stwalkerster /
waca
@@ -13,19 +13,19 @@ |
||
| 13 | 13 | |
| 14 | 14 | class PageRegisterOption extends InternalPageBase |
| 15 | 15 | { |
| 16 | - /** |
|
| 17 | - * Main function for this page, when no specific actions are called. |
|
| 18 | - * @return void |
|
| 19 | - */ |
|
| 20 | - protected function main() |
|
| 21 | - { |
|
| 22 | - $this->assign('allowRegistration', $this->getSiteConfiguration()->isRegistrationAllowed()); |
|
| 23 | - $this->assign('domains', Domain::getAll($this->getDatabase())); |
|
| 24 | - $this->setTemplate('registration/option.tpl'); |
|
| 25 | - } |
|
| 16 | + /** |
|
| 17 | + * Main function for this page, when no specific actions are called. |
|
| 18 | + * @return void |
|
| 19 | + */ |
|
| 20 | + protected function main() |
|
| 21 | + { |
|
| 22 | + $this->assign('allowRegistration', $this->getSiteConfiguration()->isRegistrationAllowed()); |
|
| 23 | + $this->assign('domains', Domain::getAll($this->getDatabase())); |
|
| 24 | + $this->setTemplate('registration/option.tpl'); |
|
| 25 | + } |
|
| 26 | 26 | |
| 27 | - protected function isProtectedPage() |
|
| 28 | - { |
|
| 29 | - return false; |
|
| 30 | - } |
|
| 27 | + protected function isProtectedPage() |
|
| 28 | + { |
|
| 29 | + return false; |
|
| 30 | + } |
|
| 31 | 31 | } |
@@ -21,104 +21,104 @@ |
||
| 21 | 21 | |
| 22 | 22 | class PageEditComment extends InternalPageBase |
| 23 | 23 | { |
| 24 | - /** |
|
| 25 | - * Main function for this page, when no specific actions are called. |
|
| 26 | - * @throws ApplicationLogicException |
|
| 27 | - * @throws Exception |
|
| 28 | - */ |
|
| 29 | - protected function main() |
|
| 30 | - { |
|
| 31 | - $commentId = WebRequest::getInt('id'); |
|
| 32 | - if ($commentId === null) { |
|
| 33 | - throw new ApplicationLogicException('Comment ID not specified'); |
|
| 34 | - } |
|
| 35 | - |
|
| 36 | - $database = $this->getDatabase(); |
|
| 37 | - |
|
| 38 | - /** @var Comment|false $comment */ |
|
| 39 | - $comment = Comment::getById($commentId, $database); |
|
| 40 | - if ($comment === false) { |
|
| 41 | - throw new ApplicationLogicException('Comment not found'); |
|
| 42 | - } |
|
| 43 | - |
|
| 44 | - $currentUser = User::getCurrent($database); |
|
| 45 | - if ($comment->getUser() !== $currentUser->getId() && !$this->barrierTest('editOthers', $currentUser)) { |
|
| 46 | - throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 47 | - } |
|
| 48 | - |
|
| 49 | - if ($comment->getVisibility() === 'admin' |
|
| 50 | - && !$this->barrierTest('seeRestrictedComments', $currentUser, 'RequestData') |
|
| 51 | - && $comment->getUser() !== $currentUser->getId()) { |
|
| 52 | - throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 53 | - } |
|
| 54 | - |
|
| 55 | - if ($comment->getVisibility() === 'checkuser' |
|
| 56 | - && !$this->barrierTest('seeCheckuserComments', $currentUser, 'RequestData') |
|
| 57 | - && $comment->getUser() !== $currentUser->getId()) { |
|
| 58 | - throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 59 | - } |
|
| 60 | - |
|
| 61 | - /** @var Request|false $request */ |
|
| 62 | - $request = Request::getById($comment->getRequest(), $database); |
|
| 63 | - |
|
| 64 | - if ($request === false) { |
|
| 65 | - throw new ApplicationLogicException('Request was not found.'); |
|
| 66 | - } |
|
| 67 | - |
|
| 68 | - $canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class); |
|
| 69 | - |
|
| 70 | - if (WebRequest::wasPosted()) { |
|
| 71 | - $this->validateCSRFToken(); |
|
| 72 | - $newComment = WebRequest::postString('newcomment'); |
|
| 73 | - $visibility = WebRequest::postString('visibility'); |
|
| 74 | - |
|
| 75 | - if ($newComment === null || $newComment === "") { |
|
| 76 | - throw new ApplicationLogicException("Comment cannot be empty!"); |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - if ($newComment === $comment->getComment() && ($comment->getVisibility() === 'requester' || $comment->getVisibility() === $visibility)) { |
|
| 80 | - // Only save and log if the comment changed |
|
| 81 | - $this->redirect('viewRequest', null, array('id' => $comment->getRequest())); |
|
| 82 | - return; |
|
| 83 | - } |
|
| 84 | - |
|
| 85 | - if ($comment->getVisibility() !== 'requester') { |
|
| 86 | - if ($visibility !== 'user' && $visibility !== 'admin' && $visibility !== 'checkuser') { |
|
| 87 | - throw new ApplicationLogicException('Comment visibility is not valid'); |
|
| 88 | - } |
|
| 89 | - |
|
| 90 | - $comment->setVisibility($visibility); |
|
| 91 | - } |
|
| 92 | - |
|
| 93 | - // optimistically lock from the load of the edit comment form |
|
| 94 | - $updateVersion = WebRequest::postInt('updateversion'); |
|
| 95 | - $comment->setUpdateVersion($updateVersion); |
|
| 96 | - |
|
| 97 | - $comment->setComment($newComment); |
|
| 98 | - |
|
| 99 | - if (WebRequest::postBoolean('unflag') && $canUnflag) { |
|
| 100 | - $comment->setFlagged(false); |
|
| 101 | - } |
|
| 102 | - |
|
| 103 | - $comment->touchEdited(); |
|
| 104 | - $comment->save(); |
|
| 105 | - |
|
| 106 | - Logger::editComment($database, $comment, $request); |
|
| 107 | - if (WebRequest::postBoolean('unflag') && $canUnflag) { |
|
| 108 | - Logger::unflaggedComment($database, $comment); |
|
| 109 | - } |
|
| 110 | - $this->getNotificationHelper()->commentEdited($comment, $request); |
|
| 111 | - SessionAlert::success("Comment has been saved successfully"); |
|
| 112 | - |
|
| 113 | - $this->redirect('viewRequest', null, array('id' => $comment->getRequest())); |
|
| 114 | - } |
|
| 115 | - else { |
|
| 116 | - $this->assignCSRFToken(); |
|
| 117 | - $this->assign('comment', $comment); |
|
| 118 | - $this->assign('request', $request); |
|
| 119 | - $this->assign('user', User::getById($comment->getUser(), $database)); |
|
| 120 | - $this->assign('canUnflag', $canUnflag); |
|
| 121 | - $this->setTemplate('edit-comment.tpl'); |
|
| 122 | - } |
|
| 123 | - } |
|
| 24 | + /** |
|
| 25 | + * Main function for this page, when no specific actions are called. |
|
| 26 | + * @throws ApplicationLogicException |
|
| 27 | + * @throws Exception |
|
| 28 | + */ |
|
| 29 | + protected function main() |
|
| 30 | + { |
|
| 31 | + $commentId = WebRequest::getInt('id'); |
|
| 32 | + if ($commentId === null) { |
|
| 33 | + throw new ApplicationLogicException('Comment ID not specified'); |
|
| 34 | + } |
|
| 35 | + |
|
| 36 | + $database = $this->getDatabase(); |
|
| 37 | + |
|
| 38 | + /** @var Comment|false $comment */ |
|
| 39 | + $comment = Comment::getById($commentId, $database); |
|
| 40 | + if ($comment === false) { |
|
| 41 | + throw new ApplicationLogicException('Comment not found'); |
|
| 42 | + } |
|
| 43 | + |
|
| 44 | + $currentUser = User::getCurrent($database); |
|
| 45 | + if ($comment->getUser() !== $currentUser->getId() && !$this->barrierTest('editOthers', $currentUser)) { |
|
| 46 | + throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 47 | + } |
|
| 48 | + |
|
| 49 | + if ($comment->getVisibility() === 'admin' |
|
| 50 | + && !$this->barrierTest('seeRestrictedComments', $currentUser, 'RequestData') |
|
| 51 | + && $comment->getUser() !== $currentUser->getId()) { |
|
| 52 | + throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 53 | + } |
|
| 54 | + |
|
| 55 | + if ($comment->getVisibility() === 'checkuser' |
|
| 56 | + && !$this->barrierTest('seeCheckuserComments', $currentUser, 'RequestData') |
|
| 57 | + && $comment->getUser() !== $currentUser->getId()) { |
|
| 58 | + throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 59 | + } |
|
| 60 | + |
|
| 61 | + /** @var Request|false $request */ |
|
| 62 | + $request = Request::getById($comment->getRequest(), $database); |
|
| 63 | + |
|
| 64 | + if ($request === false) { |
|
| 65 | + throw new ApplicationLogicException('Request was not found.'); |
|
| 66 | + } |
|
| 67 | + |
|
| 68 | + $canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class); |
|
| 69 | + |
|
| 70 | + if (WebRequest::wasPosted()) { |
|
| 71 | + $this->validateCSRFToken(); |
|
| 72 | + $newComment = WebRequest::postString('newcomment'); |
|
| 73 | + $visibility = WebRequest::postString('visibility'); |
|
| 74 | + |
|
| 75 | + if ($newComment === null || $newComment === "") { |
|
| 76 | + throw new ApplicationLogicException("Comment cannot be empty!"); |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + if ($newComment === $comment->getComment() && ($comment->getVisibility() === 'requester' || $comment->getVisibility() === $visibility)) { |
|
| 80 | + // Only save and log if the comment changed |
|
| 81 | + $this->redirect('viewRequest', null, array('id' => $comment->getRequest())); |
|
| 82 | + return; |
|
| 83 | + } |
|
| 84 | + |
|
| 85 | + if ($comment->getVisibility() !== 'requester') { |
|
| 86 | + if ($visibility !== 'user' && $visibility !== 'admin' && $visibility !== 'checkuser') { |
|
| 87 | + throw new ApplicationLogicException('Comment visibility is not valid'); |
|
| 88 | + } |
|
| 89 | + |
|
| 90 | + $comment->setVisibility($visibility); |
|
| 91 | + } |
|
| 92 | + |
|
| 93 | + // optimistically lock from the load of the edit comment form |
|
| 94 | + $updateVersion = WebRequest::postInt('updateversion'); |
|
| 95 | + $comment->setUpdateVersion($updateVersion); |
|
| 96 | + |
|
| 97 | + $comment->setComment($newComment); |
|
| 98 | + |
|
| 99 | + if (WebRequest::postBoolean('unflag') && $canUnflag) { |
|
| 100 | + $comment->setFlagged(false); |
|
| 101 | + } |
|
| 102 | + |
|
| 103 | + $comment->touchEdited(); |
|
| 104 | + $comment->save(); |
|
| 105 | + |
|
| 106 | + Logger::editComment($database, $comment, $request); |
|
| 107 | + if (WebRequest::postBoolean('unflag') && $canUnflag) { |
|
| 108 | + Logger::unflaggedComment($database, $comment); |
|
| 109 | + } |
|
| 110 | + $this->getNotificationHelper()->commentEdited($comment, $request); |
|
| 111 | + SessionAlert::success("Comment has been saved successfully"); |
|
| 112 | + |
|
| 113 | + $this->redirect('viewRequest', null, array('id' => $comment->getRequest())); |
|
| 114 | + } |
|
| 115 | + else { |
|
| 116 | + $this->assignCSRFToken(); |
|
| 117 | + $this->assign('comment', $comment); |
|
| 118 | + $this->assign('request', $request); |
|
| 119 | + $this->assign('user', User::getById($comment->getUser(), $database)); |
|
| 120 | + $this->assign('canUnflag', $canUnflag); |
|
| 121 | + $this->setTemplate('edit-comment.tpl'); |
|
| 122 | + } |
|
| 123 | + } |
|
| 124 | 124 | } |
@@ -31,316 +31,316 @@ |
||
| 31 | 31 | |
| 32 | 32 | class PageViewRequest extends InternalPageBase |
| 33 | 33 | { |
| 34 | - use RequestData; |
|
| 35 | - const STATUS_SYMBOL_OPEN = 'Ο'; |
|
| 36 | - const STATUS_SYMBOL_ACCEPTED = '☑'; |
|
| 37 | - const STATUS_SYMBOL_REJECTED = '☒'; |
|
| 38 | - |
|
| 39 | - /** |
|
| 40 | - * Main function for this page, when no specific actions are called. |
|
| 41 | - * @throws ApplicationLogicException |
|
| 42 | - */ |
|
| 43 | - protected function main() |
|
| 44 | - { |
|
| 45 | - // set up csrf protection |
|
| 46 | - $this->assignCSRFToken(); |
|
| 47 | - |
|
| 48 | - // get some useful objects |
|
| 49 | - $database = $this->getDatabase(); |
|
| 50 | - $request = $this->getRequest($database, WebRequest::getInt('id')); |
|
| 51 | - $config = $this->getSiteConfiguration(); |
|
| 52 | - $currentUser = User::getCurrent($database); |
|
| 53 | - |
|
| 54 | - // FIXME: domains! |
|
| 55 | - /** @var Domain $domain */ |
|
| 56 | - $domain = Domain::getById(1, $this->getDatabase()); |
|
| 57 | - $this->assign('mediawikiScriptPath', $domain->getWikiArticlePath()); |
|
| 58 | - |
|
| 59 | - // Shows a page if the email is not confirmed. |
|
| 60 | - if ($request->getEmailConfirm() !== 'Confirmed') { |
|
| 61 | - // Show a banner if the user can manually confirm the request |
|
| 62 | - $viewConfirm = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageManuallyConfirm::class); |
|
| 63 | - |
|
| 64 | - // If the request is purged, there's nothing to confirm! |
|
| 65 | - if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) { |
|
| 66 | - $viewConfirm = false; |
|
| 67 | - } |
|
| 68 | - |
|
| 69 | - // Render |
|
| 70 | - $this->setTemplate("view-request/not-confirmed.tpl"); |
|
| 71 | - $this->assign("requestId", $request->getId()); |
|
| 72 | - $this->assign("requestVersion", $request->getUpdateVersion()); |
|
| 73 | - $this->assign('canViewConfirmButton', $viewConfirm); |
|
| 74 | - |
|
| 75 | - // Make sure to return, to prevent the leaking of other information. |
|
| 76 | - return; |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - $this->setupBasicData($request, $config); |
|
| 80 | - |
|
| 81 | - $this->setupUsernameData($request); |
|
| 82 | - |
|
| 83 | - $this->setupTitle($request); |
|
| 84 | - |
|
| 85 | - $this->setupReservationDetails($request->getReserved(), $database, $currentUser); |
|
| 86 | - $this->setupGeneralData($database); |
|
| 87 | - |
|
| 88 | - $this->assign('requestDataCleared', false); |
|
| 89 | - if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) { |
|
| 90 | - $this->assign('requestDataCleared', true); |
|
| 91 | - } |
|
| 92 | - |
|
| 93 | - $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser); |
|
| 94 | - |
|
| 95 | - $this->setupCreationTypes($currentUser); |
|
| 96 | - |
|
| 97 | - $this->setupLogData($request, $database); |
|
| 98 | - |
|
| 99 | - $this->addJs("/api.php?action=templates&targetVariable=templateconfirms"); |
|
| 100 | - |
|
| 101 | - $this->assign('showRevealLink', false); |
|
| 102 | - if ($request->getReserved() === $currentUser->getId() || |
|
| 103 | - $this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData') |
|
| 104 | - ) { |
|
| 105 | - $this->assign('showRevealLink', true); |
|
| 106 | - $this->assign('revealHash', $request->getRevealHash()); |
|
| 107 | - } |
|
| 108 | - |
|
| 109 | - $this->assign('canSeeRelatedRequests', false); |
|
| 110 | - if ($allowedPrivateData || $this->barrierTest('seeRelatedRequests', $currentUser, 'RequestData')) { |
|
| 111 | - $this->setupRelatedRequests($request, $config, $database); |
|
| 112 | - } |
|
| 113 | - |
|
| 114 | - $this->assign('canCreateLocalAccount', $this->barrierTest('createLocalAccount', $currentUser, 'RequestData')); |
|
| 34 | + use RequestData; |
|
| 35 | + const STATUS_SYMBOL_OPEN = 'Ο'; |
|
| 36 | + const STATUS_SYMBOL_ACCEPTED = '☑'; |
|
| 37 | + const STATUS_SYMBOL_REJECTED = '☒'; |
|
| 38 | + |
|
| 39 | + /** |
|
| 40 | + * Main function for this page, when no specific actions are called. |
|
| 41 | + * @throws ApplicationLogicException |
|
| 42 | + */ |
|
| 43 | + protected function main() |
|
| 44 | + { |
|
| 45 | + // set up csrf protection |
|
| 46 | + $this->assignCSRFToken(); |
|
| 47 | + |
|
| 48 | + // get some useful objects |
|
| 49 | + $database = $this->getDatabase(); |
|
| 50 | + $request = $this->getRequest($database, WebRequest::getInt('id')); |
|
| 51 | + $config = $this->getSiteConfiguration(); |
|
| 52 | + $currentUser = User::getCurrent($database); |
|
| 53 | + |
|
| 54 | + // FIXME: domains! |
|
| 55 | + /** @var Domain $domain */ |
|
| 56 | + $domain = Domain::getById(1, $this->getDatabase()); |
|
| 57 | + $this->assign('mediawikiScriptPath', $domain->getWikiArticlePath()); |
|
| 58 | + |
|
| 59 | + // Shows a page if the email is not confirmed. |
|
| 60 | + if ($request->getEmailConfirm() !== 'Confirmed') { |
|
| 61 | + // Show a banner if the user can manually confirm the request |
|
| 62 | + $viewConfirm = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageManuallyConfirm::class); |
|
| 63 | + |
|
| 64 | + // If the request is purged, there's nothing to confirm! |
|
| 65 | + if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) { |
|
| 66 | + $viewConfirm = false; |
|
| 67 | + } |
|
| 68 | + |
|
| 69 | + // Render |
|
| 70 | + $this->setTemplate("view-request/not-confirmed.tpl"); |
|
| 71 | + $this->assign("requestId", $request->getId()); |
|
| 72 | + $this->assign("requestVersion", $request->getUpdateVersion()); |
|
| 73 | + $this->assign('canViewConfirmButton', $viewConfirm); |
