mdaniels5757 / waca

includes/Pages/PageEmailManagement.php

Indentation +171 added lines, -171 removed lines

@@ -19,175 +19,175 @@
 
 class PageEmailManagement extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Close Emails');
-
-        // Get all active email templates
-        $activeTemplates = EmailTemplate::getAllActiveTemplates(null, $this->getDatabase());
-        $inactiveTemplates = EmailTemplate::getAllInactiveTemplates($this->getDatabase());
-
-        $this->assign('activeTemplates', $activeTemplates);
-        $this->assign('inactiveTemplates', $inactiveTemplates);
-
-        $user = User::getCurrent($this->getDatabase());
-        $this->assign('canCreate', $this->barrierTest('create', $user));
-        $this->assign('canEdit', $this->barrierTest('edit', $user));
-
-        $this->setTemplate('email-management/main.tpl');
-    }
-
-    protected function view()
-    {
-        $this->setHtmlTitle('Close Emails');
-
-        $database = $this->getDatabase();
-        $template = $this->getTemplate($database);
-
-        $createdId = $this->getSiteConfiguration()->getDefaultCreatedTemplateId();
-        $requestStates = $this->getSiteConfiguration()->getRequestStates();
-
-        $this->assign('id', $template->getId());
-        $this->assign('emailTemplate', $template);
-        $this->assign('createdid', $createdId);
-        $this->assign('requeststates', $requestStates);
-
-        $this->setTemplate('email-management/view.tpl');
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return EmailTemplate
-     * @throws ApplicationLogicException
-     */
-    protected function getTemplate(PdoDatabase $database)
-    {
-        $templateId = WebRequest::getInt('id');
-        if ($templateId === null) {
-            throw new ApplicationLogicException('Template not specified');
-        }
-        $template = EmailTemplate::getById($templateId, $database);
-        if ($template === false || !is_a($template, EmailTemplate::class)) {
-            throw new ApplicationLogicException('Template not found');
-        }
-
-        return $template;
-    }
-
-    protected function edit()
-    {
-        $this->setHtmlTitle('Close Emails');
-
-        $database = $this->getDatabase();
-        $template = $this->getTemplate($database);
-
-        $createdId = $this->getSiteConfiguration()->getDefaultCreatedTemplateId();
-        $requestStates = $this->getSiteConfiguration()->getRequestStates();
-
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            $this->modifyTemplateData($template);
-
-            $other = EmailTemplate::getByName($template->getName(), $database);
-            if ($other !== false && $other->getId() !== $template->getId()) {
-                throw new ApplicationLogicException('A template with this name already exists');
-            }
-
-            if ($template->getId() === $createdId) {
-                $template->setDefaultAction(EmailTemplate::CREATED);
-                $template->setActive(true);
-                $template->setPreloadOnly(false);
-            }
-
-            // optimistically lock on load of edit form
-            $updateVersion = WebRequest::postInt('updateversion');
-            $template->setUpdateVersion($updateVersion);
-
-            $template->save();
-            Logger::editedEmail($database, $template);
-            $this->getNotificationHelper()->emailEdited($template);
-            SessionAlert::success("Email template has been saved successfully.");
-
-            $this->redirect('emailManagement');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('id', $template->getId());
-            $this->assign('emailTemplate', $template);
-            $this->assign('createdid', $createdId);
-            $this->assign('requeststates', $requestStates);
-
-            $this->setTemplate('email-management/edit.tpl');
-        }
-    }
-
-    /**
-     * @param EmailTemplate $template
-     *
-     * @throws ApplicationLogicException
-     */
-    private function modifyTemplateData(EmailTemplate $template)
-    {
-        $name = WebRequest::postString('name');
-        if ($name === null || $name === '') {
-            throw new ApplicationLogicException('Name not specified');
-        }
-
-        $template->setName($name);
-
-        $text = WebRequest::postString('text');
-        if ($text === null || $text === '') {
-            throw new ApplicationLogicException('Text not specified');
-        }
-
-        $template->setText($text);
-
-        $template->setJsquestion(WebRequest::postString('jsquestion'));
-
-        $template->setDefaultAction(WebRequest::postString('defaultaction'));
-        $template->setActive(WebRequest::postBoolean('active'));
-        $template->setPreloadOnly(WebRequest::postBoolean('preloadonly'));
-    }
-
-    protected function create()
-    {
-        $this->setHtmlTitle('Close Emails');
-
-        $database = $this->getDatabase();
-
-        $requestStates = $this->getSiteConfiguration()->getRequestStates();
-
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $template = new EmailTemplate();
-            $template->setDatabase($database);
-
-            $this->modifyTemplateData($template);
-
-            $other = EmailTemplate::getByName($template->getName(), $database);
-            if ($other !== false) {
-                throw new ApplicationLogicException('A template with this name already exists');
-            }
-
-            $template->save();
-
-            Logger::createEmail($database, $template);
-            $this->getNotificationHelper()->emailCreated($template);
-
-            SessionAlert::success("Email template has been saved successfully.");
-
-            $this->redirect('emailManagement');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('requeststates', $requestStates);
-            $this->setTemplate('email-management/create.tpl');
-        }
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Close Emails');
+
+		// Get all active email templates
+		$activeTemplates = EmailTemplate::getAllActiveTemplates(null, $this->getDatabase());
+		$inactiveTemplates = EmailTemplate::getAllInactiveTemplates($this->getDatabase());
+
+		$this->assign('activeTemplates', $activeTemplates);
+		$this->assign('inactiveTemplates', $inactiveTemplates);
+
+		$user = User::getCurrent($this->getDatabase());
+		$this->assign('canCreate', $this->barrierTest('create', $user));
+		$this->assign('canEdit', $this->barrierTest('edit', $user));
+
+		$this->setTemplate('email-management/main.tpl');
+	}
+
+	protected function view()
+	{
+		$this->setHtmlTitle('Close Emails');
+
+		$database = $this->getDatabase();
+		$template = $this->getTemplate($database);
+
+		$createdId = $this->getSiteConfiguration()->getDefaultCreatedTemplateId();
+		$requestStates = $this->getSiteConfiguration()->getRequestStates();
+
+		$this->assign('id', $template->getId());
+		$this->assign('emailTemplate', $template);
+		$this->assign('createdid', $createdId);
+		$this->assign('requeststates', $requestStates);
+
+		$this->setTemplate('email-management/view.tpl');
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return EmailTemplate
+	 * @throws ApplicationLogicException
+	 */
+	protected function getTemplate(PdoDatabase $database)
+	{
+		$templateId = WebRequest::getInt('id');
+		if ($templateId === null) {
+			throw new ApplicationLogicException('Template not specified');
+		}
+		$template = EmailTemplate::getById($templateId, $database);
+		if ($template === false || !is_a($template, EmailTemplate::class)) {
+			throw new ApplicationLogicException('Template not found');
+		}
+
+		return $template;
+	}
+
+	protected function edit()
+	{
+		$this->setHtmlTitle('Close Emails');
+
+		$database = $this->getDatabase();
+		$template = $this->getTemplate($database);
+
+		$createdId = $this->getSiteConfiguration()->getDefaultCreatedTemplateId();
+		$requestStates = $this->getSiteConfiguration()->getRequestStates();
+
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			$this->modifyTemplateData($template);
+
+			$other = EmailTemplate::getByName($template->getName(), $database);
+			if ($other !== false && $other->getId() !== $template->getId()) {
+				throw new ApplicationLogicException('A template with this name already exists');
+			}
+
+			if ($template->getId() === $createdId) {
+				$template->setDefaultAction(EmailTemplate::CREATED);
+				$template->setActive(true);
+				$template->setPreloadOnly(false);
+			}
+
+			// optimistically lock on load of edit form
+			$updateVersion = WebRequest::postInt('updateversion');
+			$template->setUpdateVersion($updateVersion);
+
+			$template->save();
+			Logger::editedEmail($database, $template);
+			$this->getNotificationHelper()->emailEdited($template);
+			SessionAlert::success("Email template has been saved successfully.");
+
+			$this->redirect('emailManagement');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('id', $template->getId());
+			$this->assign('emailTemplate', $template);
+			$this->assign('createdid', $createdId);
+			$this->assign('requeststates', $requestStates);
+
+			$this->setTemplate('email-management/edit.tpl');
+		}
+	}
+
+	/**
+	 * @param EmailTemplate $template
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function modifyTemplateData(EmailTemplate $template)
+	{
+		$name = WebRequest::postString('name');
+		if ($name === null || $name === '') {
+			throw new ApplicationLogicException('Name not specified');
+		}
+
+		$template->setName($name);
+
+		$text = WebRequest::postString('text');
+		if ($text === null || $text === '') {
+			throw new ApplicationLogicException('Text not specified');
+		}
+
+		$template->setText($text);
+
+		$template->setJsquestion(WebRequest::postString('jsquestion'));
+
+		$template->setDefaultAction(WebRequest::postString('defaultaction'));
+		$template->setActive(WebRequest::postBoolean('active'));
+		$template->setPreloadOnly(WebRequest::postBoolean('preloadonly'));
+	}
+
+	protected function create()
+	{
+		$this->setHtmlTitle('Close Emails');
+
+		$database = $this->getDatabase();
+
+		$requestStates = $this->getSiteConfiguration()->getRequestStates();
+
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$template = new EmailTemplate();
+			$template->setDatabase($database);
+
+			$this->modifyTemplateData($template);
+
+			$other = EmailTemplate::getByName($template->getName(), $database);
+			if ($other !== false) {
+				throw new ApplicationLogicException('A template with this name already exists');
+			}
+
+			$template->save();
+
+			Logger::createEmail($database, $template);
+			$this->getNotificationHelper()->emailCreated($template);
+
+			SessionAlert::success("Email template has been saved successfully.");
+
+			$this->redirect('emailManagement');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('requeststates', $requestStates);
+			$this->setTemplate('email-management/create.tpl');
+		}
+	}
 }

