Moved authentication related macros out of MisuzuContext.

This commit is contained in:
flash 2023-09-06 20:06:07 +00:00
parent 73e4597e16
commit 15e96684c2
32 changed files with 132 additions and 120 deletions

View file

@ -4,7 +4,8 @@ namespace Misuzu;
use Exception;
use Misuzu\Auth\AuthTokenCookie;
if($msz->isLoggedIn()) {
$authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
url_redirect('index');
return;
}
@ -136,7 +137,7 @@ while(!empty($_POST['login']) && is_array($_POST['login'])) {
break;
}
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder();
$tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
$tokenBuilder->setUserId($userInfo);
$tokenBuilder->setSessionToken($sessionInfo);
$tokenBuilder->removeImpersonatedUserId();

View file

@ -3,13 +3,14 @@ namespace Misuzu;
use Misuzu\Auth\AuthTokenCookie;
if($msz->isLoggedIn()) {
$authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
if(!CSRF::validateRequest()) {
Template::render('auth.logout');
return;
}
$tokenInfo = $msz->getAuthInfo()->getTokenInfo();
$tokenInfo = $authInfo->getTokenInfo();
$msz->getSessions()->deleteSessions(sessionTokens: $tokenInfo->getSessionToken());

View file

@ -4,7 +4,8 @@ namespace Misuzu;
use RuntimeException;
use Misuzu\Users\User;
if($msz->isLoggedIn()) {
$authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
url_redirect('settings-account');
return;
}

View file

@ -4,7 +4,8 @@ namespace Misuzu;
use RuntimeException;
use Misuzu\Users\User;
if($msz->isLoggedIn()) {
$authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
url_redirect('index');
return;
}

View file

@ -5,7 +5,8 @@ use RuntimeException;
use Misuzu\TOTPGenerator;
use Misuzu\Auth\AuthTokenCookie;
if($msz->isLoggedIn()) {
$authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
url_redirect('index');
return;
}
@ -84,7 +85,7 @@ while(!empty($twofactor)) {
break;
}
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder();
$tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
$tokenBuilder->setUserId($userInfo);
$tokenBuilder->setSessionToken($sessionInfo);
$tokenBuilder->removeImpersonatedUserId();

View file

@ -3,6 +3,7 @@ namespace Misuzu;
use RuntimeException;
$usersCtx = $msz->getUsersContext();
$redirect = filter_input(INPUT_GET, 'return') ?? $_SERVER['HTTP_REFERER'] ?? url('index');
if(!is_local_url($redirect))
@ -11,16 +12,17 @@ if(!is_local_url($redirect))
if(!CSRF::validateRequest())
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::displayInfo('You must be logged in to manage comments.', 403);
if($msz->hasActiveBan())
$currentUserInfo = $authInfo->getUserInfo();
if($usersCtx->hasActiveBan($currentUserInfo))
Template::displayInfo('You have been banned, check your profile for more information.', 403);
$currentUserInfo = $msz->getActiveUser();
$comments = $msz->getComments();
$perms = $msz->getAuthInfo()->getPerms('global');
$perms = $authInfo->getPerms('global');
$commentId = (string)filter_input(INPUT_GET, 'c', FILTER_SANITIZE_NUMBER_INT);
$commentMode = (string)filter_input(INPUT_GET, 'm');

