PageUserManagement - Code Metrics - Inspection of "Fix two XSS vulns" - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — newinternal ( 65a0f5...5b021c )

by Simon

created 2020-04-26 13:09 UTC

PageUserManagement B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	532
Duplicated Lines	22.37 %

Coupling/Cohesion

Components	1
Dependencies	13

Test Coverage

Coverage

Importance

Changes

Metric	Value
dl	119
loc	532
ccs	0
cts	330
cp	0
rs	8.4
c	0
b	0
f	0
wmc	50
lcom	1
cbo	13

9 Methods

Rating	Name	Duplication	Size	Complexity
A	getRoleData()	0	31	5
A	main()	0	49	2
C	editRoles()	7	90	14
B	suspend()	57	57	6
B	decline()	55	55	6
A	approve()	0	49	4
B	rename()	0	69	6
B	editUser()	0	51	6
A	sendStatusChangeEmail()	0	14	1

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like PageUserManagement often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use PageUserManagement, and based on these observations, apply Extract Interface, too.

<?php
/******************************************************************************
 * Wikipedia Account Creation Assistance tool                                 *
 *                                                                            *
 * All code in this file is released into the public domain by the ACC        *
 * Development Team. Please see team.json for a list of contributors.         *
 ******************************************************************************/

namespace Waca\Pages;

use Waca\DataObjects\User;
use Waca\DataObjects\UserRole;
use Waca\Exceptions\ApplicationLogicException;
use Waca\Helpers\Logger;
use Waca\Helpers\SearchHelpers\UserSearchHelper;
use Waca\SessionAlert;
use Waca\Tasks\InternalPageBase;
use Waca\WebRequest;

/**
 * Class PageUserManagement
 * @package Waca\Pages
 */
class PageUserManagement extends InternalPageBase
{
    /** @var string */
    private $adminMailingList = '[email protected]';

    /**
     * Main function for this page, when no specific actions are called.
     */
    protected function main()
    {
        $this->setHtmlTitle('User Management');

        $database = $this->getDatabase();
        $currentUser = User::getCurrent($database);

        if (WebRequest::getBoolean("showAll")) {
            $this->assign("showAll", true);

            $this->assign("suspendedUsers",
                UserSearchHelper::get($database)->byStatus(User::STATUS_SUSPENDED)->fetch());
            $this->assign("declinedUsers", UserSearchHelper::get($database)->byStatus(User::STATUS_DECLINED)->fetch());

            UserSearchHelper::get($database)->getRoleMap($roleMap);
        }
        else {
            $this->assign("showAll", false);
            $this->assign("suspendedUsers", array());
            $this->assign("declinedUsers", array());

            UserSearchHelper::get($database)->statusIn(array('New', 'Active'))->getRoleMap($roleMap);
        }

        $this->assign('newUsers', UserSearchHelper::get($database)->byStatus(User::STATUS_NEW)->fetch());
        $this->assign('normalUsers',
            UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('user')->fetch());
        $this->assign('adminUsers',
            UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('admin')->fetch());
        $this->assign('checkUsers',
            UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('checkuser')->fetch());
        $this->assign('toolRoots',
            UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('toolRoot')->fetch());

        $this->assign('roles', $roleMap);

        $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
            return UserSearchHelper::get($database)->fetchColumn('username');
        });

        $this->assign('canApprove', $this->barrierTest('approve', $currentUser));
        $this->assign('canDecline', $this->barrierTest('decline', $currentUser));
        $this->assign('canRename', $this->barrierTest('rename', $currentUser));
        $this->assign('canEditUser', $this->barrierTest('editUser', $currentUser));
        $this->assign('canSuspend', $this->barrierTest('suspend', $currentUser));
        $this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser));

        $this->setTemplate("usermanagement/main.tpl");
    }

    #region Access control

    /**
     * Action target for editing the roles assigned to a user
     */
    protected function editRoles()
    {
        $this->setHtmlTitle('User Management');
        $database = $this->getDatabase();
        $userId = WebRequest::getInt('user');

        /** @var User $user */
        $user = User::getById($userId, $database);

        if ($user === false) {
            throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
        }

        $roleData = $this->getRoleData(UserRole::getForUser($user->getId(), $database));

        // Dual-mode action
        if (WebRequest::wasPosted()) {
            $this->validateCSRFToken();

