mdaniels5757 /
waca
@@ -30,505 +30,505 @@ |
||
| 30 | 30 | |
| 31 | 31 | class LogHelper |
| 32 | 32 | { |
| 33 | - /** |
|
| 34 | - * @param int $requestId |
|
| 35 | - * |
|
| 36 | - * @return DataObject[] |
|
| 37 | - */ |
|
| 38 | - public static function getRequestLogsWithComments( |
|
| 39 | - $requestId, |
|
| 40 | - PdoDatabase $db, |
|
| 41 | - SecurityManager $securityManager |
|
| 42 | - ): array { |
|
| 43 | - // FIXME: domains |
|
| 44 | - $logs = LogSearchHelper::get($db, 1)->byObjectType('Request')->byObjectId($requestId)->fetch(); |
|
| 45 | - |
|
| 46 | - $currentUser = User::getCurrent($db); |
|
| 47 | - $showRestrictedComments = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser) === SecurityManager::ALLOWED; |
|
| 48 | - $showCheckuserComments = $securityManager->allows('RequestData', 'seeCheckuserComments', $currentUser) === SecurityManager::ALLOWED; |
|
| 49 | - |
|
| 50 | - $comments = Comment::getForRequest($requestId, $db, $showRestrictedComments, $showCheckuserComments, $currentUser->getId()); |
|
| 51 | - |
|
| 52 | - $items = array_merge($logs, $comments); |
|
| 53 | - |
|
| 54 | - $sortKey = function(DataObject $item): int { |
|
| 55 | - if ($item instanceof Log) { |
|
| 56 | - return $item->getTimestamp()->getTimestamp(); |
|
| 57 | - } |
|
| 58 | - |
|
| 59 | - if ($item instanceof Comment) { |
|
| 60 | - return $item->getTime()->getTimestamp(); |
|
| 61 | - } |
|
| 62 | - |
|
| 63 | - return 0; |
|
| 64 | - }; |
|
| 65 | - |
|
| 66 | - do { |
|
| 67 | - $flag = false; |
|
| 68 | - |
|
| 69 | - $loopLimit = (count($items) - 1); |
|
| 70 | - for ($i = 0; $i < $loopLimit; $i++) { |
|
| 71 | - // are these two items out of order? |
|
| 72 | - if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) { |
|
| 73 | - // swap them |
|
| 74 | - $swap = $items[$i]; |
|
| 75 | - $items[$i] = $items[$i + 1]; |
|
| 76 | - $items[$i + 1] = $swap; |
|
| 77 | - |
|
| 78 | - // set a flag to say we've modified the array this time around |
|
| 79 | - $flag = true; |
|
| 80 | - } |
|
| 81 | - } |
|
| 82 | - } |
|
| 83 | - while ($flag); |
|
| 84 | - |
|
| 85 | - return $items; |
|
| 86 | - } |
|
| 87 | - |
|
| 88 | - public static function getLogDescription(Log $entry): string |
|
| 89 | - { |
|
| 90 | - $text = "Deferred to "; |
|
| 91 | - if (substr($entry->getAction(), 0, strlen($text)) == $text) { |
|
| 92 | - // Deferred to a different queue |
|
| 93 | - // This is exactly what we want to display. |
|
| 94 | - return $entry->getAction(); |
|
| 95 | - } |
|
| 96 | - |
|
| 97 | - $text = "Closed custom-n"; |
|
| 98 | - if ($entry->getAction() == $text) { |
|
| 99 | - // Custom-closed |
|
| 100 | - return "closed (custom reason - account not created)"; |
|
| 101 | - } |
|
| 102 | - |
|
| 103 | - $text = "Closed custom-y"; |
|
| 104 | - if ($entry->getAction() == $text) { |
|
| 105 | - // Custom-closed |
|
| 106 | - return "closed (custom reason - account created)"; |
|
| 107 | - } |
|
| 108 | - |
|
| 109 | - $text = "Closed 0"; |
|
| 110 | - if ($entry->getAction() == $text) { |
|
| 111 | - // Dropped the request - short-circuit the lookup |
|
| 112 | - return "dropped request"; |
|
| 113 | - } |
|
| 114 | - |
|
| 115 | - $text = "Closed "; |
|
| 116 | - if (substr($entry->getAction(), 0, strlen($text)) == $text) { |
|
| 117 | - // Closed with a reason - do a lookup here. |
|
| 118 | - $id = substr($entry->getAction(), strlen($text)); |
|
| 119 | - /** @var EmailTemplate|false $template */ |
|
| 120 | - $template = EmailTemplate::getById((int)$id, $entry->getDatabase()); |
|
| 121 | - |
|
| 122 | - if ($template !== false) { |
|
| 123 | - return 'closed (' . $template->getName() . ')'; |
|
| 124 | - } |
|
| 125 | - } |
|
| 126 | - |
|
| 127 | - // Fall back to the basic stuff |
|
| 128 | - $lookup = array( |
|
| 129 | - 'Reserved' => 'reserved', |
|
| 130 | - 'Email Confirmed' => 'email-confirmed', |
|
| 131 | - 'Manually Confirmed' => 'manually confirmed the request', |
|
| 132 | - 'Unreserved' => 'unreserved', |
|
| 133 | - 'Approved' => 'approved', |
|
| 134 | - 'Suspended' => 'suspended', |
|
| 135 | - 'RoleChange' => 'changed roles', |
|
| 136 | - 'GlobalRoleChange' => 'changed global roles', |
|
| 137 | - 'Banned' => 'banned', |
|
| 138 | - 'Edited' => 'edited interface message', |
|
| 139 | - 'Declined' => 'declined', |
|
| 140 | - 'EditComment-c' => 'edited a comment', |
|
| 141 | - 'EditComment-r' => 'edited a comment', |
|
| 142 | - 'FlaggedComment' => 'flagged a comment', |
|
| 143 | - 'UnflaggedComment' => 'unflagged a comment', |
|
| 144 | - 'Unbanned' => 'unbanned', |
|
| 145 | - 'BanReplaced' => 'replaced ban', |
|
| 146 | - 'Promoted' => 'promoted to tool admin', |
|
| 147 | - 'BreakReserve' => 'forcibly broke the reservation', |
|
| 148 | - 'Prefchange' => 'changed user preferences', |
|
| 149 | - 'Renamed' => 'renamed', |
|
| 150 | - 'Demoted' => 'demoted from tool admin', |
|
| 151 | - 'ReceiveReserved' => 'received the reservation', |
|
| 152 | - 'SendReserved' => 'sent the reservation', |
|
| 153 | - 'EditedEmail' => 'edited email', |
|
| 154 | - 'DeletedTemplate' => 'deleted template', |
|
| 155 | - 'EditedTemplate' => 'edited template', |
|
| 156 | - 'CreatedEmail' => 'created email', |
|
| 157 | - 'CreatedTemplate' => 'created template', |
|
| 158 | - 'SentMail' => 'sent an email to the requester', |
|
| 159 | - 'Registered' => 'registered a tool account', |
|
| 160 | - 'JobIssue' => 'ran a background job unsuccessfully', |
|
| 161 | - 'JobCompleted' => 'completed a background job', |
|
| 162 | - 'JobAcknowledged' => 'acknowledged a job failure', |
|
| 163 | - 'JobRequeued' => 'requeued a job for re-execution', |
|
| 164 | - 'JobCancelled' => 'cancelled execution of a job', |
|
| 165 | - 'EnqueuedJobQueue' => 'scheduled for creation', |
|
| 166 | - 'Hospitalised' => 'sent to the hospital', |
|
| 167 | - 'QueueCreated' => 'created a request queue', |
|
| 168 | - 'QueueEdited' => 'edited a request queue', |
|
| 169 | - 'DomainCreated' => 'created a domain', |
|
| 170 | - 'DomainEdited' => 'edited a domain', |
|
| 171 | - 'RequestFormCreated' => 'created a request form', |
|
| 172 | - 'RequestFormEdited' => 'edited a request form', |
|
| 173 | - ); |
|
| 174 | - |
|
| 175 | - if (array_key_exists($entry->getAction(), $lookup)) { |
|
| 176 | - return $lookup[$entry->getAction()]; |
|
| 177 | - } |
|
| 178 | - |
|
| 179 | - // OK, I don't know what this is. Fall back to something sane. |
|
| 180 | - return "performed an unknown action ({$entry->getAction()})"; |
|
| 181 | - } |
|
| 182 | - |
|
| 183 | - public static function getLogActions(PdoDatabase $database): array |
|
| 184 | - { |
|
| 185 | - $lookup = array( |
|
| 186 | - "Requests" => [ |
|
| 187 | - 'Reserved' => 'reserved', |
|
| 188 | - 'Email Confirmed' => 'email-confirmed', |
|
| 189 | - 'Manually Confirmed' => 'manually confirmed', |
|
| 190 | - 'Unreserved' => 'unreserved', |
|
| 191 | - 'EditComment-c' => 'edited a comment (by comment ID)', |
|
| 192 | - 'EditComment-r' => 'edited a comment (by request)', |
|
| 193 | - 'FlaggedComment' => 'flagged a comment', |
|
| 194 | - 'UnflaggedComment' => 'unflagged a comment', |
|
| 195 | - 'BreakReserve' => 'forcibly broke the reservation', |
|
| 196 | - 'ReceiveReserved' => 'received the reservation', |
|
| 197 | - 'SendReserved' => 'sent the reservation', |
|
| 198 | - 'SentMail' => 'sent an email to the requester', |
|
| 199 | - 'Closed 0' => 'dropped request', |
|
| 200 | - 'Closed custom-y' => 'closed (custom reason - account created)', |
|
| 201 | - 'Closed custom-n' => 'closed (custom reason - account not created)', |
|
| 202 | - ], |
|
| 203 | - 'Users' => [ |
|
| 204 | - 'Approved' => 'approved', |
|
| 205 | - 'Suspended' => 'suspended', |
|
| 206 | - 'RoleChange' => 'changed roles', |
|
| 207 | - 'GlobalRoleChange' => 'changed global roles', |
|
| 208 | - 'Declined' => 'declined', |
|
| 209 | - 'Prefchange' => 'changed user preferences', |
|
| 210 | - 'Renamed' => 'renamed', |
|
| 211 | - 'Promoted' => 'promoted to tool admin', |
|
| 212 | - 'Demoted' => 'demoted from tool admin', |
|
| 213 | - 'Registered' => 'registered a tool account', |
|
| 214 | - ], |
|
| 215 | - "Bans" => [ |
|
| 216 | - 'Banned' => 'banned', |
|
| 217 | - 'Unbanned' => 'unbanned', |
|
| 218 | - 'BanReplaced' => 'replaced ban', |
|
| 219 | - ], |
|
| 220 | - "Site notice" => [ |
|
| 221 | - 'Edited' => 'edited interface message', |
|
| 222 | - ], |
|
| 223 | - "Email close templates" => [ |
|
| 224 | - 'EditedEmail' => 'edited email', |
|
| 225 | - 'CreatedEmail' => 'created email', |
|
| 226 | - ], |
|
| 227 | - "Welcome templates" => [ |
|
| 228 | - 'DeletedTemplate' => 'deleted template', |
|
| 229 | - 'EditedTemplate' => 'edited template', |
|
| 230 | - 'CreatedTemplate' => 'created template', |
|
| 231 | - ], |
|
| 232 | - "Job queue" => [ |
|
| 233 | - 'JobIssue' => 'ran a background job unsuccessfully', |
|
| 234 | - 'JobCompleted' => 'completed a background job', |
|
| 235 | - 'JobAcknowledged' => 'acknowledged a job failure', |
|
| 236 | - 'JobRequeued' => 'requeued a job for re-execution', |
|
| 237 | - 'JobCancelled' => 'cancelled execution of a job', |
|
| 238 | - 'EnqueuedJobQueue' => 'scheduled for creation', |
|
| 239 | - 'Hospitalised' => 'sent to the hospital', |
|
| 240 | - ], |
|
| 241 | - "Request queues" => [ |
|
| 242 | - 'QueueCreated' => 'created a request queue', |
|
| 243 | - 'QueueEdited' => 'edited a request queue', |
|
| 244 | - ], |
|
| 245 | - "Domains" => [ |
|
| 246 | - 'DomainCreated' => 'created a domain', |
|
| 247 | - 'DomainEdited' => 'edited a domain', |
|
| 248 | - ], |
|
| 249 | - "Request forms" => [ |
|
| 250 | - 'RequestFormCreated' => 'created a request form', |
|
| 251 | - 'RequestFormEdited' => 'edited a request form', |
|
| 252 | - ], |
|
| 253 | - ); |
|
| 254 | - |
|
| 255 | - $databaseDrivenLogKeys = $database->query(<<<SQL |
|
| 33 | + /** |
|
| 34 | + * @param int $requestId |
|
| 35 | + * |
|
| 36 | + * @return DataObject[] |
|
| 37 | + */ |
|
| 38 | + public static function getRequestLogsWithComments( |
|
| 39 | + $requestId, |
|
| 40 | + PdoDatabase $db, |
|
| 41 | + SecurityManager $securityManager |
|
| 42 | + ): array { |
|
| 43 | + // FIXME: domains |
|
| 44 | + $logs = LogSearchHelper::get($db, 1)->byObjectType('Request')->byObjectId($requestId)->fetch(); |
|
| 45 | + |
|
| 46 | + $currentUser = User::getCurrent($db); |
|
| 47 | + $showRestrictedComments = $securityManager->allows('RequestData', 'seeRestrictedComments', $currentUser) === SecurityManager::ALLOWED; |
|
| 48 | + $showCheckuserComments = $securityManager->allows('RequestData', 'seeCheckuserComments', $currentUser) === SecurityManager::ALLOWED; |
|
| 49 | + |
|
| 50 | + $comments = Comment::getForRequest($requestId, $db, $showRestrictedComments, $showCheckuserComments, $currentUser->getId()); |
|
| 51 | + |
|
| 52 | + $items = array_merge($logs, $comments); |
|
| 53 | + |
|
| 54 | + $sortKey = function(DataObject $item): int { |
|
| 55 | + if ($item instanceof Log) { |
|
| 56 | + return $item->getTimestamp()->getTimestamp(); |
|
| 57 | + } |
|
| 58 | + |
|
| 59 | + if ($item instanceof Comment) { |
|
| 60 | + return $item->getTime()->getTimestamp(); |
|
| 61 | + } |
|
| 62 | + |
|
| 63 | + return 0; |
|
| 64 | + }; |
|
| 65 | + |
|
| 66 | + do { |
|
| 67 | + $flag = false; |
|
| 68 | + |
|
| 69 | + $loopLimit = (count($items) - 1); |
|
| 70 | + for ($i = 0; $i < $loopLimit; $i++) { |
|
| 71 | + // are these two items out of order? |
|
| 72 | + if ($sortKey($items[$i]) > $sortKey($items[$i + 1])) { |
|
| 73 | + // swap them |
|
| 74 | + $swap = $items[$i]; |
|
| 75 | + $items[$i] = $items[$i + 1]; |
|
| 76 | + $items[$i + 1] = $swap; |
|
| 77 | + |
|
| 78 | + // set a flag to say we've modified the array this time around |
|
| 79 | + $flag = true; |
|
| 80 | + } |
|
| 81 | + } |
|
| 82 | + } |
|
| 83 | + while ($flag); |
|
| 84 | + |
|
| 85 | + return $items; |
|
| 86 | + } |
|
| 87 | + |
|
| 88 | + public static function getLogDescription(Log $entry): string |
|
| 89 | + { |
|
| 90 | + $text = "Deferred to "; |
|
| 91 | + if (substr($entry->getAction(), 0, strlen($text)) == $text) { |
|
| 92 | + // Deferred to a different queue |
|
| 93 | + // This is exactly what we want to display. |
|
| 94 | + return $entry->getAction(); |
|
| 95 | + } |
|
| 96 | + |
|
| 97 | + $text = "Closed custom-n"; |
|
| 98 | + if ($entry->getAction() == $text) { |
|
| 99 | + // Custom-closed |
|
| 100 | + return "closed (custom reason - account not created)"; |
|
| 101 | + } |
|
| 102 | + |
|
| 103 | + $text = "Closed custom-y"; |
|
| 104 | + if ($entry->getAction() == $text) { |
|
| 105 | + // Custom-closed |
|
| 106 | + return "closed (custom reason - account created)"; |
|
| 107 | + } |
|
| 108 | + |
|
| 109 | + $text = "Closed 0"; |
|
| 110 | + if ($entry->getAction() == $text) { |
|
| 111 | + // Dropped the request - short-circuit the lookup |
|
| 112 | + return "dropped request"; |
|
| 113 | + } |
|
| 114 | + |
|
| 115 | + $text = "Closed "; |
|
| 116 | + if (substr($entry->getAction(), 0, strlen($text)) == $text) { |
|
| 117 | + // Closed with a reason - do a lookup here. |
|
| 118 | + $id = substr($entry->getAction(), strlen($text)); |
|
| 119 | + /** @var EmailTemplate|false $template */ |
|
| 120 | + $template = EmailTemplate::getById((int)$id, $entry->getDatabase()); |
|
| 121 | + |
|
| 122 | + if ($template !== false) { |
|
| 123 | + return 'closed (' . $template->getName() . ')'; |
|
| 124 | + } |
|
| 125 | + } |
|
| 126 | + |
|
| 127 | + // Fall back to the basic stuff |
|
| 128 | + $lookup = array( |
|
| 129 | + 'Reserved' => 'reserved', |
|
| 130 | + 'Email Confirmed' => 'email-confirmed', |
|
| 131 | + 'Manually Confirmed' => 'manually confirmed the request', |
|
| 132 | + 'Unreserved' => 'unreserved', |
|
| 133 | + 'Approved' => 'approved', |
|
| 134 | + 'Suspended' => 'suspended', |
|
| 135 | + 'RoleChange' => 'changed roles', |
|
| 136 | + 'GlobalRoleChange' => 'changed global roles', |
|
| 137 | + 'Banned' => 'banned', |
|
| 138 | + 'Edited' => 'edited interface message', |
|
| 139 | + 'Declined' => 'declined', |
|
| 140 | + 'EditComment-c' => 'edited a comment', |
|
| 141 | + 'EditComment-r' => 'edited a comment', |
|
| 142 | + 'FlaggedComment' => 'flagged a comment', |
|
| 143 | + 'UnflaggedComment' => 'unflagged a comment', |
|
| 144 | + 'Unbanned' => 'unbanned', |
|
| 145 | + 'BanReplaced' => 'replaced ban', |
|
| 146 | + 'Promoted' => 'promoted to tool admin', |
|
| 147 | + 'BreakReserve' => 'forcibly broke the reservation', |
|
| 148 | + 'Prefchange' => 'changed user preferences', |
|
| 149 | + 'Renamed' => 'renamed', |
|
| 150 | + 'Demoted' => 'demoted from tool admin', |
|
| 151 | + 'ReceiveReserved' => 'received the reservation', |
|
| 152 | + 'SendReserved' => 'sent the reservation', |
|
| 153 | + 'EditedEmail' => 'edited email', |
|
| 154 | + 'DeletedTemplate' => 'deleted template', |
|
| 155 | + 'EditedTemplate' => 'edited template', |
|
| 156 | + 'CreatedEmail' => 'created email', |
|
| 157 | + 'CreatedTemplate' => 'created template', |
|
| 158 | + 'SentMail' => 'sent an email to the requester', |
|
| 159 | + 'Registered' => 'registered a tool account', |
|
| 160 | + 'JobIssue' => 'ran a background job unsuccessfully', |
|
| 161 | + 'JobCompleted' => 'completed a background job', |
|
| 162 | + 'JobAcknowledged' => 'acknowledged a job failure', |
|
| 163 | + 'JobRequeued' => 'requeued a job for re-execution', |
|
| 164 | + 'JobCancelled' => 'cancelled execution of a job', |
|
| 165 | + 'EnqueuedJobQueue' => 'scheduled for creation', |
|
| 166 | + 'Hospitalised' => 'sent to the hospital', |
|
| 167 | + 'QueueCreated' => 'created a request queue', |
|
| 168 | + 'QueueEdited' => 'edited a request queue', |
|
| 169 | + 'DomainCreated' => 'created a domain', |
|
| 170 | + 'DomainEdited' => 'edited a domain', |
|
| 171 | + 'RequestFormCreated' => 'created a request form', |
|
| 172 | + 'RequestFormEdited' => 'edited a request form', |
|
| 173 | + ); |
|
| 174 | + |
|
| 175 | + if (array_key_exists($entry->getAction(), $lookup)) { |
|
| 176 | + return $lookup[$entry->getAction()]; |
|
| 177 | + } |
|
| 178 | + |
|
| 179 | + // OK, I don't know what this is. Fall back to something sane. |
|
| 180 | + return "performed an unknown action ({$entry->getAction()})"; |
|
| 181 | + } |
|
| 182 | + |
|
| 183 | + public static function getLogActions(PdoDatabase $database): array |
|
| 184 | + { |
|
| 185 | + $lookup = array( |
|
| 186 | + "Requests" => [ |
|
| 187 | + 'Reserved' => 'reserved', |
|
| 188 | + 'Email Confirmed' => 'email-confirmed', |
|
| 189 | + 'Manually Confirmed' => 'manually confirmed', |
|
| 190 | + 'Unreserved' => 'unreserved', |
|
| 191 | + 'EditComment-c' => 'edited a comment (by comment ID)', |
|
| 192 | + 'EditComment-r' => 'edited a comment (by request)', |
|
| 193 | + 'FlaggedComment' => 'flagged a comment', |
|
| 194 | + 'UnflaggedComment' => 'unflagged a comment', |
|
| 195 | + 'BreakReserve' => 'forcibly broke the reservation', |
|
| 196 | + 'ReceiveReserved' => 'received the reservation', |
|
| 197 | + 'SendReserved' => 'sent the reservation', |
|
| 198 | + 'SentMail' => 'sent an email to the requester', |
|
| 199 | + 'Closed 0' => 'dropped request', |
|
| 200 | + 'Closed custom-y' => 'closed (custom reason - account created)', |
|
| 201 | + 'Closed custom-n' => 'closed (custom reason - account not created)', |
|
| 202 | + ], |
|
| 203 | + 'Users' => [ |
|
| 204 | + 'Approved' => 'approved', |
|
| 205 | + 'Suspended' => 'suspended', |
|
| 206 | + 'RoleChange' => 'changed roles', |
|
| 207 | + 'GlobalRoleChange' => 'changed global roles', |
|
| 208 | + 'Declined' => 'declined', |
|
| 209 | + 'Prefchange' => 'changed user preferences', |
|
| 210 | + 'Renamed' => 'renamed', |
|
| 211 | + 'Promoted' => 'promoted to tool admin', |
|
| 212 | + 'Demoted' => 'demoted from tool admin', |
|
| 213 | + 'Registered' => 'registered a tool account', |
|
| 214 | + ], |
|
| 215 | + "Bans" => [ |
|
| 216 | + 'Banned' => 'banned', |
|
| 217 | + 'Unbanned' => 'unbanned', |
|
| 218 | + 'BanReplaced' => 'replaced ban', |
|
| 219 | + ], |
|
| 220 | + "Site notice" => [ |
|
| 221 | + 'Edited' => 'edited interface message', |
|
| 222 | + ], |
|
| 223 | + "Email close templates" => [ |
|
| 224 | + 'EditedEmail' => 'edited email', |
|
| 225 | + 'CreatedEmail' => 'created email', |
|
| 226 | + ], |
|
| 227 | + "Welcome templates" => [ |
|
| 228 | + 'DeletedTemplate' => 'deleted template', |
|
| 229 | + 'EditedTemplate' => 'edited template', |
|
| 230 | + 'CreatedTemplate' => 'created template', |
|
| 231 | + ], |
|
| 232 | + "Job queue" => [ |
|
| 233 | + 'JobIssue' => 'ran a background job unsuccessfully', |
|
| 234 | + 'JobCompleted' => 'completed a background job', |
|
| 235 | + 'JobAcknowledged' => 'acknowledged a job failure', |
|
| 236 | + 'JobRequeued' => 'requeued a job for re-execution', |
|
| 237 | + 'JobCancelled' => 'cancelled execution of a job', |
|
| 238 | + 'EnqueuedJobQueue' => 'scheduled for creation', |
|
| 239 | + 'Hospitalised' => 'sent to the hospital', |
|
| 240 | + ], |
|
| 241 | + "Request queues" => [ |
|
| 242 | + 'QueueCreated' => 'created a request queue', |
|
| 243 | + 'QueueEdited' => 'edited a request queue', |
|
| 244 | + ], |
|
| 245 | + "Domains" => [ |
|
| 246 | + 'DomainCreated' => 'created a domain', |
|
| 247 | + 'DomainEdited' => 'edited a domain', |
|
| 248 | + ], |
|
| 249 | + "Request forms" => [ |
|
| 250 | + 'RequestFormCreated' => 'created a request form', |
|
| 251 | + 'RequestFormEdited' => 'edited a request form', |
|
| 252 | + ], |
|
| 253 | + ); |
|
| 254 | + |
|
| 255 | + $databaseDrivenLogKeys = $database->query(<<<SQL |
|
| 256 | 256 | SELECT CONCAT('Closed ', id) AS k, CONCAT('closed (',name,')') AS v FROM emailtemplate |
| 257 | 257 | UNION ALL |
| 258 | 258 | SELECT CONCAT('Deferred to ', logname) AS k, CONCAT('deferred to ', displayname) AS v FROM requestqueue; |
| 259 | 259 | SQL |
| 260 | - ); |
|
| 261 | - foreach ($databaseDrivenLogKeys->fetchAll(PDO::FETCH_ASSOC) as $row) { |
|
| 262 | - $lookup["Requests"][$row['k']] = $row['v']; |
|
| 263 | - } |
|
| 264 | - |
|
| 265 | - return $lookup; |
|
| 266 | - } |
|
| 267 | - |
|
| 268 | - public static function getObjectTypes(): array |
|
| 269 | - { |
|
| 270 | - return array( |
|
| 271 | - 'Ban' => 'Ban', |
|
| 272 | - 'Comment' => 'Comment', |
|
| 273 | - 'EmailTemplate' => 'Email template', |
|
| 274 | - 'JobQueue' => 'Job queue item', |
|
| 275 | - 'Request' => 'Request', |
|
| 276 | - 'SiteNotice' => 'Site notice', |
|
| 277 | - 'User' => 'User', |
|
| 278 | - 'WelcomeTemplate' => 'Welcome template', |
|
| 279 | - 'RequestQueue' => 'Request queue', |
|
| 280 | - 'Domain' => 'Domain', |
|
| 281 | - 'RequestForm' => 'Request form' |
|
| 282 | - ); |
|
| 283 | - } |
|
| 284 | - |
|
| 285 | - /** |
|
| 286 | - * This returns an HTML representation of the object |
|
| 287 | - * |
|
| 288 | - * @param int $objectId |
|
| 289 | - * @param string $objectType |
|
| 290 | - * |
|
| 291 | - * @category Security-Critical |
|
| 292 | - */ |
|
| 293 | - private static function getObjectDescription( |
|
| 294 | - $objectId, |
|
| 295 | - $objectType, |
|
| 296 | - PdoDatabase $database, |
|
| 297 | - SiteConfiguration $configuration |
|
| 298 | - ): ?string { |
|
| 299 | - if ($objectType == '') { |
|
| 300 | - return null; |
|
| 301 | - } |
|
| 302 | - |
|
| 303 | - $baseurl = $configuration->getBaseUrl(); |
|
| 304 | - |
|
| 305 | - switch ($objectType) { |
|
| 306 | - case 'Ban': |
|
| 307 | - /** @var Ban $ban */ |
|
| 308 | - $ban = Ban::getById($objectId, $database); |
|
| 309 | - |
|
| 310 | - if ($ban === false) { |
|
| 311 | - return 'Ban #' . $objectId; |
|
| 312 | - } |
|
| 313 | - |
|
| 314 | - return <<<HTML |
|
| 260 | + ); |
|
| 261 | + foreach ($databaseDrivenLogKeys->fetchAll(PDO::FETCH_ASSOC) as $row) { |
|
| 262 | + $lookup["Requests"][$row['k']] = $row['v']; |
|
| 263 | + } |
|
| 264 | + |
|
| 265 | + return $lookup; |
|
| 266 | + } |
|
| 267 | + |
|
| 268 | + public static function getObjectTypes(): array |
|
| 269 | + { |
|
| 270 | + return array( |
|
| 271 | + 'Ban' => 'Ban', |
|
| 272 | + 'Comment' => 'Comment', |
|
| 273 | + 'EmailTemplate' => 'Email template', |
|
| 274 | + 'JobQueue' => 'Job queue item', |
|
| 275 | + 'Request' => 'Request', |
|
| 276 | + 'SiteNotice' => 'Site notice', |
|
| 277 | + 'User' => 'User', |
|
| 278 | + 'WelcomeTemplate' => 'Welcome template', |
