or inserting a record. |
|
| 56 | + * @return void |
|
| 57 | + * @throws Exception |
|
| 58 | + * @throws OptimisticLockFailedException |
|
| 59 | + */ |
|
| 60 | + public function save() |
|
| 61 | + { |
|
| 62 | + if ($this->isNew()) { |
|
| 63 | + $statement = $this->dbObject->prepare(<<<SQL |
|
| 64 | 64 | INSERT INTO oauthidentity ( |
| 65 | 65 | user, iss, sub, aud, exp, iat, username, editcount, confirmed_email, blocked, registered, checkuser, |
| 66 | 66 | grantbasic, grantcreateaccount, granthighvolume, grantcreateeditmovepage |
@@ -69,34 +69,34 @@ discard block |
||
| 69 | 69 | :checkuser, :grantbasic, :grantcreateaccount, :granthighvolume, :grantcreateeditmovepage |
| 70 | 70 | ) |
| 71 | 71 | SQL |
| 72 | - ); |
|
| 73 | - |
|
| 74 | - $statement->bindValue(':user', $this->user); |
|
| 75 | - $statement->bindValue(':iss', $this->iss); |
|
| 76 | - $statement->bindValue(':sub', $this->sub); |
|
| 77 | - $statement->bindValue(':aud', $this->aud); |
|
| 78 | - $statement->bindValue(':exp', $this->exp); |
|
| 79 | - $statement->bindValue(':iat', $this->iat); |
|
| 80 | - $statement->bindValue(':username', $this->username); |
|
| 81 | - $statement->bindValue(':editcount', $this->editcount); |
|
| 82 | - $statement->bindValue(':confirmed_email', $this->confirmed_email); |
|
| 83 | - $statement->bindValue(':blocked', $this->blocked); |
|
| 84 | - $statement->bindValue(':registered', $this->registered); |
|
| 85 | - $statement->bindValue(':checkuser', $this->checkuser); |
|
| 86 | - $statement->bindValue(':grantbasic', $this->grantbasic); |
|
| 87 | - $statement->bindValue(':grantcreateaccount', $this->grantcreateaccount); |
|
| 88 | - $statement->bindValue(':granthighvolume', $this->granthighvolume); |
|
| 89 | - $statement->bindValue(':grantcreateeditmovepage', $this->grantcreateeditmovepage); |
|
| 90 | - |
|
| 91 | - if ($statement->execute()) { |
|
| 92 | - $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 93 | - } |
|
| 94 | - else { |
|
| 95 | - throw new Exception($statement->errorInfo()); |
|
| 96 | - } |
|
| 97 | - } |
|
| 98 | - else { |
|
| 99 | - $statement = $this->dbObject->prepare(<<<SQL |
|
| 72 | + ); |
|
| 73 | + |
|
| 74 | + $statement->bindValue(':user', $this->user); |
|
| 75 | + $statement->bindValue(':iss', $this->iss); |
|
| 76 | + $statement->bindValue(':sub', $this->sub); |
|
| 77 | + $statement->bindValue(':aud', $this->aud); |
|
| 78 | + $statement->bindValue(':exp', $this->exp); |
|
| 79 | + $statement->bindValue(':iat', $this->iat); |
|
| 80 | + $statement->bindValue(':username', $this->username); |
|
| 81 | + $statement->bindValue(':editcount', $this->editcount); |
|
| 82 | + $statement->bindValue(':confirmed_email', $this->confirmed_email); |
|
| 83 | + $statement->bindValue(':blocked', $this->blocked); |
|
| 84 | + $statement->bindValue(':registered', $this->registered); |
|
| 85 | + $statement->bindValue(':checkuser', $this->checkuser); |
|
| 86 | + $statement->bindValue(':grantbasic', $this->grantbasic); |
|
| 87 | + $statement->bindValue(':grantcreateaccount', $this->grantcreateaccount); |
|
| 88 | + $statement->bindValue(':granthighvolume', $this->granthighvolume); |
|
| 89 | + $statement->bindValue(':grantcreateeditmovepage', $this->grantcreateeditmovepage); |
|
| 90 | + |
|
| 91 | + if ($statement->execute()) { |
|
| 92 | + $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 93 | + } |
|
| 94 | + else { |
|
| 95 | + throw new Exception($statement->errorInfo()); |
|
| 96 | + } |
|
| 97 | + } |
|
| 98 | + else { |
|
| 99 | + $statement = $this->dbObject->prepare(<<<SQL |
|
| 100 | 100 | UPDATE oauthidentity SET |
| 101 | 101 | iss = :iss |
| 102 | 102 | , sub = :sub |
@@ -116,211 +116,211 @@ discard block |
||
| 116 | 116 | , updateversion = updateversion + 1 |
| 117 | 117 | WHERE id = :id AND updateversion = :updateversion |
| 118 | 118 | SQL |
| 119 | - ); |
|
| 120 | - |
|
| 121 | - $statement->bindValue(':iss', $this->iss); |
|
| 122 | - $statement->bindValue(':sub', $this->sub); |
|
| 123 | - $statement->bindValue(':aud', $this->aud); |
|
| 124 | - $statement->bindValue(':exp', $this->exp); |
|
| 125 | - $statement->bindValue(':iat', $this->iat); |
|
| 126 | - $statement->bindValue(':username', $this->username); |
|
| 127 | - $statement->bindValue(':editcount', $this->editcount); |
|
| 128 | - $statement->bindValue(':confirmed_email', $this->confirmed_email); |
|
| 129 | - $statement->bindValue(':blocked', $this->blocked); |
|
| 130 | - $statement->bindValue(':registered', $this->registered); |
|
| 131 | - $statement->bindValue(':checkuser', $this->checkuser); |
|
| 132 | - $statement->bindValue(':grantbasic', $this->grantbasic); |
|
| 133 | - $statement->bindValue(':grantcreateaccount', $this->grantcreateaccount); |
|
| 134 | - $statement->bindValue(':granthighvolume', $this->granthighvolume); |
|
| 135 | - $statement->bindValue(':grantcreateeditmovepage', $this->grantcreateeditmovepage); |
|
| 136 | - |
|
| 137 | - $statement->bindValue(':id', $this->id); |
|
| 138 | - $statement->bindValue(':updateversion', $this->updateversion); |
|
| 139 | - |
|
| 140 | - if (!$statement->execute()) { |
|
| 141 | - throw new Exception($statement->errorInfo()); |
|
| 142 | - } |
|
| 143 | - |
|
| 144 | - if ($statement->rowCount() !== 1) { |
|
| 145 | - throw new OptimisticLockFailedException(); |
|
| 146 | - } |
|
| 147 | - |
|
| 148 | - $this->updateversion++; |
|
| 149 | - } |
|
| 150 | - } |
|
| 151 | - |
|
| 152 | - #region Properties |
|
| 153 | - |
|
| 154 | - /** |
|
| 155 | - * @return int |
|
| 156 | - */ |
|
| 157 | - public function getUserId() |
|
| 158 | - { |
|
| 159 | - return $this->user; |
|
| 160 | - } |
|
| 161 | - |
|
| 162 | - /** |
|
| 163 | - * @param int $user |
|
| 164 | - */ |
|
| 165 | - public function setUserId($user) |
|
| 166 | - { |
|
| 167 | - $this->user = $user; |
|
| 168 | - } |
|
| 169 | - |
|
| 170 | - /** |
|
| 171 | - * @return string |
|
| 172 | - */ |
|
| 173 | - public function getIssuer() |
|
| 174 | - { |
|
| 175 | - return $this->iss; |
|
| 176 | - } |
|
| 177 | - |
|
| 178 | - /** |
|
| 179 | - * @return int |
|
| 180 | - */ |
|
| 181 | - public function getSubject() |
|
| 182 | - { |
|
| 183 | - return $this->sub; |
|
| 184 | - } |
|
| 185 | - |
|
| 186 | - /** |
|
| 187 | - * @return string |
|
| 188 | - */ |
|
| 189 | - public function getAudience() |
|
| 190 | - { |
|
| 191 | - return $this->aud; |
|
| 192 | - } |
|
| 193 | - |
|
| 194 | - /** |
|
| 195 | - * @return int |
|
| 196 | - */ |
|
| 197 | - public function getExpirationTime() |
|
| 198 | - { |
|
| 199 | - return $this->exp; |
|
| 200 | - } |
|
| 201 | - |
|
| 202 | - /** |
|
| 203 | - * @return int |
|
| 204 | - */ |
|
| 205 | - public function getIssuedAtTime() |
|
| 206 | - { |
|
| 207 | - return $this->iat; |
|
| 208 | - } |
|
| 209 | - |
|
| 210 | - /** |
|
| 211 | - * @return string |
|
| 212 | - */ |
|
| 213 | - public function getUsername() |
|
| 214 | - { |
|
| 215 | - return $this->username; |
|
| 216 | - } |
|
| 217 | - |
|
| 218 | - /** |
|
| 219 | - * @return int |
|
| 220 | - */ |
|
| 221 | - public function getEditCount() |
|
| 222 | - { |
|
| 223 | - return $this->editcount; |
|
| 224 | - } |
|
| 225 | - |
|
| 226 | - /** |
|
| 227 | - * @return bool |
|
| 228 | - */ |
|
| 229 | - public function getConfirmedEmail() |
|
| 230 | - { |
|
| 231 | - return $this->confirmed_email == 1; |
|
| 232 | - } |
|
| 233 | - |
|
| 234 | - /** |
|
| 235 | - * @return bool |
|
| 236 | - */ |
|
| 237 | - public function getBlocked() |
|
| 238 | - { |
|
| 239 | - return $this->blocked == 1; |
|
| 240 | - } |
|
| 241 | - |
|
| 242 | - /** |
|
| 243 | - * @return string |
|
| 244 | - */ |
|
| 245 | - public function getRegistered() |
|
| 246 | - { |
|
| 247 | - return $this->registered; |
|
| 248 | - } |
|
| 249 | - |
|
| 250 | - public function getRegistrationDate() |
|
| 251 | - { |
|
| 252 | - return DateTimeImmutable::createFromFormat('YmdHis', $this->registered)->format('r'); |
|
| 253 | - } |
|
| 254 | - |
|
| 255 | - public function getAccountAge() |
|
| 256 | - { |
|
| 257 | - $regDate = DateTimeImmutable::createFromFormat('YmdHis', $this->registered); |
|
| 258 | - $interval = $regDate->diff(new DateTimeImmutable(), true); |
|
| 259 | - |
|
| 260 | - return $interval->days; |
|
| 261 | - } |
|
| 262 | - |
|
| 263 | - /** |
|
| 264 | - * @return bool |
|
| 265 | - */ |
|
| 266 | - public function getCheckuser() |
|
| 267 | - { |
|
| 268 | - return $this->checkuser == 1; |
|
| 269 | - } |
|
| 270 | - |
|
| 271 | - /** |
|
| 272 | - * @return bool |
|
| 273 | - */ |
|
| 274 | - public function getGrantBasic() |
|
| 275 | - { |
|
| 276 | - return $this->grantbasic == 1; |
|
| 277 | - } |
|
| 278 | - |
|
| 279 | - /** |
|
| 280 | - * @return bool |
|
| 281 | - */ |
|
| 282 | - public function getGrantCreateAccount() |
|
| 283 | - { |
|
| 284 | - return $this->grantcreateaccount == 1; |
|
| 285 | - } |
|
| 286 | - |
|
| 287 | - /** |
|
| 288 | - * @return bool |
|
| 289 | - */ |
|
| 290 | - public function getGrantHighVolume() |
|
| 291 | - { |
|
| 292 | - return $this->granthighvolume == 1; |
|
| 293 | - } |
|
| 294 | - |
|
| 295 | - /** |
|
| 296 | - * @return bool |
|
| 297 | - */ |
|
| 298 | - public function getGrantCreateEditMovePage() |
|
| 299 | - { |
|
| 300 | - return $this->grantcreateeditmovepage == 1; |
|
| 301 | - } |
|
| 302 | - |
|
| 303 | - #endregion Properties |
|
| 304 | - |
|
| 305 | - /** |
|
| 306 | - * Populates the fields of this instance from a provided JSON Web Token |
|
| 307 | - * |
|
| 308 | - * @param stdClass $jwt |
|
| 309 | - */ |
|
| 310 | - public function populate($jwt) |
|
| 311 | - { |
|
| 312 | - $this->iss = $jwt->iss; |
|
| 313 | - $this->sub = $jwt->sub; |
|
| 314 | - $this->aud = $jwt->aud; |
|
| 315 | - $this->exp = $jwt->exp; |
|
| 316 | - $this->iat = $jwt->iat; |
|
| 317 | - $this->username = $jwt->username; |
|
| 318 | - $this->editcount = $jwt->editcount; |
|
| 319 | - $this->confirmed_email = $jwt->confirmed_email ? 1 : 0; |
|
| 320 | - $this->blocked = $jwt->blocked ? 1 : 0; |
|
| 321 | - $this->registered = $jwt->registered; |
|
| 322 | - |
|
| 323 | - /* |
|
| 119 | + ); |
|
| 120 | + |
|
| 121 | + $statement->bindValue(':iss', $this->iss); |
|
| 122 | + $statement->bindValue(':sub', $this->sub); |
|
| 123 | + $statement->bindValue(':aud', $this->aud); |
|
| 124 | + $statement->bindValue(':exp', $this->exp); |
|
| 125 | + $statement->bindValue(':iat', $this->iat); |
|
| 126 | + $statement->bindValue(':username', $this->username); |
|
| 127 | + $statement->bindValue(':editcount', $this->editcount); |
|
| 128 | + $statement->bindValue(':confirmed_email', $this->confirmed_email); |
|
| 129 | + $statement->bindValue(':blocked', $this->blocked); |
|
| 130 | + $statement->bindValue(':registered', $this->registered); |
|
| 131 | + $statement->bindValue(':checkuser', $this->checkuser); |
|
| 132 | + $statement->bindValue(':grantbasic', $this->grantbasic); |
|
| 133 | + $statement->bindValue(':grantcreateaccount', $this->grantcreateaccount); |
|
| 134 | + $statement->bindValue(':granthighvolume', $this->granthighvolume); |
|
| 135 | + $statement->bindValue(':grantcreateeditmovepage', $this->grantcreateeditmovepage); |
|
| 136 | + |
|
| 137 | + $statement->bindValue(':id', $this->id); |
|
| 138 | + $statement->bindValue(':updateversion', $this->updateversion); |
|
| 139 | + |
|
| 140 | + if (!$statement->execute()) { |
|
| 141 | + throw new Exception($statement->errorInfo()); |
|
| 142 | + } |
|
| 143 | + |
|
| 144 | + if ($statement->rowCount() !== 1) { |
|
| 145 | + throw new OptimisticLockFailedException(); |
|
| 146 | + } |
|
| 147 | + |
|
| 148 | + $this->updateversion++; |
|
| 149 | + } |
|
| 150 | + } |
|
| 151 | + |
|
| 152 | + #region Properties |
|
| 153 | + |
|
| 154 | + /** |
|
| 155 | + * @return int |
|
| 156 | + */ |
|
| 157 | + public function getUserId() |
|
| 158 | + { |
|
| 159 | + return $this->user; |
|
| 160 | + } |
|
| 161 | + |
|
| 162 | + /** |
|
| 163 | + * @param int $user |
|
| 164 | + */ |
|
| 165 | + public function setUserId($user) |
|
| 166 | + { |
|
| 167 | + $this->user = $user; |
|
| 168 | + } |
|
| 169 | + |
|
| 170 | + /** |
|
| 171 | + * @return string |
|
| 172 | + */ |
|
| 173 | + public function getIssuer() |
|
| 174 | + { |
|
| 175 | + return $this->iss; |
|
| 176 | + } |
|
| 177 | + |
|
| 178 | + /** |
|
| 179 | + * @return int |
|
| 180 | + */ |
|
| 181 | + public function getSubject() |
|
| 182 | + { |
|
| 183 | + return $this->sub; |
|
| 184 | + } |
|
| 185 | + |
|
| 186 | + /** |
|
| 187 | + * @return string |
|
| 188 | + */ |
|
| 189 | + public function getAudience() |
|
| 190 | + { |
|
| 191 | + return $this->aud; |
|
| 192 | + } |
|
| 193 | + |
|
| 194 | + /** |
|
| 195 | + * @return int |
|
| 196 | + */ |
|
| 197 | + public function getExpirationTime() |
|
| 198 | + { |
|
| 199 | + return $this->exp; |
|
| 200 | + } |
|
| 201 | + |
|
| 202 | + /** |
|
| 203 | + * @return int |
|
| 204 | + */ |
|
| 205 | + public function getIssuedAtTime() |
|
| 206 | + { |
|
| 207 | + return $this->iat; |
|
| 208 | + } |
|
| 209 | + |
|
| 210 | + /** |
|
| 211 | + * @return string |
|
| 212 | + */ |
|
| 213 | + public function getUsername() |
|
| 214 | + { |
|
| 215 | + return $this->username; |
|
| 216 | + } |
|
| 217 | + |
|
| 218 | + /** |
|
| 219 | + * @return int |
|
| 220 | + */ |
|
| 221 | + public function getEditCount() |
|
| 222 | + { |
|
| 223 | + return $this->editcount; |
|
| 224 | + } |
|
| 225 | + |
|
| 226 | + /** |
|
| 227 | + * @return bool |
|
| 228 | + */ |
|
| 229 | + public function getConfirmedEmail() |
|
| 230 | + { |
|
| 231 | + return $this->confirmed_email == 1; |
|
| 232 | + } |
|
| 233 | + |
|
| 234 | + /** |
|
| 235 | + * @return bool |
|
| 236 | + */ |
|
| 237 | + public function getBlocked() |
|
| 238 | + { |
|
| 239 | + return $this->blocked == 1; |
|
| 240 | + } |
|
| 241 | + |
|
| 242 | + /** |
|
| 243 | + * @return string |
|
| 244 | + */ |
|
| 245 | + public function getRegistered() |
|
| 246 | + { |
|
| 247 | + return $this->registered; |
|
| 248 | + } |
|
| 249 | + |
|
| 250 | + public function getRegistrationDate() |
|
| 251 | + { |
|
| 252 | + return DateTimeImmutable::createFromFormat('YmdHis', $this->registered)->format('r'); |
|
| 253 | + } |
|
| 254 | + |
|
| 255 | + public function getAccountAge() |
|
| 256 | + { |
|
| 257 | + $regDate = DateTimeImmutable::createFromFormat('YmdHis', $this->registered); |
|
| 258 | + $interval = $regDate->diff(new DateTimeImmutable(), true); |
|
| 259 | + |
|
| 260 | + return $interval->days; |
|
| 261 | + } |
|
| 262 | + |
|
| 263 | + /** |
|
| 264 | + * @return bool |
|
| 265 | + */ |
|
| 266 | + public function getCheckuser() |
|
| 267 | + { |
|
| 268 | + return $this->checkuser == 1; |
|
| 269 | + } |
|
| 270 | + |
|
| 271 | + /** |
|
| 272 | + * @return bool |
|
| 273 | + */ |
|
| 274 | + public function getGrantBasic() |
|