            $reason = WebRequest::postString('reason');
            if ($reason === false || trim($reason) === '') {
                throw new ApplicationLogicException('No reason specified for roles change');
            }

            /** @var UserRole[] $delete */
            $delete = array();
            /** @var string[] $delete */
            $add = array();

            foreach ($roleData as $name => $r) {
                if ($r['allowEdit'] !== 1) {
                    // not allowed, to touch this, so ignore it
                    continue;
                }

                $newValue = WebRequest::postBoolean('role-' . $name) ? 1 : 0;
                if ($newValue !== $r['active']) {
                    if ($newValue === 0) {
                        $delete[] = $r['object'];
                    }

                    if ($newValue === 1) {
                        $add[] = $name;
                    }
                }
            }

            // Check there's something to do
            if ((count($add) + count($delete)) === 0) {
                $this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
                SessionAlert::warning('No changes made to roles.');

                return;
            }

            $removed = array();

            /** @var UserRole $d */
            foreach ($delete as $d) {
                $removed[] = $d->getRole();

                $d->delete();

            }

            foreach ($add as $x) {

                $a = new UserRole();
                $a->setUser($user->getId());
                $a->setRole($x);
                $a->setDatabase($database);
                $a->save();
            }

            Logger::userRolesEdited($database, $user, $reason, $add, $removed);

            // dummy save for optimistic locking. If this fails, the entire txn will roll back.
            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
            $user->save();

            $this->getNotificationHelper()->userRolesEdited($user, $reason);
            SessionAlert::quick('Roles changed for user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));

            $this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
            return;
        }
        else {
            $this->assignCSRFToken();
            $this->setTemplate('usermanagement/roleedit.tpl');
            $this->assign('user', $user);
            $this->assign('roleData', $roleData);
        }
    }

    /**
     * Action target for suspending users
     *
     * @throws ApplicationLogicException
     */
    protected function suspend()

    {
        $this->setHtmlTitle('User Management');

        $database = $this->getDatabase();

        $userId = WebRequest::getInt('user');

        /** @var User $user */
        $user = User::getById($userId, $database);

        if ($user === false) {
            throw new ApplicationLogicException('Sorry, the user you are trying to suspend could not be found.');
        }

        if ($user->isSuspended()) {
            throw new ApplicationLogicException('Sorry, the user you are trying to suspend is already suspended.');
        }

        // Dual-mode action
        if (WebRequest::wasPosted()) {
            $this->validateCSRFToken();
            $reason = WebRequest::postString('reason');

            if ($reason === null || trim($reason) === "") {
                throw new ApplicationLogicException('No reason provided');
            }

            $user->setStatus(User::STATUS_SUSPENDED);
            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
            $user->save();
            Logger::suspendedUser($database, $user, $reason);

            $this->getNotificationHelper()->userSuspended($user, $reason);
            SessionAlert::quick('Suspended user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));

            // send email
            $this->sendStatusChangeEmail(
                'Your WP:ACC account has been suspended',
                'usermanagement/emails/suspended.tpl',
                $reason,
                $user,
                User::getCurrent($database)->getUsername()
            );

            $this->redirect('userManagement');

            return;
        }
        else {
            $this->assignCSRFToken();
            $this->setTemplate('usermanagement/changelevel-reason.tpl');
            $this->assign('user', $user);
            $this->assign('status', 'Suspended');
            $this->assign("showReason", true);
        }
    }

    /**
     * Entry point for the decline action
     *
     * @throws ApplicationLogicException
     */
    protected function decline()

    {
        $this->setHtmlTitle('User Management');

        $database = $this->getDatabase();

        $userId = WebRequest::getInt('user');
        $user = User::getById($userId, $database);

        if ($user === false) {
            throw new ApplicationLogicException('Sorry, the user you are trying to decline could not be found.');
        }

        if (!$user->isNewUser()) {
            throw new ApplicationLogicException('Sorry, the user you are trying to decline is not new.');
        }

        // Dual-mode action
        if (WebRequest::wasPosted()) {
            $this->validateCSRFToken();
            $reason = WebRequest::postString('reason');

            if ($reason === null || trim($reason) === "") {
                throw new ApplicationLogicException('No reason provided');
            }

            $user->setStatus(User::STATUS_DECLINED);
            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
            $user->save();
            Logger::declinedUser($database, $user, $reason);