|
| 279 | + 'RequestQueue' => 'Request queue', |
|
| 280 | + 'Domain' => 'Domain', |
|
| 281 | + 'RequestForm' => 'Request form' |
|
| 282 | + ); |
|
| 283 | + } |
|
| 284 | + |
|
| 285 | + /** |
|
| 286 | + * This returns an HTML representation of the object |
|
| 287 | + * |
|
| 288 | + * @param int $objectId |
|
| 289 | + * @param string $objectType |
|
| 290 | + * |
|
| 291 | + * @category Security-Critical |
|
| 292 | + */ |
|
| 293 | + private static function getObjectDescription( |
|
| 294 | + $objectId, |
|
| 295 | + $objectType, |
|
| 296 | + PdoDatabase $database, |
|
| 297 | + SiteConfiguration $configuration |
|
| 298 | + ): ?string { |
|
| 299 | + if ($objectType == '') { |
|
| 300 | + return null; |
|
| 301 | + } |
|
| 302 | + |
|
| 303 | + $baseurl = $configuration->getBaseUrl(); |
|
| 304 | + |
|
| 305 | + switch ($objectType) { |
|
| 306 | + case 'Ban': |
|
| 307 | + /** @var Ban $ban */ |
|
| 308 | + $ban = Ban::getById($objectId, $database); |
|
| 309 | + |
|
| 310 | + if ($ban === false) { |
|
| 311 | + return 'Ban #' . $objectId; |
|
| 312 | + } |
|
| 313 | + |
|
| 314 | + return <<<HTML |
|
| 315 | 315 | <a href="{$baseurl}/internal.php/bans/show?id={$objectId}">Ban #{$objectId}</a> |
| 316 | 316 | HTML; |
| 317 | - case 'EmailTemplate': |
|
| 318 | - /** @var EmailTemplate $emailTemplate */ |
|
| 319 | - $emailTemplate = EmailTemplate::getById($objectId, $database); |
|
| 317 | + case 'EmailTemplate': |
|
| 318 | + /** @var EmailTemplate $emailTemplate */ |
|
| 319 | + $emailTemplate = EmailTemplate::getById($objectId, $database); |
|
| 320 | 320 | |
| 321 | - if ($emailTemplate === false) { |
|
| 322 | - return 'Email Template #' . $objectId; |
|
| 323 | - } |
|
| 321 | + if ($emailTemplate === false) { |
|
| 322 | + return 'Email Template #' . $objectId; |
|
| 323 | + } |
|
| 324 | 324 | |
| 325 | - $name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 325 | + $name = htmlentities($emailTemplate->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 326 | 326 | |
| 327 | - return <<<HTML |
|
| 327 | + return <<<HTML |
|
| 328 | 328 | <a href="{$baseurl}/internal.php/emailManagement/view?id={$objectId}">Email Template #{$objectId} ({$name})</a> |
| 329 | 329 | HTML; |
| 330 | - case 'SiteNotice': |
|
| 331 | - return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>"; |
|
| 332 | - case 'Request': |
|
| 333 | - /** @var Request $request */ |
|
| 334 | - $request = Request::getById($objectId, $database); |
|
| 330 | + case 'SiteNotice': |
|
| 331 | + return "<a href=\"{$baseurl}/internal.php/siteNotice\">the site notice</a>"; |
|
| 332 | + case 'Request': |
|
| 333 | + /** @var Request $request */ |
|
| 334 | + $request = Request::getById($objectId, $database); |
|
| 335 | 335 | |
| 336 | - if ($request === false) { |
|
| 337 | - return 'Request #' . $objectId; |
|
| 338 | - } |
|
| 336 | + if ($request === false) { |
|
| 337 | + return 'Request #' . $objectId; |
|
| 338 | + } |
|
| 339 | 339 | |
| 340 | - $name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 340 | + $name = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 341 | 341 | |
| 342 | - return <<<HTML |
|
| 342 | + return <<<HTML |
|
| 343 | 343 | <a href="{$baseurl}/internal.php/viewRequest?id={$objectId}">Request #{$objectId} ({$name})</a> |
| 344 | 344 | HTML; |
| 345 | - case 'User': |
|
| 346 | - /** @var User $user */ |
|
| 347 | - $user = User::getById($objectId, $database); |
|
| 348 | - |
|
| 349 | - // Some users were merged out of existence |
|
| 350 | - if ($user === false) { |
|
| 351 | - return 'User #' . $objectId; |
|
| 352 | - } |
|
| 353 | - |
|
| 354 | - $username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'); |
|
| 355 | - |
|
| 356 | - return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>"; |
|
| 357 | - case 'WelcomeTemplate': |
|
| 358 | - /** @var WelcomeTemplate $welcomeTemplate */ |
|
| 359 | - $welcomeTemplate = WelcomeTemplate::getById($objectId, $database); |
|
| 360 | - |
|
| 361 | - // some old templates have been completely deleted and lost to the depths of time. |
|
| 362 | - if ($welcomeTemplate === false) { |
|
| 363 | - return "Welcome template #{$objectId}"; |
|
| 364 | - } |
|
| 365 | - else { |
|
| 366 | - $userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8'); |
|
| 367 | - |
|
| 368 | - return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>"; |
|
| 369 | - } |
|
| 370 | - case 'JobQueue': |
|
| 371 | - /** @var JobQueue $job */ |
|
| 372 | - $job = JobQueue::getById($objectId, $database); |
|
| 373 | - |
|
| 374 | - $taskDescriptions = JobQueue::getTaskDescriptions(); |
|
| 375 | - |
|
| 376 | - if ($job === false) { |
|
| 377 | - return 'Job Queue Task #' . $objectId; |
|
| 378 | - } |
|
| 379 | - |
|
| 380 | - $task = $job->getTask(); |
|
| 381 | - if (isset($taskDescriptions[$task])) { |
|
| 382 | - $description = $taskDescriptions[$task]; |
|
| 383 | - } |
|
| 384 | - else { |
|
| 385 | - $description = 'Unknown task'; |
|
| 386 | - } |
|
| 387 | - |
|
| 388 | - return "<a href=\"{$baseurl}/internal.php/jobQueue/view?id={$objectId}\">Job #{$job->getId()} ({$description})</a>"; |
|
| 389 | - case 'RequestQueue': |
|
| 390 | - /** @var RequestQueue $queue */ |
|
| 391 | - $queue = RequestQueue::getById($objectId, $database); |
|
| 392 | - |
|
| 393 | - if ($queue === false) { |
|
| 394 | - return "Request Queue #{$objectId}"; |
|
| 395 | - } |
|
| 396 | - |
|
| 397 | - $queueHeader = htmlentities($queue->getHeader(), ENT_COMPAT, 'UTF-8'); |
|
| 398 | - |
|
| 399 | - return "<a href=\"{$baseurl}/internal.php/queueManagement/edit?queue={$objectId}\">{$queueHeader}</a>"; |
|
| 400 | - case 'Domain': |
|
| 401 | - /** @var Domain $domain */ |
|
| 402 | - $domain = Domain::getById($objectId, $database); |
|
| 403 | - |
|
| 404 | - if ($domain === false) { |
|
| 405 | - return "Domain #{$objectId}"; |
|
| 406 | - } |
|
| 407 | - |
|
| 408 | - $domainName = htmlentities($domain->getShortName(), ENT_COMPAT, 'UTF-8'); |
|
| 409 | - return "<a href=\"{$baseurl}/internal.php/domainManagement/edit?domain={$objectId}\">{$domainName}</a>"; |
|
| 410 | - case 'RequestForm': |
|
| 411 | - /** @var RequestForm $queue */ |
|
| 412 | - $queue = RequestForm::getById($objectId, $database); |
|
| 413 | - |
|
| 414 | - if ($queue === false) { |
|
| 415 | - return "Request Form #{$objectId}"; |
|
| 416 | - } |
|
| 417 | - |
|
| 418 | - $formName = htmlentities($queue->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 419 | - |
|
| 420 | - return "<a href=\"{$baseurl}/internal.php/requestFormManagement/edit?form={$objectId}\">{$formName}</a>"; |
|
| 421 | - case 'Comment': |
|
| 422 | - /** @var Comment $comment */ |
|
| 423 | - $comment = Comment::getById($objectId, $database); |
|
| 424 | - /** @var Request $request */ |
|
| 425 | - $request = Request::getById($comment->getRequest(), $database); |
|
| 426 | - $requestName = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 427 | - |
|
| 428 | - return "<a href=\"{$baseurl}/internal.php/editComment?id={$objectId}\">Comment {$objectId}</a> on request <a href=\"{$baseurl}/internal.php/viewRequest?id={$comment->getRequest()}#comment-{$objectId}\">#{$comment->getRequest()} ({$requestName})</a>"; |
|
| 429 | - default: |
|
| 430 | - return '[' . $objectType . " " . $objectId . ']'; |
|
| 431 | - } |
|
| 432 | - } |
|
| 433 | - |
|
| 434 | - /** |
|
| 435 | - * @param Log[] $logs |
|
| 436 | - * |
|
| 437 | - * @throws Exception |
|
| 438 | - */ |
|
| 439 | - public static function prepareLogsForTemplate(array $logs, PdoDatabase $database, SiteConfiguration $configuration): array |
|
| 440 | - { |
|
| 441 | - $userIds = array(); |
|
| 442 | - |
|
| 443 | - foreach ($logs as $logEntry) { |
|
| 444 | - if (!$logEntry instanceof Log) { |
|
| 445 | - // if this happens, we've done something wrong with passing back the log data. |
|
| 446 | - throw new Exception('Log entry is not an instance of a Log, this should never happen.'); |
|
| 447 | - } |
|
| 448 | - |
|
| 449 | - $user = $logEntry->getUser(); |
|
| 450 | - if ($user === -1) { |
|
| 451 | - continue; |
|
| 452 | - } |
|
| 453 | - |
|
| 454 | - if (!array_search($user, $userIds)) { |
|
| 455 | - $userIds[] = $user; |
|
| 456 | - } |
|
| 457 | - } |
|
| 458 | - |
|
| 459 | - $users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username'); |
|
| 460 | - $users[-1] = User::getCommunity()->getUsername(); |
|
| 461 | - |
|
| 462 | - $logData = array(); |
|
| 463 | - |
|
| 464 | - foreach ($logs as $logEntry) { |
|
| 465 | - $objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(), |
|
| 466 | - $database, $configuration); |
|
| 467 | - |
|
| 468 | - // initialise to sane default |
|
| 469 | - $comment = null; |
|
| 470 | - |
|
| 471 | - switch ($logEntry->getAction()) { |
|
| 472 | - case 'Renamed': |
|
| 473 | - $renameData = unserialize($logEntry->getComment()); |
|
| 474 | - $oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8'); |
|
| 475 | - $newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8'); |
|
| 476 | - $comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.'; |
|
| 477 | - break; |
|
| 478 | - case 'RoleChange': |
|
| 479 | - case 'GlobalRoleChange': |
|
| 480 | - $roleChangeData = unserialize($logEntry->getComment()); |
|
| 481 | - |
|
| 482 | - $removed = array(); |
|
| 483 | - foreach ($roleChangeData['removed'] as $r) { |
|
| 484 | - $removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8'); |
|
| 485 | - } |
|
| 486 | - |
|
| 487 | - $added = array(); |
|
| 488 | - foreach ($roleChangeData['added'] as $r) { |
|
| 489 | - $added[] = htmlentities($r, ENT_COMPAT, 'UTF-8'); |
|
| 490 | - } |
|
| 491 | - |
|
| 492 | - $reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8'); |
|
| 493 | - |
|
| 494 | - $roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']'; |
|
| 495 | - $comment = $roleDelta . ' with comment: ' . $reason; |
|
| 496 | - break; |
|
| 497 | - case 'JobIssue': |
|
| 498 | - $jobIssueData = unserialize($logEntry->getComment()); |
|
| 499 | - $errorMessage = $jobIssueData['error']; |
|
| 500 | - $status = $jobIssueData['status']; |
|
| 501 | - |
|
| 502 | - $comment = 'Job ' . htmlentities($status, ENT_COMPAT, 'UTF-8') . ': '; |
|
| 503 | - $comment .= htmlentities($errorMessage, ENT_COMPAT, 'UTF-8'); |
|
| 504 | - break; |
|
| 505 | - case 'JobIssueRequest': |
|
| 506 | - case 'JobCompletedRequest': |
|
| 507 | - $jobData = unserialize($logEntry->getComment()); |
|
| 508 | - |
|
| 509 | - /** @var JobQueue $job */ |
|
| 510 | - $job = JobQueue::getById($jobData['job'], $database); |
|
| 511 | - $descs = JobQueue::getTaskDescriptions(); |
|
| 512 | - $comment = htmlentities($descs[$job->getTask()], ENT_COMPAT, 'UTF-8'); |
|
| 513 | - break; |
|
| 514 | - |
|
| 515 | - case 'JobCompleted': |
|
| 516 | - break; |
|
| 517 | - default: |
|
| 518 | - $comment = $logEntry->getComment(); |
|
| 519 | - break; |
|
| 520 | - } |
|
| 521 | - |
|
| 522 | - $logData[] = array( |
|
| 523 | - 'timestamp' => $logEntry->getTimestamp(), |
|
| 524 | - 'userid' => $logEntry->getUser(), |
|
| 525 | - 'username' => $users[$logEntry->getUser()], |
|
| 526 | - 'description' => self::getLogDescription($logEntry), |
|
| 527 | - 'objectdescription' => $objectDescription, |
|
| 528 | - 'comment' => $comment, |
|
| 529 | - ); |
|
| 530 | - } |
|
| 531 | - |
|
| 532 | - return array($users, $logData); |
|
| 533 | - } |
|
| 345 | + case 'User': |
|
| 346 | + /** @var User $user */ |
|
| 347 | + $user = User::getById($objectId, $database); |
|
| 348 | + |
|
| 349 | + // Some users were merged out of existence |
|
| 350 | + if ($user === false) { |
|
| 351 | + return 'User #' . $objectId; |
|
| 352 | + } |
|
| 353 | + |
|
| 354 | + $username = htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'); |
|
| 355 | + |
|
| 356 | + return "<a href=\"{$baseurl}/internal.php/statistics/users/detail?user={$objectId}\">{$username}</a>"; |
|
| 357 | + case 'WelcomeTemplate': |
|
| 358 | + /** @var WelcomeTemplate $welcomeTemplate */ |
|
| 359 | + $welcomeTemplate = WelcomeTemplate::getById($objectId, $database); |
|
| 360 | + |
|
| 361 | + // some old templates have been completely deleted and lost to the depths of time. |
|
| 362 | + if ($welcomeTemplate === false) { |
|
| 363 | + return "Welcome template #{$objectId}"; |
|
| 364 | + } |
|
| 365 | + else { |
|
| 366 | + $userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8'); |
|
| 367 | + |
|
| 368 | + return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>"; |
|
| 369 | + } |
|
| 370 | + case 'JobQueue': |
|
| 371 | + /** @var JobQueue $job */ |
|
| 372 | + $job = JobQueue::getById($objectId, $database); |
|
| 373 | + |
|
| 374 | + $taskDescriptions = JobQueue::getTaskDescriptions(); |
|
| 375 | + |
|
| 376 | + if ($job === false) { |
|
| 377 | + return 'Job Queue Task #' . $objectId; |
|
| 378 | + } |
|
| 379 | + |
|
| 380 | + $task = $job->getTask(); |
|
| 381 | + if (isset($taskDescriptions[$task])) { |
|
| 382 | + $description = $taskDescriptions[$task]; |
|
| 383 | + } |
|
| 384 | + else { |
|
| 385 | + $description = 'Unknown task'; |
|
| 386 | + } |
|
| 387 | + |
|
| 388 | + return "<a href=\"{$baseurl}/internal.php/jobQueue/view?id={$objectId}\">Job #{$job->getId()} ({$description})</a>"; |
|
| 389 | + case 'RequestQueue': |
|
| 390 | + /** @var RequestQueue $queue */ |
|
| 391 | + $queue = RequestQueue::getById($objectId, $database); |
|
| 392 | + |
|
| 393 | + if ($queue === false) { |
|
| 394 | + return "Request Queue #{$objectId}"; |
|
| 395 | + } |
|
| 396 | + |
|
| 397 | + $queueHeader = htmlentities($queue->getHeader(), ENT_COMPAT, 'UTF-8'); |
|
| 398 | + |
|
| 399 | + return "<a href=\"{$baseurl}/internal.php/queueManagement/edit?queue={$objectId}\">{$queueHeader}</a>"; |
|
| 400 | + case 'Domain': |
|
| 401 | + /** @var Domain $domain */ |
|
| 402 | + $domain = Domain::getById($objectId, $database); |
|
| 403 | + |
|
| 404 | + if ($domain === false) { |
|
| 405 | + return "Domain #{$objectId}"; |
|
| 406 | + } |
|
| 407 | + |
|
| 408 | + $domainName = htmlentities($domain->getShortName(), ENT_COMPAT, 'UTF-8'); |
|
| 409 | + return "<a href=\"{$baseurl}/internal.php/domainManagement/edit?domain={$objectId}\">{$domainName}</a>"; |
|
| 410 | + case 'RequestForm': |
|
| 411 | + /** @var RequestForm $queue */ |
|
| 412 | + $queue = RequestForm::getById($objectId, $database); |
|
| 413 | + |
|
| 414 | + if ($queue === false) { |
|
| 415 | + return "Request Form #{$objectId}"; |
|
| 416 | + } |
|
| 417 | + |
|
| 418 | + $formName = htmlentities($queue->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 419 | + |
|
| 420 | + return "<a href=\"{$baseurl}/internal.php/requestFormManagement/edit?form={$objectId}\">{$formName}</a>"; |
|
| 421 | + case 'Comment': |
|
| 422 | + /** @var Comment $comment */ |
|
| 423 | + $comment = Comment::getById($objectId, $database); |
|
| 424 | + /** @var Request $request */ |
|
| 425 | + $request = Request::getById($comment->getRequest(), $database); |
|
| 426 | + $requestName = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 427 | + |
|
| 428 | + return "<a href=\"{$baseurl}/internal.php/editComment?id={$objectId}\">Comment {$objectId}</a> on request <a href=\"{$baseurl}/internal.php/viewRequest?id={$comment->getRequest()}#comment-{$objectId}\">#{$comment->getRequest()} ({$requestName})</a>"; |
|
| 429 | + default: |
|
| 430 | + return '[' . $objectType . " " . $objectId . ']'; |
|
| 431 | + } |
|
| 432 | + } |
|
| 433 | + |
|
| 434 | + /** |
|
| 435 | + * @param Log[] $logs |
|
| 436 | + * |
|
| 437 | + * @throws Exception |
|
| 438 | + */ |
|
| 439 | + public static function prepareLogsForTemplate(array $logs, PdoDatabase $database, SiteConfiguration $configuration): array |
|
| 440 | + { |
|
| 441 | + $userIds = array(); |
|
| 442 | + |
|
| 443 | + foreach ($logs as $logEntry) { |
|
| 444 | + if (!$logEntry instanceof Log) { |
|
| 445 | + // if this happens, we've done something wrong with passing back the log data. |
|
| 446 | + throw new Exception('Log entry is not an instance of a Log, this should never happen.'); |
|
| 447 | + } |
|
| 448 | + |
|
| 449 | + $user = $logEntry->getUser(); |
|
| 450 | + if ($user === -1) { |
|
| 451 | + continue; |
|
| 452 | + } |
|
| 453 | + |
|
| 454 | + if (!array_search($user, $userIds)) { |
|
| 455 | + $userIds[] = $user; |
|
| 456 | + } |
|
| 457 | + } |
|
| 458 | + |
|
| 459 | + $users = UserSearchHelper::get($database)->inIds($userIds)->fetchMap('username'); |
|
| 460 | + $users[-1] = User::getCommunity()->getUsername(); |
|
| 461 | + |
|
| 462 | + $logData = array(); |
|
| 463 | + |
|
| 464 | + foreach ($logs as $logEntry) { |
|
| 465 | + $objectDescription = self::getObjectDescription($logEntry->getObjectId(), $logEntry->getObjectType(), |
|
| 466 | + $database, $configuration); |
|
| 467 | + |
|
| 468 | + // initialise to sane default |
|
| 469 | + $comment = null; |
|
| 470 | + |
|
| 471 | + switch ($logEntry->getAction()) { |
|
| 472 | + case 'Renamed': |
|
| 473 | + $renameData = unserialize($logEntry->getComment()); |
|
| 474 | + $oldName = htmlentities($renameData['old'], ENT_COMPAT, 'UTF-8'); |
|
| 475 | + $newName = htmlentities($renameData['new'], ENT_COMPAT, 'UTF-8'); |
|
| 476 | + $comment = 'Renamed \'' . $oldName . '\' to \'' . $newName . '\'.'; |
|
| 477 | + break; |
|
| 478 | + case 'RoleChange': |
|
| 479 | + case 'GlobalRoleChange': |
|
| 480 | + $roleChangeData = unserialize($logEntry->getComment()); |
|
| 481 | + |
|
| 482 | + $removed = array(); |
|
| 483 | + foreach ($roleChangeData['removed'] as $r) { |
|
| 484 | + $removed[] = htmlentities($r, ENT_COMPAT, 'UTF-8'); |
|
| 485 | + } |
|
| 486 | + |
|
| 487 | + $added = array(); |
|
| 488 | + foreach ($roleChangeData['added'] as $r) { |
|
| 489 | + $added[] = htmlentities($r, ENT_COMPAT, 'UTF-8'); |
|
| 490 | + } |
|
| 491 | + |
|
| 492 | + $reason = htmlentities($roleChangeData['reason'], ENT_COMPAT, 'UTF-8'); |
|
| 493 | + |
|
| 494 | + $roleDelta = 'Removed [' . implode(', ', $removed) . '], Added [' . implode(', ', $added) . ']'; |
|
| 495 | + $comment = $roleDelta . ' with comment: ' . $reason; |
|
| 496 | + break; |
|
| 497 | + case 'JobIssue': |
|
| 498 | + $jobIssueData = unserialize($logEntry->getComment()); |
|
| 499 | + $errorMessage = $jobIssueData['error']; |
|
| 500 | + $status = $jobIssueData['status']; |
|
| 501 | + |
|
| 502 | + $comment = 'Job ' . htmlentities($status, ENT_COMPAT, 'UTF-8') . ': '; |
|
| 503 | + $comment .= htmlentities($errorMessage, ENT_COMPAT, 'UTF-8'); |
|
| 504 | + break; |
|
| 505 | + case 'JobIssueRequest': |
|
| 506 | + case 'JobCompletedRequest': |
|
| 507 | + $jobData = unserialize($logEntry->getComment()); |
|
| 508 | + |
|
| 509 | + /** @var JobQueue $job */ |
|
| 510 | + $job = JobQueue::getById($jobData['job'], $database); |
|
| 511 | + $descs = JobQueue::getTaskDescriptions(); |
|
| 512 | + $comment = htmlentities($descs[$job->getTask()], ENT_COMPAT, 'UTF-8'); |
|
| 513 | + break; |
|
| 514 | + |
|
| 515 | + case 'JobCompleted': |
|
| 516 | + break; |
|
| 517 | + default: |
|
| 518 | + $comment = $logEntry->getComment(); |
|
| 519 | + break; |
|
| 520 | + } |
|
| 521 | + |
|
| 522 | + $logData[] = array( |
|
| 523 | + 'timestamp' => $logEntry->getTimestamp(), |
|
| 524 | + 'userid' => $logEntry->getUser(), |
|
| 525 | + 'username' => $users[$logEntry->getUser()], |
|
| 526 | + 'description' => self::getLogDescription($logEntry), |
|
| 527 | + 'objectdescription' => $objectDescription, |
|
| 528 | + 'comment' => $comment, |
|
| 529 | + ); |
|
| 530 | + } |
|
| 531 | + |
|
| 532 | + return array($users, $logData); |
|
| 533 | + } |
|
| 534 | 534 | } |
@@ -361,8 +361,7 @@ discard block |
||
| 361 | 361 | // some old templates have been completely deleted and lost to the depths of time. |
| 362 | 362 | if ($welcomeTemplate === false) { |
| 363 | 363 | return "Welcome template #{$objectId}"; |
| 364 | - } |
|
| 365 | - else { |
|
| 364 | + } else { |
|
| 366 | 365 | $userCode = htmlentities($welcomeTemplate->getUserCode(), ENT_COMPAT, 'UTF-8'); |
| 367 | 366 | |
| 368 | 367 | return "<a href=\"{$baseurl}/internal.php/welcomeTemplates/view?template={$objectId}\">{$userCode}</a>"; |
@@ -380,8 +379,7 @@ discard block |
||
| 380 | 379 | $task = $job->getTask(); |
| 381 | 380 | if (isset($taskDescriptions[$task])) { |
| 382 | 381 | $description = $taskDescriptions[$task]; |
| 383 | - } |
|
| 384 | - else { |
|
| 382 | + } else { |
|
| 385 | 383 | $description = 'Unknown task'; |
| 386 | 384 | } |
| 387 | 385 | |
@@ -20,66 +20,66 @@ discard block |
||
| 20 | 20 | |
| 21 | 21 | class BanHelper implements IBanHelper |
| 22 | 22 | { |
| 23 | - /** @var PdoDatabase */ |
|
| 24 | - private $database; |
|
| 25 | - /** @var IXffTrustProvider */ |
|
| 26 | - private $xffTrustProvider; |
|
| 27 | - /** @var Ban[][] */ |
|
| 28 | - private $banCache = []; |
|
| 29 | - /** |
|
| 30 | - * @var null|SecurityManager |
|
| 31 | - */ |
|
| 32 | - private $securityManager; |
|
| 33 | - |
|
| 34 | - public function __construct( |
|
| 35 | - PdoDatabase $database, |
|
| 36 | - IXffTrustProvider $xffTrustProvider, |
|
| 37 | - ?SecurityManager $securityManager |
|
| 38 | - ) { |
|
| 39 | - $this->database = $database; |
|
| 40 | - $this->xffTrustProvider = $xffTrustProvider; |
|
| 41 | - $this->securityManager = $securityManager; |
|
| 42 | - } |
|
| 43 | - |
|
| 44 | - public function isBlockBanned(Request $request): bool |
|
| 45 | - { |
|
| 46 | - if (!isset($this->banCache[$request->getId()])) { |
|
| 47 | - $this->banCache[$request->getId()] = $this->getBansForRequestFromDatabase($request); |
|
| 48 | - } |
|
| 49 | - |
|
| 50 | - foreach ($this->banCache[$request->getId()] as $ban) { |
|
| 51 | - if ($ban->getAction() === Ban::ACTION_BLOCK) { |
|
| 52 | - return true; |
|
| 53 | - } |
|
| 54 | - } |
|
| 55 | - |
|
| 56 | - return false; |
|
| 57 | - } |
|
| 58 | - |
|
| 59 | - /** |
|
| 60 | - * @param Request $request |
|
| 61 | - * |
|
| 62 | - * @return Ban[] |
|
| 63 | - */ |
|
| 64 | - public function getBans(Request $request): array |
|
| 65 | - { |
|
| 66 | - if (!isset($this->banCache[$request->getId()])) { |
|
| 67 | - $this->banCache[$request->getId()] = $this->getBansForRequestFromDatabase($request); |
|
| 68 | - } |
|
| 69 | - |
|
| 70 | - return $this->banCache[$request->getId()]; |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - public function getBansByTarget( |
|
| 74 | - ?string $name, |
|