Braces +2 added lines, -4 removed lines

@@ -115,8 +115,7 @@ 
             SessionAlert::success("Email template has been saved successfully.");
 
             $this->redirect('emailManagement');
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->assign('id', $template->getId());
             $this->assign('emailTemplate', $template);
@@ -183,8 +182,7 @@ 
             SessionAlert::success("Email template has been saved successfully.");
 
             $this->redirect('emailManagement');
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->assign('requeststates', $requestStates);
             $this->setTemplate('email-management/create.tpl');

includes/Pages/PageTeam.php

Indentation +23 added lines, -23 removed lines

@@ -12,31 +12,31 @@
 
 class PageTeam extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $path = $this->getSiteConfiguration()->getFilePath() . '/team.json';
-        $json = file_get_contents($path);
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$path = $this->getSiteConfiguration()->getFilePath() . '/team.json';
+		$json = file_get_contents($path);
 
-        $teamData = json_decode($json, true);
+		$teamData = json_decode($json, true);
 
-        $active = array();
-        $inactive = array();
+		$active = array();
+		$inactive = array();
 
-        foreach ($teamData as $name => $item) {
-            if (count($item['Role']) == 0) {
-                $inactive[$name] = $item;
-            }
-            else {
-                $active[$name] = $item;
-            }
-        }
+		foreach ($teamData as $name => $item) {
+			if (count($item['Role']) == 0) {
+				$inactive[$name] = $item;
+			}
+			else {
+				$active[$name] = $item;
+			}
+		}
 
-        $this->assign('developer', $active);
-        $this->assign('inactiveDeveloper', $inactive);
-        $this->setTemplate('team/team.tpl');
-    }
+		$this->assign('developer', $active);
+		$this->assign('inactiveDeveloper', $inactive);
+		$this->setTemplate('team/team.tpl');
+	}
 }

Braces +1 added lines, -2 removed lines

@@ -29,8 +29,7 @@
         foreach ($teamData as $name => $item) {
             if (count($item['Role']) == 0) {
                 $inactive[$name] = $item;
-            }
-            else {
+            } else {
                 $active[$name] = $item;
             }
         }

includes/Pages/PageOAuth.php

Indentation +130 added lines, -130 removed lines

@@ -17,134 +17,134 @@
 
 class PageOAuth extends InternalPageBase
 {
-    /**
-     * Attach entry point
-     *
-     * must be posted, or will redirect to preferences
-     */
-    protected function attach()
-    {
-        if (!WebRequest::wasPosted()) {
-            $this->redirect('preferences');
-
-            return;
-        }
-
-        $this->validateCSRFToken();
-
-        $oauthHelper = $this->getOAuthHelper();
-        $user = User::getCurrent($this->getDatabase());
-
-        $requestToken = $oauthHelper->getRequestToken();
-
-        $user->setOAuthRequestToken($requestToken->key);
-        $user->setOAuthRequestSecret($requestToken->secret);
-        $user->save();
-
-        $this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key));
-    }
-
-    /**
-     * Detach account entry point
-     */
-    protected function detach()
-    {
-        if ($this->getSiteConfiguration()->getEnforceOAuth()) {
-            throw new AccessDeniedException($this->getSecurityManager());
-        }
-
-        $user = User::getCurrent($this->getDatabase());
-
-        $user->setOnWikiName($user->getOnWikiName());
-        $user->setOAuthAccessSecret(null);
-        $user->setOAuthAccessToken(null);
-        $user->setOAuthRequestSecret(null);
-        $user->setOAuthRequestToken(null);
-
-        $user->clearOAuthData();
-
-        $user->setForcelogout(true);
-
-        $user->save();
-
-        // force the user to log out
-        Session::destroy();
-
-        $this->redirect('login');
-    }
-
-    /**
-     * Callback entry point
-     */
-    protected function callback()
-    {
-        $oauthToken = WebRequest::getString('oauth_token');
-        $oauthVerifier = WebRequest::getString('oauth_verifier');
-
-        $this->doCallbackValidation($oauthToken, $oauthVerifier);
-
-        $user = User::getByRequestToken($oauthToken, $this->getDatabase());
-        if ($user === false) {
-            throw new ApplicationLogicException('Token not found in store, please try again');
-        }
-
-        $accessToken = $this->getOAuthHelper()->callbackCompleted(
-            $user->getOAuthRequestToken(),
-            $user->getOAuthRequestSecret(),
-            $oauthVerifier);
-
-        $user->setOAuthRequestSecret(null);
-        $user->setOAuthRequestToken(null);
-        $user->setOAuthAccessToken($accessToken->key);
-        $user->setOAuthAccessSecret($accessToken->secret);
-
-        // @todo we really should stop doing this kind of thing... it adds performance bottlenecks and breaks 3NF
-        $user->setOnWikiName('##OAUTH##');
-
-        $user->save();
-
-        // OK, we're the same session that just did a partial login that was redirected to OAuth. Let's upgrade the
-        // login to a full login
-        if (WebRequest::getPartialLogin() === $user->getId()) {
-            WebRequest::setLoggedInUser($user);
-        }
-
-        // My thinking is there are three cases here:
-        //   a) new user => redirect to prefs - it's the only thing they can access other than stats
-        //   b) existing user hit the connect button in prefs => redirect to prefs since it's where they were
-        //   c) existing user logging in => redirect to wherever they came from
-        $redirectDestination = WebRequest::clearPostLoginRedirect();
-        if ($redirectDestination !== null && !$user->isNewUser()) {
-            $this->redirectUrl($redirectDestination);
-        }
-        else {
-            $this->redirect('preferences', null, null, 'internal.php');
-        }
-    }
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->redirect('preferences');
-    }
-
-    /**
-     * @param string $oauthToken
-     * @param string $oauthVerifier
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function doCallbackValidation($oauthToken, $oauthVerifier)
-    {
-        if ($oauthToken === null) {
-            throw new ApplicationLogicException('No token provided');
-        }
-
-        if ($oauthVerifier === null) {
-            throw new ApplicationLogicException('No oauth verifier provided.');
-        }
-    }
+	/**
+	 * Attach entry point
+	 *
+	 * must be posted, or will redirect to preferences
+	 */
+	protected function attach()
+	{
+		if (!WebRequest::wasPosted()) {
+			$this->redirect('preferences');
+
+			return;
+		}
+
+		$this->validateCSRFToken();
+
+		$oauthHelper = $this->getOAuthHelper();
+		$user = User::getCurrent($this->getDatabase());
+
+		$requestToken = $oauthHelper->getRequestToken();
+
+		$user->setOAuthRequestToken($requestToken->key);
+		$user->setOAuthRequestSecret($requestToken->secret);
+		$user->save();
+
+		$this->redirectUrl($oauthHelper->getAuthoriseUrl($requestToken->key));
+	}
+
+	/**
+	 * Detach account entry point
+	 */
+	protected function detach()
+	{
+		if ($this->getSiteConfiguration()->getEnforceOAuth()) {
+			throw new AccessDeniedException($this->getSecurityManager());
+		}
+
+		$user = User::getCurrent($this->getDatabase());
+
+		$user->setOnWikiName($user->getOnWikiName());
+		$user->setOAuthAccessSecret(null);
+		$user->setOAuthAccessToken(null);
+		$user->setOAuthRequestSecret(null);
+		$user->setOAuthRequestToken(null);
+
+		$user->clearOAuthData();
+
+		$user->setForcelogout(true);
+
+		$user->save();
+
+		// force the user to log out
+		Session::destroy();
+
+		$this->redirect('login');
+	}
+
+	/**
+	 * Callback entry point
+	 */
+	protected function callback()
+	{
+		$oauthToken = WebRequest::getString('oauth_token');
+		$oauthVerifier = WebRequest::getString('oauth_verifier');
+
+		$this->doCallbackValidation($oauthToken, $oauthVerifier);
+
+		$user = User::getByRequestToken($oauthToken, $this->getDatabase());
+		if ($user === false) {
+			throw new ApplicationLogicException('Token not found in store, please try again');
+		}
+
+		$accessToken = $this->getOAuthHelper()->callbackCompleted(
+			$user->getOAuthRequestToken(),
+			$user->getOAuthRequestSecret(),
+			$oauthVerifier);
+
+		$user->setOAuthRequestSecret(null);
+		$user->setOAuthRequestToken(null);
+		$user->setOAuthAccessToken($accessToken->key);
+		$user->setOAuthAccessSecret($accessToken->secret);
+
+		// @todo we really should stop doing this kind of thing... it adds performance bottlenecks and breaks 3NF
+		$user->setOnWikiName('##OAUTH##');
+
+		$user->save();
+
+		// OK, we're the same session that just did a partial login that was redirected to OAuth. Let's upgrade the
+		// login to a full login
+		if (WebRequest::getPartialLogin() === $user->getId()) {
+			WebRequest::setLoggedInUser($user);
+		}
+
+		// My thinking is there are three cases here:
+		//   a) new user => redirect to prefs - it's the only thing they can access other than stats
+		//   b) existing user hit the connect button in prefs => redirect to prefs since it's where they were
+		//   c) existing user logging in => redirect to wherever they came from
+		$redirectDestination = WebRequest::clearPostLoginRedirect();
+		if ($redirectDestination !== null && !$user->isNewUser()) {
+			$this->redirectUrl($redirectDestination);
+		}
+		else {
+			$this->redirect('preferences', null, null, 'internal.php');
+		}
+	}
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->redirect('preferences');
+	}
+
+	/**
+	 * @param string $oauthToken
+	 * @param string $oauthVerifier
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function doCallbackValidation($oauthToken, $oauthVerifier)
+	{
+		if ($oauthToken === null) {
+			throw new ApplicationLogicException('No token provided');
+		}
+
+		if ($oauthVerifier === null) {
+			throw new ApplicationLogicException('No oauth verifier provided.');
+		}
+	}
 }