            $this->getNotificationHelper()->userDeclined($user, $reason);
            SessionAlert::quick('Declined user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));

            // send email
            $this->sendStatusChangeEmail(
                'Your WP:ACC account has been declined',
                'usermanagement/emails/declined.tpl',
                $reason,
                $user,
                User::getCurrent($database)->getUsername()
            );

            $this->redirect('userManagement');

            return;
        }
        else {
            $this->assignCSRFToken();
            $this->setTemplate('usermanagement/changelevel-reason.tpl');
            $this->assign('user', $user);
            $this->assign('status', 'Declined');
            $this->assign("showReason", true);
        }
    }

    /**
     * Entry point for the approve action
     *
     * @throws ApplicationLogicException
     */
    protected function approve()
    {
        $this->setHtmlTitle('User Management');

        $database = $this->getDatabase();

        $userId = WebRequest::getInt('user');
        $user = User::getById($userId, $database);

        if ($user === false) {
            throw new ApplicationLogicException('Sorry, the user you are trying to approve could not be found.');
        }

        if ($user->isActive()) {
            throw new ApplicationLogicException('Sorry, the user you are trying to approve is already an active user.');
        }

        // Dual-mode action
        if (WebRequest::wasPosted()) {
            $this->validateCSRFToken();
            $user->setStatus(User::STATUS_ACTIVE);
            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
            $user->save();
            Logger::approvedUser($database, $user);

            $this->getNotificationHelper()->userApproved($user);
            SessionAlert::quick('Approved user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));

            // send email
            $this->sendStatusChangeEmail(
                'Your WP:ACC account has been approved',
                'usermanagement/emails/approved.tpl',
                null,
                $user,
                User::getCurrent($database)->getUsername()
            );

            $this->redirect("userManagement");

            return;
        }
        else {
            $this->assignCSRFToken();
            $this->setTemplate("usermanagement/changelevel-reason.tpl");
            $this->assign("user", $user);
            $this->assign("status", "User");
            $this->assign("showReason", false);
        }
    }

    #endregion

    #region Renaming / Editing

    /**
     * Entry point for the rename action
     *
     * @throws ApplicationLogicException
     */
    protected function rename()
    {
        $this->setHtmlTitle('User Management');

        $database = $this->getDatabase();

        $userId = WebRequest::getInt('user');
        $user = User::getById($userId, $database);

        if ($user === false) {
            throw new ApplicationLogicException('Sorry, the user you are trying to rename could not be found.');
        }

        // Dual-mode action
        if (WebRequest::wasPosted()) {
            $this->validateCSRFToken();
            $newUsername = WebRequest::postString('newname');

            if ($newUsername === null || trim($newUsername) === "") {
                throw new ApplicationLogicException('The new username cannot be empty');
            }

            if (User::getByUsername($newUsername, $database) != false) {
                throw new ApplicationLogicException('The new username already exists');
            }

            $oldUsername = $user->getUsername();
            $user->setUsername($newUsername);
            $user->setUpdateVersion(WebRequest::postInt('updateversion'));

            $user->save();

            $logEntryData = serialize(array(
                'old' => $oldUsername,
                'new' => $newUsername,
            ));

            Logger::renamedUser($database, $user, $logEntryData);

            SessionAlert::quick("Changed User "
                . htmlentities($oldUsername, ENT_COMPAT, 'UTF-8')
                . " name to "
                . htmlentities($newUsername, ENT_COMPAT, 'UTF-8'));

            $this->getNotificationHelper()->userRenamed($user, $oldUsername);

            // send an email to the user.
            $this->assign('targetUsername', $user->getUsername());
            $this->assign('toolAdmin', User::getCurrent($database)->getUsername());
            $this->assign('oldUsername', $oldUsername);
            $this->assign('mailingList', $this->adminMailingList);

            $this->getEmailHelper()->sendMail(
                $user->getEmail(),
                'Your username on WP:ACC has been changed',
                $this->fetchTemplate('usermanagement/emails/renamed.tpl'),
                array('Reply-To' => $this->adminMailingList)
            );

            $this->redirect("userManagement");

            return;
        }
        else {
            $this->assignCSRFToken();
            $this->setTemplate('usermanagement/renameuser.tpl');
            $this->assign('user', $user);
        }
    }

    /**
     * Entry point for the edit action
     *
     * @throws ApplicationLogicException
     */
    protected function editUser()
    {
        $this->setHtmlTitle('User Management');