| 75 | - ?string $email, |
|
| 76 | - ?string $ip, |
|
| 77 | - ?int $mask, |
|
| 78 | - ?string $useragent, |
|
| 79 | - int $domain |
|
| 80 | - ) { |
|
| 81 | - /** @noinspection SqlConstantCondition */ |
|
| 82 | - $query = <<<SQL |
|
| 23 | + /** @var PdoDatabase */ |
|
| 24 | + private $database; |
|
| 25 | + /** @var IXffTrustProvider */ |
|
| 26 | + private $xffTrustProvider; |
|
| 27 | + /** @var Ban[][] */ |
|
| 28 | + private $banCache = []; |
|
| 29 | + /** |
|
| 30 | + * @var null|SecurityManager |
|
| 31 | + */ |
|
| 32 | + private $securityManager; |
|
| 33 | + |
|
| 34 | + public function __construct( |
|
| 35 | + PdoDatabase $database, |
|
| 36 | + IXffTrustProvider $xffTrustProvider, |
|
| 37 | + ?SecurityManager $securityManager |
|
| 38 | + ) { |
|
| 39 | + $this->database = $database; |
|
| 40 | + $this->xffTrustProvider = $xffTrustProvider; |
|
| 41 | + $this->securityManager = $securityManager; |
|
| 42 | + } |
|
| 43 | + |
|
| 44 | + public function isBlockBanned(Request $request): bool |
|
| 45 | + { |
|
| 46 | + if (!isset($this->banCache[$request->getId()])) { |
|
| 47 | + $this->banCache[$request->getId()] = $this->getBansForRequestFromDatabase($request); |
|
| 48 | + } |
|
| 49 | + |
|
| 50 | + foreach ($this->banCache[$request->getId()] as $ban) { |
|
| 51 | + if ($ban->getAction() === Ban::ACTION_BLOCK) { |
|
| 52 | + return true; |
|
| 53 | + } |
|
| 54 | + } |
|
| 55 | + |
|
| 56 | + return false; |
|
| 57 | + } |
|
| 58 | + |
|
| 59 | + /** |
|
| 60 | + * @param Request $request |
|
| 61 | + * |
|
| 62 | + * @return Ban[] |
|
| 63 | + */ |
|
| 64 | + public function getBans(Request $request): array |
|
| 65 | + { |
|
| 66 | + if (!isset($this->banCache[$request->getId()])) { |
|
| 67 | + $this->banCache[$request->getId()] = $this->getBansForRequestFromDatabase($request); |
|
| 68 | + } |
|
| 69 | + |
|
| 70 | + return $this->banCache[$request->getId()]; |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + public function getBansByTarget( |
|
| 74 | + ?string $name, |
|
| 75 | + ?string $email, |
|
| 76 | + ?string $ip, |
|
| 77 | + ?int $mask, |
|
| 78 | + ?string $useragent, |
|
| 79 | + int $domain |
|
| 80 | + ) { |
|
| 81 | + /** @noinspection SqlConstantCondition */ |
|
| 82 | + $query = <<<SQL |
|
| 83 | 83 | SELECT * FROM ban |
| 84 | 84 | WHERE 1 = 1 |
| 85 | 85 | AND ((name IS NULL AND :nname IS NULL) OR name = :name) |
@@ -92,85 +92,85 @@ discard block |
||
| 92 | 92 | AND (domain IS NULL OR domain = :domain); |
| 93 | 93 | SQL; |
| 94 | 94 | |
| 95 | - $statement = $this->database->prepare($query); |
|
| 96 | - $statement->execute([ |
|
| 97 | - ':name' => $name, |
|
| 98 | - ':nname' => $name, |
|
| 99 | - ':email' => $email, |
|
| 100 | - ':nemail' => $email, |
|
| 101 | - ':ip' => $ip, |
|
| 102 | - ':nip' => $ip, |
|
| 103 | - ':ipmask' => $mask, |
|
| 104 | - ':nipmask' => $mask, |
|
| 105 | - ':useragent' => $useragent, |
|
| 106 | - ':nuseragent' => $useragent, |
|
| 107 | - ':domain' => $domain, |
|
| 108 | - ]); |
|
| 109 | - |
|
| 110 | - $result = array(); |
|
| 111 | - |
|
| 112 | - /** @var Ban $v */ |
|
| 113 | - foreach ($statement->fetchAll(PDO::FETCH_CLASS, Ban::class) as $v) { |
|
| 114 | - $v->setDatabase($this->database); |
|
| 115 | - $result[] = $v; |
|
| 116 | - } |
|
| 117 | - |
|
| 118 | - return $result; |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - public function isActive(Ban $ban): bool |
|
| 122 | - { |
|
| 123 | - if (!$ban->isActive()) { |
|
| 124 | - return false; |
|
| 125 | - } |
|
| 126 | - |
|
| 127 | - if ($ban->getDuration() !== null && $ban->getDuration() < time()) { |
|
| 128 | - return false; |
|
| 129 | - } |
|
| 130 | - |
|
| 131 | - return true; |
|
| 132 | - } |
|
| 133 | - |
|
| 134 | - public function canUnban(Ban $ban): bool |
|
| 135 | - { |
|
| 136 | - if ($this->securityManager === null) { |
|
| 137 | - return false; |
|
| 138 | - } |
|
| 139 | - |
|
| 140 | - if (!$this->isActive($ban)) { |
|
| 141 | - return false; |
|
| 142 | - } |
|
| 143 | - |
|
| 144 | - $user = User::getCurrent($this->database); |
|
| 145 | - |
|
| 146 | - $allowed = true; |
|
| 147 | - $allowed = $allowed && ($ban->getName() === null || $this->securityManager->allows('BanType', 'name', $user) === SecurityManager::ALLOWED); |
|
| 148 | - $allowed = $allowed && ($ban->getEmail() === null || $this->securityManager->allows('BanType', 'email', $user) === SecurityManager::ALLOWED); |
|
| 149 | - $allowed = $allowed && ($ban->getIp() === null || $this->securityManager->allows('BanType', 'ip', $user) === SecurityManager::ALLOWED); |
|
| 150 | - $allowed = $allowed && ($ban->getUseragent() === null || $this->securityManager->allows('BanType', 'useragent', $user) === SecurityManager::ALLOWED); |
|
| 151 | - |
|
| 152 | - if ($ban->getDomain() === null) { |
|
| 153 | - $allowed &= $this->securityManager->allows('BanType', 'global', $user) === SecurityManager::ALLOWED; |
|
| 154 | - } |
|
| 155 | - else { |
|
| 156 | - $currentDomain = Domain::getCurrent($this->database); |
|
| 157 | - $allowed &= $currentDomain->getId() === $ban->getDomain(); |
|
| 158 | - } |
|
| 159 | - |
|
| 160 | - $allowed = $allowed && $this->securityManager->allows('BanVisibility', $ban->getVisibility(), $user) === SecurityManager::ALLOWED; |
|
| 161 | - |
|
| 162 | - return $allowed; |
|
| 163 | - } |
|
| 164 | - |
|
| 165 | - /** |
|
| 166 | - * @param Request $request |
|
| 167 | - * |
|
| 168 | - * @return Ban[] |
|
| 169 | - */ |
|
| 170 | - private function getBansForRequestFromDatabase(Request $request): array |
|
| 171 | - { |
|
| 172 | - /** @noinspection SqlConstantCondition - included for clarity of code */ |
|
| 173 | - $query = <<<SQL |
|
| 95 | + $statement = $this->database->prepare($query); |
|
| 96 | + $statement->execute([ |
|
| 97 | + ':name' => $name, |
|
| 98 | + ':nname' => $name, |
|
| 99 | + ':email' => $email, |
|
| 100 | + ':nemail' => $email, |
|
| 101 | + ':ip' => $ip, |
|
| 102 | + ':nip' => $ip, |
|
| 103 | + ':ipmask' => $mask, |
|
| 104 | + ':nipmask' => $mask, |
|
| 105 | + ':useragent' => $useragent, |
|
| 106 | + ':nuseragent' => $useragent, |
|
| 107 | + ':domain' => $domain, |
|
| 108 | + ]); |
|
| 109 | + |
|
| 110 | + $result = array(); |
|
| 111 | + |
|
| 112 | + /** @var Ban $v */ |
|
| 113 | + foreach ($statement->fetchAll(PDO::FETCH_CLASS, Ban::class) as $v) { |
|
| 114 | + $v->setDatabase($this->database); |
|
| 115 | + $result[] = $v; |
|
| 116 | + } |
|
| 117 | + |
|
| 118 | + return $result; |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + public function isActive(Ban $ban): bool |
|
| 122 | + { |
|
| 123 | + if (!$ban->isActive()) { |
|
| 124 | + return false; |
|
| 125 | + } |
|
| 126 | + |
|
| 127 | + if ($ban->getDuration() !== null && $ban->getDuration() < time()) { |
|
| 128 | + return false; |
|
| 129 | + } |
|
| 130 | + |
|
| 131 | + return true; |
|
| 132 | + } |
|
| 133 | + |
|
| 134 | + public function canUnban(Ban $ban): bool |
|
| 135 | + { |
|
| 136 | + if ($this->securityManager === null) { |
|
| 137 | + return false; |
|
| 138 | + } |
|
| 139 | + |
|
| 140 | + if (!$this->isActive($ban)) { |
|
| 141 | + return false; |
|
| 142 | + } |
|
| 143 | + |
|
| 144 | + $user = User::getCurrent($this->database); |
|
| 145 | + |
|
| 146 | + $allowed = true; |
|
| 147 | + $allowed = $allowed && ($ban->getName() === null || $this->securityManager->allows('BanType', 'name', $user) === SecurityManager::ALLOWED); |
|
| 148 | + $allowed = $allowed && ($ban->getEmail() === null || $this->securityManager->allows('BanType', 'email', $user) === SecurityManager::ALLOWED); |
|
| 149 | + $allowed = $allowed && ($ban->getIp() === null || $this->securityManager->allows('BanType', 'ip', $user) === SecurityManager::ALLOWED); |
|
| 150 | + $allowed = $allowed && ($ban->getUseragent() === null || $this->securityManager->allows('BanType', 'useragent', $user) === SecurityManager::ALLOWED); |
|
| 151 | + |
|
| 152 | + if ($ban->getDomain() === null) { |
|
| 153 | + $allowed &= $this->securityManager->allows('BanType', 'global', $user) === SecurityManager::ALLOWED; |
|
| 154 | + } |
|
| 155 | + else { |
|
| 156 | + $currentDomain = Domain::getCurrent($this->database); |
|
| 157 | + $allowed &= $currentDomain->getId() === $ban->getDomain(); |
|
| 158 | + } |
|
| 159 | + |
|
| 160 | + $allowed = $allowed && $this->securityManager->allows('BanVisibility', $ban->getVisibility(), $user) === SecurityManager::ALLOWED; |
|
| 161 | + |
|
| 162 | + return $allowed; |
|
| 163 | + } |
|
| 164 | + |
|
| 165 | + /** |
|
| 166 | + * @param Request $request |
|
| 167 | + * |
|
| 168 | + * @return Ban[] |
|
| 169 | + */ |
|
| 170 | + private function getBansForRequestFromDatabase(Request $request): array |
|
| 171 | + { |
|
| 172 | + /** @noinspection SqlConstantCondition - included for clarity of code */ |
|
| 173 | + $query = <<<SQL |
|
| 174 | 174 | SELECT b.* FROM ban b |
| 175 | 175 | LEFT JOIN netmask n ON 1 = 1 |
| 176 | 176 | AND n.cidr = b.ipmask |
@@ -192,28 +192,28 @@ discard block |
||
| 192 | 192 | AND (b.domain IS NULL OR b.domain = :domain) |
| 193 | 193 | SQL; |
| 194 | 194 | |
| 195 | - $statement = $this->database->prepare($query); |
|
| 196 | - $trustedIp = $this->xffTrustProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp()); |
|
| 197 | - |
|
| 198 | - $statement->execute([ |
|
| 199 | - ':name' => $request->getName(), |
|
| 200 | - ':email' => $request->getEmail(), |
|
| 201 | - ':useragent' => $request->getUserAgent(), |
|
| 202 | - ':domain' => $request->getDomain(), |
|
| 203 | - ':ip4' => $trustedIp, |
|
| 204 | - ':ip6h' => $trustedIp, |
|
| 205 | - ':ip6l' => $trustedIp, |
|
| 206 | - ]); |
|
| 207 | - |
|
| 208 | - /** @var Ban[] $result */ |
|
| 209 | - $result = []; |
|
| 210 | - |
|
| 211 | - /** @var Ban $v */ |
|
| 212 | - foreach ($statement->fetchAll(PDO::FETCH_CLASS, Ban::class) as $v) { |
|
| 213 | - $v->setDatabase($this->database); |
|
| 214 | - $result[] = $v; |
|
| 215 | - } |
|
| 216 | - |
|
| 217 | - return $result; |
|
| 218 | - } |
|
| 195 | + $statement = $this->database->prepare($query); |
|
| 196 | + $trustedIp = $this->xffTrustProvider->getTrustedClientIp($request->getIp(), $request->getForwardedIp()); |
|
| 197 | + |
|
| 198 | + $statement->execute([ |
|
| 199 | + ':name' => $request->getName(), |
|
| 200 | + ':email' => $request->getEmail(), |
|
| 201 | + ':useragent' => $request->getUserAgent(), |
|
| 202 | + ':domain' => $request->getDomain(), |
|
| 203 | + ':ip4' => $trustedIp, |
|
| 204 | + ':ip6h' => $trustedIp, |
|
| 205 | + ':ip6l' => $trustedIp, |
|
| 206 | + ]); |
|
| 207 | + |
|
| 208 | + /** @var Ban[] $result */ |
|
| 209 | + $result = []; |
|
| 210 | + |
|
| 211 | + /** @var Ban $v */ |
|
| 212 | + foreach ($statement->fetchAll(PDO::FETCH_CLASS, Ban::class) as $v) { |
|
| 213 | + $v->setDatabase($this->database); |
|
| 214 | + $result[] = $v; |
|
| 215 | + } |
|
| 216 | + |
|
| 217 | + return $result; |
|
| 218 | + } |
|
| 219 | 219 | } |
@@ -151,8 +151,7 @@ |
||
| 151 | 151 | |
| 152 | 152 | if ($ban->getDomain() === null) { |
| 153 | 153 | $allowed &= $this->securityManager->allows('BanType', 'global', $user) === SecurityManager::ALLOWED; |
| 154 | - } |
|
| 155 | - else { |
|
| 154 | + } else { |
|
| 156 | 155 | $currentDomain = Domain::getCurrent($this->database); |
| 157 | 156 | $allowed &= $currentDomain->getId() === $ban->getDomain(); |
| 158 | 157 | } |
@@ -15,124 +15,124 @@ |
||
| 15 | 15 | |
| 16 | 16 | class PdoDatabase extends PDO |
| 17 | 17 | { |
| 18 | - public const ISOLATION_SERIALIZABLE = 'SERIALIZABLE'; |
|
| 19 | - public const ISOLATION_READ_COMMITTED = 'READ COMMITTED'; |
|
| 20 | - public const ISOLATION_READ_ONLY = 'READ ONLY'; |
|
| 21 | - |
|
| 22 | - private static PdoDatabase $connection; |
|
| 23 | - /** |
|
| 24 | - * @var bool True if a transaction is active |
|
| 25 | - */ |
|
| 26 | - protected bool $hasActiveTransaction = false; |
|
| 27 | - |
|
| 28 | - /** |
|
| 29 | - * Unless you're doing low-level work, this is not the function you want. |
|
| 30 | - * |
|
| 31 | - * @throws Exception |
|
| 32 | - */ |
|
| 33 | - public static function getDatabaseConnection(SiteConfiguration $configuration): PdoDatabase |
|
| 34 | - { |
|
| 35 | - if (!isset(self::$connection)) { |
|
| 36 | - $dbConfig = $configuration->getDatabaseConfig(); |
|
| 37 | - |
|
| 38 | - try { |
|
| 39 | - $databaseObject = new PdoDatabase( |
|
| 40 | - $dbConfig['datasource'], |
|
| 41 | - $dbConfig['username'], |
|
| 42 | - $dbConfig['password'], |
|
| 43 | - [PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8mb4 COLLATE utf8mb4_unicode_520_ci'] |
|
| 44 | - ); |
|
| 45 | - } |
|
| 46 | - catch (PDOException $ex) { |
|
| 47 | - // wrap around any potential stack traces which may include passwords |
|
| 48 | - throw new EnvironmentException('Error connecting to database: ' . $ex->getMessage()); |
|
| 49 | - } |
|
| 50 | - |
|
| 51 | - $databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
|
| 52 | - |
|
| 53 | - // emulating prepared statements gives a performance boost on MySQL. |
|
| 54 | - // |
|
| 55 | - // however, our version of PDO doesn't seem to understand parameter types when emulating |
|
| 56 | - // the prepared statements, so we're forced to turn this off for now. |
|
| 57 | - // -- stw 2014-02-11 |
|
| 58 | - // |
|
| 59 | - // and that's not the only problem with emulated prepares. We've now got code that relies |
|
| 60 | - // on real prepares. |
|
| 61 | - // -- stw 2023-09-30 |
|
| 62 | - $databaseObject->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); |
|
| 63 | - |
|
| 64 | - // Set the default transaction mode |
|
| 65 | - $databaseObject->exec("SET SESSION TRANSACTION ISOLATION LEVEL READ COMMITTED;"); |
|
| 66 | - |
|
| 67 | - self::$connection = $databaseObject; |
|
| 68 | - } |
|
| 69 | - |
|
| 70 | - return self::$connection; |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - /** |
|
| 74 | - * Determines if this connection has a transaction in progress or not |
|
| 75 | - * @return boolean true if there is a transaction in progress. |
|
| 76 | - */ |
|
| 77 | - public function hasActiveTransaction(): bool |
|
| 78 | - { |
|
| 79 | - return $this->hasActiveTransaction; |
|
| 80 | - } |
|
| 81 | - |
|
| 82 | - public function beginTransaction(string $isolationLevel = self::ISOLATION_READ_COMMITTED): bool |
|
| 83 | - { |
|
| 84 | - // Override the pre-existing method, which doesn't stop you from |
|
| 85 | - // starting transactions within transactions - which doesn't work and |
|
| 86 | - // will throw an exception. This eliminates the need to catch exceptions |
|
| 87 | - // all over the rest of the code |
|
| 88 | - if ($this->hasActiveTransaction) { |
|
| 89 | - return false; |
|
| 90 | - } |
|
| 91 | - else { |
|
| 92 | - $accessMode = 'READ WRITE'; |
|
| 93 | - |
|
| 94 | - switch ($isolationLevel) { |
|
| 95 | - case self::ISOLATION_SERIALIZABLE: |
|
| 96 | - case self::ISOLATION_READ_COMMITTED: |
|
| 97 | - break; |
|
| 98 | - case self::ISOLATION_READ_ONLY: |
|
| 99 | - $isolationLevel = self::ISOLATION_READ_COMMITTED; |
|
| 100 | - $accessMode = 'READ ONLY'; |
|
| 101 | - break; |
|
| 102 | - default: |
|
| 103 | - throw new Exception("Invalid transaction isolation level"); |
|
| 104 | - } |
|
| 105 | - |
|
| 106 | - // set the transaction isolation level for every transaction. |
|
| 107 | - // string substitution is safe here; values can only be one of the above constants |
|
| 108 | - parent::exec("SET TRANSACTION ISOLATION LEVEL ${isolationLevel}, ${accessMode};"); |
|
| 109 | - |
|
| 110 | - // start a new transaction, and return whether the start was successful |
|
| 111 | - $this->hasActiveTransaction = parent::beginTransaction(); |
|
| 112 | - |
|
| 113 | - return $this->hasActiveTransaction; |
|
| 114 | - } |
|
| 115 | - } |
|
| 116 | - |
|
| 117 | - /** |
|
| 118 | - * Commits the active transaction |
|
| 119 | - */ |
|
| 120 | - public function commit(): void |
|
| 121 | - { |
|
| 122 | - if ($this->hasActiveTransaction) { |
|
| 123 | - parent::commit(); |
|
| 124 | - $this->hasActiveTransaction = false; |
|
| 125 | - } |
|
| 126 | - } |
|
| 127 | - |
|
| 128 | - /** |
|
| 129 | - * Rolls back a transaction |
|
| 130 | - */ |
|
| 131 | - public function rollBack(): void |
|
| 132 | - { |
|
| 133 | - if ($this->hasActiveTransaction) { |
|
| 134 | - parent::rollback(); |
|
| 135 | - $this->hasActiveTransaction = false; |
|
| 136 | - } |
|
| 137 | - } |
|
| 18 | + public const ISOLATION_SERIALIZABLE = 'SERIALIZABLE'; |
|
| 19 | + public const ISOLATION_READ_COMMITTED = 'READ COMMITTED'; |
|
| 20 | + public const ISOLATION_READ_ONLY = 'READ ONLY'; |
|
| 21 | + |
|
| 22 | + private static PdoDatabase $connection; |
|
| 23 | + /** |
|
| 24 | + * @var bool True if a transaction is active |
|
| 25 | + */ |
|
| 26 | + protected bool $hasActiveTransaction = false; |
|
| 27 | + |
|
| 28 | + /** |
|
| 29 | + * Unless you're doing low-level work, this is not the function you want. |
|
| 30 | + * |
|
| 31 | + * @throws Exception |
|
| 32 | + */ |
|
| 33 | + public static function getDatabaseConnection(SiteConfiguration $configuration): PdoDatabase |
|
| 34 | + { |
|
| 35 | + if (!isset(self::$connection)) { |
|
| 36 | + $dbConfig = $configuration->getDatabaseConfig(); |
|
| 37 | + |
|
| 38 | + try { |
|
| 39 | + $databaseObject = new PdoDatabase( |
|
| 40 | + $dbConfig['datasource'], |
|
| 41 | + $dbConfig['username'], |
|
| 42 | + $dbConfig['password'], |
|
| 43 | + [PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8mb4 COLLATE utf8mb4_unicode_520_ci'] |
|
| 44 | + ); |
|
| 45 | + } |
|
| 46 | + catch (PDOException $ex) { |
|
| 47 | + // wrap around any potential stack traces which may include passwords |
|
| 48 | + throw new EnvironmentException('Error connecting to database: ' . $ex->getMessage()); |
|
| 49 | + } |
|
| 50 | + |
|
| 51 | + $databaseObject->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
|
| 52 | + |
|
| 53 | + // emulating prepared statements gives a performance boost on MySQL. |
|
| 54 | + // |
|
| 55 | + // however, our version of PDO doesn't seem to understand parameter types when emulating |
|
| 56 | + // the prepared statements, so we're forced to turn this off for now. |
|
| 57 | + // -- stw 2014-02-11 |
|
| 58 | + // |
|
| 59 | + // and that's not the only problem with emulated prepares. We've now got code that relies |
|
| 60 | + // on real prepares. |
|
| 61 | + // -- stw 2023-09-30 |
|
| 62 | + $databaseObject->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); |
|
| 63 | + |
|
| 64 | + // Set the default transaction mode |
|
| 65 | + $databaseObject->exec("SET SESSION TRANSACTION ISOLATION LEVEL READ COMMITTED;"); |
|
| 66 | + |
|
| 67 | + self::$connection = $databaseObject; |
|
| 68 | + } |
|
| 69 | + |
|
| 70 | + return self::$connection; |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + /** |
|
| 74 | + * Determines if this connection has a transaction in progress or not |
|
| 75 | + * @return boolean true if there is a transaction in progress. |
|
| 76 | + */ |
|
| 77 | + public function hasActiveTransaction(): bool |
|
| 78 | + { |
|
| 79 | + return $this->hasActiveTransaction; |
|
| 80 | + } |
|
| 81 | + |
|
| 82 | + public function beginTransaction(string $isolationLevel = self::ISOLATION_READ_COMMITTED): bool |
|
| 83 | + { |
|
| 84 | + // Override the pre-existing method, which doesn't stop you from |
|
| 85 | + // starting transactions within transactions - which doesn't work and |
|
| 86 | + // will throw an exception. This eliminates the need to catch exceptions |
|
| 87 | + // all over the rest of the code |
|
| 88 | + if ($this->hasActiveTransaction) { |
|
| 89 | + return false; |
|
| 90 | + } |
|
| 91 | + else { |
|
| 92 | + $accessMode = 'READ WRITE'; |
|
| 93 | + |
|
| 94 | + switch ($isolationLevel) { |
|
| 95 | + case self::ISOLATION_SERIALIZABLE: |
|
| 96 | + case self::ISOLATION_READ_COMMITTED: |
|
| 97 | + break; |
|
| 98 | + case self::ISOLATION_READ_ONLY: |
|
| 99 | + $isolationLevel = self::ISOLATION_READ_COMMITTED; |
|
| 100 | + $accessMode = 'READ ONLY'; |
|
| 101 | + break; |
|
| 102 | + default: |
|
| 103 | + throw new Exception("Invalid transaction isolation level"); |
|
| 104 | + } |
|
| 105 | + |
|
| 106 | + // set the transaction isolation level for every transaction. |
|
| 107 | + // string substitution is safe here; values can only be one of the above constants |
|
| 108 | + parent::exec("SET TRANSACTION ISOLATION LEVEL ${isolationLevel}, ${accessMode};"); |
|
| 109 | + |
|
| 110 | + // start a new transaction, and return whether the start was successful |
|
| 111 | + $this->hasActiveTransaction = parent::beginTransaction(); |
|
| 112 | + |
|
| 113 | + return $this->hasActiveTransaction; |
|
| 114 | + } |
|
| 115 | + } |
|
| 116 | + |
|
| 117 | + /** |
|
| 118 | + * Commits the active transaction |
|
| 119 | + */ |
|
| 120 | + public function commit(): void |
|
| 121 | + { |
|
| 122 | + if ($this->hasActiveTransaction) { |
|
| 123 | + parent::commit(); |
|
| 124 | + $this->hasActiveTransaction = false; |
|
| 125 | + } |
|
| 126 | + } |
|
| 127 | + |
|
| 128 | + /** |
|
| 129 | + * Rolls back a transaction |
|
| 130 | + */ |
|
| 131 | + public function rollBack(): void |
|
| 132 | + { |
|
| 133 | + if ($this->hasActiveTransaction) { |
|
| 134 | + parent::rollback(); |
|
| 135 | + $this->hasActiveTransaction = false; |
|
| 136 | + } |
|
| 137 | + } |
|
| 138 | 138 | } |
@@ -16,130 +16,130 @@ |
||
| 16 | 16 | */ |
| 17 | 17 | class CommunityUser extends User |
| 18 | 18 | { |
| 19 | - public function getId() |
|
| 20 | - { |
|
| 21 | - return -1; |
|
| 22 | - } |
|
| 23 | - |
|
| 24 | - public function save() |
|
| 25 | - { |
|
| 26 | - // Do nothing |
|
| 27 | - } |
|
| 28 | - |
|
| 29 | - #region properties |
|
| 30 | - |
|
| 31 | - /** |
|
| 32 | - * @return string |
|
| 33 | - */ |
|
| 34 | - public function getUsername() |
|
| 35 | - { |
|
| 36 | - return '[Community]'; |
|
| 37 | - } |
|
| 38 | - |
|
| 39 | - public function setUsername($username) |
|
| 40 | - { |
|
| 41 | - } |
|
| 42 | - |
|
| 43 | - /** |
|
| 44 | - * @return string |
|
| 45 | - */ |
|
| 46 | - public function getEmail() |
|
| 47 | - { |
|
| 48 | - global $cDataClearEmail; |
|
| 49 | - |
|
| 50 | - return $cDataClearEmail; |
|
| 51 | - } |
|
| 52 | - |
|
| 53 | - public function setEmail($email) |
|
| 54 | - { |
|
| 55 | - } |
|
| 56 | - |
|
| 57 | - public function getStatus() |
|
| 58 | - { |
|
