SpecialBotPasswords::checkExecutePermissions() - Code Metrics - wikimedia/mediawiki - Measure and Improve Code Quality continuously with Scrutinizer

SpecialBotPasswords::checkExecutePermissions() A
last analyzed 2016-11-13 17:42 UTC

↳ Parent: SpecialBotPasswords

Complexity

Conditions	3
Paths	3

Size

Total Lines	12
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
eloc	7
nc	3
nop	1
dl	0
loc	12
rs	9.4285
c	0
b	0
f	0

<?php
/**
 * Implements Special:BotPasswords
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 * @ingroup SpecialPage
 */

/**
 * Let users manage bot passwords
 *
 * @ingroup SpecialPage
 */
class SpecialBotPasswords extends FormSpecialPage {

	/** @var int Central user ID */
	private $userId = 0;

	/** @var BotPassword|null Bot password being edited, if any */
	private $botPassword = null;

	/** @var string Operation being performed: create, update, delete */
	private $operation = null;

	/** @var string New password set, for communication between onSubmit() and onSuccess() */
	private $password = null;

	public function __construct() {
		parent::__construct( 'BotPasswords', 'editmyprivateinfo' );
	}

	/**
	 * @return bool
	 */
	public function isListed() {
		return $this->getConfig()->get( 'EnableBotPasswords' );
	}

	/**
	 * Main execution point
	 * @param string|null $par
	 */
	function execute( $par ) {
		$this->getOutput()->disallowUserJs();
		$this->requireLogin();

		$par = trim( $par );
		if ( strlen( $par ) === 0 ) {
			$par = null;
		} elseif ( strlen( $par ) > BotPassword::APPID_MAXLENGTH ) {
			throw new ErrorPageError( 'botpasswords', 'botpasswords-bad-appid',
				[ htmlspecialchars( $par ) ] );
		}

		parent::execute( $par );
	}

	protected function checkExecutePermissions( User $user ) {
		parent::checkExecutePermissions( $user );

		if ( !$this->getConfig()->get( 'EnableBotPasswords' ) ) {
			throw new ErrorPageError( 'botpasswords', 'botpasswords-disabled' );
		}

		$this->userId = CentralIdLookup::factory()->centralIdFromLocalUser( $this->getUser() );
		if ( !$this->userId ) {
			throw new ErrorPageError( 'botpasswords', 'botpasswords-no-central-id' );
		}
	}

	protected function getFormFields() {
		$fields = [];

		if ( $this->par !== null ) {
			$this->botPassword = BotPassword::newFromCentralId( $this->userId, $this->par );
			if ( !$this->botPassword ) {
				$this->botPassword = BotPassword::newUnsaved( [
					'centralId' => $this->userId,
					'appId' => $this->par,
				] );
			}

			$sep = BotPassword::getSeparator();
			$fields[] = [
				'type' => 'info',
				'label-message' => 'username',
				'default' => $this->getUser()->getName() . $sep . $this->par
			];

			if ( $this->botPassword->isSaved() ) {
				$fields['resetPassword'] = [
					'type' => 'check',
					'label-message' => 'botpasswords-label-resetpassword',
				];
			}

			$lang = $this->getLanguage();
			$showGrants = MWGrants::getValidGrants();
			$fields['grants'] = [
				'type' => 'checkmatrix',
				'label-message' => 'botpasswords-label-grants',
				'help-message' => 'botpasswords-help-grants',
				'columns' => [
					$this->msg( 'botpasswords-label-grants-column' )->escaped() => 'grant'
				],
				'rows' => array_combine(
					array_map( 'MWGrants::getGrantsLink', $showGrants ),
					$showGrants
				),
				'default' => array_map(
					function( $g ) {
						return "grant-$g";
					},
					$this->botPassword->getGrants()
				),
				'tooltips' => array_combine(
					array_map( 'MWGrants::getGrantsLink', $showGrants ),
					array_map(
						function( $rights ) use ( $lang ) {
							return $lang->semicolonList( array_map( 'User::getRightDescription', $rights ) );
						},
						array_intersect_key( MWGrants::getRightsByGrant(), array_flip( $showGrants ) )
					)
				),
				'force-options-on' => array_map(
					function( $g ) {
						return "grant-$g";
					},
					MWGrants::getHiddenGrants()
				),
			];

			$fields['restrictions'] = [
				'class' => 'HTMLRestrictionsField',
				'required' => true,
				'default' => $this->botPassword->getRestrictions(),
			];

