Inspection of "Bump sass from 1.77.8 to 1.80.6" - mdaniels5757/waca - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — dependabot/npm_and_yarn/sass-1... ( 173e70...4078c3 )

unknown

created 2025-05-03 19:48 UTC

Status

Indentation +21 added lines, -21 removed lines patch added patch discarded remove patch

@@ -12,29 +12,29 @@
 block discarded – undo
 
 interface ISecurityManager
 {
-    public const ALLOWED = 1;
-    public const ERROR_NOT_IDENTIFIED = 2;
-    public const ERROR_DENIED = 3;
+	public const ALLOWED = 1;
+	public const ERROR_NOT_IDENTIFIED = 2;
+	public const ERROR_DENIED = 3;
 
-    /**
-     * Tests if a user is allowed to perform an action.
-     *
-     * This method should form a hard, deterministic security barrier, and only return true if it is absolutely sure
-     * that a user should have access to something.
-     *
-     * @param string $page
-     * @param string $route
-     * @param User   $user
-     *
-     * @return int
-     *
-     * @category Security-Critical
-     */
-    public function allows(string $page, string $route, User $user): int;
+	/**
+	 * Tests if a user is allowed to perform an action.
+	 *
+	 * This method should form a hard, deterministic security barrier, and only return true if it is absolutely sure
+	 * that a user should have access to something.
+	 *
+	 * @param string $page
+	 * @param string $route
+	 * @param User   $user
+	 *
+	 * @return int
+	 *
+	 * @category Security-Critical
+	 */
+	public function allows(string $page, string $route, User $user): int;
 
-    public function getActiveRoles(User $user, ?array &$activeRoles, ?array &$inactiveRoles);
+	public function getActiveRoles(User $user, ?array &$activeRoles, ?array &$inactiveRoles);
 
-    public function getCachedActiveRoles(User $user, ?array &$activeRoles, ?array &$inactiveRoles): void;
+	public function getCachedActiveRoles(User $user, ?array &$activeRoles, ?array &$inactiveRoles): void;
 
-    public function getAvailableRoles(): array;
+	public function getAvailableRoles(): array;
 }
\ No newline at end of file

Please login to merge, or discard this patch.

includes/Security/UserAccessLoader.php 1 patch

Indentation +21 added lines, -21 removed lines patch added patch discarded remove patch

@@ -15,37 +15,37 @@
 block discarded – undo
 
 final class UserAccessLoader implements IUserAccessLoader
 {
-    public function loadRolesForUser(User $user): array
-    {
-        $domain = Domain::getCurrent($user->getDatabase());
-        $userRoles = UserRole::getForUser($user->getId(), $user->getDatabase(), $domain->getId());
+	public function loadRolesForUser(User $user): array
+	{
+		$domain = Domain::getCurrent($user->getDatabase());
+		$userRoles = UserRole::getForUser($user->getId(), $user->getDatabase(), $domain->getId());
 
-        return array_map(fn(UserRole $r): string => $r->getRole(), $userRoles);
-    }
+		return array_map(fn(UserRole $r): string => $r->getRole(), $userRoles);
+	}
 
-    public function loadDomainsForUser(User $user): array
-    {
-        $database = $user->getDatabase();
+	public function loadDomainsForUser(User $user): array
+	{
+		$database = $user->getDatabase();
 
-        $statement = $database->prepare(<<<'SQL'
+		$statement = $database->prepare(<<<'SQL'
             SELECT d.* 
             FROM domain d
             INNER JOIN userdomain ud on d.id = ud.domain
             WHERE ud.user = :user
             AND d.enabled = 1
 SQL
-        );
-        $statement->execute([
-            ':user' => $user->getId()
-        ]);
+		);
+		$statement->execute([
+			':user' => $user->getId()
+		]);
 
-        $resultObjects = $statement->fetchAll(PDO::FETCH_CLASS, Domain::class);
+		$resultObjects = $statement->fetchAll(PDO::FETCH_CLASS, Domain::class);
 
-        /** @var Domain $t */
-        foreach ($resultObjects as $t) {
-            $t->setDatabase($database);
-        }
+		/** @var Domain $t */
+		foreach ($resultObjects as $t) {
+			$t->setDatabase($database);
+		}
 
-        return $resultObjects;
-    }
+		return $resultObjects;
+	}
 }
\ No newline at end of file

Please login to merge, or discard this patch.

includes/Security/IDomainAccessManager.php 1 patch

Indentation +8 added lines, -8 removed lines patch added patch discarded remove patch

@@ -13,14 +13,14 @@
 block discarded – undo
 
 interface IDomainAccessManager
 {
-    public function switchToDefaultDomain(User $user): void;
+	public function switchToDefaultDomain(User $user): void;
 
-    public function switchDomain(User $user, Domain $newDomain): void;
+	public function switchDomain(User $user, Domain $newDomain): void;
 
-    /**
-     * @param User $user
-     *
-     * @return Domain[]
-     */
-    public function getAllowedDomains(User $user): array;
+	/**
+	 * @param User $user
+	 *
+	 * @return Domain[]
+	 */
+	public function getAllowedDomains(User $user): array;
 }
\ No newline at end of file

Please login to merge, or discard this patch.

includes/Security/RoleConfigurationBase.php 1 patch

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

@@ -10,135 +10,135 @@
 block discarded – undo
 
 abstract class RoleConfigurationBase
 {
-    const ACCESS_ALLOW = 1;
-    const ACCESS_DENY = -1;
-    const ACCESS_DEFAULT = 0;
-    const MAIN = 'main';
-    const ALL = '*';
-
-    protected array $roleConfig;
-    protected array $identificationExempt;
-
-    protected function __construct(array $roleConfig, array $identificationExempt)
-    {
-        $this->roleConfig = $roleConfig;
-        $this->identificationExempt = $identificationExempt;
-    }
-
-    /**
-     * Takes an array of role names and flattens the values to a single
-     * resultant role configuration.
-     *
-     * @param string[] $activeRoles
-     * @category Security-Critical
-     */
-    public function getResultantRole(array $activeRoles): array
-    {
-        $result = array();
-
-        $roleConfig = $this->getApplicableRoles($activeRoles);
-
-        // Iterate over every page in every role
-        foreach ($roleConfig as $role) {
-            foreach ($role as $page => $pageRights) {
-                // Create holder in result for this page
-                if (!isset($result[$page])) {
-                    $result[$page] = array();
-                }
-
-                foreach ($pageRights as $action => $permission) {
-                    // Deny takes precedence, so if it's set, don't change it.
-                    if (isset($result[$page][$action])) {
-                        if ($result[$page][$action] === RoleConfigurationBase::ACCESS_DENY) {
-                            continue;
-                        }
-                    }
-
-                    if ($permission === RoleConfigurationBase::ACCESS_DEFAULT) {
-                        // Configured to do precisely nothing.
-                        continue;
-                    }
-
-                    $result[$page][$action] = $permission;
-                }
-            }
-        }
-
-        return $result;
-    }
-
-    /**
-     * Returns a set of all roles which are available to be set.
-     *
-     * Hidden roles and implicit roles are excluded.
-     */
-    public function getAvailableRoles(): array
-    {
-        // remove the implicit roles
-        $possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn', 'user'));
-
-        $actual = array();
-
-        foreach ($possible as $role) {
-            if (!isset($this->roleConfig[$role]['_hidden'])) {
-                $actual[$role] = array(
-                    'description' => $this->roleConfig[$role]['_description'],
-                    'editableBy'  => $this->roleConfig[$role]['_editableBy'],
-                    'globalOnly'  => isset($this->roleConfig[$role]['_globalOnly']) && $this->roleConfig[$role]['_globalOnly'],
-                );
-            }
-        }
-
-        return $actual;
-    }
-
-    /**
-     * Returns a boolean for whether the provided role requires identification
-     * before being used by a user.
-     *
-     * @category Security-Critical
-     */
-    public function roleNeedsIdentification(string $role): bool
-    {
-        if (in_array($role, $this->identificationExempt)) {
-            return false;
-        }
-
-        return true;
-    }
-
-    /**
-     * Takes an array of role names, and returns all the relevant roles for that
-     * set, including any child roles found recursively.
-     *
-     * @param array $roles The names of roles to start searching with
-     */
-    private function getApplicableRoles(array $roles): array
-    {
-        $available = array();
-
-        foreach ($roles as $role) {
-            if (!isset($this->roleConfig[$role])) {
-                // wat
-                continue;
-            }
-
-            $available[$role] = $this->roleConfig[$role];
-
-            if (isset($available[$role]['_childRoles'])) {
-                $childRoles = $this->getApplicableRoles($available[$role]['_childRoles']);
-                $available = array_merge($available, $childRoles);
-
-                unset($available[$role]['_childRoles']);
-            }
-
-            foreach (array('_hidden', '_editableBy', '_description') as $item) {
-                if (isset($available[$role][$item])) {
-                    unset($available[$role][$item]);
-                }
-            }
-        }
-
-        return $available;
-    }
+	const ACCESS_ALLOW = 1;
+	const ACCESS_DENY = -1;
+	const ACCESS_DEFAULT = 0;
+	const MAIN = 'main';
+	const ALL = '*';
+
+	protected array $roleConfig;
+	protected array $identificationExempt;
+
+	protected function __construct(array $roleConfig, array $identificationExempt)
+	{
+		$this->roleConfig = $roleConfig;
+		$this->identificationExempt = $identificationExempt;
+	}
+
+	/**
+	 * Takes an array of role names and flattens the values to a single
+	 * resultant role configuration.
+	 *
+	 * @param string[] $activeRoles
+	 * @category Security-Critical
+	 */
+	public function getResultantRole(array $activeRoles): array
+	{
+		$result = array();
+
+		$roleConfig = $this->getApplicableRoles($activeRoles);
+
+		// Iterate over every page in every role
+		foreach ($roleConfig as $role) {
+			foreach ($role as $page => $pageRights) {
+				// Create holder in result for this page
+				if (!isset($result[$page])) {
+					$result[$page] = array();
+				}
+
+				foreach ($pageRights as $action => $permission) {
+					// Deny takes precedence, so if it's set, don't change it.
+					if (isset($result[$page][$action])) {
+						if ($result[$page][$action] === RoleConfigurationBase::ACCESS_DENY) {
+							continue;
+						}
+					}
+
+					if ($permission === RoleConfigurationBase::ACCESS_DEFAULT) {
+						// Configured to do precisely nothing.
+						continue;
+					}
+
+					$result[$page][$action] = $permission;
+				}
+			}
+		}
+
+		return $result;
+	}
+
+	/**
+	 * Returns a set of all roles which are available to be set.
+	 *
+	 * Hidden roles and implicit roles are excluded.
+	 */
+	public function getAvailableRoles(): array
+	{
+		// remove the implicit roles
+		$possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn', 'user'));
+
+		$actual = array();
+
+		foreach ($possible as $role) {
+			if (!isset($this->roleConfig[$role]['_hidden'])) {
+				$actual[$role] = array(
+					'description' => $this->roleConfig[$role]['_description'],
+					'editableBy'  => $this->roleConfig[$role]['_editableBy'],
+					'globalOnly'  => isset($this->roleConfig[$role]['_globalOnly']) && $this->roleConfig[$role]['_globalOnly'],
+				);
+			}
+		}
+
+		return $actual;
+	}
+
+	/**
+	 * Returns a boolean for whether the provided role requires identification
+	 * before being used by a user.
+	 *
+	 * @category Security-Critical
+	 */
+	public function roleNeedsIdentification(string $role): bool
+	{
+		if (in_array($role, $this->identificationExempt)) {
+			return false;
+		}
+
+		return true;
+	}
+
+	/**
+	 * Takes an array of role names, and returns all the relevant roles for that
+	 * set, including any child roles found recursively.
+	 *
+	 * @param array $roles The names of roles to start searching with
+	 */
+	private function getApplicableRoles(array $roles): array
+	{
+		$available = array();
+
+		foreach ($roles as $role) {
+			if (!isset($this->roleConfig[$role])) {
+				// wat
+				continue;
+			}
+
+			$available[$role] = $this->roleConfig[$role];
+
+			if (isset($available[$role]['_childRoles'])) {
+				$childRoles = $this->getApplicableRoles($available[$role]['_childRoles']);
+				$available = array_merge($available, $childRoles);
+
+				unset($available[$role]['_childRoles']);
+			}
+
+			foreach (array('_hidden', '_editableBy', '_description') as $item) {
+				if (isset($available[$role][$item])) {
+					unset($available[$role][$item]);
+				}
+			}
+		}
+
+		return $available;
+	}
 }
\ No newline at end of file

Please login to merge, or discard this patch.

includes/Security/RoleConfiguration.php 1 patch

Indentation +404 added lines, -404 removed lines patch added patch discarded remove patch

