mdaniels5757 / waca

includes/Pages/PageMain.php

Braces +2 added lines, -1 removed lines

@@ -187,7 +187,8 @@
 
         // FIXME: domains!
         $requestQueues = RequestQueue::getAllQueues($database);
-        $queuesById = array_reduce($requestQueues, function($result, RequestQueue $item) {
+        $queuesById = array_reduce($requestQueues, function($result, RequestQueue $item)
+        {
             $result[$item->getId()] = $item;
             return $result;
         }, array());

Indentation +183 added lines, -183 removed lines

@@ -23,69 +23,69 @@ 
 
 class PageMain extends InternalPageBase
 {
-    use RequestListData;
-
-    /**
-     * Main function for this page, when no actions are called.
-     */
-    protected function main()
-    {
-        $this->assignCSRFToken();
-
-        $config = $this->getSiteConfiguration();
-        $database = $this->getDatabase();
-        $currentUser = User::getCurrent($database);
-        $preferencesManager = PreferenceManager::getForCurrent($database);
-
-        // general template configuration
-        // FIXME: domains!
-        $defaultQueue = RequestQueue::getDefaultQueue($database, 1);
-        $this->assign('defaultRequestState', $defaultQueue->getApiName());
-        $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
-
-        $seeAllRequests = $this->barrierTest('seeAllRequests', $currentUser, PageViewRequest::class);
-
-        list($defaultSort, $defaultSortDirection) = WebRequest::requestListDefaultSort();
-        $this->assign('defaultSort', $defaultSort);
-        $this->assign('defaultSortDirection', $defaultSortDirection);
-        $showQueueHelp = $preferencesManager->getPreference(PreferenceManager::PREF_QUEUE_HELP) ?? true;
-        $this->assign('showQueueHelp', $showQueueHelp);
-
-        // Fetch request data
-        $requestSectionData = array();
-        if ($seeAllRequests) {
-            $this->setupStatusSections($database, $config, $requestSectionData);
-            $this->setupHospitalQueue($database, $config, $requestSectionData);
-            $this->setupJobQueue($database, $config, $requestSectionData);
-        }
-        $this->setupLastFiveClosedData($database, $seeAllRequests);
-
-        // Assign data to template
-        $this->assign('requestSectionData', $requestSectionData);
-
-        $this->setTemplate('mainpage/mainpage.tpl');
-    }
-
-    /**
-     * @param PdoDatabase $database
-     * @param bool        $seeAllRequests
-     *
-     * @internal param User $currentUser
-     */
-    private function setupLastFiveClosedData(PdoDatabase $database, $seeAllRequests)
-    {
-        $config = $this->getSiteConfiguration();
-        $this->assign('showLastFive', $seeAllRequests);
-        if (!$seeAllRequests) {
-            return;
-        }
-
-        $queryExcludeDropped = "";
-        if ($config->getEmailConfirmationEnabled()) {
-            $queryExcludeDropped = "AND request.emailConfirm = 'Confirmed'";
-        }
-
-        $query = <<<SQL
+	use RequestListData;
+
+	/**
+	 * Main function for this page, when no actions are called.
+	 */
+	protected function main()
+	{
+		$this->assignCSRFToken();
+
+		$config = $this->getSiteConfiguration();
+		$database = $this->getDatabase();
+		$currentUser = User::getCurrent($database);
+		$preferencesManager = PreferenceManager::getForCurrent($database);
+
+		// general template configuration
+		// FIXME: domains!
+		$defaultQueue = RequestQueue::getDefaultQueue($database, 1);
+		$this->assign('defaultRequestState', $defaultQueue->getApiName());
+		$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+
+		$seeAllRequests = $this->barrierTest('seeAllRequests', $currentUser, PageViewRequest::class);
+
+		list($defaultSort, $defaultSortDirection) = WebRequest::requestListDefaultSort();
+		$this->assign('defaultSort', $defaultSort);
+		$this->assign('defaultSortDirection', $defaultSortDirection);
+		$showQueueHelp = $preferencesManager->getPreference(PreferenceManager::PREF_QUEUE_HELP) ?? true;
+		$this->assign('showQueueHelp', $showQueueHelp);
+
+		// Fetch request data
+		$requestSectionData = array();
+		if ($seeAllRequests) {
+			$this->setupStatusSections($database, $config, $requestSectionData);
+			$this->setupHospitalQueue($database, $config, $requestSectionData);
+			$this->setupJobQueue($database, $config, $requestSectionData);
+		}
+		$this->setupLastFiveClosedData($database, $seeAllRequests);
+
+		// Assign data to template
+		$this->assign('requestSectionData', $requestSectionData);
+
+		$this->setTemplate('mainpage/mainpage.tpl');
+	}
+
+	/**
+	 * @param PdoDatabase $database
+	 * @param bool        $seeAllRequests
+	 *
+	 * @internal param User $currentUser
+	 */
+	private function setupLastFiveClosedData(PdoDatabase $database, $seeAllRequests)
+	{
+		$config = $this->getSiteConfiguration();
+		$this->assign('showLastFive', $seeAllRequests);
+		if (!$seeAllRequests) {
+			return;
+		}
+
+		$queryExcludeDropped = "";
+		if ($config->getEmailConfirmationEnabled()) {
+			$queryExcludeDropped = "AND request.emailConfirm = 'Confirmed'";
+		}
+
+		$query = <<<SQL
 		SELECT request.id, request.name, request.updateversion
 		FROM request /* PageMain::main() */
 		JOIN log ON log.objectid = request.id AND log.objecttype = 'Request'
@@ -95,124 +95,124 @@ 
 		LIMIT 5;
 SQL;
 
-        $statement = $database->prepare($query);
-        $statement->execute();
-
-        $last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
-
-        $this->assign('lastFive', $last5result);
-    }
-
-    /**
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $config
-     * @param                   $requestSectionData
-     */
-    private function setupHospitalQueue(
-        PdoDatabase $database,
-        SiteConfiguration $config,
-        &$requestSectionData
-    ) {
-        // FIXME: domains!
-        $search = RequestSearchHelper::get($database, 1)
-            ->limit($config->getMiserModeLimit())
-            ->excludingStatus('Closed')
-            ->isHospitalised();
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $search->withConfirmedEmail();
-        }
-
-        /** @var Request[] $results */
-        $results = $search->getRecordCount($requestCount)->fetch();
-
-        if ($requestCount > 0) {
-            $requestSectionData['Hospital - Requests failed auto-creation'] = array(
-                'requests' => $this->prepareRequestData($results),
-                'total'    => $requestCount,
-                'api'      => 'hospital',
-                'type'     => 'hospital',
-                'special'  => 'Job Queue',
-                'help'     => 'This queue lists all the requests which have been attempted to be created in the background, but for which this has failed for one reason or another. Check the job queue to find the error. Requests here may need to be created manually, or it may be possible to re-queue the request for auto-creation by the tool, or it may have been created already. Use your own technical discretion here.',
-                'showAll'  => false
-            );
-        }
-    }
-
-    /**
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $config
-     * @param                   $requestSectionData
-     */
-    private function setupJobQueue(
-        PdoDatabase $database,
-        SiteConfiguration $config,
-        &$requestSectionData
-    ) {
-        // FIXME: domains!
-        $search = RequestSearchHelper::get($database, 1)
-            ->limit($config->getMiserModeLimit())
-            ->byStatus(RequestStatus::JOBQUEUE);
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $search->withConfirmedEmail();
-        }
-
-        /** @var Request[] $results */
-        $results = $search->getRecordCount($requestCount)->fetch();
-
-        if ($requestCount > 0) {
-            $requestSectionData['Requests queued in the Job Queue'] = array(
-                'requests' => $this->prepareRequestData($results),
-                'total'    => $requestCount,
-                'api'      => 'JobQueue',
-                'type'     => 'JobQueue',
-                'special'  => 'Job Queue',
-                'help'     => 'This section lists all the requests which are currently waiting to be created by the tool. Requests should automatically disappear from here within a few minutes.',
-                'showAll'  => false
-            );
-        }
-    }
-
-    /**
-     * @param PdoDatabase       $database
-     * @param SiteConfiguration $config
-     * @param                   $requestSectionData
-     */
-    private function setupStatusSections(
-        PdoDatabase $database,
-        SiteConfiguration $config,
-        &$requestSectionData
-    ) {
-        // FIXME: domains!
-        $search = RequestSearchHelper::get($database, 1)->limit($config->getMiserModeLimit());
-        $search->byStatus(RequestStatus::OPEN);
-
-        if ($config->getEmailConfirmationEnabled()) {
-            $search->withConfirmedEmail();
-        }
-
-        // FIXME: domains!
-        $requestQueues = RequestQueue::getAllQueues($database);
-        $queuesById = array_reduce($requestQueues, function($result, RequestQueue $item) {
-            $result[$item->getId()] = $item;
-            return $result;
-        }, array());
-
-        $requestsByQueue = $search->fetchByQueue(array_keys($queuesById));
-
-        foreach ($requestsByQueue as $queueId => $queueData) {
-            if ($queueData['count'] > 0 || $queuesById[$queueId]->isEnabled()) {
-                $requestSectionData[$queuesById[$queueId]->getHeader()] = array(
-                    'requests' => $this->prepareRequestData($queueData['data']),
-                    'total'    => $queueData['count'],
-                    'api'      => $queuesById[$queueId]->getApiName(),
-                    'type'     => $queueId,
-                    'special'  => null,
-                    'help'     => $queuesById[$queueId]->getHelp(),
-                    'showAll'  => true
-                );
-            }
-        }
-    }
+		$statement = $database->prepare($query);
+		$statement->execute();
+
+		$last5result = $statement->fetchAll(PDO::FETCH_ASSOC);
+
+		$this->assign('lastFive', $last5result);
+	}
+
+	/**
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $config
+	 * @param                   $requestSectionData
+	 */
+	private function setupHospitalQueue(
+		PdoDatabase $database,
+		SiteConfiguration $config,
+		&$requestSectionData
+	) {
+		// FIXME: domains!
+		$search = RequestSearchHelper::get($database, 1)
+			->limit($config->getMiserModeLimit())
+			->excludingStatus('Closed')
+			->isHospitalised();
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$search->withConfirmedEmail();
+		}
+
+		/** @var Request[] $results */
+		$results = $search->getRecordCount($requestCount)->fetch();
+
+		if ($requestCount > 0) {
+			$requestSectionData['Hospital - Requests failed auto-creation'] = array(
+				'requests' => $this->prepareRequestData($results),
+				'total'    => $requestCount,
+				'api'      => 'hospital',
+				'type'     => 'hospital',
+				'special'  => 'Job Queue',
+				'help'     => 'This queue lists all the requests which have been attempted to be created in the background, but for which this has failed for one reason or another. Check the job queue to find the error. Requests here may need to be created manually, or it may be possible to re-queue the request for auto-creation by the tool, or it may have been created already. Use your own technical discretion here.',
+				'showAll'  => false
+			);
+		}
+	}
+
+	/**
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $config
+	 * @param                   $requestSectionData
+	 */
+	private function setupJobQueue(
+		PdoDatabase $database,
+		SiteConfiguration $config,
+		&$requestSectionData
+	) {
+		// FIXME: domains!
+		$search = RequestSearchHelper::get($database, 1)
+			->limit($config->getMiserModeLimit())
+			->byStatus(RequestStatus::JOBQUEUE);
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$search->withConfirmedEmail();
+		}
+
+		/** @var Request[] $results */
+		$results = $search->getRecordCount($requestCount)->fetch();
+
+		if ($requestCount > 0) {
+			$requestSectionData['Requests queued in the Job Queue'] = array(
+				'requests' => $this->prepareRequestData($results),
+				'total'    => $requestCount,
+				'api'      => 'JobQueue',
+				'type'     => 'JobQueue',
+				'special'  => 'Job Queue',
+				'help'     => 'This section lists all the requests which are currently waiting to be created by the tool. Requests should automatically disappear from here within a few minutes.',
+				'showAll'  => false
+			);
+		}
+	}
+
+	/**
+	 * @param PdoDatabase       $database
+	 * @param SiteConfiguration $config
+	 * @param                   $requestSectionData
+	 */
+	private function setupStatusSections(
+		PdoDatabase $database,
+		SiteConfiguration $config,
+		&$requestSectionData
+	) {
+		// FIXME: domains!
+		$search = RequestSearchHelper::get($database, 1)->limit($config->getMiserModeLimit());
+		$search->byStatus(RequestStatus::OPEN);
+
+		if ($config->getEmailConfirmationEnabled()) {
+			$search->withConfirmedEmail();
+		}
+
+		// FIXME: domains!
+		$requestQueues = RequestQueue::getAllQueues($database);
+		$queuesById = array_reduce($requestQueues, function($result, RequestQueue $item) {
+			$result[$item->getId()] = $item;
+			return $result;
+		}, array());
+
+		$requestsByQueue = $search->fetchByQueue(array_keys($queuesById));
+
+		foreach ($requestsByQueue as $queueId => $queueData) {
+			if ($queueData['count'] > 0 || $queuesById[$queueId]->isEnabled()) {
+				$requestSectionData[$queuesById[$queueId]->getHeader()] = array(
+					'requests' => $this->prepareRequestData($queueData['data']),
+					'total'    => $queueData['count'],
+					'api'      => $queuesById[$queueId]->getApiName(),
+					'type'     => $queueId,
+					'special'  => null,
+					'help'     => $queuesById[$queueId]->getHelp(),
+					'showAll'  => true
+				);
+			}
+		}
+	}
 }