| 275 | + { |
|
| 276 | + return $this->grantbasic == 1; |
|
| 277 | + } |
|
| 278 | + |
|
| 279 | + /** |
|
| 280 | + * @return bool |
|
| 281 | + */ |
|
| 282 | + public function getGrantCreateAccount() |
|
| 283 | + { |
|
| 284 | + return $this->grantcreateaccount == 1; |
|
| 285 | + } |
|
| 286 | + |
|
| 287 | + /** |
|
| 288 | + * @return bool |
|
| 289 | + */ |
|
| 290 | + public function getGrantHighVolume() |
|
| 291 | + { |
|
| 292 | + return $this->granthighvolume == 1; |
|
| 293 | + } |
|
| 294 | + |
|
| 295 | + /** |
|
| 296 | + * @return bool |
|
| 297 | + */ |
|
| 298 | + public function getGrantCreateEditMovePage() |
|
| 299 | + { |
|
| 300 | + return $this->grantcreateeditmovepage == 1; |
|
| 301 | + } |
|
| 302 | + |
|
| 303 | + #endregion Properties |
|
| 304 | + |
|
| 305 | + /** |
|
| 306 | + * Populates the fields of this instance from a provided JSON Web Token |
|
| 307 | + * |
|
| 308 | + * @param stdClass $jwt |
|
| 309 | + */ |
|
| 310 | + public function populate($jwt) |
|
| 311 | + { |
|
| 312 | + $this->iss = $jwt->iss; |
|
| 313 | + $this->sub = $jwt->sub; |
|
| 314 | + $this->aud = $jwt->aud; |
|
| 315 | + $this->exp = $jwt->exp; |
|
| 316 | + $this->iat = $jwt->iat; |
|
| 317 | + $this->username = $jwt->username; |
|
| 318 | + $this->editcount = $jwt->editcount; |
|
| 319 | + $this->confirmed_email = $jwt->confirmed_email ? 1 : 0; |
|
| 320 | + $this->blocked = $jwt->blocked ? 1 : 0; |
|
| 321 | + $this->registered = $jwt->registered; |
|
| 322 | + |
|
| 323 | + /* |
|
| 324 | 324 | * Rights we need: |
| 325 | 325 | * Account creation |
| 326 | 326 | * createaccount => createaccount |
@@ -342,13 +342,13 @@ discard block |
||
| 342 | 342 | * Any antispoof conflicts will still have to be resolved manually using the normal creation form. |
| 343 | 343 | */ |
| 344 | 344 | |
| 345 | - $this->grantbasic = in_array('basic', $jwt->grants) ? 1 : 0; |
|
| 346 | - $this->grantcreateaccount = in_array('createaccount', $jwt->grants) ? 1 : 0; |
|
| 347 | - $this->grantcreateeditmovepage = in_array('createeditmovepage', $jwt->grants) ? 1 : 0; |
|
| 345 | + $this->grantbasic = in_array('basic', $jwt->grants) ? 1 : 0; |
|
| 346 | + $this->grantcreateaccount = in_array('createaccount', $jwt->grants) ? 1 : 0; |
|
| 347 | + $this->grantcreateeditmovepage = in_array('createeditmovepage', $jwt->grants) ? 1 : 0; |
|
| 348 | 348 | |
| 349 | - // we don't request these yet. |
|
| 350 | - $this->granthighvolume = 0; |
|
| 349 | + // we don't request these yet. |
|
| 350 | + $this->granthighvolume = 0; |
|
| 351 | 351 | |
| 352 | - $this->checkuser = in_array('checkuser', $jwt->rights) ? 1 : 0; |
|
| 353 | - } |
|
| 352 | + $this->checkuser = in_array('checkuser', $jwt->rights) ? 1 : 0; |
|
| 353 | + } |
|
| 354 | 354 | } |
| 355 | 355 | \ No newline at end of file |
@@ -14,8 +14,8 @@ |
||
| 14 | 14 | use Waca\DataObjects\Request; |
| 15 | 15 | use Waca\DataObjects\User; |
| 16 | 16 | use Waca\Exceptions\ApplicationLogicException; |
| 17 | -use Waca\Helpers\Logger; |
|
| 18 | 17 | use Waca\Helpers\LogHelper; |
| 18 | +use Waca\Helpers\Logger; |
|
| 19 | 19 | use Waca\Helpers\SearchHelpers\JobQueueSearchHelper; |
| 20 | 20 | use Waca\Helpers\SearchHelpers\LogSearchHelper; |
| 21 | 21 | use Waca\Helpers\SearchHelpers\RequestSearchHelper; |
@@ -26,239 +26,239 @@ |
||
| 26 | 26 | |
| 27 | 27 | class PageJobQueue extends PagedInternalPageBase |
| 28 | 28 | { |
| 29 | - /** |
|
| 30 | - * Main function for this page, when no specific actions are called. |
|
| 31 | - * @return void |
|
| 32 | - */ |
|
| 33 | - protected function main() |
|
| 34 | - { |
|
| 35 | - $this->setHtmlTitle('Job Queue Management'); |
|
| 29 | + /** |
|
| 30 | + * Main function for this page, when no specific actions are called. |
|
| 31 | + * @return void |
|
| 32 | + */ |
|
| 33 | + protected function main() |
|
| 34 | + { |
|
| 35 | + $this->setHtmlTitle('Job Queue Management'); |
|
| 36 | 36 | |
| 37 | - $this->prepareMaps(); |
|
| 37 | + $this->prepareMaps(); |
|
| 38 | 38 | |
| 39 | - $database = $this->getDatabase(); |
|
| 39 | + $database = $this->getDatabase(); |
|
| 40 | 40 | |
| 41 | - /** @var JobQueue[] $jobList */ |
|
| 42 | - $jobList = JobQueueSearchHelper::get($database) |
|
| 43 | - ->statusIn(array('ready', 'waiting', 'running', 'failed')) |
|
| 44 | - ->notAcknowledged() |
|
| 45 | - ->fetch(); |
|
| 41 | + /** @var JobQueue[] $jobList */ |
|
| 42 | + $jobList = JobQueueSearchHelper::get($database) |
|
| 43 | + ->statusIn(array('ready', 'waiting', 'running', 'failed')) |
|
| 44 | + ->notAcknowledged() |
|
| 45 | + ->fetch(); |
|
| 46 | 46 | |
| 47 | - $userIds = array(); |
|
| 48 | - $requestIds = array(); |
|
| 47 | + $userIds = array(); |
|
| 48 | + $requestIds = array(); |
|
| 49 | 49 | |
| 50 | - foreach ($jobList as $job) { |
|
| 51 | - $userIds[] = $job->getTriggerUserId(); |
|
| 52 | - $requestIds[] = $job->getRequest(); |
|
| 50 | + foreach ($jobList as $job) { |
|
| 51 | + $userIds[] = $job->getTriggerUserId(); |
|
| 52 | + $requestIds[] = $job->getRequest(); |
|
| 53 | 53 | |
| 54 | - $job->setDatabase($database); |
|
| 55 | - } |
|
| 54 | + $job->setDatabase($database); |
|
| 55 | + } |
|
| 56 | 56 | |
| 57 | - $this->assign('canSeeAll', $this->barrierTest('all', User::getCurrent($database))); |
|
| 57 | + $this->assign('canSeeAll', $this->barrierTest('all', User::getCurrent($database))); |
|
| 58 | 58 | |
| 59 | - $this->assign('users', UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username')); |
|
| 60 | - $this->assign('requests', RequestSearchHelper::get($database)->inIds($requestIds)->fetchMap('name')); |
|
| 59 | + $this->assign('users', UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username')); |
|
| 60 | + $this->assign('requests', RequestSearchHelper::get($database)->inIds($requestIds)->fetchMap('name')); |
|
| 61 | 61 | |
| 62 | - $this->assign('joblist', $jobList); |
|
| 63 | - $this->setTemplate('jobqueue/main.tpl'); |
|
| 64 | - } |
|
| 62 | + $this->assign('joblist', $jobList); |
|
| 63 | + $this->setTemplate('jobqueue/main.tpl'); |
|
| 64 | + } |
|
| 65 | 65 | |
| 66 | - protected function all() |
|
| 67 | - { |
|
| 68 | - $this->setHtmlTitle('All Jobs'); |
|
| 66 | + protected function all() |
|
| 67 | + { |
|
| 68 | + $this->setHtmlTitle('All Jobs'); |
|
| 69 | 69 | |
| 70 | - $this->prepareMaps(); |
|
| 70 | + $this->prepareMaps(); |
|
| 71 | 71 | |
| 72 | - $database = $this->getDatabase(); |
|
| 72 | + $database = $this->getDatabase(); |
|
| 73 | 73 | |
| 74 | - $searchHelper = JobQueueSearchHelper::get($database); |
|
| 75 | - $this->setSearchHelper($searchHelper); |
|
| 76 | - $this->setupLimits(); |
|
| 74 | + $searchHelper = JobQueueSearchHelper::get($database); |
|
| 75 | + $this->setSearchHelper($searchHelper); |
|
| 76 | + $this->setupLimits(); |
|
| 77 | 77 | |
| 78 | - $filterUser = WebRequest::getString('filterUser'); |
|
| 79 | - $filterTask = WebRequest::getString('filterTask'); |
|
| 80 | - $filterStatus = WebRequest::getString('filterStatus'); |
|
| 81 | - $filterRequest = WebRequest::getString('filterRequest'); |
|
| 78 | + $filterUser = WebRequest::getString('filterUser'); |
|
| 79 | + $filterTask = WebRequest::getString('filterTask'); |
|
| 80 | + $filterStatus = WebRequest::getString('filterStatus'); |
|
| 81 | + $filterRequest = WebRequest::getString('filterRequest'); |
|
| 82 | 82 | |
| 83 | - if ($filterUser !== null) { |
|
| 84 | - $searchHelper->byUser(User::getByUsername($filterUser, $database)->getId()); |
|
| 85 | - } |
|
| 83 | + if ($filterUser !== null) { |
|
| 84 | + $searchHelper->byUser(User::getByUsername($filterUser, $database)->getId()); |
|
| 85 | + } |
|
| 86 | 86 | |
| 87 | - if ($filterTask !== null) { |
|
| 88 | - $searchHelper->byTask($filterTask); |
|
| 89 | - } |
|
| 87 | + if ($filterTask !== null) { |
|
| 88 | + $searchHelper->byTask($filterTask); |
|
| 89 | + } |
|
| 90 | 90 | |
| 91 | - if ($filterStatus !== null) { |
|
| 92 | - $searchHelper->byStatus($filterStatus); |
|
| 93 | - } |
|
| 91 | + if ($filterStatus !== null) { |
|
| 92 | + $searchHelper->byStatus($filterStatus); |
|
| 93 | + } |
|
| 94 | 94 | |
| 95 | - if ($filterRequest !== null) { |
|
| 96 | - $searchHelper->byRequest($filterRequest); |
|
| 97 | - } |
|
| 95 | + if ($filterRequest !== null) { |
|
| 96 | + $searchHelper->byRequest($filterRequest); |
|
| 97 | + } |
|
| 98 | 98 | |
| 99 | - /** @var JobQueue[] $jobList */ |
|
| 100 | - $jobList = $searchHelper->getRecordCount($count)->fetch(); |
|
| 99 | + /** @var JobQueue[] $jobList */ |
|
| 100 | + $jobList = $searchHelper->getRecordCount($count)->fetch(); |
|
| 101 | 101 | |
| 102 | - $this->setupPageData($count, array( |
|
| 103 | - 'filterUser' => $filterUser, |
|
| 104 | - 'filterTask' => $filterTask, |
|
| 105 | - 'filterStatus' => $filterStatus, |
|
| 106 | - 'filterRequest' => $filterRequest, |
|
| 107 | - )); |
|
| 102 | + $this->setupPageData($count, array( |
|
| 103 | + 'filterUser' => $filterUser, |
|
| 104 | + 'filterTask' => $filterTask, |
|
| 105 | + 'filterStatus' => $filterStatus, |
|
| 106 | + 'filterRequest' => $filterRequest, |
|
| 107 | + )); |
|
| 108 | 108 | |
| 109 | - $userIds = array(); |
|
| 110 | - $requestIds = array(); |
|
| 109 | + $userIds = array(); |
|
| 110 | + $requestIds = array(); |
|
| 111 | 111 | |
| 112 | - foreach ($jobList as $job) { |
|
| 113 | - $userIds[] = $job->getTriggerUserId(); |
|
| 114 | - $requestIds[] = $job->getRequest(); |
|
| 112 | + foreach ($jobList as $job) { |
|
| 113 | + $userIds[] = $job->getTriggerUserId(); |
|
| 114 | + $requestIds[] = $job->getRequest(); |
|
| 115 | 115 | |
| 116 | - $job->setDatabase($database); |
|
| 117 | - } |
|
| 116 | + $job->setDatabase($database); |
|
| 117 | + } |
|
| 118 | 118 | |
| 119 | - $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) { |
|
| 120 | - return UserSearchHelper::get($database)->fetchColumn('username'); |
|
| 121 | - }); |
|
| 119 | + $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) { |
|
| 120 | + return UserSearchHelper::get($database)->fetchColumn('username'); |
|
| 121 | + }); |
|
| 122 | 122 | |
| 123 | - $this->assign('users', UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username')); |
|
| 124 | - $this->assign('requests', RequestSearchHelper::get($database)->inIds($requestIds)->fetchMap('name')); |
|
| 123 | + $this->assign('users', UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username')); |
|
| 124 | + $this->assign('requests', RequestSearchHelper::get($database)->inIds($requestIds)->fetchMap('name')); |
|
| 125 | 125 | |
| 126 | - $this->assign('joblist', $jobList); |
|
| 126 | + $this->assign('joblist', $jobList); |
|
| 127 | 127 | |
| 128 | - $this->setTemplate('jobqueue/all.tpl'); |
|
| 129 | - } |
|
| 128 | + $this->setTemplate('jobqueue/all.tpl'); |
|
| 129 | + } |
|
| 130 | 130 | |
| 131 | - protected function view() |
|
| 132 | - { |
|
| 133 | - $jobId = WebRequest::getInt('id'); |
|
| 134 | - $database = $this->getDatabase(); |
|
| 131 | + protected function view() |
|
| 132 | + { |
|
| 133 | + $jobId = WebRequest::getInt('id'); |
|
| 134 | + $database = $this->getDatabase(); |
|
| 135 | 135 | |
| 136 | - if ($jobId === null) { |
|
| 137 | - throw new ApplicationLogicException('No job specified'); |
|
| 138 | - } |
|
| 136 | + if ($jobId === null) { |
|
| 137 | + throw new ApplicationLogicException('No job specified'); |
|
| 138 | + } |
|
| 139 | 139 | |
| 140 | - /** @var JobQueue $job */ |
|
| 141 | - $job = JobQueue::getById($jobId, $database); |
|
| 140 | + /** @var JobQueue $job */ |
|
| 141 | + $job = JobQueue::getById($jobId, $database); |
|
| 142 | 142 | |
| 143 | - if ($job === false) { |
|
| 144 | - throw new ApplicationLogicException('Could not find requested job'); |
|
| 145 | - } |
|
| 143 | + if ($job === false) { |
|
| 144 | + throw new ApplicationLogicException('Could not find requested job'); |
|
| 145 | + } |
|
| 146 | 146 | |
| 147 | - $this->setHtmlTitle('Job #' . $job->getId()); |
|
| 147 | + $this->setHtmlTitle('Job #' . $job->getId()); |
|
| 148 | 148 | |
| 149 | - $this->prepareMaps(); |
|
| 149 | + $this->prepareMaps(); |
|
| 150 | 150 | |
| 151 | - $this->assign('user', User::getById($job->getTriggerUserId(), $database)); |
|
| 152 | - $this->assign('request', Request::getById($job->getRequest(), $database)); |
|
| 153 | - $this->assign('emailTemplate', EmailTemplate::getById($job->getEmailTemplate(), $database)); |
|
| 154 | - $this->assign('parent', JobQueue::getById($job->getParent(), $database)); |
|
| 151 | + $this->assign('user', User::getById($job->getTriggerUserId(), $database)); |
|
| 152 | + $this->assign('request', Request::getById($job->getRequest(), $database)); |
|
| 153 | + $this->assign('emailTemplate', EmailTemplate::getById($job->getEmailTemplate(), $database)); |
|
| 154 | + $this->assign('parent', JobQueue::getById($job->getParent(), $database)); |
|
| 155 | 155 | |
| 156 | - /** @var Log[] $logs */ |
|
| 157 | - $logs = LogSearchHelper::get($database)->byObjectType('JobQueue') |
|
| 158 | - ->byObjectId($job->getId())->getRecordCount($logCount)->fetch(); |
|
| 159 | - if ($logCount === 0) { |
|
| 160 | - $this->assign('log', array()); |
|
| 161 | - } |
|
| 162 | - else { |
|
| 163 | - list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration()); |
|
| 156 | + /** @var Log[] $logs */ |
|
| 157 | + $logs = LogSearchHelper::get($database)->byObjectType('JobQueue') |
|
| 158 | + ->byObjectId($job->getId())->getRecordCount($logCount)->fetch(); |
|
| 159 | + if ($logCount === 0) { |
|
| 160 | + $this->assign('log', array()); |
|
| 161 | + } |
|
| 162 | + else { |
|
| 163 | + list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration()); |
|
| 164 | 164 | |
| 165 | - $this->assign("log", $logData); |
|
| 166 | - $this->assign("users", $users); |
|
| 167 | - } |
|
| 165 | + $this->assign("log", $logData); |
|
| 166 | + $this->assign("users", $users); |
|
| 167 | + } |
|
| 168 | 168 | |
| 169 | - $this->assignCSRFToken(); |
|
| 169 | + $this->assignCSRFToken(); |
|
| 170 | 170 | |
| 171 | - $this->assign('job', $job); |
|
| 171 | + $this->assign('job', $job); |
|
| 172 | 172 | |
| 173 | - $this->assign('canAcknowledge', $this->barrierTest('acknowledge', User::getCurrent($database))); |
|
| 174 | - $this->assign('canRequeue', $this->barrierTest('requeue', User::getCurrent($database))); |
|
| 175 | - $this->setTemplate('jobqueue/view.tpl'); |
|
| 176 | - } |
|
| 173 | + $this->assign('canAcknowledge', $this->barrierTest('acknowledge', User::getCurrent($database))); |
|
| 174 | + $this->assign('canRequeue', $this->barrierTest('requeue', User::getCurrent($database))); |
|
| 175 | + $this->setTemplate('jobqueue/view.tpl'); |
|
| 176 | + } |
|
| 177 | 177 | |
| 178 | - protected function acknowledge() |
|
| 179 | - { |
|
| 180 | - if (!WebRequest::wasPosted()) { |
|
| 181 | - throw new ApplicationLogicException('This page does not support GET methods.'); |