|
| 74 | + |
|
| 75 | + // Make sure to return, to prevent the leaking of other information. |
|
| 76 | + return; |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + $this->setupBasicData($request, $config); |
|
| 80 | + |
|
| 81 | + $this->setupUsernameData($request); |
|
| 82 | + |
|
| 83 | + $this->setupTitle($request); |
|
| 84 | + |
|
| 85 | + $this->setupReservationDetails($request->getReserved(), $database, $currentUser); |
|
| 86 | + $this->setupGeneralData($database); |
|
| 87 | + |
|
| 88 | + $this->assign('requestDataCleared', false); |
|
| 89 | + if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) { |
|
| 90 | + $this->assign('requestDataCleared', true); |
|
| 91 | + } |
|
| 92 | + |
|
| 93 | + $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser); |
|
| 94 | + |
|
| 95 | + $this->setupCreationTypes($currentUser); |
|
| 96 | + |
|
| 97 | + $this->setupLogData($request, $database); |
|
| 98 | + |
|
| 99 | + $this->addJs("/api.php?action=templates&targetVariable=templateconfirms"); |
|
| 100 | + |
|
| 101 | + $this->assign('showRevealLink', false); |
|
| 102 | + if ($request->getReserved() === $currentUser->getId() || |
|
| 103 | + $this->barrierTest('alwaysSeeHash', $currentUser, 'RequestData') |
|
| 104 | + ) { |
|
| 105 | + $this->assign('showRevealLink', true); |
|
| 106 | + $this->assign('revealHash', $request->getRevealHash()); |
|
| 107 | + } |
|
| 108 | + |
|
| 109 | + $this->assign('canSeeRelatedRequests', false); |
|
| 110 | + if ($allowedPrivateData || $this->barrierTest('seeRelatedRequests', $currentUser, 'RequestData')) { |
|
| 111 | + $this->setupRelatedRequests($request, $config, $database); |
|
| 112 | + } |
|
| 113 | + |
|
| 114 | + $this->assign('canCreateLocalAccount', $this->barrierTest('createLocalAccount', $currentUser, 'RequestData')); |
|
| 115 | 115 | |
| 116 | - $closureDate = $request->getClosureDate(); |
|
| 117 | - $date = new DateTime(); |
|
| 118 | - $date->modify("-7 days"); |
|
| 119 | - if ($request->getStatus() == "Closed" && $closureDate < $date) { |
|
| 120 | - $this->assign('isOldRequest', true); |
|
| 121 | - } |
|
| 122 | - $this->assign('canResetOldRequest', $this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')); |
|
| 123 | - $this->assign('canResetPurgedRequest', $this->barrierTest('reopenClearedRequest', $currentUser, 'RequestData')); |
|
| 124 | - |
|
| 125 | - $this->assign('requestEmailSent', $request->getEmailSent()); |
|
| 126 | - |
|
| 127 | - if ($allowedPrivateData) { |
|
| 128 | - $this->setTemplate('view-request/main-with-data.tpl'); |
|
| 129 | - $this->setupPrivateData($request, $config); |
|
| 130 | - $this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class)); |
|
| 131 | - $this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')); |
|
| 132 | - |
|
| 133 | - if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) { |
|
| 134 | - $this->setTemplate('view-request/main-with-checkuser-data.tpl'); |
|
| 135 | - $this->setupCheckUserData($request); |
|
| 136 | - } |
|
| 137 | - } |
|
| 138 | - else { |
|
| 139 | - $this->setTemplate('view-request/main.tpl'); |
|
| 140 | - } |
|
| 141 | - } |
|
| 142 | - |
|
| 143 | - /** |
|
| 144 | - * @param Request $request |
|
| 145 | - */ |
|
| 146 | - protected function setupTitle(Request $request) |
|
| 147 | - { |
|
| 148 | - $statusSymbol = self::STATUS_SYMBOL_OPEN; |
|
| 149 | - if ($request->getStatus() === RequestStatus::CLOSED) { |
|
| 150 | - if ($request->getWasCreated()) { |
|
| 151 | - $statusSymbol = self::STATUS_SYMBOL_ACCEPTED; |
|
| 152 | - } |
|
| 153 | - else { |
|
| 154 | - $statusSymbol = self::STATUS_SYMBOL_REJECTED; |
|
| 155 | - } |
|
| 156 | - } |
|
| 157 | - |
|
| 158 | - $this->setHtmlTitle($statusSymbol . ' #' . $request->getId()); |
|
| 159 | - } |
|
| 160 | - |
|
| 161 | - /** |
|
| 162 | - * Sets up data unrelated to the request, such as the email template information |
|
| 163 | - * |
|
| 164 | - * @param PdoDatabase $database |
|
| 165 | - */ |
|
| 166 | - protected function setupGeneralData(PdoDatabase $database) |
|
| 167 | - { |
|
| 168 | - $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #'); |
|
| 169 | - |
|
| 170 | - // FIXME: domains |
|
| 171 | - /** @var Domain $domain */ |
|
| 172 | - $domain = Domain::getById(1, $database); |
|
| 173 | - $this->assign('defaultRequestState', RequestQueue::getDefaultQueue($database, 1)->getApiName()); |
|
| 174 | - $this->assign('activeRequestQueues', RequestQueue::getEnabledQueues($database)); |
|
| 175 | - |
|
| 176 | - /** @var EmailTemplate $createdTemplate */ |
|
| 177 | - $createdTemplate = EmailTemplate::getById($domain->getDefaultClose(), $database); |
|
| 178 | - |
|
| 179 | - $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != ''); |
|
| 180 | - $this->assign('createdId', $createdTemplate->getId()); |
|
| 181 | - $this->assign('createdName', $createdTemplate->getName()); |
|
| 182 | - |
|
| 183 | - $createReasons = EmailTemplate::getActiveNonpreloadTemplates(EmailTemplate::ACTION_CREATED, $database, $domain->getDefaultClose()); |
|
| 184 | - $this->assign("createReasons", $createReasons); |
|
| 185 | - $declineReasons = EmailTemplate::getActiveNonpreloadTemplates(EmailTemplate::ACTION_NOT_CREATED, $database); |
|
| 186 | - $this->assign("declineReasons", $declineReasons); |
|
| 187 | - |
|
| 188 | - $allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::ACTION_CREATED, $database); |
|
| 189 | - $this->assign("allCreateReasons", $allCreateReasons); |
|
| 190 | - $allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::ACTION_NOT_CREATED, $database); |
|
| 191 | - $this->assign("allDeclineReasons", $allDeclineReasons); |
|
| 192 | - $allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database); |
|
| 193 | - $this->assign("allOtherReasons", $allOtherReasons); |
|
| 194 | - } |
|
| 195 | - |
|
| 196 | - private function setupLogData(Request $request, PdoDatabase $database) |
|
| 197 | - { |
|
| 198 | - $currentUser = User::getCurrent($database); |
|
| 199 | - |
|
| 200 | - $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager()); |
|
| 201 | - $requestLogs = array(); |
|
| 202 | - |
|
| 203 | - /** @var User[] $nameCache */ |
|
| 204 | - $nameCache = array(); |
|
| 205 | - |
|
| 206 | - $editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class); |
|
| 207 | - |
|
| 208 | - $canFlag = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageFlagComment::class); |
|
| 209 | - $canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class); |
|
| 210 | - |
|
| 211 | - /** @var Log|Comment $entry */ |
|
| 212 | - foreach ($logs as $entry) { |
|
| 213 | - // both log and comment have a 'user' field |
|
| 214 | - if (!array_key_exists($entry->getUser(), $nameCache)) { |
|
| 215 | - $entryUser = User::getById($entry->getUser(), $database); |
|
| 216 | - $nameCache[$entry->getUser()] = $entryUser; |
|
| 217 | - } |
|
| 218 | - |
|
| 219 | - if ($entry instanceof Comment) { |
|
| 220 | - $requestLogs[] = array( |
|
| 221 | - 'type' => 'comment', |
|
| 222 | - 'security' => $entry->getVisibility(), |
|
| 223 | - 'user' => $entry->getVisibility() == 'requester' ? $request->getName() : $nameCache[$entry->getUser()]->getUsername(), |
|
| 224 | - 'userid' => $entry->getUser() == -1 ? null : $entry->getUser(), |
|
| 225 | - 'entry' => null, |
|
| 226 | - 'time' => $entry->getTime(), |
|
| 227 | - 'canedit' => ($editableComments || $entry->getUser() == $currentUser->getId()), |
|
| 228 | - 'id' => $entry->getId(), |
|
| 229 | - 'comment' => $entry->getComment(), |
|
| 230 | - 'flagged' => $entry->getFlagged(), |
|
| 231 | - 'canflag' => $canFlag && (!$entry->getFlagged() || ($entry->getFlagged() && $canUnflag)), |
|
| 232 | - 'updateversion' => $entry->getUpdateVersion(), |
|
| 233 | - 'edited' => $entry->getEdited() |
|
| 234 | - ); |
|
| 235 | - } |
|
| 236 | - |
|
| 237 | - if ($entry instanceof Log) { |
|
| 238 | - $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0; |
|
| 239 | - $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()]; |
|
| 240 | - |
|
| 241 | - $entryComment = $entry->getComment(); |
|
| 242 | - |
|
| 243 | - if ($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest') { |
|
| 244 | - $data = unserialize($entry->getComment()); |
|
| 245 | - /** @var JobQueue $job */ |
|
| 246 | - $job = JobQueue::getById($data['job'], $database); |
|
| 247 | - $requestLogs[] = array( |
|
| 248 | - 'type' => 'joblog', |
|
| 249 | - 'security' => 'user', |
|
| 250 | - 'userid' => $entry->getUser() == -1 ? null : $entry->getUser(), |
|
| 251 | - 'user' => $entryUser->getUsername(), |
|
| 252 | - 'entry' => LogHelper::getLogDescription($entry), |
|
| 253 | - 'time' => $entry->getTimestamp(), |
|
| 254 | - 'canedit' => false, |
|
| 255 | - 'id' => $entry->getId(), |
|
| 256 | - 'jobId' => $job->getId(), |
|
| 257 | - 'jobDesc' => JobQueue::getTaskDescriptions()[$job->getTask()], |
|
| 258 | - ); |
|
| 259 | - } |
|
| 260 | - else { |
|
| 261 | - $requestLogs[] = array( |
|
| 262 | - 'type' => 'log', |
|
| 263 | - 'security' => 'user', |
|
| 264 | - 'userid' => $entry->getUser() == -1 ? null : $entry->getUser(), |
|
| 265 | - 'user' => $entryUser->getUsername(), |
|
| 266 | - 'entry' => LogHelper::getLogDescription($entry), |
|
| 267 | - 'time' => $entry->getTimestamp(), |
|
| 268 | - 'canedit' => false, |
|
| 269 | - 'id' => $entry->getId(), |
|
| 270 | - 'comment' => $entryComment, |
|
| 271 | - ); |
|
| 272 | - } |
|
| 273 | - } |
|
| 274 | - } |
|
| 275 | - |
|
| 276 | - $this->addJs("/api.php?action=users&targetVariable=typeaheaddata"); |
|
| 277 | - |
|
| 278 | - $this->assign("requestLogs", $requestLogs); |
|
| 279 | - } |
|
| 280 | - |
|
| 281 | - /** |
|
| 282 | - * @param Request $request |
|
| 283 | - */ |
|
| 284 | - protected function setupUsernameData(Request $request) |
|
| 285 | - { |
|
| 286 | - $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName()); |
|
| 287 | - |
|
| 288 | - $this->assign('requestIsBlacklisted', $blacklistData !== false); |
|
| 289 | - $this->assign('requestBlacklist', $blacklistData); |
|
| 290 | - |
|
| 291 | - try { |
|
| 292 | - $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName()); |
|
| 293 | - } |
|
| 294 | - catch (Exception $ex) { |
|
| 295 | - $spoofs = $ex->getMessage(); |
|
| 296 | - } |
|
| 297 | - |
|
| 298 | - $this->assign("spoofs", $spoofs); |
|
| 299 | - } |
|
| 300 | - |
|
| 301 | - private function setupCreationTypes(User $user) |
|
| 302 | - { |
|
| 303 | - $this->assign('allowWelcomeSkip', false); |
|
| 304 | - $this->assign('forceWelcomeSkip', false); |
|
| 305 | - |
|
| 306 | - $oauth = new OAuthUserHelper($user, $this->getDatabase(), $this->getOAuthProtocolHelper(), $this->getSiteConfiguration()); |
|
| 307 | - |
|
| 308 | - if ($user->getWelcomeTemplate() != 0) { |
|
| 309 | - $this->assign('allowWelcomeSkip', true); |
|
| 310 | - |
|
| 311 | - if (!$oauth->canWelcome()) { |
|
| 312 | - $this->assign('forceWelcomeSkip', true); |
|
| 313 | - } |
|
| 314 | - } |
|
| 315 | - |
|
| 316 | - // test credentials |
|
| 317 | - $canManualCreate = $this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation'); |
|
| 318 | - $canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation'); |
|
| 319 | - $canBotCreate = $this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation'); |
|
| 320 | - |
|
| 321 | - $this->assign('canManualCreate', $canManualCreate); |
|
| 322 | - $this->assign('canOauthCreate', $canOauthCreate); |
|
| 323 | - $this->assign('canBotCreate', $canBotCreate); |
|
| 324 | - |
|
| 325 | - // show/hide the type radio buttons |
|
| 326 | - $creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1; |
|
| 327 | - |
|
| 328 | - if (!$this->barrierTest($user->getCreationMode(), $user, 'RequestCreation')) { |
|
| 329 | - // user is not allowed to use their default. Force a choice. |
|
| 330 | - $creationHasChoice = true; |
|
| 331 | - } |
|
| 332 | - |
|
| 333 | - $this->assign('creationHasChoice', $creationHasChoice); |
|
| 334 | - |
|
| 335 | - // determine problems in creation types |
|
| 336 | - $this->assign('botProblem', false); |
|
| 337 | - if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) { |
|
| 338 | - $this->assign('botProblem', true); |
|
| 339 | - } |
|
| 340 | - |
|
| 341 | - $this->assign('oauthProblem', false); |
|
| 342 | - if ($canOauthCreate && !$oauth->canCreateAccount()) { |
|
| 343 | - $this->assign('oauthProblem', true); |
|
| 344 | - } |
|
| 345 | - } |
|
| 116 | + $closureDate = $request->getClosureDate(); |
|
| 117 | + $date = new DateTime(); |
|
| 118 | + $date->modify("-7 days"); |
|
| 119 | + if ($request->getStatus() == "Closed" && $closureDate < $date) { |
|
| 120 | + $this->assign('isOldRequest', true); |
|
| 121 | + } |
|
| 122 | + $this->assign('canResetOldRequest', $this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')); |
|
| 123 | + $this->assign('canResetPurgedRequest', $this->barrierTest('reopenClearedRequest', $currentUser, 'RequestData')); |
|
| 124 | + |
|
| 125 | + $this->assign('requestEmailSent', $request->getEmailSent()); |
|
| 126 | + |
|
| 127 | + if ($allowedPrivateData) { |
|
| 128 | + $this->setTemplate('view-request/main-with-data.tpl'); |
|
| 129 | + $this->setupPrivateData($request, $config); |
|
| 130 | + $this->assign('canSetBan', $this->barrierTest('set', $currentUser, PageBan::class)); |
|
| 131 | + $this->assign('canSeeCheckuserData', $this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')); |
|
| 132 | + |
|
| 133 | + if ($this->barrierTest('seeUserAgentData', $currentUser, 'RequestData')) { |
|
| 134 | + $this->setTemplate('view-request/main-with-checkuser-data.tpl'); |
|
| 135 | + $this->setupCheckUserData($request); |
|
| 136 | + } |
|
| 137 | + } |
|
| 138 | + else { |
|
| 139 | + $this->setTemplate('view-request/main.tpl'); |
|
| 140 | + } |
|
| 141 | + } |
|
| 142 | + |
|
| 143 | + /** |
|
| 144 | + * @param Request $request |
|
| 145 | + */ |
|
| 146 | + protected function setupTitle(Request $request) |
|
| 147 | + { |
|
| 148 | + $statusSymbol = self::STATUS_SYMBOL_OPEN; |
|
| 149 | + if ($request->getStatus() === RequestStatus::CLOSED) { |
|
| 150 | + if ($request->getWasCreated()) { |
|
| 151 | + $statusSymbol = self::STATUS_SYMBOL_ACCEPTED; |
|
| 152 | + } |
|
| 153 | + else { |
|
| 154 | + $statusSymbol = self::STATUS_SYMBOL_REJECTED; |
|
| 155 | + } |
|
| 156 | + } |
|
| 157 | + |
|
| 158 | + $this->setHtmlTitle($statusSymbol . ' #' . $request->getId()); |
|
| 159 | + } |
|
| 160 | + |
|
| 161 | + /** |
|
| 162 | + * Sets up data unrelated to the request, such as the email template information |
|
| 163 | + * |
|
| 164 | + * @param PdoDatabase $database |
|
| 165 | + */ |
|
| 166 | + protected function setupGeneralData(PdoDatabase $database) |
|
| 167 | + { |
|
| 168 | + $this->assign('createAccountReason', 'Requested account at [[WP:ACC]], request #'); |
|
| 169 | + |
|
| 170 | + // FIXME: domains |
|
| 171 | + /** @var Domain $domain */ |
|
| 172 | + $domain = Domain::getById(1, $database); |
|
| 173 | + $this->assign('defaultRequestState', RequestQueue::getDefaultQueue($database, 1)->getApiName()); |
|
| 174 | + $this->assign('activeRequestQueues', RequestQueue::getEnabledQueues($database)); |
|
| 175 | + |
|
| 176 | + /** @var EmailTemplate $createdTemplate */ |
|
| 177 | + $createdTemplate = EmailTemplate::getById($domain->getDefaultClose(), $database); |
|
| 178 | + |
|
| 179 | + $this->assign('createdHasJsQuestion', $createdTemplate->getJsquestion() != ''); |
|
| 180 | + $this->assign('createdId', $createdTemplate->getId()); |
|
| 181 | + $this->assign('createdName', $createdTemplate->getName()); |
|
| 182 | + |
|
| 183 | + $createReasons = EmailTemplate::getActiveNonpreloadTemplates(EmailTemplate::ACTION_CREATED, $database, $domain->getDefaultClose()); |
|
| 184 | + $this->assign("createReasons", $createReasons); |
|
| 185 | + $declineReasons = EmailTemplate::getActiveNonpreloadTemplates(EmailTemplate::ACTION_NOT_CREATED, $database); |