includes/Pages/PageViewRequest.php

Indentation +365 added lines, -365 removed lines

@@ -32,369 +32,369 @@
 
 class PageViewRequest extends InternalPageBase
 {
-    use RequestData;
-
-    const STATUS_SYMBOL_OPEN = '&#927';
-    const STATUS_SYMBOL_ACCEPTED = '&#x2611';
-    const STATUS_SYMBOL_REJECTED = '&#x2612';
-
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws ApplicationLogicException
-     */
-    protected function main()
-    {
-        // set up csrf protection
-        $this->assignCSRFToken();
-
-        // get some useful objects
-        $database = $this->getDatabase();
-        $request = $this->getRequest($database, WebRequest::getInt('id'));
-        $config = $this->getSiteConfiguration();
-        $currentUser = User::getCurrent($database);
-
-        // FIXME: domains!
-        /** @var Domain $domain */
-        $domain = Domain::getById(1, $this->getDatabase());
-        $this->assign('mediawikiScriptPath', $domain->getWikiArticlePath());
-
-        // Shows a page if the email is not confirmed.
-        if ($request->getEmailConfirm() !== 'Confirmed') {
-            // Show a banner if the user can manually confirm the request
-            $viewConfirm = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageManuallyConfirm::class);
-
-            // If the request is purged, there's nothing to confirm!
-            if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-                $viewConfirm = false;
-            }
-
-            // Render
-            $this->setTemplate("view-request/not-confirmed.tpl");
-            $this->assign("requestId", $request->getId());
-            $this->assign("requestVersion", $request->getUpdateVersion());
-            $this->assign('canViewConfirmButton', $viewConfirm);
-
-            // Make sure to return, to prevent the leaking of other information.
-            return;
-        }
-
-        $this->setupBasicData($request, $config);
-
-        $this->setupUsernameData($request);
-
-        $this->setupTitle($request);
-
-        $this->setupReservationDetails($request->getReserved(), $database, $currentUser);
-        $this->setupGeneralData($database);
-
-        $this->assign('requestDataCleared', false);
-        if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
-            $this->assign('requestDataCleared', true);
-        }
-
-        $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
-
-        $this->setupCreationTypes($currentUser);
-
-        $this->setupLogData($request, $database, $allowedPrivateData);
-
-        $this->addJs("/api.php?action=templates&targetVariable=templateconfirms");
-
-        $this->assign('showRevealLink', false);
-        if ($request->getReserved() === $currentUser->getId() ||
-            $this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
-        ) {
-            $this->assign('showRevealLink', true);
-            $this->assign('revealHash', $request->getRevealHash());
-        }
-
-        $this->assign('canSeeRelatedRequests', false);
-        if ($allowedPrivateData || $this->barrierTest('seeRelatedRequests', $currentUser, 'RequestData')) {
-            $this->setupRelatedRequests($request, $config, $database);
-        }
-
-        $this->assign('canCreateLocalAccount', $this->barrierTest('createLocalAccount', $currentUser, 'RequestData'));
-
-        $closureDate = $request->getClosureDate();
-        $date = new DateTime();
-        $date->modify("-7 days");
-        if ($request->getStatus() == "Closed" && $closureDate < $date) {
-            $this->assign('isOldRequest', true);
-        }
-        $this->assign('canResetOldRequest', $this->barrierTest('reopenOldRequest', $currentUser, 'RequestData'));
-        $this->assign('canResetPurgedRequest', $this->barrierTest('reopenClearedRequest', $currentUser, 'RequestData'));
-
-        $this->assign('requestEmailSent', $request->getEmailSent());
-
-        if ($allowedPrivateData) {
-            $this->setTemplate('view-request/main-with-data.tpl');
-            $this->setupPrivateData($request, $config);
-            $this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
-            $this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
-
-            if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
-                $this->setTemplate('view-request/main-with-checkuser-data.tpl');
-                $this->setupCheckUserData($request);
-            }
-        }
-        else {
-            $this->setTemplate('view-request/main.tpl');
-        }
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupTitle(Request $request)
-    {
-        $statusSymbol = self::STATUS_SYMBOL_OPEN;
-        if ($request->getStatus() === RequestStatus::CLOSED) {
-            if ($request->getWasCreated()) {
-                $statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
-            }
-            else {
-                $statusSymbol = self::STATUS_SYMBOL_REJECTED;
-            }
-        }
-
-        $this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
-    }
-
-    /**
-     * Sets up data unrelated to the request, such as the email template information
-     *
-     * @param PdoDatabase $database
-     */
-    protected function setupGeneralData(PdoDatabase $database)
-    {
-        $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
-
-        // FIXME: domains
-        /** @var Domain $domain */
-        $domain = Domain::getById(1, $database);
-        $this->assign('defaultRequestState', RequestQueue::getDefaultQueue($database, 1)->getApiName());
-        $this->assign('activeRequestQueues', RequestQueue::getEnabledQueues($database));
-
-        /** @var EmailTemplate $createdTemplate */
-        $createdTemplate = EmailTemplate::getById($domain->getDefaultClose(), $database);
-
-        $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
-        $this->assign('createdId', $createdTemplate->getId());
-        $this->assign('createdName', $createdTemplate->getName());
-
-        $preferenceManager = PreferenceManager::getForCurrent($database);
-        $skipJsAborts = $preferenceManager->getPreference(PreferenceManager::PREF_SKIP_JS_ABORT);
-        $preferredCreationMode = (int)$preferenceManager->getPreference(PreferenceManager::PREF_CREATION_MODE);
-        $this->assign('skipJsAborts', $skipJsAborts);
-        $this->assign('preferredCreationMode', $preferredCreationMode);
-
-        $createReasons = EmailTemplate::getActiveNonpreloadTemplates(
-            EmailTemplate::ACTION_CREATED,
-            $database,
-            $domain->getId(),
-            $domain->getDefaultClose());
-        $this->assign("createReasons", $createReasons);
-
-        $declineReasons = EmailTemplate::getActiveNonpreloadTemplates(
-            EmailTemplate::ACTION_NOT_CREATED,
-            $database,
-            $domain->getId());
-        $this->assign("declineReasons", $declineReasons);
-
-        $allCreateReasons = EmailTemplate::getAllActiveTemplates(
-            EmailTemplate::ACTION_CREATED,
-            $database,
-            $domain->getId());
-        $this->assign("allCreateReasons", $allCreateReasons);
-
-        $allDeclineReasons = EmailTemplate::getAllActiveTemplates(
-            EmailTemplate::ACTION_NOT_CREATED,
-            $database,
-            $domain->getId());
-        $this->assign("allDeclineReasons", $allDeclineReasons);
-
-        $allOtherReasons = EmailTemplate::getAllActiveTemplates(
-            false,
-            $database,
-            $domain->getId());
-        $this->assign("allOtherReasons", $allOtherReasons);
-    }
-
-    private function setupLogData(Request $request, PdoDatabase $database, bool $allowedPrivateData)
-    {
-        $currentUser = User::getCurrent($database);
-
-        $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
-        $requestLogs = array();
-
-        /** @var User[] $nameCache */
-        $nameCache = array();
-
-        $editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
-
-        $canFlag = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageFlagComment::class);
-        $canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class);
-
-        /** @var Log|Comment $entry */
-        foreach ($logs as $entry) {
-            // both log and comment have a 'user' field
-            if (!array_key_exists($entry->getUser(), $nameCache)) {
-                $entryUser = User::getById($entry->getUser(), $database);
-                $nameCache[$entry->getUser()] = $entryUser;
-            }
-
-            if ($entry instanceof Comment) {
-                // Determine if the comment contains private information.
-                // Private defined as flagged or restricted visibility, but only when the user isn't allowed
-                // to see private data
-                $commentIsRestricted =
-                    ($entry->getFlagged()
-                        || $entry->getVisibility() == 'admin' || $entry->getVisibility() == 'checkuser')
-                    && !$allowedPrivateData;
-
-                // Only allow comment editing if the user is able to edit comments or this is the user's own comment,
-                // but only when they're allowed to see the comment itself.
-                $commentIsEditable = ($editableComments || $entry->getUser() == $currentUser->getId())
-                    && !$commentIsRestricted;
-
-                // Flagging/unflagging can only be done if you can see the comment
-                $canFlagThisComment = $canFlag
-                    && (
-                        (!$entry->getFlagged() && !$commentIsRestricted)
-                        || ($entry->getFlagged() && $canUnflag && $commentIsEditable)
-                    );
-
-                $requestLogs[] = array(
-                    'type'          => 'comment',
-                    'security'      => $entry->getVisibility(),
-                    'user'          => $entry->getVisibility() == 'requester' ? $request->getName() : $nameCache[$entry->getUser()]->getUsername(),
-                    'userid'        => $entry->getUser() == -1 ? null : $entry->getUser(),
-                    'entry'         => null,
-                    'time'          => $entry->getTime(),
-                    'canedit'       => $commentIsEditable,
-                    'id'            => $entry->getId(),
-                    'comment'       => $entry->getComment(),
-                    'flagged'       => $entry->getFlagged(),
-                    'canflag'       => $canFlagThisComment,
-                    'updateversion' => $entry->getUpdateVersion(),
-                    'edited'        => $entry->getEdited(),
-                    'hidden'        => $commentIsRestricted
-                );
-            }
-
-            if ($entry instanceof Log) {
-                $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
-                $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
-
-                $entryComment = $entry->getComment();
-
-                if ($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest') {
-                    $data = unserialize($entry->getComment());
-                    /** @var JobQueue $job */
-                    $job = JobQueue::getById($data['job'], $database);
-                    $requestLogs[] = array(
-                        'type'     => 'joblog',
-                        'security' => 'user',
-                        'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                        'user'     => $entryUser->getUsername(),
-                        'entry'    => LogHelper::getLogDescription($entry),
-                        'time'     => $entry->getTimestamp(),
-                        'canedit'  => false,
-                        'id'       => $entry->getId(),
-                        'jobId'    => $job->getId(),
-                        'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
-                    );
-                }
-                else {
-                    $requestLogs[] = array(
-                        'type'     => 'log',
-                        'security' => 'user',
-                        'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
-                        'user'     => $entryUser->getUsername(),
-                        'entry'    => LogHelper::getLogDescription($entry),
-                        'time'     => $entry->getTimestamp(),
-                        'canedit'  => false,
-                        'id'       => $entry->getId(),
-                        'comment'  => $entryComment,
-                    );
-                }
-            }
-        }
-
-        $this->addJs("/api.php?action=users&targetVariable=typeaheaddata");
-
-        $this->assign("requestLogs", $requestLogs);
-    }
-
-    /**
-     * @param Request $request
-     */
-    protected function setupUsernameData(Request $request)
-    {
-        $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
-
-        $this->assign('requestIsBlacklisted', $blacklistData !== false);
-        $this->assign('requestBlacklist', $blacklistData);
-
-        try {
-            $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
-        }
-        catch (Exception $ex) {
-            $spoofs = $ex->getMessage();
-        }
-
-        $this->assign("spoofs", $spoofs);
-    }
-
-    private function setupCreationTypes(User $user)
-    {
-        $this->assign('allowWelcomeSkip', false);
-        $this->assign('forceWelcomeSkip', false);
-
-        $database = $this->getDatabase();
-        $preferenceManager = PreferenceManager::getForCurrent($database);
-
-        $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
-
-        $welcomeTemplate = $preferenceManager->getPreference(PreferenceManager::PREF_WELCOMETEMPLATE);
-
-        if ($welcomeTemplate != null) {
-            $this->assign('allowWelcomeSkip', true);
-
-            if (!$oauth->canWelcome()) {
-                $this->assign('forceWelcomeSkip', true);
-            }
-        }
-
-        // test credentials
-        $canManualCreate = $this->barrierTest(PreferenceManager::CREATION_MANUAL, $user, 'RequestCreation');