|
| 182 | - } |
|
| 178 | + protected function acknowledge() |
|
| 179 | + { |
|
| 180 | + if (!WebRequest::wasPosted()) { |
|
| 181 | + throw new ApplicationLogicException('This page does not support GET methods.'); |
|
| 182 | + } |
|
| 183 | 183 | |
| 184 | - $this->validateCSRFToken(); |
|
| 184 | + $this->validateCSRFToken(); |
|
| 185 | 185 | |
| 186 | - $jobId = WebRequest::postInt('job'); |
|
| 187 | - $database = $this->getDatabase(); |
|
| 186 | + $jobId = WebRequest::postInt('job'); |
|
| 187 | + $database = $this->getDatabase(); |
|
| 188 | 188 | |
| 189 | - if ($jobId === null) { |
|
| 190 | - throw new ApplicationLogicException('No job specified'); |
|
| 191 | - } |
|
| 189 | + if ($jobId === null) { |
|
| 190 | + throw new ApplicationLogicException('No job specified'); |
|
| 191 | + } |
|
| 192 | 192 | |
| 193 | - /** @var JobQueue $job */ |
|
| 194 | - $job = JobQueue::getById($jobId, $database); |
|
| 193 | + /** @var JobQueue $job */ |
|
| 194 | + $job = JobQueue::getById($jobId, $database); |
|
| 195 | 195 | |
| 196 | - if ($job === false) { |
|
| 197 | - throw new ApplicationLogicException('Could not find requested job'); |
|
| 198 | - } |
|
| 196 | + if ($job === false) { |
|
| 197 | + throw new ApplicationLogicException('Could not find requested job'); |
|
| 198 | + } |
|
| 199 | 199 | |
| 200 | - $job->setUpdateVersion(WebRequest::postInt('updateVersion')); |
|
| 201 | - $job->setAcknowledged(true); |
|
| 202 | - $job->save(); |
|
| 200 | + $job->setUpdateVersion(WebRequest::postInt('updateVersion')); |
|
| 201 | + $job->setAcknowledged(true); |
|
| 202 | + $job->save(); |
|
| 203 | 203 | |
| 204 | - Logger::backgroundJobAcknowledged($database, $job); |
|
| 204 | + Logger::backgroundJobAcknowledged($database, $job); |
|
| 205 | 205 | |
| 206 | - $this->redirect('jobQueue', 'view', array('id' => $jobId)); |
|
| 207 | - } |
|
| 206 | + $this->redirect('jobQueue', 'view', array('id' => $jobId)); |
|
| 207 | + } |
|
| 208 | 208 | |
| 209 | - protected function requeue() |
|
| 210 | - { |
|
| 211 | - if (!WebRequest::wasPosted()) { |
|
| 212 | - throw new ApplicationLogicException('This page does not support GET methods.'); |
|
| 213 | - } |
|
| 209 | + protected function requeue() |
|
| 210 | + { |
|
| 211 | + if (!WebRequest::wasPosted()) { |
|
| 212 | + throw new ApplicationLogicException('This page does not support GET methods.'); |
|
| 213 | + } |
|
| 214 | 214 | |
| 215 | - $this->validateCSRFToken(); |
|
| 215 | + $this->validateCSRFToken(); |
|
| 216 | 216 | |
| 217 | - $jobId = WebRequest::postInt('job'); |
|
| 218 | - $database = $this->getDatabase(); |
|
| 217 | + $jobId = WebRequest::postInt('job'); |
|
| 218 | + $database = $this->getDatabase(); |
|
| 219 | 219 | |
| 220 | - if ($jobId === null) { |
|
| 221 | - throw new ApplicationLogicException('No job specified'); |
|
| 222 | - } |
|
| 220 | + if ($jobId === null) { |
|
| 221 | + throw new ApplicationLogicException('No job specified'); |
|
| 222 | + } |
|
| 223 | 223 | |
| 224 | - /** @var JobQueue $job */ |
|
| 225 | - $job = JobQueue::getById($jobId, $database); |
|
| 224 | + /** @var JobQueue $job */ |
|
| 225 | + $job = JobQueue::getById($jobId, $database); |
|
| 226 | 226 | |
| 227 | - if ($job === false) { |
|
| 228 | - throw new ApplicationLogicException('Could not find requested job'); |
|
| 229 | - } |
|
| 227 | + if ($job === false) { |
|
| 228 | + throw new ApplicationLogicException('Could not find requested job'); |
|
| 229 | + } |
|
| 230 | 230 | |
| 231 | - $job->setStatus(JobQueue::STATUS_READY); |
|
| 232 | - $job->setUpdateVersion(WebRequest::postInt('updateVersion')); |
|
| 233 | - $job->setAcknowledged(null); |
|
| 234 | - $job->setError(null); |
|
| 235 | - $job->save(); |
|
| 236 | - |
|
| 237 | - /** @var Request $request */ |
|
| 238 | - $request = Request::getById($job->getRequest(), $database); |
|
| 239 | - $request->setStatus(RequestStatus::JOBQUEUE); |
|
| 240 | - $request->save(); |
|
| 231 | + $job->setStatus(JobQueue::STATUS_READY); |
|
| 232 | + $job->setUpdateVersion(WebRequest::postInt('updateVersion')); |
|
| 233 | + $job->setAcknowledged(null); |
|
| 234 | + $job->setError(null); |
|
| 235 | + $job->save(); |
|
| 236 | + |
|
| 237 | + /** @var Request $request */ |
|
| 238 | + $request = Request::getById($job->getRequest(), $database); |
|
| 239 | + $request->setStatus(RequestStatus::JOBQUEUE); |
|
| 240 | + $request->save(); |
|
| 241 | 241 | |
| 242 | - Logger::enqueuedJobQueue($database, $request); |
|
| 243 | - Logger::backgroundJobRequeued($database, $job); |
|
| 244 | - |
|
| 245 | - $this->redirect('jobQueue', 'view', array('id' => $jobId)); |
|
| 246 | - } |
|
| 247 | - |
|
| 248 | - protected function prepareMaps() |
|
| 249 | - { |
|
| 250 | - $taskNameMap = JobQueue::getTaskDescriptions(); |
|
| 251 | - |
|
| 252 | - $statusDecriptionMap = array( |
|
| 253 | - JobQueue::STATUS_CANCELLED => 'The job was cancelled', |
|
| 254 | - JobQueue::STATUS_COMPLETE => 'The job completed successfully', |
|
| 255 | - JobQueue::STATUS_FAILED => 'The job encountered an error', |
|
| 256 | - JobQueue::STATUS_READY => 'The job is ready to be picked up by the next job runner execution', |
|
| 257 | - JobQueue::STATUS_RUNNING => 'The job is being run right now by the job runner', |
|
| 258 | - JobQueue::STATUS_WAITING => 'The job has been picked up by a job runner', |
|
| 259 | - JobQueue::STATUS_HELD => 'The job has manually held from processing', |
|
| 260 | - ); |
|
| 261 | - $this->assign('taskNameMap', $taskNameMap); |
|
| 262 | - $this->assign('statusDescriptionMap', $statusDecriptionMap); |
|
| 263 | - } |
|
| 242 | + Logger::enqueuedJobQueue($database, $request); |
|
| 243 | + Logger::backgroundJobRequeued($database, $job); |
|
| 244 | + |
|
| 245 | + $this->redirect('jobQueue', 'view', array('id' => $jobId)); |
|
| 246 | + } |
|
| 247 | + |
|
| 248 | + protected function prepareMaps() |
|
| 249 | + { |
|
| 250 | + $taskNameMap = JobQueue::getTaskDescriptions(); |
|
| 251 | + |
|
| 252 | + $statusDecriptionMap = array( |
|
| 253 | + JobQueue::STATUS_CANCELLED => 'The job was cancelled', |
|
| 254 | + JobQueue::STATUS_COMPLETE => 'The job completed successfully', |
|
| 255 | + JobQueue::STATUS_FAILED => 'The job encountered an error', |
|
| 256 | + JobQueue::STATUS_READY => 'The job is ready to be picked up by the next job runner execution', |
|
| 257 | + JobQueue::STATUS_RUNNING => 'The job is being run right now by the job runner', |
|
| 258 | + JobQueue::STATUS_WAITING => 'The job has been picked up by a job runner', |
|
| 259 | + JobQueue::STATUS_HELD => 'The job has manually held from processing', |
|
| 260 | + ); |
|
| 261 | + $this->assign('taskNameMap', $taskNameMap); |
|
| 262 | + $this->assign('statusDescriptionMap', $statusDecriptionMap); |
|
| 263 | + } |
|
| 264 | 264 | } |
| 265 | 265 | \ No newline at end of file |
@@ -15,27 +15,20 @@ discard block |
||
| 15 | 15 | use Waca\Pages\PageEmailManagement; |
| 16 | 16 | use Waca\Pages\PageExpandedRequestList; |
| 17 | 17 | use Waca\Pages\PageJobQueue; |
| 18 | -use Waca\Pages\RequestAction\PageCreateRequest; |
|
| 19 | -use Waca\Pages\UserAuth\PageChangePassword; |
|
| 20 | -use Waca\Pages\UserAuth\PageForgotPassword; |
|
| 21 | 18 | use Waca\Pages\PageLog; |
| 22 | -use Waca\Pages\UserAuth\PageLogin; |
|
| 23 | -use Waca\Pages\UserAuth\PageLogout; |
|
| 24 | 19 | use Waca\Pages\PageMain; |
| 25 | -use Waca\Pages\UserAuth\PageOAuth; |
|
| 26 | -use Waca\Pages\UserAuth\PageOAuthCallback; |
|
| 27 | -use Waca\Pages\UserAuth\PagePreferences; |
|
| 28 | -use Waca\Pages\Registration\PageRegisterStandard; |
|
| 29 | -use Waca\Pages\Registration\PageRegisterOption; |
|
| 30 | 20 | use Waca\Pages\PageSearch; |
| 31 | 21 | use Waca\Pages\PageSiteNotice; |
| 32 | 22 | use Waca\Pages\PageTeam; |
| 33 | 23 | use Waca\Pages\PageUserManagement; |
| 34 | 24 | use Waca\Pages\PageViewRequest; |
| 35 | 25 | use Waca\Pages\PageWelcomeTemplateManagement; |
| 26 | +use Waca\Pages\Registration\PageRegisterOption; |
|
| 27 | +use Waca\Pages\Registration\PageRegisterStandard; |
|
| 36 | 28 | use Waca\Pages\RequestAction\PageBreakReservation; |
| 37 | 29 | use Waca\Pages\RequestAction\PageCloseRequest; |
| 38 | 30 | use Waca\Pages\RequestAction\PageComment; |
| 31 | +use Waca\Pages\RequestAction\PageCreateRequest; |
|
| 39 | 32 | use Waca\Pages\RequestAction\PageCustomClose; |
| 40 | 33 | use Waca\Pages\RequestAction\PageDeferRequest; |
| 41 | 34 | use Waca\Pages\RequestAction\PageDropRequest; |
@@ -49,6 +42,13 @@ discard block |
||
| 49 | 42 | use Waca\Pages\Statistics\StatsTemplateStats; |
| 50 | 43 | use Waca\Pages\Statistics\StatsTopCreators; |
| 51 | 44 | use Waca\Pages\Statistics\StatsUsers; |
| 45 | +use Waca\Pages\UserAuth\PageChangePassword; |
|
| 46 | +use Waca\Pages\UserAuth\PageForgotPassword; |
|
| 47 | +use Waca\Pages\UserAuth\PageLogin; |
|
| 48 | +use Waca\Pages\UserAuth\PageLogout; |
|
| 49 | +use Waca\Pages\UserAuth\PageOAuth; |
|
| 50 | +use Waca\Pages\UserAuth\PageOAuthCallback; |
|
| 51 | +use Waca\Pages\UserAuth\PagePreferences; |
|
| 52 | 52 | use Waca\Tasks\IRoutedTask; |
| 53 | 53 | use Waca\WebRequest; |
| 54 | 54 | |
@@ -59,415 +59,415 @@ |
||
| 59 | 59 | */ |
| 60 | 60 | class RequestRouter implements IRequestRouter |
| 61 | 61 | { |
| 62 | - /** |
|
| 63 | - * This is the core routing table for the application. The basic idea is: |
|
| 64 | - * |
|
| 65 | - * array( |
|
| 66 | - * "foo" => |
|
| 67 | - * array( |
|
| 68 | - * "class" => PageFoo::class, |
|
| 69 | - * "actions" => array("bar", "other") |
|
| 70 | - * ), |
|
| 71 | - * ); |
|
| 72 | - * |
|
| 73 | - * Things to note: |
|
| 74 | - * - If no page is requested, we go to PageMain. PageMain can't have actions defined. |
|
| 75 | - * |
|
| 76 | - * - If a page is defined and requested, but no action is requested, go to that page's main() method |
|
| 77 | - * - If a page is defined and requested, and an action is defined and requested, go to that action's method. |
|
| 78 | - * - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main() |
|
| 79 | - * method. |
|
| 80 | - * - If a page is NOT defined and requested, go to Page404 and it's main() method. |
|
| 81 | - * |
|
| 82 | - * - Query parameters are ignored. |
|
| 83 | - * |
|
| 84 | - * The key point here is request routing with validation that this is allowed, before we start hitting the |
|
| 85 | - * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested |
|
| 86 | - * before we start calling random methods through the web UI. |
|
| 87 | - * |
|
| 88 | - * Examples: |
|
| 89 | - * /internal.php => returns instance of PageMain, routed to main() |
|
| 90 | - * /internal.php?query => returns instance of PageMain, routed to main() |
|
| 91 | - * /internal.php/foo => returns instance of PageFoo, routed to main() |
|
| 92 | - * /internal.php/foo?query => returns instance of PageFoo, routed to main() |
|
| 93 | - * /internal.php/foo/bar => returns instance of PageFoo, routed to bar() |
|
| 94 | - * /internal.php/foo/bar?query => returns instance of PageFoo, routed to bar() |
|
| 95 | - * /internal.php/foo/baz => returns instance of Page404, routed to main() |
|
| 96 | - * /internal.php/foo/baz?query => returns instance of Page404, routed to main() |
|
| 97 | - * /internal.php/bar => returns instance of Page404, routed to main() |
|
| 98 | - * /internal.php/bar?query => returns instance of Page404, routed to main() |
|
| 99 | - * /internal.php/bar/baz => returns instance of Page404, routed to main() |
|
| 100 | - * /internal.php/bar/baz?query => returns instance of Page404, routed to main() |
|
| 101 | - * |
|
| 102 | - * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need |
|
| 103 | - * to change the key, then you'll likely have to update a lot of files. |
|
| 104 | - * |
|
| 105 | - * @var array |
|
| 106 | - */ |
|
| 107 | - private $routeMap = array( |
|
| 108 | - |
|
| 109 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 110 | - // Login and registration |
|
| 111 | - 'logout' => |
|
| 112 | - array( |
|
| 113 | - 'class' => PageLogout::class, |
|
| 114 | - 'actions' => array(), |
|
| 115 | - ), |
|
| 116 | - 'login' => |
|
| 117 | - array( |
|
| 118 | - 'class' => PageLogin::class, |
|
| 119 | - 'actions' => array(), |
|
| 120 | - ), |
|
| 121 | - 'forgotPassword' => |
|
| 122 | - array( |
|
| 123 | - 'class' => PageForgotPassword::class, |
|
| 124 | - 'actions' => array('reset'), |
|
| 125 | - ), |
|
| 126 | - 'register' => |
|
| 127 | - array( |
|
| 128 | - 'class' => PageRegisterOption::class, |
|
| 129 | - 'actions' => array(), |
|
| 130 | - ), |
|
| 131 | - 'register/standard' => |
|
| 132 | - array( |
|
| 133 | - 'class' => PageRegisterStandard::class, |
|
| 134 | - 'actions' => array('done'), |
|
| 135 | - ), |
|
| 136 | - |
|
| 137 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 138 | - // Discovery |
|
| 139 | - 'search' => |
|
| 140 | - array( |
|
| 141 | - 'class' => PageSearch::class, |
|
| 142 | - 'actions' => array(), |
|
| 143 | - ), |
|
| 144 | - 'logs' => |
|
| 145 | - array( |
|
| 146 | - 'class' => PageLog::class, |
|
| 147 | - 'actions' => array(), |
|
| 148 | - ), |
|
| 149 | - |
|
| 150 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 151 | - // Administration |
|
| 152 | - 'bans' => |
|
| 153 | - array( |
|
| 154 | - 'class' => PageBan::class, |
|
| 155 | - 'actions' => array('set', 'remove'), |
|
| 156 | - ), |
|
| 157 | - 'userManagement' => |
|
| 158 | - array( |
|
| 159 | - 'class' => PageUserManagement::class, |
|
| 160 | - 'actions' => array( |
|
| 161 | - 'approve', |
|
| 162 | - 'decline', |
|
| 163 | - 'rename', |
|
| 164 | - 'editUser', |
|
| 165 | - 'suspend', |
|
| 166 | - 'editRoles', |
|
| 167 | - ), |
|
| 168 | - ), |
|
| 169 | - 'siteNotice' => |
|
| 170 | - array( |
|
| 171 | - 'class' => PageSiteNotice::class, |
|
| 172 | - 'actions' => array(), |
|
| 173 | - ), |
|
| 174 | - 'emailManagement' => |
|
| 175 | - array( |
|
| 176 | - 'class' => PageEmailManagement::class, |
|
| 177 | - 'actions' => array('create', 'edit', 'view'), |
|
| 178 | - ), |
|
| 179 | - 'jobQueue' => |
|
| 180 | - array( |
|
| 181 | - 'class' => PageJobQueue::class, |
|
| 182 | - 'actions' => array('acknowledge', 'requeue', 'view', 'all'), |
|
| 183 | - ), |
|
| 184 | - |
|
| 185 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 186 | - // Personal preferences |
|
| 187 | - 'preferences' => |
|
| 188 | - array( |
|
| 189 | - 'class' => PagePreferences::class, |
|
| 190 | - 'actions' => array(), |
|
| 191 | - ), |
|
| 192 | - 'changePassword' => |
|
| 193 | - array( |
|
| 194 | - 'class' => PageChangePassword::class, |
|
| 195 | - 'actions' => array(), |
|
| 196 | - ), |
|
| 197 | - 'oauth' => |
|
| 198 | - array( |
|
| 199 | - 'class' => PageOAuth::class, |
|
| 200 | - 'actions' => array('detach', 'attach'), |
|
| 201 | - ), |
|
| 202 | - 'oauth/callback' => |
|
| 203 | - array( |