@@ -58,423 +58,423 @@
 block discarded – undo
 
 final class RoleConfiguration extends RoleConfigurationBase
 {
-    /**
-     * A map of roles to rights
-     *
-     * For example:
-     *
-     * array(
-     *   'myRole' => array(
-     *       PageMyPage::class => array(
-     *           'edit' => self::ACCESS_ALLOW,
-     *           'create' => self::ACCESS_DENY,
-     *       )
-     *   )
-     * )
-     *
-     * Note that DENY takes precedence over everything else when roles are combined, followed by ALLOW, followed by
-     * DEFAULT. Thus, if you have the following ([A]llow, [D]eny, [-] (default)) grants in different roles, this should
-     * be the expected result:
-     *
-     * - (-,-,-) = - (default because nothing to explicitly say allowed or denied equates to a denial)
-     * - (A,-,-) = A
-     * - (D,-,-) = D
-     * - (A,D,-) = D (deny takes precedence over allow)
-     * - (A,A,A) = A (repetition has no effect)
-     *
-     * The public role is special, and is applied to all users automatically. Avoid using deny on this role.
-     *
-     * @var array
-     * @category Security-Critical
-     */
-    private static array $productionRoleConfig = array(
-        'public'            => array(
-            /*
+	/**
+	 * A map of roles to rights
+	 *
+	 * For example:
+	 *
+	 * array(
+	 *   'myRole' => array(
+	 *       PageMyPage::class => array(
+	 *           'edit' => self::ACCESS_ALLOW,
+	 *           'create' => self::ACCESS_DENY,
+	 *       )
+	 *   )
+	 * )
+	 *
+	 * Note that DENY takes precedence over everything else when roles are combined, followed by ALLOW, followed by
+	 * DEFAULT. Thus, if you have the following ([A]llow, [D]eny, [-] (default)) grants in different roles, this should
+	 * be the expected result:
+	 *
+	 * - (-,-,-) = - (default because nothing to explicitly say allowed or denied equates to a denial)
+	 * - (A,-,-) = A
+	 * - (D,-,-) = D
+	 * - (A,D,-) = D (deny takes precedence over allow)
+	 * - (A,A,A) = A (repetition has no effect)
+	 *
+	 * The public role is special, and is applied to all users automatically. Avoid using deny on this role.
+	 *
+	 * @var array
+	 * @category Security-Critical
+	 */
+	private static array $productionRoleConfig = array(
+		'public'            => array(
+			/*
              * THIS ROLE IS GRANTED TO ALL LOGGED *OUT* USERS IMPLICITLY.
              *
              * USERS IN THIS ROLE DO NOT HAVE TO BE IDENTIFIED TO GET THE RIGHTS CONFERRED HERE.
              * DO NOT ADD ANY SECURITY-SENSITIVE RIGHTS HERE.
              */
-            '_childRoles'   => array(
-                'publicStats',
-            ),
-            PageTeam::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageXffDemo::class        => array(
-                self::MAIN  => self::ACCESS_ALLOW,
-            ),
-            PagePrivacy::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            )
-        ),
-        'loggedIn'          => array(
-            /*
+			'_childRoles'   => array(
+				'publicStats',
+			),
+			PageTeam::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageXffDemo::class        => array(
+				self::MAIN  => self::ACCESS_ALLOW,
+			),
+			PagePrivacy::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			)
+		),
+		'loggedIn'          => array(
+			/*
              * THIS ROLE IS GRANTED TO ALL LOGGED-IN USERS IMPLICITLY.
              *
              * USERS IN THIS ROLE DO NOT HAVE TO BE IDENTIFIED TO GET THE RIGHTS CONFERRED HERE.
              * DO NOT ADD ANY SECURITY-SENSITIVE RIGHTS HERE.
              */
-            '_childRoles'             => array(
-                'public',
-            ),
-            PagePreferences::class    => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'refreshOAuth' => self::ACCESS_ALLOW,
-            ),
-            PageChangePassword::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageMultiFactor::class    => array(
-                self::MAIN          => self::ACCESS_ALLOW,
-                'scratch'           => self::ACCESS_ALLOW,
-                'enableYubikeyOtp'  => self::ACCESS_ALLOW,
-                'enableTotp'        => self::ACCESS_ALLOW,
-                // allow a user to disable this even when they're not allowed to enable it
-                'disableYubikeyOtp' => self::ACCESS_ALLOW,
-                'disableTotp'       => self::ACCESS_ALLOW,
-            ),
-            PageOAuth::class          => array(
-                'attach' => self::ACCESS_ALLOW,
-                'detach' => self::ACCESS_ALLOW,
-            ),
-            PageDomainSwitch::class   => array(
-                self::MAIN => self::ACCESS_ALLOW
-            ),
-            PageUserReactivate::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            'UserData'                => array(
-                'accountLogSelf' => self::ACCESS_ALLOW,
-            ),
-        ),
-        'user'              => array(
-            /*
+			'_childRoles'             => array(
+				'public',
+			),
+			PagePreferences::class    => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'refreshOAuth' => self::ACCESS_ALLOW,
+			),
+			PageChangePassword::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageMultiFactor::class    => array(
+				self::MAIN          => self::ACCESS_ALLOW,
+				'scratch'           => self::ACCESS_ALLOW,
+				'enableYubikeyOtp'  => self::ACCESS_ALLOW,
+				'enableTotp'        => self::ACCESS_ALLOW,
+				// allow a user to disable this even when they're not allowed to enable it
+				'disableYubikeyOtp' => self::ACCESS_ALLOW,
+				'disableTotp'       => self::ACCESS_ALLOW,
+			),
+			PageOAuth::class          => array(
+				'attach' => self::ACCESS_ALLOW,
+				'detach' => self::ACCESS_ALLOW,
+			),
+			PageDomainSwitch::class   => array(
+				self::MAIN => self::ACCESS_ALLOW
+			),
+			PageUserReactivate::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			'UserData'                => array(
+				'accountLogSelf' => self::ACCESS_ALLOW,
+			),
+		),
+		'user'              => array(
+			/*
              * THIS ROLE IS GRANTED TO APPROVED AND IDENTIFIED LOGGED-IN USERS IMPLICITLY.
              */
-            '_childRoles'                        => array(
-                'internalStats',
-            ),
-            PageUserReactivate::class => array(
-                // only non-approved users should be able to access this
-                self::MAIN => self::ACCESS_DENY,
-            ),
-            PageMain::class                      => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageBan::class                       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'show'     => self::ACCESS_ALLOW,
-            ),
-            'BanVisibility'             => array(
-                'user' => self::ACCESS_ALLOW,
-            ),
-            'BanType'                   => array(
-                'ip' => self::ACCESS_ALLOW,
-                'name' => self::ACCESS_ALLOW,
-            ),
-            PageEditComment::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageEmailManagement::class           => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'view'     => self::ACCESS_ALLOW,
-            ),
-            PageExpandedRequestList::class       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageLog::class                       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageSearch::class                    => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'byName'   => self::ACCESS_ALLOW,
-                'byEmail'  => self::ACCESS_ALLOW,
-                'byIp'     => self::ACCESS_ALLOW,
-                'allowNonConfirmed' => self::ACCESS_ALLOW,
-            ),
-            PageWelcomeTemplateManagement::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'select'   => self::ACCESS_ALLOW,
-                'view'     => self::ACCESS_ALLOW,
-            ),
-            PageViewRequest::class               => array(
-                self::MAIN       => self::ACCESS_ALLOW,
-                'seeAllRequests' => self::ACCESS_ALLOW,
-            ),
-            'RequestData'                        => array(
-                'seePrivateDataWhenReserved' => self::ACCESS_ALLOW,
-                'seePrivateDataWithHash'     => self::ACCESS_ALLOW,
-                'seeRelatedRequests'         => self::ACCESS_ALLOW,
-            ),
-            PageCustomClose::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageComment::class                   => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageFlagComment::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageCloseRequest::class              => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageCreateRequest::class             => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageDeferRequest::class              => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageDropRequest::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageReservation::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageSendToUser::class                => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageBreakReservation::class          => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageJobQueue::class                  => array(
-                self::MAIN    => self::ACCESS_ALLOW,
-                'view'        => self::ACCESS_ALLOW,
-                'all'         => self::ACCESS_ALLOW,
-                'acknowledge' => self::ACCESS_ALLOW,
-                'cancel'      => self::ACCESS_ALLOW
-            ),
-            PageDomainManagement::class          => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageRequestFormManagement::class     => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'view'     => self::ACCESS_ALLOW,
-                'preview'  => self::ACCESS_ALLOW,
-            ),
-            'RequestCreation'                    => array(
-                PreferenceManager::CREATION_MANUAL => self::ACCESS_ALLOW,
-                PreferenceManager::CREATION_OAUTH  => self::ACCESS_ALLOW,
-            ),
-            'GlobalInfo'                         => array(
-                'viewSiteNotice' => self::ACCESS_ALLOW,
-                'viewOnlineUsers' => self::ACCESS_ALLOW,
-            ),
-        ),
-        'admin'             => array(
-            '_description'                       => 'A tool administrator.',
-            '_editableBy'                        => array('admin', 'toolRoot'),
-            '_childRoles'                        => array(
-                'user',
-                'requestAdminTools',
-            ),
-            PageEmailManagement::class           => array(
-                'edit'   => self::ACCESS_ALLOW,
-                'create' => self::ACCESS_ALLOW,
-            ),
-            PageSiteNotice::class                => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageUserManagement::class            => array(
-                self::MAIN   => self::ACCESS_ALLOW,
-                'approve'    => self::ACCESS_ALLOW,
-                'deactivate' => self::ACCESS_ALLOW,
-                'rename'     => self::ACCESS_ALLOW,
-                'editUser'   => self::ACCESS_ALLOW,
-                'editRoles'  => self::ACCESS_ALLOW,
-            ),
-            PageSearch::class                    => array(
-                'byComment' => self::ACCESS_ALLOW,
-            ),
-            PageManuallyConfirm::class               => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            PageWelcomeTemplateManagement::class => array(
-                'edit'   => self::ACCESS_ALLOW,
-                'delete' => self::ACCESS_ALLOW,
-                'add'    => self::ACCESS_ALLOW,
-            ),
-            PageJobQueue::class                  => array(
-                'acknowledge' => self::ACCESS_ALLOW,
-                'requeue'     => self::ACCESS_ALLOW,
-                'cancel'      => self::ACCESS_ALLOW,
-            ),
-            'RequestData'               => array(
-                'reopenClearedRequest'  => self::ACCESS_ALLOW,
-            ),
-            PageQueueManagement::class           => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'edit'     => self::ACCESS_ALLOW,
-                'create'   => self::ACCESS_ALLOW,
-            ),
-            PageRequestFormManagement::class     => array(
-                'edit'     => self::ACCESS_ALLOW,
-                'create'   => self::ACCESS_ALLOW,
-            ),
-            PageDomainManagement::class          => array(
-                'edit'     => self::ACCESS_ALLOW,
-            ),
-            'UserData'                           => array(
-                'accountLog' => self::ACCESS_ALLOW,
-            ),
-        ),
-        'checkuser'         => array(
-            '_description'            => 'A user with CheckUser access',
-            '_editableBy'             => array('checkuser', 'steward', 'toolRoot'),
-            '_childRoles'             => array(
-                'user',
-                'requestAdminTools',
-            ),
-            PageUserManagement::class => array(
-                self::MAIN   => self::ACCESS_ALLOW,
-                'deactivate' => self::ACCESS_ALLOW,
-                'editRoles'  => self::ACCESS_ALLOW,
-            ),
-            'RequestData'             => array(
-                'seeUserAgentData'      => self::ACCESS_ALLOW,
-                'seeCheckuserComments'  => self::ACCESS_ALLOW,
-                'createLocalAccount'    => self::ACCESS_ALLOW,
-            ),
-            'BanType'                   => array(
-                'useragent' => self::ACCESS_ALLOW,
-            ),
-            'BanVisibility'             => array(
-                'checkuser' => self::ACCESS_ALLOW,
-            ),
-            'UserData'                           => array(
-                'accountLog' => self::ACCESS_ALLOW,
-            ),
-        ),
-        'steward'         => array(
-            '_description'  => 'A user with Steward access',
-            '_editableBy'   => array('steward', 'toolRoot'),
-            '_globalOnly'   => true,
-            '_childRoles'   => array(
-                'user',
-                'checkuser',
-            ),
-            'BanType'                   => array(
-                'ip-largerange' => self::ACCESS_ALLOW,
-                'global'        => self::ACCESS_ALLOW,
-            ),
-        ),
-        'toolRoot'          => array(
-            '_description' => 'A user with shell access to the servers running the tool',
-            '_editableBy'  => array('toolRoot'),
-            '_globalOnly'  => true,
-            '_childRoles'  => array(
-                'admin',
-            ),
-            'BanType'                   => array(
-                'ip-largerange' => self::ACCESS_ALLOW,
-                'global'        => self::ACCESS_ALLOW,
-            ),
-            PageDomainManagement::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'editAll'  => self::ACCESS_ALLOW,
-                'edit'     => self::ACCESS_ALLOW,
-                'create'   => self::ACCESS_ALLOW,
-            ),
-            PageErrorLogViewer::class => array(
-                self::MAIN      => self::ACCESS_ALLOW,
-                'view'          => self::ACCESS_ALLOW,
-                'remove'        => self::ACCESS_ALLOW,
-            ),
-        ),
-        'botCreation'       => array(
-            '_hidden'         => true,
-            '_description'    => 'A user allowed to use the bot to perform account creations',
-            '_editableBy'     => array('admin', 'toolRoot'),
-            '_childRoles'     => array(),
-            'RequestCreation' => array(
-                PreferenceManager::CREATION_BOT => self::ACCESS_ALLOW,
-            ),
-        ),
+			'_childRoles'                        => array(
+				'internalStats',
+			),
+			PageUserReactivate::class => array(
+				// only non-approved users should be able to access this
+				self::MAIN => self::ACCESS_DENY,
+			),
+			PageMain::class                      => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageBan::class                       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'show'     => self::ACCESS_ALLOW,
+			),
+			'BanVisibility'             => array(
+				'user' => self::ACCESS_ALLOW,
+			),
+			'BanType'                   => array(
+				'ip' => self::ACCESS_ALLOW,
+				'name' => self::ACCESS_ALLOW,
+			),
+			PageEditComment::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageEmailManagement::class           => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'view'     => self::ACCESS_ALLOW,
+			),
+			PageExpandedRequestList::class       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageLog::class                       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageSearch::class                    => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'byName'   => self::ACCESS_ALLOW,
+				'byEmail'  => self::ACCESS_ALLOW,
+				'byIp'     => self::ACCESS_ALLOW,
+				'allowNonConfirmed' => self::ACCESS_ALLOW,
+			),
+			PageWelcomeTemplateManagement::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'select'   => self::ACCESS_ALLOW,
+				'view'     => self::ACCESS_ALLOW,
+			),
+			PageViewRequest::class               => array(
+				self::MAIN       => self::ACCESS_ALLOW,
+				'seeAllRequests' => self::ACCESS_ALLOW,
+			),
+			'RequestData'                        => array(
+				'seePrivateDataWhenReserved' => self::ACCESS_ALLOW,
+				'seePrivateDataWithHash'     => self::ACCESS_ALLOW,
+				'seeRelatedRequests'         => self::ACCESS_ALLOW,
+			),
+			PageCustomClose::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageComment::class                   => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageFlagComment::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageCloseRequest::class              => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageCreateRequest::class             => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageDeferRequest::class              => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageDropRequest::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageReservation::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageSendToUser::class                => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageBreakReservation::class          => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageJobQueue::class                  => array(
+				self::MAIN    => self::ACCESS_ALLOW,
+				'view'        => self::ACCESS_ALLOW,
+				'all'         => self::ACCESS_ALLOW,
+				'acknowledge' => self::ACCESS_ALLOW,
+				'cancel'      => self::ACCESS_ALLOW
+			),
+			PageDomainManagement::class          => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageRequestFormManagement::class     => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'view'     => self::ACCESS_ALLOW,
+				'preview'  => self::ACCESS_ALLOW,
+			),
+			'RequestCreation'                    => array(
+				PreferenceManager::CREATION_MANUAL => self::ACCESS_ALLOW,
+				PreferenceManager::CREATION_OAUTH  => self::ACCESS_ALLOW,
+			),
+			'GlobalInfo'                         => array(
+				'viewSiteNotice' => self::ACCESS_ALLOW,
+				'viewOnlineUsers' => self::ACCESS_ALLOW,
+			),
+		),
+		'admin'             => array(
+			'_description'                       => 'A tool administrator.',
+			'_editableBy'                        => array('admin', 'toolRoot'),
+			'_childRoles'                        => array(
+				'user',
+				'requestAdminTools',
+			),
+			PageEmailManagement::class           => array(
+				'edit'   => self::ACCESS_ALLOW,
+				'create' => self::ACCESS_ALLOW,
+			),
+			PageSiteNotice::class                => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageUserManagement::class            => array(
+				self::MAIN   => self::ACCESS_ALLOW,
+				'approve'    => self::ACCESS_ALLOW,
+				'deactivate' => self::ACCESS_ALLOW,
+				'rename'     => self::ACCESS_ALLOW,
+				'editUser'   => self::ACCESS_ALLOW,
+				'editRoles'  => self::ACCESS_ALLOW,
+			),
+			PageSearch::class                    => array(
+				'byComment' => self::ACCESS_ALLOW,
+			),
+			PageManuallyConfirm::class               => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			PageWelcomeTemplateManagement::class => array(
+				'edit'   => self::ACCESS_ALLOW,
+				'delete' => self::ACCESS_ALLOW,
+				'add'    => self::ACCESS_ALLOW,
+			),
+			PageJobQueue::class                  => array(
+				'acknowledge' => self::ACCESS_ALLOW,
+				'requeue'     => self::ACCESS_ALLOW,
+				'cancel'      => self::ACCESS_ALLOW,
+			),
+			'RequestData'               => array(
+				'reopenClearedRequest'  => self::ACCESS_ALLOW,
+			),
+			PageQueueManagement::class           => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'edit'     => self::ACCESS_ALLOW,
+				'create'   => self::ACCESS_ALLOW,
+			),
+			PageRequestFormManagement::class     => array(
+				'edit'     => self::ACCESS_ALLOW,
+				'create'   => self::ACCESS_ALLOW,
+			),
+			PageDomainManagement::class          => array(
+				'edit'     => self::ACCESS_ALLOW,
+			),
+			'UserData'                           => array(
+				'accountLog' => self::ACCESS_ALLOW,
+			),
+		),
+		'checkuser'         => array(
+			'_description'            => 'A user with CheckUser access',
+			'_editableBy'             => array('checkuser', 'steward', 'toolRoot'),
+			'_childRoles'             => array(
+				'user',
+				'requestAdminTools',
+			),
+			PageUserManagement::class => array(
+				self::MAIN   => self::ACCESS_ALLOW,
+				'deactivate' => self::ACCESS_ALLOW,
+				'editRoles'  => self::ACCESS_ALLOW,
+			),
+			'RequestData'             => array(
+				'seeUserAgentData'      => self::ACCESS_ALLOW,
+				'seeCheckuserComments'  => self::ACCESS_ALLOW,
+				'createLocalAccount'    => self::ACCESS_ALLOW,
+			),
+			'BanType'                   => array(
+				'useragent' => self::ACCESS_ALLOW,
+			),
+			'BanVisibility'             => array(
+				'checkuser' => self::ACCESS_ALLOW,
+			),
+			'UserData'                           => array(
+				'accountLog' => self::ACCESS_ALLOW,
+			),
+		),
+		'steward'         => array(
+			'_description'  => 'A user with Steward access',
+			'_editableBy'   => array('steward', 'toolRoot'),
+			'_globalOnly'   => true,
+			'_childRoles'   => array(
+				'user',
+				'checkuser',
+			),
+			'BanType'                   => array(
+				'ip-largerange' => self::ACCESS_ALLOW,
+				'global'        => self::ACCESS_ALLOW,
+			),
+		),
+		'toolRoot'          => array(
+			'_description' => 'A user with shell access to the servers running the tool',
+			'_editableBy'  => array('toolRoot'),
+			'_globalOnly'  => true,
+			'_childRoles'  => array(
+				'admin',
+			),
+			'BanType'                   => array(
+				'ip-largerange' => self::ACCESS_ALLOW,
+				'global'        => self::ACCESS_ALLOW,
+			),
+			PageDomainManagement::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'editAll'  => self::ACCESS_ALLOW,
+				'edit'     => self::ACCESS_ALLOW,
+				'create'   => self::ACCESS_ALLOW,
+			),
+			PageErrorLogViewer::class => array(
+				self::MAIN      => self::ACCESS_ALLOW,
+				'view'          => self::ACCESS_ALLOW,
+				'remove'        => self::ACCESS_ALLOW,
+			),
+		),
+		'botCreation'       => array(
+			'_hidden'         => true,
+			'_description'    => 'A user allowed to use the bot to perform account creations',
+			'_editableBy'     => array('admin', 'toolRoot'),
+			'_childRoles'     => array(),
+			'RequestCreation' => array(
+				PreferenceManager::CREATION_BOT => self::ACCESS_ALLOW,
+			),
+		),
 
-        // Child roles go below this point
-        'publicStats'       => array(
-            '_hidden'               => true,
-            StatsUsers::class       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'detail'   => self::ACCESS_ALLOW,
-            ),
-            StatsTopCreators::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsMonthlyStats::class     => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-        ),
-        'internalStats'     => array(
-            '_hidden'                    => true,
-            StatsMain::class             => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsFastCloses::class       => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsInactiveUsers::class    => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsReservedRequests::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            StatsTemplateStats::class    => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-        ),
-        'requestAdminTools' => array(
-            '_hidden'                   => true,
-            PageBan::class              => array(
-                self::MAIN => self::ACCESS_ALLOW,
-                'set'      => self::ACCESS_ALLOW,
-                'remove'   => self::ACCESS_ALLOW,
-                'replace'  => self::ACCESS_ALLOW,
-            ),
-            'BanType'                   => array(
-                'ip' => self::ACCESS_ALLOW,
-                'email' => self::ACCESS_ALLOW,
-                'name' => self::ACCESS_ALLOW,
-            ),
-            'BanVisibility'             => array(
-                'user' => self::ACCESS_ALLOW,
-                'admin' => self::ACCESS_ALLOW,
-            ),
-            PageEditComment::class      => array(
-                'editOthers' => self::ACCESS_ALLOW,
-            ),
-            PageBreakReservation::class => array(
-                'force' => self::ACCESS_ALLOW,
-            ),
-            PageCustomClose::class      => array(
-                'skipCcMailingList' => self::ACCESS_ALLOW,
-            ),
-            PageFlagComment::class      => array(
-                'unflag'   => self::ACCESS_ALLOW,
-            ),
-            PageListFlaggedComments::class => array(
-                self::MAIN => self::ACCESS_ALLOW,
-            ),
-            'RequestData'               => array(
-                'reopenOldRequest'      => self::ACCESS_ALLOW,
-                'alwaysSeePrivateData'  => self::ACCESS_ALLOW,
-                'alwaysSeeHash'         => self::ACCESS_ALLOW,
-                'seeRestrictedComments' => self::ACCESS_ALLOW,
-            ),
-        ),
-    );
+		// Child roles go below this point
+		'publicStats'       => array(
+			'_hidden'               => true,
+			StatsUsers::class       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'detail'   => self::ACCESS_ALLOW,
+			),
+			StatsTopCreators::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsMonthlyStats::class     => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+		),
+		'internalStats'     => array(
+			'_hidden'                    => true,
+			StatsMain::class             => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsFastCloses::class       => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsInactiveUsers::class    => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsReservedRequests::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			StatsTemplateStats::class    => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+		),
+		'requestAdminTools' => array(
+			'_hidden'                   => true,
+			PageBan::class              => array(
+				self::MAIN => self::ACCESS_ALLOW,
+				'set'      => self::ACCESS_ALLOW,
+				'remove'   => self::ACCESS_ALLOW,
+				'replace'  => self::ACCESS_ALLOW,
+			),
+			'BanType'                   => array(
+				'ip' => self::ACCESS_ALLOW,
+				'email' => self::ACCESS_ALLOW,
+				'name' => self::ACCESS_ALLOW,
+			),
+			'BanVisibility'             => array(
+				'user' => self::ACCESS_ALLOW,
+				'admin' => self::ACCESS_ALLOW,
+			),
+			PageEditComment::class      => array(
+				'editOthers' => self::ACCESS_ALLOW,
+			),
+			PageBreakReservation::class => array(
+				'force' => self::ACCESS_ALLOW,
+			),
+			PageCustomClose::class      => array(
+				'skipCcMailingList' => self::ACCESS_ALLOW,
+			),
+			PageFlagComment::class      => array(
+				'unflag'   => self::ACCESS_ALLOW,
+			),
+			PageListFlaggedComments::class => array(
+				self::MAIN => self::ACCESS_ALLOW,
+			),
+			'RequestData'               => array(
+				'reopenOldRequest'      => self::ACCESS_ALLOW,
+				'alwaysSeePrivateData'  => self::ACCESS_ALLOW,
+				'alwaysSeeHash'         => self::ACCESS_ALLOW,
+				'seeRestrictedComments' => self::ACCESS_ALLOW,
+			),
+		),
+	);
 