-        $canOauthCreate = $this->barrierTest(PreferenceManager::CREATION_OAUTH, $user, 'RequestCreation');
-        $canBotCreate = $this->barrierTest(PreferenceManager::CREATION_BOT, $user, 'RequestCreation');
-
-        $this->assign('canManualCreate', $canManualCreate);
-        $this->assign('canOauthCreate', $canOauthCreate);
-        $this->assign('canBotCreate', $canBotCreate);
-
-        // show/hide the type radio buttons
-        $creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1;
-
-        $creationModePreference = $preferenceManager->getPreference(PreferenceManager::PREF_CREATION_MODE);
-        if (!$this->barrierTest($creationModePreference, $user, 'RequestCreation')) {
-            // user is not allowed to use their default. Force a choice.
-            $creationHasChoice = true;
-        }
-
-        $this->assign('creationHasChoice', $creationHasChoice);
-
-        // determine problems in creation types
-        $this->assign('botProblem', false);
-        if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) {
-            $this->assign('botProblem', true);
-        }
-
-        $this->assign('oauthProblem', false);
-        if ($canOauthCreate && !$oauth->canCreateAccount()) {
-            $this->assign('oauthProblem', true);
-        }
-    }
+	use RequestData;
+
+	const STATUS_SYMBOL_OPEN = '&#927';
+	const STATUS_SYMBOL_ACCEPTED = '&#x2611';
+	const STATUS_SYMBOL_REJECTED = '&#x2612';
+
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws ApplicationLogicException
+	 */
+	protected function main()
+	{
+		// set up csrf protection
+		$this->assignCSRFToken();
+
+		// get some useful objects
+		$database = $this->getDatabase();
+		$request = $this->getRequest($database, WebRequest::getInt('id'));
+		$config = $this->getSiteConfiguration();
+		$currentUser = User::getCurrent($database);
+
+		// FIXME: domains!
+		/** @var Domain $domain */
+		$domain = Domain::getById(1, $this->getDatabase());
+		$this->assign('mediawikiScriptPath', $domain->getWikiArticlePath());
+
+		// Shows a page if the email is not confirmed.
+		if ($request->getEmailConfirm() !== 'Confirmed') {
+			// Show a banner if the user can manually confirm the request
+			$viewConfirm = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageManuallyConfirm::class);
+
+			// If the request is purged, there's nothing to confirm!
+			if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+				$viewConfirm = false;
+			}
+
+			// Render
+			$this->setTemplate("view-request/not-confirmed.tpl");
+			$this->assign("requestId", $request->getId());
+			$this->assign("requestVersion", $request->getUpdateVersion());
+			$this->assign('canViewConfirmButton', $viewConfirm);
+
+			// Make sure to return, to prevent the leaking of other information.
+			return;
+		}
+
+		$this->setupBasicData($request, $config);
+
+		$this->setupUsernameData($request);
+
+		$this->setupTitle($request);
+
+		$this->setupReservationDetails($request->getReserved(), $database, $currentUser);
+		$this->setupGeneralData($database);
+
+		$this->assign('requestDataCleared', false);
+		if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) {
+			$this->assign('requestDataCleared', true);
+		}
+
+		$allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser);
+
+		$this->setupCreationTypes($currentUser);
+
+		$this->setupLogData($request, $database, $allowedPrivateData);
+
+		$this->addJs("/api.php?action=templates&targetVariable=templateconfirms");
+
+		$this->assign('showRevealLink', false);
+		if ($request->getReserved() === $currentUser->getId() ||
+			$this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData')
+		) {
+			$this->assign('showRevealLink', true);
+			$this->assign('revealHash', $request->getRevealHash());
+		}
+
+		$this->assign('canSeeRelatedRequests', false);
+		if ($allowedPrivateData || $this->barrierTest('seeRelatedRequests', $currentUser, 'RequestData')) {
+			$this->setupRelatedRequests($request, $config, $database);
+		}
+
+		$this->assign('canCreateLocalAccount', $this->barrierTest('createLocalAccount', $currentUser, 'RequestData'));
+
+		$closureDate = $request->getClosureDate();
+		$date = new DateTime();
+		$date->modify("-7 days");
+		if ($request->getStatus() == "Closed" && $closureDate < $date) {
+			$this->assign('isOldRequest', true);
+		}
+		$this->assign('canResetOldRequest', $this->barrierTest('reopenOldRequest', $currentUser, 'RequestData'));
+		$this->assign('canResetPurgedRequest', $this->barrierTest('reopenClearedRequest', $currentUser, 'RequestData'));
+
+		$this->assign('requestEmailSent', $request->getEmailSent());
+
+		if ($allowedPrivateData) {
+			$this->setTemplate('view-request/main-with-data.tpl');
+			$this->setupPrivateData($request, $config);
+			$this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class));
+			$this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData'));
+
+			if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) {
+				$this->setTemplate('view-request/main-with-checkuser-data.tpl');
+				$this->setupCheckUserData($request);
+			}
+		}
+		else {
+			$this->setTemplate('view-request/main.tpl');
+		}
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupTitle(Request $request)
+	{
+		$statusSymbol = self::STATUS_SYMBOL_OPEN;
+		if ($request->getStatus() === RequestStatus::CLOSED) {
+			if ($request->getWasCreated()) {
+				$statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
+			}
+			else {
+				$statusSymbol = self::STATUS_SYMBOL_REJECTED;
+			}
+		}
+
+		$this->setHtmlTitle($statusSymbol . ' #' . $request->getId());
+	}
+
+	/**
+	 * Sets up data unrelated to the request, such as the email template information
+	 *
+	 * @param PdoDatabase $database
+	 */
+	protected function setupGeneralData(PdoDatabase $database)
+	{
+		$this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #');
+
+		// FIXME: domains
+		/** @var Domain $domain */
+		$domain = Domain::getById(1, $database);
+		$this->assign('defaultRequestState', RequestQueue::getDefaultQueue($database, 1)->getApiName());
+		$this->assign('activeRequestQueues', RequestQueue::getEnabledQueues($database));
+
+		/** @var EmailTemplate $createdTemplate */
+		$createdTemplate = EmailTemplate::getById($domain->getDefaultClose(), $database);
+
+		$this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != '');
+		$this->assign('createdId', $createdTemplate->getId());
+		$this->assign('createdName', $createdTemplate->getName());
+
+		$preferenceManager = PreferenceManager::getForCurrent($database);
+		$skipJsAborts = $preferenceManager->getPreference(PreferenceManager::PREF_SKIP_JS_ABORT);
+		$preferredCreationMode = (int)$preferenceManager->getPreference(PreferenceManager::PREF_CREATION_MODE);
+		$this->assign('skipJsAborts', $skipJsAborts);
+		$this->assign('preferredCreationMode', $preferredCreationMode);
+
+		$createReasons = EmailTemplate::getActiveNonpreloadTemplates(
+			EmailTemplate::ACTION_CREATED,
+			$database,
+			$domain->getId(),
+			$domain->getDefaultClose());
+		$this->assign("createReasons", $createReasons);
+
+		$declineReasons = EmailTemplate::getActiveNonpreloadTemplates(
+			EmailTemplate::ACTION_NOT_CREATED,
+			$database,
+			$domain->getId());
+		$this->assign("declineReasons", $declineReasons);
+
+		$allCreateReasons = EmailTemplate::getAllActiveTemplates(
+			EmailTemplate::ACTION_CREATED,
+			$database,
+			$domain->getId());
+		$this->assign("allCreateReasons", $allCreateReasons);
+
+		$allDeclineReasons = EmailTemplate::getAllActiveTemplates(
+			EmailTemplate::ACTION_NOT_CREATED,
+			$database,
+			$domain->getId());
+		$this->assign("allDeclineReasons", $allDeclineReasons);
+
+		$allOtherReasons = EmailTemplate::getAllActiveTemplates(
+			false,
+			$database,
+			$domain->getId());
+		$this->assign("allOtherReasons", $allOtherReasons);
+	}
+
+	private function setupLogData(Request $request, PdoDatabase $database, bool $allowedPrivateData)
+	{
+		$currentUser = User::getCurrent($database);
+
+		$logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager());
+		$requestLogs = array();
+
+		/** @var User[] $nameCache */
+		$nameCache = array();
+
+		$editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class);
+
+		$canFlag = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageFlagComment::class);
+		$canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class);
+
+		/** @var Log|Comment $entry */
+		foreach ($logs as $entry) {
+			// both log and comment have a 'user' field
+			if (!array_key_exists($entry->getUser(), $nameCache)) {
+				$entryUser = User::getById($entry->getUser(), $database);
+				$nameCache[$entry->getUser()] = $entryUser;
+			}
+
+			if ($entry instanceof Comment) {
+				// Determine if the comment contains private information.
+				// Private defined as flagged or restricted visibility, but only when the user isn't allowed
+				// to see private data
+				$commentIsRestricted =
+					($entry->getFlagged()
+						|| $entry->getVisibility() == 'admin' || $entry->getVisibility() == 'checkuser')
+					&& !$allowedPrivateData;
+
+				// Only allow comment editing if the user is able to edit comments or this is the user's own comment,
+				// but only when they're allowed to see the comment itself.
+				$commentIsEditable = ($editableComments || $entry->getUser() == $currentUser->getId())
+					&& !$commentIsRestricted;
+
+				// Flagging/unflagging can only be done if you can see the comment
+				$canFlagThisComment = $canFlag
+					&& (
+						(!$entry->getFlagged() && !$commentIsRestricted)
+						|| ($entry->getFlagged() && $canUnflag && $commentIsEditable)
+					);
+
+				$requestLogs[] = array(
+					'type'          => 'comment',
+					'security'      => $entry->getVisibility(),
+					'user'          => $entry->getVisibility() == 'requester' ? $request->getName() : $nameCache[$entry->getUser()]->getUsername(),
+					'userid'        => $entry->getUser() == -1 ? null : $entry->getUser(),
+					'entry'         => null,
+					'time'          => $entry->getTime(),
+					'canedit'       => $commentIsEditable,
+					'id'            => $entry->getId(),
+					'comment'       => $entry->getComment(),
+					'flagged'       => $entry->getFlagged(),
+					'canflag'       => $canFlagThisComment,
+					'updateversion' => $entry->getUpdateVersion(),
+					'edited'        => $entry->getEdited(),
+					'hidden'        => $commentIsRestricted
+				);
+			}
+
+			if ($entry instanceof Log) {
+				$invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0;
+				$entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()];
+
+				$entryComment = $entry->getComment();
+
+				if ($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest') {
+					$data = unserialize($entry->getComment());
+					/** @var JobQueue $job */
+					$job = JobQueue::getById($data['job'], $database);
+					$requestLogs[] = array(
+						'type'     => 'joblog',
+						'security' => 'user',
+						'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+						'user'     => $entryUser->getUsername(),
+						'entry'    => LogHelper::getLogDescription($entry),
+						'time'     => $entry->getTimestamp(),
+						'canedit'  => false,
+						'id'       => $entry->getId(),
+						'jobId'    => $job->getId(),
+						'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
+					);
+				}
+				else {
+					$requestLogs[] = array(
+						'type'     => 'log',
+						'security' => 'user',
+						'userid'   => $entry->getUser() == -1 ? null : $entry->getUser(),
+						'user'     => $entryUser->getUsername(),
+						'entry'    => LogHelper::getLogDescription($entry),
+						'time'     => $entry->getTimestamp(),
+						'canedit'  => false,
+						'id'       => $entry->getId(),
+						'comment'  => $entryComment,
+					);
+				}
+			}
+		}
+
+		$this->addJs("/api.php?action=users&targetVariable=typeaheaddata");
+
+		$this->assign("requestLogs", $requestLogs);
+	}
+
+	/**
+	 * @param Request $request
+	 */
+	protected function setupUsernameData(Request $request)
+	{
+		$blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName());
+
+		$this->assign('requestIsBlacklisted', $blacklistData !== false);
+		$this->assign('requestBlacklist', $blacklistData);
+
+		try {
+			$spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName());
+		}
+		catch (Exception $ex) {
+			$spoofs = $ex->getMessage();
+		}
+
+		$this->assign("spoofs", $spoofs);
+	}
+
+	private function setupCreationTypes(User $user)
+	{
+		$this->assign('allowWelcomeSkip', false);
+		$this->assign('forceWelcomeSkip', false);
+
+		$database = $this->getDatabase();
+		$preferenceManager = PreferenceManager::getForCurrent($database);
+
+		$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration());
+
+		$welcomeTemplate = $preferenceManager->getPreference(PreferenceManager::PREF_WELCOMETEMPLATE);
+
+		if ($welcomeTemplate != null) {
+			$this->assign('allowWelcomeSkip', true);
+
+			if (!$oauth->canWelcome()) {
+				$this->assign('forceWelcomeSkip', true);
+			}
+		}
+
+		// test credentials
+		$canManualCreate = $this->barrierTest(PreferenceManager::CREATION_MANUAL, $user, 'RequestCreation');
+		$canOauthCreate = $this->barrierTest(PreferenceManager::CREATION_OAUTH, $user, 'RequestCreation');
+		$canBotCreate = $this->barrierTest(PreferenceManager::CREATION_BOT, $user, 'RequestCreation');
+
+		$this->assign('canManualCreate', $canManualCreate);
+		$this->assign('canOauthCreate', $canOauthCreate);
+		$this->assign('canBotCreate', $canBotCreate);
+
+		// show/hide the type radio buttons
+		$creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1;
+
+		$creationModePreference = $preferenceManager->getPreference(PreferenceManager::PREF_CREATION_MODE);
+		if (!$this->barrierTest($creationModePreference, $user, 'RequestCreation')) {
+			// user is not allowed to use their default. Force a choice.
+			$creationHasChoice = true;
+		}
+
+		$this->assign('creationHasChoice', $creationHasChoice);
+
+		// determine problems in creation types
+		$this->assign('botProblem', false);
+		if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) {
+			$this->assign('botProblem', true);
+		}
+
+		$this->assign('oauthProblem', false);
+		if ($canOauthCreate && !$oauth->canCreateAccount()) {
+			$this->assign('oauthProblem', true);
+		}
+	}
 }