|
| 186 | + $this->assign("declineReasons", $declineReasons); |
|
| 187 | + |
|
| 188 | + $allCreateReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::ACTION_CREATED, $database); |
|
| 189 | + $this->assign("allCreateReasons", $allCreateReasons); |
|
| 190 | + $allDeclineReasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::ACTION_NOT_CREATED, $database); |
|
| 191 | + $this->assign("allDeclineReasons", $allDeclineReasons); |
|
| 192 | + $allOtherReasons = EmailTemplate::getAllActiveTemplates(false, $database); |
|
| 193 | + $this->assign("allOtherReasons", $allOtherReasons); |
|
| 194 | + } |
|
| 195 | + |
|
| 196 | + private function setupLogData(Request $request, PdoDatabase $database) |
|
| 197 | + { |
|
| 198 | + $currentUser = User::getCurrent($database); |
|
| 199 | + |
|
| 200 | + $logs = LogHelper::getRequestLogsWithComments($request->getId(), $database, $this->getSecurityManager()); |
|
| 201 | + $requestLogs = array(); |
|
| 202 | + |
|
| 203 | + /** @var User[] $nameCache */ |
|
| 204 | + $nameCache = array(); |
|
| 205 | + |
|
| 206 | + $editableComments = $this->barrierTest('editOthers', $currentUser, PageEditComment::class); |
|
| 207 | + |
|
| 208 | + $canFlag = $this->barrierTest(RoleConfiguration::MAIN, $currentUser, PageFlagComment::class); |
|
| 209 | + $canUnflag = $this->barrierTest('unflag', $currentUser, PageFlagComment::class); |
|
| 210 | + |
|
| 211 | + /** @var Log|Comment $entry */ |
|
| 212 | + foreach ($logs as $entry) { |
|
| 213 | + // both log and comment have a 'user' field |
|
| 214 | + if (!array_key_exists($entry->getUser(), $nameCache)) { |
|
| 215 | + $entryUser = User::getById($entry->getUser(), $database); |
|
| 216 | + $nameCache[$entry->getUser()] = $entryUser; |
|
| 217 | + } |
|
| 218 | + |
|
| 219 | + if ($entry instanceof Comment) { |
|
| 220 | + $requestLogs[] = array( |
|
| 221 | + 'type' => 'comment', |
|
| 222 | + 'security' => $entry->getVisibility(), |
|
| 223 | + 'user' => $entry->getVisibility() == 'requester' ? $request->getName() : $nameCache[$entry->getUser()]->getUsername(), |
|
| 224 | + 'userid' => $entry->getUser() == -1 ? null : $entry->getUser(), |
|
| 225 | + 'entry' => null, |
|
| 226 | + 'time' => $entry->getTime(), |
|
| 227 | + 'canedit' => ($editableComments || $entry->getUser() == $currentUser->getId()), |
|
| 228 | + 'id' => $entry->getId(), |
|
| 229 | + 'comment' => $entry->getComment(), |
|
| 230 | + 'flagged' => $entry->getFlagged(), |
|
| 231 | + 'canflag' => $canFlag && (!$entry->getFlagged() || ($entry->getFlagged() && $canUnflag)), |
|
| 232 | + 'updateversion' => $entry->getUpdateVersion(), |
|
| 233 | + 'edited' => $entry->getEdited() |
|
| 234 | + ); |
|
| 235 | + } |
|
| 236 | + |
|
| 237 | + if ($entry instanceof Log) { |
|
| 238 | + $invalidUserId = $entry->getUser() === -1 || $entry->getUser() === 0; |
|
| 239 | + $entryUser = $invalidUserId ? User::getCommunity() : $nameCache[$entry->getUser()]; |
|
| 240 | + |
|
| 241 | + $entryComment = $entry->getComment(); |
|
| 242 | + |
|
| 243 | + if ($entry->getAction() === 'JobIssueRequest' || $entry->getAction() === 'JobCompletedRequest') { |
|
| 244 | + $data = unserialize($entry->getComment()); |
|
| 245 | + /** @var JobQueue $job */ |
|
| 246 | + $job = JobQueue::getById($data['job'], $database); |
|
| 247 | + $requestLogs[] = array( |
|
| 248 | + 'type' => 'joblog', |
|
| 249 | + 'security' => 'user', |
|
| 250 | + 'userid' => $entry->getUser() == -1 ? null : $entry->getUser(), |
|
| 251 | + 'user' => $entryUser->getUsername(), |
|
| 252 | + 'entry' => LogHelper::getLogDescription($entry), |
|
| 253 | + 'time' => $entry->getTimestamp(), |
|
| 254 | + 'canedit' => false, |
|
| 255 | + 'id' => $entry->getId(), |
|
| 256 | + 'jobId' => $job->getId(), |
|
| 257 | + 'jobDesc' => JobQueue::getTaskDescriptions()[$job->getTask()], |
|
| 258 | + ); |
|
| 259 | + } |
|
| 260 | + else { |
|
| 261 | + $requestLogs[] = array( |
|
| 262 | + 'type' => 'log', |
|
| 263 | + 'security' => 'user', |
|
| 264 | + 'userid' => $entry->getUser() == -1 ? null : $entry->getUser(), |
|
| 265 | + 'user' => $entryUser->getUsername(), |
|
| 266 | + 'entry' => LogHelper::getLogDescription($entry), |
|
| 267 | + 'time' => $entry->getTimestamp(), |
|
| 268 | + 'canedit' => false, |
|
| 269 | + 'id' => $entry->getId(), |
|
| 270 | + 'comment' => $entryComment, |
|
| 271 | + ); |
|
| 272 | + } |
|
| 273 | + } |
|
| 274 | + } |
|
| 275 | + |
|
| 276 | + $this->addJs("/api.php?action=users&targetVariable=typeaheaddata"); |
|
| 277 | + |
|
| 278 | + $this->assign("requestLogs", $requestLogs); |
|
| 279 | + } |
|
| 280 | + |
|
| 281 | + /** |
|
| 282 | + * @param Request $request |
|
| 283 | + */ |
|
| 284 | + protected function setupUsernameData(Request $request) |
|
| 285 | + { |
|
| 286 | + $blacklistData = $this->getBlacklistHelper()->isBlacklisted($request->getName()); |
|
| 287 | + |
|
| 288 | + $this->assign('requestIsBlacklisted', $blacklistData !== false); |
|
| 289 | + $this->assign('requestBlacklist', $blacklistData); |
|
| 290 | + |
|
| 291 | + try { |
|
| 292 | + $spoofs = $this->getAntiSpoofProvider()->getSpoofs($request->getName()); |
|
| 293 | + } |
|
| 294 | + catch (Exception $ex) { |
|
| 295 | + $spoofs = $ex->getMessage(); |
|
| 296 | + } |
|
| 297 | + |
|
| 298 | + $this->assign("spoofs", $spoofs); |
|
| 299 | + } |
|
| 300 | + |
|
| 301 | + private function setupCreationTypes(User $user) |
|
| 302 | + { |
|
| 303 | + $this->assign('allowWelcomeSkip', false); |
|
| 304 | + $this->assign('forceWelcomeSkip', false); |
|
| 305 | + |
|
| 306 | + $oauth = new OAuthUserHelper($user, $this->getDatabase(), $this->getOAuthProtocolHelper(), $this->getSiteConfiguration()); |
|
| 307 | + |
|
| 308 | + if ($user->getWelcomeTemplate() != 0) { |
|
| 309 | + $this->assign('allowWelcomeSkip', true); |
|
| 310 | + |
|
| 311 | + if (!$oauth->canWelcome()) { |
|
| 312 | + $this->assign('forceWelcomeSkip', true); |
|
| 313 | + } |
|
| 314 | + } |
|
| 315 | + |
|
| 316 | + // test credentials |
|
| 317 | + $canManualCreate = $this->barrierTest(User::CREATION_MANUAL, $user, 'RequestCreation'); |
|
| 318 | + $canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $user, 'RequestCreation'); |
|
| 319 | + $canBotCreate = $this->barrierTest(User::CREATION_BOT, $user, 'RequestCreation'); |
|
| 320 | + |
|
| 321 | + $this->assign('canManualCreate', $canManualCreate); |
|
| 322 | + $this->assign('canOauthCreate', $canOauthCreate); |
|
| 323 | + $this->assign('canBotCreate', $canBotCreate); |
|
| 324 | + |
|
| 325 | + // show/hide the type radio buttons |
|
| 326 | + $creationHasChoice = count(array_filter([$canManualCreate, $canOauthCreate, $canBotCreate])) > 1; |
|
| 327 | + |
|
| 328 | + if (!$this->barrierTest($user->getCreationMode(), $user, 'RequestCreation')) { |
|
| 329 | + // user is not allowed to use their default. Force a choice. |
|
| 330 | + $creationHasChoice = true; |
|
| 331 | + } |
|
| 332 | + |
|
| 333 | + $this->assign('creationHasChoice', $creationHasChoice); |
|
| 334 | + |
|
| 335 | + // determine problems in creation types |
|
| 336 | + $this->assign('botProblem', false); |
|
| 337 | + if ($canBotCreate && $this->getSiteConfiguration()->getCreationBotPassword() === null) { |
|
| 338 | + $this->assign('botProblem', true); |
|
| 339 | + } |
|
| 340 | + |
|
| 341 | + $this->assign('oauthProblem', false); |
|
| 342 | + if ($canOauthCreate && !$oauth->canCreateAccount()) { |
|
| 343 | + $this->assign('oauthProblem', true); |
|
| 344 | + } |
|
| 345 | + } |
|
| 346 | 346 | } |
@@ -19,155 +19,155 @@ |
||
| 19 | 19 | |
| 20 | 20 | class PageDomainManagement extends InternalPageBase |
| 21 | 21 | { |
| 22 | - protected function main() |
|
| 23 | - { |
|
| 24 | - $this->setHtmlTitle('Domain Management'); |
|
| 25 | - |
|
| 26 | - $database = $this->getDatabase(); |
|
| 27 | - $currentUser = User::getCurrent($database); |
|
| 28 | - |
|
| 29 | - /** @var Domain[] $domains */ |
|
| 30 | - $domains = Domain::getAll($database); |
|
| 31 | - |
|
| 32 | - $templates = []; |
|
| 33 | - foreach ($domains as $domain) { |
|
| 34 | - if ($domain->getDefaultClose() !== null) { |
|
| 35 | - $templates[$domain->getDefaultClose()] = EmailTemplate::getById($domain->getDefaultClose(), $database); |
|
| 36 | - } |
|
| 37 | - } |
|
| 38 | - |
|
| 39 | - $canEdit = $this->barrierTest('edit', $currentUser); |
|
| 40 | - $canEditAll = $this->barrierTest('editAll', $currentUser); |
|
| 41 | - $canCreate = $this->barrierTest('create', $currentUser); |
|
| 42 | - $this->assign('canEdit', $canEdit); |
|
| 43 | - $this->assign('canEditAll', $canEditAll); |
|
| 44 | - $this->assign('canCreate', $canCreate); |
|
| 45 | - |
|
| 46 | - $this->assign('domains', $domains); |
|
| 47 | - $this->assign('closeTemplates', $templates); |
|
| 48 | - $this->assign('currentDomain', Domain::getCurrent($database)); |
|
| 49 | - $this->setTemplate('domain-management/main.tpl'); |
|
| 50 | - } |
|
| 51 | - |
|
| 52 | - protected function create() |
|
| 53 | - { |
|
| 54 | - $this->setHtmlTitle('Domain Management'); |
|
| 55 | - $database = $this->getDatabase(); |
|
| 56 | - $currentUser = User::getCurrent($database); |
|
| 57 | - |
|
| 58 | - // quickly check the user is allowed to edit all fields. If not, then they shouldn't be allowed to create |
|
| 59 | - // new domains either. With any luck, a competent developer would never grant create without editAll to a role |
|
| 60 | - // anyway, so this will never be hit. |
|
| 61 | - if (!$this->barrierTest('editAll', $currentUser)) { |
|
| 62 | - throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 63 | - } |
|
| 64 | - |
|
| 65 | - if (WebRequest::wasPosted()) { |
|
| 66 | - $this->validateCSRFToken(); |
|
| 67 | - |
|
| 68 | - $domain = new Domain(); |
|
| 69 | - $domain->setDatabase($database); |
|
| 70 | - |
|
| 71 | - $domain->setShortName(WebRequest::postString('shortName')); |
|
| 72 | - $domain->setLongName(WebRequest::postString('longName')); |
|
| 73 | - $domain->setWikiArticlePath(WebRequest::postString('articlePath')); |
|
| 74 | - $domain->setWikiApiPath(WebRequest::postString('apiPath')); |
|
| 75 | - $domain->setEnabled(WebRequest::postBoolean('enabled')); |
|
| 76 | - $domain->setDefaultLanguage(WebRequest::postString('defaultLanguage')); |
|
| 77 | - $domain->setDefaultClose(null); |
|
| 78 | - $domain->setEmailReplyAddress(WebRequest::postString('emailReplyTo')); |
|
| 79 | - $domain->setNotificationTarget(WebRequest::postString('notificationTarget')); |
|
| 80 | - $domain->setLocalDocumentation(WebRequest::postString('localDocumentation')); |
|
| 81 | - |
|
| 82 | - $domain->save(); |
|
| 83 | - |
|
| 84 | - Logger::domainCreated($database, $domain); |
|
| 85 | - $this->redirect('domainManagement'); |
|
| 86 | - } |
|
| 87 | - else { |
|
| 88 | - $this->assignCSRFToken(); |
|
| 89 | - |
|
| 90 | - $this->assign('shortName', ''); |
|
| 91 | - $this->assign('longName', ''); |
|
| 92 | - $this->assign('articlePath', ''); |
|
| 93 | - $this->assign('apiPath', ''); |
|
| 94 | - $this->assign('enabled', false); |
|
| 95 | - $this->assign('defaultLanguage', 'en'); |
|
| 96 | - $this->assign('emailReplyTo', ''); |
|
| 97 | - $this->assign('notificationTarget', ''); |
|
| 98 | - $this->assign('localDocumentation', ''); |
|
| 99 | - |
|
| 100 | - $this->assign('createMode', true); |
|
| 101 | - $this->assign('canEditAll', true); |
|
| 102 | - |
|
| 103 | - $this->setTemplate('domain-management/edit.tpl'); |
|
| 104 | - } |
|
| 105 | - } |
|
| 106 | - |
|
| 107 | - protected function edit() |
|
| 108 | - { |
|
| 109 | - $this->setHtmlTitle('Domain Management'); |
|
| 110 | - $database = $this->getDatabase(); |
|
| 111 | - $currentUser = User::getCurrent($database); |
|
| 112 | - |
|
| 113 | - $canEditAll = $this->barrierTest('editAll', $currentUser); |
|
| 114 | - |
|
| 115 | - /** @var Domain $domain */ |
|
| 116 | - $domain = Domain::getById(WebRequest::getInt('domain'), $database); |
|
| 117 | - |
|
| 118 | - if (WebRequest::wasPosted()) { |
|
| 119 | - $this->validateCSRFToken(); |
|
| 120 | - |
|
| 121 | - $domain->setLongName(WebRequest::postString('longName')); |
|
| 122 | - $domain->setDefaultLanguage(WebRequest::postString('defaultLanguage')); |
|
| 123 | - $domain->setLocalDocumentation(WebRequest::postString('localDocumentation')); |
|
| 124 | - |
|
| 125 | - /** @var EmailTemplate $template */ |
|
| 126 | - $template = EmailTemplate::getById(WebRequest::postInt('defaultClose'), $database); |
|
| 127 | - if ($template->getActive() |
|
| 128 | - && $template->getPreloadOnly() === false |
|
| 129 | - && $template->getDefaultAction() === EmailTemplate::ACTION_CREATED) { |
|
| 130 | - $domain->setDefaultClose(WebRequest::postInt('defaultClose')); |
|
| 131 | - } |
|
| 132 | - else { |
|
| 133 | - SessionAlert::warning("Chosen email template is not valid for use as the default creation template"); |
|
| 134 | - } |
|
| 135 | - |
|
| 136 | - if ($canEditAll) { |
|
| 137 | - $domain->setWikiArticlePath(WebRequest::postString('articlePath')); |
|
| 138 | - $domain->setWikiApiPath(WebRequest::postString('apiPath')); |
|
| 139 | - $domain->setEnabled(WebRequest::postBoolean('enabled')); |
|
| 140 | - $domain->setEmailReplyAddress(WebRequest::postString('emailReplyTo')); |
|
| 141 | - $domain->setNotificationTarget(WebRequest::postString('notificationTarget')); |
|
| 142 | - } |
|
| 143 | - |
|
| 144 | - $domain->save(); |
|
| 145 | - |
|
| 146 | - Logger::domainEdited($database, $domain); |
|
| 147 | - $this->redirect('domainManagement'); |
|
| 148 | - } |
|
| 149 | - else { |
|
| 150 | - $this->assignCSRFToken(); |
|
| 151 | - |
|
| 152 | - $templates = EmailTemplate::getActiveNonpreloadTemplates(EmailTemplate::ACTION_CREATED, $database); |
|
| 153 | - $this->assign('closeTemplates', $templates); |
|
| 154 | - |
|
| 155 | - $this->assign('shortName', $domain->getShortName()); |
|
| 156 | - $this->assign('longName', $domain->getLongName()); |
|
| 157 | - $this->assign('articlePath', $domain->getWikiArticlePath()); |
|
| 158 | - $this->assign('apiPath', $domain->getWikiApiPath()); |
|
| 159 | - $this->assign('enabled', $domain->isEnabled()); |
|
| 160 | - $this->assign('defaultClose', $domain->getDefaultClose()); |
|
| 161 | - $this->assign('defaultLanguage', $domain->getDefaultLanguage()); |
|
| 162 | - $this->assign('emailReplyTo', $domain->getEmailReplyAddress()); |
|
| 163 | - $this->assign('notificationTarget', $domain->getNotificationTarget()); |
|
| 164 | - $this->assign('localDocumentation', $domain->getLocalDocumentation()); |
|
| 165 | - |
|
| 166 | - |
|
| 167 | - $this->assign('createMode', false); |
|
| 168 | - $this->assign('canEditAll', $canEditAll); |
|
| 169 | - |
|
| 170 | - $this->setTemplate('domain-management/edit.tpl'); |
|
| 171 | - } |
|
| 172 | - } |
|
| 22 | + protected function main() |
|
| 23 | + { |
|
| 24 | + $this->setHtmlTitle('Domain Management'); |
|
| 25 | + |
|
| 26 | + $database = $this->getDatabase(); |
|
| 27 | + $currentUser = User::getCurrent($database); |
|
| 28 | + |
|
| 29 | + /** @var Domain[] $domains */ |
|
| 30 | + $domains = Domain::getAll($database); |
|
| 31 | + |
|
| 32 | + $templates = []; |
|
| 33 | + foreach ($domains as $domain) { |
|
| 34 | + if ($domain->getDefaultClose() !== null) { |
|
| 35 | + $templates[$domain->getDefaultClose()] = EmailTemplate::getById($domain->getDefaultClose(), $database); |
|
| 36 | + } |
|
| 37 | + } |
|
| 38 | + |
|
| 39 | + $canEdit = $this->barrierTest('edit', $currentUser); |
|
| 40 | + $canEditAll = $this->barrierTest('editAll', $currentUser); |
|
| 41 | + $canCreate = $this->barrierTest('create', $currentUser); |
|
| 42 | + $this->assign('canEdit', $canEdit); |
|
| 43 | + $this->assign('canEditAll', $canEditAll); |
|
| 44 | + $this->assign('canCreate', $canCreate); |
|
| 45 | + |
|
| 46 | + $this->assign('domains', $domains); |
|
| 47 | + $this->assign('closeTemplates', $templates); |
|
| 48 | + $this->assign('currentDomain', Domain::getCurrent($database)); |
|