View file

@ -15,15 +15,16 @@ try {
Template::throwError(404);
}
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo);
$authInfo = $msz->getAuthInfo();
$perms = $authInfo->getPerms('forum', $categoryInfo);
$currentUser = $msz->getActiveUser();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
if(!$perms->check(Perm::F_CATEGORY_VIEW))
Template::throwError(403);
if($msz->hasActiveBan())
if($usersCtx->hasActiveBan($currentUser))
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
if($categoryInfo->isLink()) {
@ -52,7 +53,7 @@ if($categoryInfo->mayHaveChildren()) {
$children = $forum->getCategoryChildren($categoryInfo, hidden: false, asTree: true);
foreach($children as $childId => $child) {
$childPerms = $msz->getAuthInfo()->getPerms('forum', $child->info);
$childPerms = $authInfo->getPerms('forum', $child->info);
if(!$childPerms->check(Perm::F_CATEGORY_LIST)) {
unset($category->children[$childId]);
continue;
@ -62,7 +63,7 @@ if($categoryInfo->mayHaveChildren()) {
if($child->info->mayHaveChildren()) {
foreach($child->children as $grandChildId => $grandChild) {
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChild->info);
$grandChildPerms = $authInfo->getPerms('forum', $grandChild->info);
if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) {
unset($child->children[$grandChildId]);
continue;
@ -73,7 +74,7 @@ if($categoryInfo->mayHaveChildren()) {
if($grandChild->info->mayHaveTopics()) {
$catIds = [$grandChild->info->getId()];
foreach($grandChild->childIds as $greatGrandChildId) {
$greatGrandChildPerms = $msz->getAuthInfo()->getPerms('forum', $greatGrandChildId);
$greatGrandChildPerms = $authInfo->getPerms('forum', $greatGrandChildId);
if(!$greatGrandChildPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $greatGrandChildId;
}
@ -91,7 +92,7 @@ if($categoryInfo->mayHaveChildren()) {
if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) {
$catIds = [$child->info->getId()];
foreach($child->childIds as $grandChildId) {
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChildId);
$grandChildPerms = $authInfo->getPerms('forum', $grandChildId);
if($grandChildPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $grandChildId;
}

View file

@ -8,11 +8,12 @@ $forum = $msz->getForum();
$usersCtx = $msz->getUsersContext();
$mode = (string)filter_input(INPUT_GET, 'm');
$currentUser = $msz->getActiveUser();
$authInfo = $msz->getAuthInfo();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
if($mode === 'mark') {
if(!$msz->isLoggedIn())
if(!$authInfo->isLoggedIn())
Template::throwError(403);
$categoryId = filter_input(INPUT_GET, 'f', FILTER_SANITIZE_NUMBER_INT);
@ -23,7 +24,7 @@ if($mode === 'mark') {
: $forum->getCategoryChildren(parentInfo: $categoryId, includeSelf: true);
foreach($categoryInfos as $categoryInfo) {
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo);
$perms = $authInfo->getPerms('forum', $categoryInfo);
if($perms->check(Perm::F_CATEGORY_LIST))
$forum->updateUserReadCategory($userInfo, $categoryInfo);
}
@ -49,7 +50,7 @@ if($mode !== '')
$categories = $forum->getCategories(hidden: false, asTree: true);
foreach($categories as $categoryId => $category) {
$perms = $msz->getAuthInfo()->getPerms('forum', $category->info);
$perms = $authInfo->getPerms('forum', $category->info);
if(!$perms->check(Perm::F_CATEGORY_LIST)) {
unset($categories[$categoryId]);
continue;
@ -59,7 +60,7 @@ foreach($categories as $categoryId => $category) {
if($category->info->mayHaveChildren())
foreach($category->children as $childId => $child) {
$childPerms = $msz->getAuthInfo()->getPerms('forum', $child->info);
$childPerms = $authInfo->getPerms('forum', $child->info);
if(!$childPerms->check(Perm::F_CATEGORY_LIST)) {
unset($category->children[$childId]);
continue;
@ -70,7 +71,7 @@ foreach($categories as $categoryId => $category) {
if($category->info->isListing()) {
if($child->info->mayHaveChildren()) {
foreach($child->children as $grandChildId => $grandChild) {
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChild->info);
$grandChildPerms = $authInfo->getPerms('forum', $grandChild->info);
if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) {
unset($child->children[$grandChildId]);
continue;
@ -81,7 +82,7 @@ foreach($categories as $categoryId => $category) {
if($grandChild->info->mayHaveTopics()) {
$catIds = [$grandChild->info->getId()];
foreach($grandChild->childIds as $greatGrandChildId) {
$greatGrandChildPerms = $msz->getAuthInfo()->getPerms('forum', $greatGrandChildId);
$greatGrandChildPerms = $authInfo->getPerms('forum', $greatGrandChildId);
if($greatGrandChildPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $greatGrandChildId;
}
@ -99,7 +100,7 @@ foreach($categories as $categoryId => $category) {
if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) {
$catIds = [$child->info->getId()];
foreach($child->childIds as $grandChildId) {
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChildId);
$grandChildPerms = $authInfo->getPerms('forum', $grandChildId);
if($grandChildPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $grandChildId;
}
@ -152,7 +153,7 @@ foreach($categories as $categoryId => $category) {
if($category->info->mayHaveChildren() || $category->info->mayHaveTopics()) {
$catIds = [$category->info->getId()];
foreach($category->childIds as $childId) {
$childPerms = $msz->getAuthInfo()->getPerms('forum', $childId);
$childPerms = $authInfo->getPerms('forum', $childId);
if($childPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $childId;
}

