Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 23 |
|
0.00% |
0 / 7 |
CRAP | |
0.00% |
0 / 1 |
DAOAccessControl | |
0.00% |
0 / 23 |
|
0.00% |
0 / 7 |
272 | |
0.00% |
0 / 1 |
__construct | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
wrap | |
0.00% |
0 / 5 |
|
0.00% |
0 / 1 |
20 | |||
getDAO | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
escapeForWikitext | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
escapeForHtml | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
get | |
0.00% |
0 / 5 |
|
0.00% |
0 / 1 |
12 | |||
userCanAccess | |
0.00% |
0 / 4 |
|
0.00% |
0 / 1 |
12 |
1 | <?php |
2 | /** |
3 | * (c) Aaron Schulz 2013, GPL |
4 | * |
5 | * This program is free software; you can redistribute it and/or modify |
6 | * it under the terms of the GNU General Public License as published by |
7 | * the Free Software Foundation; either version 2 of the License, or |
8 | * (at your option) any later version. |
9 | * |
10 | * This program is distributed in the hope that it will be useful, |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 | * GNU General Public License for more details. |
14 | * |
15 | * You should have received a copy of the GNU General Public License along |
16 | * with this program; if not, write to the Free Software Foundation, Inc., |
17 | * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
18 | * http://www.gnu.org/copyleft/gpl.html |
19 | */ |
20 | |
21 | namespace MediaWiki\Extension\OAuth\Control; |
22 | |
23 | use ContextSource; |
24 | use IContextSource; |
25 | use LogicException; |
26 | use MediaWiki\Extension\OAuth\Backend\MWOAuthDAO; |
27 | use Message; |
28 | |
29 | /** |
30 | * Wrapper of an MWOAuthDAO that handles authorization to view fields |
31 | */ |
32 | class DAOAccessControl extends ContextSource { |
33 | /** @var MWOAuthDAO */ |
34 | protected $dao; |
35 | |
36 | /** |
37 | * @param MWOAuthDAO $dao |
38 | * @param IContextSource $context |
39 | */ |
40 | final protected function __construct( MWOAuthDAO $dao, IContextSource $context ) { |
41 | $this->dao = $dao; |
42 | $this->setContext( $context ); |
43 | } |
44 | |
45 | /** |
46 | * @param MWOAuthDAO|false|null $dao |
47 | * @param IContextSource $context |
48 | * @throws LogicException |
49 | * @return static|null|false |
50 | */ |
51 | final public static function wrap( $dao, IContextSource $context ) { |
52 | if ( $dao instanceof MWOAuthDAO ) { |
53 | return new static( $dao, $context ); |
54 | } elseif ( $dao === null || $dao === false ) { |
55 | return $dao; |
56 | } else { |
57 | throw new LogicException( "Expected MWOAuthDAO object, null, or false." ); |
58 | } |
59 | } |
60 | |
61 | /** |
62 | * @return MWOAuthDAO |
63 | */ |
64 | public function getDAO() { |
65 | return $this->dao; |
66 | } |
67 | |
68 | /** |
69 | * Helper to make return value of get() safe for wikitext |
70 | * |
71 | * @param Message|string $value |
72 | * @return string For use in wikitext |
73 | * @param-taint $value escapes_escaped |
74 | */ |
75 | final public function escapeForWikitext( $value ) { |
76 | if ( $value instanceof Message ) { |
77 | return wfEscapeWikiText( $value->plain() ); |
78 | } else { |
79 | return wfEscapeWikiText( $value ); |
80 | } |
81 | } |
82 | |
83 | /** |
84 | * Helper to make return value of get() safe for HTML |
85 | * |
86 | * @param Message|string $value |
87 | * @return string HTML escaped |
88 | * @param-taint $value escapes_escaped |
89 | */ |
90 | final public function escapeForHtml( $value ) { |
91 | if ( $value instanceof Message ) { |
92 | return $value->parse(); |
93 | } else { |
94 | return htmlspecialchars( $value ); |
95 | } |
96 | } |
97 | |
98 | /** |
99 | * Get the value of a field, taking into account user permissions. |
100 | * An appropriate Message will be returned if access is denied. |
101 | * |
102 | * @param string $name |
103 | * @param callback|null $sCallback Optional callback to apply to result on access success |
104 | * @return mixed Returns a Message on access failure |
105 | */ |
106 | final public function get( $name, $sCallback = null ) { |
107 | $msg = $this->dao->userCanAccess( $name, $this->getContext() ); |
108 | if ( $msg !== true ) { |
109 | // should be a Message object |
110 | return $msg; |
111 | } else { |
112 | $value = $this->dao->get( $name ); |
113 | return $sCallback ? call_user_func( $sCallback, $value ) : $value; |
114 | } |
115 | } |
116 | |
117 | /** |
118 | * Check whether the user can access the given field(s). |
119 | * @param string|array $names A field name or a list of names. |
120 | * @return bool |
121 | */ |
122 | final public function userCanAccess( $names ) { |
123 | foreach ( (array)$names as $name ) { |
124 | if ( !$this->dao->userCanAccess( $name, $this->getContext() ) ) { |
125 | return false; |
126 | } |
127 | } |
128 | return true; |
129 | } |
130 | } |