        $database = $this->getDatabase();

        $userId = WebRequest::getInt('user');
        $user = User::getById($userId, $database);

        if ($user === false) {
            throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
        }

        // Dual-mode action
        if (WebRequest::wasPosted()) {
            $this->validateCSRFToken();
            $newEmail = WebRequest::postEmail('user_email');
            $newOnWikiName = WebRequest::postString('user_onwikiname');

            if ($newEmail === null) {
                throw new ApplicationLogicException('Invalid email address');
            }

            if (!$user->isOAuthLinked()) {
                if (trim($newOnWikiName) == "") {
                    throw new ApplicationLogicException('New on-wiki username cannot be blank');
                }

                $user->setOnWikiName($newOnWikiName);
            }

            $user->setEmail($newEmail);

            $user->setUpdateVersion(WebRequest::postInt('updateversion'));

            $user->save();

            Logger::userPreferencesChange($database, $user);
            $this->getNotificationHelper()->userPrefChange($user);
            SessionAlert::quick('Changes to user\'s preferences have been saved');

            $this->redirect("userManagement");

            return;
        }
        else {
            $this->assignCSRFToken();
            $this->setTemplate('usermanagement/edituser.tpl');
            $this->assign('user', $user);
        }
    }

    #endregion

    /**
     * Sends a status change email to the user.
     *
     * @param string      $subject           The subject of the email
     * @param string      $template          The smarty template to use
     * @param string|null $reason            The reason for performing the status change
     * @param User        $user              The user affected
     * @param string      $toolAdminUsername The tool admin's username who is making the edit
     */
    private function sendStatusChangeEmail($subject, $template, $reason, $user, $toolAdminUsername)
    {
        $this->assign('targetUsername', $user->getUsername());
        $this->assign('toolAdmin', $toolAdminUsername);
        $this->assign('actionReason', $reason);
        $this->assign('mailingList', $this->adminMailingList);

        $this->getEmailHelper()->sendMail(
            $user->getEmail(),
            $subject,
            $this->fetchTemplate($template),
            array('Reply-To' => $this->adminMailingList)
        );
    }

    /**
     * @param UserRole[] $activeRoles
     *
     * @return array
     */
    private function getRoleData($activeRoles)
    {
        $availableRoles = $this->getSecurityManager()->getRoleConfiguration()->getAvailableRoles();

        $currentUser = User::getCurrent($this->getDatabase());
        $this->getSecurityManager()->getActiveRoles($currentUser, $userRoles, $inactiveRoles);

        $initialValue = array('active' => 0, 'allowEdit' => 0, 'description' => '???', 'object' => null);

        $roleData = array();
        foreach ($availableRoles as $role => $data) {
            $intersection = array_intersect($data['editableBy'], $userRoles);

            $roleData[$role] = $initialValue;
            $roleData[$role]['allowEdit'] = count($intersection) > 0 ? 1 : 0;
            $roleData[$role]['description'] = $data['description'];
        }

        foreach ($activeRoles as $role) {
            if (!isset($roleData[$role->getRole()])) {
                // This value is no longer available in the configuration, allow changing (aka removing) it.
                $roleData[$role->getRole()] = $initialValue;
                $roleData[$role->getRole()]['allowEdit'] = 1;
            }

            $roleData[$role->getRole()]['object'] = $role;
            $roleData[$role->getRole()]['active'] = 1;
        }

