mdaniels5757 / waca

includes/Pages/RequestAction/PageDropRequest.php

Indentation +15 added lines, -15 removed lines

@@ -15,22 +15,22 @@
 
 class PageDropRequest extends PageCloseRequest
 {
-    protected function getTemplate(PdoDatabase $database)
-    {
-        return EmailTemplate::getDroppedTemplate();
-    }
+	protected function getTemplate(PdoDatabase $database)
+	{
+		return EmailTemplate::getDroppedTemplate();
+	}
 
-    protected function confirmEmailAlreadySent(Request $request, EmailTemplate $template)
-    {
-        return false;
-    }
+	protected function confirmEmailAlreadySent(Request $request, EmailTemplate $template)
+	{
+		return false;
+	}
 
-    protected function confirmAccountCreated(Request $request, EmailTemplate $template)
-    {
-        return false;
-    }
+	protected function confirmAccountCreated(Request $request, EmailTemplate $template)
+	{
+		return false;
+	}
 
-    protected function sendMail(Request $request, $mailText, User $currentUser, $ccMailingList)
-    {
-    }
+	protected function sendMail(Request $request, $mailText, User $currentUser, $ccMailingList)
+	{
+	}
 }
\ No newline at end of file

includes/Pages/RequestAction/PageCloseRequest.php

Indentation +227 added lines, -227 removed lines

@@ -21,231 +21,231 @@
 
 class PageCloseRequest extends RequestActionBase
 {
-    protected function main()
-    {
-        $this->processClose();
-    }
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    final protected function processClose()
-    {
-        $this->checkPosted();
-        $database = $this->getDatabase();
-
-        $currentUser = User::getCurrent($database);
-        $template = $this->getTemplate($database);
-        $request = $this->getRequest($database);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-
-        if ($request->getStatus() === 'Closed') {
-            throw new ApplicationLogicException('Request is already closed');
-        }
-
-        if ($this->confirmEmailAlreadySent($request, $template)) {
-            return;
-        }
-
-        if ($this->checkReserveProtect($request, $currentUser)) {
-            return;
-        }
-
-        if ($this->confirmAccountCreated($request, $template)) {
-            return;
-        }
-
-        // I think we're good here...
-        $request->setStatus('Closed');
-        $request->setReserved(null);
-
-        Logger::closeRequest($database, $request, $template->getId(), null);
-
-        $request->save();
-
-        $this->processWelcome($template->getDefaultAction());
-
-        // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and
-        // be rolled back.
-
-        $this->getNotificationHelper()->requestClosed($request, $template->getName());
-        $sanitisedTemplateName = htmlentities($template->getName(), ENT_COMPAT, 'UTF-8');
-        SessionAlert::success("Request {$request->getId()} has been closed as {$sanitisedTemplateName}");
-
-        $this->sendMail($request, $template->getText(), $currentUser, false);
-
-        $this->redirect();
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return EmailTemplate
-     * @throws ApplicationLogicException
-     */
-    protected function getTemplate(PdoDatabase $database)
-    {
-        $templateId = WebRequest::postInt('template');
-        if ($templateId === null) {
-            throw new ApplicationLogicException('No template specified');
-        }
-
-        /** @var EmailTemplate $template */
-        $template = EmailTemplate::getById($templateId, $database);
-        if ($template === false || !$template->getActive()) {
-            throw new ApplicationLogicException('Invalid or inactive template specified');
-        }
-
-        return $template;
-    }
-
-    /**
-     * @param Request       $request
-     * @param EmailTemplate $template
-     *
-     * @return bool
-     */
-    protected function confirmEmailAlreadySent(Request $request, EmailTemplate $template)
-    {
-        if ($this->checkEmailAlreadySent($request)) {
-            $this->showConfirmation($request, $template, 'close-confirmations/email-sent.tpl');
-
-            return true;
-        }
-
-        return false;
-    }
-
-    protected function checkEmailAlreadySent(Request $request)
-    {
-        if ($request->getEmailSent() && !WebRequest::postBoolean('emailSentOverride')) {
-            return true;
-        }
-
-        return false;
-    }
-
-    protected function checkReserveProtect(Request $request, User $currentUser)
-    {
-        $reservationId = $request->getReserved();
-
-        if ($reservationId !== 0 && $reservationId !== null) {
-            if ($currentUser->getId() !== $reservationId) {
-                SessionAlert::error("Request is reserved by someone else.");
-                $this->redirect('/viewRequest', null, ['id' => $request->getId()] );
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    /**
-     * @param Request       $request
-     * @param EmailTemplate $template
-     *
-     * @return bool
-     * @throws Exception
-     */
-    protected function confirmAccountCreated(Request $request, EmailTemplate $template)
-    {
-        if ($this->checkAccountCreated($request, $template)) {
-            $this->showConfirmation($request, $template, 'close-confirmations/account-created.tpl');
-
-            return true;
-        }
-
-        return false;
-    }
-
-    protected function checkAccountCreated(Request $request, EmailTemplate $template)
-    {
-        if ($template->getDefaultAction() === EmailTemplate::CREATED && !WebRequest::postBoolean('createOverride')) {
-            $parameters = array(
-                'action'  => 'query',
-                'list'    => 'users',
-                'format'  => 'php',
-                'ususers' => $request->getName(),
-            );
-
-            $content = $this->getHttpHelper()->get($this->getSiteConfiguration()->getMediawikiWebServiceEndpoint(),
-                $parameters);
-
-            $apiResult = unserialize($content);
-            $exists = !isset($apiResult['query']['users']['0']['missing']);
-
-            if (!$exists) {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    /**
-     * @param Request $request
-     * @param string  $mailText
-     * @param User    $currentUser
-     * @param boolean $ccMailingList
-     */
-    protected function sendMail(Request $request, $mailText, User $currentUser, $ccMailingList)
-    {
-        $requestEmailHelper = new RequestEmailHelper($this->getEmailHelper());
-        $requestEmailHelper->sendMail($request, $mailText, $currentUser, $ccMailingList);
-
-        $request->setEmailSent(true);
-        $request->save();
-    }
-
-    /**
-     * @param Request       $request
-     * @param EmailTemplate $template
-     * @param string        $templateName
-     *
-     * @throws Exception
-     * @return void
-     */
-    protected function showConfirmation(Request $request, EmailTemplate $template, $templateName)
-    {
-        $this->assignCSRFToken();
-
-        $this->assign('request', $request->getId());
-        $this->assign('template', $template->getId());
-
-        $this->assign('updateversion', $request->getUpdateVersion());
-
-        $this->assign('emailSentOverride', WebRequest::postBoolean('emailSentOverride') ? 'true' : 'false');
-        $this->assign('reserveOverride', WebRequest::postBoolean('reserveOverride') ? 'true' : 'false');
-        $this->assign('createOverride', WebRequest::postBoolean('createOverride') ? 'true' : 'false');
-
-        $this->skipAlerts();
-
-        $this->setTemplate($templateName);
-    }
-
-    /**
-     * @param string $action
-     *
-     * @throws ApplicationLogicException
-     */
-    final protected function processWelcome(string $action): void
-    {
-        $database = $this->getDatabase();
-        $currentUser = User::getCurrent($database);
-
-        if ($action !== EmailTemplate::CREATED) {
-            return;
-        }
-
-        if ($currentUser->getWelcomeTemplate() === null) {
-            return;
-        }
-
-        if (WebRequest::postBoolean('skipAutoWelcome')) {
-            return;
-        }
-
-        $this->enqueueWelcomeTask($this->getRequest($database), null, $currentUser, $database);
-    }
+	protected function main()
+	{
+		$this->processClose();
+	}
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	final protected function processClose()
+	{
+		$this->checkPosted();
+		$database = $this->getDatabase();
+
+		$currentUser = User::getCurrent($database);
+		$template = $this->getTemplate($database);
+		$request = $this->getRequest($database);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+
+		if ($request->getStatus() === 'Closed') {
+			throw new ApplicationLogicException('Request is already closed');
+		}
+
+		if ($this->confirmEmailAlreadySent($request, $template)) {
+			return;
+		}
+
+		if ($this->checkReserveProtect($request, $currentUser)) {
+			return;
+		}
+
+		if ($this->confirmAccountCreated($request, $template)) {
+			return;
+		}
+
+		// I think we're good here...
+		$request->setStatus('Closed');
+		$request->setReserved(null);
+
+		Logger::closeRequest($database, $request, $template->getId(), null);
+
+		$request->save();
+
+		$this->processWelcome($template->getDefaultAction());
+
+		// Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and
+		// be rolled back.
+
+		$this->getNotificationHelper()->requestClosed($request, $template->getName());
+		$sanitisedTemplateName = htmlentities($template->getName(), ENT_COMPAT, 'UTF-8');
+		SessionAlert::success("Request {$request->getId()} has been closed as {$sanitisedTemplateName}");
+
+		$this->sendMail($request, $template->getText(), $currentUser, false);
+
+		$this->redirect();
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return EmailTemplate
+	 * @throws ApplicationLogicException
+	 */
+	protected function getTemplate(PdoDatabase $database)
+	{
+		$templateId = WebRequest::postInt('template');
+		if ($templateId === null) {
+			throw new ApplicationLogicException('No template specified');
+		}
+
+		/** @var EmailTemplate $template */
+		$template = EmailTemplate::getById($templateId, $database);
+		if ($template === false || !$template->getActive()) {
+			throw new ApplicationLogicException('Invalid or inactive template specified');
+		}
+
+		return $template;
+	}
+
+	/**
+	 * @param Request       $request
+	 * @param EmailTemplate $template
+	 *
+	 * @return bool
+	 */
+	protected function confirmEmailAlreadySent(Request $request, EmailTemplate $template)
+	{
+		if ($this->checkEmailAlreadySent($request)) {
+			$this->showConfirmation($request, $template, 'close-confirmations/email-sent.tpl');
+
+			return true;
+		}
+
+		return false;
+	}
+
+	protected function checkEmailAlreadySent(Request $request)
+	{
+		if ($request->getEmailSent() && !WebRequest::postBoolean('emailSentOverride')) {
+			return true;
+		}
+
+		return false;
+	}
+
+	protected function checkReserveProtect(Request $request, User $currentUser)
+	{
+		$reservationId = $request->getReserved();
+
+		if ($reservationId !== 0 && $reservationId !== null) {
+			if ($currentUser->getId() !== $reservationId) {
+				SessionAlert::error("Request is reserved by someone else.");
+				$this->redirect('/viewRequest', null, ['id' => $request->getId()] );
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * @param Request       $request
+	 * @param EmailTemplate $template
+	 *
+	 * @return bool
+	 * @throws Exception
+	 */
+	protected function confirmAccountCreated(Request $request, EmailTemplate $template)
+	{
+		if ($this->checkAccountCreated($request, $template)) {
+			$this->showConfirmation($request, $template, 'close-confirmations/account-created.tpl');
+
+			return true;
+		}
+
+		return false;
+	}
+
+	protected function checkAccountCreated(Request $request, EmailTemplate $template)
+	{
+		if ($template->getDefaultAction() === EmailTemplate::CREATED && !WebRequest::postBoolean('createOverride')) {
+			$parameters = array(
+				'action'  => 'query',
+				'list'    => 'users',
+				'format'  => 'php',
+				'ususers' => $request->getName(),
+			);
+
+			$content = $this->getHttpHelper()->get($this->getSiteConfiguration()->getMediawikiWebServiceEndpoint(),
+				$parameters);
+
+			$apiResult = unserialize($content);
+			$exists = !isset($apiResult['query']['users']['0']['missing']);
+
+			if (!$exists) {
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * @param Request $request
+	 * @param string  $mailText
+	 * @param User    $currentUser
+	 * @param boolean $ccMailingList
+	 */
+	protected function sendMail(Request $request, $mailText, User $currentUser, $ccMailingList)
+	{
+		$requestEmailHelper = new RequestEmailHelper($this->getEmailHelper());
+		$requestEmailHelper->sendMail($request, $mailText, $currentUser, $ccMailingList);
+
+		$request->setEmailSent(true);
+		$request->save();
+	}
+
+	/**
+	 * @param Request       $request
+	 * @param EmailTemplate $template
+	 * @param string        $templateName
+	 *
+	 * @throws Exception
+	 * @return void
+	 */
+	protected function showConfirmation(Request $request, EmailTemplate $template, $templateName)
+	{
+		$this->assignCSRFToken();
+
+		$this->assign('request', $request->getId());
+		$this->assign('template', $template->getId());
+
+		$this->assign('updateversion', $request->getUpdateVersion());
+
+		$this->assign('emailSentOverride', WebRequest::postBoolean('emailSentOverride') ? 'true' : 'false');
+		$this->assign('reserveOverride', WebRequest::postBoolean('reserveOverride') ? 'true' : 'false');
+		$this->assign('createOverride', WebRequest::postBoolean('createOverride') ? 'true' : 'false');
+
+		$this->skipAlerts();
+
+		$this->setTemplate($templateName);
+	}
+
+	/**
+	 * @param string $action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	final protected function processWelcome(string $action): void
+	{
+		$database = $this->getDatabase();
+		$currentUser = User::getCurrent($database);
+
+		if ($action !== EmailTemplate::CREATED) {
+			return;
+		}
+
+		if ($currentUser->getWelcomeTemplate() === null) {
+			return;
+		}
+
+		if (WebRequest::postBoolean('skipAutoWelcome')) {
+			return;
+		}
+
+		$this->enqueueWelcomeTask($this->getRequest($database), null, $currentUser, $database);
+	}
 }