| 59 | - return "Community"; |
|
| 60 | - } |
|
| 61 | - |
|
| 62 | - public function getOnWikiName() |
|
| 63 | - { |
|
| 64 | - return "127.0.0.1"; |
|
| 65 | - } |
|
| 66 | - |
|
| 67 | - public function setOnWikiName($onWikiName) |
|
| 68 | - { |
|
| 69 | - } |
|
| 70 | - |
|
| 71 | - public function getLastActive() |
|
| 72 | - { |
|
| 73 | - $now = new DateTime(); |
|
| 74 | - |
|
| 75 | - return $now->format("Y-m-d H:i:s"); |
|
| 76 | - } |
|
| 77 | - |
|
| 78 | - public function getForceLogout() |
|
| 79 | - { |
|
| 80 | - return true; |
|
| 81 | - } |
|
| 82 | - |
|
| 83 | - public function setForceLogout($forceLogout) |
|
| 84 | - { |
|
| 85 | - } |
|
| 86 | - |
|
| 87 | - /** |
|
| 88 | - * @param string $status |
|
| 89 | - */ |
|
| 90 | - public function setStatus($status) |
|
| 91 | - { |
|
| 92 | - } |
|
| 93 | - |
|
| 94 | - public function getConfirmationDiff() |
|
| 95 | - { |
|
| 96 | - return null; |
|
| 97 | - } |
|
| 98 | - |
|
| 99 | - public function setConfirmationDiff($confirmationDiff) |
|
| 100 | - { |
|
| 101 | - } |
|
| 102 | - |
|
| 103 | - |
|
| 104 | - public function setUseAlternateSkin($useAlternate) |
|
| 105 | - { |
|
| 106 | - } |
|
| 107 | - |
|
| 108 | - #endregion |
|
| 109 | - |
|
| 110 | - #region user access checks |
|
| 111 | - |
|
| 112 | - public function isIdentified(IdentificationVerifier $iv) |
|
| 113 | - { |
|
| 114 | - return false; |
|
| 115 | - } |
|
| 116 | - |
|
| 117 | - public function isSuspended() |
|
| 118 | - { |
|
| 119 | - return false; |
|
| 120 | - } |
|
| 121 | - |
|
| 122 | - public function isNewUser() |
|
| 123 | - { |
|
| 124 | - return false; |
|
| 125 | - } |
|
| 126 | - |
|
| 127 | - public function isDeclined() |
|
| 128 | - { |
|
| 129 | - return false; |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - public function isCommunityUser() |
|
| 133 | - { |
|
| 134 | - return true; |
|
| 135 | - } |
|
| 136 | - |
|
| 137 | - #endregion |
|
| 19 | + public function getId() |
|
| 20 | + { |
|
| 21 | + return -1; |
|
| 22 | + } |
|
| 23 | + |
|
| 24 | + public function save() |
|
| 25 | + { |
|
| 26 | + // Do nothing |
|
| 27 | + } |
|
| 28 | + |
|
| 29 | + #region properties |
|
| 30 | + |
|
| 31 | + /** |
|
| 32 | + * @return string |
|
| 33 | + */ |
|
| 34 | + public function getUsername() |
|
| 35 | + { |
|
| 36 | + return '[Community]'; |
|
| 37 | + } |
|
| 38 | + |
|
| 39 | + public function setUsername($username) |
|
| 40 | + { |
|
| 41 | + } |
|
| 42 | + |
|
| 43 | + /** |
|
| 44 | + * @return string |
|
| 45 | + */ |
|
| 46 | + public function getEmail() |
|
| 47 | + { |
|
| 48 | + global $cDataClearEmail; |
|
| 49 | + |
|
| 50 | + return $cDataClearEmail; |
|
| 51 | + } |
|
| 52 | + |
|
| 53 | + public function setEmail($email) |
|
| 54 | + { |
|
| 55 | + } |
|
| 56 | + |
|
| 57 | + public function getStatus() |
|
| 58 | + { |
|
| 59 | + return "Community"; |
|
| 60 | + } |
|
| 61 | + |
|
| 62 | + public function getOnWikiName() |
|
| 63 | + { |
|
| 64 | + return "127.0.0.1"; |
|
| 65 | + } |
|
| 66 | + |
|
| 67 | + public function setOnWikiName($onWikiName) |
|
| 68 | + { |
|
| 69 | + } |
|
| 70 | + |
|
| 71 | + public function getLastActive() |
|
| 72 | + { |
|
| 73 | + $now = new DateTime(); |
|
| 74 | + |
|
| 75 | + return $now->format("Y-m-d H:i:s"); |
|
| 76 | + } |
|
| 77 | + |
|
| 78 | + public function getForceLogout() |
|
| 79 | + { |
|
| 80 | + return true; |
|
| 81 | + } |
|
| 82 | + |
|
| 83 | + public function setForceLogout($forceLogout) |
|
| 84 | + { |
|
| 85 | + } |
|
| 86 | + |
|
| 87 | + /** |
|
| 88 | + * @param string $status |
|
| 89 | + */ |
|
| 90 | + public function setStatus($status) |
|
| 91 | + { |
|
| 92 | + } |
|
| 93 | + |
|
| 94 | + public function getConfirmationDiff() |
|
| 95 | + { |
|
| 96 | + return null; |
|
| 97 | + } |
|
| 98 | + |
|
| 99 | + public function setConfirmationDiff($confirmationDiff) |
|
| 100 | + { |
|
| 101 | + } |
|
| 102 | + |
|
| 103 | + |
|
| 104 | + public function setUseAlternateSkin($useAlternate) |
|
| 105 | + { |
|
| 106 | + } |
|
| 107 | + |
|
| 108 | + #endregion |
|
| 109 | + |
|
| 110 | + #region user access checks |
|
| 111 | + |
|
| 112 | + public function isIdentified(IdentificationVerifier $iv) |
|
| 113 | + { |
|
| 114 | + return false; |
|
| 115 | + } |
|
| 116 | + |
|
| 117 | + public function isSuspended() |
|
| 118 | + { |
|
| 119 | + return false; |
|
| 120 | + } |
|
| 121 | + |
|
| 122 | + public function isNewUser() |
|
| 123 | + { |
|
| 124 | + return false; |
|
| 125 | + } |
|
| 126 | + |
|
| 127 | + public function isDeclined() |
|
| 128 | + { |
|
| 129 | + return false; |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + public function isCommunityUser() |
|
| 133 | + { |
|
| 134 | + return true; |
|
| 135 | + } |
|
| 136 | + |
|
| 137 | + #endregion |
|
| 138 | 138 | |
| 139 | - public function getApprovalDate() |
|
| 140 | - { |
|
| 141 | - $data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00"); |
|
| 139 | + public function getApprovalDate() |
|
| 140 | + { |
|
| 141 | + $data = DateTime::createFromFormat("Y-m-d H:i:s", "1970-01-01 00:00:00"); |
|
| 142 | 142 | |
| 143 | - return $data; |
|
| 144 | - } |
|
| 143 | + return $data; |
|
| 144 | + } |
|
| 145 | 145 | } |
@@ -21,154 +21,154 @@ discard block |
||
| 21 | 21 | */ |
| 22 | 22 | class User extends DataObject |
| 23 | 23 | { |
| 24 | - const STATUS_ACTIVE = 'Active'; |
|
| 25 | - const STATUS_SUSPENDED = 'Suspended'; |
|
| 26 | - const STATUS_DECLINED = 'Declined'; |
|
| 27 | - const STATUS_NEW = 'New'; |
|
| 28 | - |
|
| 29 | - private static CommunityUser $community; |
|
| 30 | - |
|
| 31 | - private $username; |
|
| 32 | - private $email; |
|
| 33 | - private $status = self::STATUS_NEW; |
|
| 34 | - private $onwikiname; |
|
| 35 | - private $lastactive = "0000-00-00 00:00:00"; |
|
| 36 | - private $forcelogout = 0; |
|
| 37 | - private $forceidentified = null; |
|
| 38 | - private $confirmationdiff = 0; |
|
| 39 | - /** @var User Cache variable of the current user - it's never going to change in the middle of a request. */ |
|
| 40 | - private static $currentUser; |
|
| 41 | - #region Object load methods |
|
| 42 | - |
|
| 43 | - /** |
|
| 44 | - * Gets the currently logged in user |
|
| 45 | - * |
|
| 46 | - * @param PdoDatabase $database |
|
| 47 | - * |
|
| 48 | - * @return User|CommunityUser |
|
| 49 | - */ |
|
| 50 | - public static function getCurrent(PdoDatabase $database) |
|
| 51 | - { |
|
| 52 | - if (self::$currentUser === null) { |
|
| 53 | - $sessionId = WebRequest::getSessionUserId(); |
|
| 54 | - |
|
| 55 | - if ($sessionId !== null) { |
|
| 56 | - /** @var User $user */ |
|
| 57 | - $user = self::getById($sessionId, $database); |
|
| 58 | - |
|
| 59 | - if ($user === false) { |
|
| 60 | - self::$currentUser = new CommunityUser(); |
|
| 61 | - } |
|
| 62 | - else { |
|
| 63 | - self::$currentUser = $user; |
|
| 64 | - } |
|
| 65 | - } |
|
| 66 | - else { |
|
| 67 | - $anonymousCoward = new CommunityUser(); |
|
| 68 | - |
|
| 69 | - self::$currentUser = $anonymousCoward; |
|
| 70 | - } |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - return self::$currentUser; |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - /** |
|
| 77 | - * Gets a user by their user ID |
|
| 78 | - * |
|
| 79 | - * Pass -1 to get the community user. |
|
| 80 | - * |
|
| 81 | - * @param int|null $id |
|
| 82 | - * @param PdoDatabase $database |
|
| 83 | - * |
|
| 84 | - * @return User|false |
|
| 85 | - */ |
|
| 86 | - public static function getById($id, PdoDatabase $database) |
|
| 87 | - { |
|
| 88 | - if ($id === null || $id == -1) { |
|
| 89 | - return new CommunityUser(); |
|
| 90 | - } |
|
| 91 | - |
|
| 92 | - /** @var User|false $user */ |
|
| 93 | - $user = parent::getById($id, $database); |
|
| 94 | - |
|
| 95 | - return $user; |
|
| 96 | - } |
|
| 97 | - |
|
| 98 | - public static function getCommunity(): CommunityUser |
|
| 99 | - { |
|
| 100 | - if (!isset(self::$community)) { |
|
| 101 | - self::$community = new CommunityUser(); |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - return self::$community; |
|
| 105 | - } |
|
| 106 | - |
|
| 107 | - /** |
|
| 108 | - * Gets a user by their username |
|
| 109 | - * |
|
| 110 | - * @param string $username |
|
| 111 | - * @param PdoDatabase $database |
|
| 112 | - * |
|
| 113 | - * @return CommunityUser|User|false |
|
| 114 | - */ |
|
| 115 | - public static function getByUsername($username, PdoDatabase $database) |
|
| 116 | - { |
|
| 117 | - if ($username === self::getCommunity()->getUsername()) { |
|
| 118 | - return new CommunityUser(); |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - $statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;"); |
|
| 122 | - $statement->bindValue(":id", $username); |
|
| 123 | - |
|
| 124 | - $statement->execute(); |
|
| 125 | - |
|
| 126 | - $resultObject = $statement->fetchObject(get_called_class()); |
|
| 127 | - |
|
| 128 | - if ($resultObject != false) { |
|
| 129 | - $resultObject->setDatabase($database); |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - return $resultObject; |
|
| 133 | - } |
|
| 134 | - |
|
| 135 | - /** |
|
| 136 | - * Gets a user by their on-wiki username. |
|
| 137 | - * |
|
| 138 | - * @param string $username |
|
| 139 | - * @param PdoDatabase $database |
|
| 140 | - * |
|
| 141 | - * @return User|false |
|
| 142 | - */ |
|
| 143 | - public static function getByOnWikiUsername($username, PdoDatabase $database) |
|
| 144 | - { |
|
| 145 | - $statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;"); |
|
| 146 | - $statement->bindValue(":id", $username); |
|
| 147 | - $statement->execute(); |
|
| 148 | - |
|
| 149 | - $resultObject = $statement->fetchObject(get_called_class()); |
|
| 150 | - |
|
| 151 | - if ($resultObject != false) { |
|
| 152 | - $resultObject->setDatabase($database); |
|
| 153 | - |
|
| 154 | - return $resultObject; |
|
| 155 | - } |
|
| 156 | - |
|
| 157 | - return false; |
|
| 158 | - } |
|
| 159 | - |
|
| 160 | - #endregion |
|
| 161 | - |
|
| 162 | - /** |
|
| 163 | - * Saves the current object |
|
| 164 | - * |
|
| 165 | - * @throws Exception |
|
| 166 | - */ |
|
| 167 | - public function save() |
|
| 168 | - { |
|
| 169 | - if ($this->isNew()) { |
|
| 170 | - // insert |
|
| 171 | - $statement = $this->dbObject->prepare(<<<SQL |
|
| 24 | + const STATUS_ACTIVE = 'Active'; |
|
| 25 | + const STATUS_SUSPENDED = 'Suspended'; |
|
| 26 | + const STATUS_DECLINED = 'Declined'; |
|
| 27 | + const STATUS_NEW = 'New'; |
|
| 28 | + |
|
| 29 | + private static CommunityUser $community; |
|
| 30 | + |
|
| 31 | + private $username; |
|
| 32 | + private $email; |
|
| 33 | + private $status = self::STATUS_NEW; |
|
| 34 | + private $onwikiname; |
|
| 35 | + private $lastactive = "0000-00-00 00:00:00"; |
|
| 36 | + private $forcelogout = 0; |
|
| 37 | + private $forceidentified = null; |
|
| 38 | + private $confirmationdiff = 0; |
|
| 39 | + /** @var User Cache variable of the current user - it's never going to change in the middle of a request. */ |
|
| 40 | + private static $currentUser; |
|
| 41 | + #region Object load methods |
|
| 42 | + |
|
| 43 | + /** |
|
| 44 | + * Gets the currently logged in user |
|
| 45 | + * |
|
| 46 | + * @param PdoDatabase $database |
|
| 47 | + * |
|
| 48 | + * @return User|CommunityUser |
|
| 49 | + */ |
|
| 50 | + public static function getCurrent(PdoDatabase $database) |
|
| 51 | + { |
|
| 52 | + if (self::$currentUser === null) { |
|
| 53 | + $sessionId = WebRequest::getSessionUserId(); |
|
| 54 | + |
|
| 55 | + if ($sessionId !== null) { |
|
| 56 | + /** @var User $user */ |
|
| 57 | + $user = self::getById($sessionId, $database); |
|
| 58 | + |
|
| 59 | + if ($user === false) { |
|
| 60 | + self::$currentUser = new CommunityUser(); |
|
| 61 | + } |
|
| 62 | + else { |
|
| 63 | + self::$currentUser = $user; |
|
| 64 | + } |
|
| 65 | + } |
|
| 66 | + else { |
|
| 67 | + $anonymousCoward = new CommunityUser(); |
|
| 68 | + |
|
| 69 | + self::$currentUser = $anonymousCoward; |
|
| 70 | + } |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + return self::$currentUser; |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + /** |
|
| 77 | + * Gets a user by their user ID |
|
| 78 | + * |
|
| 79 | + * Pass -1 to get the community user. |
|
| 80 | + * |
|
| 81 | + * @param int|null $id |
|
| 82 | + * @param PdoDatabase $database |
|
| 83 | + * |
|
| 84 | + * @return User|false |
|
| 85 | + */ |
|
| 86 | + public static function getById($id, PdoDatabase $database) |
|
| 87 | + { |
|
| 88 | + if ($id === null || $id == -1) { |
|
| 89 | + return new CommunityUser(); |
|
| 90 | + } |
|
| 91 | + |
|
| 92 | + /** @var User|false $user */ |
|
| 93 | + $user = parent::getById($id, $database); |
|
| 94 | + |
|
| 95 | + return $user; |
|
| 96 | + } |
|
| 97 | + |
|
| 98 | + public static function getCommunity(): CommunityUser |
|
| 99 | + { |
|
| 100 | + if (!isset(self::$community)) { |
|
| 101 | + self::$community = new CommunityUser(); |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + return self::$community; |
|
| 105 | + } |
|
| 106 | + |
|
| 107 | + /** |
|
| 108 | + * Gets a user by their username |
|
| 109 | + * |
|
| 110 | + * @param string $username |
|
| 111 | + * @param PdoDatabase $database |
|
| 112 | + * |
|
| 113 | + * @return CommunityUser|User|false |
|
| 114 | + */ |
|
| 115 | + public static function getByUsername($username, PdoDatabase $database) |
|
| 116 | + { |
|
| 117 | + if ($username === self::getCommunity()->getUsername()) { |
|
| 118 | + return new CommunityUser(); |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + $statement = $database->prepare("SELECT * FROM user WHERE username = :id LIMIT 1;"); |
|
| 122 | + $statement->bindValue(":id", $username); |
|
| 123 | + |
|
| 124 | + $statement->execute(); |
|
| 125 | + |
|
| 126 | + $resultObject = $statement->fetchObject(get_called_class()); |
|
| 127 | + |
|
| 128 | + if ($resultObject != false) { |
|
| 129 | + $resultObject->setDatabase($database); |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + return $resultObject; |
|
| 133 | + } |
|
| 134 | + |
|
| 135 | + /** |
|
| 136 | + * Gets a user by their on-wiki username. |
|
| 137 | + * |
|
| 138 | + * @param string $username |
|
| 139 | + * @param PdoDatabase $database |
|
| 140 | + * |
|
| 141 | + * @return User|false |
|
| 142 | + */ |
|
| 143 | + public static function getByOnWikiUsername($username, PdoDatabase $database) |
|
| 144 | + { |
|
| 145 | + $statement = $database->prepare("SELECT * FROM user WHERE onwikiname = :id LIMIT 1;"); |
|
| 146 | + $statement->bindValue(":id", $username); |
|
| 147 | + $statement->execute(); |
|
| 148 | + |
|
| 149 | + $resultObject = $statement->fetchObject(get_called_class()); |
|
| 150 | + |
|
| 151 | + if ($resultObject != false) { |
|
| 152 | + $resultObject->setDatabase($database); |
|
| 153 | + |
|
| 154 | + return $resultObject; |
|
| 155 | + } |
|
| 156 | + |
|
| 157 | + return false; |
|
| 158 | + } |
|
| 159 | + |
|
| 160 | + #endregion |
|
| 161 | + |
|
| 162 | + /** |
|
| 163 | + * Saves the current object |
|
| 164 | + * |
|
| 165 | + * @throws Exception |
|
| 166 | + */ |
|
| 167 | + public function save() |
|
| 168 | + { |
|
| 169 | + if ($this->isNew()) { |
|
| 170 | + // insert |
|
| 171 | + $statement = $this->dbObject->prepare(<<<SQL |
|
| 172 | 172 | INSERT INTO `user` ( |
| 173 | 173 | username, email, status, onwikiname, |
| 174 | 174 | lastactive, forcelogout, forceidentified, |
@@ -179,26 +179,26 @@ discard block |
||
| 179 | 179 | :confirmationdiff |
| 180 | 180 | ); |
| 181 | 181 | SQL |
| 182 | - ); |
|
| 183 | - $statement->bindValue(":username", $this->username); |
|
| 184 | - $statement->bindValue(":email", $this->email); |
|
| 185 | - $statement->bindValue(":status", $this->status); |
|
| 186 | - $statement->bindValue(":onwikiname", $this->onwikiname); |
|
| 187 | - $statement->bindValue(":lastactive", $this->lastactive); |
|
| 188 | - $statement->bindValue(":forcelogout", $this->forcelogout); |
|
| 189 | - $statement->bindValue(":forceidentified", $this->forceidentified); |
|
| 190 | - $statement->bindValue(":confirmationdiff", $this->confirmationdiff); |
|
| 191 | - |
|
| 192 | - if ($statement->execute()) { |
|
| 193 | - $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 194 | - } |
|
| 195 | - else { |
|
| 196 | - throw new Exception($statement->errorInfo()); |
|
| 197 | - } |
|
| 198 | - } |
|
| 199 | - else { |
|
| 200 | - // update |
|
| 201 | - $statement = $this->dbObject->prepare(<<<SQL |
|
| 182 | + ); |
|
| 183 | + $statement->bindValue(":username", $this->username); |
|
| 184 | + $statement->bindValue(":email", $this->email); |
|
| 185 | + $statement->bindValue(":status", $this->status); |
|
| 186 | + $statement->bindValue(":onwikiname", $this->onwikiname); |
|
| 187 | + $statement->bindValue(":lastactive", $this->lastactive); |
|
| 188 | + $statement->bindValue(":forcelogout", $this->forcelogout); |
|
| 189 | + $statement->bindValue(":forceidentified", $this->forceidentified); |
|
| 190 | + $statement->bindValue(":confirmationdiff", $this->confirmationdiff); |
|
| 191 | + |
|
| 192 | + if ($statement->execute()) { |
|
| 193 | + $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 194 | + } |
|
| 195 | + else { |
|
| 196 | + throw new Exception($statement->errorInfo()); |
|
| 197 | + } |
|
| 198 | + } |
|
| 199 | + else { |
|
| 200 | + // update |
|
| 201 | + $statement = $this->dbObject->prepare(<<<SQL |
|
| 202 | 202 | UPDATE `user` SET |
| 203 | 203 | username = :username, email = :email, |
| 204 | 204 | status = :status, |
@@ -210,263 +210,263 @@ discard block |
||
| 210 | 210 | updateversion = updateversion + 1 |
| 211 | 211 | WHERE id = :id AND updateversion = :updateversion; |
| 212 | 212 | SQL |
| 213 | - ); |
|
| 214 | - $statement->bindValue(":forceidentified", $this->forceidentified); |
|
| 215 | - |
|
| 216 | - $statement->bindValue(':id', $this->id); |
|
| 217 | - $statement->bindValue(':updateversion', $this->updateversion); |
|
| 218 | - |
|
| 219 | - $statement->bindValue(':username', $this->username); |
|
| 220 | - $statement->bindValue(':email', $this->email); |
|
| 221 | - $statement->bindValue(':status', $this->status); |
|
| 222 | - $statement->bindValue(':onwikiname', $this->onwikiname); |
|
| 223 | - $statement->bindValue(':lastactive', $this->lastactive); |
|
| 224 | - $statement->bindValue(':forcelogout', $this->forcelogout); |
|
| 225 | - $statement->bindValue(':forceidentified', $this->forceidentified); |
|
| 226 | - $statement->bindValue(':confirmationdiff', $this->confirmationdiff); |
|
| 227 | - |
|
| 228 | - if (!$statement->execute()) { |
|
| 229 | - throw new Exception($statement->errorInfo()); |
|
| 230 | - } |
|
| 231 | - |
|
| 232 | - if ($statement->rowCount() !== 1) { |
|
| 233 | - throw new OptimisticLockFailedException(); |
|
| 234 | - } |
|
| 235 | - |
|
| 236 | - $this->updateversion++; |
|
| 237 | - } |
|
| 238 | - } |
|
| 239 | - |
|
| 240 | - #region properties |
|
| 241 | - |
|
| 242 | - /** |
|
| 243 | - * Gets the tool username |
|
| 244 | - * @return string |
|
| 245 | - */ |
|
| 246 | - public function getUsername() |
|
| 247 | - { |
|
| 248 | - return $this->username; |
|
| 249 | - } |
|
| 250 | - |
|
| 251 | - /** |
|
| 252 | - * Sets the tool username |
|
| 253 | - * |
|
| 254 | - * @param string $username |
|
| 255 | - */ |
|
| 256 | - public function setUsername($username) |
|
| 257 | - { |
|
| 258 | - $this->username = $username; |
|
| 259 | - |
|
| 260 | - // If this isn't a brand new user, then it's a rename, force the logout |
|
| 261 | - if (!$this->isNew()) { |
|
| 262 | - $this->forcelogout = 1; |
|
| 263 | - } |
|
| 264 | - } |
|
| 265 | - |
|
| 266 | - /** |
|
| 267 | - * Gets the user's email address |
|
| 268 | - * @return string |
|
| 269 | - */ |
|
| 270 | - public function getEmail() |
|
| 271 | - { |
|
| 272 | - return $this->email; |
|
| 273 | - } |
|
| 274 | - |
|
| 275 | - /** |
|
| 276 | - * Sets the user's email address |
|
| 277 | - * |
|
| 278 | - * @param string $email |
|
| 279 | - */ |
|
| 280 | - public function setEmail($email) |
|
| 281 | - { |
|
| 282 | - $this->email = $email; |
|
| 283 | - } |
|
| 284 | - |
|
| 285 | - /** |
|
| 286 | - * Gets the status (User, Admin, Suspended, etc - excludes checkuser) of the user. |
|
| 287 | - * @return string |
|
| 288 | - */ |
|
| 289 | - public function getStatus() |
|
| 290 | - { |
|
| 291 | - return $this->status; |
|
| 292 | - } |
|
| 293 | - |
|
| 294 | - /** |
|
| 295 | - * @param string $status |
|
| 296 | - */ |
|
| 297 | - public function setStatus($status) |
|
| 298 | - { |
|
| 299 | - $this->status = $status; |
|
| 300 | - } |
|
| 301 | - |
|
| 302 | - /** |
|
| 303 | - * Gets the user's on-wiki name |
|
| 304 | - * @return string |
|
| 305 | - */ |
|
| 306 | - public function getOnWikiName() |
|
| 307 | - { |
|
| 308 | - return $this->onwikiname; |
|
| 309 | - } |
|
| 310 | - |
|
| 311 | - /** |
|
| 312 | - * Sets the user's on-wiki name |
|
| 313 | - * |
|
| 314 | - * This can have interesting side-effects with OAuth. |
|
| 315 | - * |
|
| 316 | - * @param string $onWikiName |
|
| 317 | - */ |
|
| 318 | - public function setOnWikiName($onWikiName) |
|
| 319 | - { |
|
| 320 | - $this->onwikiname = $onWikiName; |
|
| 321 | - } |
|
| 322 | - |
|
| 323 | - /** |
|
| 324 | - * Gets the last activity date for the user |
|
| 325 | - * |
|
| 326 | - * @return string |
|
| 327 | - * @todo This should probably return an instance of DateTime |
|
| 328 | - */ |
|
| 329 | - public function getLastActive() |
|
| 330 | - { |
|
| 331 | - return $this->lastactive; |
|
| 332 | - } |
|
| 333 | - |
|
| 334 | - /** |
|
| 335 | - * Gets the user's forced logout status |
|
| 336 | - * |
|
| 337 | - * @return bool |
|
| 338 | - */ |
|
| 339 | - public function getForceLogout() |
|
| 340 | - { |
|
| 341 | - return $this->forcelogout == 1; |
|
| 342 | - } |
|
| 343 | - |
|
| 344 | - /** |
|
| 345 | - * Sets the user's forced logout status |
|
| 346 | - * |
|
| 347 | - * @param bool $forceLogout |
|
| 348 | - */ |
|
| 349 | - public function setForceLogout($forceLogout) |
|
| 350 | - { |
|
| 351 | - $this->forcelogout = $forceLogout ? 1 : 0; |
|
| 352 | - } |
|
| 353 | - |
|
| 354 | - /** |
|
| 355 | - * Gets the user's confirmation diff. Unused if OAuth is in use. |
|
| 356 | - * @return int the diff ID |
|
| 357 | - */ |
|
| 358 | - public function getConfirmationDiff() |
|
| 359 | - { |