		} else {
			$linkRenderer = $this->getLinkRenderer();
			$dbr = BotPassword::getDB( DB_REPLICA );
			$res = $dbr->select(
				'bot_passwords',
				[ 'bp_app_id' ],
				[ 'bp_user' => $this->userId ],
				__METHOD__
			);
			foreach ( $res as $row ) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
				$fields[] = [
					'section' => 'existing',
					'type' => 'info',
					'raw' => true,
					'default' => $linkRenderer->makeKnownLink(
						$this->getPageTitle( $row->bp_app_id ),
						$row->bp_app_id
					),
				];
			}

			$fields['appId'] = [
				'section' => 'createnew',
				'type' => 'textwithbutton',
				'label-message' => 'botpasswords-label-appid',
				'buttondefault' => $this->msg( 'botpasswords-label-create' )->text(),
				'buttonflags' => [ 'progressive', 'primary' ],
				'required' => true,
				'size' => BotPassword::APPID_MAXLENGTH,
				'maxlength' => BotPassword::APPID_MAXLENGTH,
				'validation-callback' => function ( $v ) {
					$v = trim( $v );
					return $v !== '' && strlen( $v ) <= BotPassword::APPID_MAXLENGTH;
				},
			];

			$fields[] = [
				'type' => 'hidden',
				'default' => 'new',
				'name' => 'op',
			];
		}

		return $fields;
	}

	protected function alterForm( HTMLForm $form ) {
		$form->setId( 'mw-botpasswords-form' );
		$form->setTableId( 'mw-botpasswords-table' );
		$form->addPreText( $this->msg( 'botpasswords-summary' )->parseAsBlock() );
		$form->suppressDefaultSubmit();

		if ( $this->par !== null ) {
			if ( $this->botPassword->isSaved() ) {
				$form->setWrapperLegendMsg( 'botpasswords-editexisting' );
				$form->addButton( [
					'name' => 'op',
					'value' => 'update',
					'label-message' => 'botpasswords-label-update',
					'flags' => [ 'primary', 'progressive' ],
				] );
				$form->addButton( [
					'name' => 'op',
					'value' => 'delete',
					'label-message' => 'botpasswords-label-delete',
					'flags' => [ 'destructive' ],
				] );
			} else {
				$form->setWrapperLegendMsg( 'botpasswords-createnew' );
				$form->addButton( [
					'name' => 'op',
					'value' => 'create',
					'label-message' => 'botpasswords-label-create',
					'flags' => [ 'primary', 'progressive' ],
				] );
			}

			$form->addButton( [
				'name' => 'op',
				'value' => 'cancel',
				'label-message' => 'botpasswords-label-cancel'
			] );
		}
	}

	public function onSubmit( array $data ) {
		$op = $this->getRequest()->getVal( 'op', '' );

		switch ( $op ) {
			case 'new':
				$this->getOutput()->redirect( $this->getPageTitle( $data['appId'] )->getFullURL() );
				return false;

			case 'create':
				$this->operation = 'insert';
				return $this->save( $data );

			case 'update':
				$this->operation = 'update';
				return $this->save( $data );

			case 'delete':
				$this->operation = 'delete';
				$bp = BotPassword::newFromCentralId( $this->userId, $this->par );
				if ( $bp ) {
					$bp->delete();
				}
				return Status::newGood();

			case 'cancel':
				$this->getOutput()->redirect( $this->getPageTitle()->getFullURL() );
				return false;
		}

		return false;
	}

	private function save( array $data ) {
		$bp = BotPassword::newUnsaved( [
			'centralId' => $this->userId,
			'appId' => $this->par,
			'restrictions' => $data['restrictions'],
			'grants' => array_merge(
				MWGrants::getHiddenGrants(),
				preg_replace( '/^grant-/', '', $data['grants'] )
			)
		] );

		if ( $this->operation === 'insert' || !empty( $data['resetPassword'] ) ) {
			$this->password = BotPassword::generatePassword( $this->getConfig() );
			$passwordFactory = new PasswordFactory();
			$passwordFactory->init( RequestContext::getMain()->getConfig() );
			$password = $passwordFactory->newFromPlaintext( $this->password );
		} else {
			$password = null;
		}

		if ( $bp->save( $this->operation, $password ) ) {
			return Status::newGood();
		} else {
			// Messages: botpasswords-insert-failed, botpasswords-update-failed
			return Status::newFatal( "botpasswords-{$this->operation}-failed", $this->par );
		}
	}

	public function onSuccess() {
		$out = $this->getOutput();