Braces +1 added lines, -2 removed lines

@@ -116,8 +116,7 @@
         $redirectDestination = WebRequest::clearPostLoginRedirect();
         if ($redirectDestination !== null && !$user->isNewUser()) {
             $this->redirectUrl($redirectDestination);
-        }
-        else {
+        } else {
             $this->redirect('preferences', null, null, 'internal.php');
         }
     }

includes/Pages/PageMain.php

Indentation +75 added lines, -75 removed lines

@@ -17,71 +17,71 @@ 
 
 class PageMain extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no actions are called.
-     */
-    protected function main()
-    {
-        $this->assignCSRFToken();
-
-        $config = $this->getSiteConfiguration();
-
-        $database = $this->getDatabase();
-
-        $requestSectionData = array();
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed' LIMIT :lim;";
-            $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-        }
-        else {
-            $query = "SELECT * FROM request WHERE status = :type LIMIT :lim;";
-            $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
-        }
-
-        $statement = $database->prepare($query);
-        $statement->bindValue(':lim', $config->getMiserModeLimit(), PDO::PARAM_INT);
-
-        $totalRequestsStatement = $database->prepare($totalQuery);
-
-        $this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
-
-        foreach ($config->getRequestStates() as $type => $v) {
-            $statement->bindValue(":type", $type);
-            $statement->execute();
-
-            $requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
-
-            /** @var Request $req */
-            foreach ($requests as $req) {
-                $req->setDatabase($database);
-            }
-
-            $totalRequestsStatement->bindValue(':type', $type);
-            $totalRequestsStatement->execute();
-            $totalRequests = $totalRequestsStatement->fetchColumn();
-            $totalRequestsStatement->closeCursor();
-
-            $userIds = array_map(
-                function(Request $entry) {
-                    return $entry->getReserved();
-                },
-                $requests);
-            $userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
-            $this->assign('userlist', $userList);
-
-            $requestSectionData[$v['header']] = array(
-                'requests' => $requests,
-                'total'    => $totalRequests,
-                'api'      => $v['api'],
-                'type'     => $type,
-                'userlist' => $userList,
-            );
-        }
-
-        $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
-
-        $query = <<<SQL
+	/**
+	 * Main function for this page, when no actions are called.
+	 */
+	protected function main()
+	{
+		$this->assignCSRFToken();
+
+		$config = $this->getSiteConfiguration();
+
+		$database = $this->getDatabase();
+
+		$requestSectionData = array();
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed' LIMIT :lim;";
+			$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
+		}
+		else {
+			$query = "SELECT * FROM request WHERE status = :type LIMIT :lim;";
+			$totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
+		}
+
+		$statement = $database->prepare($query);
+		$statement->bindValue(':lim', $config->getMiserModeLimit(), PDO::PARAM_INT);
+
+		$totalRequestsStatement = $database->prepare($totalQuery);
+
+		$this->assign('defaultRequestState', $config->getDefaultRequestStateKey());
+
+		foreach ($config->getRequestStates() as $type => $v) {
+			$statement->bindValue(":type", $type);
+			$statement->execute();
+
+			$requests = $statement->fetchAll(PDO::FETCH_CLASS, Request::class);
+
+			/** @var Request $req */
+			foreach ($requests as $req) {
+				$req->setDatabase($database);
+			}
+
+			$totalRequestsStatement->bindValue(':type', $type);
+			$totalRequestsStatement->execute();
+			$totalRequests = $totalRequestsStatement->fetchColumn();
+			$totalRequestsStatement->closeCursor();
+
+			$userIds = array_map(
+				function(Request $entry) {
+					return $entry->getReserved();
+				},
+				$requests);
+			$userList = UserSearchHelper::get($this->getDatabase())->inIds($userIds)->fetchMap('username');
+			$this->assign('userlist', $userList);
+
+			$requestSectionData[$v['header']] = array(
+				'requests' => $requests,
+				'total'    => $totalRequests,
+				'api'      => $v['api'],
+				'type'     => $type,
+				'userlist' => $userList,
+			);
+		}
+
+		$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+
+		$query = <<<SQL
 		SELECT request.id, request.name, request.updateversion
 		FROM request /* PageMain::main() */
 		JOIN log ON log.objectid = request.id AND log.objecttype = 'Request'
@@ -90,18 +90,18 @@ 
 		LIMIT 5;
 SQL;
 
-        $statement = $database->prepare($query);
-        $statement->execute();
+		$statement = $database->prepare($query);
+		$statement->execute();
 
-        $last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
+		$last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
 
-        $this->assign('lastFive', $last5result);
-        $this->assign('requestSectionData', $requestSectionData);
+		$this->assign('lastFive', $last5result);
+		$this->assign('requestSectionData', $requestSectionData);
 
-        $currentUser = User::getCurrent($database);
-        $this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
-        $this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
+		$currentUser = User::getCurrent($database);
+		$this->assign('canBan', $this->barrierTest('set', $currentUser, PageBan::class));
+		$this->assign('canBreakReservation', $this->barrierTest('force', $currentUser, PageBreakReservation::class));
 
-        $this->setTemplate('mainpage/mainpage.tpl');
-    }
+		$this->setTemplate('mainpage/mainpage.tpl');
+	}
 }

Braces +3 added lines, -3 removed lines

@@ -33,8 +33,7 @@ 
         if ($config->getEmailConfirmationEnabled()) {
             $query = "SELECT * FROM request WHERE status = :type AND emailconfirm = 'Confirmed' LIMIT :lim;";
             $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type AND emailconfirm = 'Confirmed';";
-        }
-        else {
+        } else {
             $query = "SELECT * FROM request WHERE status = :type LIMIT :lim;";
             $totalQuery = "SELECT COUNT(id) FROM request WHERE status = :type;";
         }
@@ -63,7 +62,8 @@ 
             $totalRequestsStatement->closeCursor();
 
             $userIds = array_map(
-                function(Request $entry) {
+                function(Request $entry)
+                {
                     return $entry->getReserved();
                 },
                 $requests);