|
| 360 | - return $this->confirmationdiff; |
|
| 361 | - } |
|
| 362 | - |
|
| 363 | - /** |
|
| 364 | - * Sets the user's confirmation diff. |
|
| 365 | - * |
|
| 366 | - * @param int $confirmationDiff |
|
| 367 | - */ |
|
| 368 | - public function setConfirmationDiff($confirmationDiff) |
|
| 369 | - { |
|
| 370 | - $this->confirmationdiff = $confirmationDiff; |
|
| 371 | - } |
|
| 372 | - |
|
| 373 | - #endregion |
|
| 374 | - |
|
| 375 | - #region user access checks |
|
| 376 | - |
|
| 377 | - public function isActive() |
|
| 378 | - { |
|
| 379 | - return $this->status == self::STATUS_ACTIVE; |
|
| 380 | - } |
|
| 381 | - |
|
| 382 | - /** |
|
| 383 | - * Tests if the user is identified |
|
| 384 | - * |
|
| 385 | - * @param IdentificationVerifier $iv |
|
| 386 | - * |
|
| 387 | - * @return bool |
|
| 388 | - * @todo Figure out what on earth is going on with PDO's typecasting here. Apparently, it returns string("0") for |
|
| 389 | - * the force-unidentified case, and int(1) for the identified case?! This is quite ugly, but probably needed |
|
| 390 | - * to play it safe for now. |
|
| 391 | - * @category Security-Critical |
|
| 392 | - */ |
|
| 393 | - public function isIdentified(IdentificationVerifier $iv) |
|
| 394 | - { |
|
| 395 | - if ($this->forceidentified === 0 || $this->forceidentified === "0") { |
|
| 396 | - // User forced to unidentified in the database. |
|
| 397 | - return false; |
|
| 398 | - } |
|
| 399 | - elseif ($this->forceidentified === 1 || $this->forceidentified === "1") { |
|
| 400 | - // User forced to identified in the database. |
|
| 401 | - return true; |
|
| 402 | - } |
|
| 403 | - else { |
|
| 404 | - // User not forced to any particular identified status; consult IdentificationVerifier |
|
| 405 | - return $iv->isUserIdentified($this->getOnWikiName()); |
|
| 406 | - } |
|
| 407 | - } |
|
| 408 | - |
|
| 409 | - /** |
|
| 410 | - * DO NOT USE FOR TESTING IDENTIFICATION STATUS. |
|
| 411 | - * |
|
| 412 | - * @return bool|null |
|
| 413 | - */ |
|
| 414 | - public function getForceIdentified() |
|
| 415 | - { |
|
| 416 | - return $this->forceidentified; |
|
| 417 | - } |
|
| 418 | - |
|
| 419 | - /** |
|
| 420 | - * Tests if the user is suspended |
|
| 421 | - * @return bool |
|
| 422 | - * @category Security-Critical |
|
| 423 | - */ |
|
| 424 | - public function isSuspended() |
|
| 425 | - { |
|
| 426 | - return $this->status == self::STATUS_SUSPENDED; |
|
| 427 | - } |
|
| 428 | - |
|
| 429 | - /** |
|
| 430 | - * Tests if the user is new |
|
| 431 | - * @return bool |
|
| 432 | - * @category Security-Critical |
|
| 433 | - */ |
|
| 434 | - public function isNewUser() |
|
| 435 | - { |
|
| 436 | - return $this->status == self::STATUS_NEW; |
|
| 437 | - } |
|
| 438 | - |
|
| 439 | - /** |
|
| 440 | - * Tests if the user has been declined access to the tool |
|
| 441 | - * @return bool |
|
| 442 | - * @category Security-Critical |
|
| 443 | - */ |
|
| 444 | - public function isDeclined() |
|
| 445 | - { |
|
| 446 | - return $this->status == self::STATUS_DECLINED; |
|
| 447 | - } |
|
| 448 | - |
|
| 449 | - /** |
|
| 450 | - * Tests if the user is the community user |
|
| 451 | - * |
|
| 452 | - * @todo decide if this means logged out. I think it usually does. |
|
| 453 | - * @return bool |
|
| 454 | - * @category Security-Critical |
|
| 455 | - */ |
|
| 456 | - public function isCommunityUser() |
|
| 457 | - { |
|
| 458 | - return false; |
|
| 459 | - } |
|
| 460 | - |
|
| 461 | - #endregion |
|
| 462 | - |
|
| 463 | - /** |
|
| 464 | - * Gets the approval date of the user |
|
| 465 | - * @return DateTime|false |
|
| 466 | - */ |
|
| 467 | - public function getApprovalDate() |
|
| 468 | - { |
|
| 469 | - $query = $this->dbObject->prepare(<<<SQL |
|
| 213 | + ); |
|
| 214 | + $statement->bindValue(":forceidentified", $this->forceidentified); |
|
| 215 | + |
|
| 216 | + $statement->bindValue(':id', $this->id); |
|
| 217 | + $statement->bindValue(':updateversion', $this->updateversion); |
|
| 218 | + |
|
| 219 | + $statement->bindValue(':username', $this->username); |
|
| 220 | + $statement->bindValue(':email', $this->email); |
|
| 221 | + $statement->bindValue(':status', $this->status); |
|
| 222 | + $statement->bindValue(':onwikiname', $this->onwikiname); |
|
| 223 | + $statement->bindValue(':lastactive', $this->lastactive); |
|
| 224 | + $statement->bindValue(':forcelogout', $this->forcelogout); |
|
| 225 | + $statement->bindValue(':forceidentified', $this->forceidentified); |
|
| 226 | + $statement->bindValue(':confirmationdiff', $this->confirmationdiff); |
|
| 227 | + |
|
| 228 | + if (!$statement->execute()) { |
|
| 229 | + throw new Exception($statement->errorInfo()); |
|
| 230 | + } |
|
| 231 | + |
|
| 232 | + if ($statement->rowCount() !== 1) { |
|
| 233 | + throw new OptimisticLockFailedException(); |
|
| 234 | + } |
|
| 235 | + |
|
| 236 | + $this->updateversion++; |
|
| 237 | + } |
|
| 238 | + } |
|
| 239 | + |
|
| 240 | + #region properties |
|
| 241 | + |
|
| 242 | + /** |
|
| 243 | + * Gets the tool username |
|
| 244 | + * @return string |
|
| 245 | + */ |
|
| 246 | + public function getUsername() |
|
| 247 | + { |
|
| 248 | + return $this->username; |
|
| 249 | + } |
|
| 250 | + |
|
| 251 | + /** |
|
| 252 | + * Sets the tool username |
|
| 253 | + * |
|
| 254 | + * @param string $username |
|
| 255 | + */ |
|
| 256 | + public function setUsername($username) |
|
| 257 | + { |
|
| 258 | + $this->username = $username; |
|
| 259 | + |
|
| 260 | + // If this isn't a brand new user, then it's a rename, force the logout |
|
| 261 | + if (!$this->isNew()) { |
|
| 262 | + $this->forcelogout = 1; |
|
| 263 | + } |
|
| 264 | + } |
|
| 265 | + |
|
| 266 | + /** |
|
| 267 | + * Gets the user's email address |
|
| 268 | + * @return string |
|
| 269 | + */ |
|
| 270 | + public function getEmail() |
|
| 271 | + { |
|
| 272 | + return $this->email; |
|
| 273 | + } |
|
| 274 | + |
|
| 275 | + /** |
|
| 276 | + * Sets the user's email address |
|
| 277 | + * |
|
| 278 | + * @param string $email |
|
| 279 | + */ |
|
| 280 | + public function setEmail($email) |
|
| 281 | + { |
|
| 282 | + $this->email = $email; |
|
| 283 | + } |
|
| 284 | + |
|
| 285 | + /** |
|
| 286 | + * Gets the status (User, Admin, Suspended, etc - excludes checkuser) of the user. |
|
| 287 | + * @return string |
|
| 288 | + */ |
|
| 289 | + public function getStatus() |
|
| 290 | + { |
|
| 291 | + return $this->status; |
|
| 292 | + } |
|
| 293 | + |
|
| 294 | + /** |
|
| 295 | + * @param string $status |
|
| 296 | + */ |
|
| 297 | + public function setStatus($status) |
|
| 298 | + { |
|
| 299 | + $this->status = $status; |
|
| 300 | + } |
|
| 301 | + |
|
| 302 | + /** |
|
| 303 | + * Gets the user's on-wiki name |
|
| 304 | + * @return string |
|
| 305 | + */ |
|
| 306 | + public function getOnWikiName() |
|
| 307 | + { |
|
| 308 | + return $this->onwikiname; |
|
| 309 | + } |
|
| 310 | + |
|
| 311 | + /** |
|
| 312 | + * Sets the user's on-wiki name |
|
| 313 | + * |
|
| 314 | + * This can have interesting side-effects with OAuth. |
|
| 315 | + * |
|
| 316 | + * @param string $onWikiName |
|
| 317 | + */ |
|
| 318 | + public function setOnWikiName($onWikiName) |
|
| 319 | + { |
|
| 320 | + $this->onwikiname = $onWikiName; |
|
| 321 | + } |
|
| 322 | + |
|
| 323 | + /** |
|
| 324 | + * Gets the last activity date for the user |
|
| 325 | + * |
|
| 326 | + * @return string |
|
| 327 | + * @todo This should probably return an instance of DateTime |
|
| 328 | + */ |
|
| 329 | + public function getLastActive() |
|
| 330 | + { |
|
| 331 | + return $this->lastactive; |
|
| 332 | + } |
|
| 333 | + |
|
| 334 | + /** |
|
| 335 | + * Gets the user's forced logout status |
|
| 336 | + * |
|
| 337 | + * @return bool |
|
| 338 | + */ |
|
| 339 | + public function getForceLogout() |
|
| 340 | + { |
|
| 341 | + return $this->forcelogout == 1; |
|
| 342 | + } |
|
| 343 | + |
|
| 344 | + /** |
|
| 345 | + * Sets the user's forced logout status |
|
| 346 | + * |
|
| 347 | + * @param bool $forceLogout |
|
| 348 | + */ |
|
| 349 | + public function setForceLogout($forceLogout) |
|
| 350 | + { |
|
| 351 | + $this->forcelogout = $forceLogout ? 1 : 0; |
|
| 352 | + } |
|
| 353 | + |
|
| 354 | + /** |
|
| 355 | + * Gets the user's confirmation diff. Unused if OAuth is in use. |
|
| 356 | + * @return int the diff ID |
|
| 357 | + */ |
|
| 358 | + public function getConfirmationDiff() |
|
| 359 | + { |
|
| 360 | + return $this->confirmationdiff; |
|
| 361 | + } |
|
| 362 | + |
|
| 363 | + /** |
|
| 364 | + * Sets the user's confirmation diff. |
|
| 365 | + * |
|
| 366 | + * @param int $confirmationDiff |
|
| 367 | + */ |
|
| 368 | + public function setConfirmationDiff($confirmationDiff) |
|
| 369 | + { |
|
| 370 | + $this->confirmationdiff = $confirmationDiff; |
|
| 371 | + } |
|
| 372 | + |
|
| 373 | + #endregion |
|
| 374 | + |
|
| 375 | + #region user access checks |
|
| 376 | + |
|
| 377 | + public function isActive() |
|
| 378 | + { |
|
| 379 | + return $this->status == self::STATUS_ACTIVE; |
|
| 380 | + } |
|
| 381 | + |
|
| 382 | + /** |
|
| 383 | + * Tests if the user is identified |
|
| 384 | + * |
|
| 385 | + * @param IdentificationVerifier $iv |
|
| 386 | + * |
|
| 387 | + * @return bool |
|
| 388 | + * @todo Figure out what on earth is going on with PDO's typecasting here. Apparently, it returns string("0") for |
|
| 389 | + * the force-unidentified case, and int(1) for the identified case?! This is quite ugly, but probably needed |
|
| 390 | + * to play it safe for now. |
|
| 391 | + * @category Security-Critical |
|
| 392 | + */ |
|
| 393 | + public function isIdentified(IdentificationVerifier $iv) |
|
| 394 | + { |
|
| 395 | + if ($this->forceidentified === 0 || $this->forceidentified === "0") { |
|
| 396 | + // User forced to unidentified in the database. |
|
| 397 | + return false; |
|
| 398 | + } |
|
| 399 | + elseif ($this->forceidentified === 1 || $this->forceidentified === "1") { |
|
| 400 | + // User forced to identified in the database. |
|
| 401 | + return true; |
|
| 402 | + } |
|
| 403 | + else { |
|
| 404 | + // User not forced to any particular identified status; consult IdentificationVerifier |
|
| 405 | + return $iv->isUserIdentified($this->getOnWikiName()); |
|
| 406 | + } |
|
| 407 | + } |
|
| 408 | + |
|
| 409 | + /** |
|
| 410 | + * DO NOT USE FOR TESTING IDENTIFICATION STATUS. |
|
| 411 | + * |
|
| 412 | + * @return bool|null |
|
| 413 | + */ |
|
| 414 | + public function getForceIdentified() |
|
| 415 | + { |
|
| 416 | + return $this->forceidentified; |
|
| 417 | + } |
|
| 418 | + |
|
| 419 | + /** |
|
| 420 | + * Tests if the user is suspended |
|
| 421 | + * @return bool |
|
| 422 | + * @category Security-Critical |
|
| 423 | + */ |
|
| 424 | + public function isSuspended() |
|
| 425 | + { |
|
| 426 | + return $this->status == self::STATUS_SUSPENDED; |
|
| 427 | + } |
|
| 428 | + |
|
| 429 | + /** |
|
| 430 | + * Tests if the user is new |
|
| 431 | + * @return bool |
|
| 432 | + * @category Security-Critical |
|
| 433 | + */ |
|
| 434 | + public function isNewUser() |
|
| 435 | + { |
|
| 436 | + return $this->status == self::STATUS_NEW; |
|
| 437 | + } |
|
| 438 | + |
|
| 439 | + /** |
|
| 440 | + * Tests if the user has been declined access to the tool |
|
| 441 | + * @return bool |
|
| 442 | + * @category Security-Critical |
|
| 443 | + */ |
|
| 444 | + public function isDeclined() |
|
| 445 | + { |
|
| 446 | + return $this->status == self::STATUS_DECLINED; |
|
| 447 | + } |
|
| 448 | + |
|
| 449 | + /** |
|
| 450 | + * Tests if the user is the community user |
|
| 451 | + * |
|
| 452 | + * @todo decide if this means logged out. I think it usually does. |
|
| 453 | + * @return bool |
|
| 454 | + * @category Security-Critical |
|
| 455 | + */ |
|
| 456 | + public function isCommunityUser() |
|
| 457 | + { |
|
| 458 | + return false; |
|
| 459 | + } |
|
| 460 | + |
|
| 461 | + #endregion |
|
| 462 | + |
|
| 463 | + /** |
|
| 464 | + * Gets the approval date of the user |
|
| 465 | + * @return DateTime|false |
|
| 466 | + */ |
|
| 467 | + public function getApprovalDate() |
|
| 468 | + { |
|
| 469 | + $query = $this->dbObject->prepare(<<<SQL |
|
| 470 | 470 | SELECT timestamp |
| 471 | 471 | FROM log |
| 472 | 472 | WHERE objectid = :userid |
@@ -475,12 +475,12 @@ discard block |
||
| 475 | 475 | ORDER BY id DESC |
| 476 | 476 | LIMIT 1; |
| 477 | 477 | SQL |
| 478 | - ); |
|
| 479 | - $query->execute(array(":userid" => $this->id)); |
|
| 478 | + ); |
|
| 479 | + $query->execute(array(":userid" => $this->id)); |
|
| 480 | 480 | |
| 481 | - $data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn()); |
|
| 482 | - $query->closeCursor(); |
|
| 481 | + $data = DateTime::createFromFormat("Y-m-d H:i:s", $query->fetchColumn()); |
|
| 482 | + $query->closeCursor(); |
|
| 483 | 483 | |
| 484 | - return $data; |
|
| 485 | - } |
|
| 484 | + return $data; |
|
| 485 | + } |
|
| 486 | 486 | } |
@@ -19,66 +19,66 @@ discard block |
||
| 19 | 19 | */ |
| 20 | 20 | class Ban extends DataObject |
| 21 | 21 | { |
| 22 | - const ACTION_BLOCK = 'block'; |
|
| 23 | - const ACTION_DROP = 'drop'; |
|
| 24 | - const ACTION_DEFER = 'defer'; |
|
| 25 | - const ACTION_NONE = 'none'; |
|
| 26 | - |
|
| 27 | - /** @var string|null */ |
|
| 28 | - private $name; |
|
| 29 | - /** @var string|null */ |
|
| 30 | - private $ip; |
|
| 31 | - /** @var int|null */ |
|
| 32 | - private $ipmask; |
|
| 33 | - /** @var string|null */ |
|
| 34 | - private $email; |
|
| 35 | - /** @var string|null */ |
|
| 36 | - private $useragent; |
|
| 37 | - |
|
| 38 | - private $user; |
|
| 39 | - private $reason; |
|
| 40 | - private $date; |
|
| 41 | - private $duration; |
|
| 42 | - private $active; |
|
| 43 | - private $action = self::ACTION_BLOCK; |
|
| 44 | - private $targetqueue; |
|
| 45 | - private $visibility = 'user'; |
|
| 46 | - private ?int $domain; |
|
| 47 | - |
|
| 48 | - /** |
|
| 49 | - * Gets all active bans, filtered by the optional target. |
|
| 50 | - * |
|
| 51 | - * @return Ban[] |
|
| 52 | - */ |
|
| 53 | - public static function getActiveBans(PdoDatabase $database, int $domain) |
|
| 54 | - { |
|
| 55 | - $query = <<<SQL |
|
| 22 | + const ACTION_BLOCK = 'block'; |
|
| 23 | + const ACTION_DROP = 'drop'; |
|
| 24 | + const ACTION_DEFER = 'defer'; |
|
| 25 | + const ACTION_NONE = 'none'; |
|
| 26 | + |
|
| 27 | + /** @var string|null */ |
|
| 28 | + private $name; |
|
| 29 | + /** @var string|null */ |
|
| 30 | + private $ip; |
|
| 31 | + /** @var int|null */ |
|
| 32 | + private $ipmask; |
|
| 33 | + /** @var string|null */ |
|
| 34 | + private $email; |
|
| 35 | + /** @var string|null */ |
|
| 36 | + private $useragent; |
|
| 37 | + |
|
| 38 | + private $user; |
|
| 39 | + private $reason; |
|
| 40 | + private $date; |
|
| 41 | + private $duration; |
|
| 42 | + private $active; |
|
| 43 | + private $action = self::ACTION_BLOCK; |
|
| 44 | + private $targetqueue; |
|
| 45 | + private $visibility = 'user'; |
|
| 46 | + private ?int $domain; |
|
| 47 | + |
|
| 48 | + /** |
|
| 49 | + * Gets all active bans, filtered by the optional target. |
|
| 50 | + * |
|
| 51 | + * @return Ban[] |
|
| 52 | + */ |
|
| 53 | + public static function getActiveBans(PdoDatabase $database, int $domain) |
|
| 54 | + { |
|
| 55 | + $query = <<<SQL |
|
| 56 | 56 | SELECT * FROM ban |
| 57 | 57 | WHERE (duration > UNIX_TIMESTAMP() OR duration is null) |
| 58 | 58 | AND active = 1 |
| 59 | 59 | AND (domain IS NULL OR domain = :domain); |
| 60 | 60 | SQL; |
| 61 | - $statement = $database->prepare($query); |
|
| 62 | - $statement->execute([':domain' => $domain]); |
|
| 63 | - $result = array(); |
|
| 64 | - |
|
| 65 | - /** @var Ban $v */ |
|
| 66 | - foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) { |
|
| 67 | - $v->setDatabase($database); |
|
| 68 | - $result[] = $v; |
|
| 69 | - } |
|
| 70 | - |
|
| 71 | - return $result; |
|
| 72 | - } |
|
| 73 | - |
|
| 74 | - /** |
|
| 75 | - * Gets a ban by its ID if it's currently active. |
|
| 76 | - * |
|
| 77 | - * @return Ban|false |
|
| 78 | - */ |
|
| 79 | - public static function getActiveId($id, PdoDatabase $database, int $domain) |
|
| 80 | - { |
|
| 81 | - $statement = $database->prepare(<<<SQL |
|
| 61 | + $statement = $database->prepare($query); |
|
| 62 | + $statement->execute([':domain' => $domain]); |
|
| 63 | + $result = array(); |
|
| 64 | + |
|
| 65 | + /** @var Ban $v */ |
|
| 66 | + foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) { |
|
| 67 | + $v->setDatabase($database); |
|
| 68 | + $result[] = $v; |
|
| 69 | + } |
|
| 70 | + |
|
| 71 | + return $result; |
|
| 72 | + } |
|
| 73 | + |
|
| 74 | + /** |
|
| 75 | + * Gets a ban by its ID if it's currently active. |
|
| 76 | + * |
|
| 77 | + * @return Ban|false |
|
| 78 | + */ |
|
| 79 | + public static function getActiveId($id, PdoDatabase $database, int $domain) |
|
| 80 | + { |
|
| 81 | + $statement = $database->prepare(<<<SQL |
|
| 82 | 82 | SELECT * |
| 83 | 83 | FROM ban |
| 84 | 84 | WHERE id = :id |
@@ -86,332 +86,332 @@ discard block |
||
| 86 | 86 | AND (duration > UNIX_TIMESTAMP() OR duration is null) |
| 87 | 87 | AND active = 1; |
| 88 | 88 | SQL |
| 89 | - ); |
|
| 90 | - $statement->bindValue(":id", $id); |
|
| 91 | - $statement->bindValue(":domain", $domain); |
|
| 89 | + ); |
|
| 90 | + $statement->bindValue(":id", $id); |
|
| 91 | + $statement->bindValue(":domain", $domain); |
|
| 92 | 92 | |
| 93 | - $statement->execute(); |
|
| 93 | + $statement->execute(); |
|
| 94 | 94 | |
| 95 | - $resultObject = $statement->fetchObject(get_called_class()); |
|
| 95 | + $resultObject = $statement->fetchObject(get_called_class()); |
|
| 96 | 96 | |
| 97 | - if ($resultObject !== false) { |
|
| 98 | - $resultObject->setDatabase($database); |
|
| 99 | - } |
|
| 97 | + if ($resultObject !== false) { |
|
| 98 | + $resultObject->setDatabase($database); |
|
| 99 | + } |
|
| 100 | 100 | |
| 101 | - return $resultObject; |
|
| 102 | - } |
|
| 101 | + return $resultObject; |
|
| 102 | + } |
|
| 103 | 103 | |
| 104 | - public static function getByIdList($values, PdoDatabase $database, int $domain): array |
|
| 105 | - { |
|
| 106 | - if (count($values) === 0) { |
|
| 107 | - return []; |
|
| 108 | - } |
|
| 104 | + public static function getByIdList($values, PdoDatabase $database, int $domain): array |
|
| 105 | + { |
|
| 106 | + if (count($values) === 0) { |
|
| 107 | + return []; |
|
| 108 | + } |
|
| 109 | 109 | |
| 110 | - // use the provided array to produce a list of question marks of the same length as the array. |
|
| 111 | - $valueCount = count($values); |
|
| 112 | - $inSection = str_repeat('?,', $valueCount - 1) . '?'; |
|
| 110 | + // use the provided array to produce a list of question marks of the same length as the array. |
|
| 111 | + $valueCount = count($values); |
|
| 112 | + $inSection = str_repeat('?,', $valueCount - 1) . '?'; |
|
| 113 | 113 | |
| 114 | - // this is still parameterised! It's using positional parameters instead of named ones. |
|
| 115 | - $query = 'SELECT * FROM ban WHERE id IN (' . $inSection . ')'; |
|
| 114 | + // this is still parameterised! It's using positional parameters instead of named ones. |
|
| 115 | + $query = 'SELECT * FROM ban WHERE id IN (' . $inSection . ')'; |
|
| 116 | 116 | |
| 117 | - $query .= ' AND (domain IS NULL OR domain = ?)'; |
|
| 118 | - $values[] = $domain; |
|
| 117 | + $query .= ' AND (domain IS NULL OR domain = ?)'; |
|
| 118 | + $values[] = $domain; |
|
| 119 | 119 | |
| 120 | - $statement = $database->prepare($query); |
|
| 120 | + $statement = $database->prepare($query); |
|
| 121 | 121 | |
| 122 | - // execute the statement with the provided parameter list. |
|
| 123 | - $statement->execute($values); |
|
| 122 | + // execute the statement with the provided parameter list. |
|
| 123 | + $statement->execute($values); |
|
| 124 | 124 | |
| 125 | - $result = []; |
|
| 126 | - foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) { |
|
| 127 | - $v->setDatabase($database); |
|
| 128 | - $result[] = $v; |
|
| 129 | - } |
|
| 125 | + $result = []; |
|
| 126 | + foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) { |
|
| 127 | + $v->setDatabase($database); |
|
| 128 | + $result[] = $v; |
|
| 129 | + } |
|
| 130 | 130 | |
| 131 | - return $result; |
|
| 132 | - } |
|
| 131 | + return $result; |
|
| 132 | + } |
|
| 133 | 133 | |
| 134 | - /** |
|
| 135 | - * @throws Exception |
|
| 136 | - */ |
|
| 137 | - public function save() |
|
| 138 | - { |
|
| 139 | - if ($this->isNew()) { |
|
| 140 | - // insert |
|
| 141 | - $statement = $this->dbObject->prepare(<<<SQL |
|
| 134 | + /** |
|
| 135 | + * @throws Exception |
|
| 136 | + */ |
|
| 137 | + public function save() |
|
| 138 | + { |
|
| 139 | + if ($this->isNew()) { |
|
| 140 | + // insert |
|
| 141 | + $statement = $this->dbObject->prepare(<<<SQL |
|
| 142 | 142 | INSERT INTO `ban` (name, email, ip, ipmask, useragent, user, reason, date, duration, active, action, targetqueue, visibility, domain) |
| 143 | 143 | VALUES (:name, :email, :ip, :ipmask, :useragent, :user, :reason, CURRENT_TIMESTAMP(), :duration, :active, :action, :targetqueue, :visibility, :domain); |
| 144 | 144 | SQL |
| 145 | - ); |
|
| 146 | - |
|
| 147 | - $statement->bindValue(":name", $this->name); |
|
| 148 | - $statement->bindValue(":email", $this->email); |
|
| 149 | - $statement->bindValue(":ip", $this->ip); |
|
| 150 | - $statement->bindValue(":ipmask", $this->ipmask); |
|
| 151 | - $statement->bindValue(":useragent", $this->useragent); |
|
| 152 | - |
|
| 153 | - $statement->bindValue(":user", $this->user); |
|
| 154 | - $statement->bindValue(":reason", $this->reason); |
|
| 155 | - $statement->bindValue(":duration", $this->duration); |
|
| 156 | - $statement->bindValue(":active", $this->active); |
|
| 157 | - $statement->bindValue(":action", $this->action); |
|
| 158 | - $statement->bindValue(":targetqueue", $this->targetqueue); |
|
| 159 | - $statement->bindValue(":visibility", $this->visibility); |
|
| 160 | - $statement->bindValue(":domain", $this->domain); |
|
| 161 | - |
|
| 162 | - if ($statement->execute()) { |
|
| 163 | - $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 164 | - } |
|
| 165 | - else { |
|
| 166 | - throw new Exception($statement->errorInfo()); |
|
| 167 | - } |
|
| 168 | - } |
|
| 169 | - else { |
|
| 170 | - // update |
|
| 171 | - $statement = $this->dbObject->prepare(<<<SQL |
|
| 145 | + ); |
|
| 146 | + |
|