		$username = $this->getUser()->getName();
		switch ( $this->operation ) {
			case 'insert':
				$out->setPageTitle( $this->msg( 'botpasswords-created-title' )->text() );
				$out->addWikiMsg( 'botpasswords-created-body', $this->par, $username );
				break;

			case 'update':
				$out->setPageTitle( $this->msg( 'botpasswords-updated-title' )->text() );
				$out->addWikiMsg( 'botpasswords-updated-body', $this->par, $username );
				break;

			case 'delete':
				$out->setPageTitle( $this->msg( 'botpasswords-deleted-title' )->text() );
				$out->addWikiMsg( 'botpasswords-deleted-body', $this->par, $username );
				$this->password = null;
				break;
		}

		if ( $this->password !== null ) {
			$sep = BotPassword::getSeparator();
			$out->addWikiMsg(
				'botpasswords-newpassword',
				htmlspecialchars( $username . $sep . $this->par ),
				htmlspecialchars( $this->password ),
				htmlspecialchars( $username ),
				htmlspecialchars( $this->par . $sep . $this->password )
			);
			$this->password = null;
		}

		$out->addReturnTo( $this->getPageTitle() );
	}

	protected function getGroupName() {
		return 'users';
	}

	protected function getDisplayFormat() {
		return 'ooui';
	}
}


1			<?php
2			/**
3			* Implements Special:BotPasswords
4			*
5			* This program is free software; you can redistribute it and/or modify
6			* it under the terms of the GNU General Public License as published by
7			* the Free Software Foundation; either version 2 of the License, or
8			* (at your option) any later version.
9			*
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU General Public License for more details.
14			*
15			* You should have received a copy of the GNU General Public License along
16			* with this program; if not, write to the Free Software Foundation, Inc.,
17			* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18			* http://www.gnu.org/copyleft/gpl.html
19			*
20			* @file
21			* @ingroup SpecialPage
22			*/
23
24			/**
25			* Let users manage bot passwords
26			*
27			* @ingroup SpecialPage
28			*/
29			class SpecialBotPasswords extends FormSpecialPage {
30
31			/** @var int Central user ID */
32			private $userId = 0;
33
34			/** @var BotPassword\|null Bot password being edited, if any */
35			private $botPassword = null;
36
37			/** @var string Operation being performed: create, update, delete */
38			private $operation = null;
39
40			/** @var string New password set, for communication between onSubmit() and onSuccess() */
41			private $password = null;
42
43			public function __construct() {
44			parent::__construct( 'BotPasswords', 'editmyprivateinfo' );
45			}
46
47			/**
48			* @return bool
49			*/
50			public function isListed() {
51			return $this->getConfig()->get( 'EnableBotPasswords' );
52			}
53
54			/**
55			* Main execution point
56			* @param string\|null $par
57			*/
58			function execute( $par ) {
59			$this->getOutput()->disallowUserJs();
60			$this->requireLogin();
61
62			$par = trim( $par );
63			if ( strlen( $par ) === 0 ) {
64			$par = null;
65			} elseif ( strlen( $par ) > BotPassword::APPID_MAXLENGTH ) {
66			throw new ErrorPageError( 'botpasswords', 'botpasswords-bad-appid',
67			[ htmlspecialchars( $par ) ] );
68			}
69
70			parent::execute( $par );
71			}
72
73			protected function checkExecutePermissions( User $user ) {
74			parent::checkExecutePermissions( $user );
75
76			if ( !$this->getConfig()->get( 'EnableBotPasswords' ) ) {
77			throw new ErrorPageError( 'botpasswords', 'botpasswords-disabled' );
78			}
79
80			$this->userId = CentralIdLookup::factory()->centralIdFromLocalUser( $this->getUser() );
81			if ( !$this->userId ) {
82			throw new ErrorPageError( 'botpasswords', 'botpasswords-no-central-id' );
83			}
84			}
85
86			protected function getFormFields() {
87			$fields = [];
88
89			if ( $this->par !== null ) {
90			$this->botPassword = BotPassword::newFromCentralId( $this->userId, $this->par );
91			if ( !$this->botPassword ) {