|
| 204 | - 'class' => PageOAuthCallback::class, |
|
| 205 | - 'actions' => array('authorise', 'create'), |
|
| 206 | - ), |
|
| 207 | - |
|
| 208 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 209 | - // Welcomer configuration |
|
| 210 | - 'welcomeTemplates' => |
|
| 211 | - array( |
|
| 212 | - 'class' => PageWelcomeTemplateManagement::class, |
|
| 213 | - 'actions' => array('select', 'edit', 'delete', 'add', 'view'), |
|
| 214 | - ), |
|
| 215 | - |
|
| 216 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 217 | - // Statistics |
|
| 218 | - 'statistics' => |
|
| 219 | - array( |
|
| 220 | - 'class' => StatsMain::class, |
|
| 221 | - 'actions' => array(), |
|
| 222 | - ), |
|
| 223 | - 'statistics/fastCloses' => |
|
| 224 | - array( |
|
| 225 | - 'class' => StatsFastCloses::class, |
|
| 226 | - 'actions' => array(), |
|
| 227 | - ), |
|
| 228 | - 'statistics/inactiveUsers' => |
|
| 229 | - array( |
|
| 230 | - 'class' => StatsInactiveUsers::class, |
|
| 231 | - 'actions' => array(), |
|
| 232 | - ), |
|
| 233 | - 'statistics/monthlyStats' => |
|
| 234 | - array( |
|
| 235 | - 'class' => StatsMonthlyStats::class, |
|
| 236 | - 'actions' => array(), |
|
| 237 | - ), |
|
| 238 | - 'statistics/reservedRequests' => |
|
| 239 | - array( |
|
| 240 | - 'class' => StatsReservedRequests::class, |
|
| 241 | - 'actions' => array(), |
|
| 242 | - ), |
|
| 243 | - 'statistics/templateStats' => |
|
| 244 | - array( |
|
| 245 | - 'class' => StatsTemplateStats::class, |
|
| 246 | - 'actions' => array(), |
|
| 247 | - ), |
|
| 248 | - 'statistics/topCreators' => |
|
| 249 | - array( |
|
| 250 | - 'class' => StatsTopCreators::class, |
|
| 251 | - 'actions' => array(), |
|
| 252 | - ), |
|
| 253 | - 'statistics/users' => |
|
| 254 | - array( |
|
| 255 | - 'class' => StatsUsers::class, |
|
| 256 | - 'actions' => array('detail'), |
|
| 257 | - ), |
|
| 258 | - |
|
| 259 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 260 | - // Zoom page |
|
| 261 | - 'viewRequest' => |
|
| 262 | - array( |
|
| 263 | - 'class' => PageViewRequest::class, |
|
| 264 | - 'actions' => array(), |
|
| 265 | - ), |
|
| 266 | - 'viewRequest/reserve' => |
|
| 267 | - array( |
|
| 268 | - 'class' => PageReservation::class, |
|
| 269 | - 'actions' => array(), |
|
| 270 | - ), |
|
| 271 | - 'viewRequest/breakReserve' => |
|
| 272 | - array( |
|
| 273 | - 'class' => PageBreakReservation::class, |
|
| 274 | - 'actions' => array(), |
|
| 275 | - ), |
|
| 276 | - 'viewRequest/defer' => |
|
| 277 | - array( |
|
| 278 | - 'class' => PageDeferRequest::class, |
|
| 279 | - 'actions' => array(), |
|
| 280 | - ), |
|
| 281 | - 'viewRequest/comment' => |
|
| 282 | - array( |
|
| 283 | - 'class' => PageComment::class, |
|
| 284 | - 'actions' => array(), |
|
| 285 | - ), |
|
| 286 | - 'viewRequest/sendToUser' => |
|
| 287 | - array( |
|
| 288 | - 'class' => PageSendToUser::class, |
|
| 289 | - 'actions' => array(), |
|
| 290 | - ), |
|
| 291 | - 'viewRequest/close' => |
|
| 292 | - array( |
|
| 293 | - 'class' => PageCloseRequest::class, |
|
| 294 | - 'actions' => array(), |
|
| 295 | - ), |
|
| 296 | - 'viewRequest/create' => |
|
| 297 | - array( |
|
| 298 | - 'class' => PageCreateRequest::class, |
|
| 299 | - 'actions' => array(), |
|
| 300 | - ), |
|
| 301 | - 'viewRequest/drop' => |
|
| 302 | - array( |
|
| 303 | - 'class' => PageDropRequest::class, |
|
| 304 | - 'actions' => array(), |
|
| 305 | - ), |
|
| 306 | - 'viewRequest/custom' => |
|
| 307 | - array( |
|
| 308 | - 'class' => PageCustomClose::class, |
|
| 309 | - 'actions' => array(), |
|
| 310 | - ), |
|
| 311 | - 'editComment' => |
|
| 312 | - array( |
|
| 313 | - 'class' => PageEditComment::class, |
|
| 314 | - 'actions' => array(), |
|
| 315 | - ), |
|
| 316 | - |
|
| 317 | - ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 318 | - // Misc stuff |
|
| 319 | - 'team' => |
|
| 320 | - array( |
|
| 321 | - 'class' => PageTeam::class, |
|
| 322 | - 'actions' => array(), |
|
| 323 | - ), |
|
| 324 | - 'requestList' => |
|
| 325 | - array( |
|
| 326 | - 'class' => PageExpandedRequestList::class, |
|
| 327 | - 'actions' => array(), |
|
| 328 | - ), |
|
| 329 | - ); |
|
| 330 | - |
|
| 331 | - /** |
|
| 332 | - * @return IRoutedTask |
|
| 333 | - * @throws Exception |
|
| 334 | - */ |
|
| 335 | - final public function route() |
|
| 336 | - { |
|
| 337 | - $pathInfo = WebRequest::pathInfo(); |
|
| 338 | - |
|
| 339 | - list($pageClass, $action) = $this->getRouteFromPath($pathInfo); |
|
| 340 | - |
|
| 341 | - /** @var IRoutedTask $page */ |
|
| 342 | - $page = new $pageClass(); |
|
| 343 | - |
|
| 344 | - // Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so |
|
| 345 | - // let's use our own. |
|
| 346 | - if (!($page instanceof IRoutedTask)) { |
|
| 347 | - throw new Exception('Expected a page, but this is not a page.'); |
|
| 348 | - } |
|
| 349 | - |
|
| 350 | - // OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it |
|
| 351 | - // inherits PageBase and has been created from the routing map. |
|
| 352 | - $page->setRoute($action); |
|
| 353 | - |
|
| 354 | - return $page; |
|
| 355 | - } |
|
| 356 | - |
|
| 357 | - /** |
|
| 358 | - * @param $pathInfo |
|
| 359 | - * |
|
| 360 | - * @return array |
|
| 361 | - */ |
|
| 362 | - protected function getRouteFromPath($pathInfo) |
|
| 363 | - { |
|
| 364 | - if (count($pathInfo) === 0) { |
|
| 365 | - // No pathInfo, so no page to load. Load the main page. |
|
| 366 | - return $this->getDefaultRoute(); |
|
| 367 | - } |
|
| 368 | - elseif (count($pathInfo) === 1) { |
|
| 369 | - // Exactly one path info segment, it's got to be a page. |
|
| 370 | - $classSegment = $pathInfo[0]; |
|
| 371 | - |
|
| 372 | - return $this->routeSinglePathSegment($classSegment); |
|
| 373 | - } |
|
| 374 | - |
|
| 375 | - // OK, we have two or more segments now. |
|
| 376 | - if (count($pathInfo) > 2) { |
|
| 377 | - // Let's handle more than two, and collapse it down into two. |
|
| 378 | - $requestedAction = array_pop($pathInfo); |
|
| 379 | - $classSegment = implode('/', $pathInfo); |
|
| 380 | - } |
|
| 381 | - else { |
|
| 382 | - // Two path info segments. |
|
| 383 | - $classSegment = $pathInfo[0]; |
|
| 384 | - $requestedAction = $pathInfo[1]; |
|
| 385 | - } |
|
| 386 | - |
|
| 387 | - $routeMap = $this->routePathSegments($classSegment, $requestedAction); |
|
| 388 | - |
|
| 389 | - if ($routeMap[0] === Page404::class) { |
|
| 390 | - $routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction); |
|
| 391 | - } |
|
| 392 | - |
|
| 393 | - return $routeMap; |
|
| 394 | - } |
|
| 395 | - |
|
| 396 | - /** |
|
| 397 | - * @param $classSegment |
|
| 398 | - * |
|
| 399 | - * @return array |
|
| 400 | - */ |
|
| 401 | - final protected function routeSinglePathSegment($classSegment) |
|
| 402 | - { |
|
| 403 | - $routeMap = $this->getRouteMap(); |
|
| 404 | - if (array_key_exists($classSegment, $routeMap)) { |
|
| 405 | - // Route exists, but we don't have an action in path info, so default to main. |
|
| 406 | - $pageClass = $routeMap[$classSegment]['class']; |
|
| 407 | - $action = 'main'; |
|
| 408 | - |
|
| 409 | - return array($pageClass, $action); |
|
| 410 | - } |
|
| 411 | - else { |
|
| 412 | - // Doesn't exist in map. Fall back to 404 |
|
| 413 | - $pageClass = Page404::class; |
|
| 414 | - $action = "main"; |
|
| 415 | - |
|
| 416 | - return array($pageClass, $action); |
|
| 417 | - } |
|
| 418 | - } |
|
| 419 | - |
|
| 420 | - /** |
|
| 421 | - * @param $classSegment |
|
| 422 | - * @param $requestedAction |
|
| 423 | - * |
|
| 424 | - * @return array |
|
| 425 | - */ |
|
| 426 | - final protected function routePathSegments($classSegment, $requestedAction) |
|
| 427 | - { |
|
| 428 | - $routeMap = $this->getRouteMap(); |
|
| 429 | - if (array_key_exists($classSegment, $routeMap)) { |
|
| 430 | - // Route exists, but we don't have an action in path info, so default to main. |
|
| 431 | - |
|
| 432 | - if (isset($routeMap[$classSegment]['actions']) |
|
| 433 | - && array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false |
|
| 434 | - ) { |
|
| 435 | - // Action exists in allowed action list. Allow both the page and the action |
|
| 436 | - $pageClass = $routeMap[$classSegment]['class']; |
|
| 437 | - $action = $requestedAction; |
|
| 438 | - |
|
| 439 | - return array($pageClass, $action); |
|
| 440 | - } |
|
| 441 | - else { |
|
| 442 | - // Valid page, invalid action. 404 our way out. |
|
| 443 | - $pageClass = Page404::class; |
|
| 444 | - $action = 'main'; |
|
| 445 | - |
|
| 446 | - return array($pageClass, $action); |
|
| 447 | - } |
|
| 448 | - } |
|
| 449 | - else { |
|
| 450 | - // Class doesn't exist in map. Fall back to 404 |
|
| 451 | - $pageClass = Page404::class; |
|
| 452 | - $action = 'main'; |
|
| 453 | - |
|
| 454 | - return array($pageClass, $action); |
|
| 455 | - } |
|
| 456 | - } |
|
| 457 | - |
|
| 458 | - /** |
|
| 459 | - * @return array |
|
| 460 | - */ |
|
| 461 | - protected function getRouteMap() |
|
| 462 | - { |
|
| 463 | - return $this->routeMap; |
|
| 464 | - } |
|
| 465 | - |
|
| 466 | - /** |
|
| 467 | - * @return callable |
|
| 468 | - */ |
|
| 469 | - protected function getDefaultRoute() |
|
| 470 | - { |
|
| 471 | - return array(PageMain::class, "main"); |
|
| 472 | - } |
|
| 62 | + /** |
|
| 63 | + * This is the core routing table for the application. The basic idea is: |
|
| 64 | + * |
|
| 65 | + * array( |
|
| 66 | + * "foo" => |
|
| 67 | + * array( |
|
| 68 | + * "class" => PageFoo::class, |
|
| 69 | + * "actions" => array("bar", "other") |
|
| 70 | + * ), |
|
| 71 | + * ); |
|
| 72 | + * |
|
| 73 | + * Things to note: |
|
| 74 | + * - If no page is requested, we go to PageMain. PageMain can't have actions defined. |
|
| 75 | + * |
|
| 76 | + * - If a page is defined and requested, but no action is requested, go to that page's main() method |
|
| 77 | + * - If a page is defined and requested, and an action is defined and requested, go to that action's method. |
|
| 78 | + * - If a page is defined and requested, and an action NOT defined and requested, go to Page404 and it's main() |
|
| 79 | + * method. |
|
| 80 | + * - If a page is NOT defined and requested, go to Page404 and it's main() method. |
|
| 81 | + * |
|
| 82 | + * - Query parameters are ignored. |
|
| 83 | + * |
|
| 84 | + * The key point here is request routing with validation that this is allowed, before we start hitting the |
|
| 85 | + * filesystem through the AutoLoader, and opening random files. Also, so that we validate the action requested |
|
| 86 | + * before we start calling random methods through the web UI. |
|
| 87 | + * |
|
| 88 | + * Examples: |
|
| 89 | + * /internal.php => returns instance of PageMain, routed to main() |
|
| 90 | + * /internal.php?query => returns instance of PageMain, routed to main() |
|
| 91 | + * /internal.php/foo => returns instance of PageFoo, routed to main() |
|
| 92 | + * /internal.php/foo?query => returns instance of PageFoo, routed to main() |
|
| 93 | + * /internal.php/foo/bar => returns instance of PageFoo, routed to bar() |
|
| 94 | + * /internal.php/foo/bar?query => returns instance of PageFoo, routed to bar() |
|
| 95 | + * /internal.php/foo/baz => returns instance of Page404, routed to main() |
|
| 96 | + * /internal.php/foo/baz?query => returns instance of Page404, routed to main() |
|
| 97 | + * /internal.php/bar => returns instance of Page404, routed to main() |
|
| 98 | + * /internal.php/bar?query => returns instance of Page404, routed to main() |
|
| 99 | + * /internal.php/bar/baz => returns instance of Page404, routed to main() |
|
| 100 | + * /internal.php/bar/baz?query => returns instance of Page404, routed to main() |
|
| 101 | + * |
|
| 102 | + * Take care when changing this - a lot of places rely on the array key for redirects and other links. If you need |
|
| 103 | + * to change the key, then you'll likely have to update a lot of files. |
|
| 104 | + * |
|
| 105 | + * @var array |
|
| 106 | + */ |
|
| 107 | + private $routeMap = array( |
|
| 108 | + |
|
| 109 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 110 | + // Login and registration |
|
| 111 | + 'logout' => |
|
| 112 | + array( |
|
| 113 | + 'class' => PageLogout::class, |
|
| 114 | + 'actions' => array(), |
|
| 115 | + ), |
|
| 116 | + 'login' => |
|
| 117 | + array( |
|
| 118 | + 'class' => PageLogin::class, |
|
| 119 | + 'actions' => array(), |
|
| 120 | + ), |
|
| 121 | + 'forgotPassword' => |
|
| 122 | + array( |
|
| 123 | + 'class' => PageForgotPassword::class, |
|
| 124 | + 'actions' => array('reset'), |
|
| 125 | + ), |
|
| 126 | + 'register' => |
|
| 127 | + array( |
|
| 128 | + 'class' => PageRegisterOption::class, |
|
| 129 | + 'actions' => array(), |
|
| 130 | + ), |
|
| 131 | + 'register/standard' => |
|
| 132 | + array( |
|
| 133 | + 'class' => PageRegisterStandard::class, |
|
| 134 | + 'actions' => array('done'), |
|
| 135 | + ), |
|
| 136 | + |
|
| 137 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 138 | + // Discovery |
|
| 139 | + 'search' => |
|
| 140 | + array( |
|
| 141 | + 'class' => PageSearch::class, |
|
| 142 | + 'actions' => array(), |
|
| 143 | + ), |
|
| 144 | + 'logs' => |
|
| 145 | + array( |
|
| 146 | + 'class' => PageLog::class, |
|
| 147 | + 'actions' => array(), |
|
| 148 | + ), |
|
| 149 | + |
|
| 150 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 151 | + // Administration |
|
| 152 | + 'bans' => |
|
| 153 | + array( |
|
| 154 | + 'class' => PageBan::class, |
|
| 155 | + 'actions' => array('set', 'remove'), |
|
| 156 | + ), |
|
| 157 | + 'userManagement' => |
|
| 158 | + array( |
|
| 159 | + 'class' => PageUserManagement::class, |
|
| 160 | + 'actions' => array( |
|
| 161 | + 'approve', |
|
| 162 | + 'decline', |
|
| 163 | + 'rename', |
|
| 164 | + 'editUser', |
|
| 165 | + 'suspend', |
|
| 166 | + 'editRoles', |
|
| 167 | + ), |
|
| 168 | + ), |
|
| 169 | + 'siteNotice' => |
|
| 170 | + array( |
|
| 171 | + 'class' => PageSiteNotice::class, |
|
| 172 | + 'actions' => array(), |
|
| 173 | + ), |
|
| 174 | + 'emailManagement' => |
|
| 175 | + array( |
|
| 176 | + 'class' => PageEmailManagement::class, |
|
| 177 | + 'actions' => array('create', 'edit', 'view'), |
|
| 178 | + ), |
|
| 179 | + 'jobQueue' => |
|
| 180 | + array( |
|
| 181 | + 'class' => PageJobQueue::class, |
|
| 182 | + 'actions' => array('acknowledge', 'requeue', 'view', 'all'), |
|
| 183 | + ), |
|
| 184 | + |
|
| 185 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 186 | + // Personal preferences |
|
| 187 | + 'preferences' => |
|
| 188 | + array( |
|
| 189 | + 'class' => PagePreferences::class, |
|
| 190 | + 'actions' => array(), |
|
| 191 | + ), |
|
| 192 | + 'changePassword' => |
|
| 193 | + array( |
|
| 194 | + 'class' => PageChangePassword::class, |
|
| 195 | + 'actions' => array(), |
|
| 196 | + ), |
|
| 197 | + 'oauth' => |
|
| 198 | + array( |
|
| 199 | + 'class' => PageOAuth::class, |
|