| 147 | + $statement->bindValue(":name", $this->name); |
|
| 148 | + $statement->bindValue(":email", $this->email); |
|
| 149 | + $statement->bindValue(":ip", $this->ip); |
|
| 150 | + $statement->bindValue(":ipmask", $this->ipmask); |
|
| 151 | + $statement->bindValue(":useragent", $this->useragent); |
|
| 152 | + |
|
| 153 | + $statement->bindValue(":user", $this->user); |
|
| 154 | + $statement->bindValue(":reason", $this->reason); |
|
| 155 | + $statement->bindValue(":duration", $this->duration); |
|
| 156 | + $statement->bindValue(":active", $this->active); |
|
| 157 | + $statement->bindValue(":action", $this->action); |
|
| 158 | + $statement->bindValue(":targetqueue", $this->targetqueue); |
|
| 159 | + $statement->bindValue(":visibility", $this->visibility); |
|
| 160 | + $statement->bindValue(":domain", $this->domain); |
|
| 161 | + |
|
| 162 | + if ($statement->execute()) { |
|
| 163 | + $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 164 | + } |
|
| 165 | + else { |
|
| 166 | + throw new Exception($statement->errorInfo()); |
|
| 167 | + } |
|
| 168 | + } |
|
| 169 | + else { |
|
| 170 | + // update |
|
| 171 | + $statement = $this->dbObject->prepare(<<<SQL |
|
| 172 | 172 | UPDATE `ban` |
| 173 | 173 | SET active = :active, updateversion = updateversion + 1 |
| 174 | 174 | WHERE id = :id AND updateversion = :updateversion; |
| 175 | 175 | SQL |
| 176 | - ); |
|
| 177 | - $statement->bindValue(':id', $this->id); |
|
| 178 | - $statement->bindValue(':updateversion', $this->updateversion); |
|
| 179 | - |
|
| 180 | - $statement->bindValue(':active', $this->active); |
|
| 181 | - |
|
| 182 | - if (!$statement->execute()) { |
|
| 183 | - throw new Exception($statement->errorInfo()); |
|
| 184 | - } |
|
| 185 | - |
|
| 186 | - if ($statement->rowCount() !== 1) { |
|
| 187 | - throw new OptimisticLockFailedException(); |
|
| 188 | - } |
|
| 189 | - |
|
| 190 | - $this->updateversion++; |
|
| 191 | - } |
|
| 192 | - } |
|
| 193 | - |
|
| 194 | - /** |
|
| 195 | - * @return string |
|
| 196 | - */ |
|
| 197 | - public function getReason() |
|
| 198 | - { |
|
| 199 | - return $this->reason; |
|
| 200 | - } |
|
| 201 | - |
|
| 202 | - /** |
|
| 203 | - * @param string $reason |
|
| 204 | - */ |
|
| 205 | - public function setReason($reason) |
|
| 206 | - { |
|
| 207 | - $this->reason = $reason; |
|
| 208 | - } |
|
| 209 | - |
|
| 210 | - /** |
|
| 211 | - * @return mixed |
|
| 212 | - */ |
|
| 213 | - public function getDate() |
|
| 214 | - { |
|
| 215 | - return $this->date; |
|
| 216 | - } |
|
| 217 | - |
|
| 218 | - /** |
|
| 219 | - * @return mixed |
|
| 220 | - */ |
|
| 221 | - public function getDuration() |
|
| 222 | - { |
|
| 223 | - return $this->duration; |
|
| 224 | - } |
|
| 225 | - |
|
| 226 | - /** |
|
| 227 | - * @param mixed $duration |
|
| 228 | - */ |
|
| 229 | - public function setDuration($duration) |
|
| 230 | - { |
|
| 231 | - $this->duration = $duration; |
|
| 232 | - } |
|
| 233 | - |
|
| 234 | - /** |
|
| 235 | - * @return bool |
|
| 236 | - */ |
|
| 237 | - public function isActive() |
|
| 238 | - { |
|
| 239 | - return $this->active == 1; |
|
| 240 | - } |
|
| 241 | - |
|
| 242 | - /** |
|
| 243 | - * @param bool $active |
|
| 244 | - */ |
|
| 245 | - public function setActive($active) |
|
| 246 | - { |
|
| 247 | - $this->active = $active ? 1 : 0; |
|
| 248 | - } |
|
| 249 | - |
|
| 250 | - /** |
|
| 251 | - * @return int |
|
| 252 | - */ |
|
| 253 | - public function getUser() |
|
| 254 | - { |
|
| 255 | - return $this->user; |
|
| 256 | - } |
|
| 257 | - |
|
| 258 | - /** |
|
| 259 | - * @param int $user UserID of user who is setting the ban |
|
| 260 | - */ |
|
| 261 | - public function setUser($user) |
|
| 262 | - { |
|
| 263 | - $this->user = $user; |
|
| 264 | - } |
|
| 265 | - |
|
| 266 | - /** |
|
| 267 | - * @return string |
|
| 268 | - */ |
|
| 269 | - public function getAction(): string |
|
| 270 | - { |
|
| 271 | - return $this->action; |
|
| 272 | - } |
|
| 273 | - |
|
| 274 | - /** |
|
| 275 | - * @param string $action |
|
| 276 | - */ |
|
| 277 | - public function setAction(string $action): void |
|
| 278 | - { |
|
| 279 | - $this->action = $action; |
|
| 280 | - } |
|
| 281 | - |
|
| 282 | - /** |
|
| 283 | - * @return string |
|
| 284 | - */ |
|
| 285 | - public function getVisibility() : string |
|
| 286 | - { |
|
| 287 | - return $this->visibility; |
|
| 288 | - } |
|
| 289 | - |
|
| 290 | - /** |
|
| 291 | - * @param string $visibility |
|
| 292 | - */ |
|
| 293 | - public function setVisibility(string $visibility): void |
|
| 294 | - { |
|
| 295 | - $this->visibility = $visibility; |
|
| 296 | - } |
|
| 297 | - |
|
| 298 | - /** |
|
| 299 | - * @return string|null |
|
| 300 | - */ |
|
| 301 | - public function getName(): ?string |
|
| 302 | - { |
|
| 303 | - return $this->name; |
|
| 304 | - } |
|
| 305 | - |
|
| 306 | - /** |
|
| 307 | - * @param string|null $name |
|
| 308 | - */ |
|
| 309 | - public function setName(?string $name): void |
|
| 310 | - { |
|
| 311 | - $this->name = $name; |
|
| 312 | - } |
|
| 313 | - |
|
| 314 | - /** |
|
| 315 | - * @return string|null |
|
| 316 | - */ |
|
| 317 | - public function getIp(): ?string |
|
| 318 | - { |
|
| 319 | - if ($this->ip === null) { |
|
| 320 | - return null; |
|
| 321 | - } |
|
| 322 | - |
|
| 323 | - return inet_ntop($this->ip); |
|
| 324 | - } |
|
| 325 | - |
|
| 326 | - /** |
|
| 327 | - * @return int|null |
|
| 328 | - */ |
|
| 329 | - public function getIpMask(): ?int |
|
| 330 | - { |
|
| 331 | - return $this->ipmask; |
|
| 332 | - } |
|
| 333 | - |
|
| 334 | - /** |
|
| 335 | - * @param string|null $ip |
|
| 336 | - * @param int|null $mask |
|
| 337 | - */ |
|
| 338 | - public function setIp(?string $ip, ?int $mask): void |
|
| 339 | - { |
|
| 340 | - if ($ip === null) { |
|
| 341 | - $this->ip = null; |
|
| 342 | - } |
|
| 343 | - else { |
|
| 344 | - $this->ip = inet_pton($ip); |
|
| 345 | - } |
|
| 346 | - |
|
| 347 | - $this->ipmask = $mask; |
|
| 348 | - } |
|
| 349 | - |
|
| 350 | - /** |
|
| 351 | - * @return string|null |
|
| 352 | - */ |
|
| 353 | - public function getEmail(): ?string |
|
| 354 | - { |
|
| 355 | - return $this->email; |
|
| 356 | - } |
|
| 357 | - |
|
| 358 | - /** |
|
| 359 | - * @param string|null $email |
|
| 360 | - */ |
|
| 361 | - public function setEmail(?string $email): void |
|
| 362 | - { |
|
| 363 | - $this->email = $email; |
|
| 364 | - } |
|
| 365 | - |
|
| 366 | - /** |
|
| 367 | - * @return string|null |
|
| 368 | - */ |
|
| 369 | - public function getUseragent(): ?string |
|
| 370 | - { |
|
| 371 | - return $this->useragent; |
|
| 372 | - } |
|
| 373 | - |
|
| 374 | - /** |
|
| 375 | - * @param string|null $useragent |
|
| 376 | - */ |
|
| 377 | - public function setUseragent(?string $useragent): void |
|
| 378 | - { |
|
| 379 | - $this->useragent = $useragent; |
|
| 380 | - } |
|
| 381 | - |
|
| 382 | - /** |
|
| 383 | - * @return int|null |
|
| 384 | - */ |
|
| 385 | - public function getTargetQueue(): ?int |
|
| 386 | - { |
|
| 387 | - return $this->targetqueue; |
|
| 388 | - } |
|
| 389 | - |
|
| 390 | - /** |
|
| 391 | - * @return RequestQueue|null |
|
| 392 | - */ |
|
| 393 | - public function getTargetQueueObject(): ?RequestQueue |
|
| 394 | - { |
|
| 395 | - /** @var RequestQueue $queue */ |
|
| 396 | - $queue = RequestQueue::getById($this->targetqueue, $this->getDatabase()); |
|
| 397 | - return $queue === false ? null : $queue; |
|
| 398 | - } |
|
| 399 | - |
|
| 400 | - /** |
|
| 401 | - * @param int|null $targetQueue |
|
| 402 | - */ |
|
| 403 | - public function setTargetQueue(?int $targetQueue): void |
|
| 404 | - { |
|
| 405 | - $this->targetqueue = $targetQueue; |
|
| 406 | - } |
|
| 407 | - |
|
| 408 | - public function setDomain(?int $domain): void |
|
| 409 | - { |
|
| 410 | - $this->domain = $domain; |
|
| 411 | - } |
|
| 412 | - |
|
| 413 | - public function getDomain(): ?int |
|
| 414 | - { |
|
| 415 | - return $this->domain; |
|
| 416 | - } |
|
| 176 | + ); |
|
| 177 | + $statement->bindValue(':id', $this->id); |
|
| 178 | + $statement->bindValue(':updateversion', $this->updateversion); |
|
| 179 | + |
|
| 180 | + $statement->bindValue(':active', $this->active); |
|
| 181 | + |
|
| 182 | + if (!$statement->execute()) { |
|
| 183 | + throw new Exception($statement->errorInfo()); |
|
| 184 | + } |
|
| 185 | + |
|
| 186 | + if ($statement->rowCount() !== 1) { |
|
| 187 | + throw new OptimisticLockFailedException(); |
|
| 188 | + } |
|
| 189 | + |
|
| 190 | + $this->updateversion++; |
|
| 191 | + } |
|
| 192 | + } |
|
| 193 | + |
|
| 194 | + /** |
|
| 195 | + * @return string |
|
| 196 | + */ |
|
| 197 | + public function getReason() |
|
| 198 | + { |
|
| 199 | + return $this->reason; |
|
| 200 | + } |
|
| 201 | + |
|
| 202 | + /** |
|
| 203 | + * @param string $reason |
|
| 204 | + */ |
|
| 205 | + public function setReason($reason) |
|
| 206 | + { |
|
| 207 | + $this->reason = $reason; |
|
| 208 | + } |
|
| 209 | + |
|
| 210 | + /** |
|
| 211 | + * @return mixed |
|
| 212 | + */ |
|
| 213 | + public function getDate() |
|
| 214 | + { |
|
| 215 | + return $this->date; |
|
| 216 | + } |
|
| 217 | + |
|
| 218 | + /** |
|
| 219 | + * @return mixed |
|
| 220 | + */ |
|
| 221 | + public function getDuration() |
|
| 222 | + { |
|
| 223 | + return $this->duration; |
|
| 224 | + } |
|
| 225 | + |
|
| 226 | + /** |
|
| 227 | + * @param mixed $duration |
|
| 228 | + */ |
|
| 229 | + public function setDuration($duration) |
|
| 230 | + { |
|
| 231 | + $this->duration = $duration; |
|
| 232 | + } |
|
| 233 | + |
|
| 234 | + /** |
|
| 235 | + * @return bool |
|
| 236 | + */ |
|
| 237 | + public function isActive() |
|
| 238 | + { |
|
| 239 | + return $this->active == 1; |
|
| 240 | + } |
|
| 241 | + |
|
| 242 | + /** |
|
| 243 | + * @param bool $active |
|
| 244 | + */ |
|
| 245 | + public function setActive($active) |
|
| 246 | + { |
|
| 247 | + $this->active = $active ? 1 : 0; |
|
| 248 | + } |
|
| 249 | + |
|
| 250 | + /** |
|
| 251 | + * @return int |
|
| 252 | + */ |
|
| 253 | + public function getUser() |
|
| 254 | + { |
|
| 255 | + return $this->user; |
|
| 256 | + } |
|
| 257 | + |
|
| 258 | + /** |
|
| 259 | + * @param int $user UserID of user who is setting the ban |
|
| 260 | + */ |
|
| 261 | + public function setUser($user) |
|
| 262 | + { |
|
| 263 | + $this->user = $user; |
|
| 264 | + } |
|
| 265 | + |
|
| 266 | + /** |
|
| 267 | + * @return string |
|
| 268 | + */ |
|
| 269 | + public function getAction(): string |
|
| 270 | + { |
|
| 271 | + return $this->action; |
|
| 272 | + } |
|
| 273 | + |
|
| 274 | + /** |
|
| 275 | + * @param string $action |
|
| 276 | + */ |
|
| 277 | + public function setAction(string $action): void |
|
| 278 | + { |
|
| 279 | + $this->action = $action; |
|
| 280 | + } |
|
| 281 | + |
|
| 282 | + /** |
|
| 283 | + * @return string |
|
| 284 | + */ |
|
| 285 | + public function getVisibility() : string |
|
| 286 | + { |
|
| 287 | + return $this->visibility; |
|
| 288 | + } |
|
| 289 | + |
|
| 290 | + /** |
|
| 291 | + * @param string $visibility |
|
| 292 | + */ |
|
| 293 | + public function setVisibility(string $visibility): void |
|
| 294 | + { |
|
| 295 | + $this->visibility = $visibility; |
|
| 296 | + } |
|
| 297 | + |
|
| 298 | + /** |
|
| 299 | + * @return string|null |
|
| 300 | + */ |
|
| 301 | + public function getName(): ?string |
|
| 302 | + { |
|
| 303 | + return $this->name; |
|
| 304 | + } |
|
| 305 | + |
|
| 306 | + /** |
|
| 307 | + * @param string|null $name |
|
| 308 | + */ |
|
| 309 | + public function setName(?string $name): void |
|
| 310 | + { |
|
| 311 | + $this->name = $name; |
|
| 312 | + } |
|
| 313 | + |
|
| 314 | + /** |
|
| 315 | + * @return string|null |
|
| 316 | + */ |
|
| 317 | + public function getIp(): ?string |
|
| 318 | + { |
|
| 319 | + if ($this->ip === null) { |
|
| 320 | + return null; |
|
| 321 | + } |
|
| 322 | + |
|
| 323 | + return inet_ntop($this->ip); |
|
| 324 | + } |
|
| 325 | + |
|
| 326 | + /** |
|
| 327 | + * @return int|null |
|
| 328 | + */ |
|
| 329 | + public function getIpMask(): ?int |
|
| 330 | + { |
|
| 331 | + return $this->ipmask; |
|
| 332 | + } |
|
| 333 | + |
|
| 334 | + /** |
|
| 335 | + * @param string|null $ip |
|
| 336 | + * @param int|null $mask |
|
| 337 | + */ |
|
| 338 | + public function setIp(?string $ip, ?int $mask): void |
|
| 339 | + { |
|
| 340 | + if ($ip === null) { |
|
| 341 | + $this->ip = null; |
|
| 342 | + } |
|
| 343 | + else { |
|
| 344 | + $this->ip = inet_pton($ip); |
|
| 345 | + } |
|
| 346 | + |
|
| 347 | + $this->ipmask = $mask; |
|
| 348 | + } |
|
| 349 | + |
|
| 350 | + /** |
|
| 351 | + * @return string|null |
|
| 352 | + */ |
|
| 353 | + public function getEmail(): ?string |
|
| 354 | + { |
|
| 355 | + return $this->email; |
|
| 356 | + } |
|
| 357 | + |
|
| 358 | + /** |
|
| 359 | + * @param string|null $email |
|
| 360 | + */ |
|
| 361 | + public function setEmail(?string $email): void |
|
| 362 | + { |
|
| 363 | + $this->email = $email; |
|
| 364 | + } |
|
| 365 | + |
|
| 366 | + /** |
|
| 367 | + * @return string|null |
|
| 368 | + */ |
|
| 369 | + public function getUseragent(): ?string |
|
| 370 | + { |
|
| 371 | + return $this->useragent; |
|
| 372 | + } |
|
| 373 | + |
|
| 374 | + /** |
|
| 375 | + * @param string|null $useragent |
|
| 376 | + */ |
|
| 377 | + public function setUseragent(?string $useragent): void |
|
| 378 | + { |
|
| 379 | + $this->useragent = $useragent; |
|
| 380 | + } |
|
| 381 | + |
|
| 382 | + /** |
|
| 383 | + * @return int|null |
|
| 384 | + */ |
|
| 385 | + public function getTargetQueue(): ?int |
|
| 386 | + { |
|
| 387 | + return $this->targetqueue; |
|
| 388 | + } |
|
| 389 | + |
|
| 390 | + /** |
|
| 391 | + * @return RequestQueue|null |
|
| 392 | + */ |
|
| 393 | + public function getTargetQueueObject(): ?RequestQueue |
|
| 394 | + { |
|
| 395 | + /** @var RequestQueue $queue */ |
|
| 396 | + $queue = RequestQueue::getById($this->targetqueue, $this->getDatabase()); |
|
| 397 | + return $queue === false ? null : $queue; |
|
| 398 | + } |
|
| 399 | + |
|
| 400 | + /** |
|
| 401 | + * @param int|null $targetQueue |
|
| 402 | + */ |
|
| 403 | + public function setTargetQueue(?int $targetQueue): void |
|
| 404 | + { |
|
| 405 | + $this->targetqueue = $targetQueue; |
|
| 406 | + } |
|
| 407 | + |
|
| 408 | + public function setDomain(?int $domain): void |
|
| 409 | + { |
|
| 410 | + $this->domain = $domain; |
|
| 411 | + } |
|
| 412 | + |
|
| 413 | + public function getDomain(): ?int |
|
| 414 | + { |
|
| 415 | + return $this->domain; |
|
| 416 | + } |
|
| 417 | 417 | } |
@@ -15,106 +15,106 @@ |
||
| 15 | 15 | |
| 16 | 16 | class UserRole extends DataObject |
| 17 | 17 | { |
| 18 | - /** @var int */ |
|
| 19 | - private $user; |
|
| 20 | - /** @var string */ |
|
| 21 | - private $role; |
|
| 22 | - private ?int $domain; |
|
| 23 | - |
|
| 24 | - /** |
|
| 25 | - * @param int $user |
|
| 26 | - * @param PdoDatabase $database |
|
| 27 | - * @param int $domain |
|
| 28 | - * |
|
| 29 | - * @return UserRole[] |
|
| 30 | - */ |
|
| 31 | - public static function getForUser(int $user, PdoDatabase $database, int $domain) |
|
| 32 | - { |
|
| 33 | - $sql = 'SELECT * FROM userrole WHERE user = :user AND (domain IS NULL OR domain = :domain)'; |
|
| 34 | - $statement = $database->prepare($sql); |
|
| 35 | - $statement->bindValue(':user', $user); |
|
| 36 | - $statement->bindValue(':domain', $domain); |
|
| 37 | - |
|
| 38 | - $statement->execute(); |
|
| 39 | - |
|
| 40 | - $result = array(); |
|
| 41 | - |
|
| 42 | - /** @var Ban $v */ |
|
| 43 | - foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) { |
|
| 44 | - $v->setDatabase($database); |
|
| 45 | - $result[] = $v; |
|
| 46 | - } |
|
| 47 | - |
|
| 48 | - return $result; |
|
| 49 | - } |
|
| 50 | - |
|
| 51 | - /** |
|
| 52 | - * Saves a data object to the database, either updating or inserting a record. |
|
| 53 | - * |
|
| 54 | - * @throws Exception |
|
| 55 | - */ |
|
| 56 | - public function save() |
|
| 57 | - { |
|
| 58 | - if ($this->isNew()) { |
|
| 59 | - // insert |
|
| 60 | - $statement = $this->dbObject->prepare('INSERT INTO `userrole` (user, role, domain) VALUES (:user, :role, :domain);' |
|
| 61 | - ); |
|
| 62 | - $statement->bindValue(":user", $this->user); |
|
| 63 | - $statement->bindValue(":role", $this->role); |
|
| 64 | - $statement->bindValue(":domain", $this->domain); |
|
| 65 | - |
|
| 66 | - if ($statement->execute()) { |
|
| 67 | - $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 68 | - } |
|
| 69 | - else { |
|
| 70 | - throw new Exception($statement->errorInfo()); |
|
| 71 | - } |
|
| 72 | - } |
|
| 73 | - else { |
|
| 74 | - // update |
|
| 75 | - throw new Exception('Updating roles is not available'); |
|
| 76 | - } |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - /** |
|
| 80 | - * @return int |
|
| 81 | - */ |
|
| 82 | - public function getUser() |
|
| 83 | - { |
|
| 84 | - return $this->user; |
|
| 85 | - } |
|
| 86 | - |
|
| 87 | - /** |
|
| 88 | - * @param int $user |
|
| 89 | - */ |
|
| 90 | - public function setUser($user) |
|
| 91 | - { |
|
| 92 | - $this->user = $user; |
|
| 93 | - } |
|
| 94 | - |
|
| 95 | - /** |
|
| 96 | - * @return string |
|
| 97 | - */ |
|
| 98 | - public function getRole() |
|
| 99 | - { |
|
| 100 | - return $this->role; |
|
| 101 | - } |
|
| 102 | - |
|
| 103 | - /** |
|
| 104 | - * @param string $role |
|
| 105 | - */ |
|
| 106 | - public function setRole($role) |
|
| 107 | - { |
|
| 108 | - $this->role = $role; |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - public function getDomain(): ?int |
|
| 112 | - { |
|
| 113 | - return $this->domain; |
|
| 114 | - } |
|
| 115 | - |
|
| 116 | - public function setDomain(?int $domain): void |
|
| 117 | - { |
|
| 118 | - $this->domain = $domain; |
|
| 119 | - } |
|
| 18 | + /** @var int */ |
|
| 19 | + private $user; |
|
| 20 | + /** @var string */ |
|
| 21 | + private $role; |
|
| 22 | + private ?int $domain; |
|
| 23 | + |
|
| 24 | + /** |
|
| 25 | + * @param int $user |
|
| 26 | + * @param PdoDatabase $database |
|
| 27 | + * @param int $domain |
|
| 28 | + * |
|
| 29 | + * @return UserRole[] |
|
| 30 | + */ |
|
| 31 | + public static function getForUser(int $user, PdoDatabase $database, int $domain) |
|
| 32 | + { |
|
| 33 | + $sql = 'SELECT * FROM userrole WHERE user = :user AND (domain IS NULL OR domain = :domain)'; |
|
| 34 | + $statement = $database->prepare($sql); |
|
| 35 | + $statement->bindValue(':user', $user); |
|
| 36 | + $statement->bindValue(':domain', $domain); |
|
| 37 | + |
|
| 38 | + $statement->execute(); |
|
| 39 | + |
|
| 40 | + $result = array(); |
|
| 41 | + |
|
| 42 | + /** @var Ban $v */ |
|
| 43 | + foreach ($statement->fetchAll(PDO::FETCH_CLASS, get_called_class()) as $v) { |
|
| 44 | + $v->setDatabase($database); |
|
| 45 | + $result[] = $v; |
|
| 46 | + } |
|
| 47 | + |
|
| 48 | + return $result; |
|
| 49 | + } |
|
| 50 | + |
|
| 51 | + /** |
|
| 52 | + * Saves a data object to the database, either updating or inserting a record. |
|
| 53 | + * |
|
| 54 | + * @throws Exception |
|
| 55 | + */ |
|
| 56 | + public function save() |
|
| 57 | + { |
|
| 58 | + if ($this->isNew()) { |
|
| 59 | + // insert |
|
| 60 | + $statement = $this->dbObject->prepare('INSERT INTO `userrole` (user, role, domain) VALUES (:user, :role, :domain);' |
|
| 61 | + ); |
|
| 62 | + $statement->bindValue(":user", $this->user); |
|
| 63 | + $statement->bindValue(":role", $this->role); |
|
| 64 | + $statement->bindValue(":domain", $this->domain); |
|
| 65 | + |
|
| 66 | + if ($statement->execute()) { |
|
| 67 | + $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 68 | + } |
|
| 69 | + else { |
|
| 70 | + throw new Exception($statement->errorInfo()); |
|
| 71 | + } |
|
| 72 | + } |
|
| 73 | + else { |
|
| 74 | + // update |
|
| 75 | + throw new Exception('Updating roles is not available'); |
|
| 76 | + } |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + /** |
|
| 80 | + * @return int |
|
| 81 | + */ |
|
| 82 | + public function getUser() |
|
| 83 | + { |
|
| 84 | + return $this->user; |
|
| 85 | + } |
|
| 86 | + |
|
| 87 | + /** |
|
| 88 | + * @param int $user |
|
| 89 | + */ |
|
| 90 | + public function setUser($user) |
|
| 91 | + { |
|
| 92 | + $this->user = $user; |
|
| 93 | + } |
|
| 94 | + |
|
| 95 | + /** |
|
| 96 | + * @return string |
|
| 97 | + */ |
|
| 98 | + public function getRole() |
|
| 99 | + { |
|
| 100 | + return $this->role; |
|
| 101 | + } |
|
| 102 | + |
|
| 103 | + /** |
|
| 104 | + * @param string $role |
|
| 105 | + */ |
|
| 106 | + public function setRole($role) |
|
| 107 | + { |
|
| 108 | + $this->role = $role; |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + public function getDomain(): ?int |
|
| 112 | + { |
|
| 113 | + return $this->domain; |
|
| 114 | + } |
|
| 115 | + |
|
| 116 | + public function setDomain(?int $domain): void |
|
| 117 | + { |
|
| 118 | + $this->domain = $domain; |
|
| 119 | + } |
|
| 120 | 120 | } |
@@ -17,164 +17,164 @@ |
||
| 17 | 17 | */ |
| 18 | 18 | class Log extends DataObject |
| 19 | 19 | { |
| 20 | - /** @var int */ |
|
| 21 | - private $objectid; |
|
| 22 | - /** @var string */ |
|
| 23 | - private $objecttype; |
|
| 24 | - /** @var int */ |
|
| 25 | - private $user; |
|
| 26 | - /** @var string */ |
|
| 27 | - private $action; |
|
| 28 | - private $timestamp; |
|
| 29 | - /** @var string|null */ |
|
| 30 | - private $comment; |
|
| 31 | - /** @var int|null */ |
|
| 32 | - private $domain; |
|
| 33 | - |
|
| 34 | - /** |
|
| 35 | - * @throws Exception |
|
| 36 | - */ |
|
| 37 | - public function save() |
|
| 38 | - { |
|
| 39 | - if ($this->isNew()) { |
|
| 40 | - $statement = $this->dbObject->prepare(<<<SQL |
|
| 20 | + /** @var int */ |
|
| 21 | + private $objectid; |
|
| 22 | + /** @var string */ |
|
| 23 | + private $objecttype; |
|
| 24 | + /** @var int */ |
|
| 25 | + private $user; |
|
| 26 | + /** @var string */ |
|
| 27 | + private $action; |
|
| 28 | + private $timestamp; |
|
| 29 | + /** @var string|null */ |
|
| 30 | + private $comment; |
|
| 31 | + /** @var int|null */ |
|
| 32 | + private $domain; |
|
| 33 | + |
|
| 34 | + /** |
|
| 35 | + * @throws Exception |
|
| 36 | + */ |
|
| 37 | + public function save() |
|
| 38 | + { |
|
| 39 | + if ($this->isNew()) { |
|
| 40 | + $statement = $this->dbObject->prepare(<<<SQL |
|
| 41 | 41 | INSERT INTO log (objectid, objecttype, user, action, timestamp, comment, domain) |
| 42 | 42 | VALUES (:id, :type, :user, :action, CURRENT_TIMESTAMP(), :comment, :domain); |