| 49 | + $this->setTemplate('domain-management/main.tpl'); |
|
| 50 | + } |
|
| 51 | + |
|
| 52 | + protected function create() |
|
| 53 | + { |
|
| 54 | + $this->setHtmlTitle('Domain Management'); |
|
| 55 | + $database = $this->getDatabase(); |
|
| 56 | + $currentUser = User::getCurrent($database); |
|
| 57 | + |
|
| 58 | + // quickly check the user is allowed to edit all fields. If not, then they shouldn't be allowed to create |
|
| 59 | + // new domains either. With any luck, a competent developer would never grant create without editAll to a role |
|
| 60 | + // anyway, so this will never be hit. |
|
| 61 | + if (!$this->barrierTest('editAll', $currentUser)) { |
|
| 62 | + throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 63 | + } |
|
| 64 | + |
|
| 65 | + if (WebRequest::wasPosted()) { |
|
| 66 | + $this->validateCSRFToken(); |
|
| 67 | + |
|
| 68 | + $domain = new Domain(); |
|
| 69 | + $domain->setDatabase($database); |
|
| 70 | + |
|
| 71 | + $domain->setShortName(WebRequest::postString('shortName')); |
|
| 72 | + $domain->setLongName(WebRequest::postString('longName')); |
|
| 73 | + $domain->setWikiArticlePath(WebRequest::postString('articlePath')); |
|
| 74 | + $domain->setWikiApiPath(WebRequest::postString('apiPath')); |
|
| 75 | + $domain->setEnabled(WebRequest::postBoolean('enabled')); |
|
| 76 | + $domain->setDefaultLanguage(WebRequest::postString('defaultLanguage')); |
|
| 77 | + $domain->setDefaultClose(null); |
|
| 78 | + $domain->setEmailReplyAddress(WebRequest::postString('emailReplyTo')); |
|
| 79 | + $domain->setNotificationTarget(WebRequest::postString('notificationTarget')); |
|
| 80 | + $domain->setLocalDocumentation(WebRequest::postString('localDocumentation')); |
|
| 81 | + |
|
| 82 | + $domain->save(); |
|
| 83 | + |
|
| 84 | + Logger::domainCreated($database, $domain); |
|
| 85 | + $this->redirect('domainManagement'); |
|
| 86 | + } |
|
| 87 | + else { |
|
| 88 | + $this->assignCSRFToken(); |
|
| 89 | + |
|
| 90 | + $this->assign('shortName', ''); |
|
| 91 | + $this->assign('longName', ''); |
|
| 92 | + $this->assign('articlePath', ''); |
|
| 93 | + $this->assign('apiPath', ''); |
|
| 94 | + $this->assign('enabled', false); |
|
| 95 | + $this->assign('defaultLanguage', 'en'); |
|
| 96 | + $this->assign('emailReplyTo', ''); |
|
| 97 | + $this->assign('notificationTarget', ''); |
|
| 98 | + $this->assign('localDocumentation', ''); |
|
| 99 | + |
|
| 100 | + $this->assign('createMode', true); |
|
| 101 | + $this->assign('canEditAll', true); |
|
| 102 | + |
|
| 103 | + $this->setTemplate('domain-management/edit.tpl'); |
|
| 104 | + } |
|
| 105 | + } |
|
| 106 | + |
|
| 107 | + protected function edit() |
|
| 108 | + { |
|
| 109 | + $this->setHtmlTitle('Domain Management'); |
|
| 110 | + $database = $this->getDatabase(); |
|
| 111 | + $currentUser = User::getCurrent($database); |
|
| 112 | + |
|
| 113 | + $canEditAll = $this->barrierTest('editAll', $currentUser); |
|
| 114 | + |
|
| 115 | + /** @var Domain $domain */ |
|
| 116 | + $domain = Domain::getById(WebRequest::getInt('domain'), $database); |
|
| 117 | + |
|
| 118 | + if (WebRequest::wasPosted()) { |
|
| 119 | + $this->validateCSRFToken(); |
|
| 120 | + |
|
| 121 | + $domain->setLongName(WebRequest::postString('longName')); |
|
| 122 | + $domain->setDefaultLanguage(WebRequest::postString('defaultLanguage')); |
|
| 123 | + $domain->setLocalDocumentation(WebRequest::postString('localDocumentation')); |
|
| 124 | + |
|
| 125 | + /** @var EmailTemplate $template */ |
|
| 126 | + $template = EmailTemplate::getById(WebRequest::postInt('defaultClose'), $database); |
|
| 127 | + if ($template->getActive() |
|
| 128 | + && $template->getPreloadOnly() === false |
|
| 129 | + && $template->getDefaultAction() === EmailTemplate::ACTION_CREATED) { |
|
| 130 | + $domain->setDefaultClose(WebRequest::postInt('defaultClose')); |
|
| 131 | + } |
|
| 132 | + else { |
|
| 133 | + SessionAlert::warning("Chosen email template is not valid for use as the default creation template"); |
|
| 134 | + } |
|
| 135 | + |
|
| 136 | + if ($canEditAll) { |
|
| 137 | + $domain->setWikiArticlePath(WebRequest::postString('articlePath')); |
|
| 138 | + $domain->setWikiApiPath(WebRequest::postString('apiPath')); |
|
| 139 | + $domain->setEnabled(WebRequest::postBoolean('enabled')); |
|
| 140 | + $domain->setEmailReplyAddress(WebRequest::postString('emailReplyTo')); |
|
| 141 | + $domain->setNotificationTarget(WebRequest::postString('notificationTarget')); |
|
| 142 | + } |
|
| 143 | + |
|
| 144 | + $domain->save(); |
|
| 145 | + |
|
| 146 | + Logger::domainEdited($database, $domain); |
|
| 147 | + $this->redirect('domainManagement'); |
|
| 148 | + } |
|
| 149 | + else { |
|
| 150 | + $this->assignCSRFToken(); |
|
| 151 | + |
|
| 152 | + $templates = EmailTemplate::getActiveNonpreloadTemplates(EmailTemplate::ACTION_CREATED, $database); |
|
| 153 | + $this->assign('closeTemplates', $templates); |
|
| 154 | + |
|
| 155 | + $this->assign('shortName', $domain->getShortName()); |
|
| 156 | + $this->assign('longName', $domain->getLongName()); |
|
| 157 | + $this->assign('articlePath', $domain->getWikiArticlePath()); |
|
| 158 | + $this->assign('apiPath', $domain->getWikiApiPath()); |
|
| 159 | + $this->assign('enabled', $domain->isEnabled()); |
|
| 160 | + $this->assign('defaultClose', $domain->getDefaultClose()); |
|
| 161 | + $this->assign('defaultLanguage', $domain->getDefaultLanguage()); |
|
| 162 | + $this->assign('emailReplyTo', $domain->getEmailReplyAddress()); |
|
| 163 | + $this->assign('notificationTarget', $domain->getNotificationTarget()); |
|
| 164 | + $this->assign('localDocumentation', $domain->getLocalDocumentation()); |
|
| 165 | + |
|
| 166 | + |
|
| 167 | + $this->assign('createMode', false); |
|
| 168 | + $this->assign('canEditAll', $canEditAll); |
|
| 169 | + |
|
| 170 | + $this->setTemplate('domain-management/edit.tpl'); |
|
| 171 | + } |
|
| 172 | + } |
|
| 173 | 173 | } |
@@ -29,396 +29,396 @@ |
||
| 29 | 29 | |
| 30 | 30 | class PageCustomClose extends PageCloseRequest |
| 31 | 31 | { |
| 32 | - use RequestData; |
|
| 33 | - |
|
| 34 | - public const CREATE_OAUTH = 'created-oauth'; |
|
| 35 | - public const CREATE_BOT = 'created-bot'; |
|
| 36 | - |
|
| 37 | - protected function main() |
|
| 38 | - { |
|
| 39 | - $database = $this->getDatabase(); |
|
| 40 | - |
|
| 41 | - $request = $this->getRequest($database); |
|
| 42 | - $currentUser = User::getCurrent($this->getDatabase()); |
|
| 43 | - |
|
| 44 | - if ($request->getStatus() === RequestStatus::CLOSED) { |
|
| 45 | - throw new ApplicationLogicException('Request is already closed'); |
|
| 46 | - } |
|
| 47 | - |
|
| 48 | - // Dual-mode page |
|
| 49 | - if (WebRequest::wasPosted()) { |
|
| 50 | - $this->validateCSRFToken(); |
|
| 51 | - $success = $this->doCustomClose($currentUser, $request, $database); |
|
| 52 | - |
|
| 53 | - if ($success) { |
|
| 54 | - $this->redirect(); |
|
| 55 | - } |
|
| 56 | - } |
|
| 57 | - else { |
|
| 58 | - $this->assignCSRFToken(); |
|
| 59 | - $this->showCustomCloseForm($database, $request); |
|
| 60 | - } |
|
| 61 | - } |
|
| 62 | - |
|
| 63 | - /** |
|
| 64 | - * @param $database |
|
| 65 | - * |
|
| 66 | - * @return Request |
|
| 67 | - * @throws ApplicationLogicException |
|
| 68 | - */ |
|
| 69 | - protected function getRequest(PdoDatabase $database) |
|
| 70 | - { |
|
| 71 | - $requestId = WebRequest::getInt('request'); |
|
| 72 | - if ($requestId === null) { |
|
| 73 | - throw new ApplicationLogicException('Request ID not found'); |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - /** @var Request $request */ |
|
| 77 | - $request = Request::getById($requestId, $database); |
|
| 78 | - |
|
| 79 | - if ($request === false) { |
|
| 80 | - throw new ApplicationLogicException('Request not found'); |
|
| 81 | - } |
|
| 82 | - |
|
| 83 | - return $request; |
|
| 84 | - } |
|
| 85 | - |
|
| 86 | - /** |
|
| 87 | - * @param PdoDatabase $database |
|
| 88 | - * |
|
| 89 | - * @return EmailTemplate|null |
|
| 90 | - */ |
|
| 91 | - protected function getTemplate(PdoDatabase $database) |
|
| 92 | - { |
|
| 93 | - $templateId = WebRequest::getInt('template'); |
|
| 94 | - if ($templateId === null) { |
|
| 95 | - return null; |
|
| 96 | - } |
|
| 97 | - |
|
| 98 | - /** @var EmailTemplate $template */ |
|
| 99 | - $template = EmailTemplate::getById($templateId, $database); |
|
| 100 | - if ($template === false || !$template->getActive()) { |
|
| 101 | - return null; |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - return $template; |
|
| 105 | - } |
|
| 106 | - |
|
| 107 | - /** |
|
| 108 | - * @param $database |
|
| 109 | - * @param $request |
|
| 110 | - * |
|
| 111 | - * @throws Exception |
|
| 112 | - */ |
|
| 113 | - protected function showCustomCloseForm(PdoDatabase $database, Request $request) |
|
| 114 | - { |
|
| 115 | - $this->setHtmlTitle("Custom close"); |
|
| 116 | - |
|
| 117 | - $currentUser = User::getCurrent($database); |
|
| 118 | - $config = $this->getSiteConfiguration(); |
|
| 119 | - |
|
| 120 | - $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser); |
|
| 121 | - if (!$allowedPrivateData) { |
|
| 122 | - // we probably shouldn't be showing the user this form if they're not allowed to access private data... |
|
| 123 | - throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 124 | - } |
|
| 125 | - |
|
| 126 | - $template = $this->getTemplate($database); |
|
| 127 | - |
|
| 128 | - // Preload data |
|
| 129 | - $this->assign('defaultAction', ''); |
|
| 130 | - $this->assign('defaultQueue', null); |
|
| 131 | - $this->assign('preloadText', ''); |
|
| 132 | - $this->assign('preloadTitle', ''); |
|
| 133 | - |
|
| 134 | - if ($template !== null) { |
|
| 135 | - $this->assign('defaultAction', $template->getDefaultAction()); |
|
| 136 | - $this->assign('defaultQueue', $template->getQueue()); |
|
| 137 | - $this->assign('preloadText', $template->getText()); |
|
| 138 | - $this->assign('preloadTitle', $template->getName()); |
|
| 139 | - } |
|
| 140 | - |
|
| 141 | - // Static data |
|
| 142 | - $this->assign('requestQueues', $requestQueues = RequestQueue::getEnabledQueues($database)); |
|
| 143 | - |
|
| 144 | - // request data |
|
| 145 | - $this->assign('requestId', $request->getIp()); |
|
| 146 | - $this->assign('updateVersion', $request->getUpdateVersion()); |
|
| 147 | - $this->setupBasicData($request, $config); |
|
| 148 | - $this->setupReservationDetails($request->getReserved(), $database, $currentUser); |
|
| 149 | - $this->setupPrivateData($request, $config); |
|
| 150 | - $this->setupRelatedRequests($request, $config, $database); |
|
| 151 | - |
|
| 152 | - // IP location |
|
| 153 | - $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp($request->getIp(), $request->getForwardedIp()); |
|
| 154 | - $this->assign('iplocation', $this->getLocationProvider()->getIpLocation($trustedIp)); |
|
| 155 | - |
|
| 156 | - // Confirmations |
|
| 157 | - $this->assign('confirmEmailAlreadySent', $this->checkEmailAlreadySent($request)); |
|
| 158 | - |
|
| 159 | - $this->assign('canSkipCcMailingList', $this->barrierTest('skipCcMailingList', $currentUser)); |
|
| 160 | - |
|
| 161 | - $this->assign('allowWelcomeSkip', false); |
|
| 162 | - $this->assign('forceWelcomeSkip', false); |
|
| 163 | - |
|
| 164 | - $canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $currentUser, 'RequestCreation'); |
|
| 165 | - $canBotCreate = $this->barrierTest(User::CREATION_BOT, $currentUser, 'RequestCreation'); |
|
| 166 | - |
|
| 167 | - $oauth = new OAuthUserHelper($currentUser, $this->getDatabase(), $this->getOAuthProtocolHelper(), $config); |
|
| 168 | - |
|
| 169 | - if ($currentUser->getWelcomeTemplate() != 0) { |
|
| 170 | - $this->assign('allowWelcomeSkip', true); |
|
| 171 | - |
|
| 172 | - if (!$oauth->canWelcome()) { |
|
| 173 | - $this->assign('forceWelcomeSkip', true); |
|
| 174 | - } |
|
| 175 | - } |
|
| 176 | - |
|
| 177 | - // disable options if there's a misconfiguration. |
|
| 178 | - $canOauthCreate &= $oauth->canCreateAccount(); |
|
| 179 | - $canBotCreate &= $this->getSiteConfiguration()->getCreationBotPassword() !== null; |
|
| 180 | - |
|
| 181 | - $this->assign('canOauthCreate', $canOauthCreate); |
|
| 182 | - $this->assign('canBotCreate', $canBotCreate); |
|
| 183 | - |
|
| 184 | - // template |
|
| 185 | - $this->setTemplate('custom-close.tpl'); |
|
| 186 | - } |
|
| 187 | - |
|
| 188 | - /** |
|
| 189 | - * @param User $currentUser |
|
| 190 | - * @param Request $request |
|
| 191 | - * @param PdoDatabase $database |
|
| 192 | - * |
|
| 193 | - * @throws ApplicationLogicException |
|
| 194 | - */ |
|
| 195 | - protected function doCustomClose(User $currentUser, Request $request, PdoDatabase $database) : bool |
|
| 196 | - { |
|
| 197 | - $messageBody = WebRequest::postString('msgbody'); |
|
| 198 | - if ($messageBody === null || trim($messageBody) === '') { |
|
| 199 | - throw new ApplicationLogicException('Message body cannot be blank'); |
|
| 200 | - } |
|
| 201 | - |
|
| 202 | - $ccMailingList = true; |
|
| 203 | - if ($this->barrierTest('skipCcMailingList', $currentUser)) { |
|
| 204 | - $ccMailingList = WebRequest::postBoolean('ccMailingList'); |
|
| 205 | - } |
|
| 206 | - |
|
| 207 | - if ($request->getStatus() === RequestStatus::CLOSED) { |
|
| 208 | - throw new ApplicationLogicException('Request is already closed'); |
|
| 209 | - } |
|
| 210 | - |
|
| 211 | - if (!(WebRequest::postBoolean('confirmEmailAlreadySent')) |
|
| 212 | - ) { |
|
| 213 | - throw new ApplicationLogicException('Not all confirmations checked'); |
|
| 214 | - } |
|
| 215 | - |
|
| 216 | - $action = WebRequest::postString('action'); |
|
| 217 | - |
|
| 218 | - if ($action === EmailTemplate::ACTION_CREATED || $action === EmailTemplate::ACTION_NOT_CREATED) { |
|
| 219 | - |
|
| 220 | - if ($action === EmailTemplate::ACTION_CREATED) { |
|
| 221 | - if ($this->checkAccountCreated($request)) { |
|
| 222 | - $this->assignCSRFToken(); |
|
| 223 | - $this->showCustomCloseForm($database, $request); |
|
| 224 | - |
|
| 225 | - $this->assign("preloadText", $messageBody); |
|
| 226 | - $this->assign('preloadAction', $action); |
|
| 227 | - $this->assign('ccMailingList', $ccMailingList); |
|
| 228 | - $this->assign('showNonExistentAccountWarning', true); |
|
| 229 | - $this->assign('skipAutoWelcome', WebRequest::postBoolean('skipAutoWelcome')); |
|
| 230 | - |
|
| 231 | - return false; |
|
| 232 | - } |
|
| 233 | - } |
|
| 234 | - |
|
| 235 | - // Close request |
|
| 236 | - $this->closeRequest($request, $database, $action, $messageBody); |
|
| 237 | - |
|
| 238 | - $this->processWelcome($action, null); |
|
| 239 | - |
|
| 240 | - // Send the mail after the save, since save can be rolled back |
|
| 241 | - $this->sendMail($request, $messageBody, $currentUser, $ccMailingList); |
|
| 242 | - |
|
| 243 | - return true; |
|
| 244 | - } |
|
| 245 | - |
|
| 246 | - if ($action === self::CREATE_OAUTH || $action === self::CREATE_BOT) { |
|
| 247 | - $this->processAutoCreation($currentUser, $action, $request, $messageBody, $ccMailingList); |
|
| 248 | - |
|
| 249 | - return true; |
|
| 250 | - } |
|
| 251 | - |
|
| 252 | - if ($action === 'mail') { |
|
| 253 | - $request->setReserved(null); |
|
| 254 | - $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 255 | - $request->save(); |
|
| 256 | - |
|
| 257 | - // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE |
|
| 258 | - // and be rolled back. |
|
| 259 | - |
|
| 260 | - // Send mail |
|
| 261 | - $this->sendMail($request, $messageBody, $currentUser, $ccMailingList); |
|
| 262 | - |
|
| 263 | - Logger::sentMail($database, $request, $messageBody); |
|
| 264 | - Logger::unreserve($database, $request); |
|
| 265 | - |
|
| 266 | - $this->getNotificationHelper()->sentMail($request); |
|
| 267 | - SessionAlert::success("Sent mail to Request {$request->getId()}"); |
|
| 268 | - |
|
| 269 | - return true; |
|
| 270 | - } |
|
| 271 | - |
|
| 272 | - $targetQueue = RequestQueue::getByApiName($database, $action, 1); |