        return $roleData;
    }
}


1		<?php
2		/******************************************************************************
3		* Wikipedia Account Creation Assistance tool *
4		* *
5		* All code in this file is released into the public domain by the ACC *
6		* Development Team. Please see team.json for a list of contributors. *
7		******************************************************************************/
8
9		namespace Waca\Pages;
10
11		use Waca\DataObjects\User;
12		use Waca\DataObjects\UserRole;
13		use Waca\Exceptions\ApplicationLogicException;
14		use Waca\Helpers\Logger;
15		use Waca\Helpers\SearchHelpers\UserSearchHelper;
16		use Waca\SessionAlert;
17		use Waca\Tasks\InternalPageBase;
18		use Waca\WebRequest;
19
20		/**
21		* Class PageUserManagement
22		* @package Waca\Pages
23		*/
24		class PageUserManagement extends InternalPageBase
25		{
26		/** @var string */
27		private $adminMailingList = '[email protected]';
28
29		/**
30		* Main function for this page, when no specific actions are called.
31		*/
32		protected function main()
33		{
34		$this->setHtmlTitle('User Management');
35
36		$database = $this->getDatabase();
37		$currentUser = User::getCurrent($database);
38
39		if (WebRequest::getBoolean("showAll")) {
40		$this->assign("showAll", true);
41
42		$this->assign("suspendedUsers",
43		UserSearchHelper::get($database)->byStatus(User::STATUS_SUSPENDED)->fetch());
44		$this->assign("declinedUsers", UserSearchHelper::get($database)->byStatus(User::STATUS_DECLINED)->fetch());
45
46		UserSearchHelper::get($database)->getRoleMap($roleMap);
47		}
48		else {
49		$this->assign("showAll", false);
50		$this->assign("suspendedUsers", array());
51		$this->assign("declinedUsers", array());
52
53		UserSearchHelper::get($database)->statusIn(array('New', 'Active'))->getRoleMap($roleMap);
54		}
55
56		$this->assign('newUsers', UserSearchHelper::get($database)->byStatus(User::STATUS_NEW)->fetch());
57		$this->assign('normalUsers',
58		UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('user')->fetch());
59		$this->assign('adminUsers',
60		UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('admin')->fetch());
61		$this->assign('checkUsers',
62		UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('checkuser')->fetch());
63		$this->assign('toolRoots',
64		UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('toolRoot')->fetch());
65
66		$this->assign('roles', $roleMap);
67
68		$this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
69		return UserSearchHelper::get($database)->fetchColumn('username');
70		});
71
72		$this->assign('canApprove', $this->barrierTest('approve', $currentUser));
73		$this->assign('canDecline', $this->barrierTest('decline', $currentUser));
74		$this->assign('canRename', $this->barrierTest('rename', $currentUser));
75		$this->assign('canEditUser', $this->barrierTest('editUser', $currentUser));
76		$this->assign('canSuspend', $this->barrierTest('suspend', $currentUser));
77		$this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser));
78
79		$this->setTemplate("usermanagement/main.tpl");
80		}
81
82		#region Access control
83
84		/**
85		* Action target for editing the roles assigned to a user
86		*/
87		protected function editRoles()
88		{
89		$this->setHtmlTitle('User Management');
90		$database = $this->getDatabase();
91		$userId = WebRequest::getInt('user');
92
93		/** @var User $user */
94		$user = User::getById($userId, $database);
95
96		if ($user === false) {
97		throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
98		}
99
100		$roleData = $this->getRoleData(UserRole::getForUser($user->getId(), $database));
101
102		// Dual-mode action
103		if (WebRequest::wasPosted()) {
104		$this->validateCSRFToken();
105
106		$reason = WebRequest::postString('reason');
107		if ($reason === false \|\| trim($reason) === '') {
108		throw new ApplicationLogicException('No reason specified for roles change');
109		}
110
111		/** @var UserRole[] $delete */
112		$delete = array();
113		/** @var string[] $delete */
114		$add = array();
115
116		foreach ($roleData as $name => $r) {
117		if ($r['allowEdit'] !== 1) {
118		// not allowed, to touch this, so ignore it
119		continue;
120		}
121
122		$newValue = WebRequest::postBoolean('role-' . $name) ? 1 : 0;
123		if ($newValue !== $r['active']) {
124		if ($newValue === 0) {
125		$delete[] = $r['object'];
126		}
127
128		if ($newValue === 1) {
129		$add[] = $name;
130		}
131		}
132		}
133
134		// Check there's something to do