Braces +3 added lines, -6 removed lines

@@ -136,8 +136,7 @@ 
                 $this->setTemplate('view-request/main-with-checkuser-data.tpl');
                 $this->setupCheckUserData($request);
             }
-        }
-        else {
+        } else {
             $this->setTemplate('view-request/main.tpl');
         }
     }
@@ -151,8 +150,7 @@ 
         if ($request->getStatus() === RequestStatus::CLOSED) {
             if ($request->getWasCreated()) {
                 $statusSymbol = self::STATUS_SYMBOL_ACCEPTED;
-            }
-            else {
+            } else {
                 $statusSymbol = self::STATUS_SYMBOL_REJECTED;
             }
         }
@@ -304,8 +302,7 @@ 
                         'jobId'    => $job->getId(),
                         'jobDesc'  => JobQueue::getTaskDescriptions()[$job->getTask()],
                     );
-                }
-                else {
+                } else {
                     $requestLogs[] = array(
                         'type'     => 'log',
                         'security' => 'user',

includes/Pages/PageExpandedRequestList.php

Indentation +42 added lines, -42 removed lines

@@ -18,59 +18,59 @@
 
 class PageExpandedRequestList extends InternalPageBase
 {
-    use RequestListData;
+	use RequestListData;
 
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     * @todo This is very similar to the PageMain code, we could probably generalise this somehow
-     */
-    protected function main()
-    {
-        if (WebRequest::getString('queue') === null) {
-            $this->redirect('');
-            return;
-        }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 * @todo This is very similar to the PageMain code, we could probably generalise this somehow
+	 */
+	protected function main()
+	{
+		if (WebRequest::getString('queue') === null) {
+			$this->redirect('');
+			return;
+		}
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        // FIXME: domains
-        $queue = RequestQueue::getByApiName($database, WebRequest::getString('queue'), 1);
+		// FIXME: domains
+		$queue = RequestQueue::getByApiName($database, WebRequest::getString('queue'), 1);
 
-        if ($queue === false) {
-            $this->redirect('');
-            return;
-        }
+		if ($queue === false) {
+			$this->redirect('');
+			return;
+		}
 
-        /** @var SiteConfiguration $config */
-        $config = $this->getSiteConfiguration();
+		/** @var SiteConfiguration $config */
+		$config = $this->getSiteConfiguration();
 
-        $this->assignCSRFToken();
+		$this->assignCSRFToken();
 
-        $this->assign('queuehelp', $queue->getHelp());
+		$this->assign('queuehelp', $queue->getHelp());
 
-        // FIXME: domains
-        $search = RequestSearchHelper::get($database, 1);
-        $search->byStatus(RequestStatus::OPEN);
+		// FIXME: domains
+		$search = RequestSearchHelper::get($database, 1);
+		$search->byStatus(RequestStatus::OPEN);
 
-        list($defaultSort, $defaultSortDirection) = WebRequest::requestListDefaultSort();
-        $this->assign('defaultSort', $defaultSort);
-        $this->assign('defaultSortDirection', $defaultSortDirection);
+		list($defaultSort, $defaultSortDirection) = WebRequest::requestListDefaultSort();
+		$this->assign('defaultSort', $defaultSort);
+		$this->assign('defaultSortDirection', $defaultSortDirection);
 
-        if ($config->getEmailConfirmationEnabled()) {
-            $search->withConfirmedEmail();
-        }
+		if ($config->getEmailConfirmationEnabled()) {
+			$search->withConfirmedEmail();
+		}
 
-        $queuesById = [$queue->getId() => $queue];
-        $requestsByQueue = $search->fetchByQueue(array_keys($queuesById));
-        $requestData = $requestsByQueue[$queue->getId()];
+		$queuesById = [$queue->getId() => $queue];
+		$requestsByQueue = $search->fetchByQueue(array_keys($queuesById));
+		$requestData = $requestsByQueue[$queue->getId()];
 
-        $this->assign('requests', $this->prepareRequestData($requestData['data']));
-        $this->assign('totalRequests', $requestData['count']);
-        $this->assign('header', $queue->getHeader());
-        $this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
+		$this->assign('requests', $this->prepareRequestData($requestData['data']));
+		$this->assign('totalRequests', $requestData['count']);
+		$this->assign('header', $queue->getHeader());
+		$this->assign('requestLimitShowOnly', $config->getMiserModeLimit());
 
-        $this->setHtmlTitle('{$header|escape}{if $totalRequests > 0} [{$totalRequests|escape}]{/if}');
-        $this->setTemplate('mainpage/expandedrequestlist.tpl');
-    }
+		$this->setHtmlTitle('{$header|escape}{if $totalRequests > 0} [{$totalRequests|escape}]{/if}');
+		$this->setTemplate('mainpage/expandedrequestlist.tpl');
+	}
 }

includes/Pages/PageFlagComment.php

Indentation +51 added lines, -51 removed lines

@@ -19,67 +19,67 @@
 
 class PageFlagComment extends InternalPageBase
 {
-    /**
-     * @inheritDoc
-     */
-    protected function main()
-    {
-        if (!WebRequest::wasPosted()) {
-            throw new ApplicationLogicException('This page does not support GET methods.');
-        }
+	/**
+	 * @inheritDoc
+	 */
+	protected function main()
+	{
+		if (!WebRequest::wasPosted()) {
+			throw new ApplicationLogicException('This page does not support GET methods.');
+		}
 
-        $this->validateCSRFToken();
+		$this->validateCSRFToken();
 
-        $flagState = WebRequest::postInt('flag');
-        $commentId = WebRequest::postInt('comment');
-        $updateVersion = WebRequest::postInt('updateversion');
+		$flagState = WebRequest::postInt('flag');
+		$commentId = WebRequest::postInt('comment');
+		$updateVersion = WebRequest::postInt('updateversion');
 
-        if ($flagState !== 0 && $flagState !== 1) {
-            throw new ApplicationLogicException('Flag status not valid');
-        }
+		if ($flagState !== 0 && $flagState !== 1) {
+			throw new ApplicationLogicException('Flag status not valid');
+		}
 
-        $database = $this->getDatabase();
+		$database = $this->getDatabase();
 
-        /** @var Comment|false $comment */
-        $comment = Comment::getById($commentId, $database);
-        if ($comment === false) {
-            throw new ApplicationLogicException('Unknown comment');
-        }
+		/** @var Comment|false $comment */
+		$comment = Comment::getById($commentId, $database);
+		if ($comment === false) {
+			throw new ApplicationLogicException('Unknown comment');
+		}
 
-        $currentUser = User::getCurrent($database);
+		$currentUser = User::getCurrent($database);
 
-        if ($comment->getFlagged() && !$this->barrierTest('unflag', $currentUser)) {
-            // user isn't allowed to unflag comments
-            throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-        }
+		if ($comment->getFlagged() && !$this->barrierTest('unflag', $currentUser)) {
+			// user isn't allowed to unflag comments
+			throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+		}
 
-        /** @var Request $request */
-        $request = Request::getById($comment->getRequest(), $database);
+		/** @var Request $request */
+		$request = Request::getById($comment->getRequest(), $database);
 
-        if ($comment->getFlagged()
-            && !$this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')
-            && $request->getReserved() !== $currentUser->getId()
-        ) {
-            // can't unflag if you can't see it.
-            throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-        }
+		if ($comment->getFlagged()
+			&& !$this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData')
+			&& $request->getReserved() !== $currentUser->getId()
+		) {
+			// can't unflag if you can't see it.
+			throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+		}
 
-        $comment->setFlagged($flagState == 1);
-        $comment->setUpdateVersion($updateVersion);
-        $comment->save();
+		$comment->setFlagged($flagState == 1);
+		$comment->setUpdateVersion($updateVersion);
+		$comment->save();
 
-        if ($flagState === 1) {
-            Logger::flaggedComment($database, $comment, $request->getDomain());
-        }
-        else {
-            Logger::unflaggedComment($database, $comment, $request->getDomain());
-        }
+		if ($flagState === 1) {
+			Logger::flaggedComment($database, $comment, $request->getDomain());
+		}
+		else {
+			Logger::unflaggedComment($database, $comment, $request->getDomain());
+		}
 
-        if (WebRequest::postString('return') == 'list') {
-            $this->redirect('flaggedComments');
-        }
-        else {
-            $this->redirect('viewRequest', null, ['id' => $comment->getRequest()]);
-        }
-    }
+		if (WebRequest::postString('return') == 'list') {
+			$this->redirect('flaggedComments');
+		}
+		else {
+			$this->redirect('viewRequest', null, ['id' => $comment->getRequest()]);
+		}
+	}
 }
\ No newline at end of file

Braces +2 added lines, -4 removed lines

@@ -70,15 +70,13 @@
 
         if ($flagState === 1) {
             Logger::flaggedComment($database, $comment, $request->getDomain());
-        }
-        else {
+        } else {
             Logger::unflaggedComment($database, $comment, $request->getDomain());
         }
 
         if (WebRequest::postString('return') == 'list') {
             $this->redirect('flaggedComments');
-        }
-        else {
+        } else {
             $this->redirect('viewRequest', null, ['id' => $comment->getRequest()]);
         }
     }