| 200 | + 'actions' => array('detach', 'attach'), |
|
| 201 | + ), |
|
| 202 | + 'oauth/callback' => |
|
| 203 | + array( |
|
| 204 | + 'class' => PageOAuthCallback::class, |
|
| 205 | + 'actions' => array('authorise', 'create'), |
|
| 206 | + ), |
|
| 207 | + |
|
| 208 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 209 | + // Welcomer configuration |
|
| 210 | + 'welcomeTemplates' => |
|
| 211 | + array( |
|
| 212 | + 'class' => PageWelcomeTemplateManagement::class, |
|
| 213 | + 'actions' => array('select', 'edit', 'delete', 'add', 'view'), |
|
| 214 | + ), |
|
| 215 | + |
|
| 216 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 217 | + // Statistics |
|
| 218 | + 'statistics' => |
|
| 219 | + array( |
|
| 220 | + 'class' => StatsMain::class, |
|
| 221 | + 'actions' => array(), |
|
| 222 | + ), |
|
| 223 | + 'statistics/fastCloses' => |
|
| 224 | + array( |
|
| 225 | + 'class' => StatsFastCloses::class, |
|
| 226 | + 'actions' => array(), |
|
| 227 | + ), |
|
| 228 | + 'statistics/inactiveUsers' => |
|
| 229 | + array( |
|
| 230 | + 'class' => StatsInactiveUsers::class, |
|
| 231 | + 'actions' => array(), |
|
| 232 | + ), |
|
| 233 | + 'statistics/monthlyStats' => |
|
| 234 | + array( |
|
| 235 | + 'class' => StatsMonthlyStats::class, |
|
| 236 | + 'actions' => array(), |
|
| 237 | + ), |
|
| 238 | + 'statistics/reservedRequests' => |
|
| 239 | + array( |
|
| 240 | + 'class' => StatsReservedRequests::class, |
|
| 241 | + 'actions' => array(), |
|
| 242 | + ), |
|
| 243 | + 'statistics/templateStats' => |
|
| 244 | + array( |
|
| 245 | + 'class' => StatsTemplateStats::class, |
|
| 246 | + 'actions' => array(), |
|
| 247 | + ), |
|
| 248 | + 'statistics/topCreators' => |
|
| 249 | + array( |
|
| 250 | + 'class' => StatsTopCreators::class, |
|
| 251 | + 'actions' => array(), |
|
| 252 | + ), |
|
| 253 | + 'statistics/users' => |
|
| 254 | + array( |
|
| 255 | + 'class' => StatsUsers::class, |
|
| 256 | + 'actions' => array('detail'), |
|
| 257 | + ), |
|
| 258 | + |
|
| 259 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 260 | + // Zoom page |
|
| 261 | + 'viewRequest' => |
|
| 262 | + array( |
|
| 263 | + 'class' => PageViewRequest::class, |
|
| 264 | + 'actions' => array(), |
|
| 265 | + ), |
|
| 266 | + 'viewRequest/reserve' => |
|
| 267 | + array( |
|
| 268 | + 'class' => PageReservation::class, |
|
| 269 | + 'actions' => array(), |
|
| 270 | + ), |
|
| 271 | + 'viewRequest/breakReserve' => |
|
| 272 | + array( |
|
| 273 | + 'class' => PageBreakReservation::class, |
|
| 274 | + 'actions' => array(), |
|
| 275 | + ), |
|
| 276 | + 'viewRequest/defer' => |
|
| 277 | + array( |
|
| 278 | + 'class' => PageDeferRequest::class, |
|
| 279 | + 'actions' => array(), |
|
| 280 | + ), |
|
| 281 | + 'viewRequest/comment' => |
|
| 282 | + array( |
|
| 283 | + 'class' => PageComment::class, |
|
| 284 | + 'actions' => array(), |
|
| 285 | + ), |
|
| 286 | + 'viewRequest/sendToUser' => |
|
| 287 | + array( |
|
| 288 | + 'class' => PageSendToUser::class, |
|
| 289 | + 'actions' => array(), |
|
| 290 | + ), |
|
| 291 | + 'viewRequest/close' => |
|
| 292 | + array( |
|
| 293 | + 'class' => PageCloseRequest::class, |
|
| 294 | + 'actions' => array(), |
|
| 295 | + ), |
|
| 296 | + 'viewRequest/create' => |
|
| 297 | + array( |
|
| 298 | + 'class' => PageCreateRequest::class, |
|
| 299 | + 'actions' => array(), |
|
| 300 | + ), |
|
| 301 | + 'viewRequest/drop' => |
|
| 302 | + array( |
|
| 303 | + 'class' => PageDropRequest::class, |
|
| 304 | + 'actions' => array(), |
|
| 305 | + ), |
|
| 306 | + 'viewRequest/custom' => |
|
| 307 | + array( |
|
| 308 | + 'class' => PageCustomClose::class, |
|
| 309 | + 'actions' => array(), |
|
| 310 | + ), |
|
| 311 | + 'editComment' => |
|
| 312 | + array( |
|
| 313 | + 'class' => PageEditComment::class, |
|
| 314 | + 'actions' => array(), |
|
| 315 | + ), |
|
| 316 | + |
|
| 317 | + ////////////////////////////////////////////////////////////////////////////////////////////////// |
|
| 318 | + // Misc stuff |
|
| 319 | + 'team' => |
|
| 320 | + array( |
|
| 321 | + 'class' => PageTeam::class, |
|
| 322 | + 'actions' => array(), |
|
| 323 | + ), |
|
| 324 | + 'requestList' => |
|
| 325 | + array( |
|
| 326 | + 'class' => PageExpandedRequestList::class, |
|
| 327 | + 'actions' => array(), |
|
| 328 | + ), |
|
| 329 | + ); |
|
| 330 | + |
|
| 331 | + /** |
|
| 332 | + * @return IRoutedTask |
|
| 333 | + * @throws Exception |
|
| 334 | + */ |
|
| 335 | + final public function route() |
|
| 336 | + { |
|
| 337 | + $pathInfo = WebRequest::pathInfo(); |
|
| 338 | + |
|
| 339 | + list($pageClass, $action) = $this->getRouteFromPath($pathInfo); |
|
| 340 | + |
|
| 341 | + /** @var IRoutedTask $page */ |
|
| 342 | + $page = new $pageClass(); |
|
| 343 | + |
|
| 344 | + // Dynamic creation, so we've got to be careful here. We can't use built-in language type protection, so |
|
| 345 | + // let's use our own. |
|
| 346 | + if (!($page instanceof IRoutedTask)) { |
|
| 347 | + throw new Exception('Expected a page, but this is not a page.'); |
|
| 348 | + } |
|
| 349 | + |
|
| 350 | + // OK, I'm happy at this point that we know we're running a page, and we know it's probably what we want if it |
|
| 351 | + // inherits PageBase and has been created from the routing map. |
|
| 352 | + $page->setRoute($action); |
|
| 353 | + |
|
| 354 | + return $page; |
|
| 355 | + } |
|
| 356 | + |
|
| 357 | + /** |
|
| 358 | + * @param $pathInfo |
|
| 359 | + * |
|
| 360 | + * @return array |
|
| 361 | + */ |
|
| 362 | + protected function getRouteFromPath($pathInfo) |
|
| 363 | + { |
|
| 364 | + if (count($pathInfo) === 0) { |
|
| 365 | + // No pathInfo, so no page to load. Load the main page. |
|
| 366 | + return $this->getDefaultRoute(); |
|
| 367 | + } |
|
| 368 | + elseif (count($pathInfo) === 1) { |
|
| 369 | + // Exactly one path info segment, it's got to be a page. |
|
| 370 | + $classSegment = $pathInfo[0]; |
|
| 371 | + |
|
| 372 | + return $this->routeSinglePathSegment($classSegment); |
|
| 373 | + } |
|
| 374 | + |
|
| 375 | + // OK, we have two or more segments now. |
|
| 376 | + if (count($pathInfo) > 2) { |
|
| 377 | + // Let's handle more than two, and collapse it down into two. |
|
| 378 | + $requestedAction = array_pop($pathInfo); |
|
| 379 | + $classSegment = implode('/', $pathInfo); |
|
| 380 | + } |
|
| 381 | + else { |
|
| 382 | + // Two path info segments. |
|
| 383 | + $classSegment = $pathInfo[0]; |
|
| 384 | + $requestedAction = $pathInfo[1]; |
|
| 385 | + } |
|
| 386 | + |
|
| 387 | + $routeMap = $this->routePathSegments($classSegment, $requestedAction); |
|
| 388 | + |
|
| 389 | + if ($routeMap[0] === Page404::class) { |
|
| 390 | + $routeMap = $this->routeSinglePathSegment($classSegment . '/' . $requestedAction); |
|
| 391 | + } |
|
| 392 | + |
|
| 393 | + return $routeMap; |
|
| 394 | + } |
|
| 395 | + |
|
| 396 | + /** |
|
| 397 | + * @param $classSegment |
|
| 398 | + * |
|
| 399 | + * @return array |
|
| 400 | + */ |
|
| 401 | + final protected function routeSinglePathSegment($classSegment) |
|
| 402 | + { |
|
| 403 | + $routeMap = $this->getRouteMap(); |
|
| 404 | + if (array_key_exists($classSegment, $routeMap)) { |
|
| 405 | + // Route exists, but we don't have an action in path info, so default to main. |
|
| 406 | + $pageClass = $routeMap[$classSegment]['class']; |
|
| 407 | + $action = 'main'; |
|
| 408 | + |
|
| 409 | + return array($pageClass, $action); |
|
| 410 | + } |
|
| 411 | + else { |
|
| 412 | + // Doesn't exist in map. Fall back to 404 |
|
| 413 | + $pageClass = Page404::class; |
|
| 414 | + $action = "main"; |
|
| 415 | + |
|
| 416 | + return array($pageClass, $action); |
|
| 417 | + } |
|
| 418 | + } |
|
| 419 | + |
|
| 420 | + /** |
|
| 421 | + * @param $classSegment |
|
| 422 | + * @param $requestedAction |
|
| 423 | + * |
|
| 424 | + * @return array |
|
| 425 | + */ |
|
| 426 | + final protected function routePathSegments($classSegment, $requestedAction) |
|
| 427 | + { |
|
| 428 | + $routeMap = $this->getRouteMap(); |
|
| 429 | + if (array_key_exists($classSegment, $routeMap)) { |
|
| 430 | + // Route exists, but we don't have an action in path info, so default to main. |
|
| 431 | + |
|
| 432 | + if (isset($routeMap[$classSegment]['actions']) |
|
| 433 | + && array_search($requestedAction, $routeMap[$classSegment]['actions']) !== false |
|
| 434 | + ) { |
|
| 435 | + // Action exists in allowed action list. Allow both the page and the action |
|
| 436 | + $pageClass = $routeMap[$classSegment]['class']; |
|
| 437 | + $action = $requestedAction; |
|
| 438 | + |
|
| 439 | + return array($pageClass, $action); |
|
| 440 | + } |
|
| 441 | + else { |
|
| 442 | + // Valid page, invalid action. 404 our way out. |
|
| 443 | + $pageClass = Page404::class; |
|
| 444 | + $action = 'main'; |
|
| 445 | + |
|
| 446 | + return array($pageClass, $action); |
|
| 447 | + } |
|
| 448 | + } |
|
| 449 | + else { |
|
| 450 | + // Class doesn't exist in map. Fall back to 404 |
|
| 451 | + $pageClass = Page404::class; |
|
| 452 | + $action = 'main'; |
|
| 453 | + |
|
| 454 | + return array($pageClass, $action); |
|
| 455 | + } |
|
| 456 | + } |
|
| 457 | + |
|
| 458 | + /** |
|
| 459 | + * @return array |
|
| 460 | + */ |
|
| 461 | + protected function getRouteMap() |
|
| 462 | + { |
|
| 463 | + return $this->routeMap; |
|
| 464 | + } |
|
| 465 | + |
|
| 466 | + /** |
|
| 467 | + * @return callable |
|
| 468 | + */ |
|
| 469 | + protected function getDefaultRoute() |
|
| 470 | + { |
|
| 471 | + return array(PageMain::class, "main"); |
|
| 472 | + } |
|
| 473 | 473 | } |
@@ -14,7 +14,6 @@ |
||
| 14 | 14 | use Waca\PdoDatabase; |
| 15 | 15 | use Waca\Security\CredentialProviders\ICredentialProvider; |
| 16 | 16 | use Waca\Security\CredentialProviders\PasswordCredentialProvider; |
| 17 | -use Waca\Security\CredentialProviders\YubikeyCredentialProvider; |
|
| 18 | 17 | use Waca\SiteConfiguration; |
| 19 | 18 | |
| 20 | 19 | class AuthenticationManager |
@@ -19,62 +19,62 @@ |
||
| 19 | 19 | |
| 20 | 20 | class AuthenticationManager |
| 21 | 21 | { |
| 22 | - const AUTH_OK = 1; |
|
| 23 | - const AUTH_FAIL = 2; |
|
| 24 | - const AUTH_REQUIRE_NEXT_STAGE = 3; |
|
| 25 | - private $typeMap = array(); |
|
| 26 | - /** |
|
| 27 | - * @var PdoDatabase |
|
| 28 | - */ |
|
| 29 | - private $database; |
|
| 22 | + const AUTH_OK = 1; |
|
| 23 | + const AUTH_FAIL = 2; |
|
| 24 | + const AUTH_REQUIRE_NEXT_STAGE = 3; |
|
| 25 | + private $typeMap = array(); |
|
| 26 | + /** |
|
| 27 | + * @var PdoDatabase |
|
| 28 | + */ |
|
| 29 | + private $database; |
|
| 30 | 30 | |
| 31 | - /** |
|
| 32 | - * AuthenticationManager constructor. |
|
| 33 | - * |
|
| 34 | - * @param PdoDatabase $database |
|
| 35 | - * @param SiteConfiguration $siteConfiguration |
|
| 36 | - * @param HttpHelper $httpHelper |
|
| 37 | - */ |
|
| 38 | - public function __construct(PdoDatabase $database, SiteConfiguration $siteConfiguration, HttpHelper $httpHelper) |
|
| 39 | - { |
|
| 40 | - // setup providers |
|
| 41 | - $this->typeMap['password'] = new PasswordCredentialProvider($database, $siteConfiguration); |
|
| 42 | - $this->database = $database; |
|
| 43 | - } |
|
| 31 | + /** |
|
| 32 | + * AuthenticationManager constructor. |
|
| 33 | + * |
|
| 34 | + * @param PdoDatabase $database |
|
| 35 | + * @param SiteConfiguration $siteConfiguration |
|
| 36 | + * @param HttpHelper $httpHelper |
|
| 37 | + */ |
|
| 38 | + public function __construct(PdoDatabase $database, SiteConfiguration $siteConfiguration, HttpHelper $httpHelper) |
|
| 39 | + { |
|
| 40 | + // setup providers |
|
| 41 | + $this->typeMap['password'] = new PasswordCredentialProvider($database, $siteConfiguration); |
|
| 42 | + $this->database = $database; |
|
| 43 | + } |
|
| 44 | 44 | |
| 45 | - public function authenticate(User $user, $data, $stage) |
|
| 46 | - { |
|
| 47 | - $sql = 'SELECT type FROM credential WHERE user = :user AND factor = :stage'; |
|
| 48 | - $statement = $this->database->prepare($sql); |
|
| 49 | - $statement->execute(array(':user' => $user->getId(), ':stage' => $stage)); |
|
| 50 | - $options = $statement->fetchAll(PDO::FETCH_COLUMN); |
|
| 45 | + public function authenticate(User $user, $data, $stage) |
|
| 46 | + { |
|
| 47 | + $sql = 'SELECT type FROM credential WHERE user = :user AND factor = :stage'; |
|
| 48 | + $statement = $this->database->prepare($sql); |
|
| 49 | + $statement->execute(array(':user' => $user->getId(), ':stage' => $stage)); |
|
| 50 | + $options = $statement->fetchAll(PDO::FETCH_COLUMN); |
|
| 51 | 51 | |
| 52 | - $sql = 'SELECT count(DISTINCT factor) FROM credential WHERE user = :user AND factor > :stage'; |
|
| 53 | - $statement = $this->database->prepare($sql); |
|
| 54 | - $statement->execute(array(':user' => $user->getId(), ':stage' => $stage)); |
|
| 55 | - $requiredFactors = $statement->fetchColumn(); |
|
| 52 | + $sql = 'SELECT count(DISTINCT factor) FROM credential WHERE user = :user AND factor > :stage'; |
|
| 53 | + $statement = $this->database->prepare($sql); |
|
| 54 | + $statement->execute(array(':user' => $user->getId(), ':stage' => $stage)); |
|
| 55 | + $requiredFactors = $statement->fetchColumn(); |
|
| 56 | 56 | |
| 57 | - // prep the correct OK response based on how many factors are ahead of this one |
|
| 58 | - $success = self::AUTH_OK; |
|
| 59 | - if ($requiredFactors > 0) { |
|
| 60 | - $success = self::AUTH_REQUIRE_NEXT_STAGE; |
|
| 61 | - } |
|
| 57 | + // prep the correct OK response based on how many factors are ahead of this one |
|
| 58 | + $success = self::AUTH_OK; |
|
| 59 | + if ($requiredFactors > 0) { |
|
| 60 | + $success = self::AUTH_REQUIRE_NEXT_STAGE; |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - foreach ($options as $type) { |
|
| 64 | - if (!isset($this->typeMap[$type])) { |
|
| 65 | - // does this type have a credentialProvider registered? |
|
| 66 | - continue; |
|
| 67 | - } |
|
| 63 | + foreach ($options as $type) { |
|
| 64 | + if (!isset($this->typeMap[$type])) { |
|
| 65 | + // does this type have a credentialProvider registered? |
|
| 66 | + continue; |
|
| 67 | + } |
|
| 68 | 68 | |
| 69 | - /** @var ICredentialProvider $credentialProvider */ |
|
| 70 | - $credentialProvider = $this->typeMap[$type]; |
|
| 71 | - if ($credentialProvider->authenticate($user, $data)) { |
|
| 72 | - return $success; |
|
| 73 | - } |
|
| 74 | - } |
|
| 69 | + /** @var ICredentialProvider $credentialProvider */ |
|
| 70 | + $credentialProvider = $this->typeMap[$type]; |
|
| 71 | + if ($credentialProvider->authenticate($user, $data)) { |
|
| 72 | + return $success; |
|
| 73 | + } |
|
| 74 | + } |
|
| 75 | 75 | |
| 76 | - // We've iterated over all the available providers for this stage. |
|
| 77 | - // They all hate you. |
|
| 78 | - return self::AUTH_FAIL; |
|
| 79 | - } |
|
| 76 | + // We've iterated over all the available providers for this stage. |
|
| 77 | + // They all hate you. |
|