View file

@ -4,6 +4,7 @@ namespace Misuzu;
use RuntimeException;
$forum = $msz->getForum();
$usersCtx = $msz->getUsersContext();
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
$postMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
@ -11,13 +12,14 @@ $submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) &
$postRequestVerified = CSRF::validateRequest();
if(!empty($postMode) && !$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!empty($postMode) && !$authInfo->isLoggedIn())
Template::displayInfo('You must be logged in to manage posts.', 401);
$currentUser = $msz->getActiveUser();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
if($postMode !== '' && $msz->hasActiveBan())
if($postMode !== '' && $usersCtx->hasActiveBan($currentUser))
Template::displayInfo('You have been banned, check your profile for more information.', 403);
try {
@ -26,7 +28,7 @@ try {
Template::throwError(404);
}
$perms = $msz->getAuthInfo()->getPerms('forum', $postInfo->getCategoryId());
$perms = $authInfo->getPerms('forum', $postInfo->getCategoryId());
if(!$perms->check(Perm::F_CATEGORY_VIEW))
Template::throwError(403);

View file

@ -7,17 +7,18 @@ use Index\DateTime;
use Misuzu\Forum\ForumTopicInfo;
use Misuzu\Parsers\Parser;
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401);
$currentUser = $msz->getActiveUser();
$currentUserId = $currentUser->getId();
if($msz->hasActiveBan())
Template::throwError(403);
$forum = $msz->getForum();
$usersCtx = $msz->getUsersContext();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser->getId();
if($usersCtx->hasActiveBan($currentUser))
Template::throwError(403);
$userPostsCounts = [];
$forumPostingModes = [
@ -104,7 +105,7 @@ if(empty($forumId)) {
$hasCategoryInfo = true;
}
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo);
$perms = $authInfo->getPerms('forum', $categoryInfo);
if($categoryInfo->isArchived()
|| (isset($topicInfo) && $topicInfo->isLocked() && !$perms->check(Perm::F_TOPIC_LOCK))

View file

@ -13,7 +13,8 @@ $categoryId = null;
$moderationMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
$submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1';
$currentUser = $msz->getActiveUser();
$authInfo = $msz->getAuthInfo();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
if($topicId < 1 && $postId > 0) {
@ -24,7 +25,7 @@ if($topicId < 1 && $postId > 0) {
}
$categoryId = $postInfo->getCategoryId();
$perms = $msz->getAuthInfo()->getPerms('forum', $postInfo->getCategoryId());
$perms = $authInfo->getPerms('forum', $postInfo->getCategoryId());
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
if($postInfo->isDeleted() && !$canDeleteAny)
@ -50,10 +51,10 @@ if(!$topicIsNuked) {
if($categoryId !== (int)$topicInfo->getCategoryId()) {
$categoryId = (int)$topicInfo->getCategoryId();
$perms = $msz->getAuthInfo()->getPerms('forum', $topicInfo->getCategoryId());
$perms = $authInfo->getPerms('forum', $topicInfo->getCategoryId());
}
if($msz->hasActiveBan())
if($usersCtx->hasActiveBan($currentUser))
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
@ -106,10 +107,11 @@ if(in_array($moderationMode, $validModerationModes, true)) {
if(!CSRF::validateRequest())
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
if(!$msz->isLoggedIn())
$authInfo = $authInfo;
if(!$authInfo->isLoggedIn())
Template::displayInfo('You must be logged in to manage posts.', 401);
if($msz->hasActiveBan())
if($usersCtx->hasActiveBan($currentUser))
Template::displayInfo('You have been banned, check your profile for more information.', 403);
switch($moderationMode) {