includes/Pages/PageUserManagement.php

Indentation +529 added lines, -529 removed lines

@@ -23,533 +23,533 @@
  */
 class PageUserManagement extends InternalPageBase
 {
-    /** @var string */
-    private $adminMailingList = 'enwiki-acc-admins@googlegroups.com';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-        $currentUser = User::getCurrent($database);
-
-        if (WebRequest::getBoolean("showAll")) {
-            $this->assign("showAll", true);
-
-            $this->assign("suspendedUsers",
-                UserSearchHelper::get($database)->byStatus(User::STATUS_SUSPENDED)->fetch());
-            $this->assign("declinedUsers", UserSearchHelper::get($database)->byStatus(User::STATUS_DECLINED)->fetch());
-
-            UserSearchHelper::get($database)->getRoleMap($roleMap);
-        }
-        else {
-            $this->assign("showAll", false);
-            $this->assign("suspendedUsers", array());
-            $this->assign("declinedUsers", array());
-
-            UserSearchHelper::get($database)->statusIn(array('New', 'Active'))->getRoleMap($roleMap);
-        }
-
-        $this->assign('newUsers', UserSearchHelper::get($database)->byStatus(User::STATUS_NEW)->fetch());
-        $this->assign('normalUsers',
-            UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('user')->fetch());
-        $this->assign('adminUsers',
-            UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('admin')->fetch());
-        $this->assign('checkUsers',
-            UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('checkuser')->fetch());
-        $this->assign('toolRoots',
-            UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('toolRoot')->fetch());
-
-        $this->assign('roles', $roleMap);
-
-        $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
-            return UserSearchHelper::get($database)->fetchColumn('username');
-        });
-
-        $this->assign('canApprove', $this->barrierTest('approve', $currentUser));
-        $this->assign('canDecline', $this->barrierTest('decline', $currentUser));
-        $this->assign('canRename', $this->barrierTest('rename', $currentUser));
-        $this->assign('canEditUser', $this->barrierTest('editUser', $currentUser));
-        $this->assign('canSuspend', $this->barrierTest('suspend', $currentUser));
-        $this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser));
-
-        $this->setTemplate("usermanagement/main.tpl");
-    }
-
-    #region Access control
-
-    /**
-     * Action target for editing the roles assigned to a user
-     */
-    protected function editRoles()
-    {
-        $this->setHtmlTitle('User Management');
-        $database = $this->getDatabase();
-        $userId = WebRequest::getInt('user');
-
-        /** @var User $user */
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
-        }
-
-        $roleData = $this->getRoleData(UserRole::getForUser($user->getId(), $database));
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            $reason = WebRequest::postString('reason');
-            if ($reason === false || trim($reason) === '') {
-                throw new ApplicationLogicException('No reason specified for roles change');
-            }
-
-            /** @var UserRole[] $delete */
-            $delete = array();
-            /** @var string[] $delete */
-            $add = array();
-
-            foreach ($roleData as $name => $r) {
-                if ($r['allowEdit'] !== 1) {
-                    // not allowed, to touch this, so ignore it
-                    continue;
-                }
-
-                $newValue = WebRequest::postBoolean('role-' . $name) ? 1 : 0;
-                if ($newValue !== $r['active']) {
-                    if ($newValue === 0) {
-                        $delete[] = $r['object'];
-                    }
-
-                    if ($newValue === 1) {
-                        $add[] = $name;
-                    }
-                }
-            }
-
-            // Check there's something to do
-            if ((count($add) + count($delete)) === 0) {
-                $this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
-                SessionAlert::warning('No changes made to roles.');
-
-                return;
-            }
-
-            $removed = array();
-
-            /** @var UserRole $d */
-            foreach ($delete as $d) {
-                $removed[] = $d->getRole();
-                $d->delete();
-            }
-
-            foreach ($add as $x) {
-                $a = new UserRole();
-                $a->setUser($user->getId());
-                $a->setRole($x);
-                $a->setDatabase($database);
-                $a->save();
-            }
-
-            Logger::userRolesEdited($database, $user, $reason, $add, $removed);
-
-            // dummy save for optimistic locking. If this fails, the entire txn will roll back.
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $user->save();
-
-            $this->getNotificationHelper()->userRolesEdited($user, $reason);
-            SessionAlert::quick('Roles changed for user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
-
-            $this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/roleedit.tpl');
-            $this->assign('user', $user);
-            $this->assign('roleData', $roleData);
-        }
-    }
-
-    /**
-     * Action target for suspending users
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function suspend()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-
-        /** @var User $user */
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to suspend could not be found.');
-        }
-
-        if ($user->isSuspended()) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to suspend is already suspended.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $reason = WebRequest::postString('reason');
-
-            if ($reason === null || trim($reason) === "") {
-                throw new ApplicationLogicException('No reason provided');
-            }
-
-            $user->setStatus(User::STATUS_SUSPENDED);
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $user->save();
-            Logger::suspendedUser($database, $user, $reason);
-
-            $this->getNotificationHelper()->userSuspended($user, $reason);
-            SessionAlert::quick('Suspended user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
-
-            // send email
-            $this->sendStatusChangeEmail(
-                'Your WP:ACC account has been suspended',
-                'usermanagement/emails/suspended.tpl',
-                $reason,
-                $user,
-                User::getCurrent($database)->getUsername()
-            );
-
-            $this->redirect('userManagement');
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/changelevel-reason.tpl');
-            $this->assign('user', $user);
-            $this->assign('status', 'Suspended');
-            $this->assign("showReason", true);
-        }
-    }
-
-    /**
-     * Entry point for the decline action
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function decline()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to decline could not be found.');
-        }
-
-        if (!$user->isNewUser()) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to decline is not new.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $reason = WebRequest::postString('reason');
-
-            if ($reason === null || trim($reason) === "") {
-                throw new ApplicationLogicException('No reason provided');
-            }
-
-            $user->setStatus(User::STATUS_DECLINED);
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $user->save();
-            Logger::declinedUser($database, $user, $reason);
-
-            $this->getNotificationHelper()->userDeclined($user, $reason);
-            SessionAlert::quick('Declined user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
-
-            // send email
-            $this->sendStatusChangeEmail(
-                'Your WP:ACC account has been declined',
-                'usermanagement/emails/declined.tpl',
-                $reason,
-                $user,
-                User::getCurrent($database)->getUsername()
-            );
-
-            $this->redirect('userManagement');
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/changelevel-reason.tpl');
-            $this->assign('user', $user);
-            $this->assign('status', 'Declined');
-            $this->assign("showReason", true);
-        }
-    }
-
-    /**
-     * Entry point for the approve action
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function approve()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to approve could not be found.');
-        }
-
-        if ($user->isActive()) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to approve is already an active user.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $user->setStatus(User::STATUS_ACTIVE);
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $user->save();
-            Logger::approvedUser($database, $user);
-
-            $this->getNotificationHelper()->userApproved($user);
-            SessionAlert::quick('Approved user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
-
-            // send email
-            $this->sendStatusChangeEmail(
-                'Your WP:ACC account has been approved',
-                'usermanagement/emails/approved.tpl',
-                null,
-                $user,
-                User::getCurrent($database)->getUsername()
-            );
-
-            $this->redirect("userManagement");
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate("usermanagement/changelevel-reason.tpl");
-            $this->assign("user", $user);
-            $this->assign("status", "User");
-            $this->assign("showReason", false);
-        }
-    }
-
-    #endregion
-
-    #region Renaming / Editing
-
-    /**
-     * Entry point for the rename action
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function rename()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to rename could not be found.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $newUsername = WebRequest::postString('newname');
-
-            if ($newUsername === null || trim($newUsername) === "") {
-                throw new ApplicationLogicException('The new username cannot be empty');
-            }
-
-            if (User::getByUsername($newUsername, $database) != false) {
-                throw new ApplicationLogicException('The new username already exists');
-            }
-
-            $oldUsername = $user->getUsername();
-            $user->setUsername($newUsername);
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-
-            $user->save();
-
-            $logEntryData = serialize(array(
-                'old' => $oldUsername,
-                'new' => $newUsername,
-            ));
-
-            Logger::renamedUser($database, $user, $logEntryData);
-
-            SessionAlert::quick("Changed User "
-                . htmlentities($oldUsername, ENT_COMPAT, 'UTF-8')
-                . " name to "
-                . htmlentities($newUsername, ENT_COMPAT, 'UTF-8'));
-
-            $this->getNotificationHelper()->userRenamed($user, $oldUsername);
-
-            // send an email to the user.
-            $this->assign('targetUsername', $user->getUsername());
-            $this->assign('toolAdmin', User::getCurrent($database)->getUsername());
-            $this->assign('oldUsername', $oldUsername);
-            $this->assign('mailingList', $this->adminMailingList);
-
-            $this->getEmailHelper()->sendMail(
-                $user->getEmail(),
-                'Your username on WP:ACC has been changed',
-                $this->fetchTemplate('usermanagement/emails/renamed.tpl'),
-                array('Reply-To' => $this->adminMailingList)
-            );
-
-            $this->redirect("userManagement");
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/renameuser.tpl');
-            $this->assign('user', $user);
-        }
-    }
-
-    /**
-     * Entry point for the edit action
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function editUser()
-    {
-        $this->setHtmlTitle('User Management');
-
-        $database = $this->getDatabase();
-
-        $userId = WebRequest::getInt('user');
-        $user = User::getById($userId, $database);
-
-        if ($user === false) {
-            throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
-        }
-
-        // Dual-mode action
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $newEmail = WebRequest::postEmail('user_email');
-            $newOnWikiName = WebRequest::postString('user_onwikiname');
-
-            if ($newEmail === null) {
-                throw new ApplicationLogicException('Invalid email address');
-            }
-
-            if (!$user->isOAuthLinked()) {
-                if (trim($newOnWikiName) == "") {
-                    throw new ApplicationLogicException('New on-wiki username cannot be blank');
-                }
-
-                $user->setOnWikiName($newOnWikiName);
-            }
-
-            $user->setEmail($newEmail);
-
-            $user->setUpdateVersion(WebRequest::postInt('updateversion'));
-
-            $user->save();
-
-            Logger::userPreferencesChange($database, $user);
-            $this->getNotificationHelper()->userPrefChange($user);
-            SessionAlert::quick('Changes to user\'s preferences have been saved');
-
-            $this->redirect("userManagement");
-
-            return;
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('usermanagement/edituser.tpl');
-            $this->assign('user', $user);
-        }
-    }
-
-    #endregion
-
-    /**
-     * Sends a status change email to the user.
-     *
-     * @param string      $subject           The subject of the email
-     * @param string      $template          The smarty template to use
-     * @param string|null $reason            The reason for performing the status change
-     * @param User        $user              The user affected
-     * @param string      $toolAdminUsername The tool admin's username who is making the edit
-     */
-    private function sendStatusChangeEmail($subject, $template, $reason, $user, $toolAdminUsername)
-    {
-        $this->assign('targetUsername', $user->getUsername());
-        $this->assign('toolAdmin', $toolAdminUsername);
-        $this->assign('actionReason', $reason);
-        $this->assign('mailingList', $this->adminMailingList);
-
-        $this->getEmailHelper()->sendMail(
-            $user->getEmail(),
-            $subject,
-            $this->fetchTemplate($template),
-            array('Reply-To' => $this->adminMailingList)
-        );
-    }
-
-    /**
-     * @param UserRole[] $activeRoles
-     *
-     * @return array
-     */
-    private function getRoleData($activeRoles)
-    {