includes/Pages/RequestAction/PageCustomClose.php

Indentation +274 added lines, -274 removed lines

@@ -24,278 +24,278 @@
 
 class PageCustomClose extends PageCloseRequest
 {
-    use RequestData;
-
-    protected function main()
-    {
-        $database = $this->getDatabase();
-
-        $request = $this->getRequest($database);
-        $currentUser = User::getCurrent($this->getDatabase());
-
-        if ($request->getStatus() === 'Closed') {
-            throw new ApplicationLogicException('Request is already closed');
-        }
-
-        // Dual-mode page
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $this->doCustomClose($currentUser, $request, $database);
-
-            $this->redirect();
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->showCustomCloseForm($database, $request);
-        }
-    }
-
-    /**
-     * @param $database
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database)
-    {
-        $requestId = WebRequest::getInt('request');
-        if ($requestId === null) {
-            throw new ApplicationLogicException('Request ID not found');
-        }
-
-        /** @var Request $request */
-        $request = Request::getById($requestId, $database);
-
-        if ($request === false) {
-            throw new ApplicationLogicException('Request not found');
-        }
-
-        return $request;
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return EmailTemplate|null
-     */
-    protected function getTemplate(PdoDatabase $database)
-    {
-        $templateId = WebRequest::getInt('template');
-        if ($templateId === null) {
-            return null;
-        }
-
-        /** @var EmailTemplate $template */
-        $template = EmailTemplate::getById($templateId, $database);
-        if ($template === false || !$template->getActive()) {
-            return null;
-        }
-
-        return $template;
-    }
-
-    /**
-     * @param $database
-     * @param $request
-     *
-     * @throws Exception
-     */
-    protected function showCustomCloseForm(PdoDatabase $database, Request $request)
-    {
-        $currentUser = User::getCurrent($database);
-        $config = $this->getSiteConfiguration();
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-        if (!$allowedPrivateData) {
-            // we probably shouldn't be showing the user this form if they're not allowed to access private data...
-            throw new AccessDeniedException($this->getSecurityManager());
-        }
-
-        $template = $this->getTemplate($database);
-
-        // Preload data
-        $this->assign('defaultAction', '');
-        $this->assign('preloadText', '');
-        $this->assign('preloadTitle', '');
-
-        if ($template !== null) {
-            $this->assign('defaultAction', $template->getDefaultAction());
-            $this->assign('preloadText', $template->getText());
-            $this->assign('preloadTitle', $template->getName());
-        }
-
-        // Static data
-        $this->assign('requeststates', $config->getRequestStates());
-
-        // request data
-        $this->assign('requestId', $request->getIp());
-        $this->assign('updateVersion', $request->getUpdateVersion());
-        $this->setupBasicData($request, $config);
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
-
-        // IP location
-        $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-        $this->assign('iplocation', $this->getLocationProvider()->getIpLocation($trustedIp));
-
-        // Confirmations
-        $this->assign('confirmEmailAlreadySent', $this->checkEmailAlreadySent($request));
-
-        $this->assign('canSkipCcMailingList', $this->barrierTest('skipCcMailingList', $currentUser));
-
-        $this->assign('allowWelcomeSkip', false);
-        $this->assign('forceWelcomeSkip', false);
-
-        $oauth = new OAuthUserHelper($currentUser, $this->getDatabase(), $this->getOAuthProtocolHelper(), $config);
-
-        if ($currentUser->getWelcomeTemplate() != 0) {
-            $this->assign('allowWelcomeSkip', true);
-
-            if (!$oauth->canWelcome()) {
-                $this->assign('forceWelcomeSkip', true);
-            }
-        }
-
-
-        // template
-        $this->setTemplate('custom-close.tpl');
-    }
-
-    /**
-     * @param User        $currentUser
-     * @param Request     $request
-     * @param PdoDatabase $database
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function doCustomClose(User $currentUser, Request $request, PdoDatabase $database)
-    {
-        $messageBody = WebRequest::postString('msgbody');
-        if ($messageBody === null || trim($messageBody) === '') {
-            throw new ApplicationLogicException('Message body cannot be blank');
-        }
-
-        $ccMailingList = true;
-        if ($this->barrierTest('skipCcMailingList', $currentUser)) {
-            $ccMailingList = WebRequest::postBoolean('ccMailingList');
-        }
-
-        if ($request->getStatus() === 'Closed') {
-            throw new ApplicationLogicException('Request is already closed');
-        }
-
-        if (!(WebRequest::postBoolean('confirmEmailAlreadySent'))
-        ) {
-            throw new ApplicationLogicException('Not all confirmations checked');
-        }
-
-        $action = WebRequest::postString('action');
-        $availableRequestStates = $this->getSiteConfiguration()->getRequestStates();
-
-        if ($action === EmailTemplate::CREATED || $action === EmailTemplate::NOT_CREATED) {
-            // Close request
-            $this->closeRequest($request, $database, $action, $messageBody);
-
-            $this->processWelcome($action);
-
-            // Send the mail after the save, since save can be rolled back
-            $this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
-        }
-        else {
-            if (array_key_exists($action, $availableRequestStates)) {
-                // Defer to other state
-                $this->deferRequest($request, $database, $action, $availableRequestStates, $messageBody);
-
-                // Send the mail after the save, since save can be rolled back
-                $this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
-            }
-            else {
-                $request->setReserved(null);
-                $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-                $request->save();
-
-                // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE
-                // and be rolled back.
-
-                // Send mail
-                $this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
-
-                Logger::sentMail($database, $request, $messageBody);
-                Logger::unreserve($database, $request);
-
-                $this->getNotificationHelper()->sentMail($request);
-                SessionAlert::success("Sent mail to Request {$request->getId()}");
-            }
-        }
-    }
-
-    /**
-     * @param Request     $request
-     * @param PdoDatabase $database
-     * @param string      $action
-     * @param string      $messageBody
-     *
-     * @throws Exception
-     * @throws OptimisticLockFailedException
-     */
-    protected function closeRequest(Request $request, PdoDatabase $database, $action, $messageBody)
-    {
-        $request->setStatus('Closed');
-        $request->setReserved(null);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-        $request->save();
-
-        // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and
-        // be rolled back.
-
-        if ($action == EmailTemplate::CREATED) {
-            $logCloseType = 'custom-y';
-            $notificationCloseType = "Custom, Created";
-        }
-        else {
-            $logCloseType = 'custom-n';
-            $notificationCloseType = "Custom, Not Created";
-        }
-
-        Logger::closeRequest($database, $request, $logCloseType, $messageBody);
-        $this->getNotificationHelper()->requestClosed($request, $notificationCloseType);
-
-        $requestName = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
-        SessionAlert::success("Request {$request->getId()} ({$requestName}) closed as {$notificationCloseType}.");
-    }
-
-    /**
-     * @param Request     $request
-     * @param PdoDatabase $database
-     * @param string      $action
-     * @param             $availableRequestStates
-     * @param string      $messageBody
-     *
-     * @throws Exception
-     * @throws OptimisticLockFailedException
-     */
-    protected function deferRequest(
-        Request $request,
-        PdoDatabase $database,
-        $action,
-        $availableRequestStates,
-        $messageBody
-    ) {
-        $request->setStatus($action);
-        $request->setReserved(null);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-        $request->save();
-
-        // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE
-        // and be rolled back.
-
-        $deferToLog = $availableRequestStates[$action]['defertolog'];
-        Logger::sentMail($database, $request, $messageBody);
-        Logger::deferRequest($database, $request, $deferToLog);
-
-        $this->getNotificationHelper()->requestDeferredWithMail($request);
-
-        $deferTo = $availableRequestStates[$action]['deferto'];
-        SessionAlert::success("Request {$request->getId()} deferred to $deferTo, sending an email.");
-    }
+	use RequestData;
+
+	protected function main()
+	{
+		$database = $this->getDatabase();
+
+		$request = $this->getRequest($database);
+		$currentUser = User::getCurrent($this->getDatabase());
+
+		if ($request->getStatus() === 'Closed') {
+			throw new ApplicationLogicException('Request is already closed');
+		}
+
+		// Dual-mode page
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$this->doCustomClose($currentUser, $request, $database);
+
+			$this->redirect();
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->showCustomCloseForm($database, $request);
+		}
+	}
+
+	/**
+	 * @param $database
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database)
+	{
+		$requestId = WebRequest::getInt('request');
+		if ($requestId === null) {
+			throw new ApplicationLogicException('Request ID not found');
+		}
+
+		/** @var Request $request */
+		$request = Request::getById($requestId, $database);
+
+		if ($request === false) {
+			throw new ApplicationLogicException('Request not found');
+		}
+
+		return $request;
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return EmailTemplate|null
+	 */
+	protected function getTemplate(PdoDatabase $database)
+	{
+		$templateId = WebRequest::getInt('template');
+		if ($templateId === null) {
+			return null;
+		}
+
+		/** @var EmailTemplate $template */
+		$template = EmailTemplate::getById($templateId, $database);
+		if ($template === false || !$template->getActive()) {
+			return null;
+		}
+
+		return $template;
+	}
+
+	/**
+	 * @param $database
+	 * @param $request
+	 *
+	 * @throws Exception
+	 */
+	protected function showCustomCloseForm(PdoDatabase $database, Request $request)
+	{
+		$currentUser = User::getCurrent($database);
+		$config = $this->getSiteConfiguration();
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+		if (!$allowedPrivateData) {
+			// we probably shouldn't be showing the user this form if they're not allowed to access private data...
+			throw new AccessDeniedException($this->getSecurityManager());
+		}
+
+		$template = $this->getTemplate($database);
+
+		// Preload data
+		$this->assign('defaultAction', '');
+		$this->assign('preloadText', '');
+		$this->assign('preloadTitle', '');
+
+		if ($template !== null) {
+			$this->assign('defaultAction', $template->getDefaultAction());
+			$this->assign('preloadText', $template->getText());
+			$this->assign('preloadTitle', $template->getName());
+		}
+
+		// Static data
+		$this->assign('requeststates', $config->getRequestStates());
+
+		// request data
+		$this->assign('requestId', $request->getIp());
+		$this->assign('updateVersion', $request->getUpdateVersion());
+		$this->setupBasicData($request, $config);
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
+
+		// IP location
+		$trustedIp = $this->getXffTrustProvider()->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+		$this->assign('iplocation', $this->getLocationProvider()->getIpLocation($trustedIp));
+
+		// Confirmations
+		$this->assign('confirmEmailAlreadySent', $this->checkEmailAlreadySent($request));
+
+		$this->assign('canSkipCcMailingList', $this->barrierTest('skipCcMailingList', $currentUser));
+
+		$this->assign('allowWelcomeSkip', false);
+		$this->assign('forceWelcomeSkip', false);
+
+		$oauth = new OAuthUserHelper($currentUser, $this->getDatabase(), $this->getOAuthProtocolHelper(), $config);
+
+		if ($currentUser->getWelcomeTemplate() != 0) {
+			$this->assign('allowWelcomeSkip', true);
+
+			if (!$oauth->canWelcome()) {
+				$this->assign('forceWelcomeSkip', true);
+			}
+		}
+
+
+		// template
+		$this->setTemplate('custom-close.tpl');
+	}
+
+	/**
+	 * @param User        $currentUser
+	 * @param Request     $request
+	 * @param PdoDatabase $database
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function doCustomClose(User $currentUser, Request $request, PdoDatabase $database)
+	{
+		$messageBody = WebRequest::postString('msgbody');
+		if ($messageBody === null || trim($messageBody) === '') {
+			throw new ApplicationLogicException('Message body cannot be blank');
+		}
+
+		$ccMailingList = true;
+		if ($this->barrierTest('skipCcMailingList', $currentUser)) {
+			$ccMailingList = WebRequest::postBoolean('ccMailingList');
+		}
+
+		if ($request->getStatus() === 'Closed') {
+			throw new ApplicationLogicException('Request is already closed');
+		}
+
+		if (!(WebRequest::postBoolean('confirmEmailAlreadySent'))
+		) {
+			throw new ApplicationLogicException('Not all confirmations checked');
+		}
+
+		$action = WebRequest::postString('action');
+		$availableRequestStates = $this->getSiteConfiguration()->getRequestStates();
+
+		if ($action === EmailTemplate::CREATED || $action === EmailTemplate::NOT_CREATED) {
+			// Close request
+			$this->closeRequest($request, $database, $action, $messageBody);
+
+			$this->processWelcome($action);
+
+			// Send the mail after the save, since save can be rolled back
+			$this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
+		}
+		else {
+			if (array_key_exists($action, $availableRequestStates)) {
+				// Defer to other state
+				$this->deferRequest($request, $database, $action, $availableRequestStates, $messageBody);
+
+				// Send the mail after the save, since save can be rolled back
+				$this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
+			}
+			else {
+				$request->setReserved(null);
+				$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+				$request->save();
+
+				// Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE
+				// and be rolled back.
+
+				// Send mail
+				$this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
+
+				Logger::sentMail($database, $request, $messageBody);
+				Logger::unreserve($database, $request);
+
+				$this->getNotificationHelper()->sentMail($request);
+				SessionAlert::success("Sent mail to Request {$request->getId()}");
+			}
+		}
+	}
+
+	/**
+	 * @param Request     $request
+	 * @param PdoDatabase $database
+	 * @param string      $action
+	 * @param string      $messageBody
+	 *
+	 * @throws Exception
+	 * @throws OptimisticLockFailedException
+	 */
+	protected function closeRequest(Request $request, PdoDatabase $database, $action, $messageBody)
+	{
+		$request->setStatus('Closed');
+		$request->setReserved(null);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+		$request->save();
+
+		// Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and
+		// be rolled back.
+
+		if ($action == EmailTemplate::CREATED) {
+			$logCloseType = 'custom-y';
+			$notificationCloseType = "Custom, Created";
+		}
+		else {
+			$logCloseType = 'custom-n';
+			$notificationCloseType = "Custom, Not Created";
+		}
+
+		Logger::closeRequest($database, $request, $logCloseType, $messageBody);
+		$this->getNotificationHelper()->requestClosed($request, $notificationCloseType);
+
+		$requestName = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
+		SessionAlert::success("Request {$request->getId()} ({$requestName}) closed as {$notificationCloseType}.");
+	}
+
+	/**
+	 * @param Request     $request
+	 * @param PdoDatabase $database
+	 * @param string      $action
+	 * @param             $availableRequestStates
+	 * @param string      $messageBody
+	 *
+	 * @throws Exception
+	 * @throws OptimisticLockFailedException
+	 */
+	protected function deferRequest(
+		Request $request,
+		PdoDatabase $database,
+		$action,
+		$availableRequestStates,
+		$messageBody
+	) {
+		$request->setStatus($action);
+		$request->setReserved(null);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+		$request->save();
+
+		// Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE
+		// and be rolled back.
+
+		$deferToLog = $availableRequestStates[$action]['defertolog'];
+		Logger::sentMail($database, $request, $messageBody);
+		Logger::deferRequest($database, $request, $deferToLog);
+
+		$this->getNotificationHelper()->requestDeferredWithMail($request);
+
+		$deferTo = $availableRequestStates[$action]['deferto'];
+		SessionAlert::success("Request {$request->getId()} deferred to $deferTo, sending an email.");
+	}
 }