-    /** @var array
-     * List of roles which are *exempt* from the identification requirements
-     *
-     * Think twice about adding roles to this list.
-     *
-     * @category Security-Critical
-     */
-    private static array $productionIdentificationExempt = array('public', 'loggedIn');
+	/** @var array
+	 * List of roles which are *exempt* from the identification requirements
+	 *
+	 * Think twice about adding roles to this list.
+	 *
+	 * @category Security-Critical
+	 */
+	private static array $productionIdentificationExempt = array('public', 'loggedIn');
 
-    public function __construct()
-    {
-        parent::__construct(self::$productionRoleConfig, self::$productionIdentificationExempt);
-    }
+	public function __construct()
+	{
+		parent::__construct(self::$productionRoleConfig, self::$productionIdentificationExempt);
+	}
 }

Please login to merge, or discard this patch.

includes/Security/DomainAccessManager.php 1 patch

Indentation +55 added lines, -55 removed lines patch added patch discarded remove patch

@@ -18,69 +18,69 @@
 block discarded – undo
 
 class DomainAccessManager implements IDomainAccessManager
 {
-    private IUserAccessLoader $userAccessLoader;
+	private IUserAccessLoader $userAccessLoader;
 
-    public function __construct(IUserAccessLoader $userAccessLoader)
-    {
-        $this->userAccessLoader = $userAccessLoader;
-    }
+	public function __construct(IUserAccessLoader $userAccessLoader)
+	{
+		$this->userAccessLoader = $userAccessLoader;
+	}
 
-    /**
-     * Returns the domains the user is a member of.
-     *
-     * Note - this *does not* determine the access rights that a user has in any
-     * specific domain. Permissions checks still need to be performed.
-     *
-     * @param User $user
-     *
-     * @return Domain[]
-     */
-    public function getAllowedDomains(User $user): array
-    {
-        if ($user->isCommunityUser()) {
-            return [];
-        }
+	/**
+	 * Returns the domains the user is a member of.
+	 *
+	 * Note - this *does not* determine the access rights that a user has in any
+	 * specific domain. Permissions checks still need to be performed.
+	 *
+	 * @param User $user
+	 *
+	 * @return Domain[]
+	 */
+	public function getAllowedDomains(User $user): array
+	{
+		if ($user->isCommunityUser()) {
+			return [];
+		}
 
-        return $this->userAccessLoader->loadDomainsForUser($user);
-    }
+		return $this->userAccessLoader->loadDomainsForUser($user);
+	}
 
-    public function switchDomain(User $user, Domain $newDomain): void
-    {
-        $mapToId = function(DataObject $object) {
-            return $object->getId();
-        };
+	public function switchDomain(User $user, Domain $newDomain): void
+	{
+		$mapToId = function(DataObject $object) {
+			return $object->getId();
+		};
 
-        $allowed = in_array($newDomain->getId(), array_map($mapToId, $this->getAllowedDomains($user)));
+		$allowed = in_array($newDomain->getId(), array_map($mapToId, $this->getAllowedDomains($user)));
 
-        if ($allowed) {
-            WebRequest::setActiveDomain($newDomain);
-        }
-        else {
-            throw new DomainSwitchNotAllowedException();
-        }
-    }
+		if ($allowed) {
+			WebRequest::setActiveDomain($newDomain);
+		}
+		else {
+			throw new DomainSwitchNotAllowedException();
+		}
+	}
 
-    public function switchToDefaultDomain(User $user): void
-    {
-        $domains = $this->getAllowedDomains($user);
-        $preferenceManager = new PreferenceManager($user->getDatabase(), $user->getId(), null);
-        $defaultDomainPreference = $preferenceManager->getPreference(PreferenceManager::PREF_DEFAULT_DOMAIN);
+	public function switchToDefaultDomain(User $user): void
+	{
+		$domains = $this->getAllowedDomains($user);
+		$preferenceManager = new PreferenceManager($user->getDatabase(), $user->getId(), null);
+		$defaultDomainPreference = $preferenceManager->getPreference(PreferenceManager::PREF_DEFAULT_DOMAIN);
 
-        $chosenDomain = null;
-        foreach ($domains as $d) {
-            if ($d->getId() == $defaultDomainPreference) {
-                $chosenDomain = $d;
-                break;
-            }
-        }
+		$chosenDomain = null;
+		foreach ($domains as $d) {
+			if ($d->getId() == $defaultDomainPreference) {
+				$chosenDomain = $d;
+				break;
+			}
+		}
 
-        if ($chosenDomain !== null) {
-            WebRequest::setActiveDomain($chosenDomain);
-            return;
-        }
+		if ($chosenDomain !== null) {
+			WebRequest::setActiveDomain($chosenDomain);
+			return;
+		}
 
-        if (count($domains) > 0) {
-            WebRequest::setActiveDomain($domains[0]);
-        }
-    }
+		if (count($domains) > 0) {
+			WebRequest::setActiveDomain($domains[0]);
+		}
+	}
 }
\ No newline at end of file

Please login to merge, or discard this patch.

includes/DataObjects/User.php 1 patch

Indentation +399 added lines, -399 removed lines patch added patch discarded remove patch

@@ -22,153 +22,153 @@  discard block
 block discarded – undo
  */
 class User extends DataObject
 {
-    const STATUS_ACTIVE = 'Active';
-    const STATUS_DEACTIVATED = 'Deactivated';
-    const STATUS_NEW = 'New';
-
-    private static CommunityUser $community;
-
-    private $username;
-    private $email;
-    private $status = self::STATUS_NEW;
-    private $onwikiname;
-    private $lastactive = "0000-00-00 00:00:00";
-    private $forcelogout = 0;
-    private $forceidentified = null;
-    private $confirmationdiff = 0;
-    /** @var User Cache variable of the current user - it's never going to change in the middle of a request. */
-    private static $currentUser;
-    #region Object load methods
-
-    /**
-     * Gets the currently logged in user
-     *
-     * @param PdoDatabase $database
-     *
-     * @return User|CommunityUser
-     */
-    public static function getCurrent(PdoDatabase $database)
-    {
-        if (self::$currentUser === null) {
-            $sessionId = WebRequest::getSessionUserId();
-
-            if ($sessionId !== null) {
-                /** @var User $user */
-                $user = self::getById($sessionId, $database);
-
-                if ($user === false) {
-                    self::$currentUser = new CommunityUser();
-                }
-                else {
-                    self::$currentUser = $user;
-                }
-            }
-            else {
-                $anonymousCoward = new CommunityUser();
-
-                self::$currentUser = $anonymousCoward;
-            }
-        }
-
-        return self::$currentUser;
-    }
-
-    /**
-     * Gets a user by their user ID
-     *
-     * Pass -1 to get the community user.
-     *
-     * @param int|null    $id
-     * @param PdoDatabase $database
-     *
-     * @return User|false
-     */
-    public static function getById($id, PdoDatabase $database)
-    {
-        if ($id === null || $id == -1) {
-            return new CommunityUser();
-        }
-
-        /** @var User|false $user */
-        $user = parent::getById($id, $database);
-
-        return $user;
-    }
-
-    public static function getCommunity(): CommunityUser
-    {
-        if (!isset(self::$community)) {
-            self::$community = new CommunityUser();
-        }
-
-        return self::$community;
-    }
-
-    /**
-     * Gets a user by their username
-     *
-     * @param  string      $username
-     * @param  PdoDatabase $database
-     *
-     * @return CommunityUser|User|false
-     */
-    public static function getByUsername($username, PdoDatabase $database)
-    {
-        if ($username === self::getCommunity()->getUsername()) {
-            return new CommunityUser();
-        }
-
-        $statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;");
-        $statement->bindValue(":id", $username);
-
-        $statement->execute();
-
-        $resultObject = $statement->fetchObject(get_called_class());
-
-        if ($resultObject != false) {
-            $resultObject->setDatabase($database);
-        }
-
-        return $resultObject;
-    }
-
-    /**
-     * Gets a user by their on-wiki username.
-     *
-     * @param string      $username
-     * @param PdoDatabase $database
-     *
-     * @return User|false
-     */
-    public static function getByOnWikiUsername($username, PdoDatabase $database)
-    {
-        $statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;");
-        $statement->bindValue(":id", $username);
-        $statement->execute();
-
-        $resultObject = $statement->fetchObject(get_called_class());
-
-        if ($resultObject != false) {
-            $resultObject->setDatabase($database);
-
-            return $resultObject;
-        }
-
-        return false;
-    }
-
-    #endregion
-
-    /**
-     * Saves the current object
-     *
-     * @throws Exception
-     */
-    public function save()
-    {
-        if ($this->isNew()) {
-            // insert
-            $statement = $this->dbObject->prepare(<<<SQL
+	const STATUS_ACTIVE = 'Active';
+	const STATUS_DEACTIVATED = 'Deactivated';
+	const STATUS_NEW = 'New';
+
+	private static CommunityUser $community;
+
+	private $username;
+	private $email;
+	private $status = self::STATUS_NEW;
+	private $onwikiname;
+	private $lastactive = "0000-00-00 00:00:00";
+	private $forcelogout = 0;
+	private $forceidentified = null;
+	private $confirmationdiff = 0;
+	/** @var User Cache variable of the current user - it's never going to change in the middle of a request. */
+	private static $currentUser;
+	#region Object load methods
+
+	/**
+	 * Gets the currently logged in user
+	 *
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|CommunityUser
+	 */
+	public static function getCurrent(PdoDatabase $database)
+	{
+		if (self::$currentUser === null) {
+			$sessionId = WebRequest::getSessionUserId();
+
+			if ($sessionId !== null) {
+				/** @var User $user */
+				$user = self::getById($sessionId, $database);
+
+				if ($user === false) {
+					self::$currentUser = new CommunityUser();
+				}
+				else {
+					self::$currentUser = $user;
+				}
+			}
+			else {
+				$anonymousCoward = new CommunityUser();
+
+				self::$currentUser = $anonymousCoward;
+			}
+		}
+
+		return self::$currentUser;
+	}
+
+	/**
+	 * Gets a user by their user ID
+	 *
+	 * Pass -1 to get the community user.
+	 *
+	 * @param int|null    $id
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|false
+	 */
+	public static function getById($id, PdoDatabase $database)
+	{
+		if ($id === null || $id == -1) {
+			return new CommunityUser();
+		}
+
+		/** @var User|false $user */
+		$user = parent::getById($id, $database);
+
+		return $user;
+	}
+
+	public static function getCommunity(): CommunityUser
+	{
+		if (!isset(self::$community)) {
+			self::$community = new CommunityUser();
+		}
+
+		return self::$community;
+	}
+
+	/**
+	 * Gets a user by their username
+	 *
+	 * @param  string      $username
+	 * @param  PdoDatabase $database
+	 *
+	 * @return CommunityUser|User|false
+	 */
+	public static function getByUsername($username, PdoDatabase $database)
+	{
+		if ($username === self::getCommunity()->getUsername()) {
+			return new CommunityUser();
+		}
+
+		$statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;");
+		$statement->bindValue(":id", $username);
+
+		$statement->execute();
+
+		$resultObject = $statement->fetchObject(get_called_class());
+
+		if ($resultObject != false) {
+			$resultObject->setDatabase($database);
+		}
+
+		return $resultObject;
+	}
+
+	/**
+	 * Gets a user by their on-wiki username.
+	 *
+	 * @param string      $username
+	 * @param PdoDatabase $database
+	 *
+	 * @return User|false
+	 */
+	public static function getByOnWikiUsername($username, PdoDatabase $database)
+	{
+		$statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;");
+		$statement->bindValue(":id", $username);
+		$statement->execute();
+
+		$resultObject = $statement->fetchObject(get_called_class());
+
+		if ($resultObject != false) {
+			$resultObject->setDatabase($database);
+
+			return $resultObject;
+		}
+
+		return false;
+	}
+
+	#endregion
+
+	/**
+	 * Saves the current object
+	 *
+	 * @throws Exception
+	 */
+	public function save()
+	{
+		if ($this->isNew()) {
+			// insert
+			$statement = $this->dbObject->prepare(<<<SQL
 				INSERT INTO `user` ( 
 					username, email, status, onwikiname, 
 					lastactive, forcelogout, forceidentified,
@@ -179,25 +179,25 @@  discard block
 block discarded – undo
 					:confirmationdiff
 				);
 SQL
-            );
-            $statement->bindValue(":username", $this->username);
-            $statement->bindValue(":email", $this->email);
-            $statement->bindValue(":status", $this->status);
-            $statement->bindValue(":onwikiname", $this->onwikiname);
-            $statement->bindValue(":lastactive", $this->lastactive);
-            $statement->bindValue(":forcelogout", $this->forcelogout);
-            $statement->bindValue(":confirmationdiff", $this->confirmationdiff);
-
-            if ($statement->execute()) {
-                $this->id = (int)$this->dbObject->lastInsertId();
-            }
-            else {
-                throw new Exception($statement->errorInfo());
-            }
-        }
-        else {
-            // update
-            $statement = $this->dbObject->prepare(<<<SQL
+			);
+			$statement->bindValue(":username", $this->username);
+			$statement->bindValue(":email", $this->email);
+			$statement->bindValue(":status", $this->status);
+			$statement->bindValue(":onwikiname", $this->onwikiname);
+			$statement->bindValue(":lastactive", $this->lastactive);
+			$statement->bindValue(":forcelogout", $this->forcelogout);
+			$statement->bindValue(":confirmationdiff", $this->confirmationdiff);
+
+			if ($statement->execute()) {
+				$this->id = (int)$this->dbObject->lastInsertId();
+			}
+			else {
+				throw new Exception($statement->errorInfo());
+			}
+		}
+		else {
+			// update
+			$statement = $this->dbObject->prepare(<<<SQL
 				UPDATE `user` SET 
 					username = :username, email = :email, 
 					status = :status,
@@ -208,233 +208,233 @@  discard block
 block discarded – undo
                     updateversion = updateversion + 1
 				WHERE id = :id AND updateversion = :updateversion;
 SQL
-            );
-
-            $statement->bindValue(':id', $this->id);
-            $statement->bindValue(':updateversion', $this->updateversion);
-
-            $statement->bindValue(':username', $this->username);
-            $statement->bindValue(':email', $this->email);
-            $statement->bindValue(':status', $this->status);
-            $statement->bindValue(':onwikiname', $this->onwikiname);
-            $statement->bindValue(':lastactive', $this->lastactive);
-            $statement->bindValue(':forcelogout', $this->forcelogout);
-            $statement->bindValue(':confirmationdiff', $this->confirmationdiff);
-
-            if (!$statement->execute()) {
-                throw new Exception($statement->errorInfo());
-            }
-
-            if ($statement->rowCount() !== 1) {
-                throw new OptimisticLockFailedException();
-            }
-
-            $this->updateversion++;
-        }
-    }
-
-    #region properties
-
-    /**
-     * Gets the tool username
-     * @return string
-     */
-    public function getUsername()
-    {
-        return $this->username;
-    }
-
-    /**
-     * Sets the tool username
-     *
-     * @param string $username
-     */
-    public function setUsername($username)
-    {
-        $this->username = $username;
-
-        // If this isn't a brand new user, then it's a rename, force the logout
-        if (!$this->isNew()) {
-            $this->forcelogout = 1;
-        }
-    }
-
-    /**
-     * Gets the user's email address
-     * @return string
-     */
-    public function getEmail()
-    {
-        return $this->email;
-    }
-
-    /**
-     * Sets the user's email address
-     *
-     * @param string $email
-     */
-    public function setEmail($email)
-    {
-        $this->email = $email;
-    }
-
-    /**
-     * Gets the status (Active, New, Deactivated, etc) of the user.
-     * @return string
-     */
-    public function getStatus()
-    {
-        return $this->status;
-    }
-
-    /**
-     * @param string $status
-     */
-    public function setStatus($status)
-    {
-        $this->status = $status;
-    }
-
-    /**
-     * Gets the user's on-wiki name
-     * @return string
-     */
-    public function getOnWikiName()
-    {
-        return $this->onwikiname;
-    }
-
-    /**
-     * Sets the user's on-wiki name
-     *
-     * This can have interesting side-effects with OAuth.
-     *
-     * @param string $onWikiName
-     */
-    public function setOnWikiName($onWikiName)
-    {
-        $this->onwikiname = $onWikiName;
-    }
-
-    /**
-     * Gets the last activity date for the user
-     *
-     * @return string
-     * @todo This should probably return an instance of DateTime
-     */
-    public function getLastActive()
-    {
-        return $this->lastactive;
-    }
-
-    /**
-     * Gets the user's forced logout status
-     *
-     * @return bool
-     */
-    public function getForceLogout()
-    {
-        return $this->forcelogout == 1;
-    }
-
-    /**
-     * Sets the user's forced logout status
-     *
-     * @param bool $forceLogout
-     */
-    public function setForceLogout($forceLogout)
-    {
-        $this->forcelogout = $forceLogout ? 1 : 0;
-    }
-
-    /**
-     * Gets the user's confirmation diff. Unused if OAuth is in use.
-     * @return int the diff ID
-     */
-    public function getConfirmationDiff()
-    {
-        return $this->confirmationdiff;
-    }
-
-    /**
-     * Sets the user's confirmation diff.
-     *
-     * @param int $confirmationDiff
-     */
-    public function setConfirmationDiff($confirmationDiff)
-    {
-        $this->confirmationdiff = $confirmationDiff;
-    }
-
-    #endregion
-
-    #region user access checks
-
-    public function isActive()
-    {
-        return $this->status == self::STATUS_ACTIVE;
-    }
-
-    /**
-     * DO NOT USE FOR TESTING IDENTIFICATION STATUS.
-     *
-     * This only returns any overrides in the database for identification status,
-     * and is thus not suitable on its own to determine if a user is identified.
-     *
-     * Most (all?) users should have a null value here; this is only here as an
-     * emergency override in case things go horribly, horribly wrong. For
-     * example, when WMF completely change the layout of the ID noticeboard.
-     */
-    public function getForceIdentified(): ?bool
-    {
-        if ($this->forceidentified === null) {
-            return null;
-        }
-
-        return $this->forceidentified === 1;
-    }
-
-    /**
-     * Tests if the user is new
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isNewUser()
-    {
-        return $this->status == self::STATUS_NEW;
-    }
-
-    /**
-     * Tests if the user has been deactivated and is unable to access the tool
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isDeactivated(): bool
-    {
-        return $this->status == self::STATUS_DEACTIVATED;
-    }
-
-    /**
-     * Tests if the user is the community user
-     *
-     * @todo     decide if this means logged out. I think it usually does.
-     * @return bool
-     * @category Security-Critical
-     */
-    public function isCommunityUser()
-    {
-        return false;
-    }
-
-    #endregion 
-
-    /**
-     * Gets the approval date of the user
-     * @return DateTime|false
-     */
-    public function getApprovalDate()
-    {
-        $query = $this->dbObject->prepare(<<<SQL
+			);
+
+			$statement->bindValue(':id', $this->id);
+			$statement->bindValue(':updateversion', $this->updateversion);
+
+			$statement->bindValue(':username', $this->username);
+			$statement->bindValue(':email', $this->email);
+			$statement->bindValue(':status', $this->status);
+			$statement->bindValue(':onwikiname', $this->onwikiname);
+			$statement->bindValue(':lastactive', $this->lastactive);
+			$statement->bindValue(':forcelogout', $this->forcelogout);
+			$statement->bindValue(':confirmationdiff', $this->confirmationdiff);
+
+			if (!$statement->execute()) {
+				throw new Exception($statement->errorInfo());
+			}
+
+			if ($statement->rowCount() !== 1) {
+				throw new OptimisticLockFailedException();
+			}
+
+			$this->updateversion++;
+		}
+	}
+
+	#region properties
+
+	/**
+	 * Gets the tool username
+	 * @return string
+	 */
+	public function getUsername()
+	{
+		return $this->username;
+	}
+
+	/**
+	 * Sets the tool username
+	 *
+	 * @param string $username
+	 */
+	public function setUsername($username)
+	{
+		$this->username = $username;
+
+		// If this isn't a brand new user, then it's a rename, force the logout
+		if (!$this->isNew()) {
+			$this->forcelogout = 1;
+		}
+	}
+
+	/**
+	 * Gets the user's email address
+	 * @return string
+	 */
+	public function getEmail()
+	{
+		return $this->email;
+	}
+
+	/**
+	 * Sets the user's email address
+	 *
+	 * @param string $email
+	 */
+	public function setEmail($email)
+	{
+		$this->email = $email;
+	}
+
+	/**
+	 * Gets the status (Active, New, Deactivated, etc) of the user.
+	 * @return string
+	 */
+	public function getStatus()
+	{
+		return $this->status;
+	}
+
+	/**
+	 * @param string $status
+	 */
+	public function setStatus($status)
+	{
+		$this->status = $status;
+	}
+
+	/**
+	 * Gets the user's on-wiki name
+	 * @return string
+	 */
+	public function getOnWikiName()
+	{
+		return $this->onwikiname;
+	}
+
+	/**
+	 * Sets the user's on-wiki name
+	 *
+	 * This can have interesting side-effects with OAuth.
+	 *
+	 * @param string $onWikiName
+	 */
+	public function setOnWikiName($onWikiName)
+	{
+		$this->onwikiname = $onWikiName;
+	}
+
+	/**
+	 * Gets the last activity date for the user
+	 *
+	 * @return string
+	 * @todo This should probably return an instance of DateTime
+	 */
+	public function getLastActive()
+	{
+		return $this->lastactive;
+	}
+
+	/**
+	 * Gets the user's forced logout status
+	 *
+	 * @return bool
+	 */
+	public function getForceLogout()
+	{
+		return $this->forcelogout == 1;
+	}
+
+	/**
+	 * Sets the user's forced logout status
+	 *
+	 * @param bool $forceLogout
+	 */
+	public function setForceLogout($forceLogout)
+	{
+		$this->forcelogout = $forceLogout ? 1 : 0;
+	}
+
+	/**
+	 * Gets the user's confirmation diff. Unused if OAuth is in use.
+	 * @return int the diff ID
+	 */
+	public function getConfirmationDiff()
+	{
+		return $this->confirmationdiff;
+	}
+
+	/**
+	 * Sets the user's confirmation diff.
+	 *
+	 * @param int $confirmationDiff
+	 */
+	public function setConfirmationDiff($confirmationDiff)
+	{
+		$this->confirmationdiff = $confirmationDiff;
+	}
+
+	#endregion
+
+	#region user access checks
+
+	public function isActive()
+	{
+		return $this->status == self::STATUS_ACTIVE;
+	}
+
+	/**
+	 * DO NOT USE FOR TESTING IDENTIFICATION STATUS.
+	 *
+	 * This only returns any overrides in the database for identification status,
+	 * and is thus not suitable on its own to determine if a user is identified.
+	 *
+	 * Most (all?) users should have a null value here; this is only here as an
+	 * emergency override in case things go horribly, horribly wrong. For
+	 * example, when WMF completely change the layout of the ID noticeboard.
+	 */
+	public function getForceIdentified(): ?bool
+	{
+		if ($this->forceidentified === null) {
+			return null;
+		}
+
+		return $this->forceidentified === 1;
+	}
+
+	/**
+	 * Tests if the user is new
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isNewUser()
+	{
+		return $this->status == self::STATUS_NEW;
+	}
+
+	/**
+	 * Tests if the user has been deactivated and is unable to access the tool
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isDeactivated(): bool
+	{
+		return $this->status == self::STATUS_DEACTIVATED;
+	}
+
+	/**
+	 * Tests if the user is the community user
+	 *
+	 * @todo     decide if this means logged out. I think it usually does.
+	 * @return bool
+	 * @category Security-Critical
+	 */
+	public function isCommunityUser()
+	{
+		return false;
+	}
+
+	#endregion 
+
+	/**
+	 * Gets the approval date of the user
+	 * @return DateTime|false
+	 */
+	public function getApprovalDate()
+	{
+		$query = $this->dbObject->prepare(<<<SQL
 			SELECT timestamp 
 			FROM log 
 			WHERE objectid = :userid
@@ -443,12 +443,12 @@  discard block
 block discarded – undo
 			ORDER BY id DESC 
 			LIMIT 1;
 SQL
-        );
-        $query->execute(array(":userid" => $this->id));
+		);
+		$query->execute(array(":userid" => $this->id));
 