-        $availableRoles = $this->getSecurityManager()->getRoleConfiguration()->getAvailableRoles();
-
-        $currentUser = User::getCurrent($this->getDatabase());
-        $this->getSecurityManager()->getActiveRoles($currentUser, $userRoles, $inactiveRoles);
-
-        $initialValue = array('active' => 0, 'allowEdit' => 0, 'description' => '???', 'object' => null);
-
-        $roleData = array();
-        foreach ($availableRoles as $role => $data) {
-            $intersection = array_intersect($data['editableBy'], $userRoles);
-
-            $roleData[$role] = $initialValue;
-            $roleData[$role]['allowEdit'] = count($intersection) > 0 ? 1 : 0;
-            $roleData[$role]['description'] = $data['description'];
-        }
-
-        foreach ($activeRoles as $role) {
-            if (!isset($roleData[$role->getRole()])) {
-                // This value is no longer available in the configuration, allow changing (aka removing) it.
-                $roleData[$role->getRole()] = $initialValue;
-                $roleData[$role->getRole()]['allowEdit'] = 1;
-            }
-
-            $roleData[$role->getRole()]['object'] = $role;
-            $roleData[$role->getRole()]['active'] = 1;
-        }
-
-        return $roleData;
-    }
+	/** @var string */
+	private $adminMailingList = 'enwiki-acc-admins@googlegroups.com';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+		$currentUser = User::getCurrent($database);
+
+		if (WebRequest::getBoolean("showAll")) {
+			$this->assign("showAll", true);
+
+			$this->assign("suspendedUsers",
+				UserSearchHelper::get($database)->byStatus(User::STATUS_SUSPENDED)->fetch());
+			$this->assign("declinedUsers", UserSearchHelper::get($database)->byStatus(User::STATUS_DECLINED)->fetch());
+
+			UserSearchHelper::get($database)->getRoleMap($roleMap);
+		}
+		else {
+			$this->assign("showAll", false);
+			$this->assign("suspendedUsers", array());
+			$this->assign("declinedUsers", array());
+
+			UserSearchHelper::get($database)->statusIn(array('New', 'Active'))->getRoleMap($roleMap);
+		}
+
+		$this->assign('newUsers', UserSearchHelper::get($database)->byStatus(User::STATUS_NEW)->fetch());
+		$this->assign('normalUsers',
+			UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('user')->fetch());
+		$this->assign('adminUsers',
+			UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('admin')->fetch());
+		$this->assign('checkUsers',
+			UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('checkuser')->fetch());
+		$this->assign('toolRoots',
+			UserSearchHelper::get($database)->byStatus(User::STATUS_ACTIVE)->byRole('toolRoot')->fetch());
+
+		$this->assign('roles', $roleMap);
+
+		$this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
+			return UserSearchHelper::get($database)->fetchColumn('username');
+		});
+
+		$this->assign('canApprove', $this->barrierTest('approve', $currentUser));
+		$this->assign('canDecline', $this->barrierTest('decline', $currentUser));
+		$this->assign('canRename', $this->barrierTest('rename', $currentUser));
+		$this->assign('canEditUser', $this->barrierTest('editUser', $currentUser));
+		$this->assign('canSuspend', $this->barrierTest('suspend', $currentUser));
+		$this->assign('canEditRoles', $this->barrierTest('editRoles', $currentUser));
+
+		$this->setTemplate("usermanagement/main.tpl");
+	}
+
+	#region Access control
+
+	/**
+	 * Action target for editing the roles assigned to a user
+	 */
+	protected function editRoles()
+	{
+		$this->setHtmlTitle('User Management');
+		$database = $this->getDatabase();
+		$userId = WebRequest::getInt('user');
+
+		/** @var User $user */
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
+		}
+
+		$roleData = $this->getRoleData(UserRole::getForUser($user->getId(), $database));
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			$reason = WebRequest::postString('reason');
+			if ($reason === false || trim($reason) === '') {
+				throw new ApplicationLogicException('No reason specified for roles change');
+			}
+
+			/** @var UserRole[] $delete */
+			$delete = array();
+			/** @var string[] $delete */
+			$add = array();
+
+			foreach ($roleData as $name => $r) {
+				if ($r['allowEdit'] !== 1) {
+					// not allowed, to touch this, so ignore it
+					continue;
+				}
+
+				$newValue = WebRequest::postBoolean('role-' . $name) ? 1 : 0;
+				if ($newValue !== $r['active']) {
+					if ($newValue === 0) {
+						$delete[] = $r['object'];
+					}
+
+					if ($newValue === 1) {
+						$add[] = $name;
+					}
+				}
+			}
+
+			// Check there's something to do
+			if ((count($add) + count($delete)) === 0) {
+				$this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
+				SessionAlert::warning('No changes made to roles.');
+
+				return;
+			}
+
+			$removed = array();
+
+			/** @var UserRole $d */
+			foreach ($delete as $d) {
+				$removed[] = $d->getRole();
+				$d->delete();
+			}
+
+			foreach ($add as $x) {
+				$a = new UserRole();
+				$a->setUser($user->getId());
+				$a->setRole($x);
+				$a->setDatabase($database);
+				$a->save();
+			}
+
+			Logger::userRolesEdited($database, $user, $reason, $add, $removed);
+
+			// dummy save for optimistic locking. If this fails, the entire txn will roll back.
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$user->save();
+
+			$this->getNotificationHelper()->userRolesEdited($user, $reason);
+			SessionAlert::quick('Roles changed for user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
+
+			$this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/roleedit.tpl');
+			$this->assign('user', $user);
+			$this->assign('roleData', $roleData);
+		}
+	}
+
+	/**
+	 * Action target for suspending users
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function suspend()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+
+		/** @var User $user */
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to suspend could not be found.');
+		}
+
+		if ($user->isSuspended()) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to suspend is already suspended.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$reason = WebRequest::postString('reason');
+
+			if ($reason === null || trim($reason) === "") {
+				throw new ApplicationLogicException('No reason provided');
+			}
+
+			$user->setStatus(User::STATUS_SUSPENDED);
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$user->save();
+			Logger::suspendedUser($database, $user, $reason);
+
+			$this->getNotificationHelper()->userSuspended($user, $reason);
+			SessionAlert::quick('Suspended user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
+
+			// send email
+			$this->sendStatusChangeEmail(
+				'Your WP:ACC account has been suspended',
+				'usermanagement/emails/suspended.tpl',
+				$reason,
+				$user,
+				User::getCurrent($database)->getUsername()
+			);
+
+			$this->redirect('userManagement');
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/changelevel-reason.tpl');
+			$this->assign('user', $user);
+			$this->assign('status', 'Suspended');
+			$this->assign("showReason", true);
+		}
+	}
+
+	/**
+	 * Entry point for the decline action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function decline()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to decline could not be found.');
+		}
+
+		if (!$user->isNewUser()) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to decline is not new.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$reason = WebRequest::postString('reason');
+
+			if ($reason === null || trim($reason) === "") {
+				throw new ApplicationLogicException('No reason provided');
+			}
+
+			$user->setStatus(User::STATUS_DECLINED);
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$user->save();
+			Logger::declinedUser($database, $user, $reason);
+
+			$this->getNotificationHelper()->userDeclined($user, $reason);
+			SessionAlert::quick('Declined user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
+
+			// send email
+			$this->sendStatusChangeEmail(
+				'Your WP:ACC account has been declined',
+				'usermanagement/emails/declined.tpl',
+				$reason,
+				$user,
+				User::getCurrent($database)->getUsername()
+			);
+
+			$this->redirect('userManagement');
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/changelevel-reason.tpl');
+			$this->assign('user', $user);
+			$this->assign('status', 'Declined');
+			$this->assign("showReason", true);
+		}
+	}
+
+	/**
+	 * Entry point for the approve action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function approve()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to approve could not be found.');
+		}
+
+		if ($user->isActive()) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to approve is already an active user.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$user->setStatus(User::STATUS_ACTIVE);
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$user->save();
+			Logger::approvedUser($database, $user);
+
+			$this->getNotificationHelper()->userApproved($user);
+			SessionAlert::quick('Approved user ' . htmlentities($user->getUsername(), ENT_COMPAT, 'UTF-8'));
+
+			// send email
+			$this->sendStatusChangeEmail(
+				'Your WP:ACC account has been approved',
+				'usermanagement/emails/approved.tpl',
+				null,
+				$user,
+				User::getCurrent($database)->getUsername()
+			);
+
+			$this->redirect("userManagement");
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate("usermanagement/changelevel-reason.tpl");
+			$this->assign("user", $user);
+			$this->assign("status", "User");
+			$this->assign("showReason", false);
+		}
+	}
+
+	#endregion
+
+	#region Renaming / Editing
+
+	/**
+	 * Entry point for the rename action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function rename()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to rename could not be found.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$newUsername = WebRequest::postString('newname');
+
+			if ($newUsername === null || trim($newUsername) === "") {
+				throw new ApplicationLogicException('The new username cannot be empty');
+			}
+
+			if (User::getByUsername($newUsername, $database) != false) {
+				throw new ApplicationLogicException('The new username already exists');
+			}
+
+			$oldUsername = $user->getUsername();
+			$user->setUsername($newUsername);
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+
+			$user->save();
+
+			$logEntryData = serialize(array(
+				'old' => $oldUsername,
+				'new' => $newUsername,
+			));
+
+			Logger::renamedUser($database, $user, $logEntryData);
+
+			SessionAlert::quick("Changed User "
+				. htmlentities($oldUsername, ENT_COMPAT, 'UTF-8')
+				. " name to "
+				. htmlentities($newUsername, ENT_COMPAT, 'UTF-8'));
+
+			$this->getNotificationHelper()->userRenamed($user, $oldUsername);
+
+			// send an email to the user.
+			$this->assign('targetUsername', $user->getUsername());
+			$this->assign('toolAdmin', User::getCurrent($database)->getUsername());
+			$this->assign('oldUsername', $oldUsername);
+			$this->assign('mailingList', $this->adminMailingList);
+
+			$this->getEmailHelper()->sendMail(
+				$user->getEmail(),
+				'Your username on WP:ACC has been changed',
+				$this->fetchTemplate('usermanagement/emails/renamed.tpl'),
+				array('Reply-To' => $this->adminMailingList)
+			);
+
+			$this->redirect("userManagement");
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/renameuser.tpl');
+			$this->assign('user', $user);
+		}
+	}
+
+	/**
+	 * Entry point for the edit action
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function editUser()
+	{
+		$this->setHtmlTitle('User Management');
+
+		$database = $this->getDatabase();
+
+		$userId = WebRequest::getInt('user');
+		$user = User::getById($userId, $database);
+
+		if ($user === false) {
+			throw new ApplicationLogicException('Sorry, the user you are trying to edit could not be found.');
+		}
+
+		// Dual-mode action
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$newEmail = WebRequest::postEmail('user_email');
+			$newOnWikiName = WebRequest::postString('user_onwikiname');
+
+			if ($newEmail === null) {
+				throw new ApplicationLogicException('Invalid email address');
+			}
+
+			if (!$user->isOAuthLinked()) {
+				if (trim($newOnWikiName) == "") {
+					throw new ApplicationLogicException('New on-wiki username cannot be blank');
+				}
+
+				$user->setOnWikiName($newOnWikiName);
+			}
+
+			$user->setEmail($newEmail);
+
+			$user->setUpdateVersion(WebRequest::postInt('updateversion'));
+
+			$user->save();
+
+			Logger::userPreferencesChange($database, $user);
+			$this->getNotificationHelper()->userPrefChange($user);
+			SessionAlert::quick('Changes to user\'s preferences have been saved');
+
+			$this->redirect("userManagement");
+
+			return;
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('usermanagement/edituser.tpl');
+			$this->assign('user', $user);
+		}
+	}
+
+	#endregion
+
+	/**
+	 * Sends a status change email to the user.
+	 *
+	 * @param string      $subject           The subject of the email
+	 * @param string      $template          The smarty template to use
+	 * @param string|null $reason            The reason for performing the status change
+	 * @param User        $user              The user affected
+	 * @param string      $toolAdminUsername The tool admin's username who is making the edit
+	 */
+	private function sendStatusChangeEmail($subject, $template, $reason, $user, $toolAdminUsername)
+	{
+		$this->assign('targetUsername', $user->getUsername());
+		$this->assign('toolAdmin', $toolAdminUsername);
+		$this->assign('actionReason', $reason);
+		$this->assign('mailingList', $this->adminMailingList);
+
+		$this->getEmailHelper()->sendMail(
+			$user->getEmail(),
+			$subject,
+			$this->fetchTemplate($template),
+			array('Reply-To' => $this->adminMailingList)
+		);
+	}
+
+	/**
+	 * @param UserRole[] $activeRoles
+	 *
+	 * @return array
+	 */
+	private function getRoleData($activeRoles)
+	{
+		$availableRoles = $this->getSecurityManager()->getRoleConfiguration()->getAvailableRoles();
+
+		$currentUser = User::getCurrent($this->getDatabase());
+		$this->getSecurityManager()->getActiveRoles($currentUser, $userRoles, $inactiveRoles);
+
+		$initialValue = array('active' => 0, 'allowEdit' => 0, 'description' => '???', 'object' => null);
+
+		$roleData = array();
+		foreach ($availableRoles as $role => $data) {
+			$intersection = array_intersect($data['editableBy'], $userRoles);
+
+			$roleData[$role] = $initialValue;
+			$roleData[$role]['allowEdit'] = count($intersection) > 0 ? 1 : 0;
+			$roleData[$role]['description'] = $data['description'];
+		}
+
+		foreach ($activeRoles as $role) {
+			if (!isset($roleData[$role->getRole()])) {
+				// This value is no longer available in the configuration, allow changing (aka removing) it.
+				$roleData[$role->getRole()] = $initialValue;
+				$roleData[$role->getRole()]['allowEdit'] = 1;
+			}
+
+			$roleData[$role->getRole()]['object'] = $role;
+			$roleData[$role->getRole()]['active'] = 1;
+		}
+
+		return $roleData;
+	}
 }