includes/Pages/PageLog.php

Indentation +60 added lines, -60 removed lines

@@ -17,64 +17,64 @@
 
 class PageLog extends PagedInternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Logs');
-
-        $filterUser = WebRequest::getString('filterUser');
-        $filterAction = WebRequest::getString('filterAction');
-        $filterObjectType = WebRequest::getString('filterObjectType');
-        $filterObjectId = WebRequest::getInt('filterObjectId');
-
-        $database = $this->getDatabase();
-
-        if (!array_key_exists($filterObjectType, LogHelper::getObjectTypes())) {
-            $filterObjectType = null;
-        }
-
-        $this->addJs("/api.php?action=users&all=true&targetVariable=typeaheaddata");
-
-        // FIXME: domains
-        $logSearch = LogSearchHelper::get($database, 1);
-
-        if ($filterUser !== null) {
-            $userObj = User::getByUsername($filterUser, $database);
-            if ($userObj !== false) {
-                $logSearch->byUser($userObj->getId());
-            }
-            else {
-                $logSearch->byUser(-1);
-            }
-        }
-        if ($filterAction !== null) {
-            $logSearch->byAction($filterAction);
-        }
-        if ($filterObjectType !== null) {
-            $logSearch->byObjectType($filterObjectType);
-        }
-        if ($filterObjectId !== null) {
-            $logSearch->byObjectId($filterObjectId);
-        }
-
-        $this->setSearchHelper($logSearch);
-        $this->setupLimits();
-
-        /** @var Log[] $logs */
-        $logs = $logSearch->getRecordCount($count)->fetch();
-
-        list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration());
-
-        $this->setupPageData($count, array('filterUser' => $filterUser, 'filterAction' => $filterAction, 'filterObjectType' => $filterObjectType, 'filterObjectId' => $filterObjectId));
-
-        $this->assign("logs", $logData);
-        $this->assign("users", $users);
-
-        $this->assign('allLogActions', LogHelper::getLogActions($this->getDatabase()));
-        $this->assign('allObjectTypes', LogHelper::getObjectTypes());
-
-        $this->setTemplate("logs/main.tpl");
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Logs');
+
+		$filterUser = WebRequest::getString('filterUser');
+		$filterAction = WebRequest::getString('filterAction');
+		$filterObjectType = WebRequest::getString('filterObjectType');
+		$filterObjectId = WebRequest::getInt('filterObjectId');
+
+		$database = $this->getDatabase();
+
+		if (!array_key_exists($filterObjectType, LogHelper::getObjectTypes())) {
+			$filterObjectType = null;
+		}
+
+		$this->addJs("/api.php?action=users&all=true&targetVariable=typeaheaddata");
+
+		// FIXME: domains
+		$logSearch = LogSearchHelper::get($database, 1);
+
+		if ($filterUser !== null) {
+			$userObj = User::getByUsername($filterUser, $database);
+			if ($userObj !== false) {
+				$logSearch->byUser($userObj->getId());
+			}
+			else {
+				$logSearch->byUser(-1);
+			}
+		}
+		if ($filterAction !== null) {
+			$logSearch->byAction($filterAction);
+		}
+		if ($filterObjectType !== null) {
+			$logSearch->byObjectType($filterObjectType);
+		}
+		if ($filterObjectId !== null) {
+			$logSearch->byObjectId($filterObjectId);
+		}
+
+		$this->setSearchHelper($logSearch);
+		$this->setupLimits();
+
+		/** @var Log[] $logs */
+		$logs = $logSearch->getRecordCount($count)->fetch();
+
+		list($users, $logData) = LogHelper::prepareLogsForTemplate($logs, $database, $this->getSiteConfiguration());
+
+		$this->setupPageData($count, array('filterUser' => $filterUser, 'filterAction' => $filterAction, 'filterObjectType' => $filterObjectType, 'filterObjectId' => $filterObjectId));
+
+		$this->assign("logs", $logData);
+		$this->assign("users", $users);
+
+		$this->assign('allLogActions', LogHelper::getLogActions($this->getDatabase()));
+		$this->assign('allObjectTypes', LogHelper::getObjectTypes());
+
+		$this->setTemplate("logs/main.tpl");
+	}
 }

Braces +1 added lines, -2 removed lines

@@ -44,8 +44,7 @@
             $userObj = User::getByUsername($filterUser, $database);
             if ($userObj !== false) {
                 $logSearch->byUser($userObj->getId());
-            }
-            else {
+            } else {
                 $logSearch->byUser(-1);
             }
         }

includes/Pages/PageListFlaggedComments.php

Indentation +108 added lines, -108 removed lines

@@ -17,112 +17,112 @@
 
 class PageListFlaggedComments extends InternalPageBase
 {
-    /**
-     * @inheritDoc
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Flagged comments');
-        $this->setTemplate('flagged-comments.tpl');
-
-        $database = $this->getDatabase();
-        $this->assignCSRFToken();
-
-        /** @var Comment[] $commentObjects */
-        $commentObjects = Comment::getFlaggedComments($database, 1); // FIXME: domains
-        $comments = [];
-
-        $currentUser = User::getCurrent($database);
-
-        $seeRestrictedComments = $this->barrierTest('seeRestrictedComments', $currentUser, 'RequestData');
-        $seeCheckuserComments = $this->barrierTest('seeCheckuserComments', $currentUser, 'RequestData');
-        $alwaysSeePrivateData = $this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData');
-
-        foreach ($commentObjects as $object) {
-            $data = [
-                'visibility'    => $object->getVisibility(),
-                'hidden'        => false,
-                'hiddenText'    => false,
-            ];
-
-            if (!$alwaysSeePrivateData) {
-                // tl;dr: This is a stupid configuration, but let's account for it anyway.
-                //
-                // Flagged comments are treated as private data. If you don't have the privilege
-                // RequestData::alwaysSeePrivateData, then we can't show you the content of the comments here.
-                // This page is forced to degrade into basically a list of requests, seriously hampering the usefulness
-                // of this page. Still, we need to handle the case where we have access to this page, but not access
-                // to private data.
-                // At the time of writing, this case does not exist in the current role configuration, but for the role
-                // configuration to be free of assumptions, we need this code.
-
-                /** @var Request $request */
-                $request = Request::getById($object->getRequest(), $database);
-
-                if ($request->getReserved() === $currentUser->getId()) {
-                    $data['hiddenText'] = false;
-                }
-                else {
-                    $data['hiddenText'] = true;
-                }
-            }
-
-            if ($object->getVisibility() == 'requester' || $object->getVisibility() == 'user') {
-                $data['hidden'] = false;
-            }
-            elseif ($object->getVisibility() == 'admin') {
-                if ($seeRestrictedComments) {
-                    $data['hidden'] = false;
-                }
-                else {
-                    $data['hidden'] = true;
-                }
-            }
-            elseif ($object->getVisibility() == 'checkuser') {
-                if ($seeCheckuserComments) {
-                    $data['hidden'] = false;
-                }
-                else {
-                    $data['hidden'] = true;
-                }
-            }
-
-            $this->copyCommentData($object, $data, $database);
-
-            $comments[] = $data;
-        }
-
-        $this->assign('comments', $comments);
-        $this->assign('seeRestrictedComments', $seeRestrictedComments);
-        $this->assign('seeCheckuserComments', $seeCheckuserComments);
-
-        $this->assign('editOthersComments', $this->barrierTest('editOthers', $currentUser, PageEditComment::class));
-        $this->assign('editComments', $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageEditComment::class));
-        $this->assign('canUnflag', $this->barrierTest('unflag', $currentUser, PageFlagComment::class) && $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageFlagComment::class));
-    }
-
-    private function copyCommentData(Comment $object, array &$data, PdoDatabase $database): void
-    {
-        if ($data['hidden']) {
-            // All details hidden, so don't copy anything.
-            return;
-        }
-
-        /** @var Request $request */
-        $request = Request::getById($object->getRequest(), $database);
-
-        if (!$data['hiddenText']) {
-            // Comment text is hidden, but presence of the comment is visible.
-            $data['comment'] = $object->getComment();
-        }
-
-        $data['id'] = $object->getId();
-        $data['updateversion'] = $object->getUpdateVersion();
-        $data['time'] = $object->getTime();
-        $data['requestid'] = $object->getRequest();
-        $data['request'] = $request->getName();
-        $data['requeststatus'] = $request->getStatus();
-        $data['userid'] = $object->getUser();
-        $data['user'] = User::getById($object->getUser(), $database)->getUsername();
-    }
+	/**
+	 * @inheritDoc
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Flagged comments');
+		$this->setTemplate('flagged-comments.tpl');
+
+		$database = $this->getDatabase();
+		$this->assignCSRFToken();
+
+		/** @var Comment[] $commentObjects */
+		$commentObjects = Comment::getFlaggedComments($database, 1); // FIXME: domains
+		$comments = [];
+
+		$currentUser = User::getCurrent($database);
+
+		$seeRestrictedComments = $this->barrierTest('seeRestrictedComments', $currentUser, 'RequestData');
+		$seeCheckuserComments = $this->barrierTest('seeCheckuserComments', $currentUser, 'RequestData');
+		$alwaysSeePrivateData = $this->barrierTest('alwaysSeePrivateData', $currentUser, 'RequestData');
+
+		foreach ($commentObjects as $object) {
+			$data = [
+				'visibility'    => $object->getVisibility(),
+				'hidden'        => false,
+				'hiddenText'    => false,
+			];
+
+			if (!$alwaysSeePrivateData) {
+				// tl;dr: This is a stupid configuration, but let's account for it anyway.
+				//
+				// Flagged comments are treated as private data. If you don't have the privilege
+				// RequestData::alwaysSeePrivateData, then we can't show you the content of the comments here.
+				// This page is forced to degrade into basically a list of requests, seriously hampering the usefulness
+				// of this page. Still, we need to handle the case where we have access to this page, but not access
+				// to private data.
+				// At the time of writing, this case does not exist in the current role configuration, but for the role
+				// configuration to be free of assumptions, we need this code.
+
+				/** @var Request $request */
+				$request = Request::getById($object->getRequest(), $database);
+
+				if ($request->getReserved() === $currentUser->getId()) {
+					$data['hiddenText'] = false;
+				}
+				else {
+					$data['hiddenText'] = true;
+				}
+			}
+
+			if ($object->getVisibility() == 'requester' || $object->getVisibility() == 'user') {
+				$data['hidden'] = false;
+			}
+			elseif ($object->getVisibility() == 'admin') {
+				if ($seeRestrictedComments) {
+					$data['hidden'] = false;
+				}
+				else {
+					$data['hidden'] = true;
+				}
+			}
+			elseif ($object->getVisibility() == 'checkuser') {
+				if ($seeCheckuserComments) {
+					$data['hidden'] = false;
+				}
+				else {
+					$data['hidden'] = true;
+				}
+			}
+
+			$this->copyCommentData($object, $data, $database);
+
+			$comments[] = $data;
+		}
+
+		$this->assign('comments', $comments);
+		$this->assign('seeRestrictedComments', $seeRestrictedComments);
+		$this->assign('seeCheckuserComments', $seeCheckuserComments);
+
+		$this->assign('editOthersComments', $this->barrierTest('editOthers', $currentUser, PageEditComment::class));
+		$this->assign('editComments', $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageEditComment::class));
+		$this->assign('canUnflag', $this->barrierTest('unflag', $currentUser, PageFlagComment::class) && $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageFlagComment::class));
+	}
+
+	private function copyCommentData(Comment $object, array &$data, PdoDatabase $database): void
+	{
+		if ($data['hidden']) {
+			// All details hidden, so don't copy anything.
+			return;
+		}
+
+		/** @var Request $request */
+		$request = Request::getById($object->getRequest(), $database);
+
+		if (!$data['hiddenText']) {
+			// Comment text is hidden, but presence of the comment is visible.
+			$data['comment'] = $object->getComment();
+		}
+
+		$data['id'] = $object->getId();
+		$data['updateversion'] = $object->getUpdateVersion();
+		$data['time'] = $object->getTime();
+		$data['requestid'] = $object->getRequest();
+		$data['request'] = $request->getName();
+		$data['requeststatus'] = $request->getStatus();
+		$data['userid'] = $object->getUser();
+		$data['user'] = User::getById($object->getUser(), $database)->getUsername();
+	}
 }
\ No newline at end of file

Braces +5 added lines, -10 removed lines

@@ -61,28 +61,23 @@
 
                 if ($request->getReserved() === $currentUser->getId()) {
                     $data['hiddenText'] = false;
-                }
-                else {
+                } else {
                     $data['hiddenText'] = true;
                 }
             }
 
             if ($object->getVisibility() == 'requester' || $object->getVisibility() == 'user') {
                 $data['hidden'] = false;
-            }
-            elseif ($object->getVisibility() == 'admin') {
+            } elseif ($object->getVisibility() == 'admin') {
                 if ($seeRestrictedComments) {
                     $data['hidden'] = false;
-                }
-                else {
+                } else {
                     $data['hidden'] = true;
                 }
-            }
-            elseif ($object->getVisibility() == 'checkuser') {
+            } elseif ($object->getVisibility() == 'checkuser') {
                 if ($seeCheckuserComments) {
                     $data['hidden'] = false;
-                }
-                else {
+                } else {
                     $data['hidden'] = true;
                 }
             }