-        $data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn());
-        $query->closeCursor();
+		$data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn());
+		$query->closeCursor();
 
-        return $data;
-    }
+		return $data;
+	}
 }

Please login to merge, or discard this patch.

includes/DataObjects/CommunityUser.php 1 patch

Indentation +115 added lines, -115 removed lines patch added patch discarded remove patch

@@ -17,120 +17,120 @@
 block discarded – undo
  */
 class CommunityUser extends User
 {
-    public function getId()
-    {
-        return -1;
-    }
-
-    public function save()
-    {
-        // Do nothing
-    }
-
-    #region properties
-
-    /**
-     * @return string
-     */
-    public function getUsername()
-    {
-        return '[Community]';
-    }
-
-    public function setUsername($username)
-    {
-    }
-
-    /**
-     * @return string
-     */
-    public function getEmail()
-    {
-        global $cDataClearEmail;
-
-        return $cDataClearEmail;
-    }
-
-    public function setEmail($email)
-    {
-    }
-
-    public function getStatus()
-    {
-        return "Community";
-    }
-
-    public function getOnWikiName()
-    {
-        return "127.0.0.1";
-    }
-
-    public function setOnWikiName($onWikiName)
-    {
-    }
-
-    public function getLastActive()
-    {
-        $now = new DateTime();
-
-        return $now->format("Y-m-d H:i:s");
-    }
-
-    public function getForceLogout()
-    {
-        return true;
-    }
-
-    public function setForceLogout($forceLogout)
-    {
-    }
-
-    /**
-     * @param string $status
-     */
-    public function setStatus($status)
-    {
-    }
-
-    public function getConfirmationDiff()
-    {
-        return null;
-    }
-
-    public function setConfirmationDiff($confirmationDiff)
-    {
-    }
-
-
-    public function setUseAlternateSkin($useAlternate)
-    {
-    }
-
-    #endregion
-
-    #region user access checks
-
-    public function isNewUser()
-    {
-        return false;
-    }
-
-    public function isDeactivated(): bool
-    {
-        return false;
-    }
-
-    public function isCommunityUser()
-    {
-        return true;
-    }
-
-    #endregion
+	public function getId()
+	{
+		return -1;
+	}
+
+	public function save()
+	{
+		// Do nothing
+	}
+
+	#region properties
+
+	/**
+	 * @return string
+	 */
+	public function getUsername()
+	{
+		return '[Community]';
+	}
+
+	public function setUsername($username)
+	{
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getEmail()
+	{
+		global $cDataClearEmail;
+
+		return $cDataClearEmail;
+	}
+
+	public function setEmail($email)
+	{
+	}
+
+	public function getStatus()
+	{
+		return "Community";
+	}
+
+	public function getOnWikiName()
+	{
+		return "127.0.0.1";
+	}
+
+	public function setOnWikiName($onWikiName)
+	{
+	}
+
+	public function getLastActive()
+	{
+		$now = new DateTime();
+
+		return $now->format("Y-m-d H:i:s");
+	}
+
+	public function getForceLogout()
+	{
+		return true;
+	}
+
+	public function setForceLogout($forceLogout)
+	{
+	}
+
+	/**
+	 * @param string $status
+	 */
+	public function setStatus($status)
+	{
+	}
+
+	public function getConfirmationDiff()
+	{
+		return null;
+	}
+
+	public function setConfirmationDiff($confirmationDiff)
+	{
+	}
+
+
+	public function setUseAlternateSkin($useAlternate)
+	{
+	}
+
+	#endregion
+
+	#region user access checks
+
+	public function isNewUser()
+	{
+		return false;
+	}
+
+	public function isDeactivated(): bool
+	{
+		return false;
+	}
+
+	public function isCommunityUser()
+	{
+		return true;
+	}
+
+	#endregion
 
-    public function getApprovalDate()
-    {
-        $data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00");
-
-        return $data;
-    }
+	public function getApprovalDate()
+	{
+		$data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00");
+
+		return $data;
+	}
 }

Please login to merge, or discard this patch.

includes/DataObjects/Domain.php 1 patch

Indentation +286 added lines, -286 removed lines patch added patch discarded remove patch

@@ -18,94 +18,94 @@  discard block
 block discarded – undo
 
 class Domain extends DataObject
 {
-    /** @var string */
-    private $shortname;
-    /** @var string */
-    private $longname;
-    /** @var string */
-    private $wikiarticlepath;
-    /** @var string */
-    private $wikiapipath;
-    /** @var int */
-    private $enabled = 0;
-    /** @var int|null */
-    private $defaultclose;
-    /** @var string */
-    private $defaultlanguage = 'en';
-    /** @var string */
-    private $emailreplyaddress;
-    /** @var string|null */
-    private $notificationtarget;
-    /** @var string */
-    private $localdocumentation;
-
-    /** @var Domain Cache variable of the current domain */
-    private static $currentDomain;
-
-    public static function getCurrent(PdoDatabase $database)
-    {
-        if (self::$currentDomain === null) {
-            $sessionDomain = WebRequest::getSessionDomain();
-
-            if ($sessionDomain !== null) {
-                /** @var Domain $domain */
-                $domain = self::getById($sessionDomain, $database);
-
-                if ($domain === false) {
-                    self::$currentDomain = self::getById(1, $database); // FIXME: #594 User::getCurrent($database)->getDefaultDomain();
-                }
-                else {
-                    self::$currentDomain = $domain;
-                }
-            }
-            else {
-                self::$currentDomain = self::getById(1, $database); // FIXME: #594 User::getCurrent($database)->getDefaultDomain();
-            }
-        }
-
-        return self::$currentDomain;
-    }
-
-    public static function getByShortName(string $shortName, PdoDatabase $database)
-    {
-        $statement = $database->prepare(<<<SQL
+	/** @var string */
+	private $shortname;
+	/** @var string */
+	private $longname;
+	/** @var string */
+	private $wikiarticlepath;
+	/** @var string */
+	private $wikiapipath;
+	/** @var int */
+	private $enabled = 0;
+	/** @var int|null */
+	private $defaultclose;
+	/** @var string */
+	private $defaultlanguage = 'en';
+	/** @var string */
+	private $emailreplyaddress;
+	/** @var string|null */
+	private $notificationtarget;
+	/** @var string */
+	private $localdocumentation;
+
+	/** @var Domain Cache variable of the current domain */
+	private static $currentDomain;
+
+	public static function getCurrent(PdoDatabase $database)
+	{
+		if (self::$currentDomain === null) {
+			$sessionDomain = WebRequest::getSessionDomain();
+
+			if ($sessionDomain !== null) {
+				/** @var Domain $domain */
+				$domain = self::getById($sessionDomain, $database);
+
+				if ($domain === false) {
+					self::$currentDomain = self::getById(1, $database); // FIXME: #594 User::getCurrent($database)->getDefaultDomain();
+				}
+				else {
+					self::$currentDomain = $domain;
+				}
+			}
+			else {
+				self::$currentDomain = self::getById(1, $database); // FIXME: #594 User::getCurrent($database)->getDefaultDomain();
+			}
+		}
+
+		return self::$currentDomain;
+	}
+
+	public static function getByShortName(string $shortName, PdoDatabase $database)
+	{
+		$statement = $database->prepare(<<<SQL
             SELECT * FROM domain WHERE shortname = :name;
 SQL
-        );
+		);
 
-        $statement->execute([
-            ':name' => $shortName,
-        ]);
+		$statement->execute([
+			':name' => $shortName,
+		]);
 
-        /** @var RequestForm|false $result */
-        $result = $statement->fetchObject(get_called_class());
+		/** @var RequestForm|false $result */
+		$result = $statement->fetchObject(get_called_class());
 
-        if ($result !== false) {
-            $result->setDatabase($database);
-        }
+		if ($result !== false) {
+			$result->setDatabase($database);
+		}
 
-        return $result;
-    }
+		return $result;
+	}
 
-    public static function getAll(PdoDatabase $database) {
-        $statement = $database->prepare("SELECT * FROM domain;");
-        $statement->execute();
+	public static function getAll(PdoDatabase $database) {
+		$statement = $database->prepare("SELECT * FROM domain;");
+		$statement->execute();
 
-        $resultObject = $statement->fetchAll(PDO::FETCH_CLASS, get_called_class());
+		$resultObject = $statement->fetchAll(PDO::FETCH_CLASS, get_called_class());
 
-        /** @var Domain $t */
-        foreach ($resultObject as $t) {
-            $t->setDatabase($database);
-        }
+		/** @var Domain $t */
+		foreach ($resultObject as $t) {
+			$t->setDatabase($database);
+		}
 