135		if ((count($add) + count($delete)) === 0) {
136		$this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
137		SessionAlert::warning('No changes made to roles.');
138
139		return;
140		}
141
142		$removed = array();
143
144		/** @var UserRole $d */
145		foreach ($delete as $d) {
146		$removed[] = $d->getRole();
		0 ignored issues – show Bug introduced 2017-01-29 14:52 UTC by Report Bug Copy Issue Report The method `getRole` cannot be called on `$d` (of type `string`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
147		$d->delete();
		0 ignored issues – show Bug introduced 2017-01-29 14:52 UTC by Report Bug Copy Issue Report The method `delete` cannot be called on `$d` (of type `string`). Methods can only be called on objects. This check looks for methods being called on variables that have been inferred to never be objects. Loading history...
148		}
149
150	View Code Duplication	foreach ($add as $x) {
		0 ignored issues – show Duplication introduced 2017-01-29 14:52 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
151		$a = new UserRole();
152		$a->setUser($user->getId());
153		$a->setRole($x);
154		$a->setDatabase($database);
155		$a->save();
156		}
157
158		Logger::userRolesEdited($database, $user, $reason, $add, $removed);
159
160		// dummy save for optimistic locking. If this fails, the entire txn will roll back.
161		$user->setUpdateVersion(WebRequest::postInt('updateversion'));
162		$user->save();
163
164		$this->getNotificationHelper()->userRolesEdited($user, $reason);
165		SessionAlert::quick('Roles changed for user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
166
167		$this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
168		return;
169		}
170		else {
171		$this->assignCSRFToken();
172		$this->setTemplate('usermanagement/roleedit.tpl');
173		$this->assign('user', $user);
174		$this->assign('roleData', $roleData);
175		}
176		}
177
178		/**
179		* Action target for suspending users
180		*
181		* @throws ApplicationLogicException
182		*/
183	View Code Duplication	protected function suspend()
		0 ignored issues – show Duplication introduced 2017-08-14 23:52 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
184		{
185		$this->setHtmlTitle('User Management');
186
187		$database = $this->getDatabase();
188
189		$userId = WebRequest::getInt('user');
190
191		/** @var User $user */
192		$user = User::getById($userId, $database);
193
194		if ($user === false) {
195		throw new ApplicationLogicException('Sorry, the user you are trying to suspend could not be found.');
196		}
197
198		if ($user->isSuspended()) {
199		throw new ApplicationLogicException('Sorry, the user you are trying to suspend is already suspended.');
200		}
201
202		// Dual-mode action
203		if (WebRequest::wasPosted()) {
204		$this->validateCSRFToken();
205		$reason = WebRequest::postString('reason');
206
207		if ($reason === null \|\| trim($reason) === "") {
208		throw new ApplicationLogicException('No reason provided');
209		}
210
211		$user->setStatus(User::STATUS_SUSPENDED);
212		$user->setUpdateVersion(WebRequest::postInt('updateversion'));
213		$user->save();
214		Logger::suspendedUser($database, $user, $reason);
215
216		$this->getNotificationHelper()->userSuspended($user, $reason);
217		SessionAlert::quick('Suspended user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
218
219		// send email
220		$this->sendStatusChangeEmail(
221		'Your WP:ACC account has been suspended',
222		'usermanagement/emails/suspended.tpl',
223		$reason,
224		$user,
225		User::getCurrent($database)->getUsername()
226		);
227
228		$this->redirect('userManagement');
229
230		return;
231		}
232		else {
233		$this->assignCSRFToken();
234		$this->setTemplate('usermanagement/changelevel-reason.tpl');
235		$this->assign('user', $user);
236		$this->assign('status', 'Suspended');
237		$this->assign("showReason", true);
238		}
239		}
240
241		/**
242		* Entry point for the decline action
243		*
244		* @throws ApplicationLogicException
245		*/
246	View Code Duplication	protected function decline()
		0 ignored issues – show Duplication introduced 2017-08-14 23:52 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
247		{
248		$this->setHtmlTitle('User Management');
249
250		$database = $this->getDatabase();
251
252		$userId = WebRequest::getInt('user');
253		$user = User::getById($userId, $database);
254
255		if ($user === false) {
256		throw new ApplicationLogicException('Sorry, the user you are trying to decline could not be found.');
257		}
258