|
| 273 | - if ($targetQueue !== false) { |
|
| 274 | - // Defer to other state |
|
| 275 | - $this->deferRequest($request, $database, $targetQueue, $messageBody); |
|
| 276 | - |
|
| 277 | - // Send the mail after the save, since save can be rolled back |
|
| 278 | - $this->sendMail($request, $messageBody, $currentUser, $ccMailingList); |
|
| 279 | - |
|
| 280 | - return true; |
|
| 281 | - } |
|
| 282 | - |
|
| 283 | - throw new ApplicationLogicException('Unknown action for custom close.'); |
|
| 284 | - } |
|
| 285 | - |
|
| 286 | - /** |
|
| 287 | - * @param Request $request |
|
| 288 | - * @param PdoDatabase $database |
|
| 289 | - * @param string $action |
|
| 290 | - * @param string $messageBody |
|
| 291 | - * |
|
| 292 | - * @throws Exception |
|
| 293 | - * @throws OptimisticLockFailedException |
|
| 294 | - */ |
|
| 295 | - protected function closeRequest(Request $request, PdoDatabase $database, $action, $messageBody) |
|
| 296 | - { |
|
| 297 | - $request->setStatus(RequestStatus::CLOSED); |
|
| 298 | - $request->setQueue(null); |
|
| 299 | - $request->setReserved(null); |
|
| 300 | - $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 301 | - $request->save(); |
|
| 302 | - |
|
| 303 | - // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and |
|
| 304 | - // be rolled back. |
|
| 305 | - |
|
| 306 | - if ($action == EmailTemplate::ACTION_CREATED) { |
|
| 307 | - $logCloseType = 'custom-y'; |
|
| 308 | - $notificationCloseType = "Custom, Created"; |
|
| 309 | - } |
|
| 310 | - else { |
|
| 311 | - $logCloseType = 'custom-n'; |
|
| 312 | - $notificationCloseType = "Custom, Not Created"; |
|
| 313 | - } |
|
| 314 | - |
|
| 315 | - Logger::closeRequest($database, $request, $logCloseType, $messageBody); |
|
| 316 | - $this->getNotificationHelper()->requestClosed($request, $notificationCloseType); |
|
| 317 | - |
|
| 318 | - $requestName = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 319 | - SessionAlert::success("Request {$request->getId()} ({$requestName}) closed as {$notificationCloseType}."); |
|
| 320 | - } |
|
| 321 | - |
|
| 322 | - /** |
|
| 323 | - * @param Request $request |
|
| 324 | - * @param PdoDatabase $database |
|
| 325 | - * @param RequestQueue $targetQueue |
|
| 326 | - * @param string $messageBody |
|
| 327 | - * |
|
| 328 | - * @throws OptimisticLockFailedException |
|
| 329 | - */ |
|
| 330 | - protected function deferRequest( |
|
| 331 | - Request $request, |
|
| 332 | - PdoDatabase $database, |
|
| 333 | - RequestQueue $targetQueue, |
|
| 334 | - $messageBody |
|
| 335 | - ) { |
|
| 336 | - $request->setStatus(RequestStatus::OPEN); |
|
| 337 | - $request->setQueue($targetQueue->getId()); |
|
| 338 | - $request->setReserved(null); |
|
| 339 | - $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 340 | - $request->save(); |
|
| 341 | - |
|
| 342 | - // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE |
|
| 343 | - // and be rolled back. |
|
| 344 | - |
|
| 345 | - $deferToLog = $targetQueue->getLogName(); |
|
| 346 | - Logger::sentMail($database, $request, $messageBody); |
|
| 347 | - Logger::deferRequest($database, $request, $deferToLog); |
|
| 348 | - |
|
| 349 | - $this->getNotificationHelper()->requestDeferredWithMail($request); |
|
| 350 | - |
|
| 351 | - $deferTo = htmlentities($targetQueue->getDisplayName(), ENT_COMPAT, 'UTF-8'); |
|
| 352 | - SessionAlert::success("Request {$request->getId()} deferred to $deferTo, sending an email."); |
|
| 353 | - } |
|
| 354 | - |
|
| 355 | - /** |
|
| 356 | - * @param User $currentUser |
|
| 357 | - * @param string $action |
|
| 358 | - * @param Request $request |
|
| 359 | - * @param string $messageBody |
|
| 360 | - * @param bool $ccMailingList |
|
| 361 | - * |
|
| 362 | - * @throws AccessDeniedException |
|
| 363 | - * @throws ApplicationLogicException |
|
| 364 | - * @throws OptimisticLockFailedException |
|
| 365 | - */ |
|
| 366 | - protected function processAutoCreation(User $currentUser, string $action, Request $request, string $messageBody, bool $ccMailingList): void |
|
| 367 | - { |
|
| 368 | - $db = $this->getDatabase(); |
|
| 369 | - $oauth = new OAuthUserHelper($currentUser, $db, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration()); |
|
| 370 | - $canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $currentUser, 'RequestCreation'); |
|
| 371 | - $canBotCreate = $this->barrierTest(User::CREATION_BOT, $currentUser, 'RequestCreation'); |
|
| 372 | - $canOauthCreate &= $oauth->canCreateAccount(); |
|
| 373 | - $canBotCreate &= $this->getSiteConfiguration()->getCreationBotPassword() !== null; |
|
| 374 | - |
|
| 375 | - $creationTaskClass = null; |
|
| 376 | - |
|
| 377 | - if ($action === self::CREATE_OAUTH) { |
|
| 378 | - if (!$canOauthCreate) { |
|
| 379 | - throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 380 | - } |
|
| 381 | - |
|
| 382 | - $creationTaskClass = UserCreationTask::class; |
|
| 383 | - } |
|
| 384 | - |
|
| 385 | - if ($action === self::CREATE_BOT) { |
|
| 386 | - if (!$canBotCreate) { |
|
| 387 | - throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 388 | - } |
|
| 389 | - |
|
| 390 | - $creationTaskClass = BotCreationTask::class; |
|
| 391 | - } |
|
| 392 | - |
|
| 393 | - if ($creationTaskClass === null) { |
|
| 394 | - throw new ApplicationLogicException('Cannot determine creation mode'); |
|
| 395 | - } |
|
| 396 | - |
|
| 397 | - $request->setStatus(RequestStatus::JOBQUEUE); |
|
| 398 | - $request->setReserved(null); |
|
| 399 | - $request->save(); |
|
| 400 | - |
|
| 401 | - $parameters = [ |
|
| 402 | - 'emailText' => $messageBody, |
|
| 403 | - 'ccMailingList' => $ccMailingList |
|
| 404 | - ]; |
|
| 405 | - |
|
| 406 | - $creationTask = new JobQueue(); |
|
| 407 | - $creationTask->setTask($creationTaskClass); |
|
| 408 | - $creationTask->setRequest($request->getId()); |
|
| 409 | - $creationTask->setTriggerUserId($currentUser->getId()); |
|
| 410 | - $creationTask->setParameters(json_encode($parameters)); |
|
| 411 | - $creationTask->setDatabase($db); |
|
| 412 | - $creationTask->save(); |
|
| 413 | - |
|
| 414 | - $creationTaskId = $creationTask->getId(); |
|
| 415 | - |
|
| 416 | - Logger::enqueuedJobQueue($db, $request); |
|
| 417 | - $this->getNotificationHelper()->requestCloseQueued($request, 'Custom, Created'); |
|
| 418 | - |
|
| 419 | - SessionAlert::success("Request {$request->getId()} has been queued for autocreation"); |
|
| 420 | - |
|
| 421 | - // forge this since it is actually a creation. |
|
| 422 | - $this->processWelcome(EmailTemplate::ACTION_CREATED, $creationTaskId); |
|
| 423 | - } |
|
| 32 | + use RequestData; |
|
| 33 | + |
|
| 34 | + public const CREATE_OAUTH = 'created-oauth'; |
|
| 35 | + public const CREATE_BOT = 'created-bot'; |
|
| 36 | + |
|
| 37 | + protected function main() |
|
| 38 | + { |
|
| 39 | + $database = $this->getDatabase(); |
|
| 40 | + |
|
| 41 | + $request = $this->getRequest($database); |
|
| 42 | + $currentUser = User::getCurrent($this->getDatabase()); |
|
| 43 | + |
|
| 44 | + if ($request->getStatus() === RequestStatus::CLOSED) { |
|
| 45 | + throw new ApplicationLogicException('Request is already closed'); |
|
| 46 | + } |
|
| 47 | + |
|
| 48 | + // Dual-mode page |
|
| 49 | + if (WebRequest::wasPosted()) { |
|
| 50 | + $this->validateCSRFToken(); |
|
| 51 | + $success = $this->doCustomClose($currentUser, $request, $database); |
|
| 52 | + |
|
| 53 | + if ($success) { |
|
| 54 | + $this->redirect(); |
|
| 55 | + } |
|
| 56 | + } |
|
| 57 | + else { |
|
| 58 | + $this->assignCSRFToken(); |
|
| 59 | + $this->showCustomCloseForm($database, $request); |
|
| 60 | + } |
|
| 61 | + } |
|
| 62 | + |
|
| 63 | + /** |
|
| 64 | + * @param $database |
|
| 65 | + * |
|
| 66 | + * @return Request |
|
| 67 | + * @throws ApplicationLogicException |
|
| 68 | + */ |
|
| 69 | + protected function getRequest(PdoDatabase $database) |
|
| 70 | + { |
|
| 71 | + $requestId = WebRequest::getInt('request'); |
|
| 72 | + if ($requestId === null) { |
|
| 73 | + throw new ApplicationLogicException('Request ID not found'); |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + /** @var Request $request */ |
|
| 77 | + $request = Request::getById($requestId, $database); |
|
| 78 | + |
|
| 79 | + if ($request === false) { |
|
| 80 | + throw new ApplicationLogicException('Request not found'); |
|
| 81 | + } |
|
| 82 | + |
|
| 83 | + return $request; |
|
| 84 | + } |
|
| 85 | + |
|
| 86 | + /** |
|
| 87 | + * @param PdoDatabase $database |
|
| 88 | + * |
|
| 89 | + * @return EmailTemplate|null |
|
| 90 | + */ |
|
| 91 | + protected function getTemplate(PdoDatabase $database) |
|
| 92 | + { |
|
| 93 | + $templateId = WebRequest::getInt('template'); |
|
| 94 | + if ($templateId === null) { |
|
| 95 | + return null; |
|
| 96 | + } |
|
| 97 | + |
|
| 98 | + /** @var EmailTemplate $template */ |
|
| 99 | + $template = EmailTemplate::getById($templateId, $database); |
|
| 100 | + if ($template === false || !$template->getActive()) { |
|
| 101 | + return null; |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + return $template; |
|
| 105 | + } |
|
| 106 | + |
|
| 107 | + /** |
|
| 108 | + * @param $database |
|
| 109 | + * @param $request |
|
| 110 | + * |
|
| 111 | + * @throws Exception |
|
| 112 | + */ |
|
| 113 | + protected function showCustomCloseForm(PdoDatabase $database, Request $request) |
|
| 114 | + { |
|
| 115 | + $this->setHtmlTitle("Custom close"); |
|
| 116 | + |
|
| 117 | + $currentUser = User::getCurrent($database); |
|
| 118 | + $config = $this->getSiteConfiguration(); |
|
| 119 | + |
|
| 120 | + $allowedPrivateData = $this->isAllowedPrivateData($request, $currentUser); |
|
| 121 | + if (!$allowedPrivateData) { |
|
| 122 | + // we probably shouldn't be showing the user this form if they're not allowed to access private data... |
|
| 123 | + throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 124 | + } |
|
| 125 | + |
|
| 126 | + $template = $this->getTemplate($database); |
|
| 127 | + |
|
| 128 | + // Preload data |
|
| 129 | + $this->assign('defaultAction', ''); |
|
| 130 | + $this->assign('defaultQueue', null); |
|
| 131 | + $this->assign('preloadText', ''); |
|
| 132 | + $this->assign('preloadTitle', ''); |
|
| 133 | + |
|
| 134 | + if ($template !== null) { |
|
| 135 | + $this->assign('defaultAction', $template->getDefaultAction()); |
|
| 136 | + $this->assign('defaultQueue', $template->getQueue()); |
|
| 137 | + $this->assign('preloadText', $template->getText()); |
|
| 138 | + $this->assign('preloadTitle', $template->getName()); |
|
| 139 | + } |
|
| 140 | + |
|
| 141 | + // Static data |
|
| 142 | + $this->assign('requestQueues', $requestQueues = RequestQueue::getEnabledQueues($database)); |
|
| 143 | + |
|
| 144 | + // request data |
|
| 145 | + $this->assign('requestId', $request->getIp()); |
|
| 146 | + $this->assign('updateVersion', $request->getUpdateVersion()); |
|
| 147 | + $this->setupBasicData($request, $config); |
|
| 148 | + $this->setupReservationDetails($request->getReserved(), $database, $currentUser); |
|
| 149 | + $this->setupPrivateData($request, $config); |
|
| 150 | + $this->setupRelatedRequests($request, $config, $database); |
|
| 151 | + |
|
| 152 | + // IP location |
|
| 153 | + $trustedIp = $this->getXffTrustProvider()->getTrustedClientIp($request->getIp(), $request->getForwardedIp()); |
|
| 154 | + $this->assign('iplocation', $this->getLocationProvider()->getIpLocation($trustedIp)); |
|
| 155 | + |
|
| 156 | + // Confirmations |
|
| 157 | + $this->assign('confirmEmailAlreadySent', $this->checkEmailAlreadySent($request)); |
|
| 158 | + |
|
| 159 | + $this->assign('canSkipCcMailingList', $this->barrierTest('skipCcMailingList', $currentUser)); |
|
| 160 | + |
|
| 161 | + $this->assign('allowWelcomeSkip', false); |
|
| 162 | + $this->assign('forceWelcomeSkip', false); |
|
| 163 | + |
|
| 164 | + $canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $currentUser, 'RequestCreation'); |
|
| 165 | + $canBotCreate = $this->barrierTest(User::CREATION_BOT, $currentUser, 'RequestCreation'); |
|
| 166 | + |
|
| 167 | + $oauth = new OAuthUserHelper($currentUser, $this->getDatabase(), $this->getOAuthProtocolHelper(), $config); |
|
| 168 | + |
|
| 169 | + if ($currentUser->getWelcomeTemplate() != 0) { |
|
| 170 | + $this->assign('allowWelcomeSkip', true); |
|
| 171 | + |
|
| 172 | + if (!$oauth->canWelcome()) { |
|
| 173 | + $this->assign('forceWelcomeSkip', true); |
|
| 174 | + } |
|
| 175 | + } |
|
| 176 | + |
|
| 177 | + // disable options if there's a misconfiguration. |
|
| 178 | + $canOauthCreate &= $oauth->canCreateAccount(); |
|
| 179 | + $canBotCreate &= $this->getSiteConfiguration()->getCreationBotPassword() !== null; |
|
| 180 | + |
|
| 181 | + $this->assign('canOauthCreate', $canOauthCreate); |
|
| 182 | + $this->assign('canBotCreate', $canBotCreate); |
|
| 183 | + |
|
| 184 | + // template |
|
| 185 | + $this->setTemplate('custom-close.tpl'); |
|
| 186 | + } |
|
| 187 | + |
|
| 188 | + /** |
|
| 189 | + * @param User $currentUser |
|
| 190 | + * @param Request $request |
|
| 191 | + * @param PdoDatabase $database |
|
| 192 | + * |
|
| 193 | + * @throws ApplicationLogicException |
|
| 194 | + */ |
|
| 195 | + protected function doCustomClose(User $currentUser, Request $request, PdoDatabase $database) : bool |
|
| 196 | + { |
|
| 197 | + $messageBody = WebRequest::postString('msgbody'); |
|
| 198 | + if ($messageBody === null || trim($messageBody) === '') { |
|
| 199 | + throw new ApplicationLogicException('Message body cannot be blank'); |
|
| 200 | + } |
|
| 201 | + |
|
| 202 | + $ccMailingList = true; |
|
| 203 | + if ($this->barrierTest('skipCcMailingList', $currentUser)) { |
|
| 204 | + $ccMailingList = WebRequest::postBoolean('ccMailingList'); |
|
| 205 | + } |
|
| 206 | + |
|
| 207 | + if ($request->getStatus() === RequestStatus::CLOSED) { |
|
| 208 | + throw new ApplicationLogicException('Request is already closed'); |
|
| 209 | + } |
|
| 210 | + |
|
| 211 | + if (!(WebRequest::postBoolean('confirmEmailAlreadySent')) |
|
| 212 | + ) { |
|
| 213 | + throw new ApplicationLogicException('Not all confirmations checked'); |
|
| 214 | + } |
|
| 215 | + |
|
| 216 | + $action = WebRequest::postString('action'); |
|
| 217 | + |
|
| 218 | + if ($action === EmailTemplate::ACTION_CREATED || $action === EmailTemplate::ACTION_NOT_CREATED) { |
|
| 219 | + |
|
| 220 | + if ($action === EmailTemplate::ACTION_CREATED) { |
|
| 221 | + if ($this->checkAccountCreated($request)) { |
|
| 222 | + $this->assignCSRFToken(); |
|
| 223 | + $this->showCustomCloseForm($database, $request); |
|
| 224 | + |
|
| 225 | + $this->assign("preloadText", $messageBody); |
|
| 226 | + $this->assign('preloadAction', $action); |
|
| 227 | + $this->assign('ccMailingList', $ccMailingList); |
|
| 228 | + $this->assign('showNonExistentAccountWarning', true); |
|
| 229 | + $this->assign('skipAutoWelcome', WebRequest::postBoolean('skipAutoWelcome')); |
|
| 230 | + |
|
| 231 | + return false; |
|
| 232 | + } |
|
| 233 | + } |
|
| 234 | + |
|
| 235 | + // Close request |
|
| 236 | + $this->closeRequest($request, $database, $action, $messageBody); |
|
| 237 | + |
|
| 238 | + $this->processWelcome($action, null); |
|
| 239 | + |
|
| 240 | + // Send the mail after the save, since save can be rolled back |
|
| 241 | + $this->sendMail($request, $messageBody, $currentUser, $ccMailingList); |
|
| 242 | + |
|
| 243 | + return true; |
|
| 244 | + } |
|
| 245 | + |
|
| 246 | + if ($action === self::CREATE_OAUTH || $action === self::CREATE_BOT) { |
|
| 247 | + $this->processAutoCreation($currentUser, $action, $request, $messageBody, $ccMailingList); |
|
| 248 | + |
|
| 249 | + return true; |
|
| 250 | + } |
|
| 251 | + |
|
| 252 | + if ($action === 'mail') { |
|
| 253 | + $request->setReserved(null); |
|
| 254 | + $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 255 | + $request->save(); |
|
| 256 | + |
|
| 257 | + // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE |
|
| 258 | + // and be rolled back. |
|
| 259 | + |
|
| 260 | + // Send mail |
|
| 261 | + $this->sendMail($request, $messageBody, $currentUser, $ccMailingList); |
|
| 262 | + |
|
| 263 | + Logger::sentMail($database, $request, $messageBody); |
|
| 264 | + Logger::unreserve($database, $request); |
|
| 265 | + |
|
| 266 | + $this->getNotificationHelper()->sentMail($request); |
|
| 267 | + SessionAlert::success("Sent mail to Request {$request->getId()}"); |
|
| 268 | + |
|
| 269 | + return true; |
|
| 270 | + } |
|
| 271 | + |
|
| 272 | + $targetQueue = RequestQueue::getByApiName($database, $action, 1); |
|
| 273 | + if ($targetQueue !== false) { |
|
| 274 | + // Defer to other state |
|
| 275 | + $this->deferRequest($request, $database, $targetQueue, $messageBody); |
|
| 276 | + |
|
| 277 | + // Send the mail after the save, since save can be rolled back |
|
| 278 | + $this->sendMail($request, $messageBody, $currentUser, $ccMailingList); |
|
| 279 | + |
|
| 280 | + return true; |
|
| 281 | + } |
|
| 282 | + |
|
| 283 | + throw new ApplicationLogicException('Unknown action for custom close.'); |
|
| 284 | + } |
|
| 285 | + |
|
| 286 | + /** |
|
| 287 | + * @param Request $request |
|
| 288 | + * @param PdoDatabase $database |
|
| 289 | + * @param string $action |
|
| 290 | + * @param string $messageBody |
|
| 291 | + * |
|
| 292 | + * @throws Exception |
|
| 293 | + * @throws OptimisticLockFailedException |
|
| 294 | + */ |
|
| 295 | + protected function closeRequest(Request $request, PdoDatabase $database, $action, $messageBody) |
|
| 296 | + { |
|
| 297 | + $request->setStatus(RequestStatus::CLOSED); |
|
| 298 | + $request->setQueue(null); |
|
| 299 | + $request->setReserved(null); |
|
| 300 | + $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 301 | + $request->save(); |
|
| 302 | + |
|
| 303 | + // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and |
|
| 304 | + // be rolled back. |
|
| 305 | + |
|
| 306 | + if ($action == EmailTemplate::ACTION_CREATED) { |
|
| 307 | + $logCloseType = 'custom-y'; |
|
| 308 | + $notificationCloseType = "Custom, Created"; |
|
| 309 | + } |
|
| 310 | + else { |
|
| 311 | + $logCloseType = 'custom-n'; |
|
| 312 | + $notificationCloseType = "Custom, Not Created"; |
|
| 313 | + } |
|
| 314 | + |
|
| 315 | + Logger::closeRequest($database, $request, $logCloseType, $messageBody); |
|
| 316 | + $this->getNotificationHelper()->requestClosed($request, $notificationCloseType); |
|
| 317 | + |
|
| 318 | + $requestName = htmlentities($request->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 319 | + SessionAlert::success("Request {$request->getId()} ({$requestName}) closed as {$notificationCloseType}."); |
|
| 320 | + } |
|
| 321 | + |
|
| 322 | + /** |
|
| 323 | + * @param Request $request |
|
| 324 | + * @param PdoDatabase $database |
|
| 325 | + * @param RequestQueue $targetQueue |
|
| 326 | + * @param string $messageBody |
|
| 327 | + * |
|
| 328 | + * @throws OptimisticLockFailedException |
|
| 329 | + */ |
|
| 330 | + protected function deferRequest( |
|
| 331 | + Request $request, |
|
| 332 | + PdoDatabase $database, |
|
| 333 | + RequestQueue $targetQueue, |
|
| 334 | + $messageBody |
|
| 335 | + ) { |
|
| 336 | + $request->setStatus(RequestStatus::OPEN); |
|
| 337 | + $request->setQueue($targetQueue->getId()); |
|
| 338 | + $request->setReserved(null); |
|
| 339 | + $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 340 | + $request->save(); |
|
| 341 | + |
|
| 342 | + // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE |
|
| 343 | + // and be rolled back. |
|
| 344 | + |
|
| 345 | + $deferToLog = $targetQueue->getLogName(); |
|
| 346 | + Logger::sentMail($database, $request, $messageBody); |
|
| 347 | + Logger::deferRequest($database, $request, $deferToLog); |
|
| 348 | + |
|
| 349 | + $this->getNotificationHelper()->requestDeferredWithMail($request); |
|
| 350 | + |
|
| 351 | + $deferTo = htmlentities($targetQueue->getDisplayName(), ENT_COMPAT, 'UTF-8'); |
|
| 352 | + SessionAlert::success("Request {$request->getId()} deferred to $deferTo, sending an email."); |
|
| 353 | + } |
|
| 354 | + |
|
| 355 | + /** |
|
| 356 | + * @param User $currentUser |
|
| 357 | + * @param string $action |
|
| 358 | + * @param Request $request |
|
| 359 | + * @param string $messageBody |
|
| 360 | + * @param bool $ccMailingList |
|
| 361 | + * |
|
| 362 | + * @throws AccessDeniedException |
|
| 363 | + * @throws ApplicationLogicException |
|
| 364 | + * @throws OptimisticLockFailedException |
|
| 365 | + */ |
|
| 366 | + protected function processAutoCreation(User $currentUser, string $action, Request $request, string $messageBody, bool $ccMailingList): void |
|
| 367 | + { |
|
| 368 | + $db = $this->getDatabase(); |
|
| 369 | + $oauth = new OAuthUserHelper($currentUser, $db, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration()); |
|
| 370 | + $canOauthCreate = $this->barrierTest(User::CREATION_OAUTH, $currentUser, 'RequestCreation'); |
|
| 371 | + $canBotCreate = $this->barrierTest(User::CREATION_BOT, $currentUser, 'RequestCreation'); |
|
| 372 | + $canOauthCreate &= $oauth->canCreateAccount(); |
|
| 373 | + $canBotCreate &= $this->getSiteConfiguration()->getCreationBotPassword() !== null; |
|
| 374 | + |
|
| 375 | + $creationTaskClass = null; |
|
| 376 | + |
|
| 377 | + if ($action === self::CREATE_OAUTH) { |
|
| 378 | + if (!$canOauthCreate) { |
|
| 379 | + throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 380 | + } |
|
| 381 | + |
|
| 382 | + $creationTaskClass = UserCreationTask::class; |
|
| 383 | + } |
|
| 384 | + |
|
| 385 | + if ($action === self::CREATE_BOT) { |
|
| 386 | + if (!$canBotCreate) { |
|
| 387 | + throw new AccessDeniedException($this->getSecurityManager(), $this->getDomainAccessManager()); |
|
| 388 | + } |
|
| 389 | + |
|
| 390 | + $creationTaskClass = BotCreationTask::class; |
|
| 391 | + } |
|
| 392 | + |
|
| 393 | + if ($creationTaskClass === null) { |
|
| 394 | + throw new ApplicationLogicException('Cannot determine creation mode'); |
|
| 395 | + } |
|
| 396 | + |
|
| 397 | + $request->setStatus(RequestStatus::JOBQUEUE); |
|
| 398 | + $request->setReserved(null); |
|
| 399 | + $request->save(); |
|
| 400 | + |
|
| 401 | + $parameters = [ |
|
| 402 | + 'emailText' => $messageBody, |
|
| 403 | + 'ccMailingList' => $ccMailingList |
|
| 404 | + ]; |
|
| 405 | + |
|
| 406 | + $creationTask = new JobQueue(); |
|
| 407 | + $creationTask->setTask($creationTaskClass); |
|
| 408 | + $creationTask->setRequest($request->getId()); |
|
| 409 | + $creationTask->setTriggerUserId($currentUser->getId()); |
|
| 410 | + $creationTask->setParameters(json_encode($parameters)); |
|
| 411 | + $creationTask->setDatabase($db); |
|
| 412 | + $creationTask->save(); |
|
| 413 | + |
|
| 414 | + $creationTaskId = $creationTask->getId(); |
|
| 415 | + |
|
| 416 | + Logger::enqueuedJobQueue($db, $request); |
|
| 417 | + $this->getNotificationHelper()->requestCloseQueued($request, 'Custom, Created'); |
|
| 418 | + |
|
| 419 | + SessionAlert::success("Request {$request->getId()} has been queued for autocreation"); |
|
| 420 | + |
|
| 421 | + // forge this since it is actually a creation. |
|
| 422 | + $this->processWelcome(EmailTemplate::ACTION_CREATED, $creationTaskId); |
|
| 423 | + } |
|
| 424 | 424 | } |
@@ -33,153 +33,153 @@ |
||
| 33 | 33 | */ |
| 34 | 34 | class PageCreateRequest extends RequestActionBase |
| 35 | 35 | { |
| 36 | - /** |
|
| 37 | - * Main function for this page, when no specific actions are called. |
|
| 38 | - * @return void |
|
| 39 | - * @throws AccessDeniedException |
|
| 40 | - * @throws ApplicationLogicException |
|
| 41 | - */ |
|
| 42 | - protected function main() |
|
| 43 | - { |
|
| 44 | - $this->checkPosted(); |
|
| 45 | - |
|
| 46 | - $database = $this->getDatabase(); |
|
| 47 | - |
|
| 48 | - $request = $this->getRequest($database); |
|
| 49 | - $template = $this->getTemplate($database); |
|
| 50 | - $creationMode = $this->getCreationMode(); |
|
| 51 | - $user = User::getCurrent($database); |
|
| 52 | - |
|
| 53 | - $secMgr = $this->getSecurityManager(); |
|
| 54 | - if ($secMgr->allows('RequestCreation', User::CREATION_BOT, $user) !== SecurityManager::ALLOWED |
|
| 55 | - && $creationMode === 'bot' |
|
| 56 | - ) { |
|
| 57 | - throw new AccessDeniedException($secMgr, $this->getDomainAccessManager()); |
|
| 58 | - } |
|
| 59 | - elseif ($secMgr->allows('RequestCreation', User::CREATION_OAUTH, $user) !== SecurityManager::ALLOWED |
|
| 60 | - && $creationMode === 'oauth' |
|
| 61 | - ) { |
|
| 62 | - throw new AccessDeniedException($secMgr, $this->getDomainAccessManager()); |
|
| 63 | - } |
|
| 64 | - |
|
| 65 | - if ($request->getEmailSent()) { |
|
| 66 | - throw new ApplicationLogicException('This requester has already had an email sent to them. Please fall back to manual creation or a custom close'); |
|
| 67 | - } |
|
| 68 | - |
|
| 69 | - $request->setStatus(RequestStatus::JOBQUEUE); |
|
| 70 | - $request->setReserved(null); |
|
| 71 | - $request->save(); |
|
| 72 | - |
|
| 73 | - Logger::enqueuedJobQueue($database, $request); |
|
| 74 | - |
|
| 75 | - $creationTaskId = $this->enqueueCreationTask($creationMode, $request, $template, $user, $database); |
|
| 76 | - |
|
| 77 | - if ($user->getWelcomeTemplate() !== null && !WebRequest::postBoolean('skipAutoWelcome')) { |
|
| 78 | - $this->enqueueWelcomeTask($request, $creationTaskId, $user, $database); |
|
| 79 | - } |
|
| 80 | - |
|
| 81 | - $this->getNotificationHelper()->requestCloseQueued($request, $template->getName()); |
|
| 82 | - |
|
| 83 | - SessionAlert::success("Request {$request->getId()} has been queued for autocreation"); |
|
| 84 | - |
|
| 85 | - $this->redirect(); |
|
| 86 | - } |
|
| 87 | - |
|
| 88 | - protected function getCreationMode() |
|
| 89 | - { |
|
| 90 | - $creationMode = WebRequest::postString('mode'); |
|
| 91 | - if ($creationMode !== 'oauth' && $creationMode !== 'bot') { |
|
| 92 | - throw new ApplicationLogicException('Unknown creation mode'); |
|
| 93 | - } |
|
| 94 | - |
|
| 95 | - return $creationMode; |
|
| 96 | - } |
|
| 97 | - |
|
| 98 | - /** |
|
| 99 | - * @param PdoDatabase $database |
|
| 100 | - * |
|
| 101 | - * @return EmailTemplate |
|
| 102 | - * @throws ApplicationLogicException |
|
| 103 | - */ |
|
| 104 | - protected function getTemplate(PdoDatabase $database) |
|
| 105 | - { |
|
| 106 | - $templateId = WebRequest::postInt('template'); |
|
| 107 | - if ($templateId === null) { |
|
| 108 | - throw new ApplicationLogicException('No template specified'); |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - /** @var EmailTemplate $template */ |
|
| 112 | - $template = EmailTemplate::getById($templateId, $database); |
|
| 113 | - if ($template === false || !$template->getActive()) { |
|
| 114 | - throw new ApplicationLogicException('Invalid or inactive template specified'); |
|
| 115 | - } |
|
| 116 | - |
|
| 117 | - if ($template->getDefaultAction() !== EmailTemplate::ACTION_CREATED) { |
|
| 118 | - throw new ApplicationLogicException('Specified template is not a creation template!'); |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - return $template; |
|
| 122 | - } |
|
| 123 | - |
|
| 124 | - /** |
|
| 125 | - * @param PdoDatabase $database |
|
| 126 | - * |
|
| 127 | - * @return Request |
|
| 128 | - * @throws ApplicationLogicException |
|
| 129 | - */ |
|
| 130 | - protected function getRequest(PdoDatabase $database) |
|
| 131 | - { |
|
| 132 | - $request = parent::getRequest($database); |
|
| 133 | - |
|
| 134 | - if ($request->getStatus() == RequestStatus::CLOSED) { |
|
| 135 | - throw new ApplicationLogicException('Request is already closed'); |
|
| 136 | - } |
|
| 137 | - |
|
| 138 | - return $request; |
|
| 139 | - } |
|
| 140 | - |
|
| 141 | - /** |
|
| 142 | - * @param $creationMode |
|
| 143 | - * @param Request $request |
|
| 144 | - * @param EmailTemplate $template |
|
| 145 | - * @param User $user |
|
| 146 | - * |
|
| 147 | - * @param PdoDatabase $database |
|
| 148 | - * |
|
| 149 | - * @return int |
|
| 150 | - * @throws ApplicationLogicException |
|
| 151 | - */ |
|
| 152 | - protected function enqueueCreationTask( |
|
| 153 | - $creationMode, |
|
| 154 | - Request $request, |
|
| 155 | - EmailTemplate $template, |
|
| 156 | - User $user, |
|
| 157 | - PdoDatabase $database |
|
| 158 | - ) { |
|
| 159 | - $creationTaskClass = null; |
|
| 160 | - |
|
| 161 | - if ($creationMode == "oauth") { |
|
| 162 | - $creationTaskClass = UserCreationTask::class; |
|
| 163 | - } |
|
| 164 | - |
|
| 165 | - if ($creationMode == "bot") { |
|
| 166 | - $creationTaskClass = BotCreationTask::class; |
|
| 167 | - } |
|
| 168 | - |
|
| 169 | - if ($creationTaskClass === null) { |
|
| 170 | - throw new ApplicationLogicException('Cannot determine creation mode'); |
|
| 171 | - } |
|
| 172 | - |
|
| 173 | - $creationTask = new JobQueue(); |
|
| 174 | - $creationTask->setTask($creationTaskClass); |
|
| 175 | - $creationTask->setRequest($request->getId()); |
|
| 176 | - $creationTask->setEmailTemplate($template->getId()); |
|
| 177 | - $creationTask->setTriggerUserId($user->getId()); |
|
| 178 | - $creationTask->setDatabase($database); |
|
| 179 | - $creationTask->save(); |
|
| 180 | - |
|
| 181 | - $creationTaskId = $creationTask->getId(); |
|
| 182 | - |
|
| 183 | - return $creationTaskId; |
|
| 184 | - } |
|
| 36 | + /** |
|
| 37 | + * Main function for this page, when no specific actions are called. |
|
| 38 | + * @return void |
|
| 39 | + * @throws AccessDeniedException |
|
| 40 | + * @throws ApplicationLogicException |
|
| 41 | + */ |
|
| 42 | + protected function main() |
|
| 43 | + { |
|
| 44 | + $this->checkPosted(); |
|
| 45 | + |
|
| 46 | + $database = $this->getDatabase(); |
|
| 47 | + |
|
| 48 | + $request = $this->getRequest($database); |
|
| 49 | + $template = $this->getTemplate($database); |
|
| 50 | + $creationMode = $this->getCreationMode(); |
|
| 51 | + $user = User::getCurrent($database); |
|
| 52 | + |
|
| 53 | + $secMgr = $this->getSecurityManager(); |
|
| 54 | + if ($secMgr->allows('RequestCreation', User::CREATION_BOT, $user) !== SecurityManager::ALLOWED |
|
| 55 | + && $creationMode === 'bot' |
|
| 56 | + ) { |
|
| 57 | + throw new AccessDeniedException($secMgr, $this->getDomainAccessManager()); |
|
| 58 | + } |
|
| 59 | + elseif ($secMgr->allows('RequestCreation', User::CREATION_OAUTH, $user) !== SecurityManager::ALLOWED |
|
| 60 | + && $creationMode === 'oauth' |
|
| 61 | + ) { |
|
| 62 | + throw new AccessDeniedException($secMgr, $this->getDomainAccessManager()); |
|
| 63 | + } |
|
| 64 | + |
|
| 65 | + if ($request->getEmailSent()) { |
|
| 66 | + throw new ApplicationLogicException('This requester has already had an email sent to them. Please fall back to manual creation or a custom close'); |
|
| 67 | + } |
|
| 68 | + |
|
| 69 | + $request->setStatus(RequestStatus::JOBQUEUE); |
|
| 70 | + $request->setReserved(null); |
|
| 71 | + $request->save(); |
|
| 72 | + |
|
| 73 | + Logger::enqueuedJobQueue($database, $request); |
|
| 74 | + |
|
| 75 | + $creationTaskId = $this->enqueueCreationTask($creationMode, $request, $template, $user, $database); |
|
| 76 | + |
|
| 77 | + if ($user->getWelcomeTemplate() !== null && !WebRequest::postBoolean('skipAutoWelcome')) { |
|
| 78 | + $this->enqueueWelcomeTask($request, $creationTaskId, $user, $database); |
|
| 79 | + } |
|
| 80 | + |
|
| 81 | + $this->getNotificationHelper()->requestCloseQueued($request, $template->getName()); |
|
| 82 | + |
|
| 83 | + SessionAlert::success("Request {$request->getId()} has been queued for autocreation"); |
|
| 84 | + |
|
| 85 | + $this->redirect(); |
|
| 86 | + } |
|
| 87 | + |
|
| 88 | + protected function getCreationMode() |
|
| 89 | + { |
|
| 90 | + $creationMode = WebRequest::postString('mode'); |
|
| 91 | + if ($creationMode !== 'oauth' && $creationMode !== 'bot') { |
|
| 92 | + throw new ApplicationLogicException('Unknown creation mode'); |
|
| 93 | + } |
|
| 94 | + |
|
| 95 | + return $creationMode; |