| 43 | 43 | SQL |
| 44 | - ); |
|
| 45 | - |
|
| 46 | - $statement->bindValue(":id", $this->objectid); |
|
| 47 | - $statement->bindValue(":type", $this->objecttype); |
|
| 48 | - $statement->bindValue(":user", $this->user); |
|
| 49 | - $statement->bindValue(":action", $this->action); |
|
| 50 | - $statement->bindValue(":comment", $this->comment); |
|
| 51 | - $statement->bindValue(":domain", $this->domain); |
|
| 52 | - |
|
| 53 | - if ($statement->execute()) { |
|
| 54 | - $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 55 | - } |
|
| 56 | - else { |
|
| 57 | - throw new Exception($statement->errorInfo()); |
|
| 58 | - } |
|
| 59 | - } |
|
| 60 | - else { |
|
| 61 | - throw new Exception("Updating logs is not available"); |
|
| 62 | - } |
|
| 63 | - } |
|
| 64 | - |
|
| 65 | - /** |
|
| 66 | - * @throws Exception |
|
| 67 | - */ |
|
| 68 | - public function delete() |
|
| 69 | - { |
|
| 70 | - throw new Exception("Deleting logs is not available."); |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - /** |
|
| 74 | - * @return int |
|
| 75 | - */ |
|
| 76 | - public function getObjectId() |
|
| 77 | - { |
|
| 78 | - return $this->objectid; |
|
| 79 | - } |
|
| 80 | - |
|
| 81 | - /** |
|
| 82 | - * Summary of setObjectId |
|
| 83 | - * |
|
| 84 | - * @param int $objectId |
|
| 85 | - */ |
|
| 86 | - public function setObjectId($objectId) |
|
| 87 | - { |
|
| 88 | - $this->objectid = $objectId; |
|
| 89 | - } |
|
| 90 | - |
|
| 91 | - /** |
|
| 92 | - * @return string |
|
| 93 | - */ |
|
| 94 | - public function getObjectType() |
|
| 95 | - { |
|
| 96 | - return $this->objecttype; |
|
| 97 | - } |
|
| 98 | - |
|
| 99 | - /** |
|
| 100 | - * Summary of setObjectType |
|
| 101 | - * |
|
| 102 | - * @param string $objectType |
|
| 103 | - */ |
|
| 104 | - public function setObjectType($objectType) |
|
| 105 | - { |
|
| 106 | - $this->objecttype = $objectType; |
|
| 107 | - } |
|
| 108 | - |
|
| 109 | - /** |
|
| 110 | - * @return int |
|
| 111 | - */ |
|
| 112 | - public function getUser() |
|
| 113 | - { |
|
| 114 | - return $this->user; |
|
| 115 | - } |
|
| 116 | - |
|
| 117 | - /** |
|
| 118 | - * Summary of setUser |
|
| 119 | - * |
|
| 120 | - * @param User $user |
|
| 121 | - */ |
|
| 122 | - public function setUser(User $user) |
|
| 123 | - { |
|
| 124 | - $this->user = $user->getId(); |
|
| 125 | - } |
|
| 126 | - |
|
| 127 | - /** |
|
| 128 | - * @return string |
|
| 129 | - */ |
|
| 130 | - public function getAction() |
|
| 131 | - { |
|
| 132 | - return $this->action; |
|
| 133 | - } |
|
| 134 | - |
|
| 135 | - /** |
|
| 136 | - * Summary of setAction |
|
| 137 | - * |
|
| 138 | - * @param string $action |
|
| 139 | - */ |
|
| 140 | - public function setAction($action) |
|
| 141 | - { |
|
| 142 | - $this->action = $action; |
|
| 143 | - } |
|
| 144 | - |
|
| 145 | - /** |
|
| 146 | - * @return DateTimeImmutable |
|
| 147 | - */ |
|
| 148 | - public function getTimestamp() |
|
| 149 | - { |
|
| 150 | - return new DateTimeImmutable($this->timestamp); |
|
| 151 | - } |
|
| 152 | - |
|
| 153 | - /** |
|
| 154 | - * @return string|null |
|
| 155 | - */ |
|
| 156 | - public function getComment() |
|
| 157 | - { |
|
| 158 | - return $this->comment; |
|
| 159 | - } |
|
| 160 | - |
|
| 161 | - /** |
|
| 162 | - * Summary of setComment |
|
| 163 | - * |
|
| 164 | - * @param string $comment |
|
| 165 | - */ |
|
| 166 | - public function setComment($comment) |
|
| 167 | - { |
|
| 168 | - $this->comment = $comment; |
|
| 169 | - } |
|
| 170 | - |
|
| 171 | - public function getDomain(): ?int |
|
| 172 | - { |
|
| 173 | - return $this->domain; |
|
| 174 | - } |
|
| 175 | - |
|
| 176 | - public function setDomain(?int $domain): void |
|
| 177 | - { |
|
| 178 | - $this->domain = $domain; |
|
| 179 | - } |
|
| 44 | + ); |
|
| 45 | + |
|
| 46 | + $statement->bindValue(":id", $this->objectid); |
|
| 47 | + $statement->bindValue(":type", $this->objecttype); |
|
| 48 | + $statement->bindValue(":user", $this->user); |
|
| 49 | + $statement->bindValue(":action", $this->action); |
|
| 50 | + $statement->bindValue(":comment", $this->comment); |
|
| 51 | + $statement->bindValue(":domain", $this->domain); |
|
| 52 | + |
|
| 53 | + if ($statement->execute()) { |
|
| 54 | + $this->id = (int)$this->dbObject->lastInsertId(); |
|
| 55 | + } |
|
| 56 | + else { |
|
| 57 | + throw new Exception($statement->errorInfo()); |
|
| 58 | + } |
|
| 59 | + } |
|
| 60 | + else { |
|
| 61 | + throw new Exception("Updating logs is not available"); |
|
| 62 | + } |
|
| 63 | + } |
|
| 64 | + |
|
| 65 | + /** |
|
| 66 | + * @throws Exception |
|
| 67 | + */ |
|
| 68 | + public function delete() |
|
| 69 | + { |
|
| 70 | + throw new Exception("Deleting logs is not available."); |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + /** |
|
| 74 | + * @return int |
|
| 75 | + */ |
|
| 76 | + public function getObjectId() |
|
| 77 | + { |
|
| 78 | + return $this->objectid; |
|
| 79 | + } |
|
| 80 | + |
|
| 81 | + /** |
|
| 82 | + * Summary of setObjectId |
|
| 83 | + * |
|
| 84 | + * @param int $objectId |
|
| 85 | + */ |
|
| 86 | + public function setObjectId($objectId) |
|
| 87 | + { |
|
| 88 | + $this->objectid = $objectId; |
|
| 89 | + } |
|
| 90 | + |
|
| 91 | + /** |
|
| 92 | + * @return string |
|
| 93 | + */ |
|
| 94 | + public function getObjectType() |
|
| 95 | + { |
|
| 96 | + return $this->objecttype; |
|
| 97 | + } |
|
| 98 | + |
|
| 99 | + /** |
|
| 100 | + * Summary of setObjectType |
|
| 101 | + * |
|
| 102 | + * @param string $objectType |
|
| 103 | + */ |
|
| 104 | + public function setObjectType($objectType) |
|
| 105 | + { |
|
| 106 | + $this->objecttype = $objectType; |
|
| 107 | + } |
|
| 108 | + |
|
| 109 | + /** |
|
| 110 | + * @return int |
|
| 111 | + */ |
|
| 112 | + public function getUser() |
|
| 113 | + { |
|
| 114 | + return $this->user; |
|
| 115 | + } |
|
| 116 | + |
|
| 117 | + /** |
|
| 118 | + * Summary of setUser |
|
| 119 | + * |
|
| 120 | + * @param User $user |
|
| 121 | + */ |
|
| 122 | + public function setUser(User $user) |
|
| 123 | + { |
|
| 124 | + $this->user = $user->getId(); |
|
| 125 | + } |
|
| 126 | + |
|
| 127 | + /** |
|
| 128 | + * @return string |
|
| 129 | + */ |
|
| 130 | + public function getAction() |
|
| 131 | + { |
|
| 132 | + return $this->action; |
|
| 133 | + } |
|
| 134 | + |
|
| 135 | + /** |
|
| 136 | + * Summary of setAction |
|
| 137 | + * |
|
| 138 | + * @param string $action |
|
| 139 | + */ |
|
| 140 | + public function setAction($action) |
|
| 141 | + { |
|
| 142 | + $this->action = $action; |
|
| 143 | + } |
|
| 144 | + |
|
| 145 | + /** |
|
| 146 | + * @return DateTimeImmutable |
|
| 147 | + */ |
|
| 148 | + public function getTimestamp() |
|
| 149 | + { |
|
| 150 | + return new DateTimeImmutable($this->timestamp); |
|
| 151 | + } |
|
| 152 | + |
|
| 153 | + /** |
|
| 154 | + * @return string|null |
|
| 155 | + */ |
|
| 156 | + public function getComment() |
|
| 157 | + { |
|
| 158 | + return $this->comment; |
|
| 159 | + } |
|
| 160 | + |
|
| 161 | + /** |
|
| 162 | + * Summary of setComment |
|
| 163 | + * |
|
| 164 | + * @param string $comment |
|
| 165 | + */ |
|
| 166 | + public function setComment($comment) |
|
| 167 | + { |
|
| 168 | + $this->comment = $comment; |
|
| 169 | + } |
|
| 170 | + |
|
| 171 | + public function getDomain(): ?int |
|
| 172 | + { |
|
| 173 | + return $this->domain; |
|
| 174 | + } |
|
| 175 | + |
|
| 176 | + public function setDomain(?int $domain): void |
|
| 177 | + { |
|
| 178 | + $this->domain = $domain; |
|
| 179 | + } |
|
| 180 | 180 | } |
@@ -55,481 +55,481 @@ |
||
| 55 | 55 | |
| 56 | 56 | class RoleConfiguration |
| 57 | 57 | { |
| 58 | - const ACCESS_ALLOW = 1; |
|
| 59 | - const ACCESS_DENY = -1; |
|
| 60 | - const ACCESS_DEFAULT = 0; |
|
| 61 | - const MAIN = 'main'; |
|
| 62 | - const ALL = '*'; |
|
| 58 | + const ACCESS_ALLOW = 1; |
|
| 59 | + const ACCESS_DENY = -1; |
|
| 60 | + const ACCESS_DEFAULT = 0; |
|
| 61 | + const MAIN = 'main'; |
|
| 62 | + const ALL = '*'; |
|
| 63 | 63 | |
| 64 | - /** |
|
| 65 | - * A map of roles to rights |
|
| 66 | - * |
|
| 67 | - * For example: |
|
| 68 | - * |
|
| 69 | - * array( |
|
| 70 | - * 'myRole' => array( |
|
| 71 | - * PageMyPage::class => array( |
|
| 72 | - * 'edit' => self::ACCESS_ALLOW, |
|
| 73 | - * 'create' => self::ACCESS_DENY, |
|
| 74 | - * ) |
|
| 75 | - * ) |
|
| 76 | - * ) |
|
| 77 | - * |
|
| 78 | - * Note that DENY takes precedence over everything else when roles are combined, followed by ALLOW, followed by |
|
| 79 | - * DEFAULT. Thus, if you have the following ([A]llow, [D]eny, [-] (default)) grants in different roles, this should |
|
| 80 | - * be the expected result: |
|
| 81 | - * |
|
| 82 | - * - (-,-,-) = - (default because nothing to explicitly say allowed or denied equates to a denial) |
|
| 83 | - * - (A,-,-) = A |
|
| 84 | - * - (D,-,-) = D |
|
| 85 | - * - (A,D,-) = D (deny takes precedence over allow) |
|
| 86 | - * - (A,A,A) = A (repetition has no effect) |
|
| 87 | - * |
|
| 88 | - * The public role is special, and is applied to all users automatically. Avoid using deny on this role. |
|
| 89 | - * |
|
| 90 | - * @var array |
|
| 91 | - */ |
|
| 92 | - private array $roleConfig = array( |
|
| 93 | - 'public' => array( |
|
| 94 | - /* |
|
| 64 | + /** |
|
| 65 | + * A map of roles to rights |
|
| 66 | + * |
|
| 67 | + * For example: |
|
| 68 | + * |
|
| 69 | + * array( |
|
| 70 | + * 'myRole' => array( |
|
| 71 | + * PageMyPage::class => array( |
|
| 72 | + * 'edit' => self::ACCESS_ALLOW, |
|
| 73 | + * 'create' => self::ACCESS_DENY, |
|
| 74 | + * ) |
|
| 75 | + * ) |
|
| 76 | + * ) |
|
| 77 | + * |
|
| 78 | + * Note that DENY takes precedence over everything else when roles are combined, followed by ALLOW, followed by |
|
| 79 | + * DEFAULT. Thus, if you have the following ([A]llow, [D]eny, [-] (default)) grants in different roles, this should |
|
| 80 | + * be the expected result: |
|
| 81 | + * |
|
| 82 | + * - (-,-,-) = - (default because nothing to explicitly say allowed or denied equates to a denial) |
|
| 83 | + * - (A,-,-) = A |
|
| 84 | + * - (D,-,-) = D |
|
| 85 | + * - (A,D,-) = D (deny takes precedence over allow) |
|
| 86 | + * - (A,A,A) = A (repetition has no effect) |
|
| 87 | + * |
|
| 88 | + * The public role is special, and is applied to all users automatically. Avoid using deny on this role. |
|
| 89 | + * |
|
| 90 | + * @var array |
|
| 91 | + */ |
|
| 92 | + private array $roleConfig = array( |
|
| 93 | + 'public' => array( |
|
| 94 | + /* |
|
| 95 | 95 | * THIS ROLE IS GRANTED TO ALL LOGGED *OUT* USERS IMPLICITLY. |
| 96 | 96 | * |
| 97 | 97 | * USERS IN THIS ROLE DO NOT HAVE TO BE IDENTIFIED TO GET THE RIGHTS CONFERRED HERE. |
| 98 | 98 | * DO NOT ADD ANY SECURITY-SENSITIVE RIGHTS HERE. |
| 99 | 99 | */ |
| 100 | - '_childRoles' => array( |
|
| 101 | - 'publicStats', |
|
| 102 | - ), |
|
| 103 | - PageTeam::class => array( |
|
| 104 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 105 | - ), |
|
| 106 | - PageXffDemo::class => array( |
|
| 107 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 108 | - ) |
|
| 109 | - ), |
|
| 110 | - 'loggedIn' => array( |
|
| 111 | - /* |
|
| 100 | + '_childRoles' => array( |
|
| 101 | + 'publicStats', |
|
| 102 | + ), |
|
| 103 | + PageTeam::class => array( |
|
| 104 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 105 | + ), |
|
| 106 | + PageXffDemo::class => array( |
|
| 107 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 108 | + ) |
|
| 109 | + ), |
|
| 110 | + 'loggedIn' => array( |
|
| 111 | + /* |
|
| 112 | 112 | * THIS ROLE IS GRANTED TO ALL LOGGED-IN USERS IMPLICITLY. |
| 113 | 113 | * |
| 114 | 114 | * USERS IN THIS ROLE DO NOT HAVE TO BE IDENTIFIED TO GET THE RIGHTS CONFERRED HERE. |
| 115 | 115 | * DO NOT ADD ANY SECURITY-SENSITIVE RIGHTS HERE. |
| 116 | 116 | */ |
| 117 | - '_childRoles' => array( |
|
| 118 | - 'public', |
|
| 119 | - ), |
|
| 120 | - PagePreferences::class => array( |
|
| 121 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 122 | - 'refreshOAuth' => self::ACCESS_ALLOW, |
|
| 123 | - ), |
|
| 124 | - PageChangePassword::class => array( |
|
| 125 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 126 | - ), |
|
| 127 | - PageMultiFactor::class => array( |
|
| 128 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 129 | - 'scratch' => self::ACCESS_ALLOW, |
|
| 130 | - 'enableYubikeyOtp' => self::ACCESS_ALLOW, |
|
| 131 | - 'enableTotp' => self::ACCESS_ALLOW, |
|
| 132 | - // allow a user to disable this even when they're not allowed to enable it |
|
| 133 | - 'disableYubikeyOtp' => self::ACCESS_ALLOW, |
|
| 134 | - 'disableTotp' => self::ACCESS_ALLOW, |
|
| 135 | - ), |
|
| 136 | - PageOAuth::class => array( |
|
| 137 | - 'attach' => self::ACCESS_ALLOW, |
|
| 138 | - 'detach' => self::ACCESS_ALLOW, |
|
| 139 | - ), |
|
| 140 | - PageDomainSwitch::class => array( |
|
| 141 | - self::MAIN => self::ACCESS_ALLOW |
|
| 142 | - ) |
|
| 143 | - ), |
|
| 144 | - 'user' => array( |
|
| 145 | - '_description' => 'A standard tool user.', |
|
| 146 | - '_editableBy' => array('admin', 'toolRoot'), |
|
| 147 | - '_childRoles' => array( |
|
| 148 | - 'internalStats', |
|
| 149 | - ), |
|
| 150 | - PageMain::class => array( |
|
| 151 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 152 | - ), |
|
| 153 | - PageBan::class => array( |
|
| 154 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 155 | - 'show' => self::ACCESS_ALLOW, |
|
| 156 | - ), |
|
| 157 | - 'BanVisibility' => array( |
|
| 158 | - 'user' => self::ACCESS_ALLOW, |
|
| 159 | - ), |
|
| 160 | - 'BanType' => array( |
|
| 161 | - 'ip' => self::ACCESS_ALLOW, |
|
| 162 | - 'name' => self::ACCESS_ALLOW, |
|
| 163 | - ), |
|
| 164 | - PageEditComment::class => array( |
|
| 165 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 166 | - ), |
|
| 167 | - PageEmailManagement::class => array( |
|
| 168 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 169 | - 'view' => self::ACCESS_ALLOW, |
|
| 170 | - ), |
|
| 171 | - PageExpandedRequestList::class => array( |
|
| 172 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 173 | - ), |
|
| 174 | - PageLog::class => array( |
|
| 175 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 176 | - ), |
|
| 177 | - PageSearch::class => array( |
|
| 178 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 179 | - 'byName' => self::ACCESS_ALLOW, |
|
| 180 | - 'byEmail' => self::ACCESS_ALLOW, |
|
| 181 | - 'byIp' => self::ACCESS_ALLOW, |
|
| 182 | - 'allowNonConfirmed' => self::ACCESS_ALLOW, |
|
| 183 | - ), |
|
| 184 | - PageWelcomeTemplateManagement::class => array( |
|
| 185 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 186 | - 'select' => self::ACCESS_ALLOW, |
|
| 187 | - 'view' => self::ACCESS_ALLOW, |
|
| 188 | - ), |
|
| 189 | - PageViewRequest::class => array( |
|
| 190 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 191 | - 'seeAllRequests' => self::ACCESS_ALLOW, |
|
| 192 | - ), |
|
| 193 | - 'RequestData' => array( |
|
| 194 | - 'seePrivateDataWhenReserved' => self::ACCESS_ALLOW, |
|
| 195 | - 'seePrivateDataWithHash' => self::ACCESS_ALLOW, |
|
| 196 | - 'seeRelatedRequests' => self::ACCESS_ALLOW, |
|
| 197 | - ), |
|
| 198 | - PageCustomClose::class => array( |
|
| 199 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 200 | - ), |
|
| 201 | - PageComment::class => array( |
|
| 202 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 203 | - ), |
|
| 204 | - PageFlagComment::class => array( |
|
| 205 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 206 | - ), |
|
| 207 | - PageCloseRequest::class => array( |
|
| 208 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 209 | - ), |
|
| 210 | - PageCreateRequest::class => array( |
|
| 211 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 212 | - ), |
|
| 213 | - PageDeferRequest::class => array( |
|
| 214 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 215 | - ), |
|
| 216 | - PageDropRequest::class => array( |
|
| 217 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 218 | - ), |
|
| 219 | - PageReservation::class => array( |
|
| 220 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 221 | - ), |
|
| 222 | - PageSendToUser::class => array( |
|
| 223 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 224 | - ), |
|
| 225 | - PageBreakReservation::class => array( |
|
| 226 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 227 | - ), |
|
| 228 | - PageJobQueue::class => array( |
|
| 229 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 230 | - 'view' => self::ACCESS_ALLOW, |
|
| 231 | - 'all' => self::ACCESS_ALLOW, |
|
| 232 | - 'acknowledge' => self::ACCESS_ALLOW, |
|
| 233 | - 'cancel' => self::ACCESS_ALLOW |
|
| 234 | - ), |
|
| 235 | - PageDomainManagement::class => array( |
|
| 236 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 237 | - ), |
|
| 238 | - PageRequestFormManagement::class => array( |
|
| 239 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 240 | - 'view' => self::ACCESS_ALLOW, |
|
| 241 | - 'preview' => self::ACCESS_ALLOW, |
|
| 242 | - ), |
|
| 243 | - 'RequestCreation' => array( |
|
| 244 | - PreferenceManager::CREATION_MANUAL => self::ACCESS_ALLOW, |
|
| 245 | - PreferenceManager::CREATION_OAUTH => self::ACCESS_ALLOW, |
|
| 246 | - ), |
|
| 247 | - 'GlobalInfo' => array( |
|
| 248 | - 'viewSiteNotice' => self::ACCESS_ALLOW, |
|
| 249 | - 'viewOnlineUsers' => self::ACCESS_ALLOW, |
|
| 250 | - ), |
|
| 251 | - ), |
|
| 252 | - 'admin' => array( |
|
| 253 | - '_description' => 'A tool administrator.', |
|
| 254 | - '_editableBy' => array('admin', 'toolRoot'), |
|
| 255 | - '_childRoles' => array( |
|
| 256 | - 'user', |
|
| 257 | - 'requestAdminTools', |
|
| 258 | - ), |
|
| 259 | - PageEmailManagement::class => array( |
|
| 260 | - 'edit' => self::ACCESS_ALLOW, |
|
| 261 | - 'create' => self::ACCESS_ALLOW, |
|
| 262 | - ), |
|
| 263 | - PageSiteNotice::class => array( |
|
| 264 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 265 | - ), |
|
| 266 | - PageUserManagement::class => array( |
|
| 267 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 268 | - 'approve' => self::ACCESS_ALLOW, |
|
| 269 | - 'decline' => self::ACCESS_ALLOW, |
|
| 270 | - 'rename' => self::ACCESS_ALLOW, |
|
| 271 | - 'editUser' => self::ACCESS_ALLOW, |
|
| 272 | - 'suspend' => self::ACCESS_ALLOW, |
|
| 273 | - 'editRoles' => self::ACCESS_ALLOW, |
|
| 274 | - ), |
|
| 275 | - PageSearch::class => array( |
|
| 276 | - 'byComment' => self::ACCESS_ALLOW, |
|
| 277 | - ), |
|
| 278 | - PageManuallyConfirm::class => array( |
|
| 279 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 280 | - ), |
|
| 281 | - PageWelcomeTemplateManagement::class => array( |
|
| 282 | - 'edit' => self::ACCESS_ALLOW, |
|
| 283 | - 'delete' => self::ACCESS_ALLOW, |
|
| 284 | - 'add' => self::ACCESS_ALLOW, |
|
| 285 | - ), |
|
| 286 | - PageJobQueue::class => array( |
|
| 287 | - 'acknowledge' => self::ACCESS_ALLOW, |
|
| 288 | - 'requeue' => self::ACCESS_ALLOW, |
|
| 289 | - 'cancel' => self::ACCESS_ALLOW, |
|
| 290 | - ), |
|
| 291 | - 'RequestData' => array( |
|
| 292 | - 'reopenClearedRequest' => self::ACCESS_ALLOW, |
|
| 293 | - ), |
|
| 294 | - PageQueueManagement::class => array( |
|
| 295 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 296 | - 'edit' => self::ACCESS_ALLOW, |
|
| 297 | - 'create' => self::ACCESS_ALLOW, |
|
| 298 | - ), |
|
| 299 | - PageRequestFormManagement::class => array( |
|
| 300 | - 'edit' => self::ACCESS_ALLOW, |
|
| 301 | - 'create' => self::ACCESS_ALLOW, |
|
| 302 | - ), |
|
| 303 | - PageDomainManagement::class => array( |
|
| 304 | - 'edit' => self::ACCESS_ALLOW, |
|
| 305 | - ), |
|
| 306 | - ), |
|
| 307 | - 'checkuser' => array( |
|
| 308 | - '_description' => 'A user with CheckUser access', |
|
| 309 | - '_editableBy' => array('checkuser', 'steward', 'toolRoot'), |
|
| 310 | - '_childRoles' => array( |
|
| 311 | - 'user', |
|
| 312 | - 'requestAdminTools', |
|
| 313 | - ), |
|
| 314 | - PageUserManagement::class => array( |
|
| 315 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 316 | - 'suspend' => self::ACCESS_ALLOW, |
|
| 317 | - 'editRoles' => self::ACCESS_ALLOW, |
|
| 318 | - ), |
|
| 319 | - 'RequestData' => array( |
|
| 320 | - 'seeUserAgentData' => self::ACCESS_ALLOW, |
|
| 321 | - 'seeCheckuserComments' => self::ACCESS_ALLOW, |
|
| 322 | - 'createLocalAccount' => self::ACCESS_ALLOW, |
|
| 323 | - ), |
|
| 324 | - 'BanType' => array( |
|
| 325 | - 'useragent' => self::ACCESS_ALLOW, |
|
| 326 | - ), |
|
| 327 | - 'BanVisibility' => array( |
|
| 328 | - 'checkuser' => self::ACCESS_ALLOW, |
|
| 329 | - ), |
|
| 330 | - ), |
|
| 331 | - 'steward' => array( |
|
| 332 | - '_description' => 'A user with Steward access', |
|
| 333 | - '_editableBy' => array('steward', 'toolRoot'), |
|
| 334 | - '_globalOnly' => true, |
|
| 335 | - '_childRoles' => array( |
|
| 336 | - 'user', |
|
| 337 | - 'checkuser', |
|
| 338 | - ), |
|
| 339 | - 'BanType' => array( |
|
| 340 | - 'ip-largerange' => self::ACCESS_ALLOW, |
|
| 341 | - 'global' => self::ACCESS_ALLOW, |
|
| 342 | - ), |
|
| 343 | - ), |
|
| 344 | - 'toolRoot' => array( |
|
| 345 | - '_description' => 'A user with shell access to the servers running the tool', |
|
| 346 | - '_editableBy' => array('toolRoot'), |
|
| 347 | - '_globalOnly' => true, |
|
| 348 | - '_childRoles' => array( |
|
| 349 | - 'admin', |
|
| 350 | - ), |
|
| 351 | - 'BanType' => array( |
|
| 352 | - 'ip-largerange' => self::ACCESS_ALLOW, |
|
| 353 | - 'global' => self::ACCESS_ALLOW, |
|
| 354 | - ), |
|
| 355 | - PageDomainManagement::class => array( |
|
| 356 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 357 | - 'editAll' => self::ACCESS_ALLOW, |
|
| 358 | - 'edit' => self::ACCESS_ALLOW, |
|
| 359 | - 'create' => self::ACCESS_ALLOW, |
|
| 360 | - ), |
|
| 361 | - PageErrorLogViewer::class => array( |
|
| 362 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 363 | - 'view' => self::ACCESS_ALLOW, |
|
| 364 | - 'remove' => self::ACCESS_ALLOW, |
|
| 365 | - ), |
|
| 366 | - ), |
|
| 367 | - 'botCreation' => array( |
|
| 368 | - '_hidden' => true, |
|
| 369 | - '_description' => 'A user allowed to use the bot to perform account creations', |
|
| 370 | - '_editableBy' => array('admin', 'toolRoot'), |
|
| 371 | - '_childRoles' => array(), |
|
| 372 | - 'RequestCreation' => array( |
|
| 373 | - PreferenceManager::CREATION_BOT => self::ACCESS_ALLOW, |
|
| 374 | - ), |