View file

@ -7,7 +7,8 @@ use Index\DateTime;
use Index\XArray;
use Misuzu\Changelog\Changelog;
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_CL_CHANGES_MANAGE))
$authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('global')->check(Perm::G_CL_CHANGES_MANAGE))
Template::throwError(403);
$changeActions = [];
@ -113,5 +114,5 @@ Template::render('manage.changelog.change', [
'change_info_tags' => $changeTagIds,
'change_tags' => $tagInfos,
'change_actions' => $changeActions,
'change_author_id' => $msz->getActiveUser()->getId(),
'change_author_id' => $authInfo->getUserInfo(),
]);

View file

@ -1,7 +1,8 @@
<?php
namespace Misuzu;
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_FORUM_TOPIC_REDIRS_MANAGE))
$authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('global')->check(Perm::G_FORUM_TOPIC_REDIRS_MANAGE))
Template::throwError(403);
$forum = $msz->getForum();
@ -14,7 +15,7 @@ if($_SERVER['REQUEST_METHOD'] === 'POST') {
$rTopicURL = trim((string)filter_input(INPUT_POST, 'topic_redir_url'));
$msz->createAuditLog('FORUM_TOPIC_REDIR_CREATE', [$rTopicId]);
$forum->createTopicRedirect($rTopicId, $msz->getActiveUser(), $rTopicURL);
$forum->createTopicRedirect($rTopicId, $authInfo->getUserInfo(), $rTopicURL);
url_redirect('manage-forum-topic-redirs');
return;
}

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use RuntimeException;
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_NEWS_POSTS_MANAGE))
$authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('global')->check(Perm::G_NEWS_POSTS_MANAGE))
Template::throwError(403);
$news = $msz->getNews();
@ -37,7 +38,7 @@ while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$body = trim((string)filter_input(INPUT_POST, 'np_body'));
if($isNew) {
$postInfo = $news->createPost($category, $title, $body, $featured, $msz->getActiveUser());
$postInfo = $news->createPost($category, $title, $body, $featured, $authInfo->getUserInfo());
} else {
if($category === $postInfo->getCategoryId())
$category = null;

View file

@ -5,7 +5,8 @@ use DateTimeInterface;
use RuntimeException;
use Index\DateTime;
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_BANS_MANAGE))
$authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('user')->check(Perm::U_BANS_MANAGE))
Template::throwError(403);
$usersCtx = $msz->getUsersContext();
@ -33,7 +34,7 @@ try {
Template::throwError(404);
}
$modInfo = $msz->getActiveUser();
$modInfo = $authInfo->getUserInfo();
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$expires = (int)filter_input(INPUT_POST, 'ub_expires', FILTER_SANITIZE_NUMBER_INT);

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use RuntimeException;
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_NOTES_MANAGE))
$authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('user')->check(Perm::U_NOTES_MANAGE))
Template::throwError(403);
$hasNoteId = filter_has_var(INPUT_GET, 'n');
@ -24,7 +25,7 @@ if($hasUserId) {
Template::throwError(404);
}
$authorInfo = $msz->getActiveUser();
$authorInfo = $authInfo->getUserInfo();
} elseif($hasNoteId) {
$isNew = false;

View file

@ -6,7 +6,8 @@ use Index\Colour\Colour;
use Index\Colour\ColourRGB;
use Misuzu\Perm;
$viewerPerms = $msz->getAuthInfo()->getPerms('user');
$authInfo = $msz->getAuthInfo();
$viewerPerms = $authInfo->getPerms('user');
if(!$viewerPerms->check(Perm::U_ROLES_MANAGE))
Template::throwError(403);
@ -26,7 +27,7 @@ if(filter_has_var(INPUT_GET, 'r')) {
}
} else $isNew = true;
$currentUser = $msz->getActiveUser();
$currentUser = $authInfo->getUserInfo();
$canEditPerms = $viewerPerms->check(Perm::U_PERMS_MANAGE);
$permsInfos = $perms->getPermissionInfo(roleInfo: $roleInfo, categoryNames: Perm::INFO_FOR_ROLE);