Braces +9 added lines, -15 removed lines

@@ -44,8 +44,7 @@ 
             $this->assign("declinedUsers", UserSearchHelper::get($database)->byStatus(User::STATUS_DECLINED)->fetch());
 
             UserSearchHelper::get($database)->getRoleMap($roleMap);
-        }
-        else {
+        } else {
             $this->assign("showAll", false);
             $this->assign("suspendedUsers", array());
             $this->assign("declinedUsers", array());
@@ -65,7 +64,8 @@ 
 
         $this->assign('roles', $roleMap);
 
-        $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database) {
+        $this->getTypeAheadHelper()->defineTypeAheadSource('username-typeahead', function() use ($database)
+        {
             return UserSearchHelper::get($database)->fetchColumn('username');
         });
 
@@ -166,8 +166,7 @@ 
 
             $this->redirect('statistics/users', 'detail', array('user' => $user->getId()));
             return;
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->setTemplate('usermanagement/roleedit.tpl');
             $this->assign('user', $user);
@@ -228,8 +227,7 @@ 
             $this->redirect('userManagement');
 
             return;
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->setTemplate('usermanagement/changelevel-reason.tpl');
             $this->assign('user', $user);
@@ -289,8 +287,7 @@ 
             $this->redirect('userManagement');
 
             return;
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->setTemplate('usermanagement/changelevel-reason.tpl');
             $this->assign('user', $user);
@@ -344,8 +341,7 @@ 
             $this->redirect("userManagement");
 
             return;
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->setTemplate("usermanagement/changelevel-reason.tpl");
             $this->assign("user", $user);
@@ -425,8 +421,7 @@ 
             $this->redirect("userManagement");
 
             return;
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->setTemplate('usermanagement/renameuser.tpl');
             $this->assign('user', $user);
@@ -482,8 +477,7 @@ 
             $this->redirect("userManagement");
 
             return;
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->setTemplate('usermanagement/edituser.tpl');
             $this->assign('user', $user);