includes/Pages/RequestAction/PageCreateRequest.php

Indentation +149 added lines, -149 removed lines

@@ -33,153 +33,153 @@
  */
 class PageCreateRequest extends RequestActionBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     * @throws AccessDeniedException
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        $this->checkPosted();
-
-        $database = $this->getDatabase();
-
-        $request = $this->getRequest($database);
-        $template = $this->getTemplate($database);
-        $creationMode = $this->getCreationMode();
-        $user = User::getCurrent($database);
-
-        $secMgr = $this->getSecurityManager();
-        if ($secMgr->allows('RequestCreation', User::CREATION_BOT, $user) !== SecurityManager::ALLOWED
-            && $creationMode === 'bot'
-        ) {
-            throw new AccessDeniedException($secMgr);
-        }
-        elseif ($secMgr->allows('RequestCreation', User::CREATION_OAUTH, $user) !== SecurityManager::ALLOWED
-            && $creationMode === 'oauth'
-        ) {
-            throw new AccessDeniedException($secMgr);
-        }
-
-        if ($request->getEmailSent()) {
-            throw new ApplicationLogicException('This requester has already had an email sent to them. Please fall back to manual creation');
-        }
-
-        $request->setStatus(RequestStatus::JOBQUEUE);
-        $request->setReserved(null);
-        $request->save();
-
-        Logger::enqueuedJobQueue($database, $request);
-
-        $creationTaskId = $this->enqueueCreationTask($creationMode, $request, $template, $user, $database);
-
-        if ($user->getWelcomeTemplate() !== null && !WebRequest::postBoolean('skipAutoWelcome')) {
-            $this->enqueueWelcomeTask($request, $creationTaskId, $user, $database);
-        }
-
-        $this->getNotificationHelper()->requestCloseQueued($request, $template->getName());
-
-        SessionAlert::success("Request {$request->getId()} has been queued for autocreation");
-
-        $this->redirect();
-    }
-
-    protected function getCreationMode()
-    {
-        $creationMode = WebRequest::postString('mode');
-        if ($creationMode !== 'oauth' && $creationMode !== 'bot') {
-            throw new ApplicationLogicException('Unknown creation mode');
-        }
-
-        return $creationMode;
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return EmailTemplate
-     * @throws ApplicationLogicException
-     */
-    protected function getTemplate(PdoDatabase $database)
-    {
-        $templateId = WebRequest::postInt('template');
-        if ($templateId === null) {
-            throw new ApplicationLogicException('No template specified');
-        }
-
-        /** @var EmailTemplate $template */
-        $template = EmailTemplate::getById($templateId, $database);
-        if ($template === false || !$template->getActive()) {
-            throw new ApplicationLogicException('Invalid or inactive template specified');
-        }
-
-        if ($template->getDefaultAction() !== EmailTemplate::CREATED) {
-            throw new ApplicationLogicException('Specified template is not a creation template!');
-        }
-
-        return $template;
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database)
-    {
-        $request = parent::getRequest($database);
-
-        if ($request->getStatus() == RequestStatus::CLOSED) {
-            throw new ApplicationLogicException('Request is already closed');
-        }
-
-        return $request;
-    }
-
-    /**
-     * @param               $creationMode
-     * @param Request       $request
-     * @param EmailTemplate $template
-     * @param User          $user
-     *
-     * @param PdoDatabase   $database
-     *
-     * @return int
-     * @throws ApplicationLogicException
-     */
-    protected function enqueueCreationTask(
-        $creationMode,
-        Request $request,
-        EmailTemplate $template,
-        User $user,
-        PdoDatabase $database
-    ) {
-        $creationTaskClass = null;
-
-        if ($creationMode == "oauth") {
-            $creationTaskClass = UserCreationTask::class;
-        }
-
-        if ($creationMode == "bot") {
-            $creationTaskClass = BotCreationTask::class;
-        }
-
-        if ($creationTaskClass === null) {
-            throw new ApplicationLogicException('Cannot determine creation mode');
-        }
-
-        $creationTask = new JobQueue();
-        $creationTask->setTask($creationTaskClass);
-        $creationTask->setRequest($request->getId());
-        $creationTask->setEmailTemplate($template->getId());
-        $creationTask->setTriggerUserId($user->getId());
-        $creationTask->setDatabase($database);
-        $creationTask->save();
-
-        $creationTaskId = $creationTask->getId();
-
-        return $creationTaskId;
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 * @throws AccessDeniedException
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		$this->checkPosted();
+
+		$database = $this->getDatabase();
+
+		$request = $this->getRequest($database);
+		$template = $this->getTemplate($database);
+		$creationMode = $this->getCreationMode();
+		$user = User::getCurrent($database);
+
+		$secMgr = $this->getSecurityManager();
+		if ($secMgr->allows('RequestCreation', User::CREATION_BOT, $user) !== SecurityManager::ALLOWED
+			&& $creationMode === 'bot'
+		) {
+			throw new AccessDeniedException($secMgr);
+		}
+		elseif ($secMgr->allows('RequestCreation', User::CREATION_OAUTH, $user) !== SecurityManager::ALLOWED
+			&& $creationMode === 'oauth'
+		) {
+			throw new AccessDeniedException($secMgr);
+		}
+
+		if ($request->getEmailSent()) {
+			throw new ApplicationLogicException('This requester has already had an email sent to them. Please fall back to manual creation');
+		}
+
+		$request->setStatus(RequestStatus::JOBQUEUE);
+		$request->setReserved(null);
+		$request->save();
+
+		Logger::enqueuedJobQueue($database, $request);
+
+		$creationTaskId = $this->enqueueCreationTask($creationMode, $request, $template, $user, $database);
+
+		if ($user->getWelcomeTemplate() !== null && !WebRequest::postBoolean('skipAutoWelcome')) {
+			$this->enqueueWelcomeTask($request, $creationTaskId, $user, $database);
+		}
+
+		$this->getNotificationHelper()->requestCloseQueued($request, $template->getName());
+
+		SessionAlert::success("Request {$request->getId()} has been queued for autocreation");
+
+		$this->redirect();
+	}
+
+	protected function getCreationMode()
+	{
+		$creationMode = WebRequest::postString('mode');
+		if ($creationMode !== 'oauth' && $creationMode !== 'bot') {
+			throw new ApplicationLogicException('Unknown creation mode');
+		}
+
+		return $creationMode;
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return EmailTemplate
+	 * @throws ApplicationLogicException
+	 */
+	protected function getTemplate(PdoDatabase $database)
+	{
+		$templateId = WebRequest::postInt('template');
+		if ($templateId === null) {
+			throw new ApplicationLogicException('No template specified');
+		}
+
+		/** @var EmailTemplate $template */
+		$template = EmailTemplate::getById($templateId, $database);
+		if ($template === false || !$template->getActive()) {
+			throw new ApplicationLogicException('Invalid or inactive template specified');
+		}
+
+		if ($template->getDefaultAction() !== EmailTemplate::CREATED) {
+			throw new ApplicationLogicException('Specified template is not a creation template!');
+		}
+
+		return $template;
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database)
+	{
+		$request = parent::getRequest($database);
+
+		if ($request->getStatus() == RequestStatus::CLOSED) {
+			throw new ApplicationLogicException('Request is already closed');
+		}
+
+		return $request;
+	}
+
+	/**
+	 * @param               $creationMode
+	 * @param Request       $request
+	 * @param EmailTemplate $template
+	 * @param User          $user
+	 *
+	 * @param PdoDatabase   $database
+	 *
+	 * @return int
+	 * @throws ApplicationLogicException
+	 */
+	protected function enqueueCreationTask(
+		$creationMode,
+		Request $request,
+		EmailTemplate $template,
+		User $user,
+		PdoDatabase $database
+	) {
+		$creationTaskClass = null;
+
+		if ($creationMode == "oauth") {
+			$creationTaskClass = UserCreationTask::class;
+		}
+
+		if ($creationMode == "bot") {
+			$creationTaskClass = BotCreationTask::class;
+		}
+
+		if ($creationTaskClass === null) {
+			throw new ApplicationLogicException('Cannot determine creation mode');
+		}
+
+		$creationTask = new JobQueue();
+		$creationTask->setTask($creationTaskClass);
+		$creationTask->setRequest($request->getId());
+		$creationTask->setEmailTemplate($template->getId());
+		$creationTask->setTriggerUserId($user->getId());
+		$creationTask->setDatabase($database);
+		$creationTask->save();
+
+		$creationTaskId = $creationTask->getId();
+
+		return $creationTaskId;
+	}
 }