-        return $resultObject;
-    }
+		return $resultObject;
+	}
 
-    public function save()
-    {
-        if ($this->isNew()) {
-            // insert
-            $statement = $this->dbObject->prepare(<<<SQL
+	public function save()
+	{
+		if ($this->isNew()) {
+			// insert
+			$statement = $this->dbObject->prepare(<<<SQL
                 INSERT INTO domain (
                     shortname, longname, wikiarticlepath, wikiapipath, enabled, defaultclose, defaultlanguage, 
                     emailreplyaddress, notificationtarget, localdocumentation
@@ -114,29 +114,29 @@  discard block
 block discarded – undo
                     :emailreplyaddress, :notificationtarget, :localdocumentation
                 );
 SQL
-            );
-
-            $statement->bindValue(":shortname", $this->shortname);
-            $statement->bindValue(":longname", $this->longname);
-            $statement->bindValue(":wikiarticlepath", $this->wikiarticlepath);
-            $statement->bindValue(":wikiapipath", $this->wikiapipath);
-            $statement->bindValue(":enabled", $this->enabled);
-            $statement->bindValue(":defaultclose", $this->defaultclose);
-            $statement->bindValue(":defaultlanguage", $this->defaultlanguage);
-            $statement->bindValue(":emailreplyaddress", $this->emailreplyaddress);
-            $statement->bindValue(":notificationtarget", $this->notificationtarget);
-            $statement->bindValue(":localdocumentation", $this->localdocumentation);
-
-
-            if ($statement->execute()) {
-                $this->id = (int)$this->dbObject->lastInsertId();
-            }
-            else {
-                throw new Exception($statement->errorInfo());
-            }
-        }
-        else {
-            $statement = $this->dbObject->prepare(<<<SQL
+			);
+
+			$statement->bindValue(":shortname", $this->shortname);
+			$statement->bindValue(":longname", $this->longname);
+			$statement->bindValue(":wikiarticlepath", $this->wikiarticlepath);
+			$statement->bindValue(":wikiapipath", $this->wikiapipath);
+			$statement->bindValue(":enabled", $this->enabled);
+			$statement->bindValue(":defaultclose", $this->defaultclose);
+			$statement->bindValue(":defaultlanguage", $this->defaultlanguage);
+			$statement->bindValue(":emailreplyaddress", $this->emailreplyaddress);
+			$statement->bindValue(":notificationtarget", $this->notificationtarget);
+			$statement->bindValue(":localdocumentation", $this->localdocumentation);
+
+
+			if ($statement->execute()) {
+				$this->id = (int)$this->dbObject->lastInsertId();
+			}
+			else {
+				throw new Exception($statement->errorInfo());
+			}
+		}
+		else {
+			$statement = $this->dbObject->prepare(<<<SQL
                 UPDATE domain SET
                     longname = :longname,
                     wikiarticlepath = :wikiarticlepath,
@@ -151,190 +151,190 @@  discard block
 block discarded – undo
                     updateversion = updateversion + 1
 				WHERE id = :id AND updateversion = :updateversion;
 SQL
-            );
-
-            $statement->bindValue(":longname", $this->longname);
-            $statement->bindValue(":wikiarticlepath", $this->wikiarticlepath);
-            $statement->bindValue(":wikiapipath", $this->wikiapipath);
-            $statement->bindValue(":enabled", $this->enabled);
-            $statement->bindValue(":defaultclose", $this->defaultclose);
-            $statement->bindValue(":defaultlanguage", $this->defaultlanguage);
-            $statement->bindValue(":emailreplyaddress", $this->emailreplyaddress);
-            $statement->bindValue(":notificationtarget", $this->notificationtarget);
-            $statement->bindValue(":localdocumentation", $this->localdocumentation);
-
-            $statement->bindValue(':id', $this->id);
-            $statement->bindValue(':updateversion', $this->updateversion);
-
-            if (!$statement->execute()) {
-                throw new Exception($statement->errorInfo());
-            }
-
-            if ($statement->rowCount() !== 1) {
-                throw new OptimisticLockFailedException();
-            }
-
-            $this->updateversion++;
-        }
-    }
-
-    /**
-     * @return string
-     */
-    public function getShortName(): string
-    {
-        return $this->shortname;
-    }
-
-    /**
-     * @param string $shortName
-     */
-    public function setShortName(string $shortName): void
-    {
-        $this->shortname = $shortName;
-    }
-
-    /**
-     * @return string
-     */
-    public function getLongName(): string
-    {
-        return $this->longname;
-    }
-
-    /**
-     * @param string $longName
-     */
-    public function setLongName(string $longName): void
-    {
-        $this->longname = $longName;
-    }
-
-    /**
-     * @return string
-     */
-    public function getWikiArticlePath(): string
-    {
-        return $this->wikiarticlepath;
-    }
-
-    /**
-     * @param string $wikiArticlePath
-     */
-    public function setWikiArticlePath(string $wikiArticlePath): void
-    {
-        $this->wikiarticlepath = $wikiArticlePath;
-    }
-
-    /**
-     * @return string
-     */
-    public function getWikiApiPath(): string
-    {
-        return $this->wikiapipath;
-    }
-
-    /**
-     * @param string $wikiApiPath
-     */
-    public function setWikiApiPath(string $wikiApiPath): void
-    {
-        $this->wikiapipath = $wikiApiPath;
-    }
-
-    /**
-     * @return bool
-     */
-    public function isEnabled(): bool
-    {
-        return $this->enabled == 1;
-    }
-
-    /**
-     * @param bool $enabled
-     */
-    public function setEnabled(bool $enabled): void
-    {
-        $this->enabled = $enabled ? 1 : 0;
-    }
-
-    /**
-     * @return int
-     */
-    public function getDefaultClose(): ?int
-    {
-        return $this->defaultclose;
-    }
-
-    /**
-     * @param int $defaultClose
-     */
-    public function setDefaultClose(?int $defaultClose): void
-    {
-        $this->defaultclose = $defaultClose;
-    }
-
-    /**
-     * @return string
-     */
-    public function getDefaultLanguage(): string
-    {
-        return $this->defaultlanguage;
-    }
-
-    /**
-     * @param string $defaultLanguage
-     */
-    public function setDefaultLanguage(string $defaultLanguage): void
-    {
-        $this->defaultlanguage = $defaultLanguage;
-    }
-
-    /**
-     * @return string
-     */
-    public function getEmailReplyAddress(): string
-    {
-        return $this->emailreplyaddress;
-    }
-
-    /**
-     * @param string $emailReplyAddress
-     */
-    public function setEmailReplyAddress(string $emailReplyAddress): void
-    {
-        $this->emailreplyaddress = $emailReplyAddress;
-    }
-
-    /**
-     * @return string|null
-     */
-    public function getNotificationTarget(): ?string
-    {
-        return $this->notificationtarget;
-    }
-
-    /**
-     * @param string|null $notificationTarget
-     */
-    public function setNotificationTarget(?string $notificationTarget): void
-    {
-        $this->notificationtarget = $notificationTarget;
-    }
-
-    /**
-     * @return string
-     */
-    public function getLocalDocumentation(): string
-    {
-        return $this->localdocumentation;
-    }
-
-    /**
-     * @param string $localDocumentation
-     */
-    public function setLocalDocumentation(string $localDocumentation): void
-    {
-        $this->localdocumentation = $localDocumentation;
-    }
+			);
+
+			$statement->bindValue(":longname", $this->longname);
+			$statement->bindValue(":wikiarticlepath", $this->wikiarticlepath);
+			$statement->bindValue(":wikiapipath", $this->wikiapipath);
+			$statement->bindValue(":enabled", $this->enabled);
+			$statement->bindValue(":defaultclose", $this->defaultclose);
+			$statement->bindValue(":defaultlanguage", $this->defaultlanguage);
+			$statement->bindValue(":emailreplyaddress", $this->emailreplyaddress);
+			$statement->bindValue(":notificationtarget", $this->notificationtarget);
+			$statement->bindValue(":localdocumentation", $this->localdocumentation);
+
+			$statement->bindValue(':id', $this->id);
+			$statement->bindValue(':updateversion', $this->updateversion);
+
+			if (!$statement->execute()) {
+				throw new Exception($statement->errorInfo());
+			}
+
+			if ($statement->rowCount() !== 1) {
+				throw new OptimisticLockFailedException();
+			}
+
+			$this->updateversion++;
+		}
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getShortName(): string
+	{
+		return $this->shortname;
+	}
+
+	/**
+	 * @param string $shortName
+	 */
+	public function setShortName(string $shortName): void
+	{
+		$this->shortname = $shortName;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getLongName(): string
+	{
+		return $this->longname;
+	}
+
+	/**
+	 * @param string $longName
+	 */
+	public function setLongName(string $longName): void
+	{
+		$this->longname = $longName;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getWikiArticlePath(): string
+	{
+		return $this->wikiarticlepath;
+	}
+
+	/**
+	 * @param string $wikiArticlePath
+	 */
+	public function setWikiArticlePath(string $wikiArticlePath): void
+	{
+		$this->wikiarticlepath = $wikiArticlePath;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getWikiApiPath(): string
+	{
+		return $this->wikiapipath;
+	}
+
+	/**
+	 * @param string $wikiApiPath
+	 */
+	public function setWikiApiPath(string $wikiApiPath): void
+	{
+		$this->wikiapipath = $wikiApiPath;
+	}
+
+	/**
+	 * @return bool
+	 */
+	public function isEnabled(): bool
+	{
+		return $this->enabled == 1;
+	}
+
+	/**
+	 * @param bool $enabled
+	 */
+	public function setEnabled(bool $enabled): void
+	{
+		$this->enabled = $enabled ? 1 : 0;
+	}
+
+	/**
+	 * @return int
+	 */
+	public function getDefaultClose(): ?int
+	{
+		return $this->defaultclose;
+	}
+
+	/**
+	 * @param int $defaultClose
+	 */
+	public function setDefaultClose(?int $defaultClose): void
+	{
+		$this->defaultclose = $defaultClose;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getDefaultLanguage(): string
+	{
+		return $this->defaultlanguage;
+	}
+
+	/**
+	 * @param string $defaultLanguage
+	 */
+	public function setDefaultLanguage(string $defaultLanguage): void
+	{
+		$this->defaultlanguage = $defaultLanguage;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getEmailReplyAddress(): string
+	{
+		return $this->emailreplyaddress;
+	}
+
+	/**
+	 * @param string $emailReplyAddress
+	 */
+	public function setEmailReplyAddress(string $emailReplyAddress): void
+	{
+		$this->emailreplyaddress = $emailReplyAddress;
+	}
+
+	/**
+	 * @return string|null
+	 */
+	public function getNotificationTarget(): ?string
+	{
+		return $this->notificationtarget;
+	}
+
+	/**
+	 * @param string|null $notificationTarget
+	 */
+	public function setNotificationTarget(?string $notificationTarget): void
+	{
+		$this->notificationtarget = $notificationTarget;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getLocalDocumentation(): string
+	{
+		return $this->localdocumentation;
+	}
+
+	/**
+	 * @param string $localDocumentation
+	 */
+	public function setLocalDocumentation(string $localDocumentation): void
+	{
+		$this->localdocumentation = $localDocumentation;
+	}
 }
\ No newline at end of file

Please login to merge, or discard this patch.

		@@ -12,29 +12,29 @@
		block discarded – undo
12	12
13	13	interface ISecurityManager
14	14	{
15		- public const ALLOWED = 1;
16		- public const ERROR_NOT_IDENTIFIED = 2;
17		- public const ERROR_DENIED = 3;
	15	+ public const ALLOWED = 1;
	16	+ public const ERROR_NOT_IDENTIFIED = 2;
	17	+ public const ERROR_DENIED = 3;
18	18
19		- /**
20		- * Tests if a user is allowed to perform an action.
21		- *
22		- * This method should form a hard, deterministic security barrier, and only return true if it is absolutely sure
23		- * that a user should have access to something.
24		- *
25		- * @param string $page
26		- * @param string $route
27		- * @param User $user
28		- *
29		- * @return int
30		- *
31		- * @category Security-Critical
32		- */
33		- public function allows(string $page, string $route, User $user): int;
	19	+ /**
	20	+ * Tests if a user is allowed to perform an action.
	21	+ *
	22	+ * This method should form a hard, deterministic security barrier, and only return true if it is absolutely sure
	23	+ * that a user should have access to something.
	24	+ *
	25	+ * @param string $page
	26	+ * @param string $route
	27	+ * @param User $user
	28	+ *
	29	+ * @return int
	30	+ *
	31	+ * @category Security-Critical
	32	+ */
	33	+ public function allows(string $page, string $route, User $user): int;
34	34
35		- public function getActiveRoles(User $user, ?array &$activeRoles, ?array &$inactiveRoles);
	35	+ public function getActiveRoles(User $user, ?array &$activeRoles, ?array &$inactiveRoles);
36	36
37		- public function getCachedActiveRoles(User $user, ?array &$activeRoles, ?array &$inactiveRoles): void;
	37	+ public function getCachedActiveRoles(User $user, ?array &$activeRoles, ?array &$inactiveRoles): void;
38	38
39		- public function getAvailableRoles(): array;
	39	+ public function getAvailableRoles(): array;
40	40	}
41	41	\ No newline at end of file

		@@ -15,37 +15,37 @@
		block discarded – undo
15	15
16	16	final class UserAccessLoader implements IUserAccessLoader
17	17	{
18		- public function loadRolesForUser(User $user): array
19		- {
20		- $domain = Domain::getCurrent($user->getDatabase());
21		- $userRoles = UserRole::getForUser($user->getId(), $user->getDatabase(), $domain->getId());
	18	+ public function loadRolesForUser(User $user): array
	19	+ {
	20	+ $domain = Domain::getCurrent($user->getDatabase());
	21	+ $userRoles = UserRole::getForUser($user->getId(), $user->getDatabase(), $domain->getId());
22	22
23		- return array_map(fn(UserRole $r): string => $r->getRole(), $userRoles);
24		- }
	23	+ return array_map(fn(UserRole $r): string => $r->getRole(), $userRoles);
	24	+ }
25	25
26		- public function loadDomainsForUser(User $user): array
27		- {
28		- $database = $user->getDatabase();
	26	+ public function loadDomainsForUser(User $user): array
	27	+ {
	28	+ $database = $user->getDatabase();
29	29
30		- $statement = $database->prepare(<<<'SQL'
	30	+ $statement = $database->prepare(<<<'SQL'
31	31	SELECT d.*
32	32	FROM domain d
33	33	INNER JOIN userdomain ud on d.id = ud.domain
34	34	WHERE ud.user = :user
35	35	AND d.enabled = 1
36	36	SQL
37		- );
38		- $statement->execute([
39		- ':user' => $user->getId()
40		- ]);
	37	+ );
	38	+ $statement->execute([
	39	+ ':user' => $user->getId()
	40	+ ]);
41	41
42		- $resultObjects = $statement->fetchAll(PDO::FETCH_CLASS, Domain::class);
	42	+ $resultObjects = $statement->fetchAll(PDO::FETCH_CLASS, Domain::class);
43	43
44		- /** @var Domain $t */
45		- foreach ($resultObjects as $t) {
46		- $t->setDatabase($database);
47		- }
	44	+ /** @var Domain $t */
	45	+ foreach ($resultObjects as $t) {
	46	+ $t->setDatabase($database);
	47	+ }
48	48
49		- return $resultObjects;
50		- }
	49	+ return $resultObjects;
	50	+ }
51	51	}
52	52	\ No newline at end of file

		@@ -13,14 +13,14 @@
		block discarded – undo
13	13
14	14	interface IDomainAccessManager
15	15	{
16		- public function switchToDefaultDomain(User $user): void;
	16	+ public function switchToDefaultDomain(User $user): void;
17	17
18		- public function switchDomain(User $user, Domain $newDomain): void;
	18	+ public function switchDomain(User $user, Domain $newDomain): void;
19	19
20		- /**
21		- * @param User $user
22		- *
23		- * @return Domain[]
24		- */
25		- public function getAllowedDomains(User $user): array;
	20	+ /**
	21	+ * @param User $user
	22	+ *
	23	+ * @return Domain[]
	24	+ */
	25	+ public function getAllowedDomains(User $user): array;
26	26	}
27	27	\ No newline at end of file

		@@ -10,135 +10,135 @@
		block discarded – undo
10	10
11	11	abstract class RoleConfigurationBase
12	12	{
13		- const ACCESS_ALLOW = 1;
14		- const ACCESS_DENY = -1;
15		- const ACCESS_DEFAULT = 0;
16		- const MAIN = 'main';
17		- const ALL = '*';
18		-
19		- protected array $roleConfig;
20		- protected array $identificationExempt;
21		-
22		- protected function __construct(array $roleConfig, array $identificationExempt)
23		- {
24		- $this->roleConfig = $roleConfig;
25		- $this->identificationExempt = $identificationExempt;
26		- }
27		-
28		- /**
29		- * Takes an array of role names and flattens the values to a single
30		- * resultant role configuration.
31		- *
32		- * @param string[] $activeRoles
33		- * @category Security-Critical
34		- */
35		- public function getResultantRole(array $activeRoles): array
36		- {
37		- $result = array();
38		-
39		- $roleConfig = $this->getApplicableRoles($activeRoles);
40		-
41		- // Iterate over every page in every role
42		- foreach ($roleConfig as $role) {
43		- foreach ($role as $page => $pageRights) {
44		- // Create holder in result for this page
45		- if (!isset($result[$page])) {
46		- $result[$page] = array();
47		- }
48		-
49		- foreach ($pageRights as $action => $permission) {
50		- // Deny takes precedence, so if it's set, don't change it.
51		- if (isset($result[$page][$action])) {
52		- if ($result[$page][$action] === RoleConfigurationBase::ACCESS_DENY) {
53		- continue;
54		- }
55		- }
56		-
57		- if ($permission === RoleConfigurationBase::ACCESS_DEFAULT) {
58		- // Configured to do precisely nothing.
59		- continue;
60		- }
61		-
62		- $result[$page][$action] = $permission;
63		- }
64		- }
65		- }
66		-
67		- return $result;
68		- }
69		-
70		- /**
71		- * Returns a set of all roles which are available to be set.
72		- *
73		- * Hidden roles and implicit roles are excluded.
74		- */
75		- public function getAvailableRoles(): array
76		- {
77		- // remove the implicit roles
78		- $possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn', 'user'));
79		-
80		- $actual = array();
81		-
82		- foreach ($possible as $role) {
83		- if (!isset($this->roleConfig[$role]['_hidden'])) {
84		- $actual[$role] = array(
85		- 'description' => $this->roleConfig[$role]['_description'],
86		- 'editableBy' => $this->roleConfig[$role]['_editableBy'],
87		- 'globalOnly' => isset($this->roleConfig[$role]['_globalOnly']) && $this->roleConfig[$role]['_globalOnly'],
88		- );
89		- }
90		- }
91		-
92		- return $actual;
93		- }
94		-
95		- /**
96		- * Returns a boolean for whether the provided role requires identification
97		- * before being used by a user.
98		- *
99		- * @category Security-Critical
100		- */
101		- public function roleNeedsIdentification(string $role): bool
102		- {
103		- if (in_array($role, $this->identificationExempt)) {
104		- return false;
105		- }
106		-
107		- return true;
108		- }
109		-
110		- /**
111		- * Takes an array of role names, and returns all the relevant roles for that
112		- * set, including any child roles found recursively.
113		- *
114		- * @param array $roles The names of roles to start searching with
115		- */
116		- private function getApplicableRoles(array $roles): array
117		- {
118		- $available = array();
119		-
120		- foreach ($roles as $role) {
121		- if (!isset($this->roleConfig[$role])) {
122		- // wat
123		- continue;
124		- }
125		-
126		- $available[$role] = $this->roleConfig[$role];
127		-
128		- if (isset($available[$role]['_childRoles'])) {
129		- $childRoles = $this->getApplicableRoles($available[$role]['_childRoles']);
130		- $available = array_merge($available, $childRoles);
131		-
132		- unset($available[$role]['_childRoles']);
133		- }
134		-
135		- foreach (array('_hidden', '_editableBy', '_description') as $item) {
136		- if (isset($available[$role][$item])) {
137		- unset($available[$role][$item]);
138		- }
139		- }
140		- }
141		-
142		- return $available;
143		- }
	13	+ const ACCESS_ALLOW = 1;
	14	+ const ACCESS_DENY = -1;
	15	+ const ACCESS_DEFAULT = 0;
	16	+ const MAIN = 'main';
	17	+ const ALL = '*';
	18	+
	19	+ protected array $roleConfig;
	20	+ protected array $identificationExempt;
	21	+
	22	+ protected function __construct(array $roleConfig, array $identificationExempt)
	23	+ {
	24	+ $this->roleConfig = $roleConfig;
	25	+ $this->identificationExempt = $identificationExempt;
	26	+ }
	27	+
	28	+ /**
	29	+ * Takes an array of role names and flattens the values to a single
	30	+ * resultant role configuration.
	31	+ *
	32	+ * @param string[] $activeRoles
	33	+ * @category Security-Critical
	34	+ */
	35	+ public function getResultantRole(array $activeRoles): array
	36	+ {
	37	+ $result = array();
	38	+
	39	+ $roleConfig = $this->getApplicableRoles($activeRoles);
	40	+
	41	+ // Iterate over every page in every role
	42	+ foreach ($roleConfig as $role) {
	43	+ foreach ($role as $page => $pageRights) {
	44	+ // Create holder in result for this page
	45	+ if (!isset($result[$page])) {
	46	+ $result[$page] = array();
	47	+ }
	48	+
	49	+ foreach ($pageRights as $action => $permission) {
	50	+ // Deny takes precedence, so if it's set, don't change it.
	51	+ if (isset($result[$page][$action])) {
	52	+ if ($result[$page][$action] === RoleConfigurationBase::ACCESS_DENY) {
	53	+ continue;
	54	+ }
	55	+ }
	56	+
	57	+ if ($permission === RoleConfigurationBase::ACCESS_DEFAULT) {
	58	+ // Configured to do precisely nothing.
	59	+ continue;
	60	+ }
	61	+
	62	+ $result[$page][$action] = $permission;
	63	+ }
	64	+ }
	65	+ }
	66	+
	67	+ return $result;
	68	+ }
	69	+
	70	+ /**
	71	+ * Returns a set of all roles which are available to be set.
	72	+ *
	73	+ * Hidden roles and implicit roles are excluded.
	74	+ */
	75	+ public function getAvailableRoles(): array
	76	+ {
	77	+ // remove the implicit roles
	78	+ $possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn', 'user'));
	79	+
	80	+ $actual = array();
	81	+
	82	+ foreach ($possible as $role) {
	83	+ if (!isset($this->roleConfig[$role]['_hidden'])) {
	84	+ $actual[$role] = array(
	85	+ 'description' => $this->roleConfig[$role]['_description'],
	86	+ 'editableBy' => $this->roleConfig[$role]['_editableBy'],
	87	+ 'globalOnly' => isset($this->roleConfig[$role]['_globalOnly']) && $this->roleConfig[$role]['_globalOnly'],
	88	+ );
	89	+ }
	90	+ }
	91	+
	92	+ return $actual;
	93	+ }
	94	+
	95	+ /**
	96	+ * Returns a boolean for whether the provided role requires identification
	97	+ * before being used by a user.
	98	+ *
	99	+ * @category Security-Critical
	100	+ */
	101	+ public function roleNeedsIdentification(string $role): bool
	102	+ {
	103	+ if (in_array($role, $this->identificationExempt)) {
	104	+ return false;
	105	+ }
	106	+
	107	+ return true;
	108	+ }
	109	+
	110	+ /**
	111	+ * Takes an array of role names, and returns all the relevant roles for that
	112	+ * set, including any child roles found recursively.
	113	+ *
	114	+ * @param array $roles The names of roles to start searching with
	115	+ */
	116	+ private function getApplicableRoles(array $roles): array
	117	+ {
	118	+ $available = array();
	119	+
	120	+ foreach ($roles as $role) {
	121	+ if (!isset($this->roleConfig[$role])) {
	122	+ // wat
	123	+ continue;
	124	+ }
	125	+
	126	+ $available[$role] = $this->roleConfig[$role];
	127	+
	128	+ if (isset($available[$role]['_childRoles'])) {
	129	+ $childRoles = $this->getApplicableRoles($available[$role]['_childRoles']);
	130	+ $available = array_merge($available, $childRoles);
	131	+
	132	+ unset($available[$role]['_childRoles']);
	133	+ }
	134	+
	135	+ foreach (array('_hidden', '_editableBy', '_description') as $item) {
	136	+ if (isset($available[$role][$item])) {
	137	+ unset($available[$role][$item]);
	138	+ }
	139	+ }
	140	+ }
	141	+
	142	+ return $available;
	143	+ }
144	144	}
145	145	\ No newline at end of file

