Moved authentication related macros out of MisuzuContext.

This commit is contained in:
flash 2023-09-06 20:06:07 +00:00
parent 73e4597e16
commit 15e96684c2
32 changed files with 132 additions and 120 deletions

View file

@ -4,7 +4,8 @@ namespace Misuzu;
use Exception; use Exception;
use Misuzu\Auth\AuthTokenCookie; use Misuzu\Auth\AuthTokenCookie;
if($msz->isLoggedIn()) { $authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
url_redirect('index'); url_redirect('index');
return; return;
} }
@ -136,7 +137,7 @@ while(!empty($_POST['login']) && is_array($_POST['login'])) {
break; break;
} }
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder(); $tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
$tokenBuilder->setUserId($userInfo); $tokenBuilder->setUserId($userInfo);
$tokenBuilder->setSessionToken($sessionInfo); $tokenBuilder->setSessionToken($sessionInfo);
$tokenBuilder->removeImpersonatedUserId(); $tokenBuilder->removeImpersonatedUserId();

View file

@ -3,13 +3,14 @@ namespace Misuzu;
use Misuzu\Auth\AuthTokenCookie; use Misuzu\Auth\AuthTokenCookie;
if($msz->isLoggedIn()) { $authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
if(!CSRF::validateRequest()) { if(!CSRF::validateRequest()) {
Template::render('auth.logout'); Template::render('auth.logout');
return; return;
} }
$tokenInfo = $msz->getAuthInfo()->getTokenInfo(); $tokenInfo = $authInfo->getTokenInfo();
$msz->getSessions()->deleteSessions(sessionTokens: $tokenInfo->getSessionToken()); $msz->getSessions()->deleteSessions(sessionTokens: $tokenInfo->getSessionToken());

View file

@ -4,7 +4,8 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
use Misuzu\Users\User; use Misuzu\Users\User;
if($msz->isLoggedIn()) { $authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
url_redirect('settings-account'); url_redirect('settings-account');
return; return;
} }

View file

@ -4,7 +4,8 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
use Misuzu\Users\User; use Misuzu\Users\User;
if($msz->isLoggedIn()) { $authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
url_redirect('index'); url_redirect('index');
return; return;
} }

View file

@ -5,7 +5,8 @@ use RuntimeException;
use Misuzu\TOTPGenerator; use Misuzu\TOTPGenerator;
use Misuzu\Auth\AuthTokenCookie; use Misuzu\Auth\AuthTokenCookie;
if($msz->isLoggedIn()) { $authInfo = $msz->getAuthInfo();
if($authInfo->isLoggedIn()) {
url_redirect('index'); url_redirect('index');
return; return;
} }
@ -84,7 +85,7 @@ while(!empty($twofactor)) {
break; break;
} }
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder(); $tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
$tokenBuilder->setUserId($userInfo); $tokenBuilder->setUserId($userInfo);
$tokenBuilder->setSessionToken($sessionInfo); $tokenBuilder->setSessionToken($sessionInfo);
$tokenBuilder->removeImpersonatedUserId(); $tokenBuilder->removeImpersonatedUserId();

View file

@ -3,6 +3,7 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
$usersCtx = $msz->getUsersContext();
$redirect = filter_input(INPUT_GET, 'return') ?? $_SERVER['HTTP_REFERER'] ?? url('index'); $redirect = filter_input(INPUT_GET, 'return') ?? $_SERVER['HTTP_REFERER'] ?? url('index');
if(!is_local_url($redirect)) if(!is_local_url($redirect))
@ -11,16 +12,17 @@ if(!is_local_url($redirect))
if(!CSRF::validateRequest()) if(!CSRF::validateRequest())
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403); Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
if(!$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::displayInfo('You must be logged in to manage comments.', 403); Template::displayInfo('You must be logged in to manage comments.', 403);
if($msz->hasActiveBan()) $currentUserInfo = $authInfo->getUserInfo();
if($usersCtx->hasActiveBan($currentUserInfo))
Template::displayInfo('You have been banned, check your profile for more information.', 403); Template::displayInfo('You have been banned, check your profile for more information.', 403);
$currentUserInfo = $msz->getActiveUser();
$comments = $msz->getComments(); $comments = $msz->getComments();
$perms = $msz->getAuthInfo()->getPerms('global'); $perms = $authInfo->getPerms('global');
$commentId = (string)filter_input(INPUT_GET, 'c', FILTER_SANITIZE_NUMBER_INT); $commentId = (string)filter_input(INPUT_GET, 'c', FILTER_SANITIZE_NUMBER_INT);
$commentMode = (string)filter_input(INPUT_GET, 'm'); $commentMode = (string)filter_input(INPUT_GET, 'm');