includes/Pages/RequestAction/PageDeferRequest.php

Indentation +67 added lines, -67 removed lines

@@ -20,71 +20,71 @@
 
 class PageDeferRequest extends RequestActionBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        $this->checkPosted();
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database);
-        $currentUser = User::getCurrent($database);
-
-        $target = WebRequest::postString('target');
-        $requestStates = $this->getSiteConfiguration()->getRequestStates();
-
-        if (!array_key_exists($target, $requestStates)) {
-            throw new ApplicationLogicException('Defer target not valid');
-        }
-
-        if ($request->getStatus() == $target) {
-            SessionAlert::warning('This request is already in the specified queue.');
-            $this->redirect('viewRequest', null, array('id' => $request->getId()));
-
-            return;
-        }
-
-        $closureDate = $request->getClosureDate();
-        $date = new DateTime();
-        $date->modify("-7 days");
-        $oneweek = $date->format("Y-m-d H:i:s");
-
-
-        if ($request->getStatus() == "Closed" && $closureDate < $oneweek) {
-            if (!$this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')) {
-                throw new ApplicationLogicException(
-                    "You are not allowed to re-open a request that has been closed for over a week.");
-            }
-        }
-
-        if ($request->getStatus() === RequestStatus::JOBQUEUE) {
-            /** @var JobQueue[] $pendingJobs */
-            $pendingJobs = JobQueueSearchHelper::get($database)->byRequest($request->getId())->statusIn([
-                JobQueue::STATUS_READY,
-                JobQueue::STATUS_WAITING,
-            ])->fetch();
-
-            foreach ($pendingJobs as $job) {
-                $job->setStatus(JobQueue::STATUS_CANCELLED);
-                $job->setError('Cancelled by request deferral');
-                $job->save();
-            }
-        }
-
-        $request->setReserved(null);
-        $request->setStatus($target);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-        $request->save();
-
-        $deto = $requestStates[$target]['deferto'];
-        $detolog = $requestStates[$target]['defertolog'];
-
-        Logger::deferRequest($database, $request, $detolog);
-
-        $this->getNotificationHelper()->requestDeferred($request);
-        SessionAlert::success("Request {$request->getId()} deferred to {$deto}");
-
-        $this->redirect();
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		$this->checkPosted();
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database);
+		$currentUser = User::getCurrent($database);
+
+		$target = WebRequest::postString('target');
+		$requestStates = $this->getSiteConfiguration()->getRequestStates();
+
+		if (!array_key_exists($target, $requestStates)) {
+			throw new ApplicationLogicException('Defer target not valid');
+		}
+
+		if ($request->getStatus() == $target) {
+			SessionAlert::warning('This request is already in the specified queue.');
+			$this->redirect('viewRequest', null, array('id' => $request->getId()));
+
+			return;
+		}
+
+		$closureDate = $request->getClosureDate();
+		$date = new DateTime();
+		$date->modify("-7 days");
+		$oneweek = $date->format("Y-m-d H:i:s");
+
+
+		if ($request->getStatus() == "Closed" && $closureDate < $oneweek) {
+			if (!$this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')) {
+				throw new ApplicationLogicException(
+					"You are not allowed to re-open a request that has been closed for over a week.");
+			}
+		}
+
+		if ($request->getStatus() === RequestStatus::JOBQUEUE) {
+			/** @var JobQueue[] $pendingJobs */
+			$pendingJobs = JobQueueSearchHelper::get($database)->byRequest($request->getId())->statusIn([
+				JobQueue::STATUS_READY,
+				JobQueue::STATUS_WAITING,
+			])->fetch();
+
+			foreach ($pendingJobs as $job) {
+				$job->setStatus(JobQueue::STATUS_CANCELLED);
+				$job->setError('Cancelled by request deferral');
+				$job->save();
+			}
+		}
+
+		$request->setReserved(null);
+		$request->setStatus($target);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+		$request->save();
+
+		$deto = $requestStates[$target]['deferto'];
+		$detolog = $requestStates[$target]['defertolog'];
+
+		Logger::deferRequest($database, $request, $detolog);
+
+		$this->getNotificationHelper()->requestDeferred($request);
+		SessionAlert::success("Request {$request->getId()} deferred to {$deto}");
+
+		$this->redirect();
+	}
 }