| 78 | + return self::AUTH_FAIL; |
|
| 79 | + } |
|
| 80 | 80 | } |
| 81 | 81 | \ No newline at end of file |
@@ -16,10 +16,6 @@ discard block |
||
| 16 | 16 | use Waca\Pages\PageJobQueue; |
| 17 | 17 | use Waca\Pages\PageLog; |
| 18 | 18 | use Waca\Pages\PageMain; |
| 19 | -use Waca\Pages\RequestAction\PageCreateRequest; |
|
| 20 | -use Waca\Pages\UserAuth\PageChangePassword; |
|
| 21 | -use Waca\Pages\UserAuth\PageOAuth; |
|
| 22 | -use Waca\Pages\UserAuth\PagePreferences; |
|
| 23 | 19 | use Waca\Pages\PageSearch; |
| 24 | 20 | use Waca\Pages\PageSiteNotice; |
| 25 | 21 | use Waca\Pages\PageTeam; |
@@ -29,6 +25,7 @@ discard block |
||
| 29 | 25 | use Waca\Pages\RequestAction\PageBreakReservation; |
| 30 | 26 | use Waca\Pages\RequestAction\PageCloseRequest; |
| 31 | 27 | use Waca\Pages\RequestAction\PageComment; |
| 28 | +use Waca\Pages\RequestAction\PageCreateRequest; |
|
| 32 | 29 | use Waca\Pages\RequestAction\PageCustomClose; |
| 33 | 30 | use Waca\Pages\RequestAction\PageDeferRequest; |
| 34 | 31 | use Waca\Pages\RequestAction\PageDropRequest; |
@@ -42,6 +39,9 @@ discard block |
||
| 42 | 39 | use Waca\Pages\Statistics\StatsTemplateStats; |
| 43 | 40 | use Waca\Pages\Statistics\StatsTopCreators; |
| 44 | 41 | use Waca\Pages\Statistics\StatsUsers; |
| 42 | +use Waca\Pages\UserAuth\PageChangePassword; |
|
| 43 | +use Waca\Pages\UserAuth\PageOAuth; |
|
| 44 | +use Waca\Pages\UserAuth\PagePreferences; |
|
| 45 | 45 | |
| 46 | 46 | class RoleConfiguration |
| 47 | 47 | { |
@@ -45,364 +45,364 @@ |
||
| 45 | 45 | |
| 46 | 46 | class RoleConfiguration |
| 47 | 47 | { |
| 48 | - const ACCESS_ALLOW = 1; |
|
| 49 | - const ACCESS_DENY = -1; |
|
| 50 | - const ACCESS_DEFAULT = 0; |
|
| 51 | - const MAIN = 'main'; |
|
| 52 | - const ALL = '*'; |
|
| 53 | - /** |
|
| 54 | - * A map of roles to rights |
|
| 55 | - * |
|
| 56 | - * For example: |
|
| 57 | - * |
|
| 58 | - * array( |
|
| 59 | - * 'myrole' => array( |
|
| 60 | - * PageMyPage::class => array( |
|
| 61 | - * 'edit' => self::ACCESS_ALLOW, |
|
| 62 | - * 'create' => self::ACCESS_DENY, |
|
| 63 | - * ) |
|
| 64 | - * ) |
|
| 65 | - * ) |
|
| 66 | - * |
|
| 67 | - * Note that DENY takes precedence over everything else when roles are combined, followed by ALLOW, followed by |
|
| 68 | - * DEFAULT. Thus, if you have the following ([A]llow, [D]eny, [-] (default)) grants in different roles, this should |
|
| 69 | - * be the expected result: |
|
| 70 | - * |
|
| 71 | - * - (-,-,-) = - (default because nothing to explicitly say allowed or denied equates to a denial) |
|
| 72 | - * - (A,-,-) = A |
|
| 73 | - * - (D,-,-) = D |
|
| 74 | - * - (A,D,-) = D (deny takes precedence over allow) |
|
| 75 | - * - (A,A,A) = A (repetition has no effect) |
|
| 76 | - * |
|
| 77 | - * The public role is special, and is applied to all users automatically. Avoid using deny on this role. |
|
| 78 | - * |
|
| 79 | - * @var array |
|
| 80 | - */ |
|
| 81 | - private $roleConfig = array( |
|
| 82 | - 'public' => array( |
|
| 83 | - /* |
|
| 48 | + const ACCESS_ALLOW = 1; |
|
| 49 | + const ACCESS_DENY = -1; |
|
| 50 | + const ACCESS_DEFAULT = 0; |
|
| 51 | + const MAIN = 'main'; |
|
| 52 | + const ALL = '*'; |
|
| 53 | + /** |
|
| 54 | + * A map of roles to rights |
|
| 55 | + * |
|
| 56 | + * For example: |
|
| 57 | + * |
|
| 58 | + * array( |
|
| 59 | + * 'myrole' => array( |
|
| 60 | + * PageMyPage::class => array( |
|
| 61 | + * 'edit' => self::ACCESS_ALLOW, |
|
| 62 | + * 'create' => self::ACCESS_DENY, |
|
| 63 | + * ) |
|
| 64 | + * ) |
|
| 65 | + * ) |
|
| 66 | + * |
|
| 67 | + * Note that DENY takes precedence over everything else when roles are combined, followed by ALLOW, followed by |
|
| 68 | + * DEFAULT. Thus, if you have the following ([A]llow, [D]eny, [-] (default)) grants in different roles, this should |
|
| 69 | + * be the expected result: |
|
| 70 | + * |
|
| 71 | + * - (-,-,-) = - (default because nothing to explicitly say allowed or denied equates to a denial) |
|
| 72 | + * - (A,-,-) = A |
|
| 73 | + * - (D,-,-) = D |
|
| 74 | + * - (A,D,-) = D (deny takes precedence over allow) |
|
| 75 | + * - (A,A,A) = A (repetition has no effect) |
|
| 76 | + * |
|
| 77 | + * The public role is special, and is applied to all users automatically. Avoid using deny on this role. |
|
| 78 | + * |
|
| 79 | + * @var array |
|
| 80 | + */ |
|
| 81 | + private $roleConfig = array( |
|
| 82 | + 'public' => array( |
|
| 83 | + /* |
|
| 84 | 84 | * THIS ROLE IS GRANTED TO ALL LOGGED *OUT* USERS IMPLICITLY. |
| 85 | 85 | * |
| 86 | 86 | * USERS IN THIS ROLE DO NOT HAVE TO BE IDENTIFIED TO GET THE RIGHTS CONFERRED HERE. |
| 87 | 87 | * DO NOT ADD ANY SECURITY-SENSITIVE RIGHTS HERE. |
| 88 | 88 | */ |
| 89 | - '_childRoles' => array( |
|
| 90 | - 'publicStats', |
|
| 91 | - ), |
|
| 92 | - PageTeam::class => array( |
|
| 93 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 94 | - ), |
|
| 95 | - ), |
|
| 96 | - 'loggedIn' => array( |
|
| 97 | - /* |
|
| 89 | + '_childRoles' => array( |
|
| 90 | + 'publicStats', |
|
| 91 | + ), |
|
| 92 | + PageTeam::class => array( |
|
| 93 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 94 | + ), |
|
| 95 | + ), |
|
| 96 | + 'loggedIn' => array( |
|
| 97 | + /* |
|
| 98 | 98 | * THIS ROLE IS GRANTED TO ALL LOGGED IN USERS IMPLICITLY. |
| 99 | 99 | * |
| 100 | 100 | * USERS IN THIS ROLE DO NOT HAVE TO BE IDENTIFIED TO GET THE RIGHTS CONFERRED HERE. |
| 101 | 101 | * DO NOT ADD ANY SECURITY-SENSITIVE RIGHTS HERE. |
| 102 | 102 | */ |
| 103 | - '_childRoles' => array( |
|
| 104 | - 'public', |
|
| 105 | - ), |
|
| 106 | - PagePreferences::class => array( |
|
| 107 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 108 | - ), |
|
| 109 | - PageChangePassword::class => array( |
|
| 110 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 111 | - ), |
|
| 112 | - PageOAuth::class => array( |
|
| 113 | - 'attach' => self::ACCESS_ALLOW, |
|
| 114 | - 'detach' => self::ACCESS_ALLOW, |
|
| 115 | - ), |
|
| 116 | - ), |
|
| 117 | - 'user' => array( |
|
| 118 | - '_description' => 'A standard tool user.', |
|
| 119 | - '_editableBy' => array('admin', 'toolRoot'), |
|
| 120 | - '_childRoles' => array( |
|
| 121 | - 'internalStats', |
|
| 122 | - ), |
|
| 123 | - PageMain::class => array( |
|
| 124 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 125 | - ), |
|
| 126 | - PageBan::class => array( |
|
| 127 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 128 | - ), |
|
| 129 | - PageEditComment::class => array( |
|
| 130 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 131 | - ), |
|
| 132 | - PageEmailManagement::class => array( |
|
| 133 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 134 | - 'view' => self::ACCESS_ALLOW, |
|
| 135 | - ), |
|
| 136 | - PageExpandedRequestList::class => array( |
|
| 137 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 138 | - ), |
|
| 139 | - PageLog::class => array( |
|
| 140 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 141 | - ), |
|
| 142 | - PageSearch::class => array( |
|
| 143 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 144 | - ), |
|
| 145 | - PageWelcomeTemplateManagement::class => array( |
|
| 146 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 147 | - 'select' => self::ACCESS_ALLOW, |
|
| 148 | - 'view' => self::ACCESS_ALLOW, |
|
| 149 | - ), |
|
| 150 | - PageViewRequest::class => array( |
|
| 151 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 152 | - 'seeAllRequests' => self::ACCESS_ALLOW, |
|
| 153 | - ), |
|
| 154 | - 'RequestData' => array( |
|
| 155 | - 'seePrivateDataWhenReserved' => self::ACCESS_ALLOW, |
|
| 156 | - 'seePrivateDataWithHash' => self::ACCESS_ALLOW, |
|
| 157 | - ), |
|
| 158 | - PageCustomClose::class => array( |
|
| 159 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 160 | - ), |
|
| 161 | - PageComment::class => array( |
|
| 162 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 163 | - ), |
|
| 164 | - PageCloseRequest::class => array( |
|
| 165 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 166 | - ), |
|
| 167 | - PageCreateRequest::class => array( |
|
| 168 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 169 | - ), |
|
| 170 | - PageDeferRequest::class => array( |
|
| 171 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 172 | - ), |
|
| 173 | - PageDropRequest::class => array( |
|
| 174 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 175 | - ), |
|
| 176 | - PageReservation::class => array( |
|
| 177 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 178 | - ), |
|
| 179 | - PageSendToUser::class => array( |
|
| 180 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 181 | - ), |
|
| 182 | - PageBreakReservation::class => array( |
|
| 183 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 184 | - ), |
|
| 185 | - PageJobQueue::class => array( |
|
| 186 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 187 | - 'view' => self::ACCESS_ALLOW, |
|
| 188 | - 'all' => self::ACCESS_ALLOW, |
|
| 189 | - ), |
|
| 190 | - 'RequestCreation' => array( |
|
| 191 | - User::CREATION_MANUAL => self::ACCESS_ALLOW, |
|
| 192 | - User::CREATION_OAUTH => self::ACCESS_ALLOW, |
|
| 193 | - ), |
|
| 194 | - ), |
|
| 195 | - 'admin' => array( |
|
| 196 | - '_description' => 'A tool administrator.', |
|
| 197 | - '_editableBy' => array('admin', 'toolRoot'), |
|
| 198 | - '_childRoles' => array( |
|
| 199 | - 'user', |
|
| 200 | - 'requestAdminTools', |
|
| 201 | - ), |
|
| 202 | - PageEmailManagement::class => array( |
|
| 203 | - 'edit' => self::ACCESS_ALLOW, |
|
| 204 | - 'create' => self::ACCESS_ALLOW, |
|
| 205 | - ), |
|
| 206 | - PageSiteNotice::class => array( |
|
| 207 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 208 | - ), |
|
| 209 | - PageUserManagement::class => array( |
|
| 210 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 211 | - 'approve' => self::ACCESS_ALLOW, |
|
| 212 | - 'decline' => self::ACCESS_ALLOW, |
|
| 213 | - 'rename' => self::ACCESS_ALLOW, |
|
| 214 | - 'editUser' => self::ACCESS_ALLOW, |
|
| 215 | - 'suspend' => self::ACCESS_ALLOW, |
|
| 216 | - 'editRoles' => self::ACCESS_ALLOW, |
|
| 217 | - ), |
|
| 218 | - PageWelcomeTemplateManagement::class => array( |
|
| 219 | - 'edit' => self::ACCESS_ALLOW, |
|
| 220 | - 'delete' => self::ACCESS_ALLOW, |
|
| 221 | - 'add' => self::ACCESS_ALLOW, |
|
| 222 | - ), |
|
| 223 | - PageJobQueue::class => array( |
|
| 224 | - 'acknowledge' => self::ACCESS_ALLOW, |
|
| 225 | - 'requeue' => self::ACCESS_ALLOW, |
|
| 226 | - ), |
|
| 227 | - ), |
|
| 228 | - 'checkuser' => array( |
|
| 229 | - '_description' => 'A user with CheckUser access', |
|
| 230 | - '_editableBy' => array('checkuser', 'toolRoot'), |
|
| 231 | - '_childRoles' => array( |
|
| 232 | - 'user', |
|
| 233 | - 'requestAdminTools', |
|
| 234 | - ), |
|
| 235 | - PageUserManagement::class => array( |
|
| 236 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 237 | - 'suspend' => self::ACCESS_ALLOW, |
|
| 238 | - 'editRoles' => self::ACCESS_ALLOW, |
|
| 239 | - ), |
|
| 240 | - 'RequestData' => array( |
|
| 241 | - 'seeUserAgentData' => self::ACCESS_ALLOW, |
|
| 242 | - ), |
|
| 243 | - ), |
|
| 244 | - 'toolRoot' => array( |
|
| 245 | - '_description' => 'A user with shell access to the servers running the tool', |
|
| 246 | - '_editableBy' => array('toolRoot'), |
|
| 247 | - '_childRoles' => array( |
|
| 248 | - 'admin', |
|
| 249 | - 'checkuser', |
|
| 250 | - ), |
|
| 251 | - ), |
|
| 252 | - 'botCreation' => array( |
|
| 253 | - '_description' => 'A user allowed to use the bot to perform account creations', |
|
| 254 | - '_editableBy' => array('admin', 'toolRoot'), |
|
| 255 | - '_childRoles' => array(), |
|
| 256 | - 'RequestCreation' => array( |
|
| 257 | - User::CREATION_BOT => self::ACCESS_ALLOW, |
|
| 258 | - ), |
|
| 259 | - ), |
|
| 103 | + '_childRoles' => array( |
|
| 104 | + 'public', |
|
| 105 | + ), |
|
| 106 | + PagePreferences::class => array( |
|
| 107 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 108 | + ), |
|
| 109 | + PageChangePassword::class => array( |
|
| 110 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 111 | + ), |
|
| 112 | + PageOAuth::class => array( |
|
| 113 | + 'attach' => self::ACCESS_ALLOW, |
|
| 114 | + 'detach' => self::ACCESS_ALLOW, |
|
| 115 | + ), |
|
| 116 | + ), |
|
| 117 | + 'user' => array( |
|
| 118 | + '_description' => 'A standard tool user.', |
|
| 119 | + '_editableBy' => array('admin', 'toolRoot'), |
|
| 120 | + '_childRoles' => array( |
|
| 121 | + 'internalStats', |
|
| 122 | + ), |
|
| 123 | + PageMain::class => array( |
|
| 124 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 125 | + ), |
|
| 126 | + PageBan::class => array( |
|
| 127 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 128 | + ), |
|
| 129 | + PageEditComment::class => array( |
|
| 130 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 131 | + ), |
|
| 132 | + PageEmailManagement::class => array( |
|
| 133 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 134 | + 'view' => self::ACCESS_ALLOW, |
|
| 135 | + ), |
|
| 136 | + PageExpandedRequestList::class => array( |
|
| 137 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 138 | + ), |
|
| 139 | + PageLog::class => array( |
|
| 140 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 141 | + ), |
|
| 142 | + PageSearch::class => array( |
|
| 143 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 144 | + ), |
|
| 145 | + PageWelcomeTemplateManagement::class => array( |
|
| 146 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 147 | + 'select' => self::ACCESS_ALLOW, |
|
| 148 | + 'view' => self::ACCESS_ALLOW, |
|
| 149 | + ), |
|
| 150 | + PageViewRequest::class => array( |
|
| 151 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 152 | + 'seeAllRequests' => self::ACCESS_ALLOW, |
|
| 153 | + ), |
|
| 154 | + 'RequestData' => array( |
|
| 155 | + 'seePrivateDataWhenReserved' => self::ACCESS_ALLOW, |
|
| 156 | + 'seePrivateDataWithHash' => self::ACCESS_ALLOW, |
|
| 157 | + ), |
|
| 158 | + PageCustomClose::class => array( |
|
| 159 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 160 | + ), |
|
| 161 | + PageComment::class => array( |
|
| 162 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 163 | + ), |
|
| 164 | + PageCloseRequest::class => array( |
|
| 165 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 166 | + ), |
|
| 167 | + PageCreateRequest::class => array( |
|
| 168 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 169 | + ), |
|
| 170 | + PageDeferRequest::class => array( |
|
| 171 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 172 | + ), |
|
| 173 | + PageDropRequest::class => array( |
|
| 174 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 175 | + ), |
|
| 176 | + PageReservation::class => array( |
|
| 177 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 178 | + ), |
|
| 179 | + PageSendToUser::class => array( |
|