includes/Pages/PageRequestFormManagement.php

Indentation +288 added lines, -288 removed lines

@@ -22,292 +22,292 @@
 
 class PageRequestFormManagement extends InternalPageBase
 {
-    protected function main()
-    {
-        $this->setHtmlTitle('Request Form Management');
-
-        $database = $this->getDatabase();
-        $domainId = Domain::getCurrent($database)->getId();
-        $forms = RequestForm::getAllForms($database, $domainId);
-        $this->assign('forms', $forms);
-
-        $queues = [];
-        foreach ($forms as $f) {
-            $queueId = $f->getOverrideQueue();
-            if ($queueId !== null) {
-                if (!isset($queues[$queueId])) {
-                    /** @var RequestQueue $queue */
-                    $queue = RequestQueue::getById($queueId, $this->getDatabase());
-
-                    if ($queue->getDomain() == $domainId) {
-                        $queues[$queueId] = $queue;
-                    }
-                }
-            }
-        }
-
-        $this->assign('queues', $queues);
-
-        $user = User::getCurrent($database);
-        $this->assign('canCreate', $this->barrierTest('create', $user));
-        $this->assign('canEdit', $this->barrierTest('edit', $user));
-        $this->assign('canView', $this->barrierTest('view', $user));
-
-        $this->setTemplate('form-management/main.tpl');
-    }
-
-    protected function preview() {
-        $previewContent = WebRequest::getSessionContext('preview');
-
-        $renderer = new MarkdownRenderingHelper();
-        $this->assign('renderedContent', $renderer->doRender($previewContent['main']));
-        $this->assign('username', $renderer->doRenderInline($previewContent['username']));
-        $this->assign('email', $renderer->doRenderInline($previewContent['email']));
-        $this->assign('comment', $renderer->doRenderInline($previewContent['comment']));
-
-        $this->setTemplate('form-management/preview.tpl');
-    }
-
-    protected function create()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $database = $this->getDatabase();
-            $domainId = Domain::getCurrent($database)->getId();
-
-            $form = new RequestForm();
-
-            $form->setDatabase($database);
-            $form->setDomain($domainId);
-
-            $this->setupObjectFromPost($form);
-            $form->setPublicEndpoint(WebRequest::postString('endpoint'));
-
-            if (WebRequest::postString("preview") === "preview") {
-                $this->populateFromObject($form);
-
-                WebRequest::setSessionContext('preview', [
-                    'main' => $form->getFormContent(),
-                    'username' => $form->getUsernameHelp(),
-                    'email' => $form->getEmailHelp(),
-                    'comment' => $form->getCommentHelp(),
-                ]);
-
-                $this->assign('createMode', true);
-                $this->setTemplate('form-management/edit.tpl');
-
-                return;
-            }
-
-            $proceed = true;
-
-            if (RequestForm::getByPublicEndpoint($database, $form->getPublicEndpoint(), $domainId) !== false) {
-                SessionAlert::error("The chosen public endpoint is already in use. Please choose another.");
-                $proceed = false;
-            }
-
-            if (preg_match('/^[A-Za-z][a-zA-Z0-9-]*$/', $form->getPublicEndpoint()) !== 1) {
-                SessionAlert::error("The chosen public endpoint contains invalid characters");
-                $proceed = false;
-            }
-
-            if (RequestForm::getByName($database, $form->getName(), $domainId) !== false) {
-                SessionAlert::error("The chosen name is already in use. Please choose another.");
-                $proceed = false;
-            }
-
-            if ($form->getOverrideQueue() !== null) {
-                /** @var RequestQueue|bool $queue */
-                $queue = RequestQueue::getById($form->getOverrideQueue(), $database);
-                if ($queue === false || $queue->getDomain() !== $domainId || !$queue->isEnabled()) {
-                    SessionAlert::error("The chosen queue does not exist or is disabled.");
-                    $proceed = false;
-                }
-            }
-
-            if ($proceed) {
-                $form->save();
-                Logger::requestFormCreated($database, $form);
-                $this->redirect('requestFormManagement');
-            }
-            else {
-                $this->populateFromObject($form);
-                WebRequest::setSessionContext('preview', [
-                    'main' => $form->getFormContent(),
-                    'username' => $form->getUsernameHelp(),
-                    'email' => $form->getEmailHelp(),
-                    'comment' => $form->getCommentHelp(),
-                ]);
-
-                $this->assign('createMode', true);
-                $this->setTemplate('form-management/edit.tpl');
-            }
-        }
-        else {
-            $this->populateFromObject(new RequestForm());
-            WebRequest::setSessionContext('preview', null);
-            $this->assign('hidePreview', true);
-
-            $this->assignCSRFToken();
-            $this->assign('createMode', true);
-            $this->setTemplate('form-management/edit.tpl');
-        }
-    }
-
-    protected function view()
-    {
-        $database = $this->getDatabase();
-
-        /** @var RequestForm $form */
-        $form = RequestForm::getById(WebRequest::getInt('form'), $database);
-
-        if ($form->getDomain() !== Domain::getCurrent($database)->getId()) {
-            throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-        }
-
-        $this->populateFromObject($form);
-
-        if ($form->getOverrideQueue() !== null) {
-            $this->assign('queueObject', RequestQueue::getById($form->getOverrideQueue(), $database));
-        }
-
-        WebRequest::setSessionContext('preview', [
-            'main' => $form->getFormContent(),
-            'username' => $form->getUsernameHelp(),
-            'email' => $form->getEmailHelp(),
-            'comment' => $form->getCommentHelp(),
-        ]);
-
-        $renderer = new MarkdownRenderingHelper();
-        $this->assign('renderedContent', $renderer->doRender($form->getFormContent()));
-
-        $this->setTemplate('form-management/view.tpl');
-    }
-
-    protected function edit()
-    {
-        $database = $this->getDatabase();
-
-        /** @var RequestForm $form */
-        $form = RequestForm::getById(WebRequest::getInt('form'), $database);
-
-        if ($form->getDomain() !== Domain::getCurrent($database)->getId()) {
-            throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
-        }
-
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            $this->setupObjectFromPost($form);
-
-            if (WebRequest::postString("preview") === "preview") {
-                $this->populateFromObject($form);
-
-                WebRequest::setSessionContext('preview', [
-                    'main' => $form->getFormContent(),
-                    'username' => $form->getUsernameHelp(),
-                    'email' => $form->getEmailHelp(),
-                    'comment' => $form->getCommentHelp(),
-                ]);
-
-                $this->assign('createMode', false);
-                $this->setTemplate('form-management/edit.tpl');
-
-                return;
-            }
-
-            $proceed = true;
-
-            $foundForm = RequestForm::getByName($database, $form->getName(), $form->getDomain());
-            if ($foundForm !== false && $foundForm->getId() !== $form->getId()) {
-                SessionAlert::error("The chosen name is already in use. Please choose another.");
-                $proceed = false;
-            }
-
-            if ($form->getOverrideQueue() !== null) {
-                /** @var RequestQueue $queue */
-                $queue = RequestQueue::getById($form->getOverrideQueue(), $database);
-                if ($queue === false || $queue->getDomain() !== $form->getDomain() || !$queue->isEnabled()) {
-                    SessionAlert::error("The chosen queue does not exist or is disabled.");
-                    $proceed = false;
-                }
-            }
-
-            if ($proceed) {
-                Logger::requestFormEdited($database, $form);
-                $form->save();
-                $this->redirect('requestFormManagement');
-            }
-            else {
-                $this->populateFromObject($form);
-                WebRequest::setSessionContext('preview', [
-                    'main' => $form->getFormContent(),
-                    'username' => $form->getUsernameHelp(),
-                    'email' => $form->getEmailHelp(),
-                    'comment' => $form->getCommentHelp(),
-                ]);
-
-                $this->assign('createMode', false);
-                $this->setTemplate('form-management/edit.tpl');
-            }
-        }
-        else {
-            $this->populateFromObject($form);
-            WebRequest::setSessionContext('preview', [
-                'main' => $form->getFormContent(),
-                'username' => $form->getUsernameHelp(),
-                'email' => $form->getEmailHelp(),
-                'comment' => $form->getCommentHelp(),
-            ]);
-
-            $this->assign('createMode', false);
-            $this->setTemplate('form-management/edit.tpl');
-        }
-    }
-
-    /**
-     * @param RequestForm $form
-     */
-    protected function populateFromObject(RequestForm $form): void
-    {
-        $this->assignCSRFToken();
-
-        $this->assign('name', $form->getName());
-        $this->assign('enabled', $form->isEnabled());
-        $this->assign('endpoint', $form->getPublicEndpoint());
-        $this->assign('queue', $form->getOverrideQueue());
-        $this->assign('content', $form->getFormContent());
-        $this->assign('username', $form->getUsernameHelp());
-        $this->assign('email', $form->getEmailHelp());
-        $this->assign('comment', $form->getCommentHelp());
-
-        $this->assign('domain', $form->getDomainObject());
-
-        $this->assign('availableQueues', RequestQueue::getEnabledQueues($this->getDatabase()));
-    }
-
-    /**
-     * @param RequestForm $form
-     *
-     * @return void
-     * @throws ApplicationLogicException
-     */
-    protected function setupObjectFromPost(RequestForm $form): void
-    {
-        if (WebRequest::postString('content') === null
-            || WebRequest::postString('username') === null
-            || WebRequest::postString('email') === null
-            || WebRequest::postString('comment') === null
-        ) {
-            throw new ApplicationLogicException("Form content, username help, email help, and comment help are all required fields.");
-        }
-
-        $form->setName(WebRequest::postString('name'));
-        $form->setEnabled(WebRequest::postBoolean('enabled'));
-        $form->setFormContent(WebRequest::postString('content'));
-        $form->setOverrideQueue(WebRequest::postInt('queue'));
-        $form->setUsernameHelp(WebRequest::postString('username'));
-        $form->setEmailHelp(WebRequest::postString('email'));
-        $form->setCommentHelp(WebRequest::postString('comment'));
-    }
+	protected function main()
+	{
+		$this->setHtmlTitle('Request Form Management');
+
+		$database = $this->getDatabase();
+		$domainId = Domain::getCurrent($database)->getId();
+		$forms = RequestForm::getAllForms($database, $domainId);
+		$this->assign('forms', $forms);
+
+		$queues = [];
+		foreach ($forms as $f) {
+			$queueId = $f->getOverrideQueue();
+			if ($queueId !== null) {
+				if (!isset($queues[$queueId])) {
+					/** @var RequestQueue $queue */
+					$queue = RequestQueue::getById($queueId, $this->getDatabase());
+
+					if ($queue->getDomain() == $domainId) {
+						$queues[$queueId] = $queue;
+					}
+				}
+			}
+		}
+
+		$this->assign('queues', $queues);
+
+		$user = User::getCurrent($database);
+		$this->assign('canCreate', $this->barrierTest('create', $user));
+		$this->assign('canEdit', $this->barrierTest('edit', $user));
+		$this->assign('canView', $this->barrierTest('view', $user));
+
+		$this->setTemplate('form-management/main.tpl');
+	}
+
+	protected function preview() {
+		$previewContent = WebRequest::getSessionContext('preview');
+
+		$renderer = new MarkdownRenderingHelper();
+		$this->assign('renderedContent', $renderer->doRender($previewContent['main']));
+		$this->assign('username', $renderer->doRenderInline($previewContent['username']));
+		$this->assign('email', $renderer->doRenderInline($previewContent['email']));
+		$this->assign('comment', $renderer->doRenderInline($previewContent['comment']));
+
+		$this->setTemplate('form-management/preview.tpl');
+	}
+
+	protected function create()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$database = $this->getDatabase();
+			$domainId = Domain::getCurrent($database)->getId();
+
+			$form = new RequestForm();
+
+			$form->setDatabase($database);
+			$form->setDomain($domainId);
+
+			$this->setupObjectFromPost($form);
+			$form->setPublicEndpoint(WebRequest::postString('endpoint'));
+
+			if (WebRequest::postString("preview") === "preview") {
+				$this->populateFromObject($form);
+
+				WebRequest::setSessionContext('preview', [
+					'main' => $form->getFormContent(),
+					'username' => $form->getUsernameHelp(),
+					'email' => $form->getEmailHelp(),
+					'comment' => $form->getCommentHelp(),
+				]);
+
+				$this->assign('createMode', true);
+				$this->setTemplate('form-management/edit.tpl');
+
+				return;
+			}
+
+			$proceed = true;
+
+			if (RequestForm::getByPublicEndpoint($database, $form->getPublicEndpoint(), $domainId) !== false) {
+				SessionAlert::error("The chosen public endpoint is already in use. Please choose another.");
+				$proceed = false;
+			}
+
+			if (preg_match('/^[A-Za-z][a-zA-Z0-9-]*$/', $form->getPublicEndpoint()) !== 1) {
+				SessionAlert::error("The chosen public endpoint contains invalid characters");
+				$proceed = false;
+			}
+
+			if (RequestForm::getByName($database, $form->getName(), $domainId) !== false) {
+				SessionAlert::error("The chosen name is already in use. Please choose another.");
+				$proceed = false;
+			}
+
+			if ($form->getOverrideQueue() !== null) {
+				/** @var RequestQueue|bool $queue */
+				$queue = RequestQueue::getById($form->getOverrideQueue(), $database);
+				if ($queue === false || $queue->getDomain() !== $domainId || !$queue->isEnabled()) {
+					SessionAlert::error("The chosen queue does not exist or is disabled.");
+					$proceed = false;
+				}
+			}
+
+			if ($proceed) {
+				$form->save();
+				Logger::requestFormCreated($database, $form);
+				$this->redirect('requestFormManagement');
+			}
+			else {
+				$this->populateFromObject($form);
+				WebRequest::setSessionContext('preview', [
+					'main' => $form->getFormContent(),
+					'username' => $form->getUsernameHelp(),
+					'email' => $form->getEmailHelp(),
+					'comment' => $form->getCommentHelp(),
+				]);
+
+				$this->assign('createMode', true);
+				$this->setTemplate('form-management/edit.tpl');
+			}
+		}
+		else {
+			$this->populateFromObject(new RequestForm());
+			WebRequest::setSessionContext('preview', null);
+			$this->assign('hidePreview', true);
+
+			$this->assignCSRFToken();
+			$this->assign('createMode', true);
+			$this->setTemplate('form-management/edit.tpl');
+		}
+	}
+
+	protected function view()
+	{
+		$database = $this->getDatabase();
+
+		/** @var RequestForm $form */
+		$form = RequestForm::getById(WebRequest::getInt('form'), $database);
+
+		if ($form->getDomain() !== Domain::getCurrent($database)->getId()) {
+			throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+		}
+
+		$this->populateFromObject($form);
+
+		if ($form->getOverrideQueue() !== null) {
+			$this->assign('queueObject', RequestQueue::getById($form->getOverrideQueue(), $database));
+		}
+
+		WebRequest::setSessionContext('preview', [
+			'main' => $form->getFormContent(),
+			'username' => $form->getUsernameHelp(),
+			'email' => $form->getEmailHelp(),
+			'comment' => $form->getCommentHelp(),
+		]);
+
+		$renderer = new MarkdownRenderingHelper();
+		$this->assign('renderedContent', $renderer->doRender($form->getFormContent()));
+
+		$this->setTemplate('form-management/view.tpl');
+	}
+
+	protected function edit()
+	{
+		$database = $this->getDatabase();
+
+		/** @var RequestForm $form */
+		$form = RequestForm::getById(WebRequest::getInt('form'), $database);
+
+		if ($form->getDomain() !== Domain::getCurrent($database)->getId()) {
+			throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager());
+		}
+
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			$this->setupObjectFromPost($form);
+
+			if (WebRequest::postString("preview") === "preview") {
+				$this->populateFromObject($form);
+
+				WebRequest::setSessionContext('preview', [
+					'main' => $form->getFormContent(),
+					'username' => $form->getUsernameHelp(),
+					'email' => $form->getEmailHelp(),
+					'comment' => $form->getCommentHelp(),
+				]);
+
+				$this->assign('createMode', false);
+				$this->setTemplate('form-management/edit.tpl');
+
+				return;
+			}
+
+			$proceed = true;
+
+			$foundForm = RequestForm::getByName($database, $form->getName(), $form->getDomain());
+			if ($foundForm !== false && $foundForm->getId() !== $form->getId()) {
+				SessionAlert::error("The chosen name is already in use. Please choose another.");
+				$proceed = false;
+			}
+
+			if ($form->getOverrideQueue() !== null) {
+				/** @var RequestQueue $queue */
+				$queue = RequestQueue::getById($form->getOverrideQueue(), $database);
+				if ($queue === false || $queue->getDomain() !== $form->getDomain() || !$queue->isEnabled()) {
+					SessionAlert::error("The chosen queue does not exist or is disabled.");
+					$proceed = false;
+				}
+			}
+
+			if ($proceed) {
+				Logger::requestFormEdited($database, $form);
+				$form->save();
+				$this->redirect('requestFormManagement');
+			}
+			else {
+				$this->populateFromObject($form);
+				WebRequest::setSessionContext('preview', [
+					'main' => $form->getFormContent(),
+					'username' => $form->getUsernameHelp(),
+					'email' => $form->getEmailHelp(),
+					'comment' => $form->getCommentHelp(),
+				]);
+
+				$this->assign('createMode', false);
+				$this->setTemplate('form-management/edit.tpl');
+			}
+		}
+		else {
+			$this->populateFromObject($form);
+			WebRequest::setSessionContext('preview', [
+				'main' => $form->getFormContent(),
+				'username' => $form->getUsernameHelp(),
+				'email' => $form->getEmailHelp(),
+				'comment' => $form->getCommentHelp(),
+			]);
+
+			$this->assign('createMode', false);
+			$this->setTemplate('form-management/edit.tpl');
+		}
+	}
+
+	/**
+	 * @param RequestForm $form
+	 */
+	protected function populateFromObject(RequestForm $form): void
+	{
+		$this->assignCSRFToken();
+
+		$this->assign('name', $form->getName());
+		$this->assign('enabled', $form->isEnabled());
+		$this->assign('endpoint', $form->getPublicEndpoint());
+		$this->assign('queue', $form->getOverrideQueue());
+		$this->assign('content', $form->getFormContent());
+		$this->assign('username', $form->getUsernameHelp());
+		$this->assign('email', $form->getEmailHelp());
+		$this->assign('comment', $form->getCommentHelp());
+
+		$this->assign('domain', $form->getDomainObject());
+
+		$this->assign('availableQueues', RequestQueue::getEnabledQueues($this->getDatabase()));
+	}
+
+	/**
+	 * @param RequestForm $form
+	 *
+	 * @return void
+	 * @throws ApplicationLogicException
+	 */
+	protected function setupObjectFromPost(RequestForm $form): void
+	{
+		if (WebRequest::postString('content') === null
+			|| WebRequest::postString('username') === null
+			|| WebRequest::postString('email') === null
+			|| WebRequest::postString('comment') === null
+		) {
+			throw new ApplicationLogicException("Form content, username help, email help, and comment help are all required fields.");
+		}
+
+		$form->setName(WebRequest::postString('name'));
+		$form->setEnabled(WebRequest::postBoolean('enabled'));
+		$form->setFormContent(WebRequest::postString('content'));
+		$form->setOverrideQueue(WebRequest::postInt('queue'));
+		$form->setUsernameHelp(WebRequest::postString('username'));
+		$form->setEmailHelp(WebRequest::postString('email'));
+		$form->setCommentHelp(WebRequest::postString('comment'));
+	}
 }

