Code Coverage for /workspace/src/extensions/OAuth/src/Control/DAOAccessControl.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 23	0.00% covered (danger)	0.00%	0 / 7	CRAP	0.00% covered (danger)	0.00%	0 / 1
DAOAccessControl	0.00% covered (danger)	0.00%	0 / 23	0.00% covered (danger)	0.00%	0 / 7	272	0.00% covered (danger)	0.00%	0 / 1
__construct	0.00% covered (danger)	0.00%	0 / 2	0.00% covered (danger)	0.00%	0 / 1	2
wrap	0.00% covered (danger)	0.00%	0 / 5	0.00% covered (danger)	0.00%	0 / 1	20
getDAO	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2
escapeForWikitext	0.00% covered (danger)	0.00%	0 / 3	0.00% covered (danger)	0.00%	0 / 1	6
escapeForHtml	0.00% covered (danger)	0.00%	0 / 3	0.00% covered (danger)	0.00%	0 / 1	6
get	0.00% covered (danger)	0.00%	0 / 5	0.00% covered (danger)	0.00%	0 / 1	12
userCanAccess	0.00% covered (danger)	0.00%	0 / 4	0.00% covered (danger)	0.00%	0 / 1	12

1	<?php
2	/**
3	* (c) Aaron Schulz 2013, GPL
4	*
5	* @license GPL-2.0-or-later
6	*/
7
8	namespace MediaWiki\Extension\OAuth\Control;
9
10	use LogicException;
11	use MediaWiki\Context\ContextSource;
12	use MediaWiki\Context\IContextSource;
13	use MediaWiki\Extension\OAuth\Backend\MWOAuthDAO;
14	use MediaWiki\Message\Message;
15
16	/**
17	* Wrapper of an MWOAuthDAO that handles authorization to view fields
18	*/
19	class DAOAccessControl extends ContextSource {
20	/** @var MWOAuthDAO */
21	protected $dao;
22
23	/**
24	* @param MWOAuthDAO $dao
25	* @param IContextSource $context
26	*/
27	final protected function __construct( MWOAuthDAO $dao, IContextSource $context ) {
28	$this->dao = $dao;
29	$this->setContext( $context );
30	}
31
32	/**
33	* @param MWOAuthDAO\|false\|null $dao
34	* @param IContextSource $context
35	* @throws LogicException
36	* @return static\|null\|false
37	*/
38	final public static function wrap( $dao, IContextSource $context ) {
39	if ( $dao instanceof MWOAuthDAO ) {
40	return new static( $dao, $context );
41	} elseif ( $dao === null \|\| $dao === false ) {
42	return $dao;
43	} else {
44	throw new LogicException( "Expected MWOAuthDAO object, null, or false." );
45	}
46	}
47
48	/**
49	* @return MWOAuthDAO
50	*/
51	public function getDAO() {
52	return $this->dao;
53	}
54
55	/**
56	* Helper to make return value of get() safe for wikitext
57	*
58	* @param Message\|string $value
59	* @return string For use in wikitext
60	* @param-taint $value escapes_escaped
61	*/
62	final public function escapeForWikitext( $value ) {
63	if ( $value instanceof Message ) {
64	return wfEscapeWikiText( $value->plain() );
65	} else {
66	return wfEscapeWikiText( $value );
67	}
68	}
69
70	/**
71	* Helper to make return value of get() safe for HTML
72	*
73	* @param Message\|string $value
74	* @return string HTML escaped
75	* @param-taint $value escapes_escaped
76	*/
77	final public function escapeForHtml( $value ) {
78	if ( $value instanceof Message ) {
79	return $value->parse();
80	} else {
81	return htmlspecialchars( $value );
82	}
83	}
84
85	/**
86	* Get the value of a field, taking into account user permissions.
87	* An appropriate Message will be returned if access is denied.
88	*
89	* @param string $name
90	* @param callback\|null $sCallback Optional callback to apply to result on access success
91	* @return mixed Returns a Message on access failure
92	*/
93	final public function get( $name, $sCallback = null ) {
94	$msg = $this->dao->userCanAccess( $name, $this->getContext() );
95	if ( $msg !== true ) {
96	// should be a Message object
97	return $msg;
98	} else {
99	$value = $this->dao->get( $name );
100	return $sCallback ? $sCallback( $value ) : $value;
101	}
102	}
103
104	/**
105	* Check whether the user can access the given field(s).
106	* @param string\|array $names A field name or a list of names.
107	* @return bool
108	*/
109	final public function userCanAccess( $names ) {
110	foreach ( (array)$names as $name ) {
111	if ( !$this->dao->userCanAccess( $name, $this->getContext() ) ) {
112	return false;
113	}
114	}
115	return true;
116	}
117	}