|
| 96 | + } |
|
| 97 | + |
|
| 98 | + /** |
|
| 99 | + * @param PdoDatabase $database |
|
| 100 | + * |
|
| 101 | + * @return EmailTemplate |
|
| 102 | + * @throws ApplicationLogicException |
|
| 103 | + */ |
|
| 104 | + protected function getTemplate(PdoDatabase $database) |
|
| 105 | + { |
|
| 106 | + $templateId = WebRequest::postInt('template'); |
|
| 107 | + if ($templateId === null) { |
|
| 108 | + throw new ApplicationLogicException('No template specified'); |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + /** @var EmailTemplate $template */ |
|
| 112 | + $template = EmailTemplate::getById($templateId, $database); |
|
| 113 | + if ($template === false || !$template->getActive()) { |
|
| 114 | + throw new ApplicationLogicException('Invalid or inactive template specified'); |
|
| 115 | + } |
|
| 116 | + |
|
| 117 | + if ($template->getDefaultAction() !== EmailTemplate::ACTION_CREATED) { |
|
| 118 | + throw new ApplicationLogicException('Specified template is not a creation template!'); |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + return $template; |
|
| 122 | + } |
|
| 123 | + |
|
| 124 | + /** |
|
| 125 | + * @param PdoDatabase $database |
|
| 126 | + * |
|
| 127 | + * @return Request |
|
| 128 | + * @throws ApplicationLogicException |
|
| 129 | + */ |
|
| 130 | + protected function getRequest(PdoDatabase $database) |
|
| 131 | + { |
|
| 132 | + $request = parent::getRequest($database); |
|
| 133 | + |
|
| 134 | + if ($request->getStatus() == RequestStatus::CLOSED) { |
|
| 135 | + throw new ApplicationLogicException('Request is already closed'); |
|
| 136 | + } |
|
| 137 | + |
|
| 138 | + return $request; |
|
| 139 | + } |
|
| 140 | + |
|
| 141 | + /** |
|
| 142 | + * @param $creationMode |
|
| 143 | + * @param Request $request |
|
| 144 | + * @param EmailTemplate $template |
|
| 145 | + * @param User $user |
|
| 146 | + * |
|
| 147 | + * @param PdoDatabase $database |
|
| 148 | + * |
|
| 149 | + * @return int |
|
| 150 | + * @throws ApplicationLogicException |
|
| 151 | + */ |
|
| 152 | + protected function enqueueCreationTask( |
|
| 153 | + $creationMode, |
|
| 154 | + Request $request, |
|
| 155 | + EmailTemplate $template, |
|
| 156 | + User $user, |
|
| 157 | + PdoDatabase $database |
|
| 158 | + ) { |
|
| 159 | + $creationTaskClass = null; |
|
| 160 | + |
|
| 161 | + if ($creationMode == "oauth") { |
|
| 162 | + $creationTaskClass = UserCreationTask::class; |
|
| 163 | + } |
|
| 164 | + |
|
| 165 | + if ($creationMode == "bot") { |
|
| 166 | + $creationTaskClass = BotCreationTask::class; |
|
| 167 | + } |
|
| 168 | + |
|
| 169 | + if ($creationTaskClass === null) { |
|
| 170 | + throw new ApplicationLogicException('Cannot determine creation mode'); |
|
| 171 | + } |
|
| 172 | + |
|
| 173 | + $creationTask = new JobQueue(); |
|
| 174 | + $creationTask->setTask($creationTaskClass); |
|
| 175 | + $creationTask->setRequest($request->getId()); |
|
| 176 | + $creationTask->setEmailTemplate($template->getId()); |
|
| 177 | + $creationTask->setTriggerUserId($user->getId()); |
|
| 178 | + $creationTask->setDatabase($database); |
|
| 179 | + $creationTask->save(); |
|
| 180 | + |
|
| 181 | + $creationTaskId = $creationTask->getId(); |
|
| 182 | + |
|
| 183 | + return $creationTaskId; |
|
| 184 | + } |
|
| 185 | 185 | } |
@@ -24,246 +24,246 @@ |
||
| 24 | 24 | |
| 25 | 25 | class PageCloseRequest extends RequestActionBase |
| 26 | 26 | { |
| 27 | - protected function main() |
|
| 28 | - { |
|
| 29 | - $this->processClose(); |
|
| 30 | - } |
|
| 31 | - |
|
| 32 | - /** |
|
| 33 | - * Main function for this page, when no specific actions are called. |
|
| 34 | - * @throws ApplicationLogicException |
|
| 35 | - */ |
|
| 36 | - final protected function processClose() |
|
| 37 | - { |
|
| 38 | - $this->checkPosted(); |
|
| 39 | - $database = $this->getDatabase(); |
|
| 40 | - |
|
| 41 | - $currentUser = User::getCurrent($database); |
|
| 42 | - $template = $this->getTemplate($database); |
|
| 43 | - $request = $this->getRequest($database); |
|
| 44 | - $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 45 | - |
|
| 46 | - if ($request->getStatus() === RequestStatus::CLOSED) { |
|
| 47 | - throw new ApplicationLogicException('Request is already closed'); |
|
| 48 | - } |
|
| 49 | - |
|
| 50 | - if ($this->confirmEmailAlreadySent($request, $template)) { |
|
| 51 | - return; |
|
| 52 | - } |
|
| 53 | - |
|
| 54 | - if ($this->checkReserveProtect($request, $currentUser)) { |
|
| 55 | - return; |
|
| 56 | - } |
|
| 57 | - |
|
| 58 | - if ($this->confirmAccountCreated($request, $template)) { |
|
| 59 | - return; |
|
| 60 | - } |
|
| 61 | - |
|
| 62 | - // I think we're good here... |
|
| 63 | - $request->setStatus(RequestStatus::CLOSED); |
|
| 64 | - $request->setQueue(null); |
|
| 65 | - $request->setReserved(null); |
|
| 66 | - |
|
| 67 | - Logger::closeRequest($database, $request, $template->getId(), null); |
|
| 68 | - |
|
| 69 | - $request->save(); |
|
| 70 | - |
|
| 71 | - $this->processWelcome($template->getDefaultAction(), null); |
|
| 72 | - |
|
| 73 | - // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and |
|
| 74 | - // be rolled back. |
|
| 75 | - |
|
| 76 | - $this->getNotificationHelper()->requestClosed($request, $template->getName()); |
|
| 77 | - $sanitisedTemplateName = htmlentities($template->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 78 | - SessionAlert::success("Request {$request->getId()} has been closed as {$sanitisedTemplateName}"); |
|
| 79 | - |
|
| 80 | - $this->sendMail($request, $template->getText(), $currentUser, false); |
|
| 81 | - |
|
| 82 | - $this->redirect(); |
|
| 83 | - } |
|
| 84 | - |
|
| 85 | - /** |
|
| 86 | - * @param PdoDatabase $database |
|
| 87 | - * |
|
| 88 | - * @return EmailTemplate |
|
| 89 | - * @throws ApplicationLogicException |
|
| 90 | - */ |
|
| 91 | - protected function getTemplate(PdoDatabase $database) |
|
| 92 | - { |
|
| 93 | - $templateId = WebRequest::postInt('template'); |
|
| 94 | - if ($templateId === null) { |
|
| 95 | - throw new ApplicationLogicException('No template specified'); |
|
| 96 | - } |
|
| 97 | - |
|
| 98 | - /** @var EmailTemplate $template */ |
|
| 99 | - $template = EmailTemplate::getById($templateId, $database); |
|
| 100 | - if ($template === false || !$template->getActive()) { |
|
| 101 | - throw new ApplicationLogicException('Invalid or inactive template specified'); |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - return $template; |
|
| 105 | - } |
|
| 106 | - |
|
| 107 | - /** |
|
| 108 | - * @param Request $request |
|
| 109 | - * @param EmailTemplate $template |
|
| 110 | - * |
|
| 111 | - * @return bool |
|
| 112 | - */ |
|
| 113 | - protected function confirmEmailAlreadySent(Request $request, EmailTemplate $template) |
|
| 114 | - { |
|
| 115 | - if ($this->checkEmailAlreadySent($request)) { |
|
| 116 | - $this->showConfirmation($request, $template, 'close-confirmations/email-sent.tpl'); |
|
| 117 | - |
|
| 118 | - return true; |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - return false; |
|
| 122 | - } |
|
| 123 | - |
|
| 124 | - protected function checkEmailAlreadySent(Request $request) |
|
| 125 | - { |
|
| 126 | - if ($request->getEmailSent() && !WebRequest::postBoolean('emailSentOverride')) { |
|
| 127 | - return true; |
|
| 128 | - } |
|
| 129 | - |
|
| 130 | - return false; |
|
| 131 | - } |
|
| 132 | - |
|
| 133 | - protected function checkReserveProtect(Request $request, User $currentUser) |
|
| 134 | - { |
|
| 135 | - $reservationId = $request->getReserved(); |
|
| 136 | - |
|
| 137 | - if ($reservationId !== 0 && $reservationId !== null) { |
|
| 138 | - if ($currentUser->getId() !== $reservationId) { |
|
| 139 | - SessionAlert::error("Request is reserved by someone else."); |
|
| 140 | - $this->redirect('/viewRequest', null, ['id' => $request->getId()]); |
|
| 141 | - return true; |
|
| 142 | - } |
|
| 143 | - } |
|
| 144 | - |
|
| 145 | - return false; |
|
| 146 | - } |
|
| 147 | - |
|
| 148 | - /** |
|
| 149 | - * @param Request $request |
|
| 150 | - * @param EmailTemplate $template |
|
| 151 | - * |
|
| 152 | - * @return bool |
|
| 153 | - * @throws Exception |
|
| 154 | - */ |
|
| 155 | - protected function confirmAccountCreated(Request $request, EmailTemplate $template) |
|
| 156 | - { |
|
| 157 | - if ($template->getDefaultAction() === EmailTemplate::ACTION_CREATED && $this->checkAccountCreated($request)) { |
|
| 158 | - $this->showConfirmation($request, $template, 'close-confirmations/account-created.tpl'); |
|
| 159 | - |
|
| 160 | - return true; |
|
| 161 | - } |
|
| 162 | - |
|
| 163 | - return false; |
|
| 164 | - } |
|
| 165 | - |
|
| 166 | - protected function checkAccountCreated(Request $request) |
|
| 167 | - { |
|
| 168 | - if (!WebRequest::postBoolean('createOverride')) { |
|
| 169 | - $parameters = array( |
|
| 170 | - 'action' => 'query', |
|
| 171 | - 'list' => 'users', |
|
| 172 | - 'format' => 'php', |
|
| 173 | - 'ususers' => $request->getName(), |
|
| 174 | - ); |
|
| 175 | - |
|
| 176 | - // FIXME: domains! |
|
| 177 | - /** @var Domain $domain */ |
|
| 178 | - $domain = Domain::getById(1, $this->getDatabase()); |
|
| 179 | - |
|
| 180 | - $content = $this->getHttpHelper()->get($domain->getWikiApiPath(), $parameters); |
|
| 181 | - |
|
| 182 | - $apiResult = unserialize($content); |
|
| 183 | - $exists = !isset($apiResult['query']['users']['0']['missing']); |
|
| 184 | - |
|
| 185 | - if (!$exists) { |
|
| 186 | - return true; |
|
| 187 | - } |
|
| 188 | - } |
|
| 189 | - |
|
| 190 | - return false; |
|
| 191 | - } |
|
| 192 | - |
|
| 193 | - /** |
|
| 194 | - * @param Request $request |
|
| 195 | - * @param string $mailText |
|
| 196 | - * @param User $currentUser |
|
| 197 | - * @param boolean $ccMailingList |
|
| 198 | - */ |
|
| 199 | - protected function sendMail(Request $request, $mailText, User $currentUser, $ccMailingList) |
|
| 200 | - { |
|
| 201 | - if ( |
|
| 202 | - ($request->getEmail() != $this->getSiteConfiguration()->getDataClearEmail()) && |
|
| 203 | - ($request->getIp() != $this->getSiteConfiguration()->getDataClearIp()) |
|
| 204 | - ) { |
|
| 205 | - $requestEmailHelper = new RequestEmailHelper($this->getEmailHelper()); |
|
| 206 | - $requestEmailHelper->sendMail($request, $mailText, $currentUser, $ccMailingList); |
|
| 207 | - |
|
| 208 | - $request->setEmailSent(true); |
|
| 209 | - $request->save(); |
|
| 210 | - } |
|
| 211 | - } |
|
| 212 | - |
|
| 213 | - /** |
|
| 214 | - * @param Request $request |
|
| 215 | - * @param EmailTemplate $template |
|
| 216 | - * @param string $templateName |
|
| 217 | - * |
|
| 218 | - * @throws Exception |
|
| 219 | - * @return void |
|
| 220 | - */ |
|
| 221 | - protected function showConfirmation(Request $request, EmailTemplate $template, $templateName) |
|
| 222 | - { |
|
| 223 | - $this->assignCSRFToken(); |
|
| 224 | - |
|
| 225 | - $this->assign('request', $request->getId()); |
|
| 226 | - $this->assign('template', $template->getId()); |
|
| 227 | - |
|
| 228 | - $this->assign('updateversion', $request->getUpdateVersion()); |
|
| 229 | - |
|
| 230 | - $this->assign('emailSentOverride', WebRequest::postBoolean('emailSentOverride') ? 'true' : 'false'); |
|
| 231 | - $this->assign('reserveOverride', WebRequest::postBoolean('reserveOverride') ? 'true' : 'false'); |
|
| 232 | - $this->assign('createOverride', WebRequest::postBoolean('createOverride') ? 'true' : 'false'); |
|
| 233 | - |
|
| 234 | - $this->skipAlerts(); |
|
| 235 | - |
|
| 236 | - $this->setTemplate($templateName); |
|
| 237 | - } |
|
| 238 | - |
|
| 239 | - /** |
|
| 240 | - * @param string $action |
|
| 241 | - * @param int|null $parentTaskId |
|
| 242 | - * |
|
| 243 | - * @throws ApplicationLogicException |
|
| 244 | - */ |
|
| 245 | - final protected function processWelcome(string $action, ?int $parentTaskId): void |
|
| 246 | - { |
|
| 247 | - $database = $this->getDatabase(); |
|
| 248 | - $currentUser = User::getCurrent($database); |
|
| 249 | - |
|
| 250 | - if ($action !== EmailTemplate::ACTION_CREATED) { |
|
| 251 | - return; |
|
| 252 | - } |
|
| 253 | - |
|
| 254 | - if ($currentUser->getWelcomeTemplate() === null) { |
|
| 255 | - return; |
|
| 256 | - } |
|
| 257 | - |
|
| 258 | - $oauth = new OAuthUserHelper($currentUser, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration()); |
|
| 259 | - if (!$oauth->canWelcome()) { |
|
| 260 | - return; |
|
| 261 | - } |
|
| 262 | - |
|
| 263 | - if (WebRequest::postBoolean('skipAutoWelcome')) { |
|
| 264 | - return; |
|
| 265 | - } |
|
| 266 | - |
|
| 267 | - $this->enqueueWelcomeTask($this->getRequest($database), $parentTaskId, $currentUser, $database); |
|
| 268 | - } |
|
| 27 | + protected function main() |
|
| 28 | + { |
|
| 29 | + $this->processClose(); |
|
| 30 | + } |
|
| 31 | + |
|
| 32 | + /** |
|
| 33 | + * Main function for this page, when no specific actions are called. |
|
| 34 | + * @throws ApplicationLogicException |
|
| 35 | + */ |
|
| 36 | + final protected function processClose() |
|
| 37 | + { |
|
| 38 | + $this->checkPosted(); |
|
| 39 | + $database = $this->getDatabase(); |
|
| 40 | + |
|
| 41 | + $currentUser = User::getCurrent($database); |
|
| 42 | + $template = $this->getTemplate($database); |
|
| 43 | + $request = $this->getRequest($database); |
|
| 44 | + $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 45 | + |
|
| 46 | + if ($request->getStatus() === RequestStatus::CLOSED) { |
|
| 47 | + throw new ApplicationLogicException('Request is already closed'); |
|
| 48 | + } |
|
| 49 | + |
|
| 50 | + if ($this->confirmEmailAlreadySent($request, $template)) { |
|
| 51 | + return; |
|
| 52 | + } |
|
| 53 | + |
|
| 54 | + if ($this->checkReserveProtect($request, $currentUser)) { |
|
| 55 | + return; |
|
| 56 | + } |
|
| 57 | + |
|
| 58 | + if ($this->confirmAccountCreated($request, $template)) { |
|
| 59 | + return; |
|
| 60 | + } |
|
| 61 | + |
|
| 62 | + // I think we're good here... |
|
| 63 | + $request->setStatus(RequestStatus::CLOSED); |
|
| 64 | + $request->setQueue(null); |
|
| 65 | + $request->setReserved(null); |
|
| 66 | + |
|
| 67 | + Logger::closeRequest($database, $request, $template->getId(), null); |
|
| 68 | + |
|
| 69 | + $request->save(); |
|
| 70 | + |
|
| 71 | + $this->processWelcome($template->getDefaultAction(), null); |
|
| 72 | + |
|
| 73 | + // Perform the notifications and stuff *after* we've successfully saved, since the save can throw an OLE and |
|
| 74 | + // be rolled back. |
|
| 75 | + |
|
| 76 | + $this->getNotificationHelper()->requestClosed($request, $template->getName()); |
|
| 77 | + $sanitisedTemplateName = htmlentities($template->getName(), ENT_COMPAT, 'UTF-8'); |
|
| 78 | + SessionAlert::success("Request {$request->getId()} has been closed as {$sanitisedTemplateName}"); |
|
| 79 | + |
|
| 80 | + $this->sendMail($request, $template->getText(), $currentUser, false); |
|
| 81 | + |
|
| 82 | + $this->redirect(); |
|
| 83 | + } |
|
| 84 | + |
|
| 85 | + /** |
|
| 86 | + * @param PdoDatabase $database |
|
| 87 | + * |
|
| 88 | + * @return EmailTemplate |
|
| 89 | + * @throws ApplicationLogicException |
|
| 90 | + */ |
|
| 91 | + protected function getTemplate(PdoDatabase $database) |
|
| 92 | + { |
|
| 93 | + $templateId = WebRequest::postInt('template'); |
|
| 94 | + if ($templateId === null) { |
|
| 95 | + throw new ApplicationLogicException('No template specified'); |
|
| 96 | + } |
|
| 97 | + |
|
| 98 | + /** @var EmailTemplate $template */ |
|
| 99 | + $template = EmailTemplate::getById($templateId, $database); |
|
| 100 | + if ($template === false || !$template->getActive()) { |
|
| 101 | + throw new ApplicationLogicException('Invalid or inactive template specified'); |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + return $template; |
|
| 105 | + } |
|
| 106 | + |
|
| 107 | + /** |
|
| 108 | + * @param Request $request |
|
| 109 | + * @param EmailTemplate $template |
|
| 110 | + * |
|
| 111 | + * @return bool |
|
| 112 | + */ |
|