View file

@ -7,8 +7,9 @@ use Misuzu\Perm;
use Misuzu\Auth\AuthTokenCookie;
use Misuzu\Users\User;
$viewerPerms = $msz->getAuthInfo()->getPerms('user');
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
$viewerPerms = $authInfo->getPerms('user');
if(!$authInfo->isLoggedIn())
Template::throwError(403);
$usersCtx = $msz->getUsersContext();
@ -16,7 +17,7 @@ $users = $usersCtx->getUsers();
$roles = $usersCtx->getRoles();
$perms = $msz->getPerms();
$currentUser = $msz->getActiveUser();
$currentUser = $authInfo->getUserInfo();
$canManageUsers = $viewerPerms->check(Perm::U_USERS_MANAGE);
$canManagePerms = $viewerPerms->check(Perm::U_PERMS_MANAGE);
@ -66,7 +67,7 @@ if(CSRF::validateRequest() && $canEdit) {
if($allowToImpersonate) {
$msz->createAuditLog('USER_IMPERSONATE', [$userInfo->getId(), $userInfo->getName()]);
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder();
$tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
$tokenBuilder->setImpersonatedUserId($userInfo->getId());
$tokenInfo = $tokenBuilder->toInfo();

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use RuntimeException;
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_WARNINGS_MANAGE))
$authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('user')->check(Perm::U_WARNINGS_MANAGE))
Template::throwError(403);
$usersCtx = $msz->getUsersContext();
@ -32,7 +33,7 @@ try {
Template::throwError(404);
}
$modInfo = $msz->getActiveUser();
$modInfo = $authInfo->getUserInfo();
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$body = trim((string)filter_input(INPUT_POST, 'uw_body'));

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use RuntimeException;
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(403);
// TODO: restore forum-topics and forum-posts orderings
@ -74,7 +75,7 @@ if($roleId === null) {
}
}
$canManageUsers = $msz->getAuthInfo()->getPerms('user')->check(Perm::U_USERS_MANAGE);
$canManageUsers = $authInfo->getPerms('user')->check(Perm::U_USERS_MANAGE);
$deleted = $canManageUsers ? null : false;
$rolesAll = $roles->getRoles(hidden: false);

View file

@ -19,7 +19,8 @@ $usersCtx = $msz->getUsersContext();
$users = $usersCtx->getUsers();
$forum = $msz->getForum();
$viewerInfo = $msz->getActiveUser();
$authInfo = $msz->getAuthInfo();
$viewerInfo = $authInfo->getUserInfo();
$viewingAsGuest = $viewerInfo === null;
$viewerId = $viewingAsGuest ? '0' : $viewerInfo->getId();
@ -66,9 +67,9 @@ $notices = [];
$userRank = $usersCtx->getUserRank($userInfo);
$viewerRank = $usersCtx->getUserRank($viewerInfo);
$viewerPerms = $msz->getAuthInfo()->getPerms('user');
$viewerPerms = $authInfo->getPerms('user');
$activeBanInfo = $msz->tryGetActiveBan($userInfo);
$activeBanInfo = $usersCtx->tryGetActiveBan($userInfo);
$isBanned = $activeBanInfo !== null;
$profileFields = $msz->getProfileFields();
$viewingOwnProfile = (string)$viewerId === $userInfo->getId();

View file

@ -6,7 +6,8 @@ use RuntimeException;
use Index\XArray;
use Misuzu\Comments\CommentsCategory;
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(403);
$searchQuery = !empty($_GET['q']) && is_string($_GET['q']) ? $_GET['q'] : '';
@ -74,12 +75,12 @@ if(!empty($searchQuery)) {
}
if(empty($searchQueryEvaluated['type']) || str_starts_with($searchQueryEvaluated['type'], 'forum')) {
$currentUser = $msz->getActiveUser();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? 0 : (int)$currentUser->getId();
$forumCategoryIds = XArray::where(
$forum->getCategories(hidden: false),
fn($categoryInfo) => $categoryInfo->mayHaveTopics() && $msz->getAuthInfo()->getPerms('forum', $categoryInfo)->check(Perm::F_CATEGORY_VIEW)
fn($categoryInfo) => $categoryInfo->mayHaveTopics() && $authInfo->getPerms('forum', $categoryInfo)->check(Perm::F_CATEGORY_VIEW)
);
$forumTopicInfos = $forum->getTopics(categoryInfo: $forumCategoryIds, deleted: false, searchQuery: $searchQueryEvaluated);