		@@ -18,69 +18,69 @@
		block discarded – undo
18	18
19	19	class DomainAccessManager implements IDomainAccessManager
20	20	{
21		- private IUserAccessLoader $userAccessLoader;
	21	+ private IUserAccessLoader $userAccessLoader;
22	22
23		- public function __construct(IUserAccessLoader $userAccessLoader)
24		- {
25		- $this->userAccessLoader = $userAccessLoader;
26		- }
	23	+ public function __construct(IUserAccessLoader $userAccessLoader)
	24	+ {
	25	+ $this->userAccessLoader = $userAccessLoader;
	26	+ }
27	27
28		- /**
29		- * Returns the domains the user is a member of.
30		- *
31		- * Note - this does not determine the access rights that a user has in any
32		- * specific domain. Permissions checks still need to be performed.
33		- *
34		- * @param User $user
35		- *
36		- * @return Domain[]
37		- */
38		- public function getAllowedDomains(User $user): array
39		- {
40		- if ($user->isCommunityUser()) {
41		- return [];
42		- }
	28	+ /**
	29	+ * Returns the domains the user is a member of.
	30	+ *
	31	+ * Note - this does not determine the access rights that a user has in any
	32	+ * specific domain. Permissions checks still need to be performed.
	33	+ *
	34	+ * @param User $user
	35	+ *
	36	+ * @return Domain[]
	37	+ */
	38	+ public function getAllowedDomains(User $user): array
	39	+ {
	40	+ if ($user->isCommunityUser()) {
	41	+ return [];
	42	+ }
43	43
44		- return $this->userAccessLoader->loadDomainsForUser($user);
45		- }
	44	+ return $this->userAccessLoader->loadDomainsForUser($user);
	45	+ }
46	46
47		- public function switchDomain(User $user, Domain $newDomain): void
48		- {
49		- $mapToId = function(DataObject $object) {
50		- return $object->getId();
51		- };
	47	+ public function switchDomain(User $user, Domain $newDomain): void
	48	+ {
	49	+ $mapToId = function(DataObject $object) {
	50	+ return $object->getId();
	51	+ };
52	52
53		- $allowed = in_array($newDomain->getId(), array_map($mapToId, $this->getAllowedDomains($user)));
	53	+ $allowed = in_array($newDomain->getId(), array_map($mapToId, $this->getAllowedDomains($user)));
54	54
55		- if ($allowed) {
56		- WebRequest::setActiveDomain($newDomain);
57		- }
58		- else {
59		- throw new DomainSwitchNotAllowedException();
60		- }
61		- }
	55	+ if ($allowed) {
	56	+ WebRequest::setActiveDomain($newDomain);
	57	+ }
	58	+ else {
	59	+ throw new DomainSwitchNotAllowedException();
	60	+ }
	61	+ }
62	62
63		- public function switchToDefaultDomain(User $user): void
64		- {
65		- $domains = $this->getAllowedDomains($user);
66		- $preferenceManager = new PreferenceManager($user->getDatabase(), $user->getId(), null);
67		- $defaultDomainPreference = $preferenceManager->getPreference(PreferenceManager::PREF_DEFAULT_DOMAIN);
	63	+ public function switchToDefaultDomain(User $user): void
	64	+ {
	65	+ $domains = $this->getAllowedDomains($user);
	66	+ $preferenceManager = new PreferenceManager($user->getDatabase(), $user->getId(), null);
	67	+ $defaultDomainPreference = $preferenceManager->getPreference(PreferenceManager::PREF_DEFAULT_DOMAIN);
68	68
69		- $chosenDomain = null;
70		- foreach ($domains as $d) {
71		- if ($d->getId() == $defaultDomainPreference) {
72		- $chosenDomain = $d;
73		- break;
74		- }
75		- }
	69	+ $chosenDomain = null;
	70	+ foreach ($domains as $d) {
	71	+ if ($d->getId() == $defaultDomainPreference) {
	72	+ $chosenDomain = $d;
	73	+ break;
	74	+ }
	75	+ }
76	76
77		- if ($chosenDomain !== null) {
78		- WebRequest::setActiveDomain($chosenDomain);
79		- return;
80		- }
	77	+ if ($chosenDomain !== null) {
	78	+ WebRequest::setActiveDomain($chosenDomain);
	79	+ return;
	80	+ }
81	81
82		- if (count($domains) > 0) {
83		- WebRequest::setActiveDomain($domains[0]);
84		- }
85		- }
	82	+ if (count($domains) > 0) {
	83	+ WebRequest::setActiveDomain($domains[0]);
	84	+ }
	85	+ }
86	86	}
87	87	\ No newline at end of file