| 113 | + protected function confirmEmailAlreadySent(Request $request, EmailTemplate $template) |
|
| 114 | + { |
|
| 115 | + if ($this->checkEmailAlreadySent($request)) { |
|
| 116 | + $this->showConfirmation($request, $template, 'close-confirmations/email-sent.tpl'); |
|
| 117 | + |
|
| 118 | + return true; |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + return false; |
|
| 122 | + } |
|
| 123 | + |
|
| 124 | + protected function checkEmailAlreadySent(Request $request) |
|
| 125 | + { |
|
| 126 | + if ($request->getEmailSent() && !WebRequest::postBoolean('emailSentOverride')) { |
|
| 127 | + return true; |
|
| 128 | + } |
|
| 129 | + |
|
| 130 | + return false; |
|
| 131 | + } |
|
| 132 | + |
|
| 133 | + protected function checkReserveProtect(Request $request, User $currentUser) |
|
| 134 | + { |
|
| 135 | + $reservationId = $request->getReserved(); |
|
| 136 | + |
|
| 137 | + if ($reservationId !== 0 && $reservationId !== null) { |
|
| 138 | + if ($currentUser->getId() !== $reservationId) { |
|
| 139 | + SessionAlert::error("Request is reserved by someone else."); |
|
| 140 | + $this->redirect('/viewRequest', null, ['id' => $request->getId()]); |
|
| 141 | + return true; |
|
| 142 | + } |
|
| 143 | + } |
|
| 144 | + |
|
| 145 | + return false; |
|
| 146 | + } |
|
| 147 | + |
|
| 148 | + /** |
|
| 149 | + * @param Request $request |
|
| 150 | + * @param EmailTemplate $template |
|
| 151 | + * |
|
| 152 | + * @return bool |
|
| 153 | + * @throws Exception |
|
| 154 | + */ |
|
| 155 | + protected function confirmAccountCreated(Request $request, EmailTemplate $template) |
|
| 156 | + { |
|
| 157 | + if ($template->getDefaultAction() === EmailTemplate::ACTION_CREATED && $this->checkAccountCreated($request)) { |
|
| 158 | + $this->showConfirmation($request, $template, 'close-confirmations/account-created.tpl'); |
|
| 159 | + |
|
| 160 | + return true; |
|
| 161 | + } |
|
| 162 | + |
|
| 163 | + return false; |
|
| 164 | + } |
|
| 165 | + |
|
| 166 | + protected function checkAccountCreated(Request $request) |
|
| 167 | + { |
|
| 168 | + if (!WebRequest::postBoolean('createOverride')) { |
|
| 169 | + $parameters = array( |
|
| 170 | + 'action' => 'query', |
|
| 171 | + 'list' => 'users', |
|
| 172 | + 'format' => 'php', |
|
| 173 | + 'ususers' => $request->getName(), |
|
| 174 | + ); |
|
| 175 | + |
|
| 176 | + // FIXME: domains! |
|
| 177 | + /** @var Domain $domain */ |
|
| 178 | + $domain = Domain::getById(1, $this->getDatabase()); |
|
| 179 | + |
|
| 180 | + $content = $this->getHttpHelper()->get($domain->getWikiApiPath(), $parameters); |
|
| 181 | + |
|
| 182 | + $apiResult = unserialize($content); |
|
| 183 | + $exists = !isset($apiResult['query']['users']['0']['missing']); |
|
| 184 | + |
|
| 185 | + if (!$exists) { |
|
| 186 | + return true; |
|
| 187 | + } |
|
| 188 | + } |
|
| 189 | + |
|
| 190 | + return false; |
|
| 191 | + } |
|
| 192 | + |
|
| 193 | + /** |
|
| 194 | + * @param Request $request |
|
| 195 | + * @param string $mailText |
|
| 196 | + * @param User $currentUser |
|
| 197 | + * @param boolean $ccMailingList |
|
| 198 | + */ |
|
| 199 | + protected function sendMail(Request $request, $mailText, User $currentUser, $ccMailingList) |
|
| 200 | + { |
|
| 201 | + if ( |
|
| 202 | + ($request->getEmail() != $this->getSiteConfiguration()->getDataClearEmail()) && |
|
| 203 | + ($request->getIp() != $this->getSiteConfiguration()->getDataClearIp()) |
|
| 204 | + ) { |
|
| 205 | + $requestEmailHelper = new RequestEmailHelper($this->getEmailHelper()); |
|
| 206 | + $requestEmailHelper->sendMail($request, $mailText, $currentUser, $ccMailingList); |
|
| 207 | + |
|
| 208 | + $request->setEmailSent(true); |
|
| 209 | + $request->save(); |
|
| 210 | + } |
|
| 211 | + } |
|
| 212 | + |
|
| 213 | + /** |
|
| 214 | + * @param Request $request |
|
| 215 | + * @param EmailTemplate $template |
|
| 216 | + * @param string $templateName |
|
| 217 | + * |
|
| 218 | + * @throws Exception |
|
| 219 | + * @return void |
|
| 220 | + */ |
|
| 221 | + protected function showConfirmation(Request $request, EmailTemplate $template, $templateName) |
|
| 222 | + { |
|
| 223 | + $this->assignCSRFToken(); |
|
| 224 | + |
|
| 225 | + $this->assign('request', $request->getId()); |
|
| 226 | + $this->assign('template', $template->getId()); |
|
| 227 | + |
|
| 228 | + $this->assign('updateversion', $request->getUpdateVersion()); |
|
| 229 | + |
|
| 230 | + $this->assign('emailSentOverride', WebRequest::postBoolean('emailSentOverride') ? 'true' : 'false'); |
|
| 231 | + $this->assign('reserveOverride', WebRequest::postBoolean('reserveOverride') ? 'true' : 'false'); |
|
| 232 | + $this->assign('createOverride', WebRequest::postBoolean('createOverride') ? 'true' : 'false'); |
|
| 233 | + |
|
| 234 | + $this->skipAlerts(); |
|
| 235 | + |
|
| 236 | + $this->setTemplate($templateName); |
|
| 237 | + } |
|
| 238 | + |
|
| 239 | + /** |
|
| 240 | + * @param string $action |
|
| 241 | + * @param int|null $parentTaskId |
|
| 242 | + * |
|
| 243 | + * @throws ApplicationLogicException |
|
| 244 | + */ |
|
| 245 | + final protected function processWelcome(string $action, ?int $parentTaskId): void |
|
| 246 | + { |
|
| 247 | + $database = $this->getDatabase(); |
|
| 248 | + $currentUser = User::getCurrent($database); |
|
| 249 | + |
|
| 250 | + if ($action !== EmailTemplate::ACTION_CREATED) { |
|
| 251 | + return; |
|
| 252 | + } |
|
| 253 | + |
|
| 254 | + if ($currentUser->getWelcomeTemplate() === null) { |
|
| 255 | + return; |
|
| 256 | + } |
|
| 257 | + |
|
| 258 | + $oauth = new OAuthUserHelper($currentUser, $database, $this->getOAuthProtocolHelper(), $this->getSiteConfiguration()); |
|
| 259 | + if (!$oauth->canWelcome()) { |
|
| 260 | + return; |
|
| 261 | + } |
|
| 262 | + |
|
| 263 | + if (WebRequest::postBoolean('skipAutoWelcome')) { |
|
| 264 | + return; |
|
| 265 | + } |
|
| 266 | + |
|
| 267 | + $this->enqueueWelcomeTask($this->getRequest($database), $parentTaskId, $currentUser, $database); |
|
| 268 | + } |
|
| 269 | 269 | } |
@@ -21,81 +21,81 @@ |
||
| 21 | 21 | |
| 22 | 22 | class PageDeferRequest extends RequestActionBase |
| 23 | 23 | { |
| 24 | - /** |
|
| 25 | - * Main function for this page, when no specific actions are called. |
|
| 26 | - * @throws ApplicationLogicException |
|
| 27 | - */ |
|
| 28 | - protected function main() |
|
| 29 | - { |
|
| 30 | - $this->checkPosted(); |
|
| 31 | - $database = $this->getDatabase(); |
|
| 32 | - $request = $this->getRequest($database); |
|
| 33 | - $currentUser = User::getCurrent($database); |
|
| 34 | - |
|
| 35 | - $target = WebRequest::postString('target'); |
|
| 36 | - |
|
| 37 | - // FIXME: domains! |
|
| 38 | - $requestQueue = RequestQueue::getByApiName($database, $target, 1); |
|
| 39 | - |
|
| 40 | - if ($requestQueue === false) { |
|
| 41 | - throw new ApplicationLogicException('Defer target not valid'); |
|
| 42 | - } |
|
| 43 | - |
|
| 44 | - if ($request->getQueue() == $requestQueue->getId() && $request->getStatus() == RequestStatus::OPEN) { |
|
| 45 | - SessionAlert::warning('This request is already in the specified queue.'); |
|
| 46 | - $this->redirect('viewRequest', null, array('id' => $request->getId())); |
|
| 47 | - |
|
| 48 | - return; |
|
| 49 | - } |
|
| 50 | - |
|
| 51 | - $closureDate = $request->getClosureDate(); |
|
| 52 | - $date = new DateTime(); |
|
| 53 | - $date->modify("-7 days"); |
|
| 54 | - |
|
| 55 | - if ($request->getStatus() == RequestStatus::CLOSED && $closureDate < $date) { |
|
| 56 | - if (!$this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')) { |
|
| 57 | - throw new ApplicationLogicException( |
|
| 58 | - "You are not allowed to re-open a request that has been closed for over a week."); |
|
| 59 | - } |
|
| 60 | - } |
|
| 61 | - |
|
| 62 | - if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) { |
|
| 63 | - if (!$this->barrierTest('reopenClearedRequest', $currentUser, 'RequestData')) { |
|
| 64 | - throw new ApplicationLogicException( |
|
| 65 | - "You are not allowed to re-open a request for which the private data has been purged."); |
|
| 66 | - } |
|
| 67 | - } |
|
| 68 | - |
|
| 69 | - if ($request->getStatus() === RequestStatus::JOBQUEUE) { |
|
| 70 | - /** @var JobQueue[] $pendingJobs */ |
|
| 71 | - $pendingJobs = JobQueueSearchHelper::get($database)->byRequest($request->getId())->statusIn([ |
|
| 72 | - JobQueue::STATUS_QUEUED, |
|
| 73 | - JobQueue::STATUS_READY, |
|
| 74 | - JobQueue::STATUS_WAITING, |
|
| 75 | - ])->fetch(); |
|
| 76 | - |
|
| 77 | - foreach ($pendingJobs as $job) { |
|
| 78 | - $job->setStatus(JobQueue::STATUS_CANCELLED); |
|
| 79 | - $job->setError('Cancelled by request deferral'); |
|
| 80 | - $job->save(); |
|
| 81 | - |
|
| 82 | - Logger::backgroundJobCancelled($database, $job); |
|
| 83 | - } |
|
| 84 | - } |
|
| 85 | - |
|
| 86 | - $request->setReserved(null); |
|
| 87 | - $request->setStatus(RequestStatus::OPEN); |
|
| 88 | - $request->setQueue($requestQueue->getId()); |
|
| 89 | - $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 90 | - $request->save(); |
|
| 91 | - |
|
| 92 | - Logger::deferRequest($database, $request, $requestQueue->getLogName()); |
|
| 93 | - |
|
| 94 | - $this->getNotificationHelper()->requestDeferred($request); |
|
| 95 | - |
|
| 96 | - $deto = htmlentities($requestQueue->getDisplayName(), ENT_COMPAT, 'UTF-8'); |
|
| 97 | - SessionAlert::success("Request {$request->getId()} deferred to {$deto}"); |
|
| 98 | - |
|
| 99 | - $this->redirect(); |
|
| 100 | - } |
|
| 24 | + /** |
|
| 25 | + * Main function for this page, when no specific actions are called. |
|
| 26 | + * @throws ApplicationLogicException |
|
| 27 | + */ |
|
| 28 | + protected function main() |
|
| 29 | + { |
|
| 30 | + $this->checkPosted(); |
|
| 31 | + $database = $this->getDatabase(); |
|
| 32 | + $request = $this->getRequest($database); |
|
| 33 | + $currentUser = User::getCurrent($database); |
|
| 34 | + |
|
| 35 | + $target = WebRequest::postString('target'); |
|
| 36 | + |
|
| 37 | + // FIXME: domains! |
|
| 38 | + $requestQueue = RequestQueue::getByApiName($database, $target, 1); |
|
| 39 | + |
|
| 40 | + if ($requestQueue === false) { |
|
| 41 | + throw new ApplicationLogicException('Defer target not valid'); |
|
| 42 | + } |
|
| 43 | + |
|
| 44 | + if ($request->getQueue() == $requestQueue->getId() && $request->getStatus() == RequestStatus::OPEN) { |
|
| 45 | + SessionAlert::warning('This request is already in the specified queue.'); |
|
| 46 | + $this->redirect('viewRequest', null, array('id' => $request->getId())); |
|
| 47 | + |
|
| 48 | + return; |
|
| 49 | + } |
|
| 50 | + |
|
| 51 | + $closureDate = $request->getClosureDate(); |
|
| 52 | + $date = new DateTime(); |
|
| 53 | + $date->modify("-7 days"); |
|
| 54 | + |
|
| 55 | + if ($request->getStatus() == RequestStatus::CLOSED && $closureDate < $date) { |
|
| 56 | + if (!$this->barrierTest('reopenOldRequest', $currentUser, 'RequestData')) { |
|
| 57 | + throw new ApplicationLogicException( |
|
| 58 | + "You are not allowed to re-open a request that has been closed for over a week."); |
|
| 59 | + } |
|
| 60 | + } |
|
| 61 | + |
|
| 62 | + if ($request->getEmail() === $this->getSiteConfiguration()->getDataClearEmail()) { |
|
| 63 | + if (!$this->barrierTest('reopenClearedRequest', $currentUser, 'RequestData')) { |
|
| 64 | + throw new ApplicationLogicException( |
|
| 65 | + "You are not allowed to re-open a request for which the private data has been purged."); |
|
| 66 | + } |
|
| 67 | + } |
|
| 68 | + |
|
| 69 | + if ($request->getStatus() === RequestStatus::JOBQUEUE) { |
|
| 70 | + /** @var JobQueue[] $pendingJobs */ |
|
| 71 | + $pendingJobs = JobQueueSearchHelper::get($database)->byRequest($request->getId())->statusIn([ |
|
| 72 | + JobQueue::STATUS_QUEUED, |
|
| 73 | + JobQueue::STATUS_READY, |
|
| 74 | + JobQueue::STATUS_WAITING, |
|
| 75 | + ])->fetch(); |
|
| 76 | + |
|
| 77 | + foreach ($pendingJobs as $job) { |
|
| 78 | + $job->setStatus(JobQueue::STATUS_CANCELLED); |
|
| 79 | + $job->setError('Cancelled by request deferral'); |
|
| 80 | + $job->save(); |
|
| 81 | + |
|
| 82 | + Logger::backgroundJobCancelled($database, $job); |
|
| 83 | + } |
|
| 84 | + } |
|
| 85 | + |
|
| 86 | + $request->setReserved(null); |
|
| 87 | + $request->setStatus(RequestStatus::OPEN); |
|
| 88 | + $request->setQueue($requestQueue->getId()); |
|
| 89 | + $request->setUpdateVersion(WebRequest::postInt('updateversion')); |
|
| 90 | + $request->save(); |
|
| 91 | + |
|
| 92 | + Logger::deferRequest($database, $request, $requestQueue->getLogName()); |
|
| 93 | + |
|
| 94 | + $this->getNotificationHelper()->requestDeferred($request); |
|
| 95 | + |
|
| 96 | + $deto = htmlentities($requestQueue->getDisplayName(), ENT_COMPAT, 'UTF-8'); |
|
| 97 | + SessionAlert::success("Request {$request->getId()} deferred to {$deto}"); |
|
| 98 | + |
|
| 99 | + $this->redirect(); |
|
| 100 | + } |
|
| 101 | 101 | } |
@@ -15,39 +15,39 @@ |
||
| 15 | 15 | |
| 16 | 16 | class PageManuallyConfirm extends RequestActionBase |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * This endpoint manually confirms a request, bypassing email confirmation. |
|
| 20 | - * |
|
| 21 | - * Only administrators are allowed to do this, for obvious reasons. |
|
| 22 | - * |
|
| 23 | - * @throws ApplicationLogicException|OptimisticLockFailedException |
|
| 24 | - */ |
|
| 25 | - protected function main() |
|
| 26 | - { |
|
| 27 | - // This method throws an error if we don't post |
|
| 28 | - $this->checkPosted(); |
|
| 29 | - |
|
| 30 | - // Retrieve the database. |
|
| 31 | - $database = $this->getDatabase(); |
|
| 32 | - |
|
| 33 | - // Find the request |
|
| 34 | - // This method throws exceptions if there is an error with the request. |
|
| 35 | - $request = $this->getRequest($database); |
|
| 36 | - $version = WebRequest::postInt('version'); |
|
| 37 | - |
|
| 38 | - $request->setUpdateVersion($version); |
|
| 39 | - |
|
| 40 | - // Mark the request as confirmed. |
|
| 41 | - $request->setEmailConfirm("Confirmed"); |
|
| 42 | - $request->save(); |
|
| 43 | - |
|
| 44 | - // Log that the request was manually confirmed |
|
| 45 | - Logger::manuallyConfirmRequest($database, $request); |
|
| 46 | - |
|
| 47 | - // Notify the IRC channel |
|
| 48 | - $this->getNotificationHelper()->requestReceived($request); |
|
| 49 | - |
|
| 50 | - // Redirect back to the main request, now it should show the request. |
|
| 51 | - $this->redirect('viewRequest', null, array('id' => $request->getId())); |
|
| 52 | - } |
|
| 18 | + /** |
|
| 19 | + * This endpoint manually confirms a request, bypassing email confirmation. |
|
| 20 | + * |
|
| 21 | + * Only administrators are allowed to do this, for obvious reasons. |
|
| 22 | + * |
|
| 23 | + * @throws ApplicationLogicException|OptimisticLockFailedException |
|
| 24 | + */ |
|
| 25 | + protected function main() |
|
| 26 | + { |
|
| 27 | + // This method throws an error if we don't post |
|
| 28 | + $this->checkPosted(); |
|
| 29 | + |
|
| 30 | + // Retrieve the database. |
|
| 31 | + $database = $this->getDatabase(); |
|
| 32 | + |
|
| 33 | + // Find the request |
|
| 34 | + // This method throws exceptions if there is an error with the request. |
|
| 35 | + $request = $this->getRequest($database); |
|
| 36 | + $version = WebRequest::postInt('version'); |
|
| 37 | + |
|
| 38 | + $request->setUpdateVersion($version); |
|
| 39 | + |
|
| 40 | + // Mark the request as confirmed. |
|
| 41 | + $request->setEmailConfirm("Confirmed"); |
|
| 42 | + $request->save(); |
|
| 43 | + |
|
| 44 | + // Log that the request was manually confirmed |
|
| 45 | + Logger::manuallyConfirmRequest($database, $request); |
|
| 46 | + |
|
| 47 | + // Notify the IRC channel |
|
| 48 | + $this->getNotificationHelper()->requestReceived($request); |
|
| 49 | + |
|
| 50 | + // Redirect back to the main request, now it should show the request. |
|
| 51 | + $this->redirect('viewRequest', null, array('id' => $request->getId())); |
|
| 52 | + } |
|
| 53 | 53 | } |