View file

@ -6,15 +6,16 @@ use Misuzu\Users\User;
use chillerlan\QRCode\QRCode;
use chillerlan\QRCode\QROptions;
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401);
$errors = [];
$usersCtx = $msz->getUsersContext();
$users = $usersCtx->getUsers();
$roles = $usersCtx->getRoles();
$userInfo = $msz->getActiveUser();
$isRestricted = $msz->hasActiveBan();
$userInfo = $authInfo->getUserInfo();
$isRestricted = $usersCtx->hasActiveBan($userInfo);
$isVerifiedRequest = CSRF::validateRequest();
if(!$isRestricted && $isVerifiedRequest && !empty($_POST['role'])) {

View file

@ -6,7 +6,8 @@ use Index\XString;
use Index\IO\FileStream;
use Misuzu\Users\UserInfo;
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401);
$dbConn = $msz->getDbConn();
@ -98,7 +99,7 @@ function db_to_zip(ZipArchive $archive, UserInfo $userInfo, string $baseName, ar
}
$errors = [];
$userInfo = $msz->getActiveUser();
$userInfo = $authInfo->getUserInfo();
if(isset($_POST['action']) && is_string($_POST['action'])) {
if(isset($_POST['password']) && is_string($_POST['password'])

View file

@ -1,7 +1,8 @@
<?php
namespace Misuzu;
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401);
url_redirect('settings-account');

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use Misuzu\Pagination;
$currentUser = $msz->getActiveUser();
$authInfo = $msz->getAuthInfo();
$currentUser = $authInfo->getUserInfo();
if($currentUser === null)
Template::throwError(401);

View file

@ -3,13 +3,14 @@ namespace Misuzu;
use RuntimeException;
if(!$msz->isLoggedIn())
$authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401);
$errors = [];
$sessions = $msz->getSessions();
$currentUser = $msz->getActiveUser();
$activeSessionId = $msz->getAuthInfo()->getSessionId();
$currentUser = $authInfo->getUserInfo();
$activeSessionId = $authInfo->getSessionId();
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$sessionId = (string)filter_input(INPUT_POST, 'session');

View file

@ -117,11 +117,12 @@ if($tokenInfo->hasUserId() && $tokenInfo->hasSessionToken()) {
}
}
$msz->getAuthInfo()->setInfo($tokenInfo, $userInfo, $sessionInfo, $userInfoReal);
$authInfo = $msz->getAuthInfo();
$authInfo->setInfo($tokenInfo, $userInfo, $sessionInfo, $userInfoReal);
CSRF::init(
$cfg->getString('csrf.secret', 'soup'),
($msz->isLoggedIn() ? $sessionInfo->getToken() : $_SERVER['REMOTE_ADDR'])
($authInfo->isLoggedIn() ? $sessionInfo->getToken() : $_SERVER['REMOTE_ADDR'])
);
$msz->startTemplating();