259		if (!$user->isNewUser()) {
260		throw new ApplicationLogicException('Sorry, the user you are trying to decline is not new.');
261		}
262
263		// Dual-mode action
264		if (WebRequest::wasPosted()) {
265		$this->validateCSRFToken();
266		$reason = WebRequest::postString('reason');
267
268		if ($reason === null \|\| trim($reason) === "") {
269		throw new ApplicationLogicException('No reason provided');
270		}
271
272		$user->setStatus(User::STATUS_DECLINED);
273		$user->setUpdateVersion(WebRequest::postInt('updateversion'));
274		$user->save();
275		Logger::declinedUser($database, $user, $reason);
276
277		$this->getNotificationHelper()->userDeclined($user, $reason);
278		SessionAlert::quick('Declined user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
279
280		// send email
281		$this->sendStatusChangeEmail(
282		'Your WP:ACC account has been declined',
283		'usermanagement/emails/declined.tpl',
284		$reason,
285		$user,
286		User::getCurrent($database)->getUsername()
287		);
288
289		$this->redirect('userManagement');
290
291		return;
292		}
293		else {
294		$this->assignCSRFToken();
295		$this->setTemplate('usermanagement/changelevel-reason.tpl');
296		$this->assign('user', $user);
297		$this->assign('status', 'Declined');
298		$this->assign("showReason", true);
299		}
300		}
301
302		/**
303		* Entry point for the approve action
304		*
305		* @throws ApplicationLogicException
306		*/
307		protected function approve()
308		{
309		$this->setHtmlTitle('User Management');
310
311		$database = $this->getDatabase();
312
313		$userId = WebRequest::getInt('user');
314		$user = User::getById($userId, $database);
315
316		if ($user === false) {
317		throw new ApplicationLogicException('Sorry, the user you are trying to approve could not be found.');
318		}
319
320		if ($user->isActive()) {
321		throw new ApplicationLogicException('Sorry, the user you are trying to approve is already an active user.');
322		}
323
324		// Dual-mode action
325		if (WebRequest::wasPosted()) {
326		$this->validateCSRFToken();
327		$user->setStatus(User::STATUS_ACTIVE);
328		$user->setUpdateVersion(WebRequest::postInt('updateversion'));
329		$user->save();
330		Logger::approvedUser($database, $user);
331
332		$this->getNotificationHelper()->userApproved($user);
333		SessionAlert::quick('Approved user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
334
335		// send email
336		$this->sendStatusChangeEmail(
337		'Your WP:ACC account has been approved',
338		'usermanagement/emails/approved.tpl',
339		null,
340		$user,
341		User::getCurrent($database)->getUsername()
342		);
343
344		$this->redirect("userManagement");
345
346		return;
347		}
348		else {
349		$this->assignCSRFToken();
350		$this->setTemplate("usermanagement/changelevel-reason.tpl");
351		$this->assign("user", $user);
352		$this->assign("status", "User");
353		$this->assign("showReason", false);
354		}
355		}
356
357		#endregion
358
359		#region Renaming / Editing
360
361		/**
362		* Entry point for the rename action
363		*
364		* @throws ApplicationLogicException
365		*/
366		protected function rename()
367		{
368		$this->setHtmlTitle('User Management');
369
370		$database = $this->getDatabase();
371
372		$userId = WebRequest::getInt('user');
373		$user = User::getById($userId, $database);
374
375		if ($user === false) {
376		throw new ApplicationLogicException('Sorry, the user you are trying to rename could not be found.');
377		}
378
379		// Dual-mode action
380		if (WebRequest::wasPosted()) {
381		$this->validateCSRFToken();
382		$newUsername = WebRequest::postString('newname');
383
384		if ($newUsername === null \|\| trim($newUsername) === "") {
385		throw new ApplicationLogicException('The new username cannot be empty');
386		}
387
388		if (User::getByUsername($newUsername, $database) != false) {
389		throw new ApplicationLogicException('The new username already exists');
390		}
391
392		$oldUsername = $user->getUsername();
393		$user->setUsername($newUsername);
394		$user->setUpdateVersion(WebRequest::postInt('updateversion'));
395
396		$user->save();
397
398		$logEntryData = serialize(array(
399		'old' => $oldUsername,
400		'new' => $newUsername,
401		));
402
403		Logger::renamedUser($database, $user, $logEntryData);
404
405		SessionAlert::quick("Changed User "
406		. htmlentities($oldUsername, ENT_COMPAT, 'UTF-8')
407		. " name to "
408		. htmlentities($newUsername, ENT_COMPAT, 'UTF-8'));
409
410		$this->getNotificationHelper()->userRenamed($user, $oldUsername);
411