includes/Pages/PageViewRequest.php

Indentation +284 added lines, -284 removed lines

@@ -25,288 +25,288 @@
 
 class PageViewRequest extends InternalPageBase
 {
-    use RequestData;
-    const STATUS_SYMBOL_OPEN = '&#x2610';
-    const STATUS_SYMBOL_ACCEPTED = '&#x2611';
-    const STATUS_SYMBOL_REJECTED = '&#x2612';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        // set up csrf protection
-        $this->assignCSRFToken();
-
-        // get some useful objects
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database, WebRequest::getInt('id'));
-        $config = $this->getSiteConfiguration();
-        $currentUser = User::getCurrent($database);
-
-        // Test we should be able to look at this request
-        if ($config->getEmailConfirmationEnabled()) {
-            if ($request->getEmailConfirm() !== 'Confirmed') {
-                // Not allowed to look at this yet.
-                throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
-            }
-        }
-
-        $this->setupBasicData($request, $config);
-
-        $this->setupUsernameData($request);
-
-        $this->setupTitle($request);
-
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupGeneralData($database);
-
-        $this->assign('requestDataCleared', false);
-        if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-            $this->assign('requestDataCleared', true);
-        }
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-
-        $this->setupCreationTypes($currentUser);
-
-        $this->setupLogData($request, $database);
-
-        $this->addJs("/api.php?action=templates&targetVariable=templateconfirms");
-
-        $this->assign('showRevealLink', false);
-        if ($request->getReserved() === $currentUser->getId() ||
-            $this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
-        ) {
-            $this->assign('showRevealLink', true);
-            $this->assign('revealHash', $request->getRevealHash());
-        }
-
-        if ($allowedPrivateData) {
-            $this->setTemplate('view-request/main-with-data.tpl');
-            $this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
-
-            $this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
-
-            if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
-                $this->setTemplate('view-request/main-with-checkuser-data.tpl');
-                $this->setupCheckUserData($request);
-            }
-        }
-        else {
-            $this->setTemplate('view-request/main.tpl');
-        }
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupTitle(Request $request)
-    {
-        $statusSymbol = self::STATUS_SYMBOL_OPEN;
-        if ($request->getStatus() === 'Closed') {
-            if ($request->getWasCreated()) {
-                $statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
-            }
-            else {
-                $statusSymbol = self::STATUS_SYMBOL_REJECTED;
-            }
-        }
-
-        $this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
-    }
-
-    /**
-     * Sets up data unrelated to the request, such as the email template information
-     *
-     * @param PdoDatabase $database
-     */
-    protected function setupGeneralData(PdoDatabase $database)
-    {
-        $config = $this->getSiteConfiguration();
-
-        $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
-
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-
-        $this->assign('requestStates', $config->getRequestStates());
-
-        /** @var EmailTemplate $createdTemplate */
-        $createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
-
-        $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
-        $this->assign('createdId', $createdTemplate->getId());
-        $this->assign('createdName', $createdTemplate->getName());
-
-        $createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("createReasons", $createReasons);
-        $declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("declineReasons", $declineReasons);
-
-        $allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
-        $this->assign("allCreateReasons", $allCreateReasons);
-        $allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
-        $this->assign("allDeclineReasons", $allDeclineReasons);
-        $allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
-        $this->assign("allOtherReasons", $allOtherReasons);
-    }
-
-    private function setupLogData(Request $request, PdoDatabase $database)
-    {
-        $currentUser = User::getCurrent($database);
-
-        $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
-        $requestLogs = array();
-
-        if (trim($request->getComment()) !== "") {
-            $requestLogs[] = array(
-                'type'     => 'comment',
-                'security' => 'user',
-                'userid'   => null,
-                'user'     => $request->getName(),
-                'entry'    => null,
-                'time'     => $request->getDate(),
-                'canedit'  => false,
-                'id'       => $request->getId(),
-                'comment'  => $request->getComment(),
-            );
-        }
-
-        /** @var User[] $nameCache */
-        $nameCache = array();
-
-        $editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
-
-        /** @var Log|Comment $entry */
-        foreach ($logs as $entry) {
-            // both log and comment have a 'user' field
-            if (!array_key_exists($entry->getUser(), $nameCache)) {
-                $entryUser = User::getById($entry->getUser(), $database);
-                $nameCache[$entry->getUser()] = $entryUser;
-            }
-
-            if ($entry instanceof Comment) {
-                $requestLogs[] = array(
-                    'type'     => 'comment',
-                    'security' => $entry->getVisibility(),
-                    'user'     => $nameCache[$entry->getUser()]->getUsername(),
-                    'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'entry'    => null,
-                    'time'     => $entry->getTime(),
-                    'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
-                    'id'       => $entry->getId(),
-                    'comment'  => $entry->getComment(),
-                );
-            }
-
-            if ($entry instanceof Log) {
-                $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
-                $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
-
-                $entryComment = $entry->getComment();
-
-                if($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest'){
-                    $data = unserialize($entry->getComment());
-                    /** @var JobQueue $job */
-                    $job = JobQueue::getById($data['job'], $database);
-                    $requestLogs[] = array(
-                        'type'     => 'joblog',
-                        'security' => 'user',
-                        'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                        'user'     => $entryUser->getUsername(),
-                        'entry'    => LogHelper::getLogDescription($entry),
-                        'time'     => $entry->getTimestamp(),
-                        'canedit'  => false,
-                        'id'       => $entry->getId(),
-                        'jobId'    => $job->getId(),
-                        'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
-                    );
-                } else {
-                    $requestLogs[] = array(
-                        'type'     => 'log',
-                        'security' => 'user',
-                        'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                        'user'     => $entryUser->getUsername(),
-                        'entry'    => LogHelper::getLogDescription($entry),
-                        'time'     => $entry->getTimestamp(),
-                        'canedit'  => false,
-                        'id'       => $entry->getId(),
-                        'comment'  => $entryComment,
-                    );
-                }
-            }
-        }
-
-        $this->addJs("/api.php?action=users&targetVariable=typeaheaddata");
-
-        $this->assign("requestLogs", $requestLogs);
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupUsernameData(Request $request)
-    {
-        $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
-
-        $this->assign('requestIsBlacklisted', $blacklistData !== false);
-        $this->assign('requestBlacklist', $blacklistData);
-
-        try {
-            $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
-        }
-        catch (Exception $ex) {
-            $spoofs = $ex->getMessage();
-        }
-
-        $this->assign("spoofs", $spoofs);
-    }
-
-    private function setupCreationTypes(User $user)
-    {
-        $this->assign('allowWelcomeSkip', false);
-        $this->assign('forceWelcomeSkip', false);
-
-        $oauth = new OAuthUserHelper($user, $this->getDatabase(), $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
-
-        if ($user->getWelcomeTemplate() != 0) {
-            $this->assign('allowWelcomeSkip', true);
-
-            if (!$oauth->canWelcome()) {
-                $this->assign('forceWelcomeSkip', true);
-            }
-        }
-
-        // test credentials
-        $canManualCreate = $this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation');
-        $canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation');
-        $canBotCreate = $this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation');
-
-        $this->assign('canManualCreate', $canManualCreate);
-        $this->assign('canOauthCreate', $canOauthCreate);
-        $this->assign('canBotCreate', $canBotCreate);
-
-        // show/hide the type radio buttons
-        $creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1;
-
-        if (!$this->barrierTest($user->getCreationMode(), $user, 'RequestCreation')) {
-            // user is not allowed to use their default. Force a choice.
-            $creationHasChoice = true;
-        }
-
-        $this->assign('creationHasChoice', $creationHasChoice);
-
-        // determine problems in creation types
-        $this->assign('botProblem', false);
-        if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) {
-            $this->assign('botProblem', true);
-        }
-
-        $this->assign('oauthProblem', false);
-        if ($canOauthCreate && !$oauth->canCreateAccount()) {
-            $this->assign('oauthProblem', true);
-        }
-    }
+	use RequestData;
+	const STATUS_SYMBOL_OPEN = '&#x2610';
+	const STATUS_SYMBOL_ACCEPTED = '&#x2611';
+	const STATUS_SYMBOL_REJECTED = '&#x2612';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		// set up csrf protection
+		$this->assignCSRFToken();
+
+		// get some useful objects
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database, WebRequest::getInt('id'));
+		$config = $this->getSiteConfiguration();
+		$currentUser = User::getCurrent($database);
+
+		// Test we should be able to look at this request
+		if ($config->getEmailConfirmationEnabled()) {
+			if ($request->getEmailConfirm() !== 'Confirmed') {
+				// Not allowed to look at this yet.
+				throw new ApplicationLogicException('The email address has not yet been confirmed for this request.');
+			}
+		}
+
+		$this->setupBasicData($request, $config);
+
+		$this->setupUsernameData($request);
+
+		$this->setupTitle($request);
+
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupGeneralData($database);
+
+		$this->assign('requestDataCleared', false);
+		if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+			$this->assign('requestDataCleared', true);
+		}
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+
+		$this->setupCreationTypes($currentUser);
+
+		$this->setupLogData($request, $database);
+
+		$this->addJs("/api.php?action=templates&targetVariable=templateconfirms");
+
+		$this->assign('showRevealLink', false);
+		if ($request->getReserved() === $currentUser->getId() ||
+			$this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
+		) {
+			$this->assign('showRevealLink', true);
+			$this->assign('revealHash', $request->getRevealHash());
+		}
+
+		if ($allowedPrivateData) {
+			$this->setTemplate('view-request/main-with-data.tpl');
+			$this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
+
+			$this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
+
+			if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
+				$this->setTemplate('view-request/main-with-checkuser-data.tpl');
+				$this->setupCheckUserData($request);
+			}
+		}
+		else {
+			$this->setTemplate('view-request/main.tpl');
+		}
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupTitle(Request $request)
+	{
+		$statusSymbol = self::STATUS_SYMBOL_OPEN;
+		if ($request->getStatus() === 'Closed') {
+			if ($request->getWasCreated()) {
+				$statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
+			}
+			else {
+				$statusSymbol = self::STATUS_SYMBOL_REJECTED;
+			}
+		}
+
+		$this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
+	}
+
+	/**
+	 * Sets up data unrelated to the request, such as the email template information
+	 *
+	 * @param PdoDatabase $database
+	 */
+	protected function setupGeneralData(PdoDatabase $database)
+	{
+		$config = $this->getSiteConfiguration();
+
+		$this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
+
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+
+		$this->assign('requestStates', $config->getRequestStates());
+
+		/** @var EmailTemplate $createdTemplate */
+		$createdTemplate = EmailTemplate::getById($config->getDefaultCreatedTemplateId(), $database);
+
+		$this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
+		$this->assign('createdId', $createdTemplate->getId());
+		$this->assign('createdName', $createdTemplate->getName());
+
+		$createReasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("createReasons", $createReasons);
+		$declineReasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("declineReasons", $declineReasons);
+
+		$allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED, $database);
+		$this->assign("allCreateReasons", $allCreateReasons);
+		$allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED, $database);
+		$this->assign("allDeclineReasons", $allDeclineReasons);
+		$allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database);
+		$this->assign("allOtherReasons", $allOtherReasons);
+	}
+
+	private function setupLogData(Request $request, PdoDatabase $database)
+	{
+		$currentUser = User::getCurrent($database);
+
+		$logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
+		$requestLogs = array();
+
+		if (trim($request->getComment()) !== "") {
+			$requestLogs[] = array(
+				'type'     => 'comment',
+				'security' => 'user',
+				'userid'   => null,
+				'user'     => $request->getName(),
+				'entry'    => null,
+				'time'     => $request->getDate(),
+				'canedit'  => false,
+				'id'       => $request->getId(),
+				'comment'  => $request->getComment(),
+			);
+		}
+
+		/** @var User[] $nameCache */
+		$nameCache = array();
+
+		$editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
+
+		/** @var Log|Comment $entry */
+		foreach ($logs as $entry) {
+			// both log and comment have a 'user' field
+			if (!array_key_exists($entry->getUser(), $nameCache)) {
+				$entryUser = User::getById($entry->getUser(), $database);
+				$nameCache[$entry->getUser()] = $entryUser;
+			}
+
+			if ($entry instanceof Comment) {
+				$requestLogs[] = array(
+					'type'     => 'comment',
+					'security' => $entry->getVisibility(),
+					'user'     => $nameCache[$entry->getUser()]->getUsername(),
+					'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'entry'    => null,
+					'time'     => $entry->getTime(),
+					'canedit'  => ($editableComments || $entry->getUser() == $currentUser->getId()),
+					'id'       => $entry->getId(),
+					'comment'  => $entry->getComment(),
+				);
+			}
+
+			if ($entry instanceof Log) {
+				$invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
+				$entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
+
+				$entryComment = $entry->getComment();
+
+				if($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest'){
+					$data = unserialize($entry->getComment());
+					/** @var JobQueue $job */
+					$job = JobQueue::getById($data['job'], $database);
+					$requestLogs[] = array(
+						'type'     => 'joblog',
+						'security' => 'user',
+						'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+						'user'     => $entryUser->getUsername(),
+						'entry'    => LogHelper::getLogDescription($entry),
+						'time'     => $entry->getTimestamp(),
+						'canedit'  => false,
+						'id'       => $entry->getId(),
+						'jobId'    => $job->getId(),
+						'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
+					);
+				} else {
+					$requestLogs[] = array(
+						'type'     => 'log',
+						'security' => 'user',
+						'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+						'user'     => $entryUser->getUsername(),
+						'entry'    => LogHelper::getLogDescription($entry),
+						'time'     => $entry->getTimestamp(),
+						'canedit'  => false,
+						'id'       => $entry->getId(),
+						'comment'  => $entryComment,
+					);
+				}
+			}
+		}
+
+		$this->addJs("/api.php?action=users&targetVariable=typeaheaddata");
+
+		$this->assign("requestLogs", $requestLogs);
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupUsernameData(Request $request)
+	{
+		$blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
+
+		$this->assign('requestIsBlacklisted', $blacklistData !== false);
+		$this->assign('requestBlacklist', $blacklistData);
+
+		try {
+			$spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
+		}
+		catch (Exception $ex) {
+			$spoofs = $ex->getMessage();
+		}
+
+		$this->assign("spoofs", $spoofs);
+	}
+
+	private function setupCreationTypes(User $user)
+	{
+		$this->assign('allowWelcomeSkip', false);
+		$this->assign('forceWelcomeSkip', false);
+
+		$oauth = new OAuthUserHelper($user, $this->getDatabase(), $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
+
+		if ($user->getWelcomeTemplate() != 0) {
+			$this->assign('allowWelcomeSkip', true);
+
+			if (!$oauth->canWelcome()) {
+				$this->assign('forceWelcomeSkip', true);
+			}
+		}
+
+		// test credentials
+		$canManualCreate = $this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation');
+		$canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation');
+		$canBotCreate = $this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation');
+
+		$this->assign('canManualCreate', $canManualCreate);
+		$this->assign('canOauthCreate', $canOauthCreate);
+		$this->assign('canBotCreate', $canBotCreate);
+
+		// show/hide the type radio buttons
+		$creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1;
+
+		if (!$this->barrierTest($user->getCreationMode(), $user, 'RequestCreation')) {
+			// user is not allowed to use their default. Force a choice.
+			$creationHasChoice = true;
+		}
+
+		$this->assign('creationHasChoice', $creationHasChoice);
+
+		// determine problems in creation types
+		$this->assign('botProblem', false);
+		if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) {
+			$this->assign('botProblem', true);
+		}
+
+		$this->assign('oauthProblem', false);
+		if ($canOauthCreate && !$oauth->canCreateAccount()) {
+			$this->assign('oauthProblem', true);
+		}
+	}
 }

includes/Pages/PageWelcomeTemplateManagement.php

Indentation +171 added lines, -171 removed lines

@@ -19,223 +19,223 @@
 
 class PageWelcomeTemplateManagement extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $templateList = WelcomeTemplate::getAll($this->getDatabase());
-
-        $this->assignCSRFToken();
-
-        $user = User::getCurrent($this->getDatabase());
-        $this->assign('canEdit', $this->barrierTest('edit', $user));
-        $this->assign('canAdd', $this->barrierTest('add', $user));
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$templateList = WelcomeTemplate::getAll($this->getDatabase());
+
+		$this->assignCSRFToken();
+
+		$user = User::getCurrent($this->getDatabase());
+		$this->assign('canEdit', $this->barrierTest('edit', $user));
+		$this->assign('canAdd', $this->barrierTest('add', $user));
 
-        $this->assign('templateList', $templateList);
-        $this->setTemplate('welcome-template/list.tpl');
-    }
+		$this->assign('templateList', $templateList);
+		$this->setTemplate('welcome-template/list.tpl');
+	}
 
-    /**
-     * Handles the requests for selecting a template to use.
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function select()
-    {
-        // get rid of GETs
-        if (!WebRequest::wasPosted()) {
-            $this->redirect('welcomeTemplates');
-        }
-
-        $this->validateCSRFToken();
-
-        $user = User::getCurrent($this->getDatabase());
-
-        if (WebRequest::postBoolean('disable')) {
-            $user->setWelcomeTemplate(null);
-            $user->save();
-
-            SessionAlert::success('Disabled automatic user welcoming.');
-            $this->redirect('welcomeTemplates');
-
-            return;
-        }
-
-        $database = $this->getDatabase();
+	/**
+	 * Handles the requests for selecting a template to use.
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function select()
+	{
+		// get rid of GETs
+		if (!WebRequest::wasPosted()) {
+			$this->redirect('welcomeTemplates');
+		}
+
+		$this->validateCSRFToken();
+
+		$user = User::getCurrent($this->getDatabase());
+
+		if (WebRequest::postBoolean('disable')) {
+			$user->setWelcomeTemplate(null);
+			$user->save();
+
+			SessionAlert::success('Disabled automatic user welcoming.');
+			$this->redirect('welcomeTemplates');
+
+			return;
+		}
+
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::postInt('template');
-        /** @var false|WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		$templateId = WebRequest::postInt('template');
+		/** @var false|WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false || $template->isDeleted()) {
-            throw new ApplicationLogicException('Unknown template');
-        }
+		if ($template === false || $template->isDeleted()) {
+			throw new ApplicationLogicException('Unknown template');
+		}
 