View file

@ -183,32 +183,9 @@ class MisuzuContext {
return $this->authInfo;
}
// isLoggedIn and getActiveUser are proxied for convenience, supply authInfo to things in the future
public function isLoggedIn(): bool {
return $this->authInfo->isLoggedIn();
}
public function getActiveUser(): ?UserInfo {
return $this->authInfo->getUserInfo();
}
public function tryGetActiveBan(UserInfo|string|null $userInfo = null): ?BanInfo {
if($userInfo === null) {
if($this->isLoggedIn())
$userInfo = $this->getActiveUser();
else return null;
}
return $this->usersCtx->tryGetActiveBan($userInfo);
}
public function hasActiveBan(UserInfo|string|null $userInfo = null): bool {
return $this->tryGetActiveBan($userInfo) !== null;
}
public function createAuditLog(string $action, array $params = [], UserInfo|string|null $userInfo = null): void {
if($userInfo === null && $this->isLoggedIn())
$userInfo = $this->getActiveUser();
if($userInfo === null && $this->authInfo->isLoggedIn())
$userInfo = $this->authInfo->getUserInfo();
$this->auditLog->createLog(
$userInfo,
@ -221,8 +198,9 @@ class MisuzuContext {
private ?bool $hasManageAccess = null;
public function hasManageAccess(): bool {
$this->hasManageAccess ??= $this->authInfo->isLoggedIn() && !$this->hasActiveBan()
&& $this->getAuthInfo()->getPerms('global')->check(Perm::G_IS_JANITOR);
$this->hasManageAccess ??= $this->authInfo->isLoggedIn()
&& !$this->usersCtx->hasActiveBan($this->authInfo->getUserInfo())
&& $this->authInfo->getPerms('global')->check(Perm::G_IS_JANITOR);
return $this->hasManageAccess;
}
@ -245,12 +223,11 @@ class MisuzuContext {
['eeprom.app:s', '', 'eeprom_app'],
]);
$authInfo = $this->getAuthInfo();
$globals['assets'] = $this->getWebAssetInfo();
$globals['auth_info'] = $authInfo;
$globals['active_ban_info'] = $this->tryGetActiveBan();
$globals['auth_info'] = $this->authInfo;
$globals['active_ban_info'] = $this->usersCtx->tryGetActiveBan($this->authInfo->getUserInfo());
$globals['display_timings_info'] = MSZ_DEBUG
|| $authInfo->getPerms('global')->check(Perm::G_TIMINGS_VIEW);
|| $this->authInfo->getPerms('global')->check(Perm::G_TIMINGS_VIEW);
$templating = new SasaeEnvironment(
MSZ_TEMPLATES,

View file

@ -129,6 +129,7 @@ final class MisuzuSasaeExtension extends AbstractExtension {
public function getUserMenu(bool $inBroomCloset, string $manageUrl = ''): array {
$menu = [];
$authInfo = $this->ctx->getAuthInfo();
$usersCtx = $this->ctx->getUsersContext();
if($authInfo->isLoggedIn()) {
$userInfo = $authInfo->getUserInfo();
@ -149,7 +150,7 @@ final class MisuzuSasaeExtension extends AbstractExtension {
'icon' => 'fas fa-search fa-fw',
];
if(!$this->ctx->hasActiveBan($userInfo) && $authInfo->getPerms('global')->check(Perm::G_IS_JANITOR)) {
if(!$usersCtx->hasActiveBan($userInfo) && $authInfo->getPerms('global')->check(Perm::G_IS_JANITOR)) {
// restore behaviour where clicking this button switches between
// site version and broom version
if($inBroomCloset)

View file

@ -317,7 +317,7 @@ final class SharpChatRoutes implements IRouteHandler {
$userId = '';
}
$banInfo = $this->usersCtx->getBans()->tryGetActiveBan($userId);
$banInfo = $this->usersCtx->tryGetActiveBan($userId);
if($banInfo === null)
return ['is_ban' => false];
@ -421,7 +421,7 @@ final class SharpChatRoutes implements IRouteHandler {
if($type !== 'user')
return 404;
$banInfo = $this->usersCtx->getBans()->tryGetActiveBan($subject);
$banInfo = $this->usersCtx->tryGetActiveBan($subject);
if($banInfo === null)
return 404;

View file

@ -94,7 +94,10 @@ class UsersContext {
return $this->activeBans[$userInfo];
}
public function hasActiveBan(UserInfo|string|null $userInfo = null): bool {
return $this->tryGetActiveBan($userInfo) !== null;
public function hasActiveBan(
UserInfo|string|null $userInfo = null,
int $minimumSeverity = Bans::SEVERITY_MIN
): bool {
return $this->tryGetActiveBan($userInfo, $minimumSeverity) !== null;
}
}