412		// send an email to the user.
413		$this->assign('targetUsername', $user->getUsername());
414		$this->assign('toolAdmin', User::getCurrent($database)->getUsername());
415		$this->assign('oldUsername', $oldUsername);
416		$this->assign('mailingList', $this->adminMailingList);
417
418		$this->getEmailHelper()->sendMail(
419		$user->getEmail(),
420		'Your username on WP:ACC has been changed',
421		$this->fetchTemplate('usermanagement/emails/renamed.tpl'),
422		array('Reply-To' => $this->adminMailingList)
423		);
424
425		$this->redirect("userManagement");
426
427		return;
428		}
429		else {
430		$this->assignCSRFToken();
431		$this->setTemplate('usermanagement/renameuser.tpl');
432		$this->assign('user', $user);
433		}
434		}
435
436		/**
437		* Entry point for the edit action
438		*
439		* @throws ApplicationLogicException
440		*/
441		protected function editUser()
442		{
443		$this->setHtmlTitle('User Management');
444
445		$database = $this->getDatabase();
446
447		$userId = WebRequest::getInt('user');
448		$user = User::getById($userId, $database);
449
450		if ($user === false) {
451		throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
452		}
453
454		// Dual-mode action
455		if (WebRequest::wasPosted()) {
456		$this->validateCSRFToken();
457		$newEmail = WebRequest::postEmail('user_email');
458		$newOnWikiName = WebRequest::postString('user_onwikiname');
459
460		if ($newEmail === null) {
461		throw new ApplicationLogicException('Invalid email address');
462		}
463
464		if (!$user->isOAuthLinked()) {
465		if (trim($newOnWikiName) == "") {
466		throw new ApplicationLogicException('New on-wiki username cannot be blank');
467		}
468
469		$user->setOnWikiName($newOnWikiName);
470		}
471
472		$user->setEmail($newEmail);
473
474		$user->setUpdateVersion(WebRequest::postInt('updateversion'));
475
476		$user->save();
477
478		Logger::userPreferencesChange($database, $user);
479		$this->getNotificationHelper()->userPrefChange($user);
480		SessionAlert::quick('Changes to user\'s preferences have been saved');
481
482		$this->redirect("userManagement");
483
484		return;
485		}
486		else {
487		$this->assignCSRFToken();
488		$this->setTemplate('usermanagement/edituser.tpl');
489		$this->assign('user', $user);
490		}
491		}
492
493		#endregion
494
495		/**
496		* Sends a status change email to the user.
497		*
498		* @param string $subject The subject of the email
499		* @param string $template The smarty template to use
500		* @param string\|null $reason The reason for performing the status change
501		* @param User $user The user affected
502		* @param string $toolAdminUsername The tool admin's username who is making the edit
503		*/
504		private function sendStatusChangeEmail($subject, $template, $reason, $user, $toolAdminUsername)
505		{
506		$this->assign('targetUsername', $user->getUsername());
507		$this->assign('toolAdmin', $toolAdminUsername);
508		$this->assign('actionReason', $reason);
509		$this->assign('mailingList', $this->adminMailingList);
510
511		$this->getEmailHelper()->sendMail(
512		$user->getEmail(),
513		$subject,
514		$this->fetchTemplate($template),
515		array('Reply-To' => $this->adminMailingList)
516		);
517		}
518
519		/**
520		* @param UserRole[] $activeRoles
521		*
522		* @return array
523		*/
524		private function getRoleData($activeRoles)
525		{
526		$availableRoles = $this->getSecurityManager()->getRoleConfiguration()->getAvailableRoles();
527
528		$currentUser = User::getCurrent($this->getDatabase());
529		$this->getSecurityManager()->getActiveRoles($currentUser, $userRoles, $inactiveRoles);
530
531		$initialValue = array('active' => 0, 'allowEdit' => 0, 'description' => '???', 'object' => null);
532
533		$roleData = array();
534		foreach ($availableRoles as $role => $data) {
535		$intersection = array_intersect($data['editableBy'], $userRoles);
536
537		$roleData[$role] = $initialValue;
538		$roleData[$role]['allowEdit'] = count($intersection) > 0 ? 1 : 0;
539		$roleData[$role]['description'] = $data['description'];
540		}
541
542		foreach ($activeRoles as $role) {
543		if (!isset($roleData[$role->getRole()])) {
544		// This value is no longer available in the configuration, allow changing (aka removing) it.
545		$roleData[$role->getRole()] = $initialValue;
546		$roleData[$role->getRole()]['allowEdit'] = 1;
547		}
548
549		$roleData[$role->getRole()]['object'] = $role;
550		$roleData[$role->getRole()]['active'] = 1;
551		}
552
553		return $roleData;
554		}
555		}
556

enwikipedia-acc / waca