-        $user->setWelcomeTemplate($template->getId());
-        $user->save();
+		$user->setWelcomeTemplate($template->getId());
+		$user->save();
 
-        SessionAlert::success("Updated selected welcome template for automatic welcoming.");
+		SessionAlert::success("Updated selected welcome template for automatic welcoming.");
 
-        $this->redirect('welcomeTemplates');
-    }
+		$this->redirect('welcomeTemplates');
+	}
 
-    /**
-     * Handles the requests for viewing a template.
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function view()
-    {
-        $database = $this->getDatabase();
+	/**
+	 * Handles the requests for viewing a template.
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function view()
+	{
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::getInt('template');
+		$templateId = WebRequest::getInt('template');
 
-        /** @var WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		/** @var WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
+		if ($template === false) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
 
-        $templateHtml = $this->getWikiTextHelper()->getHtmlForWikiText($template->getBotCode());
+		$templateHtml = $this->getWikiTextHelper()->getHtmlForWikiText($template->getBotCode());
 
-        $this->assign('templateHtml', $templateHtml);
-        $this->assign('template', $template);
-        $this->setTemplate('welcome-template/view.tpl');
-    }
+		$this->assign('templateHtml', $templateHtml);
+		$this->assign('template', $template);
+		$this->setTemplate('welcome-template/view.tpl');
+	}
 
-    /**
-     * Handler for the add action to create a new welcome template
-     *
-     * @throws Exception
-     */
-    protected function add()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $database = $this->getDatabase();
+	/**
+	 * Handler for the add action to create a new welcome template
+	 *
+	 * @throws Exception
+	 */
+	protected function add()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$database = $this->getDatabase();
 
-            $userCode = WebRequest::postString('usercode');
-            $botCode = WebRequest::postString('botcode');
+			$userCode = WebRequest::postString('usercode');
+			$botCode = WebRequest::postString('botcode');
 
-            $this->validate($userCode, $botCode);
+			$this->validate($userCode, $botCode);
 
-            $template = new WelcomeTemplate();
-            $template->setDatabase($database);
-            $template->setUserCode($userCode);
-            $template->setBotCode($botCode);
-            $template->save();
+			$template = new WelcomeTemplate();
+			$template->setDatabase($database);
+			$template->setUserCode($userCode);
+			$template->setBotCode($botCode);
+			$template->save();
 
-            Logger::welcomeTemplateCreated($database, $template);
+			Logger::welcomeTemplateCreated($database, $template);
 
-            $this->getNotificationHelper()->welcomeTemplateCreated($template);
+			$this->getNotificationHelper()->welcomeTemplateCreated($template);
 
-            SessionAlert::success("Template successfully created.");
+			SessionAlert::success("Template successfully created.");
 
-            $this->redirect('welcomeTemplates');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate("welcome-template/add.tpl");
-        }
-    }
+			$this->redirect('welcomeTemplates');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate("welcome-template/add.tpl");
+		}
+	}
 
-    /**
-     * Handler for editing templates
-     */
-    protected function edit()
-    {
-        $database = $this->getDatabase();
+	/**
+	 * Handler for editing templates
+	 */
+	protected function edit()
+	{
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::getInt('template');
+		$templateId = WebRequest::getInt('template');
 
-        /** @var WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		/** @var WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
+		if ($template === false) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
 
-        if ($template->isDeleted()) {
-            throw new ApplicationLogicException('The specified template has been deleted');
-        }
+		if ($template->isDeleted()) {
+			throw new ApplicationLogicException('The specified template has been deleted');
+		}
 
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
 
-            $userCode = WebRequest::postString('usercode');
-            $botCode = WebRequest::postString('botcode');
+			$userCode = WebRequest::postString('usercode');
+			$botCode = WebRequest::postString('botcode');
 
-            $this->validate($userCode, $botCode);
+			$this->validate($userCode, $botCode);
 
-            $template->setUserCode($userCode);
-            $template->setBotCode($botCode);
-            $template->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $template->save();
+			$template->setUserCode($userCode);
+			$template->setBotCode($botCode);
+			$template->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$template->save();
 
-            Logger::welcomeTemplateEdited($database, $template);
+			Logger::welcomeTemplateEdited($database, $template);
 
-            SessionAlert::success("Template updated.");
+			SessionAlert::success("Template updated.");
 
-            $this->getNotificationHelper()->welcomeTemplateEdited($template);
+			$this->getNotificationHelper()->welcomeTemplateEdited($template);
 
-            $this->redirect('welcomeTemplates');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('template', $template);
-            $this->setTemplate('welcome-template/edit.tpl');
-        }
-    }
+			$this->redirect('welcomeTemplates');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('template', $template);
+			$this->setTemplate('welcome-template/edit.tpl');
+		}
+	}
 
-    protected function delete()
-    {
-        $this->redirect('welcomeTemplates');
+	protected function delete()
+	{
+		$this->redirect('welcomeTemplates');
 
-        if (!WebRequest::wasPosted()) {
-            return;
-        }
+		if (!WebRequest::wasPosted()) {
+			return;
+		}
 
-        $this->validateCSRFToken();
+		$this->validateCSRFToken();
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        $templateId = WebRequest::postInt('template');
-        $updateVersion = WebRequest::postInt('updateversion');
+		$templateId = WebRequest::postInt('template');
+		$updateVersion = WebRequest::postInt('updateversion');
 
-        /** @var WelcomeTemplate $template */
-        $template = WelcomeTemplate::getById($templateId, $database);
+		/** @var WelcomeTemplate $template */
+		$template = WelcomeTemplate::getById($templateId, $database);
 
-        if ($template === false || $template->isDeleted()) {
-            throw new ApplicationLogicException('Cannot find requested template');
-        }
+		if ($template === false || $template->isDeleted()) {
+			throw new ApplicationLogicException('Cannot find requested template');
+		}
 
-        // set the update version to the version sent by the client (optimisticly lock from initial page load)
-        $template->setUpdateVersion($updateVersion);
+		// set the update version to the version sent by the client (optimisticly lock from initial page load)
+		$template->setUpdateVersion($updateVersion);
 
-        $database
-            ->prepare("UPDATE user SET welcome_template = NULL WHERE welcome_template = :id;")
-            ->execute(array(":id" => $templateId));
+		$database
+			->prepare("UPDATE user SET welcome_template = NULL WHERE welcome_template = :id;")
+			->execute(array(":id" => $templateId));
 
-        Logger::welcomeTemplateDeleted($database, $template);
+		Logger::welcomeTemplateDeleted($database, $template);
 
-        $template->delete();
+		$template->delete();
 
-        SessionAlert::success(
-            "Template deleted. Any users who were using this template have had automatic welcoming disabled.");
-        $this->getNotificationHelper()->welcomeTemplateDeleted($templateId);
-    }
+		SessionAlert::success(
+			"Template deleted. Any users who were using this template have had automatic welcoming disabled.");
+		$this->getNotificationHelper()->welcomeTemplateDeleted($templateId);
+	}
 
-    private function validate($userCode, $botCode)
-    {
-        if ($userCode === null) {
-            throw new ApplicationLogicException('User code cannot be null');
-        }
+	private function validate($userCode, $botCode)
+	{
+		if ($userCode === null) {
+			throw new ApplicationLogicException('User code cannot be null');
+		}
 
-        if ($botCode === null) {
-            throw new ApplicationLogicException('Bot code cannot be null');
-        }
-    }
+		if ($botCode === null) {
+			throw new ApplicationLogicException('Bot code cannot be null');
+		}
+	}
 }

includes/Pages/Page404.php

Indentation +15 added lines, -15 removed lines

@@ -12,21 +12,21 @@
 
 class Page404 extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no actions are called.
-     */
-    protected function main()
-    {
-        if (!headers_sent()) {
-            header("HTTP/1.1 404 Not Found");
-        }
+	/**
+	 * Main function for this page, when no actions are called.
+	 */
+	protected function main()
+	{
+		if (!headers_sent()) {
+			header("HTTP/1.1 404 Not Found");
+		}
 
-        $this->skipAlerts();
-        $this->setTemplate("404.tpl");
-    }
+		$this->skipAlerts();
+		$this->setTemplate("404.tpl");
+	}
 
-    protected function isProtectedPage()
-    {
-        return false;
-    }
+	protected function isProtectedPage()
+	{
+		return false;
+	}
 }