Braces +6 added lines, -9 removed lines

@@ -56,7 +56,8 @@ 
         $this->setTemplate('form-management/main.tpl');
     }
 
-    protected function preview() {
+    protected function preview()
+    {
         $previewContent = WebRequest::getSessionContext('preview');
 
         $renderer = new MarkdownRenderingHelper();
@@ -129,8 +130,7 @@ 
                 $form->save();
                 Logger::requestFormCreated($database, $form);
                 $this->redirect('requestFormManagement');
-            }
-            else {
+            } else {
                 $this->populateFromObject($form);
                 WebRequest::setSessionContext('preview', [
                     'main' => $form->getFormContent(),
@@ -142,8 +142,7 @@ 
                 $this->assign('createMode', true);
                 $this->setTemplate('form-management/edit.tpl');
             }
-        }
-        else {
+        } else {
             $this->populateFromObject(new RequestForm());
             WebRequest::setSessionContext('preview', null);
             $this->assign('hidePreview', true);
@@ -237,8 +236,7 @@ 
                 Logger::requestFormEdited($database, $form);
                 $form->save();
                 $this->redirect('requestFormManagement');
-            }
-            else {
+            } else {
                 $this->populateFromObject($form);
                 WebRequest::setSessionContext('preview', [
                     'main' => $form->getFormContent(),
@@ -250,8 +248,7 @@ 
                 $this->assign('createMode', false);
                 $this->setTemplate('form-management/edit.tpl');
             }
-        }
-        else {
+        } else {
             $this->populateFromObject($form);
             WebRequest::setSessionContext('preview', [
                 'main' => $form->getFormContent(),

includes/Pages/UserAuth/Login/PagePasswordLogin.php

Indentation +27 added lines, -27 removed lines

@@ -13,31 +13,31 @@
 
 class PagePasswordLogin extends LoginCredentialPageBase
 {
-    protected function providerSpecificSetup()
-    {
-        list($partialId, $partialStage) = WebRequest::getAuthPartialLogin();
-
-        if ($partialId !== null && $partialStage > 1) {
-            $sql = 'SELECT type FROM credential WHERE user = :user AND factor = :stage AND disabled = 0 ORDER BY priority';
-            $statement = $this->getDatabase()->prepare($sql);
-            $statement->execute(array(':user' => $partialId, ':stage' => $partialStage));
-            $nextStage = $statement->fetchColumn();
-            $statement->closeCursor();
-
-            $this->redirect("login/" . $this->nextPageMap[$nextStage]);
-            return;
-        }
-
-        $this->setTemplate('login/password.tpl');
-    }
-
-    protected function getProviderCredentials()
-    {
-        $password = WebRequest::postString("password");
-        if ($password === null || $password === "") {
-            throw new ApplicationLogicException("No password specified");
-        }
-
-        return $password;
-    }
+	protected function providerSpecificSetup()
+	{
+		list($partialId, $partialStage) = WebRequest::getAuthPartialLogin();
+
+		if ($partialId !== null && $partialStage > 1) {
+			$sql = 'SELECT type FROM credential WHERE user = :user AND factor = :stage AND disabled = 0 ORDER BY priority';
+			$statement = $this->getDatabase()->prepare($sql);
+			$statement->execute(array(':user' => $partialId, ':stage' => $partialStage));
+			$nextStage = $statement->fetchColumn();
+			$statement->closeCursor();
+
+			$this->redirect("login/" . $this->nextPageMap[$nextStage]);
+			return;
+		}
+
+		$this->setTemplate('login/password.tpl');
+	}
+
+	protected function getProviderCredentials()
+	{
+		$password = WebRequest::postString("password");
+		if ($password === null || $password === "") {
+			throw new ApplicationLogicException("No password specified");
+		}
+
+		return $password;
+	}
 }
\ No newline at end of file