92			$this->botPassword = BotPassword::newUnsaved( [
93			'centralId' => $this->userId,
94			'appId' => $this->par,
95			] );
96			}
97
98			$sep = BotPassword::getSeparator();
99			$fields[] = [
100			'type' => 'info',
101			'label-message' => 'username',
102			'default' => $this->getUser()->getName() . $sep . $this->par
103			];
104
105			if ( $this->botPassword->isSaved() ) {
106			$fields['resetPassword'] = [
107			'type' => 'check',
108			'label-message' => 'botpasswords-label-resetpassword',
109			];
110			}
111
112			$lang = $this->getLanguage();
113			$showGrants = MWGrants::getValidGrants();
114			$fields['grants'] = [
115			'type' => 'checkmatrix',
116			'label-message' => 'botpasswords-label-grants',
117			'help-message' => 'botpasswords-help-grants',
118			'columns' => [
119			$this->msg( 'botpasswords-label-grants-column' )->escaped() => 'grant'
120			],
121			'rows' => array_combine(
122			array_map( 'MWGrants::getGrantsLink', $showGrants ),
123			$showGrants
124			),
125			'default' => array_map(
126			function( $g ) {
127			return "grant-$g";
128			},
129			$this->botPassword->getGrants()
130			),
131			'tooltips' => array_combine(
132			array_map( 'MWGrants::getGrantsLink', $showGrants ),
133			array_map(
134			function( $rights ) use ( $lang ) {
135			return $lang->semicolonList( array_map( 'User::getRightDescription', $rights ) );
136			},
137			array_intersect_key( MWGrants::getRightsByGrant(), array_flip( $showGrants ) )
138			)
139			),
140			'force-options-on' => array_map(
141			function( $g ) {
142			return "grant-$g";
143			},
144			MWGrants::getHiddenGrants()
145			),
146			];
147
148			$fields['restrictions'] = [
149			'class' => 'HTMLRestrictionsField',
150			'required' => true,
151			'default' => $this->botPassword->getRestrictions(),
152			];
153
154			} else {
155			$linkRenderer = $this->getLinkRenderer();
156			$dbr = BotPassword::getDB( DB_REPLICA );
157			$res = $dbr->select(
158			'bot_passwords',
159			[ 'bp_app_id' ],
160			[ 'bp_user' => $this->userId ],
161			__METHOD__
162			);
163			foreach ( $res as $row ) {
			0 ignored issues – show Bug introduced 2016-01-16 18:00 UTC by Report Bug Copy Issue Report The expression `$res` of type `object<ResultWrapper>\|boolean` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
164			$fields[] = [
165			'section' => 'existing',
166			'type' => 'info',
167			'raw' => true,
168			'default' => $linkRenderer->makeKnownLink(
169			$this->getPageTitle( $row->bp_app_id ),
170			$row->bp_app_id
171			),
172			];
173			}
174
175			$fields['appId'] = [
176			'section' => 'createnew',
177			'type' => 'textwithbutton',
178			'label-message' => 'botpasswords-label-appid',
179			'buttondefault' => $this->msg( 'botpasswords-label-create' )->text(),
180			'buttonflags' => [ 'progressive', 'primary' ],
181			'required' => true,
182			'size' => BotPassword::APPID_MAXLENGTH,
183			'maxlength' => BotPassword::APPID_MAXLENGTH,
184			'validation-callback' => function ( $v ) {
185			$v = trim( $v );
186			return $v !== '' && strlen( $v ) <= BotPassword::APPID_MAXLENGTH;
187			},
188			];
189
190			$fields[] = [
191			'type' => 'hidden',
192			'default' => 'new',
193			'name' => 'op',
194			];
195			}
196
197			return $fields;
198			}
199
200			protected function alterForm( HTMLForm $form ) {
201			$form->setId( 'mw-botpasswords-form' );
202			$form->setTableId( 'mw-botpasswords-table' );
203			$form->addPreText( $this->msg( 'botpasswords-summary' )->parseAsBlock() );
204			$form->suppressDefaultSubmit();
205
206			if ( $this->par !== null ) {
207			if ( $this->botPassword->isSaved() ) {
208			$form->setWrapperLegendMsg( 'botpasswords-editexisting' );
209			$form->addButton( [
210			'name' => 'op',
211			'value' => 'update',
212			'label-message' => 'botpasswords-label-update',
213			'flags' => [ 'primary', 'progressive' ],
214			] );
215			$form->addButton( [
216			'name' => 'op',
217			'value' => 'delete',
218			'label-message' => 'botpasswords-label-delete',