| 180 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 181 | + ), |
|
| 182 | + PageBreakReservation::class => array( |
|
| 183 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 184 | + ), |
|
| 185 | + PageJobQueue::class => array( |
|
| 186 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 187 | + 'view' => self::ACCESS_ALLOW, |
|
| 188 | + 'all' => self::ACCESS_ALLOW, |
|
| 189 | + ), |
|
| 190 | + 'RequestCreation' => array( |
|
| 191 | + User::CREATION_MANUAL => self::ACCESS_ALLOW, |
|
| 192 | + User::CREATION_OAUTH => self::ACCESS_ALLOW, |
|
| 193 | + ), |
|
| 194 | + ), |
|
| 195 | + 'admin' => array( |
|
| 196 | + '_description' => 'A tool administrator.', |
|
| 197 | + '_editableBy' => array('admin', 'toolRoot'), |
|
| 198 | + '_childRoles' => array( |
|
| 199 | + 'user', |
|
| 200 | + 'requestAdminTools', |
|
| 201 | + ), |
|
| 202 | + PageEmailManagement::class => array( |
|
| 203 | + 'edit' => self::ACCESS_ALLOW, |
|
| 204 | + 'create' => self::ACCESS_ALLOW, |
|
| 205 | + ), |
|
| 206 | + PageSiteNotice::class => array( |
|
| 207 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 208 | + ), |
|
| 209 | + PageUserManagement::class => array( |
|
| 210 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 211 | + 'approve' => self::ACCESS_ALLOW, |
|
| 212 | + 'decline' => self::ACCESS_ALLOW, |
|
| 213 | + 'rename' => self::ACCESS_ALLOW, |
|
| 214 | + 'editUser' => self::ACCESS_ALLOW, |
|
| 215 | + 'suspend' => self::ACCESS_ALLOW, |
|
| 216 | + 'editRoles' => self::ACCESS_ALLOW, |
|
| 217 | + ), |
|
| 218 | + PageWelcomeTemplateManagement::class => array( |
|
| 219 | + 'edit' => self::ACCESS_ALLOW, |
|
| 220 | + 'delete' => self::ACCESS_ALLOW, |
|
| 221 | + 'add' => self::ACCESS_ALLOW, |
|
| 222 | + ), |
|
| 223 | + PageJobQueue::class => array( |
|
| 224 | + 'acknowledge' => self::ACCESS_ALLOW, |
|
| 225 | + 'requeue' => self::ACCESS_ALLOW, |
|
| 226 | + ), |
|
| 227 | + ), |
|
| 228 | + 'checkuser' => array( |
|
| 229 | + '_description' => 'A user with CheckUser access', |
|
| 230 | + '_editableBy' => array('checkuser', 'toolRoot'), |
|
| 231 | + '_childRoles' => array( |
|
| 232 | + 'user', |
|
| 233 | + 'requestAdminTools', |
|
| 234 | + ), |
|
| 235 | + PageUserManagement::class => array( |
|
| 236 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 237 | + 'suspend' => self::ACCESS_ALLOW, |
|
| 238 | + 'editRoles' => self::ACCESS_ALLOW, |
|
| 239 | + ), |
|
| 240 | + 'RequestData' => array( |
|
| 241 | + 'seeUserAgentData' => self::ACCESS_ALLOW, |
|
| 242 | + ), |
|
| 243 | + ), |
|
| 244 | + 'toolRoot' => array( |
|
| 245 | + '_description' => 'A user with shell access to the servers running the tool', |
|
| 246 | + '_editableBy' => array('toolRoot'), |
|
| 247 | + '_childRoles' => array( |
|
| 248 | + 'admin', |
|
| 249 | + 'checkuser', |
|
| 250 | + ), |
|
| 251 | + ), |
|
| 252 | + 'botCreation' => array( |
|
| 253 | + '_description' => 'A user allowed to use the bot to perform account creations', |
|
| 254 | + '_editableBy' => array('admin', 'toolRoot'), |
|
| 255 | + '_childRoles' => array(), |
|
| 256 | + 'RequestCreation' => array( |
|
| 257 | + User::CREATION_BOT => self::ACCESS_ALLOW, |
|
| 258 | + ), |
|
| 259 | + ), |
|
| 260 | 260 | |
| 261 | - // Child roles go below this point |
|
| 262 | - 'publicStats' => array( |
|
| 263 | - '_hidden' => true, |
|
| 264 | - StatsUsers::class => array( |
|
| 265 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 266 | - 'detail' => self::ACCESS_ALLOW, |
|
| 267 | - ), |
|
| 268 | - StatsTopCreators::class => array( |
|
| 269 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 270 | - ), |
|
| 271 | - ), |
|
| 272 | - 'internalStats' => array( |
|
| 273 | - '_hidden' => true, |
|
| 274 | - StatsMain::class => array( |
|
| 275 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 276 | - ), |
|
| 277 | - StatsFastCloses::class => array( |
|
| 278 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 279 | - ), |
|
| 280 | - StatsInactiveUsers::class => array( |
|
| 281 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 282 | - ), |
|
| 283 | - StatsMonthlyStats::class => array( |
|
| 284 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 285 | - ), |
|
| 286 | - StatsReservedRequests::class => array( |
|
| 287 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 288 | - ), |
|
| 289 | - StatsTemplateStats::class => array( |
|
| 290 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 291 | - ), |
|
| 292 | - ), |
|
| 293 | - 'requestAdminTools' => array( |
|
| 294 | - '_hidden' => true, |
|
| 295 | - PageBan::class => array( |
|
| 296 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 297 | - 'set' => self::ACCESS_ALLOW, |
|
| 298 | - 'remove' => self::ACCESS_ALLOW, |
|
| 299 | - ), |
|
| 300 | - PageEditComment::class => array( |
|
| 301 | - 'editOthers' => self::ACCESS_ALLOW, |
|
| 302 | - ), |
|
| 303 | - PageBreakReservation::class => array( |
|
| 304 | - 'force' => self::ACCESS_ALLOW, |
|
| 305 | - ), |
|
| 306 | - PageCustomClose::class => array( |
|
| 307 | - 'skipCcMailingList' => self::ACCESS_ALLOW, |
|
| 308 | - ), |
|
| 309 | - 'RequestData' => array( |
|
| 310 | - 'reopenOldRequest' => self::ACCESS_ALLOW, |
|
| 311 | - 'alwaysSeePrivateData' => self::ACCESS_ALLOW, |
|
| 312 | - 'alwaysSeeHash' => self::ACCESS_ALLOW, |
|
| 313 | - 'seeRestrictedComments' => self::ACCESS_ALLOW, |
|
| 314 | - ), |
|
| 315 | - ), |
|
| 316 | - ); |
|
| 317 | - /** @var array |
|
| 318 | - * List of roles which are *exempt* from the identification requirements |
|
| 319 | - * |
|
| 320 | - * Think twice about adding roles to this list. |
|
| 321 | - * |
|
| 322 | - * @category Security-Critical |
|
| 323 | - */ |
|
| 324 | - private $identificationExempt = array('public', 'loggedIn'); |
|
| 261 | + // Child roles go below this point |
|
| 262 | + 'publicStats' => array( |
|
| 263 | + '_hidden' => true, |
|
| 264 | + StatsUsers::class => array( |
|
| 265 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 266 | + 'detail' => self::ACCESS_ALLOW, |
|
| 267 | + ), |
|
| 268 | + StatsTopCreators::class => array( |
|
| 269 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 270 | + ), |
|
| 271 | + ), |
|
| 272 | + 'internalStats' => array( |
|
| 273 | + '_hidden' => true, |
|
| 274 | + StatsMain::class => array( |
|
| 275 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 276 | + ), |
|
| 277 | + StatsFastCloses::class => array( |
|
| 278 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 279 | + ), |
|
| 280 | + StatsInactiveUsers::class => array( |
|
| 281 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 282 | + ), |
|
| 283 | + StatsMonthlyStats::class => array( |
|
| 284 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 285 | + ), |
|
| 286 | + StatsReservedRequests::class => array( |
|
| 287 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 288 | + ), |
|
| 289 | + StatsTemplateStats::class => array( |
|
| 290 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 291 | + ), |
|
| 292 | + ), |
|
| 293 | + 'requestAdminTools' => array( |
|
| 294 | + '_hidden' => true, |
|
| 295 | + PageBan::class => array( |
|
| 296 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 297 | + 'set' => self::ACCESS_ALLOW, |
|
| 298 | + 'remove' => self::ACCESS_ALLOW, |
|
| 299 | + ), |
|
| 300 | + PageEditComment::class => array( |
|
| 301 | + 'editOthers' => self::ACCESS_ALLOW, |
|
| 302 | + ), |
|
| 303 | + PageBreakReservation::class => array( |
|
| 304 | + 'force' => self::ACCESS_ALLOW, |
|
| 305 | + ), |
|
| 306 | + PageCustomClose::class => array( |
|
| 307 | + 'skipCcMailingList' => self::ACCESS_ALLOW, |
|
| 308 | + ), |
|
| 309 | + 'RequestData' => array( |
|
| 310 | + 'reopenOldRequest' => self::ACCESS_ALLOW, |
|
| 311 | + 'alwaysSeePrivateData' => self::ACCESS_ALLOW, |
|
| 312 | + 'alwaysSeeHash' => self::ACCESS_ALLOW, |
|
| 313 | + 'seeRestrictedComments' => self::ACCESS_ALLOW, |
|
| 314 | + ), |
|
| 315 | + ), |
|
| 316 | + ); |
|
| 317 | + /** @var array |
|
| 318 | + * List of roles which are *exempt* from the identification requirements |
|
| 319 | + * |
|
| 320 | + * Think twice about adding roles to this list. |
|
| 321 | + * |
|
| 322 | + * @category Security-Critical |
|
| 323 | + */ |
|
| 324 | + private $identificationExempt = array('public', 'loggedIn'); |
|
| 325 | 325 | |
| 326 | - /** |
|
| 327 | - * RoleConfiguration constructor. |
|
| 328 | - * |
|
| 329 | - * @param array $roleConfig Set to non-null to override the default configuration. |
|
| 330 | - * @param array $identificationExempt Set to non-null to override the default configuration. |
|
| 331 | - */ |
|
| 332 | - public function __construct(array $roleConfig = null, array $identificationExempt = null) |
|
| 333 | - { |
|
| 334 | - if ($roleConfig !== null) { |
|
| 335 | - $this->roleConfig = $roleConfig; |
|
| 336 | - } |
|
| 326 | + /** |
|
| 327 | + * RoleConfiguration constructor. |
|
| 328 | + * |
|
| 329 | + * @param array $roleConfig Set to non-null to override the default configuration. |
|
| 330 | + * @param array $identificationExempt Set to non-null to override the default configuration. |
|
| 331 | + */ |
|
| 332 | + public function __construct(array $roleConfig = null, array $identificationExempt = null) |
|
| 333 | + { |
|
| 334 | + if ($roleConfig !== null) { |
|
| 335 | + $this->roleConfig = $roleConfig; |
|
| 336 | + } |
|
| 337 | 337 | |
| 338 | - if ($identificationExempt !== null) { |
|
| 339 | - $this->identificationExempt = $identificationExempt; |
|
| 340 | - } |
|
| 341 | - } |
|
| 338 | + if ($identificationExempt !== null) { |
|
| 339 | + $this->identificationExempt = $identificationExempt; |
|
| 340 | + } |
|
| 341 | + } |
|
| 342 | 342 | |
| 343 | - /** |
|
| 344 | - * @param array $roles The roles to check |
|
| 345 | - * |
|
| 346 | - * @return array |
|
| 347 | - */ |
|
| 348 | - public function getApplicableRoles(array $roles) |
|
| 349 | - { |
|
| 350 | - $available = array(); |
|
| 343 | + /** |
|
| 344 | + * @param array $roles The roles to check |
|
| 345 | + * |
|
| 346 | + * @return array |
|
| 347 | + */ |
|
| 348 | + public function getApplicableRoles(array $roles) |
|
| 349 | + { |
|
| 350 | + $available = array(); |
|
| 351 | 351 | |
| 352 | - foreach ($roles as $role) { |
|
| 353 | - if (!isset($this->roleConfig[$role])) { |
|
| 354 | - // wat |
|
| 355 | - continue; |
|
| 356 | - } |
|
| 352 | + foreach ($roles as $role) { |
|
| 353 | + if (!isset($this->roleConfig[$role])) { |
|
| 354 | + // wat |
|
| 355 | + continue; |
|
| 356 | + } |
|
| 357 | 357 | |
| 358 | - $available[$role] = $this->roleConfig[$role]; |
|
| 358 | + $available[$role] = $this->roleConfig[$role]; |
|
| 359 | 359 | |
| 360 | - if (isset($available[$role]['_childRoles'])) { |
|
| 361 | - $childRoles = self::getApplicableRoles($available[$role]['_childRoles']); |
|
| 362 | - $available = array_merge($available, $childRoles); |
|
| 360 | + if (isset($available[$role]['_childRoles'])) { |
|
| 361 | + $childRoles = self::getApplicableRoles($available[$role]['_childRoles']); |
|
| 362 | + $available = array_merge($available, $childRoles); |
|
| 363 | 363 | |
| 364 | - unset($available[$role]['_childRoles']); |
|
| 365 | - } |
|
| 364 | + unset($available[$role]['_childRoles']); |
|
| 365 | + } |
|
| 366 | 366 | |
| 367 | - foreach (array('_hidden', '_editableBy', '_description') as $item) { |
|
| 368 | - if (isset($available[$role][$item])) { |
|
| 369 | - unset($available[$role][$item]); |
|
| 370 | - } |
|
| 371 | - } |
|
| 372 | - } |
|
| 367 | + foreach (array('_hidden', '_editableBy', '_description') as $item) { |
|
| 368 | + if (isset($available[$role][$item])) { |
|
| 369 | + unset($available[$role][$item]); |
|
| 370 | + } |
|
| 371 | + } |
|
| 372 | + } |
|
| 373 | 373 | |
| 374 | - return $available; |
|
| 375 | - } |
|
| 374 | + return $available; |
|
| 375 | + } |
|
| 376 | 376 | |
| 377 | - public function getAvailableRoles() |
|
| 378 | - { |
|
| 379 | - $possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn')); |
|
| 377 | + public function getAvailableRoles() |
|
| 378 | + { |
|
| 379 | + $possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn')); |
|
| 380 | 380 | |
| 381 | - $actual = array(); |
|
| 381 | + $actual = array(); |
|
| 382 | 382 | |
| 383 | - foreach ($possible as $role) { |
|
| 384 | - if (!isset($this->roleConfig[$role]['_hidden'])) { |
|
| 385 | - $actual[$role] = array( |
|
| 386 | - 'description' => $this->roleConfig[$role]['_description'], |
|
| 387 | - 'editableBy' => $this->roleConfig[$role]['_editableBy'], |
|
| 388 | - ); |
|
| 389 | - } |
|
| 390 | - } |
|
| 383 | + foreach ($possible as $role) { |
|
| 384 | + if (!isset($this->roleConfig[$role]['_hidden'])) { |
|
| 385 | + $actual[$role] = array( |
|
| 386 | + 'description' => $this->roleConfig[$role]['_description'], |
|
| 387 | + 'editableBy' => $this->roleConfig[$role]['_editableBy'], |
|
| 388 | + ); |
|
| 389 | + } |
|
| 390 | + } |
|
| 391 | 391 | |
| 392 | - return $actual; |
|
| 393 | - } |
|
| 392 | + return $actual; |
|
| 393 | + } |
|
| 394 | 394 | |
| 395 | - /** |
|
| 396 | - * @param string $role |
|
| 397 | - * |
|
| 398 | - * @return bool |
|
| 399 | - */ |
|
| 400 | - public function roleNeedsIdentification($role) |
|
| 401 | - { |
|
| 402 | - if (in_array($role, $this->identificationExempt)) { |
|
| 403 | - return false; |
|
| 404 | - } |
|
| 395 | + /** |
|
| 396 | + * @param string $role |
|
| 397 | + * |
|
| 398 | + * @return bool |
|
| 399 | + */ |
|
| 400 | + public function roleNeedsIdentification($role) |
|
| 401 | + { |
|
| 402 | + if (in_array($role, $this->identificationExempt)) { |
|
| 403 | + return false; |
|
| 404 | + } |
|
| 405 | 405 | |
| 406 | - return true; |
|
| 407 | - } |
|
| 406 | + return true; |
|
| 407 | + } |
|
| 408 | 408 | } |
@@ -10,99 +10,99 @@ |
||
| 10 | 10 | |
| 11 | 11 | class AuthUtility |
| 12 | 12 | { |
| 13 | - /** |
|
| 14 | - * Test the specified data against the specified credentials |
|
| 15 | - * |
|
| 16 | - * @param string $password |
|
| 17 | - * @param string $credentials |
|
| 18 | - * |
|
| 19 | - * @return bool |
|
| 20 | - * @deprecated |
|
| 21 | - */ |
|
| 22 | - public static function testCredentials($password, $credentials) |
|
| 23 | - { |
|
| 24 | - global $minimumPasswordVersion; |
|
| 13 | + /** |
|
| 14 | + * Test the specified data against the specified credentials |
|
| 15 | + * |
|
| 16 | + * @param string $password |
|
| 17 | + * @param string $credentials |
|
| 18 | + * |
|
| 19 | + * @return bool |
|
| 20 | + * @deprecated |
|
| 21 | + */ |
|
| 22 | + public static function testCredentials($password, $credentials) |
|
| 23 | + { |
|
| 24 | + global $minimumPasswordVersion; |
|
| 25 | 25 | |
| 26 | - if (substr($credentials, 0, 1) != ":") { |
|
| 27 | - return false; |
|
| 28 | - } |
|
| 26 | + if (substr($credentials, 0, 1) != ":") { |
|
| 27 | + return false; |
|
| 28 | + } |
|
| 29 | 29 | |