includes/Pages/RequestAction/PageCustomClose.php

Indentation +260 added lines, -260 removed lines

@@ -23,264 +23,264 @@
 
 class PageCustomClose extends PageCloseRequest
 {
-    use RequestData;
-
-    protected function main()
-    {
-        $database = $this->getDatabase();
-
-        $request = $this->getRequest($database);
-        $currentUser = User::getCurrent($this->getDatabase());
-
-        if ($request->getStatus() === 'Closed') {
-            throw new ApplicationLogicException('Request is already closed');
-        }
-
-        // Dual-mode page
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $this->doCustomClose($currentUser, $request, $database);
-
-            $this->redirect();
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->showCustomCloseForm($database, $request);
-        }
-    }
-
-    /**
-     * @param $database
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database)
-    {
-        $requestId = WebRequest::getInt('request');
-        if ($requestId === null) {
-            throw new ApplicationLogicException('Request ID not found');
-        }
-
-        /** @var Request $request */
-        $request = Request::getById($requestId, $database);
-
-        if ($request === false) {
-            throw new ApplicationLogicException('Request not found');
-        }
-
-        return $request;
-    }
-
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return EmailTemplate|null
-     */
-    protected function getTemplate(PdoDatabase $database)
-    {
-        $templateId = WebRequest::getInt('template');
-        if ($templateId === null) {
-            return null;
-        }
-
-        /** @var EmailTemplate $template */
-        $template = EmailTemplate::getById($templateId, $database);
-        if ($template === false || !$template->getActive()) {
-            return null;
-        }
-
-        return $template;
-    }
-
-    /**
-     * @param $database
-     * @param $request
-     *
-     * @throws Exception
-     */
-    protected function showCustomCloseForm(PdoDatabase $database, Request $request)
-    {
-        $currentUser = User::getCurrent($database);
-        $config = $this->getSiteConfiguration();
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-        if (!$allowedPrivateData) {
-            // we probably shouldn't be showing the user this form if they're not allowed to access private data...
-            throw new AccessDeniedException($this->getSecurityManager());
-        }
-
-        $template = $this->getTemplate($database);
-
-        // Preload data
-        $this->assign('defaultAction', '');
-        $this->assign('preloadText', '');
-        $this->assign('preloadTitle', '');
-
-        if ($template !== null) {
-            $this->assign('defaultAction', $template->getDefaultAction());
-            $this->assign('preloadText', $template->getText());
-            $this->assign('preloadTitle', $template->getName());
-        }
-
-        // Static data
-        $this->assign('requeststates', $config->getRequestStates());
-
-        // request data
-        $this->assign('requestId', $request->getIp());
-        $this->assign('updateVersion', $request->getUpdateVersion());
-        $this->setupBasicData($request, $config);
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
-
-        // IP location
-        $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
-        $this->assign('iplocation', $this->getLocationProvider()->getIpLocation($trustedIp));
-
-        // Confirmations
-        $this->assign('confirmEmailAlreadySent', $this->checkEmailAlreadySent($request));
-        $this->assign('confirmReserveOverride', $this->checkReserveOverride($request, $currentUser));
-
-        $this->assign('canSkipCcMailingList', $this->barrierTest('skipCcMailingList', $currentUser));
-
-        // template
-        $this->setTemplate('custom-close.tpl');
-    }
-
-    /**
-     * @param User        $currentUser
-     * @param Request     $request
-     * @param PdoDatabase $database
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function doCustomClose(User $currentUser, Request $request, PdoDatabase $database)
-    {
-        $messageBody = WebRequest::postString('msgbody');
-        if ($messageBody === null || trim($messageBody) === '') {
-            throw new ApplicationLogicException('Message body cannot be blank');
-        }
-
-        $ccMailingList = true;
-        if ($this->barrierTest('skipCcMailingList', $currentUser)) {
-            $ccMailingList = WebRequest::postBoolean('ccMailingList');
-        }
-
-        if ($request->getStatus() === 'Closed') {
-            throw new ApplicationLogicException('Request is already closed');
-        }
-
-        if (!(WebRequest::postBoolean('confirmEmailAlreadySent')
-            && WebRequest::postBoolean('confirmReserveOverride'))
-        ) {
-            throw new ApplicationLogicException('Not all confirmations checked');
-        }
-
-        $action = WebRequest::postString('action');
-        $availableRequestStates = $this->getSiteConfiguration()->getRequestStates();
-
-        if ($action === EmailTemplate::CREATED || $action === EmailTemplate::NOT_CREATED) {
-            // Close request
-            $this->closeRequest($request, $database, $action, $messageBody);
-
-            // Send the mail after the save, since save can be rolled back
-            $this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
-        }
-        else {
-            if (array_key_exists($action, $availableRequestStates)) {
-                // Defer to other state
-                $this->deferRequest($request, $database, $action, $availableRequestStates, $messageBody);
-
-                // Send the mail after the save, since save can be rolled back
-                $this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
-            }
-            else {
-                $request->setReserved(null);
-                $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-                $request->save();
-
-                // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE
-                // and be rolled back.
-
-                // Send mail
-                $this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
-
-                Logger::sentMail($database, $request, $messageBody);
-                Logger::unreserve($database, $request);
-
-                $this->getNotificationHelper()->sentMail($request);
-                SessionAlert::success("Sent mail to Request {$request->getId()}");
-            }
-        }
-    }
-
-    /**
-     * @param Request     $request
-     * @param PdoDatabase $database
-     * @param string      $action
-     * @param string      $messageBody
-     *
-     * @throws Exception
-     * @throws OptimisticLockFailedException
-     */
-    protected function closeRequest(Request $request, PdoDatabase $database, $action, $messageBody)
-    {
-        $request->setStatus('Closed');
-        $request->setReserved(null);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-        $request->save();
-
-        // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and
-        // be rolled back.
-
-        if ($action == EmailTemplate::CREATED) {
-            $logCloseType = 'custom-y';
-            $notificationCloseType = "Custom, Created";
-        }
-        else {
-            $logCloseType = 'custom-n';
-            $notificationCloseType = "Custom, Not Created";
-        }
-
-        Logger::closeRequest($database, $request, $logCloseType, $messageBody);
-        $this->getNotificationHelper()->requestClosed($request, $notificationCloseType);
-
-        $requestName = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
-        SessionAlert::success("Request {$request->getId()} ({$requestName}) marked as 'Done'.");
-    }
-
-    /**
-     * @param Request     $request
-     * @param PdoDatabase $database
-     * @param string      $action
-     * @param             $availableRequestStates
-     * @param string      $messageBody
-     *
-     * @throws Exception
-     * @throws OptimisticLockFailedException
-     */
-    protected function deferRequest(
-        Request $request,
-        PdoDatabase $database,
-        $action,
-        $availableRequestStates,
-        $messageBody
-    ) {
-        $request->setStatus($action);
-        $request->setReserved(null);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-        $request->save();
-
-        // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE
-        // and be rolled back.
-
-        $deferToLog = $availableRequestStates[$action]['defertolog'];
-        Logger::sentMail($database, $request, $messageBody);
-        Logger::deferRequest($database, $request, $deferToLog);
-
-        $this->getNotificationHelper()->requestDeferredWithMail($request);
-
-        $deferTo = $availableRequestStates[$action]['deferto'];
-        SessionAlert::success("Request {$request->getId()} deferred to $deferTo, sending an email.");
-    }
+	use RequestData;
+
+	protected function main()
+	{
+		$database = $this->getDatabase();
+
+		$request = $this->getRequest($database);
+		$currentUser = User::getCurrent($this->getDatabase());
+
+		if ($request->getStatus() === 'Closed') {
+			throw new ApplicationLogicException('Request is already closed');
+		}
+
+		// Dual-mode page
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$this->doCustomClose($currentUser, $request, $database);
+
+			$this->redirect();
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->showCustomCloseForm($database, $request);
+		}
+	}
+
+	/**
+	 * @param $database
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database)
+	{
+		$requestId = WebRequest::getInt('request');
+		if ($requestId === null) {
+			throw new ApplicationLogicException('Request ID not found');
+		}
+
+		/** @var Request $request */
+		$request = Request::getById($requestId, $database);
+
+		if ($request === false) {
+			throw new ApplicationLogicException('Request not found');
+		}
+
+		return $request;
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return EmailTemplate|null
+	 */
+	protected function getTemplate(PdoDatabase $database)
+	{
+		$templateId = WebRequest::getInt('template');
+		if ($templateId === null) {
+			return null;
+		}
+
+		/** @var EmailTemplate $template */
+		$template = EmailTemplate::getById($templateId, $database);
+		if ($template === false || !$template->getActive()) {
+			return null;
+		}
+
+		return $template;
+	}
+
+	/**
+	 * @param $database
+	 * @param $request
+	 *
+	 * @throws Exception
+	 */
+	protected function showCustomCloseForm(PdoDatabase $database, Request $request)
+	{
+		$currentUser = User::getCurrent($database);
+		$config = $this->getSiteConfiguration();
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+		if (!$allowedPrivateData) {
+			// we probably shouldn't be showing the user this form if they're not allowed to access private data...
+			throw new AccessDeniedException($this->getSecurityManager());
+		}
+
+		$template = $this->getTemplate($database);
+
+		// Preload data
+		$this->assign('defaultAction', '');
+		$this->assign('preloadText', '');
+		$this->assign('preloadTitle', '');
+
+		if ($template !== null) {
+			$this->assign('defaultAction', $template->getDefaultAction());
+			$this->assign('preloadText', $template->getText());
+			$this->assign('preloadTitle', $template->getName());
+		}
+
+		// Static data
+		$this->assign('requeststates', $config->getRequestStates());
+
+		// request data
+		$this->assign('requestId', $request->getIp());
+		$this->assign('updateVersion', $request->getUpdateVersion());
+		$this->setupBasicData($request, $config);
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupPrivateData($request, $currentUser, $this->getSiteConfiguration(), $database);
+
+		// IP location
+		$trustedIp = $this->getXffTrustProvider()->getTrustedClientIp($request->getIp(), $request->getForwardedIp());
+		$this->assign('iplocation', $this->getLocationProvider()->getIpLocation($trustedIp));
+
+		// Confirmations
+		$this->assign('confirmEmailAlreadySent', $this->checkEmailAlreadySent($request));
+		$this->assign('confirmReserveOverride', $this->checkReserveOverride($request, $currentUser));
+
+		$this->assign('canSkipCcMailingList', $this->barrierTest('skipCcMailingList', $currentUser));
+
+		// template
+		$this->setTemplate('custom-close.tpl');
+	}
+
+	/**
+	 * @param User        $currentUser
+	 * @param Request     $request
+	 * @param PdoDatabase $database
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function doCustomClose(User $currentUser, Request $request, PdoDatabase $database)
+	{
+		$messageBody = WebRequest::postString('msgbody');
+		if ($messageBody === null || trim($messageBody) === '') {
+			throw new ApplicationLogicException('Message body cannot be blank');
+		}
+
+		$ccMailingList = true;
+		if ($this->barrierTest('skipCcMailingList', $currentUser)) {
+			$ccMailingList = WebRequest::postBoolean('ccMailingList');
+		}
+
+		if ($request->getStatus() === 'Closed') {
+			throw new ApplicationLogicException('Request is already closed');
+		}
+
+		if (!(WebRequest::postBoolean('confirmEmailAlreadySent')
+			&& WebRequest::postBoolean('confirmReserveOverride'))
+		) {
+			throw new ApplicationLogicException('Not all confirmations checked');
+		}
+
+		$action = WebRequest::postString('action');
+		$availableRequestStates = $this->getSiteConfiguration()->getRequestStates();
+
+		if ($action === EmailTemplate::CREATED || $action === EmailTemplate::NOT_CREATED) {
+			// Close request
+			$this->closeRequest($request, $database, $action, $messageBody);
+
+			// Send the mail after the save, since save can be rolled back
+			$this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
+		}
+		else {
+			if (array_key_exists($action, $availableRequestStates)) {
+				// Defer to other state
+				$this->deferRequest($request, $database, $action, $availableRequestStates, $messageBody);
+
+				// Send the mail after the save, since save can be rolled back
+				$this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
+			}
+			else {
+				$request->setReserved(null);
+				$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+				$request->save();
+
+				// Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE
+				// and be rolled back.
+
+				// Send mail
+				$this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
+
+				Logger::sentMail($database, $request, $messageBody);
+				Logger::unreserve($database, $request);
+
+				$this->getNotificationHelper()->sentMail($request);
+				SessionAlert::success("Sent mail to Request {$request->getId()}");
+			}
+		}
+	}
+
+	/**
+	 * @param Request     $request
+	 * @param PdoDatabase $database
+	 * @param string      $action
+	 * @param string      $messageBody
+	 *
+	 * @throws Exception
+	 * @throws OptimisticLockFailedException
+	 */
+	protected function closeRequest(Request $request, PdoDatabase $database, $action, $messageBody)
+	{
+		$request->setStatus('Closed');
+		$request->setReserved(null);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+		$request->save();
+
+		// Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and
+		// be rolled back.
+
+		if ($action == EmailTemplate::CREATED) {
+			$logCloseType = 'custom-y';
+			$notificationCloseType = "Custom, Created";
+		}
+		else {
+			$logCloseType = 'custom-n';
+			$notificationCloseType = "Custom, Not Created";
+		}
+
+		Logger::closeRequest($database, $request, $logCloseType, $messageBody);
+		$this->getNotificationHelper()->requestClosed($request, $notificationCloseType);
+
+		$requestName = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8');
+		SessionAlert::success("Request {$request->getId()} ({$requestName}) marked as 'Done'.");
+	}
+
+	/**
+	 * @param Request     $request
+	 * @param PdoDatabase $database
+	 * @param string      $action
+	 * @param             $availableRequestStates
+	 * @param string      $messageBody
+	 *
+	 * @throws Exception
+	 * @throws OptimisticLockFailedException
+	 */
+	protected function deferRequest(
+		Request $request,
+		PdoDatabase $database,
+		$action,
+		$availableRequestStates,
+		$messageBody
+	) {
+		$request->setStatus($action);
+		$request->setReserved(null);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+		$request->save();
+
+		// Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE
+		// and be rolled back.
+
+		$deferToLog = $availableRequestStates[$action]['defertolog'];
+		Logger::sentMail($database, $request, $messageBody);
+		Logger::deferRequest($database, $request, $deferToLog);
+
+		$this->getNotificationHelper()->requestDeferredWithMail($request);
+
+		$deferTo = $availableRequestStates[$action]['deferto'];
+		SessionAlert::success("Request {$request->getId()} deferred to $deferTo, sending an email.");
+	}
 }

Braces +4 added lines, -8 removed lines

@@ -42,8 +42,7 @@ 
             $this->doCustomClose($currentUser, $request, $database);
 
             $this->redirect();
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->showCustomCloseForm($database, $request);
         }
@@ -185,16 +184,14 @@ 
 
             // Send the mail after the save, since save can be rolled back
             $this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
-        }
-        else {
+        } else {
             if (array_key_exists($action, $availableRequestStates)) {
                 // Defer to other state
                 $this->deferRequest($request, $database, $action, $availableRequestStates, $messageBody);
 