219			'flags' => [ 'destructive' ],
220			] );
221			} else {
222			$form->setWrapperLegendMsg( 'botpasswords-createnew' );
223			$form->addButton( [
224			'name' => 'op',
225			'value' => 'create',
226			'label-message' => 'botpasswords-label-create',
227			'flags' => [ 'primary', 'progressive' ],
228			] );
229			}
230
231			$form->addButton( [
232			'name' => 'op',
233			'value' => 'cancel',
234			'label-message' => 'botpasswords-label-cancel'
235			] );
236			}
237			}
238
239			public function onSubmit( array $data ) {
240			$op = $this->getRequest()->getVal( 'op', '' );
241
242			switch ( $op ) {
243			case 'new':
244			$this->getOutput()->redirect( $this->getPageTitle( $data['appId'] )->getFullURL() );
245			return false;
246
247			case 'create':
248			$this->operation = 'insert';
249			return $this->save( $data );
250
251			case 'update':
252			$this->operation = 'update';
253			return $this->save( $data );
254
255			case 'delete':
256			$this->operation = 'delete';
257			$bp = BotPassword::newFromCentralId( $this->userId, $this->par );
258			if ( $bp ) {
259			$bp->delete();
260			}
261			return Status::newGood();
262
263			case 'cancel':
264			$this->getOutput()->redirect( $this->getPageTitle()->getFullURL() );
265			return false;
266			}
267
268			return false;
269			}
270
271			private function save( array $data ) {
272			$bp = BotPassword::newUnsaved( [
273			'centralId' => $this->userId,
274			'appId' => $this->par,
275			'restrictions' => $data['restrictions'],
276			'grants' => array_merge(
277			MWGrants::getHiddenGrants(),
278			preg_replace( '/^grant-/', '', $data['grants'] )
279			)
280			] );
281
282			if ( $this->operation === 'insert' \|\| !empty( $data['resetPassword'] ) ) {
283			$this->password = BotPassword::generatePassword( $this->getConfig() );
284			$passwordFactory = new PasswordFactory();
285			$passwordFactory->init( RequestContext::getMain()->getConfig() );
286			$password = $passwordFactory->newFromPlaintext( $this->password );
287			} else {
288			$password = null;
289			}
290
291			if ( $bp->save( $this->operation, $password ) ) {
292			return Status::newGood();
293			} else {
294			// Messages: botpasswords-insert-failed, botpasswords-update-failed
295			return Status::newFatal( "botpasswords-{$this->operation}-failed", $this->par );
296			}
297			}
298
299			public function onSuccess() {
300			$out = $this->getOutput();
301
302			$username = $this->getUser()->getName();
303			switch ( $this->operation ) {
304			case 'insert':
305			$out->setPageTitle( $this->msg( 'botpasswords-created-title' )->text() );
306			$out->addWikiMsg( 'botpasswords-created-body', $this->par, $username );
307			break;
308
309			case 'update':
310			$out->setPageTitle( $this->msg( 'botpasswords-updated-title' )->text() );
311			$out->addWikiMsg( 'botpasswords-updated-body', $this->par, $username );
312			break;
313
314			case 'delete':
315			$out->setPageTitle( $this->msg( 'botpasswords-deleted-title' )->text() );
316			$out->addWikiMsg( 'botpasswords-deleted-body', $this->par, $username );
317			$this->password = null;
318			break;
319			}
320
321			if ( $this->password !== null ) {
322			$sep = BotPassword::getSeparator();
323			$out->addWikiMsg(
324			'botpasswords-newpassword',
325			htmlspecialchars( $username . $sep . $this->par ),
326			htmlspecialchars( $this->password ),
327			htmlspecialchars( $username ),
328			htmlspecialchars( $this->par . $sep . $this->password )
329			);
330			$this->password = null;
331			}
332
333			$out->addReturnTo( $this->getPageTitle() );
334			}
335
336			protected function getGroupName() {
337			return 'users';
338			}
339
340			protected function getDisplayFormat() {
341			return 'ooui';
342			}
343			}
344

wikimedia / mediawiki

SpecialBotPasswords::checkExecutePermissions() A last analyzed 2016-11-13 17:42 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

SpecialBotPasswords::checkExecutePermissions() A
last analyzed 2016-11-13 17:42 UTC