		@@ -22,153 +22,153 @@ discard block
		block discarded – undo
22	22	*/
23	23	class User extends DataObject
24	24	{
25		- const STATUS_ACTIVE = 'Active';
26		- const STATUS_DEACTIVATED = 'Deactivated';
27		- const STATUS_NEW = 'New';
28		-
29		- private static CommunityUser $community;
30		-
31		- private $username;
32		- private $email;
33		- private $status = self::STATUS_NEW;
34		- private $onwikiname;
35		- private $lastactive = "0000-00-00 00:00:00";
36		- private $forcelogout = 0;
37		- private $forceidentified = null;
38		- private $confirmationdiff = 0;
39		- /** @var User Cache variable of the current user - it's never going to change in the middle of a request. */
40		- private static $currentUser;
41		- #region Object load methods
42		-
43		- /**
44		- * Gets the currently logged in user
45		- *
46		- * @param PdoDatabase $database
47		- *
48		- * @return User\|CommunityUser
49		- */
50		- public static function getCurrent(PdoDatabase $database)
51		- {
52		- if (self::$currentUser === null) {
53		- $sessionId = WebRequest::getSessionUserId();
54		-
55		- if ($sessionId !== null) {
56		- /** @var User $user */
57		- $user = self::getById($sessionId, $database);
58		-
59		- if ($user === false) {
60		- self::$currentUser = new CommunityUser();
61		- }
62		- else {
63		- self::$currentUser = $user;
64		- }
65		- }
66		- else {
67		- $anonymousCoward = new CommunityUser();
68		-
69		- self::$currentUser = $anonymousCoward;
70		- }
71		- }
72		-
73		- return self::$currentUser;
74		- }
75		-
76		- /**
77		- * Gets a user by their user ID
78		- *
79		- * Pass -1 to get the community user.
80		- *
81		- * @param int\|null $id
82		- * @param PdoDatabase $database
83		- *
84		- * @return User\|false
85		- */
86		- public static function getById($id, PdoDatabase $database)
87		- {
88		- if ($id === null \|\| $id == -1) {
89		- return new CommunityUser();
90		- }
91		-
92		- /** @var User\|false $user */
93		- $user = parent::getById($id, $database);
94		-
95		- return $user;
96		- }
97		-
98		- public static function getCommunity(): CommunityUser
99		- {
100		- if (!isset(self::$community)) {
101		- self::$community = new CommunityUser();
102		- }
103		-
104		- return self::$community;
105		- }
106		-
107		- /**
108		- * Gets a user by their username
109		- *
110		- * @param string $username
111		- * @param PdoDatabase $database
112		- *
113		- * @return CommunityUser\|User\|false
114		- */
115		- public static function getByUsername($username, PdoDatabase $database)
116		- {
117		- if ($username === self::getCommunity()->getUsername()) {
118		- return new CommunityUser();
119		- }
120		-
121		- $statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;");
122		- $statement->bindValue(":id", $username);
123		-
124		- $statement->execute();
125		-
126		- $resultObject = $statement->fetchObject(get_called_class());
127		-
128		- if ($resultObject != false) {
129		- $resultObject->setDatabase($database);
130		- }
131		-
132		- return $resultObject;
133		- }
134		-
135		- /**
136		- * Gets a user by their on-wiki username.
137		- *
138		- * @param string $username
139		- * @param PdoDatabase $database
140		- *
141		- * @return User\|false
142		- */
143		- public static function getByOnWikiUsername($username, PdoDatabase $database)
144		- {
145		- $statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;");
146		- $statement->bindValue(":id", $username);
147		- $statement->execute();
148		-
149		- $resultObject = $statement->fetchObject(get_called_class());
150		-
151		- if ($resultObject != false) {
152		- $resultObject->setDatabase($database);
153		-
154		- return $resultObject;
155		- }
156		-
157		- return false;
158		- }
159		-
160		- #endregion
161		-
162		- /**
163		- * Saves the current object
164		- *
165		- * @throws Exception
166		- */
167		- public function save()
168		- {
169		- if ($this->isNew()) {
170		- // insert
171		- $statement = $this->dbObject->prepare(<<<SQL
	25	+ const STATUS_ACTIVE = 'Active';
	26	+ const STATUS_DEACTIVATED = 'Deactivated';
	27	+ const STATUS_NEW = 'New';
	28	+
	29	+ private static CommunityUser $community;
	30	+
	31	+ private $username;
	32	+ private $email;
	33	+ private $status = self::STATUS_NEW;
	34	+ private $onwikiname;
	35	+ private $lastactive = "0000-00-00 00:00:00";
	36	+ private $forcelogout = 0;
	37	+ private $forceidentified = null;
	38	+ private $confirmationdiff = 0;
	39	+ /** @var User Cache variable of the current user - it's never going to change in the middle of a request. */
	40	+ private static $currentUser;
	41	+ #region Object load methods
	42	+
	43	+ /**
	44	+ * Gets the currently logged in user
	45	+ *
	46	+ * @param PdoDatabase $database
	47	+ *
	48	+ * @return User\|CommunityUser
	49	+ */
	50	+ public static function getCurrent(PdoDatabase $database)
	51	+ {
	52	+ if (self::$currentUser === null) {
	53	+ $sessionId = WebRequest::getSessionUserId();
	54	+
	55	+ if ($sessionId !== null) {
	56	+ /** @var User $user */
	57	+ $user = self::getById($sessionId, $database);
	58	+
	59	+ if ($user === false) {
	60	+ self::$currentUser = new CommunityUser();
	61	+ }
	62	+ else {
	63	+ self::$currentUser = $user;
	64	+ }
	65	+ }
	66	+ else {
	67	+ $anonymousCoward = new CommunityUser();
	68	+
	69	+ self::$currentUser = $anonymousCoward;
	70	+ }
	71	+ }
	72	+
	73	+ return self::$currentUser;
	74	+ }
	75	+
	76	+ /**
	77	+ * Gets a user by their user ID
	78	+ *
	79	+ * Pass -1 to get the community user.
	80	+ *
	81	+ * @param int\|null $id
	82	+ * @param PdoDatabase $database
	83	+ *
	84	+ * @return User\|false
	85	+ */
	86	+ public static function getById($id, PdoDatabase $database)
	87	+ {
	88	+ if ($id === null \|\| $id == -1) {
	89	+ return new CommunityUser();
	90	+ }
	91	+
	92	+ /** @var User\|false $user */
	93	+ $user = parent::getById($id, $database);
	94	+
	95	+ return $user;
	96	+ }
	97	+
	98	+ public static function getCommunity(): CommunityUser
	99	+ {
	100	+ if (!isset(self::$community)) {
	101	+ self::$community = new CommunityUser();
	102	+ }
	103	+
	104	+ return self::$community;
	105	+ }
	106	+
	107	+ /**
	108	+ * Gets a user by their username
	109	+ *
	110	+ * @param string $username
	111	+ * @param PdoDatabase $database
	112	+ *
	113	+ * @return CommunityUser\|User\|false
	114	+ */
	115	+ public static function getByUsername($username, PdoDatabase $database)
	116	+ {
	117	+ if ($username === self::getCommunity()->getUsername()) {
	118	+ return new CommunityUser();
	119	+ }
	120	+
	121	+ $statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;");
	122	+ $statement->bindValue(":id", $username);
	123	+
	124	+ $statement->execute();
	125	+
	126	+ $resultObject = $statement->fetchObject(get_called_class());
	127	+
	128	+ if ($resultObject != false) {
	129	+ $resultObject->setDatabase($database);
	130	+ }
	131	+
	132	+ return $resultObject;
	133	+ }
	134	+
	135	+ /**
	136	+ * Gets a user by their on-wiki username.
	137	+ *
	138	+ * @param string $username
	139	+ * @param PdoDatabase $database
	140	+ *
	141	+ * @return User\|false
	142	+ */
	143	+ public static function getByOnWikiUsername($username, PdoDatabase $database)
	144	+ {
	145	+ $statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;");
	146	+ $statement->bindValue(":id", $username);
	147	+ $statement->execute();
	148	+
	149	+ $resultObject = $statement->fetchObject(get_called_class());
	150	+
	151	+ if ($resultObject != false) {
	152	+ $resultObject->setDatabase($database);
	153	+
	154	+ return $resultObject;
	155	+ }
	156	+
	157	+ return false;
	158	+ }
	159	+
	160	+ #endregion
	161	+
	162	+ /**
	163	+ * Saves the current object
	164	+ *
	165	+ * @throws Exception
	166	+ */
	167	+ public function save()
	168	+ {
	169	+ if ($this->isNew()) {
	170	+ // insert
	171	+ $statement = $this->dbObject->prepare(<<<SQL
172	172	INSERT INTO `user` (
173	173	username, email, status, onwikiname,
174	174	lastactive, forcelogout, forceidentified,
		@@ -179,25 +179,25 @@ discard block
		block discarded – undo
179	179	:confirmationdiff
180	180	);
181	181	SQL
182		- );
183		- $statement->bindValue(":username", $this->username);
184		- $statement->bindValue(":email", $this->email);
185		- $statement->bindValue(":status", $this->status);
186		- $statement->bindValue(":onwikiname", $this->onwikiname);
187		- $statement->bindValue(":lastactive", $this->lastactive);
188		- $statement->bindValue(":forcelogout", $this->forcelogout);
189		- $statement->bindValue(":confirmationdiff", $this->confirmationdiff);
190		-
191		- if ($statement->execute()) {
192		- $this->id = (int)$this->dbObject->lastInsertId();
193		- }
194		- else {
195		- throw new Exception($statement->errorInfo());
196		- }
197		- }
198		- else {
199		- // update
200		- $statement = $this->dbObject->prepare(<<<SQL
	182	+ );
	183	+ $statement->bindValue(":username", $this->username);
	184	+ $statement->bindValue(":email", $this->email);
	185	+ $statement->bindValue(":status", $this->status);
	186	+ $statement->bindValue(":onwikiname", $this->onwikiname);
	187	+ $statement->bindValue(":lastactive", $this->lastactive);
	188	+ $statement->bindValue(":forcelogout", $this->forcelogout);
	189	+ $statement->bindValue(":confirmationdiff", $this->confirmationdiff);
	190	+
	191	+ if ($statement->execute()) {
	192	+ $this->id = (int)$this->dbObject->lastInsertId();
	193	+ }
	194	+ else {
	195	+ throw new Exception($statement->errorInfo());
	196	+ }
	197	+ }
	198	+ else {
	199	+ // update
	200	+ $statement = $this->dbObject->prepare(<<<SQL
201	201	UPDATE `user` SET
202	202	username = :username, email = :email,
203	203	status = :status,
		@@ -208,233 +208,233 @@ discard block
		block discarded – undo
208	208	updateversion = updateversion + 1
209	209	WHERE id = :id AND updateversion = :updateversion;
210	210	SQL
211		- );
212		-
213		- $statement->bindValue(':id', $this->id);
214		- $statement->bindValue(':updateversion', $this->updateversion);
215		-
216		- $statement->bindValue(':username', $this->username);
217		- $statement->bindValue(':email', $this->email);
218		- $statement->bindValue(':status', $this->status);
219		- $statement->bindValue(':onwikiname', $this->onwikiname);
220		- $statement->bindValue(':lastactive', $this->lastactive);
221		- $statement->bindValue(':forcelogout', $this->forcelogout);
222		- $statement->bindValue(':confirmationdiff', $this->confirmationdiff);
223		-
224		- if (!$statement->execute()) {
225		- throw new Exception($statement->errorInfo());
226		- }
227		-
228		- if ($statement->rowCount() !== 1) {
229		- throw new OptimisticLockFailedException();
230		- }
231		-
232		- $this->updateversion++;
233		- }
234		- }
235		-
236		- #region properties
237		-
238		- /**
239		- * Gets the tool username
240		- * @return string
241		- */
242		- public function getUsername()
243		- {
244		- return $this->username;
245		- }
246		-
247		- /**
248		- * Sets the tool username
249		- *
250		- * @param string $username
251		- */
252		- public function setUsername($username)
253		- {
254		- $this->username = $username;
255		-
256		- // If this isn't a brand new user, then it's a rename, force the logout
257		- if (!$this->isNew()) {
258		- $this->forcelogout = 1;
259		- }
260		- }
261		-
262		- /**
263		- * Gets the user's email address
264		- * @return string
265		- */
266		- public function getEmail()
267		- {
268		- return $this->email;
269		- }
270		-
271		- /**
272		- * Sets the user's email address
273		- *
274		- * @param string $email
275		- */
276		- public function setEmail($email)
277		- {
278		- $this->email = $email;
279		- }
280		-
281		- /**
282		- * Gets the status (Active, New, Deactivated, etc) of the user.
283		- * @return string
284		- */
285		- public function getStatus()
286		- {
287		- return $this->status;
288		- }
289		-
290		- /**
291		- * @param string $status
292		- */
293		- public function setStatus($status)
294		- {
295		- $this->status = $status;
296		- }
297		-
298		- /**
299		- * Gets the user's on-wiki name
300		- * @return string
301		- */
302		- public function getOnWikiName()
303		- {
304		- return $this->onwikiname;
305		- }
306		-
307		- /**
308		- * Sets the user's on-wiki name
309		- *
310		- * This can have interesting side-effects with OAuth.
311		- *
312		- * @param string $onWikiName
313		- */
314		- public function setOnWikiName($onWikiName)
315		- {
316		- $this->onwikiname = $onWikiName;
317		- }
318		-
319		- /**
320		- * Gets the last activity date for the user
321		- *
322		- * @return string
323		- * @todo This should probably return an instance of DateTime
324		- */
325		- public function getLastActive()
326		- {
327		- return $this->lastactive;
328		- }
329		-
330		- /**
331		- * Gets the user's forced logout status
332		- *
333		- * @return bool
334		- */
335		- public function getForceLogout()
336		- {
337		- return $this->forcelogout == 1;
338		- }
339		-
340		- /**
341		- * Sets the user's forced logout status
342		- *
343		- * @param bool $forceLogout
344		- */
345		- public function setForceLogout($forceLogout)
346		- {
347		- $this->forcelogout = $forceLogout ? 1 : 0;
348		- }
349		-
350		- /**
351		- * Gets the user's confirmation diff. Unused if OAuth is in use.
352		- * @return int the diff ID
353		- */
354		- public function getConfirmationDiff()
355		- {
356		- return $this->confirmationdiff;
357		- }
358		-
359		- /**
360		- * Sets the user's confirmation diff.
361		- *
362		- * @param int $confirmationDiff
363		- */
364		- public function setConfirmationDiff($confirmationDiff)
365		- {
366		- $this->confirmationdiff = $confirmationDiff;
367		- }
368		-
369		- #endregion
370		-
371		- #region user access checks
372		-
373		- public function isActive()
374		- {
375		- return $this->status == self::STATUS_ACTIVE;
376		- }
377		-
378		- /**
379		- * DO NOT USE FOR TESTING IDENTIFICATION STATUS.
380		- *
381		- * This only returns any overrides in the database for identification status,
382		- * and is thus not suitable on its own to determine if a user is identified.
383		- *
384		- * Most (all?) users should have a null value here; this is only here as an
385		- * emergency override in case things go horribly, horribly wrong. For
386		- * example, when WMF completely change the layout of the ID noticeboard.
387		- */
388		- public function getForceIdentified(): ?bool
389		- {
390		- if ($this->forceidentified === null) {
391		- return null;
392		- }
393		-
394		- return $this->forceidentified === 1;
395		- }
396		-
397		- /**
398		- * Tests if the user is new
399		- * @return bool
400		- * @category Security-Critical
401		- */
402		- public function isNewUser()
403		- {
404		- return $this->status == self::STATUS_NEW;
405		- }
406		-
407		- /**
408		- * Tests if the user has been deactivated and is unable to access the tool
409		- * @return bool
410		- * @category Security-Critical
411		- */
412		- public function isDeactivated(): bool
413		- {
414		- return $this->status == self::STATUS_DEACTIVATED;
415		- }
416		-
417		- /**
418		- * Tests if the user is the community user
419		- *
420		- * @todo decide if this means logged out. I think it usually does.
421		- * @return bool
422		- * @category Security-Critical
423		- */
424		- public function isCommunityUser()
425		- {
426		- return false;
427		- }
428		-
429		- #endregion
430		-
431		- /**
432		- * Gets the approval date of the user
433		- * @return DateTime\|false
434		- */
435		- public function getApprovalDate()
436		- {
437		- $query = $this->dbObject->prepare(<<<SQL
	211	+ );
	212	+
	213	+ $statement->bindValue(':id', $this->id);
	214	+ $statement->bindValue(':updateversion', $this->updateversion);
	215	+
	216	+ $statement->bindValue(':username', $this->username);
	217	+ $statement->bindValue(':email', $this->email);
	218	+ $statement->bindValue(':status', $this->status);
	219	+ $statement->bindValue(':onwikiname', $this->onwikiname);
	220	+ $statement->bindValue(':lastactive', $this->lastactive);
	221	+ $statement->bindValue(':forcelogout', $this->forcelogout);
	222	+ $statement->bindValue(':confirmationdiff', $this->confirmationdiff);
	223	+
	224	+ if (!$statement->execute()) {
	225	+ throw new Exception($statement->errorInfo());
	226	+ }
	227	+
	228	+ if ($statement->rowCount() !== 1) {
	229	+ throw new OptimisticLockFailedException();
	230	+ }
	231	+
	232	+ $this->updateversion++;
	233	+ }
	234	+ }
	235	+
	236	+ #region properties
	237	+
	238	+ /**
	239	+ * Gets the tool username
	240	+ * @return string
	241	+ */
	242	+ public function getUsername()
	243	+ {
	244	+ return $this->username;
	245	+ }
	246	+
	247	+ /**
	248	+ * Sets the tool username
	249	+ *
	250	+ * @param string $username
	251	+ */
	252	+ public function setUsername($username)
	253	+ {
	254	+ $this->username = $username;
	255	+
	256	+ // If this isn't a brand new user, then it's a rename, force the logout
	257	+ if (!$this->isNew()) {
	258	+ $this->forcelogout = 1;
	259	+ }
	260	+ }
	261	+
	262	+ /**
	263	+ * Gets the user's email address
	264	+ * @return string
	265	+ */
	266	+ public function getEmail()
	267	+ {
	268	+ return $this->email;
	269	+ }
	270	+
	271	+ /**
	272	+ * Sets the user's email address
	273	+ *
	274	+ * @param string $email
	275	+ */
	276	+ public function setEmail($email)
	277	+ {
	278	+ $this->email = $email;
	279	+ }
	280	+
	281	+ /**
	282	+ * Gets the status (Active, New, Deactivated, etc) of the user.
	283	+ * @return string
	284	+ */
	285	+ public function getStatus()
	286	+ {
	287	+ return $this->status;
	288	+ }
	289	+
	290	+ /**
	291	+ * @param string $status
	292	+ */
	293	+ public function setStatus($status)
	294	+ {
	295	+ $this->status = $status;
	296	+ }
	297	+
	298	+ /**
	299	+ * Gets the user's on-wiki name
	300	+ * @return string
	301	+ */
	302	+ public function getOnWikiName()
	303	+ {
	304	+ return $this->onwikiname;
	305	+ }
	306	+
	307	+ /**
	308	+ * Sets the user's on-wiki name
	309	+ *
	310	+ * This can have interesting side-effects with OAuth.
	311	+ *
	312	+ * @param string $onWikiName
	313	+ */
	314	+ public function setOnWikiName($onWikiName)
	315	+ {
	316	+ $this->onwikiname = $onWikiName;
	317	+ }
	318	+
	319	+ /**
	320	+ * Gets the last activity date for the user
	321	+ *
	322	+ * @return string
	323	+ * @todo This should probably return an instance of DateTime
	324	+ */
	325	+ public function getLastActive()
	326	+ {
	327	+ return $this->lastactive;
	328	+ }
	329	+
	330	+ /**
	331	+ * Gets the user's forced logout status
	332	+ *
	333	+ * @return bool
	334	+ */
	335	+ public function getForceLogout()
	336	+ {
	337	+ return $this->forcelogout == 1;
	338	+ }
	339	+
	340	+ /**
	341	+ * Sets the user's forced logout status
	342	+ *
	343	+ * @param bool $forceLogout
	344	+ */
	345	+ public function setForceLogout($forceLogout)
	346	+ {
	347	+ $this->forcelogout = $forceLogout ? 1 : 0;
	348	+ }
	349	+
	350	+ /**
	351	+ * Gets the user's confirmation diff. Unused if OAuth is in use.
	352	+ * @return int the diff ID
	353	+ */
	354	+ public function getConfirmationDiff()
	355	+ {
	356	+ return $this->confirmationdiff;
	357	+ }
	358	+
	359	+ /**
	360	+ * Sets the user's confirmation diff.
	361	+ *
	362	+ * @param int $confirmationDiff
	363	+ */
	364	+ public function setConfirmationDiff($confirmationDiff)
	365	+ {
	366	+ $this->confirmationdiff = $confirmationDiff;
	367	+ }
	368	+
	369	+ #endregion
	370	+
	371	+ #region user access checks
	372	+
	373	+ public function isActive()
	374	+ {
	375	+ return $this->status == self::STATUS_ACTIVE;
	376	+ }
	377	+
	378	+ /**
	379	+ * DO NOT USE FOR TESTING IDENTIFICATION STATUS.
	380	+ *
	381	+ * This only returns any overrides in the database for identification status,
	382	+ * and is thus not suitable on its own to determine if a user is identified.
	383	+ *
	384	+ * Most (all?) users should have a null value here; this is only here as an
	385	+ * emergency override in case things go horribly, horribly wrong. For
	386	+ * example, when WMF completely change the layout of the ID noticeboard.
	387	+ */
	388	+ public function getForceIdentified(): ?bool
	389	+ {
	390	+ if ($this->forceidentified === null) {
	391	+ return null;
	392	+ }
	393	+
	394	+ return $this->forceidentified === 1;
	395	+ }
	396	+
	397	+ /**
	398	+ * Tests if the user is new
	399	+ * @return bool
	400	+ * @category Security-Critical
	401	+ */
	402	+ public function isNewUser()
	403	+ {
	404	+ return $this->status == self::STATUS_NEW;
	405	+ }
	406	+
	407	+ /**
	408	+ * Tests if the user has been deactivated and is unable to access the tool
	409	+ * @return bool
	410	+ * @category Security-Critical
	411	+ */
	412	+ public function isDeactivated(): bool
	413	+ {
	414	+ return $this->status == self::STATUS_DEACTIVATED;
	415	+ }
	416	+
	417	+ /**
	418	+ * Tests if the user is the community user
	419	+ *
	420	+ * @todo decide if this means logged out. I think it usually does.
	421	+ * @return bool
	422	+ * @category Security-Critical
	423	+ */
	424	+ public function isCommunityUser()
	425	+ {
	426	+ return false;
	427	+ }
	428	+
	429	+ #endregion
	430	+
	431	+ /**
	432	+ * Gets the approval date of the user
	433	+ * @return DateTime\|false
	434	+ */
	435	+ public function getApprovalDate()
	436	+ {
	437	+ $query = $this->dbObject->prepare(<<<SQL
438	438	SELECT timestamp
439	439	FROM log
440	440	WHERE objectid = :userid
		@@ -443,12 +443,12 @@ discard block
		block discarded – undo
443	443	ORDER BY id DESC
444	444	LIMIT 1;
445	445	SQL
446		- );
447		- $query->execute(array(":userid" => $this->id));
	446	+ );
	447	+ $query->execute(array(":userid" => $this->id));
448	448
449		- $data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn());
450		- $query->closeCursor();
	449	+ $data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn());
	450	+ $query->closeCursor();
451	451
452		- return $data;
453		- }
	452	+ return $data;
	453	+ }
454	454	}

		@@ -17,120 +17,120 @@
		block discarded – undo
17	17	*/
18	18	class CommunityUser extends User
19	19	{
20		- public function getId()
21		- {
22		- return -1;
23		- }
24		-
25		- public function save()
26		- {
27		- // Do nothing
28		- }
29		-
30		- #region properties
31		-
32		- /**
33		- * @return string
34		- */
35		- public function getUsername()
36		- {
37		- return '[Community]';
38		- }
39		-
40		- public function setUsername($username)
41		- {
42		- }
43		-
44		- /**
45		- * @return string
46		- */
47		- public function getEmail()
48		- {
49		- global $cDataClearEmail;
50		-
51		- return $cDataClearEmail;
52		- }
53		-
54		- public function setEmail($email)
55		- {
56		- }
57		-
58		- public function getStatus()
59		- {
60		- return "Community";
61		- }
62		-
63		- public function getOnWikiName()
64		- {
65		- return "127.0.0.1";
66		- }
67		-
68		- public function setOnWikiName($onWikiName)
69		- {
70		- }
71		-
72		- public function getLastActive()
73		- {
74		- $now = new DateTime();
75		-
76		- return $now->format("Y-m-d H:i:s");
77		- }
78		-
79		- public function getForceLogout()
80		- {
81		- return true;
82		- }
83		-
84		- public function setForceLogout($forceLogout)
85		- {
86		- }
87		-
88		- /**
89		- * @param string $status
90		- */
91		- public function setStatus($status)
92		- {
93		- }
94		-
95		- public function getConfirmationDiff()
96		- {
97		- return null;
98		- }
99		-
100		- public function setConfirmationDiff($confirmationDiff)
101		- {
102		- }
103		-
104		-
105		- public function setUseAlternateSkin($useAlternate)
106		- {
107		- }
108		-
109		- #endregion
110		-
111		- #region user access checks
112		-
113		- public function isNewUser()
114		- {
115		- return false;
116		- }
117		-
118		- public function isDeactivated(): bool
119		- {
120		- return false;
121		- }
122		-
123		- public function isCommunityUser()
124		- {
125		- return true;
126		- }
127		-
128		- #endregion
	20	+ public function getId()
	21	+ {
	22	+ return -1;
	23	+ }
	24	+
	25	+ public function save()
	26	+ {
	27	+ // Do nothing
	28	+ }
	29	+
	30	+ #region properties
	31	+
	32	+ /**
	33	+ * @return string
	34	+ */
	35	+ public function getUsername()
	36	+ {
	37	+ return '[Community]';
	38	+ }
	39	+
	40	+ public function setUsername($username)
	41	+ {
	42	+ }
	43	+
	44	+ /**
	45	+ * @return string
	46	+ */
	47	+ public function getEmail()
	48	+ {
	49	+ global $cDataClearEmail;
	50	+
	51	+ return $cDataClearEmail;
	52	+ }
	53	+
	54	+ public function setEmail($email)
	55	+ {
	56	+ }
	57	+
	58	+ public function getStatus()
	59	+ {
	60	+ return "Community";
	61	+ }
	62	+
	63	+ public function getOnWikiName()
	64	+ {
	65	+ return "127.0.0.1";
	66	+ }
	67	+
	68	+ public function setOnWikiName($onWikiName)
	69	+ {
	70	+ }
	71	+
	72	+ public function getLastActive()
	73	+ {
	74	+ $now = new DateTime();
	75	+
	76	+ return $now->format("Y-m-d H:i:s");
	77	+ }
	78	+
	79	+ public function getForceLogout()
	80	+ {
	81	+ return true;
	82	+ }
	83	+
	84	+ public function setForceLogout($forceLogout)
	85	+ {
	86	+ }
	87	+
	88	+ /**
	89	+ * @param string $status
	90	+ */
	91	+ public function setStatus($status)
	92	+ {
	93	+ }
	94	+
	95	+ public function getConfirmationDiff()
	96	+ {
	97	+ return null;
	98	+ }
	99	+
	100	+ public function setConfirmationDiff($confirmationDiff)
	101	+ {
	102	+ }
	103	+
	104	+
	105	+ public function setUseAlternateSkin($useAlternate)
	106	+ {
	107	+ }
	108	+
	109	+ #endregion
	110	+
	111	+ #region user access checks
	112	+
	113	+ public function isNewUser()
	114	+ {
	115	+ return false;
	116	+ }
	117	+
	118	+ public function isDeactivated(): bool
	119	+ {
	120	+ return false;
	121	+ }
	122	+
	123	+ public function isCommunityUser()
	124	+ {
	125	+ return true;
	126	+ }
	127	+
	128	+ #endregion
129	129
130		- public function getApprovalDate()
131		- {
132		- $data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00");
133		-
134		- return $data;
135		- }
	130	+ public function getApprovalDate()
	131	+ {
	132	+ $data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00");
	133	+
	134	+ return $data;
	135	+ }
136	136	}