includes/Pages/PageUserManagement.php

Indentation +561 added lines, -561 removed lines

@@ -24,565 +24,565 @@
  */
 class PageUserManagement extends InternalPageBase
 {
-    /** @var string */
-    private $adminMailingList = 'enwiki-acc-admins@googlegroups.com';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-        $currentUser = User::getCurrent($database);
-
-        $userSearchRequest = WebRequest::getString('usersearch');
-        if ($userSearchRequest !== null) {
-            $searchedUser = User::getByUsername($userSearchRequest, $database);
-            if($searchedUser !== false) {
-                $this->redirect('statistics/users', 'detail', ['user' => $searchedUser->getId()]);
-                return;
-            }
-        }
-
-        // A bit hacky, but it's better than my last solution of creating an object for each user and passing that to
-        // the template. I still don't have a particularly good way of handling this.
-        OAuthUserHelper::prepareTokenCountStatement($database);
-
-        if (WebRequest::getBoolean("showAll")) {
-            $this->assign("showAll", true);
-
-            $suspendedUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_SUSPENDED)->fetch();
-            $this->assign("suspendedUsers", $suspendedUsers);
-
-            $declinedUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_DECLINED)->fetch();
-            $this->assign("declinedUsers", $declinedUsers);
-
-            UserSearchHelper::get($database)->getRoleMap($roleMap);
-        }
-        else {
-            $this->assign("showAll", false);
-            $this->assign("suspendedUsers", array());
-            $this->assign("declinedUsers", array());
-
-            UserSearchHelper::get($database)->statusIn(array('New', 'Active'))->getRoleMap($roleMap);
-        }
-
-        $newUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_NEW)->fetch();
-        $normalUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('user')->fetch();
-        $adminUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('admin')->fetch();
-        $checkUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('checkuser')->fetch();
-        $toolRoots = UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('toolRoot')->fetch();
-        $this->assign('newUsers', $newUsers);
-        $this->assign('normalUsers', $normalUsers);
-        $this->assign('adminUsers', $adminUsers);
-        $this->assign('checkUsers', $checkUsers);
-        $this->assign('toolRoots', $toolRoots);
-
-        $this->assign('roles', $roleMap);
-
-        $this->addJs("/api.php?action=users&all=true&targetVariable=typeaheaddata");
-
-        $this->assign('canApprove', $this->barrierTest('approve', $currentUser));
-        $this->assign('canDecline', $this->barrierTest('decline', $currentUser));
-        $this->assign('canRename', $this->barrierTest('rename', $currentUser));
-        $this->assign('canEditUser', $this->barrierTest('editUser', $currentUser));
-        $this->assign('canSuspend', $this->barrierTest('suspend', $currentUser));
-        $this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser));
-
-        $this->setTemplate("usermanagement/main.tpl");
-    }
-
-    #region Access control
-
-    /**
-     * Action target for editing the roles assigned to a user
-     */
-    protected function editRoles()
-    {
-        $this->setHtmlTitle('User Management');
-        $database = $this->getDatabase();
-        $userId = WebRequest::getInt('user');
-
-        /** @var User $user */
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
-        }
-
-        $roleData = $this->getRoleData(UserRole::getForUser($user->getId(), $database));
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            $reason = WebRequest::postString('reason');
-            if ($reason === false || trim($reason) === '') {
-                throw new ApplicationLogicException('No reason specified for roles change');
-            }
-
-            /** @var UserRole[] $delete */
-            $delete = array();
-            /** @var string[] $delete */
-            $add = array();
-
-            foreach ($roleData as $name => $r) {
-                if ($r['allowEdit'] !== 1) {
-                    // not allowed, to touch this, so ignore it
-                    continue;
-                }
-
-                $newValue = WebRequest::postBoolean('role-' . $name) ? 1 : 0;
-                if ($newValue !== $r['active']) {
-                    if ($newValue === 0) {
-                        $delete[] = $r['object'];
-                    }
-
-                    if ($newValue === 1) {
-                        $add[] = $name;
-                    }
-                }
-            }
-
-            // Check there's something to do
-            if ((count($add) + count($delete)) === 0) {
-                $this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
-                SessionAlert::warning('No changes made to roles.');
-
-                return;
-            }
-
-            $removed = array();
-
-            /** @var UserRole $d */
-            foreach ($delete as $d) {
-                $removed[] = $d->getRole();
-                $d->delete();
-            }
-
-            foreach ($add as $x) {
-                $a = new UserRole();
-                $a->setUser($user->getId());
-                $a->setRole($x);
-                $a->setDatabase($database);
-                $a->save();
-            }
-
-            Logger::userRolesEdited($database, $user, $reason, $add, $removed);
-
-            // dummy save for optimistic locking. If this fails, the entire txn will roll back.
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $user->save();
-
-            $this->getNotificationHelper()->userRolesEdited($user, $reason);
-            SessionAlert::quick('Roles changed for user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
-
-            $this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/roleedit.tpl');
-            $this->assign('user', $user);
-            $this->assign('roleData', $roleData);
-        }
-    }
-
-    /**
-     * Action target for suspending users
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function suspend()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-
-        /** @var User $user */
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to suspend could not be found.');
-        }
-
-        if ($user->isSuspended()) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to suspend is already suspended.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $reason = WebRequest::postString('reason');
-
-            if ($reason === null || trim($reason) === "") {
-                throw new ApplicationLogicException('No reason provided');
-            }
-
-            $user->setStatus(User::STATUS_SUSPENDED);
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $user->save();
-            Logger::suspendedUser($database, $user, $reason);
-
-            $this->getNotificationHelper()->userSuspended($user, $reason);
-            SessionAlert::quick('Suspended user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
-
-            // send email
-            $this->sendStatusChangeEmail(
-                'Your WP:ACC account has been suspended',
-                'usermanagement/emails/suspended.tpl',
-                $reason,
-                $user,
-                User::getCurrent($database)->getUsername()
-            );
-
-            $this->redirect('userManagement');
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/changelevel-reason.tpl');
-            $this->assign('user', $user);
-            $this->assign('status', 'Suspended');
-            $this->assign("showReason", true);
-
-            if (WebRequest::getString('preload')) {
-                $this->assign('preload', WebRequest::getString('preload'));
-            }
-        }
-    }
-
-    /**
-     * Entry point for the decline action
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function decline()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to decline could not be found.');
-        }
-
-        if (!$user->isNewUser()) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to decline is not new.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $reason = WebRequest::postString('reason');
-
-            if ($reason === null || trim($reason) === "") {
-                throw new ApplicationLogicException('No reason provided');
-            }
-
-            $user->setStatus(User::STATUS_DECLINED);
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $user->save();
-            Logger::declinedUser($database, $user, $reason);
-
-            $this->getNotificationHelper()->userDeclined($user, $reason);
-            SessionAlert::quick('Declined user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
-
-            // send email
-            $this->sendStatusChangeEmail(
-                'Your WP:ACC account has been declined',
-                'usermanagement/emails/declined.tpl',
-                $reason,
-                $user,
-                User::getCurrent($database)->getUsername()
-            );
-
-            $this->redirect('userManagement');
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/changelevel-reason.tpl');
-            $this->assign('user', $user);
-            $this->assign('status', 'Declined');
-            $this->assign("showReason", true);
-        }
-    }
-
-    /**
-     * Entry point for the approve action
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function approve()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to approve could not be found.');
-        }
-
-        if ($user->isActive()) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to approve is already an active user.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $user->setStatus(User::STATUS_ACTIVE);
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $user->save();
-            Logger::approvedUser($database, $user);
-
-            $this->getNotificationHelper()->userApproved($user);
-            SessionAlert::quick('Approved user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
-
-            // send email
-            $this->sendStatusChangeEmail(
-                'Your WP:ACC account has been approved',
-                'usermanagement/emails/approved.tpl',
-                null,
-                $user,
-                User::getCurrent($database)->getUsername()
-            );
-
-            $this->redirect("userManagement");
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate("usermanagement/changelevel-reason.tpl");
-            $this->assign("user", $user);
-            $this->assign("status", "Active");
-            $this->assign("showReason", false);
-        }
-    }
-
-    #endregion
-
-    #region Renaming / Editing
-
-    /**
-     * Entry point for the rename action
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function rename()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to rename could not be found.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $newUsername = WebRequest::postString('newname');
-
-            if ($newUsername === null || trim($newUsername) === "") {
-                throw new ApplicationLogicException('The new username cannot be empty');
-            }
-
-            if (User::getByUsername($newUsername, $database) != false) {
-                throw new ApplicationLogicException('The new username already exists');
-            }
-
-            $oldUsername = $user->getUsername();
-            $user->setUsername($newUsername);
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-
-            $user->save();
-
-            $logEntryData = serialize(array(
-                'old' => $oldUsername,
-                'new' => $newUsername,
-            ));
-
-            Logger::renamedUser($database, $user, $logEntryData);
-
-            SessionAlert::quick("Changed User "
-                . htmlentities($oldUsername, ENT_COMPAT, 'UTF-8')
-                . " name to "
-                . htmlentities($newUsername, ENT_COMPAT, 'UTF-8'));
-
-            $this->getNotificationHelper()->userRenamed($user, $oldUsername);
-
-            // send an email to the user.
-            $this->assign('targetUsername', $user->getUsername());
-            $this->assign('toolAdmin', User::getCurrent($database)->getUsername());
-            $this->assign('oldUsername', $oldUsername);
-            $this->assign('mailingList', $this->adminMailingList);
-
-            $this->getEmailHelper()->sendMail(
-                $user->getEmail(),
-                'Your username on WP:ACC has been changed',
-                $this->fetchTemplate('usermanagement/emails/renamed.tpl'),
-                array('Reply-To' => $this->adminMailingList)
-            );
-
-            $this->redirect("userManagement");
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/renameuser.tpl');
-            $this->assign('user', $user);
-        }
-    }
-
-    /**
-     * Entry point for the edit action
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function editUser()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-        $user = User::getById($userId, $database);
-        $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $newEmail = WebRequest::postEmail('user_email');
-            $newOnWikiName = WebRequest::postString('user_onwikiname');
-
-            if ($newEmail === null) {
-                throw new ApplicationLogicException('Invalid email address');
-            }
-
-            if (!($oauth->isFullyLinked() || $oauth->isPartiallyLinked())) {
-                if (trim($newOnWikiName) == "") {
-                    throw new ApplicationLogicException('New on-wiki username cannot be blank');
-                }
-
-                $user->setOnWikiName($newOnWikiName);
-                $user->setWelcomeSig(WebRequest::postString('sig'));
-            }
-
-            $user->setEmail($newEmail);
-            $user->setCreationMode(WebRequest::postInt('creationmode'));
-
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-
-            $user->save();
-
-            Logger::userPreferencesChange($database, $user);
-            $this->getNotificationHelper()->userPrefChange($user);
-            SessionAlert::quick('Changes to user\'s preferences have been saved');
-
-            $this->redirect("userManagement");
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(),
-                $this->getSiteConfiguration());
-            $this->setTemplate('usermanagement/edituser.tpl');
-            $this->assign('user', $user);
-            $this->assign('oauth', $oauth);
-
-            $this->assign('canManualCreate',
-                $this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation'));
-            $this->assign('canOauthCreate',
-                $this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation'));
-            $this->assign('canBotCreate',
-                $this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation'));
-        }
-    }
-
-    #endregion
-
-    /**
-     * Sends a status change email to the user.
-     *
-     * @param string      $subject           The subject of the email
-     * @param string      $template          The smarty template to use
-     * @param string|null $reason            The reason for performing the status change
-     * @param User        $user              The user affected
-     * @param string      $toolAdminUsername The tool admin's username who is making the edit
-     */
-    private function sendStatusChangeEmail($subject, $template, $reason, $user, $toolAdminUsername)
-    {
-        $this->assign('targetUsername', $user->getUsername());
-        $this->assign('toolAdmin', $toolAdminUsername);
-        $this->assign('actionReason', $reason);
-        $this->assign('mailingList', $this->adminMailingList);
-
-        $this->getEmailHelper()->sendMail(
-            $user->getEmail(),
-            $subject,
-            $this->fetchTemplate($template),
-            array('Reply-To' => $this->adminMailingList)
-        );
-    }
-
-    /**
-     * @param UserRole[] $activeRoles
-     *