| 30 | - // determine password version |
|
| 31 | - $data = explode(':', substr($credentials, 1)); |
|
| 30 | + // determine password version |
|
| 31 | + $data = explode(':', substr($credentials, 1)); |
|
| 32 | 32 | |
| 33 | - // call the encryptVersion function for the version that this password actually is. |
|
| 34 | - // syntax: :1:SALT:HASH |
|
| 35 | - // syntax: :2:x:HASH |
|
| 33 | + // call the encryptVersion function for the version that this password actually is. |
|
| 34 | + // syntax: :1:SALT:HASH |
|
| 35 | + // syntax: :2:x:HASH |
|
| 36 | 36 | |
| 37 | - // check the version is one of the allowed ones: |
|
| 38 | - if ($minimumPasswordVersion > $data[0]) { |
|
| 39 | - return false; |
|
| 40 | - } |
|
| 37 | + // check the version is one of the allowed ones: |
|
| 38 | + if ($minimumPasswordVersion > $data[0]) { |
|
| 39 | + return false; |
|
| 40 | + } |
|
| 41 | 41 | |
| 42 | - if ($data[0] == 1) { |
|
| 43 | - return $credentials == self::encryptVersion1($password, $data[1]); |
|
| 44 | - } |
|
| 42 | + if ($data[0] == 1) { |
|
| 43 | + return $credentials == self::encryptVersion1($password, $data[1]); |
|
| 44 | + } |
|
| 45 | 45 | |
| 46 | - if ($data[0] == 2) { |
|
| 47 | - return self::verifyVersion2($password, $data[2]); |
|
| 48 | - } |
|
| 46 | + if ($data[0] == 2) { |
|
| 47 | + return self::verifyVersion2($password, $data[2]); |
|
| 48 | + } |
|
| 49 | 49 | |
| 50 | - return false; |
|
| 51 | - } |
|
| 50 | + return false; |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | - /** |
|
| 54 | - * @param string $credentials |
|
| 55 | - * |
|
| 56 | - * @return bool |
|
| 57 | - * @deprecated |
|
| 58 | - */ |
|
| 59 | - public static function isCredentialVersionLatest($credentials) |
|
| 60 | - { |
|
| 61 | - return substr($credentials, 0, 3) === ":2:"; |
|
| 62 | - } |
|
| 53 | + /** |
|
| 54 | + * @param string $credentials |
|
| 55 | + * |
|
| 56 | + * @return bool |
|
| 57 | + * @deprecated |
|
| 58 | + */ |
|
| 59 | + public static function isCredentialVersionLatest($credentials) |
|
| 60 | + { |
|
| 61 | + return substr($credentials, 0, 3) === ":2:"; |
|
| 62 | + } |
|
| 63 | 63 | |
| 64 | - /** |
|
| 65 | - * Encrypts a user's password with the latest version of the hash algorithm |
|
| 66 | - * |
|
| 67 | - * @param string $password |
|
| 68 | - * |
|
| 69 | - * @return string |
|
| 70 | - * @deprecated |
|
| 71 | - */ |
|
| 72 | - public static function encryptPassword($password) |
|
| 73 | - { |
|
| 74 | - return self::encryptVersion2($password); |
|
| 75 | - } |
|
| 64 | + /** |
|
| 65 | + * Encrypts a user's password with the latest version of the hash algorithm |
|
| 66 | + * |
|
| 67 | + * @param string $password |
|
| 68 | + * |
|
| 69 | + * @return string |
|
| 70 | + * @deprecated |
|
| 71 | + */ |
|
| 72 | + public static function encryptPassword($password) |
|
| 73 | + { |
|
| 74 | + return self::encryptVersion2($password); |
|
| 75 | + } |
|
| 76 | 76 | |
| 77 | - /** |
|
| 78 | - * @param string $password |
|
| 79 | - * @param string $salt |
|
| 80 | - * |
|
| 81 | - * @return string |
|
| 82 | - */ |
|
| 83 | - private static function encryptVersion1($password, $salt) |
|
| 84 | - { |
|
| 85 | - return ':1:' . $salt . ':' . md5($salt . '-' . md5($password)); |
|
| 86 | - } |
|
| 77 | + /** |
|
| 78 | + * @param string $password |
|
| 79 | + * @param string $salt |
|
| 80 | + * |
|
| 81 | + * @return string |
|
| 82 | + */ |
|
| 83 | + private static function encryptVersion1($password, $salt) |
|
| 84 | + { |
|
| 85 | + return ':1:' . $salt . ':' . md5($salt . '-' . md5($password)); |
|
| 86 | + } |
|
| 87 | 87 | |
| 88 | - /** |
|
| 89 | - * @param string $password |
|
| 90 | - * |
|
| 91 | - * @return string |
|
| 92 | - */ |
|
| 93 | - private static function encryptVersion2($password) |
|
| 94 | - { |
|
| 95 | - return ':2:x:' . password_hash($password, PASSWORD_BCRYPT); |
|
| 96 | - } |
|
| 88 | + /** |
|
| 89 | + * @param string $password |
|
| 90 | + * |
|
| 91 | + * @return string |
|
| 92 | + */ |
|
| 93 | + private static function encryptVersion2($password) |
|
| 94 | + { |
|
| 95 | + return ':2:x:' . password_hash($password, PASSWORD_BCRYPT); |
|
| 96 | + } |
|
| 97 | 97 | |
| 98 | - /** |
|
| 99 | - * @param string $password |
|
| 100 | - * @param string $hash |
|
| 101 | - * |
|
| 102 | - * @return bool |
|
| 103 | - */ |
|
| 104 | - private static function verifyVersion2($password, $hash) |
|
| 105 | - { |
|
| 106 | - return password_verify($password, $hash); |
|
| 107 | - } |
|
| 98 | + /** |
|
| 99 | + * @param string $password |
|
| 100 | + * @param string $hash |
|
| 101 | + * |
|
| 102 | + * @return bool |
|
| 103 | + */ |
|
| 104 | + private static function verifyVersion2($password, $hash) |
|
| 105 | + { |
|
| 106 | + return password_verify($password, $hash); |
|
| 107 | + } |
|
| 108 | 108 | } |
@@ -12,20 +12,20 @@ |
||
| 12 | 12 | |
| 13 | 13 | interface ICredentialProvider |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * Validates a user-provided credential |
|
| 17 | - * |
|
| 18 | - * @param User $user The user to test the authentication against |
|
| 19 | - * @param string $data The raw credential data to be validated |
|
| 20 | - * |
|
| 21 | - * @return bool |
|
| 22 | - */ |
|
| 23 | - public function authenticate(User $user, $data); |
|
| 15 | + /** |
|
| 16 | + * Validates a user-provided credential |
|
| 17 | + * |
|
| 18 | + * @param User $user The user to test the authentication against |
|
| 19 | + * @param string $data The raw credential data to be validated |
|
| 20 | + * |
|
| 21 | + * @return bool |
|
| 22 | + */ |
|
| 23 | + public function authenticate(User $user, $data); |
|
| 24 | 24 | |
| 25 | - /** |
|
| 26 | - * @param User $user The user the credential belongs to |
|
| 27 | - * @param int $factor The factor this credential provides |
|
| 28 | - * @param string $data |
|
| 29 | - */ |
|
| 30 | - public function setCredential(User $user, $factor, $data); |
|
| 25 | + /** |
|
| 26 | + * @param User $user The user the credential belongs to |
|
| 27 | + * @param int $factor The factor this credential provides |
|
| 28 | + * @param string $data |
|
| 29 | + */ |
|
| 30 | + public function setCredential(User $user, $factor, $data); |
|
| 31 | 31 | } |
| 32 | 32 | \ No newline at end of file |
@@ -14,50 +14,50 @@ |
||
| 14 | 14 | |
| 15 | 15 | class PasswordCredentialProvider extends CredentialProviderBase |
| 16 | 16 | { |
| 17 | - const PASSWORD_COST = 10; |
|
| 18 | - |
|
| 19 | - public function __construct(PdoDatabase $database, SiteConfiguration $configuration) |
|
| 20 | - { |
|
| 21 | - parent::__construct($database, $configuration, 'password'); |
|
| 22 | - } |
|
| 23 | - |
|
| 24 | - public function authenticate(User $user, $data) |
|
| 25 | - { |
|
| 26 | - $storedData = $this->getCredentialData($user->getId()); |
|
| 27 | - if($storedData === null) |
|
| 28 | - { |
|
| 29 | - // No available credential matching these parameters |
|
| 30 | - return false; |
|
| 31 | - } |
|
| 32 | - |
|
| 33 | - if($storedData->getVersion() !== 2) { |
|
| 34 | - // Non-2 versions are not supported. |
|
| 35 | - return false; |
|
| 36 | - } |
|
| 37 | - |
|
| 38 | - if(password_verify($data, $storedData->getData())) { |
|
| 39 | - if(password_needs_rehash($storedData->getData(), PASSWORD_BCRYPT, array('cost' => self::PASSWORD_COST))){ |
|
| 40 | - $this->setCredential($user, $storedData->getFactor(), $data); |
|
| 41 | - } |
|
| 42 | - |
|
| 43 | - return true; |
|
| 44 | - } |
|
| 45 | - |
|
| 46 | - return false; |
|
| 47 | - } |
|
| 48 | - |
|
| 49 | - public function setCredential(User $user, $factor, $password) |
|
| 50 | - { |
|
| 51 | - $storedData = $this->getCredentialData($user->getId()); |
|
| 52 | - |
|
| 53 | - if($storedData === null){ |
|
| 54 | - $storedData = $this->createNewCredential($user); |
|
| 55 | - } |
|
| 56 | - |
|
| 57 | - $storedData->setData(password_hash($password, PASSWORD_BCRYPT, array('cost' => self::PASSWORD_COST))); |
|
| 58 | - $storedData->setFactor($factor); |
|
| 59 | - $storedData->setVersion(2); |
|
| 60 | - |
|
| 61 | - $storedData->save(); |
|
| 62 | - } |
|
| 17 | + const PASSWORD_COST = 10; |
|
| 18 | + |
|
| 19 | + public function __construct(PdoDatabase $database, SiteConfiguration $configuration) |
|
| 20 | + { |
|
| 21 | + parent::__construct($database, $configuration, 'password'); |
|
| 22 | + } |
|
| 23 | + |
|
| 24 | + public function authenticate(User $user, $data) |
|
| 25 | + { |
|
| 26 | + $storedData = $this->getCredentialData($user->getId()); |
|
| 27 | + if($storedData === null) |
|
| 28 | + { |
|
| 29 | + // No available credential matching these parameters |
|
| 30 | + return false; |
|
| 31 | + } |
|
| 32 | + |
|
| 33 | + if($storedData->getVersion() !== 2) { |
|
| 34 | + // Non-2 versions are not supported. |
|
| 35 | + return false; |
|
| 36 | + } |
|
| 37 | + |
|
| 38 | + if(password_verify($data, $storedData->getData())) { |
|
| 39 | + if(password_needs_rehash($storedData->getData(), PASSWORD_BCRYPT, array('cost' => self::PASSWORD_COST))){ |
|
| 40 | + $this->setCredential($user, $storedData->getFactor(), $data); |
|
| 41 | + } |
|
| 42 | + |
|
| 43 | + return true; |
|
| 44 | + } |
|
| 45 | + |
|
| 46 | + return false; |
|
| 47 | + } |
|
| 48 | + |
|
| 49 | + public function setCredential(User $user, $factor, $password) |
|
| 50 | + { |
|
| 51 | + $storedData = $this->getCredentialData($user->getId()); |
|
| 52 | + |
|
| 53 | + if($storedData === null){ |
|
| 54 | + $storedData = $this->createNewCredential($user); |
|
| 55 | + } |
|
| 56 | + |
|
| 57 | + $storedData->setData(password_hash($password, PASSWORD_BCRYPT, array('cost' => self::PASSWORD_COST))); |
|
| 58 | + $storedData->setFactor($factor); |
|
| 59 | + $storedData->setVersion(2); |
|
| 60 | + |
|
| 61 | + $storedData->save(); |
|
| 62 | + } |
|
| 63 | 63 | } |
| 64 | 64 | \ No newline at end of file |
@@ -15,85 +15,85 @@ |
||
| 15 | 15 | |
| 16 | 16 | abstract class CredentialProviderBase implements ICredentialProvider |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * @var PdoDatabase |
|
| 20 | - */ |
|
| 21 | - private $database; |
|
| 22 | - /** |
|
| 23 | - * @var SiteConfiguration |
|
| 24 | - */ |
|
| 25 | - private $configuration; |
|
| 26 | - /** @var string */ |
|
| 27 | - private $type; |
|
| 18 | + /** |
|
| 19 | + * @var PdoDatabase |
|
| 20 | + */ |
|
| 21 | + private $database; |
|
| 22 | + /** |
|
| 23 | + * @var SiteConfiguration |
|
| 24 | + */ |
|
| 25 | + private $configuration; |
|
| 26 | + /** @var string */ |
|
| 27 | + private $type; |
|
| 28 | 28 | |
| 29 | - /** |
|
| 30 | - * CredentialProviderBase constructor. |
|
| 31 | - * |
|
| 32 | - * @param PdoDatabase $database |
|
| 33 | - * @param SiteConfiguration $configuration |
|
| 34 | - * @param string $type |
|
| 35 | - */ |
|
| 36 | - public function __construct(PdoDatabase $database, SiteConfiguration $configuration, $type) |
|
| 37 | - { |
|
| 38 | - $this->database = $database; |
|
| 39 | - $this->configuration = $configuration; |
|
| 40 | - $this->type = $type; |
|
| 41 | - } |
|
| 29 | + /** |
|
| 30 | + * CredentialProviderBase constructor. |
|
| 31 | + * |
|
| 32 | + * @param PdoDatabase $database |
|
| 33 | + * @param SiteConfiguration $configuration |
|
| 34 | + * @param string $type |
|
| 35 | + */ |
|
| 36 | + public function __construct(PdoDatabase $database, SiteConfiguration $configuration, $type) |
|
| 37 | + { |
|
| 38 | + $this->database = $database; |
|
| 39 | + $this->configuration = $configuration; |
|
| 40 | + $this->type = $type; |
|
| 41 | + } |
|
| 42 | 42 | |
| 43 | - /** |
|
| 44 | - * @param int $userId |
|
| 45 | - * |
|
| 46 | - * @return Credential |
|
| 47 | - */ |
|
| 48 | - protected function getCredentialData($userId) |
|
| 49 | - { |
|
| 50 | - $sql = 'SELECT * FROM credential WHERE type = :t AND user = :u AND disabled = 0'; |
|
| 43 | + /** |
|
| 44 | + * @param int $userId |
|
| 45 | + * |
|
| 46 | + * @return Credential |
|
| 47 | + */ |
|
| 48 | + protected function getCredentialData($userId) |
|
| 49 | + { |
|
| 50 | + $sql = 'SELECT * FROM credential WHERE type = :t AND user = :u AND disabled = 0'; |
|
| 51 | 51 | |
| 52 | - $statement = $this->database->prepare($sql); |
|
| 53 | - $statement->execute(array(':u' => $userId, ':t' => $this->type)); |
|
| 52 | + $statement = $this->database->prepare($sql); |
|
| 53 | + $statement->execute(array(':u' => $userId, ':t' => $this->type)); |
|
| 54 | 54 | |
| 55 | - /** @var Credential $obj */ |
|
| 56 | - $obj = $statement->fetchObject(Credential::class); |
|
| 55 | + /** @var Credential $obj */ |
|
| 56 | + $obj = $statement->fetchObject(Credential::class); |
|
| 57 | 57 | |
| 58 | - if ($obj === false) { |
|
| 59 | - return null; |
|
| 60 | - } |
|
| 58 | + if ($obj === false) { |
|
| 59 | + return null; |
|
| 60 | + } |
|
| 61 | 61 | |
| 62 | - $obj->setDatabase($this->database); |
|
| 62 | + $obj->setDatabase($this->database); |
|
| 63 | 63 | |
| 64 | - $statement->closeCursor(); |
|
| 64 | + $statement->closeCursor(); |
|
| 65 | 65 | |
| 66 | - return $obj; |
|
| 67 | - } |
|
| 66 | + return $obj; |
|
| 67 | + } |
|
| 68 | 68 | |
| 69 | - /** |
|
| 70 | - * @return PdoDatabase |
|
| 71 | - */ |
|
| 72 | - public function getDatabase() |
|
| 73 | - { |
|
| 74 | - return $this->database; |
|
| 75 | - } |
|
| 69 | + /** |
|
| 70 | + * @return PdoDatabase |
|
| 71 | + */ |
|
| 72 | + public function getDatabase() |
|
| 73 | + { |
|
| 74 | + return $this->database; |
|
| 75 | + } |
|
| 76 | 76 | |
| 77 | - /** |
|
| 78 | - * @return SiteConfiguration |
|
| 79 | - */ |
|
| 80 | - public function getConfiguration() |
|
| 81 | - { |
|
| 82 | - return $this->configuration; |
|
| 83 | - } |
|
| 77 | + /** |
|
| 78 | + * @return SiteConfiguration |
|
| 79 | + */ |
|
| 80 | + public function getConfiguration() |
|
| 81 | + { |
|
| 82 | + return $this->configuration; |
|
| 83 | + } |
|
| 84 | 84 | |
| 85 | - /** |
|
| 86 | - * @param User $user |
|
| 87 | - * |
|
| 88 | - * @return Credential |
|
| 89 | - */ |
|
| 90 | - protected function createNewCredential(User $user) |
|
| 91 | - { |
|
| 92 | - $credential = new Credential(); |
|
| 93 | - $credential->setDatabase($this->getDatabase()); |
|
| 94 | - $credential->setUserId($user->getId()); |
|
| 95 | - $credential->setType($this->type); |
|
| 85 | + /** |
|
| 86 | + * @param User $user |
|
| 87 | + * |
|
| 88 | + * @return Credential |
|
| 89 | + */ |
|
| 90 | + protected function createNewCredential(User $user) |
|
| 91 | + { |
|
| 92 | + $credential = new Credential(); |
|
| 93 | + $credential->setDatabase($this->getDatabase()); |
|
| 94 | + $credential->setUserId($user->getId()); |
|
| 95 | + $credential->setType($this->type); |
|
| 96 | 96 | |
| 97 | - return $credential; |
|
| 98 | - } |
|
| 97 | + return $credential; |
|
| 98 | + } |
|
| 99 | 99 | } |
| 100 | 100 | \ No newline at end of file |