|
| 375 | - ), |
|
| 117 | + '_childRoles' => array( |
|
| 118 | + 'public', |
|
| 119 | + ), |
|
| 120 | + PagePreferences::class => array( |
|
| 121 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 122 | + 'refreshOAuth' => self::ACCESS_ALLOW, |
|
| 123 | + ), |
|
| 124 | + PageChangePassword::class => array( |
|
| 125 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 126 | + ), |
|
| 127 | + PageMultiFactor::class => array( |
|
| 128 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 129 | + 'scratch' => self::ACCESS_ALLOW, |
|
| 130 | + 'enableYubikeyOtp' => self::ACCESS_ALLOW, |
|
| 131 | + 'enableTotp' => self::ACCESS_ALLOW, |
|
| 132 | + // allow a user to disable this even when they're not allowed to enable it |
|
| 133 | + 'disableYubikeyOtp' => self::ACCESS_ALLOW, |
|
| 134 | + 'disableTotp' => self::ACCESS_ALLOW, |
|
| 135 | + ), |
|
| 136 | + PageOAuth::class => array( |
|
| 137 | + 'attach' => self::ACCESS_ALLOW, |
|
| 138 | + 'detach' => self::ACCESS_ALLOW, |
|
| 139 | + ), |
|
| 140 | + PageDomainSwitch::class => array( |
|
| 141 | + self::MAIN => self::ACCESS_ALLOW |
|
| 142 | + ) |
|
| 143 | + ), |
|
| 144 | + 'user' => array( |
|
| 145 | + '_description' => 'A standard tool user.', |
|
| 146 | + '_editableBy' => array('admin', 'toolRoot'), |
|
| 147 | + '_childRoles' => array( |
|
| 148 | + 'internalStats', |
|
| 149 | + ), |
|
| 150 | + PageMain::class => array( |
|
| 151 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 152 | + ), |
|
| 153 | + PageBan::class => array( |
|
| 154 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 155 | + 'show' => self::ACCESS_ALLOW, |
|
| 156 | + ), |
|
| 157 | + 'BanVisibility' => array( |
|
| 158 | + 'user' => self::ACCESS_ALLOW, |
|
| 159 | + ), |
|
| 160 | + 'BanType' => array( |
|
| 161 | + 'ip' => self::ACCESS_ALLOW, |
|
| 162 | + 'name' => self::ACCESS_ALLOW, |
|
| 163 | + ), |
|
| 164 | + PageEditComment::class => array( |
|
| 165 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 166 | + ), |
|
| 167 | + PageEmailManagement::class => array( |
|
| 168 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 169 | + 'view' => self::ACCESS_ALLOW, |
|
| 170 | + ), |
|
| 171 | + PageExpandedRequestList::class => array( |
|
| 172 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 173 | + ), |
|
| 174 | + PageLog::class => array( |
|
| 175 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 176 | + ), |
|
| 177 | + PageSearch::class => array( |
|
| 178 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 179 | + 'byName' => self::ACCESS_ALLOW, |
|
| 180 | + 'byEmail' => self::ACCESS_ALLOW, |
|
| 181 | + 'byIp' => self::ACCESS_ALLOW, |
|
| 182 | + 'allowNonConfirmed' => self::ACCESS_ALLOW, |
|
| 183 | + ), |
|
| 184 | + PageWelcomeTemplateManagement::class => array( |
|
| 185 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 186 | + 'select' => self::ACCESS_ALLOW, |
|
| 187 | + 'view' => self::ACCESS_ALLOW, |
|
| 188 | + ), |
|
| 189 | + PageViewRequest::class => array( |
|
| 190 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 191 | + 'seeAllRequests' => self::ACCESS_ALLOW, |
|
| 192 | + ), |
|
| 193 | + 'RequestData' => array( |
|
| 194 | + 'seePrivateDataWhenReserved' => self::ACCESS_ALLOW, |
|
| 195 | + 'seePrivateDataWithHash' => self::ACCESS_ALLOW, |
|
| 196 | + 'seeRelatedRequests' => self::ACCESS_ALLOW, |
|
| 197 | + ), |
|
| 198 | + PageCustomClose::class => array( |
|
| 199 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 200 | + ), |
|
| 201 | + PageComment::class => array( |
|
| 202 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 203 | + ), |
|
| 204 | + PageFlagComment::class => array( |
|
| 205 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 206 | + ), |
|
| 207 | + PageCloseRequest::class => array( |
|
| 208 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 209 | + ), |
|
| 210 | + PageCreateRequest::class => array( |
|
| 211 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 212 | + ), |
|
| 213 | + PageDeferRequest::class => array( |
|
| 214 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 215 | + ), |
|
| 216 | + PageDropRequest::class => array( |
|
| 217 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 218 | + ), |
|
| 219 | + PageReservation::class => array( |
|
| 220 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 221 | + ), |
|
| 222 | + PageSendToUser::class => array( |
|
| 223 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 224 | + ), |
|
| 225 | + PageBreakReservation::class => array( |
|
| 226 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 227 | + ), |
|
| 228 | + PageJobQueue::class => array( |
|
| 229 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 230 | + 'view' => self::ACCESS_ALLOW, |
|
| 231 | + 'all' => self::ACCESS_ALLOW, |
|
| 232 | + 'acknowledge' => self::ACCESS_ALLOW, |
|
| 233 | + 'cancel' => self::ACCESS_ALLOW |
|
| 234 | + ), |
|
| 235 | + PageDomainManagement::class => array( |
|
| 236 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 237 | + ), |
|
| 238 | + PageRequestFormManagement::class => array( |
|
| 239 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 240 | + 'view' => self::ACCESS_ALLOW, |
|
| 241 | + 'preview' => self::ACCESS_ALLOW, |
|
| 242 | + ), |
|
| 243 | + 'RequestCreation' => array( |
|
| 244 | + PreferenceManager::CREATION_MANUAL => self::ACCESS_ALLOW, |
|
| 245 | + PreferenceManager::CREATION_OAUTH => self::ACCESS_ALLOW, |
|
| 246 | + ), |
|
| 247 | + 'GlobalInfo' => array( |
|
| 248 | + 'viewSiteNotice' => self::ACCESS_ALLOW, |
|
| 249 | + 'viewOnlineUsers' => self::ACCESS_ALLOW, |
|
| 250 | + ), |
|
| 251 | + ), |
|
| 252 | + 'admin' => array( |
|
| 253 | + '_description' => 'A tool administrator.', |
|
| 254 | + '_editableBy' => array('admin', 'toolRoot'), |
|
| 255 | + '_childRoles' => array( |
|
| 256 | + 'user', |
|
| 257 | + 'requestAdminTools', |
|
| 258 | + ), |
|
| 259 | + PageEmailManagement::class => array( |
|
| 260 | + 'edit' => self::ACCESS_ALLOW, |
|
| 261 | + 'create' => self::ACCESS_ALLOW, |
|
| 262 | + ), |
|
| 263 | + PageSiteNotice::class => array( |
|
| 264 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 265 | + ), |
|
| 266 | + PageUserManagement::class => array( |
|
| 267 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 268 | + 'approve' => self::ACCESS_ALLOW, |
|
| 269 | + 'decline' => self::ACCESS_ALLOW, |
|
| 270 | + 'rename' => self::ACCESS_ALLOW, |
|
| 271 | + 'editUser' => self::ACCESS_ALLOW, |
|
| 272 | + 'suspend' => self::ACCESS_ALLOW, |
|
| 273 | + 'editRoles' => self::ACCESS_ALLOW, |
|
| 274 | + ), |
|
| 275 | + PageSearch::class => array( |
|
| 276 | + 'byComment' => self::ACCESS_ALLOW, |
|
| 277 | + ), |
|
| 278 | + PageManuallyConfirm::class => array( |
|
| 279 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 280 | + ), |
|
| 281 | + PageWelcomeTemplateManagement::class => array( |
|
| 282 | + 'edit' => self::ACCESS_ALLOW, |
|
| 283 | + 'delete' => self::ACCESS_ALLOW, |
|
| 284 | + 'add' => self::ACCESS_ALLOW, |
|
| 285 | + ), |
|
| 286 | + PageJobQueue::class => array( |
|
| 287 | + 'acknowledge' => self::ACCESS_ALLOW, |
|
| 288 | + 'requeue' => self::ACCESS_ALLOW, |
|
| 289 | + 'cancel' => self::ACCESS_ALLOW, |
|
| 290 | + ), |
|
| 291 | + 'RequestData' => array( |
|
| 292 | + 'reopenClearedRequest' => self::ACCESS_ALLOW, |
|
| 293 | + ), |
|
| 294 | + PageQueueManagement::class => array( |
|
| 295 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 296 | + 'edit' => self::ACCESS_ALLOW, |
|
| 297 | + 'create' => self::ACCESS_ALLOW, |
|
| 298 | + ), |
|
| 299 | + PageRequestFormManagement::class => array( |
|
| 300 | + 'edit' => self::ACCESS_ALLOW, |
|
| 301 | + 'create' => self::ACCESS_ALLOW, |
|
| 302 | + ), |
|
| 303 | + PageDomainManagement::class => array( |
|
| 304 | + 'edit' => self::ACCESS_ALLOW, |
|
| 305 | + ), |
|
| 306 | + ), |
|
| 307 | + 'checkuser' => array( |
|
| 308 | + '_description' => 'A user with CheckUser access', |
|
| 309 | + '_editableBy' => array('checkuser', 'steward', 'toolRoot'), |
|
| 310 | + '_childRoles' => array( |
|
| 311 | + 'user', |
|
| 312 | + 'requestAdminTools', |
|
| 313 | + ), |
|
| 314 | + PageUserManagement::class => array( |
|
| 315 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 316 | + 'suspend' => self::ACCESS_ALLOW, |
|
| 317 | + 'editRoles' => self::ACCESS_ALLOW, |
|
| 318 | + ), |
|
| 319 | + 'RequestData' => array( |
|
| 320 | + 'seeUserAgentData' => self::ACCESS_ALLOW, |
|
| 321 | + 'seeCheckuserComments' => self::ACCESS_ALLOW, |
|
| 322 | + 'createLocalAccount' => self::ACCESS_ALLOW, |
|
| 323 | + ), |
|
| 324 | + 'BanType' => array( |
|
| 325 | + 'useragent' => self::ACCESS_ALLOW, |
|
| 326 | + ), |
|
| 327 | + 'BanVisibility' => array( |
|
| 328 | + 'checkuser' => self::ACCESS_ALLOW, |
|
| 329 | + ), |
|
| 330 | + ), |
|
| 331 | + 'steward' => array( |
|
| 332 | + '_description' => 'A user with Steward access', |
|
| 333 | + '_editableBy' => array('steward', 'toolRoot'), |
|
| 334 | + '_globalOnly' => true, |
|
| 335 | + '_childRoles' => array( |
|
| 336 | + 'user', |
|
| 337 | + 'checkuser', |
|
| 338 | + ), |
|
| 339 | + 'BanType' => array( |
|
| 340 | + 'ip-largerange' => self::ACCESS_ALLOW, |
|
| 341 | + 'global' => self::ACCESS_ALLOW, |
|
| 342 | + ), |
|
| 343 | + ), |
|
| 344 | + 'toolRoot' => array( |
|
| 345 | + '_description' => 'A user with shell access to the servers running the tool', |
|
| 346 | + '_editableBy' => array('toolRoot'), |
|
| 347 | + '_globalOnly' => true, |
|
| 348 | + '_childRoles' => array( |
|
| 349 | + 'admin', |
|
| 350 | + ), |
|
| 351 | + 'BanType' => array( |
|
| 352 | + 'ip-largerange' => self::ACCESS_ALLOW, |
|
| 353 | + 'global' => self::ACCESS_ALLOW, |
|
| 354 | + ), |
|
| 355 | + PageDomainManagement::class => array( |
|
| 356 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 357 | + 'editAll' => self::ACCESS_ALLOW, |
|
| 358 | + 'edit' => self::ACCESS_ALLOW, |
|
| 359 | + 'create' => self::ACCESS_ALLOW, |
|
| 360 | + ), |
|
| 361 | + PageErrorLogViewer::class => array( |
|
| 362 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 363 | + 'view' => self::ACCESS_ALLOW, |
|
| 364 | + 'remove' => self::ACCESS_ALLOW, |
|
| 365 | + ), |
|
| 366 | + ), |
|
| 367 | + 'botCreation' => array( |
|
| 368 | + '_hidden' => true, |
|
| 369 | + '_description' => 'A user allowed to use the bot to perform account creations', |
|
| 370 | + '_editableBy' => array('admin', 'toolRoot'), |
|
| 371 | + '_childRoles' => array(), |
|
| 372 | + 'RequestCreation' => array( |
|
| 373 | + PreferenceManager::CREATION_BOT => self::ACCESS_ALLOW, |
|
| 374 | + ), |
|
| 375 | + ), |
|
| 376 | 376 | |
| 377 | - // Child roles go below this point |
|
| 378 | - 'publicStats' => array( |
|
| 379 | - '_hidden' => true, |
|
| 380 | - StatsUsers::class => array( |
|
| 381 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 382 | - 'detail' => self::ACCESS_ALLOW, |
|
| 383 | - ), |
|
| 384 | - StatsTopCreators::class => array( |
|
| 385 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 386 | - ), |
|
| 387 | - StatsMonthlyStats::class => array( |
|
| 388 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 389 | - ), |
|
| 390 | - ), |
|
| 391 | - 'internalStats' => array( |
|
| 392 | - '_hidden' => true, |
|
| 393 | - StatsMain::class => array( |
|
| 394 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 395 | - ), |
|
| 396 | - StatsFastCloses::class => array( |
|
| 397 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 398 | - ), |
|
| 399 | - StatsInactiveUsers::class => array( |
|
| 400 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 401 | - ), |
|
| 402 | - StatsReservedRequests::class => array( |
|
| 403 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 404 | - ), |
|
| 405 | - StatsTemplateStats::class => array( |
|
| 406 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 407 | - ), |
|
| 408 | - ), |
|
| 409 | - 'requestAdminTools' => array( |
|
| 410 | - '_hidden' => true, |
|
| 411 | - PageBan::class => array( |
|
| 412 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 413 | - 'set' => self::ACCESS_ALLOW, |
|
| 414 | - 'remove' => self::ACCESS_ALLOW, |
|
| 415 | - 'replace' => self::ACCESS_ALLOW, |
|
| 416 | - ), |
|
| 417 | - 'BanType' => array( |
|
| 418 | - 'ip' => self::ACCESS_ALLOW, |
|
| 419 | - 'email' => self::ACCESS_ALLOW, |
|
| 420 | - 'name' => self::ACCESS_ALLOW, |
|
| 421 | - ), |
|
| 422 | - 'BanVisibility' => array( |
|
| 423 | - 'user' => self::ACCESS_ALLOW, |
|
| 424 | - 'admin' => self::ACCESS_ALLOW, |
|
| 425 | - ), |
|
| 426 | - PageEditComment::class => array( |
|
| 427 | - 'editOthers' => self::ACCESS_ALLOW, |
|
| 428 | - ), |
|
| 429 | - PageBreakReservation::class => array( |
|
| 430 | - 'force' => self::ACCESS_ALLOW, |
|
| 431 | - ), |
|
| 432 | - PageCustomClose::class => array( |
|
| 433 | - 'skipCcMailingList' => self::ACCESS_ALLOW, |
|
| 434 | - ), |
|
| 435 | - PageFlagComment::class => array( |
|
| 436 | - 'unflag' => self::ACCESS_ALLOW, |
|
| 437 | - ), |
|
| 438 | - PageListFlaggedComments::class => array( |
|
| 439 | - self::MAIN => self::ACCESS_ALLOW, |
|
| 440 | - ), |
|
| 441 | - 'RequestData' => array( |
|
| 442 | - 'reopenOldRequest' => self::ACCESS_ALLOW, |
|
| 443 | - 'alwaysSeePrivateData' => self::ACCESS_ALLOW, |
|
| 444 | - 'alwaysSeeHash' => self::ACCESS_ALLOW, |
|
| 445 | - 'seeRestrictedComments' => self::ACCESS_ALLOW, |
|
| 446 | - ), |
|
| 447 | - ), |
|
| 448 | - ); |
|
| 377 | + // Child roles go below this point |
|
| 378 | + 'publicStats' => array( |
|
| 379 | + '_hidden' => true, |
|
| 380 | + StatsUsers::class => array( |
|
| 381 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 382 | + 'detail' => self::ACCESS_ALLOW, |
|
| 383 | + ), |
|
| 384 | + StatsTopCreators::class => array( |
|
| 385 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 386 | + ), |
|
| 387 | + StatsMonthlyStats::class => array( |
|
| 388 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 389 | + ), |
|
| 390 | + ), |
|
| 391 | + 'internalStats' => array( |
|
| 392 | + '_hidden' => true, |
|
| 393 | + StatsMain::class => array( |
|
| 394 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 395 | + ), |
|
| 396 | + StatsFastCloses::class => array( |
|
| 397 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 398 | + ), |
|
| 399 | + StatsInactiveUsers::class => array( |
|
| 400 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 401 | + ), |
|
| 402 | + StatsReservedRequests::class => array( |
|
| 403 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 404 | + ), |
|
| 405 | + StatsTemplateStats::class => array( |
|
| 406 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 407 | + ), |
|
| 408 | + ), |
|
| 409 | + 'requestAdminTools' => array( |
|
| 410 | + '_hidden' => true, |
|
| 411 | + PageBan::class => array( |
|
| 412 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 413 | + 'set' => self::ACCESS_ALLOW, |
|
| 414 | + 'remove' => self::ACCESS_ALLOW, |
|
| 415 | + 'replace' => self::ACCESS_ALLOW, |
|
| 416 | + ), |
|
| 417 | + 'BanType' => array( |
|
| 418 | + 'ip' => self::ACCESS_ALLOW, |
|
| 419 | + 'email' => self::ACCESS_ALLOW, |
|
| 420 | + 'name' => self::ACCESS_ALLOW, |
|
| 421 | + ), |
|
| 422 | + 'BanVisibility' => array( |
|
| 423 | + 'user' => self::ACCESS_ALLOW, |
|
| 424 | + 'admin' => self::ACCESS_ALLOW, |
|
| 425 | + ), |
|
| 426 | + PageEditComment::class => array( |
|
| 427 | + 'editOthers' => self::ACCESS_ALLOW, |
|
| 428 | + ), |
|
| 429 | + PageBreakReservation::class => array( |
|
| 430 | + 'force' => self::ACCESS_ALLOW, |
|
| 431 | + ), |
|
| 432 | + PageCustomClose::class => array( |
|
| 433 | + 'skipCcMailingList' => self::ACCESS_ALLOW, |
|
| 434 | + ), |
|
| 435 | + PageFlagComment::class => array( |
|
| 436 | + 'unflag' => self::ACCESS_ALLOW, |
|
| 437 | + ), |
|
| 438 | + PageListFlaggedComments::class => array( |
|
| 439 | + self::MAIN => self::ACCESS_ALLOW, |
|
| 440 | + ), |
|
| 441 | + 'RequestData' => array( |
|
| 442 | + 'reopenOldRequest' => self::ACCESS_ALLOW, |
|
| 443 | + 'alwaysSeePrivateData' => self::ACCESS_ALLOW, |
|
| 444 | + 'alwaysSeeHash' => self::ACCESS_ALLOW, |
|
| 445 | + 'seeRestrictedComments' => self::ACCESS_ALLOW, |
|
| 446 | + ), |
|
| 447 | + ), |
|
| 448 | + ); |
|
| 449 | 449 | |
| 450 | - /** @var array |
|
| 451 | - * List of roles which are *exempt* from the identification requirements |
|
| 452 | - * |
|
| 453 | - * Think twice about adding roles to this list. |
|
| 454 | - * |
|
| 455 | - * @category Security-Critical |
|
| 456 | - */ |
|
| 457 | - private array $identificationExempt = array('public', 'loggedIn'); |
|
| 450 | + /** @var array |
|
| 451 | + * List of roles which are *exempt* from the identification requirements |
|
| 452 | + * |
|
| 453 | + * Think twice about adding roles to this list. |
|
| 454 | + * |
|
| 455 | + * @category Security-Critical |
|
| 456 | + */ |
|
| 457 | + private array $identificationExempt = array('public', 'loggedIn'); |
|
| 458 | 458 | |
| 459 | - /** |
|
| 460 | - * RoleConfiguration constructor. |
|
| 461 | - * |
|
| 462 | - * @param ?array $roleConfig Set to non-null to override the default configuration. |
|
| 463 | - * @param ?array $identificationExempt Set to non-null to override the default configuration. |
|
| 464 | - */ |
|
| 465 | - public function __construct(array $roleConfig = null, array $identificationExempt = null) |
|
| 466 | - { |
|
| 467 | - if ($roleConfig !== null) { |
|
| 468 | - $this->roleConfig = $roleConfig; |
|
| 469 | - } |
|
| 459 | + /** |
|
| 460 | + * RoleConfiguration constructor. |
|
| 461 | + * |
|
| 462 | + * @param ?array $roleConfig Set to non-null to override the default configuration. |
|
| 463 | + * @param ?array $identificationExempt Set to non-null to override the default configuration. |
|
| 464 | + */ |
|
| 465 | + public function __construct(array $roleConfig = null, array $identificationExempt = null) |
|
| 466 | + { |
|
| 467 | + if ($roleConfig !== null) { |
|
| 468 | + $this->roleConfig = $roleConfig; |
|
| 469 | + } |
|
| 470 | 470 | |
| 471 | - if ($identificationExempt !== null) { |
|
| 472 | - $this->identificationExempt = $identificationExempt; |
|
| 473 | - } |
|
| 474 | - } |
|
| 471 | + if ($identificationExempt !== null) { |
|
| 472 | + $this->identificationExempt = $identificationExempt; |
|
| 473 | + } |
|
| 474 | + } |
|
| 475 | 475 | |
| 476 | - /** |
|
| 477 | - * @param array $roles The roles to check |
|
| 478 | - */ |
|
| 479 | - public function getApplicableRoles(array $roles): array |
|
| 480 | - { |
|
| 481 | - $available = array(); |
|
| 476 | + /** |
|
| 477 | + * @param array $roles The roles to check |
|
| 478 | + */ |
|
| 479 | + public function getApplicableRoles(array $roles): array |
|
| 480 | + { |
|
| 481 | + $available = array(); |
|
| 482 | 482 | |
| 483 | - foreach ($roles as $role) { |
|
| 484 | - if (!isset($this->roleConfig[$role])) { |
|
| 485 | - // wat |
|
| 486 | - continue; |
|
| 487 | - } |
|
| 483 | + foreach ($roles as $role) { |
|
| 484 | + if (!isset($this->roleConfig[$role])) { |
|
| 485 | + // wat |
|
| 486 | + continue; |
|
| 487 | + } |
|
| 488 | 488 | |
| 489 | - $available[$role] = $this->roleConfig[$role]; |
|
| 489 | + $available[$role] = $this->roleConfig[$role]; |
|
| 490 | 490 | |
| 491 | - if (isset($available[$role]['_childRoles'])) { |
|
| 492 | - $childRoles = $this->getApplicableRoles($available[$role]['_childRoles']); |
|
| 493 | - $available = array_merge($available, $childRoles); |
|
| 491 | + if (isset($available[$role]['_childRoles'])) { |
|
| 492 | + $childRoles = $this->getApplicableRoles($available[$role]['_childRoles']); |
|
| 493 | + $available = array_merge($available, $childRoles); |
|
| 494 | 494 | |
| 495 | - unset($available[$role]['_childRoles']); |
|
| 496 | - } |
|
| 495 | + unset($available[$role]['_childRoles']); |
|
| 496 | + } |
|
| 497 | 497 | |
| 498 | - foreach (array('_hidden', '_editableBy', '_description') as $item) { |
|
| 499 | - if (isset($available[$role][$item])) { |
|
| 500 | - unset($available[$role][$item]); |
|
| 501 | - } |
|
| 502 | - } |
|
| 503 | - } |
|
| 498 | + foreach (array('_hidden', '_editableBy', '_description') as $item) { |
|
| 499 | + if (isset($available[$role][$item])) { |
|
| 500 | + unset($available[$role][$item]); |
|
| 501 | + } |
|
| 502 | + } |
|
| 503 | + } |
|
| 504 | 504 | |
| 505 | - return $available; |
|
| 506 | - } |
|
| 505 | + return $available; |
|
| 506 | + } |
|
| 507 | 507 | |
| 508 | - public function getAvailableRoles(): array |
|
| 509 | - { |
|
| 510 | - $possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn')); |
|
| 508 | + public function getAvailableRoles(): array |
|
| 509 | + { |
|
| 510 | + $possible = array_diff(array_keys($this->roleConfig), array('public', 'loggedIn')); |
|
| 511 | 511 | |
| 512 | - $actual = array(); |
|
| 512 | + $actual = array(); |
|
| 513 | 513 | |
| 514 | - foreach ($possible as $role) { |
|
| 515 | - if (!isset($this->roleConfig[$role]['_hidden'])) { |
|
| 516 | - $actual[$role] = array( |
|
| 517 | - 'description' => $this->roleConfig[$role]['_description'], |
|
| 518 | - 'editableBy' => $this->roleConfig[$role]['_editableBy'], |
|
| 519 | - 'globalOnly' => isset($this->roleConfig[$role]['_globalOnly']) && $this->roleConfig[$role]['_globalOnly'], |
|
| 520 | - ); |
|
| 521 | - } |
|
| 522 | - } |
|
| 514 | + foreach ($possible as $role) { |
|
| 515 | + if (!isset($this->roleConfig[$role]['_hidden'])) { |
|
| 516 | + $actual[$role] = array( |
|
| 517 | + 'description' => $this->roleConfig[$role]['_description'], |
|
| 518 | + 'editableBy' => $this->roleConfig[$role]['_editableBy'], |
|
| 519 | + 'globalOnly' => isset($this->roleConfig[$role]['_globalOnly']) && $this->roleConfig[$role]['_globalOnly'], |
|
| 520 | + ); |
|
| 521 | + } |
|
| 522 | + } |
|
| 523 | 523 | |
| 524 | - return $actual; |
|
| 525 | - } |
|
| 524 | + return $actual; |
|
| 525 | + } |
|
| 526 | 526 | |
| 527 | - public function roleNeedsIdentification(string $role): bool |
|
| 528 | - { |
|
| 529 | - if (in_array($role, $this->identificationExempt)) { |
|
| 530 | - return false; |
|
| 531 | - } |
|
| 527 | + public function roleNeedsIdentification(string $role): bool |
|
| 528 | + { |
|
| 529 | + if (in_array($role, $this->identificationExempt)) { |
|
| 530 | + return false; |
|
| 531 | + } |
|
| 532 | 532 | |
| 533 | - return true; |
|
| 534 | - } |
|
| 533 | + return true; |
|
| 534 | + } |
|
| 535 | 535 | } |