                 // Send the mail after the save, since save can be rolled back
                 $this->sendMail($request, $messageBody, $currentUser, $ccMailingList);
-            }
-            else {
+            } else {
                 $request->setReserved(null);
                 $request->setUpdateVersion(WebRequest::postInt('updateversion'));
                 $request->save();
@@ -236,8 +233,7 @@ 
         if ($action == EmailTemplate::CREATED) {
             $logCloseType = 'custom-y';
             $notificationCloseType = "Custom, Created";
-        }
-        else {
+        } else {
             $logCloseType = 'custom-n';
             $notificationCloseType = "Custom, Not Created";
         }

includes/Pages/RequestAction/RequestActionBase.php

Indentation +33 added lines, -33 removed lines

@@ -16,37 +16,37 @@
 
 abstract class RequestActionBase extends InternalPageBase
 {
-    /**
-     * @param PdoDatabase $database
-     *
-     * @return Request
-     * @throws ApplicationLogicException
-     */
-    protected function getRequest(PdoDatabase $database)
-    {
-        $requestId = WebRequest::postInt('request');
-        if ($requestId === null) {
-            throw new ApplicationLogicException('Request ID not found');
-        }
-
-        /** @var Request $request */
-        $request = Request::getById($requestId, $database);
-
-        if ($request === false) {
-            throw new ApplicationLogicException('Request not found');
-        }
-
-        return $request;
-    }
-
-    final protected function checkPosted()
-    {
-        // if the request was not posted, send the user away.
-        if (!WebRequest::wasPosted()) {
-            throw new ApplicationLogicException('This page does not support GET methods.');
-        }
-
-        // validate the CSRF token
-        $this->validateCSRFToken();
-    }
+	/**
+	 * @param PdoDatabase $database
+	 *
+	 * @return Request
+	 * @throws ApplicationLogicException
+	 */
+	protected function getRequest(PdoDatabase $database)
+	{
+		$requestId = WebRequest::postInt('request');
+		if ($requestId === null) {
+			throw new ApplicationLogicException('Request ID not found');
+		}
+
+		/** @var Request $request */
+		$request = Request::getById($requestId, $database);
+
+		if ($request === false) {
+			throw new ApplicationLogicException('Request not found');
+		}
+
+		return $request;
+	}
+
+	final protected function checkPosted()
+	{
+		// if the request was not posted, send the user away.
+		if (!WebRequest::wasPosted()) {
+			throw new ApplicationLogicException('This page does not support GET methods.');
+		}
+
+		// validate the CSRF token
+		$this->validateCSRFToken();
+	}
 }
\ No newline at end of file

includes/Pages/RequestAction/PageBreakReservation.php

Indentation +64 added lines, -64 removed lines

@@ -19,79 +19,79 @@
 
 class PageBreakReservation extends RequestActionBase
 {
-    protected function main()
-    {
-        $this->checkPosted();
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database);
+	protected function main()
+	{
+		$this->checkPosted();
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database);
 
-        if ($request->getReserved() === null) {
-            throw new ApplicationLogicException('Request is not reserved!');
-        }
+		if ($request->getReserved() === null) {
+			throw new ApplicationLogicException('Request is not reserved!');
+		}
 
-        $currentUser = User::getCurrent($database);
+		$currentUser = User::getCurrent($database);
 
-        if ($currentUser->getId() === $request->getReserved()) {
-            $this->doUnreserve($request, $database);
-        }
-        else {
-            // not the same user!
-            if ($this->barrierTest('force', $currentUser)) {
-                $this->doBreakReserve($request, $database);
-            }
-            else {
-                throw new AccessDeniedException($this->getSecurityManager());
-            }
-        }
-    }
+		if ($currentUser->getId() === $request->getReserved()) {
+			$this->doUnreserve($request, $database);
+		}
+		else {
+			// not the same user!
+			if ($this->barrierTest('force', $currentUser)) {
+				$this->doBreakReserve($request, $database);
+			}
+			else {
+				throw new AccessDeniedException($this->getSecurityManager());
+			}
+		}
+	}
 
-    /**
-     * @param Request     $request
-     * @param PdoDatabase $database
-     *
-     * @throws Exception
-     */
-    protected function doUnreserve(Request $request, PdoDatabase $database)
-    {
-        // same user! we allow people to unreserve their own stuff
-        $request->setReserved(null);
-        $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-        $request->save();
+	/**
+	 * @param Request     $request
+	 * @param PdoDatabase $database
+	 *
+	 * @throws Exception
+	 */
+	protected function doUnreserve(Request $request, PdoDatabase $database)
+	{
+		// same user! we allow people to unreserve their own stuff
+		$request->setReserved(null);
+		$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+		$request->save();
 
-        Logger::unreserve($database, $request);
-        $this->getNotificationHelper()->requestUnreserved($request);
+		Logger::unreserve($database, $request);
+		$this->getNotificationHelper()->requestUnreserved($request);
 
-        // Redirect home!
-        $this->redirect();
-    }
+		// Redirect home!
+		$this->redirect();
+	}
 
-    /**
-     * @param Request     $request
-     * @param PdoDatabase $database
-     *
-     * @throws Exception
-     */
-    protected function doBreakReserve(Request $request, PdoDatabase $database)
-    {
-        if (!WebRequest::postBoolean("confirm")) {
-            $this->assignCSRFToken();
+	/**
+	 * @param Request     $request
+	 * @param PdoDatabase $database
+	 *
+	 * @throws Exception
+	 */
+	protected function doBreakReserve(Request $request, PdoDatabase $database)
+	{
+		if (!WebRequest::postBoolean("confirm")) {
+			$this->assignCSRFToken();
 
-            $this->assign("request", $request->getId());
-            $this->assign("reservedUser", User::getById($request->getReserved(), $database));
-            $this->assign("updateversion", WebRequest::postInt('updateversion'));
+			$this->assign("request", $request->getId());
+			$this->assign("reservedUser", User::getById($request->getReserved(), $database));
+			$this->assign("updateversion", WebRequest::postInt('updateversion'));
 
-            $this->setTemplate("confirmations/breakreserve.tpl");
-        }
-        else {
-            $request->setReserved(null);
-            $request->setUpdateVersion(WebRequest::postInt('updateversion'));
-            $request->save();
+			$this->setTemplate("confirmations/breakreserve.tpl");
+		}
+		else {
+			$request->setReserved(null);
+			$request->setUpdateVersion(WebRequest::postInt('updateversion'));
+			$request->save();
 
-            Logger::breakReserve($database, $request);
-            $this->getNotificationHelper()->requestReserveBroken($request);
+			Logger::breakReserve($database, $request);
+			$this->getNotificationHelper()->requestReserveBroken($request);
 
-            // Redirect home!
-            $this->redirect();
-        }
-    }
+			// Redirect home!
+			$this->redirect();
+		}
+	}
 }

Braces +3 added lines, -6 removed lines

@@ -33,13 +33,11 @@ 
 
         if ($currentUser->getId() === $request->getReserved()) {
             $this->doUnreserve($request, $database);
-        }
-        else {
+        } else {
             // not the same user!
             if ($this->barrierTest('force', $currentUser)) {
                 $this->doBreakReserve($request, $database);
-            }
-            else {
+            } else {
                 throw new AccessDeniedException($this->getSecurityManager());
             }
         }
@@ -81,8 +79,7 @@ 
             $this->assign("updateversion", WebRequest::postInt('updateversion'));
 
             $this->setTemplate("confirmations/breakreserve.tpl");
-        }
-        else {
+        } else {
             $request->setReserved(null);
             $request->setUpdateVersion(WebRequest::postInt('updateversion'));
             $request->save();

includes/Pages/RequestAction/PageComment.php

Indentation +36 added lines, -36 removed lines

@@ -15,51 +15,51 @@
 
 class PageComment extends RequestActionBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->checkPosted();
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database);
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->checkPosted();
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database);
 
-        $commentText = WebRequest::postString('comment');
-        if ($commentText === false || $commentText == '') {
-            $this->redirect('viewRequest', null, array('id' => $request->getId()));
+		$commentText = WebRequest::postString('comment');
+		if ($commentText === false || $commentText == '') {
+			$this->redirect('viewRequest', null, array('id' => $request->getId()));
 
-            return;
-        }
+			return;
+		}
 
-        //Look for and detect IPv4/IPv6 addresses in comment text, and warn the commenter.
-        $ipv4Regex = '/\b' . RegexConstants::IPV4 . '\b/';
-        $ipv6Regex = '/\b' . RegexConstants::IPV6 . '\b/';
+		//Look for and detect IPv4/IPv6 addresses in comment text, and warn the commenter.
+		$ipv4Regex = '/\b' . RegexConstants::IPV4 . '\b/';
+		$ipv6Regex = '/\b' . RegexConstants::IPV6 . '\b/';
 
-        $overridePolicy = WebRequest::postBoolean('privpol-check-override');
+		$overridePolicy = WebRequest::postBoolean('privpol-check-override');
 
-        if ((preg_match($ipv4Regex, $commentText) || preg_match($ipv6Regex, $commentText)) && !$overridePolicy) {
-            $this->assignCSRFToken();
-            $this->assign("request", $request);
-            $this->assign("comment", $commentText);
-            $this->setTemplate("privpol-warning.tpl");
+		if ((preg_match($ipv4Regex, $commentText) || preg_match($ipv6Regex, $commentText)) && !$overridePolicy) {
+			$this->assignCSRFToken();
+			$this->assign("request", $request);
+			$this->assign("comment", $commentText);
+			$this->setTemplate("privpol-warning.tpl");
 
-            return;
-        }
+			return;
+		}
 
-        $visibility = WebRequest::postBoolean('adminOnly') ? 'admin' : 'user';
+		$visibility = WebRequest::postBoolean('adminOnly') ? 'admin' : 'user';
 
-        $comment = new Comment();
-        $comment->setDatabase($database);
+		$comment = new Comment();
+		$comment->setDatabase($database);
 
-        $comment->setRequest($request->getId());
-        $comment->setVisibility($visibility);
-        $comment->setUser(User::getCurrent($database)->getId());
-        $comment->setComment($commentText);
+		$comment->setRequest($request->getId());
+		$comment->setVisibility($visibility);
+		$comment->setUser(User::getCurrent($database)->getId());
+		$comment->setComment($commentText);
 
-        $comment->save();
+		$comment->save();
 
-        $this->getNotificationHelper()->commentCreated($comment, $request);
-        $this->redirect('viewRequest', null, array('id' => $request->getId()));
-    }
+		$this->getNotificationHelper()->commentCreated($comment, $request);
+		$this->redirect('viewRequest', null, array('id' => $request->getId()));
+	}
 }