-     * @return array
-     */
-    private function getRoleData($activeRoles)
-    {
-        $availableRoles = $this->getSecurityManager()->getRoleConfiguration()->getAvailableRoles();
-
-        $currentUser = User::getCurrent($this->getDatabase());
-        $this->getSecurityManager()->getActiveRoles($currentUser, $userRoles, $inactiveRoles);
-
-        $initialValue = array('active' => 0, 'allowEdit' => 0, 'description' => '???', 'object' => null);
-
-        $roleData = array();
-        foreach ($availableRoles as $role => $data) {
-            $intersection = array_intersect($data['editableBy'], $userRoles);
-
-            $roleData[$role] = $initialValue;
-            $roleData[$role]['allowEdit'] = count($intersection) > 0 ? 1 : 0;
-            $roleData[$role]['description'] = $data['description'];
-        }
-
-        foreach ($activeRoles as $role) {
-            if (!isset($roleData[$role->getRole()])) {
-                // This value is no longer available in the configuration, allow changing (aka removing) it.
-                $roleData[$role->getRole()] = $initialValue;
-                $roleData[$role->getRole()]['allowEdit'] = 1;
-            }
-
-            $roleData[$role->getRole()]['object'] = $role;
-            $roleData[$role->getRole()]['active'] = 1;
-        }
-
-        return $roleData;
-    }
+	/** @var string */
+	private $adminMailingList = 'enwiki-acc-admins@googlegroups.com';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+		$currentUser = User::getCurrent($database);
+
+		$userSearchRequest = WebRequest::getString('usersearch');
+		if ($userSearchRequest !== null) {
+			$searchedUser = User::getByUsername($userSearchRequest, $database);
+			if($searchedUser !== false) {
+				$this->redirect('statistics/users', 'detail', ['user' => $searchedUser->getId()]);
+				return;
+			}
+		}
+
+		// A bit hacky, but it's better than my last solution of creating an object for each user and passing that to
+		// the template. I still don't have a particularly good way of handling this.
+		OAuthUserHelper::prepareTokenCountStatement($database);
+
+		if (WebRequest::getBoolean("showAll")) {
+			$this->assign("showAll", true);
+
+			$suspendedUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_SUSPENDED)->fetch();
+			$this->assign("suspendedUsers", $suspendedUsers);
+
+			$declinedUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_DECLINED)->fetch();
+			$this->assign("declinedUsers", $declinedUsers);
+
+			UserSearchHelper::get($database)->getRoleMap($roleMap);
+		}
+		else {
+			$this->assign("showAll", false);
+			$this->assign("suspendedUsers", array());
+			$this->assign("declinedUsers", array());
+
+			UserSearchHelper::get($database)->statusIn(array('New', 'Active'))->getRoleMap($roleMap);
+		}
+
+		$newUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_NEW)->fetch();
+		$normalUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('user')->fetch();
+		$adminUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('admin')->fetch();
+		$checkUsers = UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('checkuser')->fetch();
+		$toolRoots = UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('toolRoot')->fetch();
+		$this->assign('newUsers', $newUsers);
+		$this->assign('normalUsers', $normalUsers);
+		$this->assign('adminUsers', $adminUsers);
+		$this->assign('checkUsers', $checkUsers);
+		$this->assign('toolRoots', $toolRoots);
+
+		$this->assign('roles', $roleMap);
+
+		$this->addJs("/api.php?action=users&all=true&targetVariable=typeaheaddata");
+
+		$this->assign('canApprove', $this->barrierTest('approve', $currentUser));
+		$this->assign('canDecline', $this->barrierTest('decline', $currentUser));
+		$this->assign('canRename', $this->barrierTest('rename', $currentUser));
+		$this->assign('canEditUser', $this->barrierTest('editUser', $currentUser));
+		$this->assign('canSuspend', $this->barrierTest('suspend', $currentUser));
+		$this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser));
+
+		$this->setTemplate("usermanagement/main.tpl");
+	}
+
+	#region Access control
+
+	/**
+	 * Action target for editing the roles assigned to a user
+	 */
+	protected function editRoles()
+	{
+		$this->setHtmlTitle('User Management');
+		$database = $this->getDatabase();
+		$userId = WebRequest::getInt('user');
+
+		/** @var User $user */
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
+		}
+
+		$roleData = $this->getRoleData(UserRole::getForUser($user->getId(), $database));
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			$reason = WebRequest::postString('reason');
+			if ($reason === false || trim($reason) === '') {
+				throw new ApplicationLogicException('No reason specified for roles change');
+			}
+
+			/** @var UserRole[] $delete */
+			$delete = array();
+			/** @var string[] $delete */
+			$add = array();
+
+			foreach ($roleData as $name => $r) {
+				if ($r['allowEdit'] !== 1) {
+					// not allowed, to touch this, so ignore it
+					continue;
+				}
+
+				$newValue = WebRequest::postBoolean('role-' . $name) ? 1 : 0;
+				if ($newValue !== $r['active']) {
+					if ($newValue === 0) {
+						$delete[] = $r['object'];
+					}
+
+					if ($newValue === 1) {
+						$add[] = $name;
+					}
+				}
+			}
+
+			// Check there's something to do
+			if ((count($add) + count($delete)) === 0) {
+				$this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
+				SessionAlert::warning('No changes made to roles.');
+
+				return;
+			}
+
+			$removed = array();
+
+			/** @var UserRole $d */
+			foreach ($delete as $d) {
+				$removed[] = $d->getRole();
+				$d->delete();
+			}
+
+			foreach ($add as $x) {
+				$a = new UserRole();
+				$a->setUser($user->getId());
+				$a->setRole($x);
+				$a->setDatabase($database);
+				$a->save();
+			}
+
+			Logger::userRolesEdited($database, $user, $reason, $add, $removed);
+
+			// dummy save for optimistic locking. If this fails, the entire txn will roll back.
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$user->save();
+
+			$this->getNotificationHelper()->userRolesEdited($user, $reason);
+			SessionAlert::quick('Roles changed for user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
+
+			$this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/roleedit.tpl');
+			$this->assign('user', $user);
+			$this->assign('roleData', $roleData);
+		}
+	}
+
+	/**
+	 * Action target for suspending users
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function suspend()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+
+		/** @var User $user */
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to suspend could not be found.');
+		}
+
+		if ($user->isSuspended()) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to suspend is already suspended.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$reason = WebRequest::postString('reason');
+
+			if ($reason === null || trim($reason) === "") {
+				throw new ApplicationLogicException('No reason provided');
+			}
+
+			$user->setStatus(User::STATUS_SUSPENDED);
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$user->save();
+			Logger::suspendedUser($database, $user, $reason);
+
+			$this->getNotificationHelper()->userSuspended($user, $reason);
+			SessionAlert::quick('Suspended user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
+
+			// send email
+			$this->sendStatusChangeEmail(
+				'Your WP:ACC account has been suspended',
+				'usermanagement/emails/suspended.tpl',
+				$reason,
+				$user,
+				User::getCurrent($database)->getUsername()
+			);
+
+			$this->redirect('userManagement');
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/changelevel-reason.tpl');
+			$this->assign('user', $user);
+			$this->assign('status', 'Suspended');
+			$this->assign("showReason", true);
+
+			if (WebRequest::getString('preload')) {
+				$this->assign('preload', WebRequest::getString('preload'));
+			}
+		}
+	}
+
+	/**
+	 * Entry point for the decline action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function decline()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to decline could not be found.');
+		}
+
+		if (!$user->isNewUser()) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to decline is not new.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$reason = WebRequest::postString('reason');
+
+			if ($reason === null || trim($reason) === "") {
+				throw new ApplicationLogicException('No reason provided');
+			}
+
+			$user->setStatus(User::STATUS_DECLINED);
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$user->save();
+			Logger::declinedUser($database, $user, $reason);
+
+			$this->getNotificationHelper()->userDeclined($user, $reason);
+			SessionAlert::quick('Declined user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
+
+			// send email
+			$this->sendStatusChangeEmail(
+				'Your WP:ACC account has been declined',
+				'usermanagement/emails/declined.tpl',
+				$reason,
+				$user,
+				User::getCurrent($database)->getUsername()
+			);
+
+			$this->redirect('userManagement');
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/changelevel-reason.tpl');
+			$this->assign('user', $user);
+			$this->assign('status', 'Declined');
+			$this->assign("showReason", true);
+		}
+	}
+
+	/**
+	 * Entry point for the approve action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function approve()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to approve could not be found.');
+		}
+
+		if ($user->isActive()) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to approve is already an active user.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$user->setStatus(User::STATUS_ACTIVE);
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$user->save();
+			Logger::approvedUser($database, $user);
+
+			$this->getNotificationHelper()->userApproved($user);
+			SessionAlert::quick('Approved user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
+
+			// send email
+			$this->sendStatusChangeEmail(
+				'Your WP:ACC account has been approved',
+				'usermanagement/emails/approved.tpl',
+				null,
+				$user,
+				User::getCurrent($database)->getUsername()
+			);
+
+			$this->redirect("userManagement");
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate("usermanagement/changelevel-reason.tpl");
+			$this->assign("user", $user);
+			$this->assign("status", "Active");
+			$this->assign("showReason", false);
+		}
+	}
+
+	#endregion
+
+	#region Renaming / Editing
+
+	/**
+	 * Entry point for the rename action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function rename()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to rename could not be found.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$newUsername = WebRequest::postString('newname');
+
+			if ($newUsername === null || trim($newUsername) === "") {
+				throw new ApplicationLogicException('The new username cannot be empty');
+			}
+
+			if (User::getByUsername($newUsername, $database) != false) {
+				throw new ApplicationLogicException('The new username already exists');
+			}
+
+			$oldUsername = $user->getUsername();
+			$user->setUsername($newUsername);
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+
+			$user->save();
+
+			$logEntryData = serialize(array(
+				'old' => $oldUsername,
+				'new' => $newUsername,
+			));
+
+			Logger::renamedUser($database, $user, $logEntryData);
+
+			SessionAlert::quick("Changed User "
+				. htmlentities($oldUsername, ENT_COMPAT, 'UTF-8')
+				. " name to "
+				. htmlentities($newUsername, ENT_COMPAT, 'UTF-8'));
+
+			$this->getNotificationHelper()->userRenamed($user, $oldUsername);
+
+			// send an email to the user.
+			$this->assign('targetUsername', $user->getUsername());
+			$this->assign('toolAdmin', User::getCurrent($database)->getUsername());
+			$this->assign('oldUsername', $oldUsername);
+			$this->assign('mailingList', $this->adminMailingList);
+
+			$this->getEmailHelper()->sendMail(
+				$user->getEmail(),
+				'Your username on WP:ACC has been changed',
+				$this->fetchTemplate('usermanagement/emails/renamed.tpl'),
+				array('Reply-To' => $this->adminMailingList)
+			);
+
+			$this->redirect("userManagement");
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/renameuser.tpl');
+			$this->assign('user', $user);
+		}
+	}
+
+	/**
+	 * Entry point for the edit action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function editUser()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+		$user = User::getById($userId, $database);
+		$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$newEmail = WebRequest::postEmail('user_email');
+			$newOnWikiName = WebRequest::postString('user_onwikiname');
+
+			if ($newEmail === null) {
+				throw new ApplicationLogicException('Invalid email address');
+			}
+
+			if (!($oauth->isFullyLinked() || $oauth->isPartiallyLinked())) {
+				if (trim($newOnWikiName) == "") {
+					throw new ApplicationLogicException('New on-wiki username cannot be blank');
+				}
+
+				$user->setOnWikiName($newOnWikiName);
+				$user->setWelcomeSig(WebRequest::postString('sig'));
+			}
+
+			$user->setEmail($newEmail);
+			$user->setCreationMode(WebRequest::postInt('creationmode'));
+
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+
+			$user->save();
+
+			Logger::userPreferencesChange($database, $user);
+			$this->getNotificationHelper()->userPrefChange($user);
+			SessionAlert::quick('Changes to user\'s preferences have been saved');
+
+			$this->redirect("userManagement");
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(),
+				$this->getSiteConfiguration());
+			$this->setTemplate('usermanagement/edituser.tpl');
+			$this->assign('user', $user);
+			$this->assign('oauth', $oauth);
+
+			$this->assign('canManualCreate',
+				$this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation'));
+			$this->assign('canOauthCreate',
+				$this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation'));
+			$this->assign('canBotCreate',
+				$this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation'));
+		}
+	}
+
+	#endregion
+
+	/**
+	 * Sends a status change email to the user.
+	 *
+	 * @param string      $subject           The subject of the email
+	 * @param string      $template          The smarty template to use
+	 * @param string|null $reason            The reason for performing the status change
+	 * @param User        $user              The user affected
+	 * @param string      $toolAdminUsername The tool admin's username who is making the edit
+	 */
+	private function sendStatusChangeEmail($subject, $template, $reason, $user, $toolAdminUsername)
+	{
+		$this->assign('targetUsername', $user->getUsername());
+		$this->assign('toolAdmin', $toolAdminUsername);
+		$this->assign('actionReason', $reason);
+		$this->assign('mailingList', $this->adminMailingList);
+
+		$this->getEmailHelper()->sendMail(
+			$user->getEmail(),
+			$subject,
+			$this->fetchTemplate($template),
+			array('Reply-To' => $this->adminMailingList)
+		);
+	}
+
+	/**
+	 * @param UserRole[] $activeRoles
+	 *
+	 * @return array
+	 */
+	private function getRoleData($activeRoles)
+	{
+		$availableRoles = $this->getSecurityManager()->getRoleConfiguration()->getAvailableRoles();
+
+		$currentUser = User::getCurrent($this->getDatabase());
+		$this->getSecurityManager()->getActiveRoles($currentUser, $userRoles, $inactiveRoles);
+
+		$initialValue = array('active' => 0, 'allowEdit' => 0, 'description' => '???', 'object' => null);
+
+		$roleData = array();
+		foreach ($availableRoles as $role => $data) {
+			$intersection = array_intersect($data['editableBy'], $userRoles);
+
+			$roleData[$role] = $initialValue;
+			$roleData[$role]['allowEdit'] = count($intersection) > 0 ? 1 : 0;
+			$roleData[$role]['description'] = $data['description'];
+		}
+
+		foreach ($activeRoles as $role) {
+			if (!isset($roleData[$role->getRole()])) {
+				// This value is no longer available in the configuration, allow changing (aka removing) it.
+				$roleData[$role->getRole()] = $initialValue;
+				$roleData[$role->getRole()]['allowEdit'] = 1;
+			}
+
+			$roleData[$role->getRole()]['object'] = $role;
+			$roleData[$role->getRole()]['active'] = 1;
+		}
+
+		return $roleData;
+	}
 }