includes/Pages/UserAuth/PagePreferences.php

Indentation +161 added lines, -161 removed lines

@@ -20,165 +20,165 @@
 
 class PagePreferences extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Preferences');
-
-        $enforceOAuth = $this->getSiteConfiguration()->getEnforceOAuth();
-        $database = $this->getDatabase();
-        $user = User::getCurrent($database);
-        $preferencesManager = PreferenceManager::getForCurrent($database);
-
-        // Dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            $this->setPreference($preferencesManager,PreferenceManager::PREF_EMAIL_SIGNATURE, 'emailSignature');
-            $this->setPreferenceWithValue($preferencesManager,PreferenceManager::PREF_SKIP_JS_ABORT, 'skipJsAbort', WebRequest::postBoolean('skipJsAbort') ? 1 : 0);
-            $this->setPreferenceWithValue($preferencesManager,PreferenceManager::PREF_QUEUE_HELP, 'showQueueHelp', WebRequest::postBoolean('showQueueHelp') ? 1 : 0);
-            $this->setCreationMode($user, $preferencesManager);
-            $this->setSkin($preferencesManager);
-            $preferencesManager->setGlobalPreference(PreferenceManager::PREF_DEFAULT_DOMAIN, WebRequest::postInt('defaultDomain'));
-
-            $email = WebRequest::postEmail('email');
-            if ($email !== null) {
-                $user->setEmail($email);
-            }
-
-            $user->save();
-            SessionAlert::success("Preferences updated!");
-
-            if ($this->barrierTest(RoleConfiguration::MAIN, $user, PageMain::class)) {
-                $this->redirect('');
-            }
-            else {
-                $this->redirect('preferences');
-            }
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('preferences/prefs.tpl');
-
-            // FIXME: domains!
-            /** @var Domain $domain */
-            $domain = Domain::getById(1, $this->getDatabase());
-            $this->assign('mediawikiScriptPath', $domain->getWikiArticlePath());
-
-            $this->assign("enforceOAuth", $enforceOAuth);
-
-            $this->assignPreference($preferencesManager, PreferenceManager::PREF_EMAIL_SIGNATURE, 'emailSignature', false);
-            $this->assignPreference($preferencesManager, PreferenceManager::PREF_CREATION_MODE, 'creationMode', false);
-            $this->assignPreference($preferencesManager, PreferenceManager::PREF_SKIN, 'skin', true);
-            $this->assignPreference($preferencesManager, PreferenceManager::PREF_SKIP_JS_ABORT, 'skipJsAbort', false);
-            $this->assignPreference($preferencesManager, PreferenceManager::PREF_QUEUE_HELP, 'showQueueHelp', false, true);
-            $this->assignPreference($preferencesManager, PreferenceManager::PREF_DEFAULT_DOMAIN, 'defaultDomain', true);
-
-            $this->assign('canManualCreate',
-                $this->barrierTest(PreferenceManager::CREATION_MANUAL, $user, 'RequestCreation'));
-            $this->assign('canOauthCreate',
-                $this->barrierTest(PreferenceManager::CREATION_OAUTH, $user, 'RequestCreation'));
-            $this->assign('canBotCreate',
-                $this->barrierTest(PreferenceManager::CREATION_BOT, $user, 'RequestCreation'));
-
-            $oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(),
-                $this->getSiteConfiguration());
-            $this->assign('oauth', $oauth);
-
-            $identity = null;
-            if ($oauth->isFullyLinked()) {
-                $identity = $oauth->getIdentity(true);
-            }
-
-            $this->assign('identity', $identity);
-            $this->assign('graceTime', $this->getSiteConfiguration()->getOauthIdentityGraceTime());
-        }
-    }
-
-    private function assignPreference(
-        PreferenceManager $preferencesManager,
-        string $preference,
-        string $fieldName,
-        bool $defaultGlobal,
-        $defaultValue = null
-    ): void {
-        $this->assign($fieldName, $preferencesManager->getPreference($preference) ?? $defaultValue);
-        $this->assign($fieldName . 'Global', $preferencesManager->isGlobalPreference($preference) ?? $defaultGlobal);
-    }
-
-    private function setPreferenceWithValue(
-        PreferenceManager $preferencesManager,
-        string $preferenceName,
-        string $fieldName,
-        $value
-    ): void {
-        $globalDefinition = WebRequest::postBoolean($fieldName . 'Global');
-        if ($globalDefinition) {
-            $preferencesManager->setGlobalPreference($preferenceName, $value);
-        }
-        else {
-            $preferencesManager->setLocalPreference($preferenceName, $value);
-        }
-    }
-
-    private function setPreference(
-        PreferenceManager $preferencesManager,
-        string $preferenceName,
-        string $fieldName
-    ): void {
-        $this->setPreferenceWithValue($preferencesManager, $preferenceName, $fieldName, WebRequest::postString($fieldName));
-    }
-
-    protected function refreshOAuth()
-    {
-        if (!WebRequest::wasPosted()) {
-            $this->redirect('preferences');
-
-            return;
-        }
-
-        $database = $this->getDatabase();
-        $oauth = new OAuthUserHelper(User::getCurrent($database), $database, $this->getOAuthProtocolHelper(),
-            $this->getSiteConfiguration());
-
-        // token is for old consumer, run through the approval workflow again
-        if ($oauth->getIdentity(true)->getAudience() !== $this->getSiteConfiguration()->getOAuthConsumerToken()) {
-            $authoriseUrl = $oauth->getRequestToken();
-            $this->redirectUrl($authoriseUrl);
-
-            return;
-        }
-
-        if ($oauth->isFullyLinked()) {
-            $oauth->refreshIdentity();
-        }
-
-        $this->redirect('preferences');
-
-        return;
-    }
-
-    private function setCreationMode(User $user, PreferenceManager $preferenceManager)
-    {
-        // if the user is selecting a creation mode that they are not allowed, do nothing.
-        // this has the side effect of allowing them to keep a selected mode that either has been changed for them,
-        // or that they have kept from when they previously had certain access.
-        // This setting is only settable locally, as ACLs may change between domains.
-        $creationMode = WebRequest::postInt('creationMode');
-        if ($this->barrierTest($creationMode, $user, 'RequestCreation')) {
-            $preferenceManager->setLocalPreference(PreferenceManager::PREF_CREATION_MODE, WebRequest::postString('creationMode'));
-        }
-    }
-
-    private function setSkin(PreferenceManager $preferencesManager): void
-    {
-        $newSkin = WebRequest::postString('skin');
-        $allowedSkins = ['main', 'alt', 'auto'];
-        if (in_array($newSkin, $allowedSkins)) {
-            $this->setPreference($preferencesManager, PreferenceManager::PREF_SKIN, 'skin');
-        }
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Preferences');
+
+		$enforceOAuth = $this->getSiteConfiguration()->getEnforceOAuth();
+		$database = $this->getDatabase();
+		$user = User::getCurrent($database);
+		$preferencesManager = PreferenceManager::getForCurrent($database);
+
+		// Dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			$this->setPreference($preferencesManager,PreferenceManager::PREF_EMAIL_SIGNATURE, 'emailSignature');
+			$this->setPreferenceWithValue($preferencesManager,PreferenceManager::PREF_SKIP_JS_ABORT, 'skipJsAbort', WebRequest::postBoolean('skipJsAbort') ? 1 : 0);
+			$this->setPreferenceWithValue($preferencesManager,PreferenceManager::PREF_QUEUE_HELP, 'showQueueHelp', WebRequest::postBoolean('showQueueHelp') ? 1 : 0);
+			$this->setCreationMode($user, $preferencesManager);
+			$this->setSkin($preferencesManager);
+			$preferencesManager->setGlobalPreference(PreferenceManager::PREF_DEFAULT_DOMAIN, WebRequest::postInt('defaultDomain'));
+
+			$email = WebRequest::postEmail('email');
+			if ($email !== null) {
+				$user->setEmail($email);
+			}
+
+			$user->save();
+			SessionAlert::success("Preferences updated!");
+
+			if ($this->barrierTest(RoleConfiguration::MAIN, $user, PageMain::class)) {
+				$this->redirect('');
+			}
+			else {
+				$this->redirect('preferences');
+			}
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('preferences/prefs.tpl');
+
+			// FIXME: domains!
+			/** @var Domain $domain */
+			$domain = Domain::getById(1, $this->getDatabase());
+			$this->assign('mediawikiScriptPath', $domain->getWikiArticlePath());
+
+			$this->assign("enforceOAuth", $enforceOAuth);
+
+			$this->assignPreference($preferencesManager, PreferenceManager::PREF_EMAIL_SIGNATURE, 'emailSignature', false);
+			$this->assignPreference($preferencesManager, PreferenceManager::PREF_CREATION_MODE, 'creationMode', false);
+			$this->assignPreference($preferencesManager, PreferenceManager::PREF_SKIN, 'skin', true);
+			$this->assignPreference($preferencesManager, PreferenceManager::PREF_SKIP_JS_ABORT, 'skipJsAbort', false);
+			$this->assignPreference($preferencesManager, PreferenceManager::PREF_QUEUE_HELP, 'showQueueHelp', false, true);
+			$this->assignPreference($preferencesManager, PreferenceManager::PREF_DEFAULT_DOMAIN, 'defaultDomain', true);
+
+			$this->assign('canManualCreate',
+				$this->barrierTest(PreferenceManager::CREATION_MANUAL, $user, 'RequestCreation'));
+			$this->assign('canOauthCreate',
+				$this->barrierTest(PreferenceManager::CREATION_OAUTH, $user, 'RequestCreation'));
+			$this->assign('canBotCreate',
+				$this->barrierTest(PreferenceManager::CREATION_BOT, $user, 'RequestCreation'));
+
+			$oauth = new OAuthUserHelper($user, $database, $this->getOAuthProtocolHelper(),
+				$this->getSiteConfiguration());
+			$this->assign('oauth', $oauth);
+
+			$identity = null;
+			if ($oauth->isFullyLinked()) {
+				$identity = $oauth->getIdentity(true);
+			}
+
+			$this->assign('identity', $identity);
+			$this->assign('graceTime', $this->getSiteConfiguration()->getOauthIdentityGraceTime());
+		}
+	}
+
+	private function assignPreference(
+		PreferenceManager $preferencesManager,
+		string $preference,
+		string $fieldName,
+		bool $defaultGlobal,
+		$defaultValue = null
+	): void {
+		$this->assign($fieldName, $preferencesManager->getPreference($preference) ?? $defaultValue);
+		$this->assign($fieldName . 'Global', $preferencesManager->isGlobalPreference($preference) ?? $defaultGlobal);
+	}
+
+	private function setPreferenceWithValue(
+		PreferenceManager $preferencesManager,
+		string $preferenceName,
+		string $fieldName,
+		$value
+	): void {
+		$globalDefinition = WebRequest::postBoolean($fieldName . 'Global');
+		if ($globalDefinition) {
+			$preferencesManager->setGlobalPreference($preferenceName, $value);
+		}
+		else {
+			$preferencesManager->setLocalPreference($preferenceName, $value);
+		}
+	}
+
+	private function setPreference(
+		PreferenceManager $preferencesManager,
+		string $preferenceName,
+		string $fieldName
+	): void {
+		$this->setPreferenceWithValue($preferencesManager, $preferenceName, $fieldName, WebRequest::postString($fieldName));
+	}
+
+	protected function refreshOAuth()
+	{
+		if (!WebRequest::wasPosted()) {
+			$this->redirect('preferences');
+
+			return;
+		}
+
+		$database = $this->getDatabase();
+		$oauth = new OAuthUserHelper(User::getCurrent($database), $database, $this->getOAuthProtocolHelper(),
+			$this->getSiteConfiguration());
+
+		// token is for old consumer, run through the approval workflow again
+		if ($oauth->getIdentity(true)->getAudience() !== $this->getSiteConfiguration()->getOAuthConsumerToken()) {
+			$authoriseUrl = $oauth->getRequestToken();
+			$this->redirectUrl($authoriseUrl);
+
+			return;
+		}
+
+		if ($oauth->isFullyLinked()) {
+			$oauth->refreshIdentity();
+		}
+
+		$this->redirect('preferences');
+
+		return;
+	}
+
+	private function setCreationMode(User $user, PreferenceManager $preferenceManager)
+	{
+		// if the user is selecting a creation mode that they are not allowed, do nothing.
+		// this has the side effect of allowing them to keep a selected mode that either has been changed for them,
+		// or that they have kept from when they previously had certain access.
+		// This setting is only settable locally, as ACLs may change between domains.
+		$creationMode = WebRequest::postInt('creationMode');
+		if ($this->barrierTest($creationMode, $user, 'RequestCreation')) {
+			$preferenceManager->setLocalPreference(PreferenceManager::PREF_CREATION_MODE, WebRequest::postString('creationMode'));
+		}
+	}
+
+	private function setSkin(PreferenceManager $preferencesManager): void
+	{
+		$newSkin = WebRequest::postString('skin');
+		$allowedSkins = ['main', 'alt', 'auto'];
+		if (in_array($newSkin, $allowedSkins)) {
+			$this->setPreference($preferencesManager, PreferenceManager::PREF_SKIN, 'skin');
+		}
+	}
 }

Spacing +3 added lines, -3 removed lines

@@ -37,9 +37,9 @@
         if (WebRequest::wasPosted()) {
             $this->validateCSRFToken();
 
-            $this->setPreference($preferencesManager,PreferenceManager::PREF_EMAIL_SIGNATURE, 'emailSignature');
-            $this->setPreferenceWithValue($preferencesManager,PreferenceManager::PREF_SKIP_JS_ABORT, 'skipJsAbort', WebRequest::postBoolean('skipJsAbort') ? 1 : 0);
-            $this->setPreferenceWithValue($preferencesManager,PreferenceManager::PREF_QUEUE_HELP, 'showQueueHelp', WebRequest::postBoolean('showQueueHelp') ? 1 : 0);
+            $this->setPreference($preferencesManager, PreferenceManager::PREF_EMAIL_SIGNATURE, 'emailSignature');
+            $this->setPreferenceWithValue($preferencesManager, PreferenceManager::PREF_SKIP_JS_ABORT, 'skipJsAbort', WebRequest::postBoolean('skipJsAbort') ? 1 : 0);
+            $this->setPreferenceWithValue($preferencesManager, PreferenceManager::PREF_QUEUE_HELP, 'showQueueHelp', WebRequest::postBoolean('showQueueHelp') ? 1 : 0);
             $this->setCreationMode($user, $preferencesManager);
             $this->setSkin($preferencesManager);
             $preferencesManager->setGlobalPreference(PreferenceManager::PREF_DEFAULT_DOMAIN, WebRequest::postInt('defaultDomain'));

Braces +3 added lines, -6 removed lines

@@ -54,12 +54,10 @@ 
 
             if ($this->barrierTest(RoleConfiguration::MAIN, $user, PageMain::class)) {
                 $this->redirect('');
-            }
-            else {
+            } else {
                 $this->redirect('preferences');
             }
-        }
-        else {
+        } else {
             $this->assignCSRFToken();
             $this->setTemplate('preferences/prefs.tpl');
 
@@ -118,8 +116,7 @@ 
         $globalDefinition = WebRequest::postBoolean($fieldName . 'Global');
         if ($globalDefinition) {
             $preferencesManager->setGlobalPreference($preferenceName, $value);
-        }
-        else {
+        } else {
             $preferencesManager->setLocalPreference($preferenceName, $value);
         }
     }