		@@ -18,94 +18,94 @@ discard block
		block discarded – undo
18	18
19	19	class Domain extends DataObject
20	20	{
21		- /** @var string */
22		- private $shortname;
23		- /** @var string */
24		- private $longname;
25		- /** @var string */
26		- private $wikiarticlepath;
27		- /** @var string */
28		- private $wikiapipath;
29		- /** @var int */
30		- private $enabled = 0;
31		- /** @var int\|null */
32		- private $defaultclose;
33		- /** @var string */
34		- private $defaultlanguage = 'en';
35		- /** @var string */
36		- private $emailreplyaddress;
37		- /** @var string\|null */
38		- private $notificationtarget;
39		- /** @var string */
40		- private $localdocumentation;
41		-
42		- /** @var Domain Cache variable of the current domain */
43		- private static $currentDomain;
44		-
45		- public static function getCurrent(PdoDatabase $database)
46		- {
47		- if (self::$currentDomain === null) {
48		- $sessionDomain = WebRequest::getSessionDomain();
49		-
50		- if ($sessionDomain !== null) {
51		- /** @var Domain $domain */
52		- $domain = self::getById($sessionDomain, $database);
53		-
54		- if ($domain === false) {
55		- self::$currentDomain = self::getById(1, $database); // FIXME: #594 User::getCurrent($database)->getDefaultDomain();
56		- }
57		- else {
58		- self::$currentDomain = $domain;
59		- }
60		- }
61		- else {
62		- self::$currentDomain = self::getById(1, $database); // FIXME: #594 User::getCurrent($database)->getDefaultDomain();
63		- }
64		- }
65		-
66		- return self::$currentDomain;
67		- }
68		-
69		- public static function getByShortName(string $shortName, PdoDatabase $database)
70		- {
71		- $statement = $database->prepare(<<<SQL
	21	+ /** @var string */
	22	+ private $shortname;
	23	+ /** @var string */
	24	+ private $longname;
	25	+ /** @var string */
	26	+ private $wikiarticlepath;
	27	+ /** @var string */
	28	+ private $wikiapipath;
	29	+ /** @var int */
	30	+ private $enabled = 0;
	31	+ /** @var int\|null */
	32	+ private $defaultclose;
	33	+ /** @var string */
	34	+ private $defaultlanguage = 'en';
	35	+ /** @var string */
	36	+ private $emailreplyaddress;
	37	+ /** @var string\|null */
	38	+ private $notificationtarget;
	39	+ /** @var string */
	40	+ private $localdocumentation;
	41	+
	42	+ /** @var Domain Cache variable of the current domain */
	43	+ private static $currentDomain;
	44	+
	45	+ public static function getCurrent(PdoDatabase $database)
	46	+ {
	47	+ if (self::$currentDomain === null) {
	48	+ $sessionDomain = WebRequest::getSessionDomain();
	49	+
	50	+ if ($sessionDomain !== null) {
	51	+ /** @var Domain $domain */
	52	+ $domain = self::getById($sessionDomain, $database);
	53	+
	54	+ if ($domain === false) {
	55	+ self::$currentDomain = self::getById(1, $database); // FIXME: #594 User::getCurrent($database)->getDefaultDomain();
	56	+ }
	57	+ else {
	58	+ self::$currentDomain = $domain;
	59	+ }
	60	+ }
	61	+ else {
	62	+ self::$currentDomain = self::getById(1, $database); // FIXME: #594 User::getCurrent($database)->getDefaultDomain();
	63	+ }
	64	+ }
	65	+
	66	+ return self::$currentDomain;
	67	+ }
	68	+
	69	+ public static function getByShortName(string $shortName, PdoDatabase $database)
	70	+ {
	71	+ $statement = $database->prepare(<<<SQL
72	72	SELECT * FROM domain WHERE shortname = :name;
73	73	SQL
74		- );
	74	+ );
75	75
76		- $statement->execute([
77		- ':name' => $shortName,
78		- ]);
	76	+ $statement->execute([
	77	+ ':name' => $shortName,
	78	+ ]);
79	79
80		- /** @var RequestForm\|false $result */
81		- $result = $statement->fetchObject(get_called_class());
	80	+ /** @var RequestForm\|false $result */
	81	+ $result = $statement->fetchObject(get_called_class());
82	82
83		- if ($result !== false) {
84		- $result->setDatabase($database);
85		- }
	83	+ if ($result !== false) {
	84	+ $result->setDatabase($database);
	85	+ }
86	86
87		- return $result;
88		- }
	87	+ return $result;
	88	+ }
89	89
90		- public static function getAll(PdoDatabase $database) {
91		- $statement = $database->prepare("SELECT * FROM domain;");
92		- $statement->execute();
	90	+ public static function getAll(PdoDatabase $database) {
	91	+ $statement = $database->prepare("SELECT * FROM domain;");
	92	+ $statement->execute();
93	93
94		- $resultObject = $statement->fetchAll(PDO::FETCH_CLASS, get_called_class());
	94	+ $resultObject = $statement->fetchAll(PDO::FETCH_CLASS, get_called_class());
95	95
96		- /** @var Domain $t */
97		- foreach ($resultObject as $t) {
98		- $t->setDatabase($database);
99		- }
	96	+ /** @var Domain $t */
	97	+ foreach ($resultObject as $t) {
	98	+ $t->setDatabase($database);
	99	+ }
100	100
101		- return $resultObject;
102		- }
	101	+ return $resultObject;
	102	+ }
103	103
104		- public function save()
105		- {
106		- if ($this->isNew()) {
107		- // insert
108		- $statement = $this->dbObject->prepare(<<<SQL
	104	+ public function save()
	105	+ {
	106	+ if ($this->isNew()) {
	107	+ // insert
	108	+ $statement = $this->dbObject->prepare(<<<SQL
109	109	INSERT INTO domain (
110	110	shortname, longname, wikiarticlepath, wikiapipath, enabled, defaultclose, defaultlanguage,
111	111	emailreplyaddress, notificationtarget, localdocumentation
		@@ -114,29 +114,29 @@ discard block
		block discarded – undo
114	114	:emailreplyaddress, :notificationtarget, :localdocumentation
115	115	);
116	116	SQL
117		- );
118		-
119		- $statement->bindValue(":shortname", $this->shortname);
120		- $statement->bindValue(":longname", $this->longname);
121		- $statement->bindValue(":wikiarticlepath", $this->wikiarticlepath);
122		- $statement->bindValue(":wikiapipath", $this->wikiapipath);
123		- $statement->bindValue(":enabled", $this->enabled);
124		- $statement->bindValue(":defaultclose", $this->defaultclose);
125		- $statement->bindValue(":defaultlanguage", $this->defaultlanguage);
126		- $statement->bindValue(":emailreplyaddress", $this->emailreplyaddress);
127		- $statement->bindValue(":notificationtarget", $this->notificationtarget);
128		- $statement->bindValue(":localdocumentation", $this->localdocumentation);
129		-
130		-
131		- if ($statement->execute()) {
132		- $this->id = (int)$this->dbObject->lastInsertId();
133		- }
134		- else {
135		- throw new Exception($statement->errorInfo());
136		- }
137		- }
138		- else {
139		- $statement = $this->dbObject->prepare(<<<SQL
	117	+ );
	118	+
	119	+ $statement->bindValue(":shortname", $this->shortname);
	120	+ $statement->bindValue(":longname", $this->longname);
	121	+ $statement->bindValue(":wikiarticlepath", $this->wikiarticlepath);
	122	+ $statement->bindValue(":wikiapipath", $this->wikiapipath);
	123	+ $statement->bindValue(":enabled", $this->enabled);
	124	+ $statement->bindValue(":defaultclose", $this->defaultclose);
	125	+ $statement->bindValue(":defaultlanguage", $this->defaultlanguage);
	126	+ $statement->bindValue(":emailreplyaddress", $this->emailreplyaddress);
	127	+ $statement->bindValue(":notificationtarget", $this->notificationtarget);
	128	+ $statement->bindValue(":localdocumentation", $this->localdocumentation);
	129	+
	130	+
	131	+ if ($statement->execute()) {
	132	+ $this->id = (int)$this->dbObject->lastInsertId();
	133	+ }
	134	+ else {
	135	+ throw new Exception($statement->errorInfo());
	136	+ }
	137	+ }
	138	+ else {
	139	+ $statement = $this->dbObject->prepare(<<<SQL
140	140	UPDATE domain SET
141	141	longname = :longname,
142	142	wikiarticlepath = :wikiarticlepath,
		@@ -151,190 +151,190 @@ discard block
		block discarded – undo
151	151	updateversion = updateversion + 1
152	152	WHERE id = :id AND updateversion = :updateversion;
153	153	SQL
154		- );
155		-
156		- $statement->bindValue(":longname", $this->longname);
157		- $statement->bindValue(":wikiarticlepath", $this->wikiarticlepath);
158		- $statement->bindValue(":wikiapipath", $this->wikiapipath);
159		- $statement->bindValue(":enabled", $this->enabled);
160		- $statement->bindValue(":defaultclose", $this->defaultclose);
161		- $statement->bindValue(":defaultlanguage", $this->defaultlanguage);
162		- $statement->bindValue(":emailreplyaddress", $this->emailreplyaddress);
163		- $statement->bindValue(":notificationtarget", $this->notificationtarget);
164		- $statement->bindValue(":localdocumentation", $this->localdocumentation);
165		-
166		- $statement->bindValue(':id', $this->id);
167		- $statement->bindValue(':updateversion', $this->updateversion);
168		-
169		- if (!$statement->execute()) {
170		- throw new Exception($statement->errorInfo());
171		- }
172		-
173		- if ($statement->rowCount() !== 1) {
174		- throw new OptimisticLockFailedException();
175		- }
176		-
177		- $this->updateversion++;
178		- }
179		- }
180		-
181		- /**
182		- * @return string
183		- */
184		- public function getShortName(): string
185		- {
186		- return $this->shortname;
187		- }
188		-
189		- /**
190		- * @param string $shortName
191		- */
192		- public function setShortName(string $shortName): void
193		- {
194		- $this->shortname = $shortName;
195		- }
196		-
197		- /**
198		- * @return string
199		- */
200		- public function getLongName(): string
201		- {
202		- return $this->longname;
203		- }
204		-
205		- /**
206		- * @param string $longName
207		- */
208		- public function setLongName(string $longName): void
209		- {
210		- $this->longname = $longName;
211		- }
212		-
213		- /**
214		- * @return string
215		- */
216		- public function getWikiArticlePath(): string
217		- {
218		- return $this->wikiarticlepath;
219		- }
220		-
221		- /**
222		- * @param string $wikiArticlePath
223		- */
224		- public function setWikiArticlePath(string $wikiArticlePath): void
225		- {
226		- $this->wikiarticlepath = $wikiArticlePath;
227		- }
228		-
229		- /**
230		- * @return string
231		- */
232		- public function getWikiApiPath(): string
233		- {
234		- return $this->wikiapipath;
235		- }
236		-
237		- /**
238		- * @param string $wikiApiPath
239		- */
240		- public function setWikiApiPath(string $wikiApiPath): void
241		- {
242		- $this->wikiapipath = $wikiApiPath;
243		- }
244		-
245		- /**
246		- * @return bool
247		- */
248		- public function isEnabled(): bool
249		- {
250		- return $this->enabled == 1;
251		- }
252		-
253		- /**
254		- * @param bool $enabled
255		- */
256		- public function setEnabled(bool $enabled): void
257		- {
258		- $this->enabled = $enabled ? 1 : 0;
259		- }
260		-
261		- /**
262		- * @return int
263		- */
264		- public function getDefaultClose(): ?int
265		- {
266		- return $this->defaultclose;
267		- }
268		-
269		- /**
270		- * @param int $defaultClose
271		- */
272		- public function setDefaultClose(?int $defaultClose): void
273		- {
274		- $this->defaultclose = $defaultClose;
275		- }
276		-
277		- /**
278		- * @return string
279		- */
280		- public function getDefaultLanguage(): string
281		- {
282		- return $this->defaultlanguage;
283		- }
284		-
285		- /**
286		- * @param string $defaultLanguage
287		- */
288		- public function setDefaultLanguage(string $defaultLanguage): void
289		- {
290		- $this->defaultlanguage = $defaultLanguage;
291		- }
292		-
293		- /**
294		- * @return string
295		- */
296		- public function getEmailReplyAddress(): string
297		- {
298		- return $this->emailreplyaddress;
299		- }
300		-
301		- /**
302		- * @param string $emailReplyAddress
303		- */
304		- public function setEmailReplyAddress(string $emailReplyAddress): void
305		- {
306		- $this->emailreplyaddress = $emailReplyAddress;
307		- }
308		-
309		- /**
310		- * @return string\|null
311		- */
312		- public function getNotificationTarget(): ?string
313		- {
314		- return $this->notificationtarget;
315		- }
316		-
317		- /**
318		- * @param string\|null $notificationTarget
319		- */
320		- public function setNotificationTarget(?string $notificationTarget): void
321		- {
322		- $this->notificationtarget = $notificationTarget;
323		- }
324		-
325		- /**
326		- * @return string
327		- */
328		- public function getLocalDocumentation(): string
329		- {
330		- return $this->localdocumentation;
331		- }
332		-
333		- /**
334		- * @param string $localDocumentation
335		- */
336		- public function setLocalDocumentation(string $localDocumentation): void
337		- {
338		- $this->localdocumentation = $localDocumentation;
339		- }
	154	+ );
	155	+
	156	+ $statement->bindValue(":longname", $this->longname);
	157	+ $statement->bindValue(":wikiarticlepath", $this->wikiarticlepath);
	158	+ $statement->bindValue(":wikiapipath", $this->wikiapipath);
	159	+ $statement->bindValue(":enabled", $this->enabled);
	160	+ $statement->bindValue(":defaultclose", $this->defaultclose);
	161	+ $statement->bindValue(":defaultlanguage", $this->defaultlanguage);
	162	+ $statement->bindValue(":emailreplyaddress", $this->emailreplyaddress);
	163	+ $statement->bindValue(":notificationtarget", $this->notificationtarget);
	164	+ $statement->bindValue(":localdocumentation", $this->localdocumentation);
	165	+
	166	+ $statement->bindValue(':id', $this->id);
	167	+ $statement->bindValue(':updateversion', $this->updateversion);
	168	+
	169	+ if (!$statement->execute()) {
	170	+ throw new Exception($statement->errorInfo());
	171	+ }
	172	+
	173	+ if ($statement->rowCount() !== 1) {
	174	+ throw new OptimisticLockFailedException();
	175	+ }
	176	+
	177	+ $this->updateversion++;
	178	+ }
	179	+ }
	180	+
	181	+ /**
	182	+ * @return string
	183	+ */
	184	+ public function getShortName(): string
	185	+ {
	186	+ return $this->shortname;
	187	+ }
	188	+
	189	+ /**
	190	+ * @param string $shortName
	191	+ */
	192	+ public function setShortName(string $shortName): void
	193	+ {
	194	+ $this->shortname = $shortName;
	195	+ }
	196	+
	197	+ /**
	198	+ * @return string
	199	+ */
	200	+ public function getLongName(): string
	201	+ {
	202	+ return $this->longname;
	203	+ }
	204	+
	205	+ /**
	206	+ * @param string $longName
	207	+ */
	208	+ public function setLongName(string $longName): void
	209	+ {
	210	+ $this->longname = $longName;
	211	+ }
	212	+
	213	+ /**
	214	+ * @return string
	215	+ */
	216	+ public function getWikiArticlePath(): string
	217	+ {
	218	+ return $this->wikiarticlepath;
	219	+ }
	220	+
	221	+ /**
	222	+ * @param string $wikiArticlePath
	223	+ */
	224	+ public function setWikiArticlePath(string $wikiArticlePath): void
	225	+ {
	226	+ $this->wikiarticlepath = $wikiArticlePath;
	227	+ }
	228	+
	229	+ /**
	230	+ * @return string
	231	+ */
	232	+ public function getWikiApiPath(): string
	233	+ {
	234	+ return $this->wikiapipath;
	235	+ }
	236	+
	237	+ /**
	238	+ * @param string $wikiApiPath
	239	+ */
	240	+ public function setWikiApiPath(string $wikiApiPath): void
	241	+ {
	242	+ $this->wikiapipath = $wikiApiPath;
	243	+ }
	244	+
	245	+ /**
	246	+ * @return bool
	247	+ */
	248	+ public function isEnabled(): bool
	249	+ {
	250	+ return $this->enabled == 1;
	251	+ }
	252	+
	253	+ /**
	254	+ * @param bool $enabled
	255	+ */
	256	+ public function setEnabled(bool $enabled): void
	257	+ {
	258	+ $this->enabled = $enabled ? 1 : 0;
	259	+ }
	260	+
	261	+ /**
	262	+ * @return int
	263	+ */
	264	+ public function getDefaultClose(): ?int
	265	+ {
	266	+ return $this->defaultclose;
	267	+ }
	268	+
	269	+ /**
	270	+ * @param int $defaultClose
	271	+ */
	272	+ public function setDefaultClose(?int $defaultClose): void
	273	+ {
	274	+ $this->defaultclose = $defaultClose;
	275	+ }
	276	+
	277	+ /**
	278	+ * @return string
	279	+ */
	280	+ public function getDefaultLanguage(): string
	281	+ {
	282	+ return $this->defaultlanguage;
	283	+ }
	284	+
	285	+ /**
	286	+ * @param string $defaultLanguage
	287	+ */
	288	+ public function setDefaultLanguage(string $defaultLanguage): void
	289	+ {
	290	+ $this->defaultlanguage = $defaultLanguage;
	291	+ }
	292	+
	293	+ /**
	294	+ * @return string
	295	+ */
	296	+ public function getEmailReplyAddress(): string
	297	+ {
	298	+ return $this->emailreplyaddress;
	299	+ }
	300	+
	301	+ /**
	302	+ * @param string $emailReplyAddress
	303	+ */
	304	+ public function setEmailReplyAddress(string $emailReplyAddress): void
	305	+ {
	306	+ $this->emailreplyaddress = $emailReplyAddress;
	307	+ }
	308	+
	309	+ /**
	310	+ * @return string\|null
	311	+ */
	312	+ public function getNotificationTarget(): ?string
	313	+ {
	314	+ return $this->notificationtarget;
	315	+ }
	316	+
	317	+ /**
	318	+ * @param string\|null $notificationTarget
	319	+ */
	320	+ public function setNotificationTarget(?string $notificationTarget): void
	321	+ {
	322	+ $this->notificationtarget = $notificationTarget;
	323	+ }
	324	+
	325	+ /**
	326	+ * @return string
	327	+ */
	328	+ public function getLocalDocumentation(): string
	329	+ {
	330	+ return $this->localdocumentation;
	331	+ }
	332	+
	333	+ /**
	334	+ * @param string $localDocumentation
	335	+ */
	336	+ public function setLocalDocumentation(string $localDocumentation): void
	337	+ {
	338	+ $this->localdocumentation = $localDocumentation;
	339	+ }
340	340	}
341	341	\ No newline at end of file

mdaniels5757 / waca

Push — dependabot/npm_and_yarn/sass-1... ( 173e70...4078c3 )

Status

Category

Indentation +21 added lines, -21 removed lines patch added patch discarded remove patch

Indentation +21 added lines, -21 removed lines patch added patch discarded remove patch

Indentation +8 added lines, -8 removed lines patch added patch discarded remove patch

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

Indentation +404 added lines, -404 removed lines patch added patch discarded remove patch

Indentation +55 added lines, -55 removed lines patch added patch discarded remove patch

Indentation +399 added lines, -399 removed lines patch added patch discarded remove patch

Indentation +115 added lines, -115 removed lines patch added patch discarded remove patch

Indentation +286 added lines, -286 removed lines patch added patch discarded remove patch