View file

@ -15,15 +15,16 @@ try {
Template::throwError(404); Template::throwError(404);
} }
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo); $authInfo = $msz->getAuthInfo();
$perms = $authInfo->getPerms('forum', $categoryInfo);
$currentUser = $msz->getActiveUser(); $currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? '0' : $currentUser->getId(); $currentUserId = $currentUser === null ? '0' : $currentUser->getId();
if(!$perms->check(Perm::F_CATEGORY_VIEW)) if(!$perms->check(Perm::F_CATEGORY_VIEW))
Template::throwError(403); Template::throwError(403);
if($msz->hasActiveBan()) if($usersCtx->hasActiveBan($currentUser))
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW)); $perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
if($categoryInfo->isLink()) { if($categoryInfo->isLink()) {
@ -52,7 +53,7 @@ if($categoryInfo->mayHaveChildren()) {
$children = $forum->getCategoryChildren($categoryInfo, hidden: false, asTree: true); $children = $forum->getCategoryChildren($categoryInfo, hidden: false, asTree: true);
foreach($children as $childId => $child) { foreach($children as $childId => $child) {
$childPerms = $msz->getAuthInfo()->getPerms('forum', $child->info); $childPerms = $authInfo->getPerms('forum', $child->info);
if(!$childPerms->check(Perm::F_CATEGORY_LIST)) { if(!$childPerms->check(Perm::F_CATEGORY_LIST)) {
unset($category->children[$childId]); unset($category->children[$childId]);
continue; continue;
@ -62,7 +63,7 @@ if($categoryInfo->mayHaveChildren()) {
if($child->info->mayHaveChildren()) { if($child->info->mayHaveChildren()) {
foreach($child->children as $grandChildId => $grandChild) { foreach($child->children as $grandChildId => $grandChild) {
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChild->info); $grandChildPerms = $authInfo->getPerms('forum', $grandChild->info);
if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) { if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) {
unset($child->children[$grandChildId]); unset($child->children[$grandChildId]);
continue; continue;
@ -73,7 +74,7 @@ if($categoryInfo->mayHaveChildren()) {
if($grandChild->info->mayHaveTopics()) { if($grandChild->info->mayHaveTopics()) {
$catIds = [$grandChild->info->getId()]; $catIds = [$grandChild->info->getId()];
foreach($grandChild->childIds as $greatGrandChildId) { foreach($grandChild->childIds as $greatGrandChildId) {
$greatGrandChildPerms = $msz->getAuthInfo()->getPerms('forum', $greatGrandChildId); $greatGrandChildPerms = $authInfo->getPerms('forum', $greatGrandChildId);
if(!$greatGrandChildPerms->check(Perm::F_CATEGORY_LIST)) if(!$greatGrandChildPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $greatGrandChildId; $catIds[] = $greatGrandChildId;
} }
@ -91,7 +92,7 @@ if($categoryInfo->mayHaveChildren()) {
if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) { if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) {
$catIds = [$child->info->getId()]; $catIds = [$child->info->getId()];
foreach($child->childIds as $grandChildId) { foreach($child->childIds as $grandChildId) {
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChildId); $grandChildPerms = $authInfo->getPerms('forum', $grandChildId);
if($grandChildPerms->check(Perm::F_CATEGORY_LIST)) if($grandChildPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $grandChildId; $catIds[] = $grandChildId;
} }

View file

@ -8,11 +8,12 @@ $forum = $msz->getForum();
$usersCtx = $msz->getUsersContext(); $usersCtx = $msz->getUsersContext();
$mode = (string)filter_input(INPUT_GET, 'm'); $mode = (string)filter_input(INPUT_GET, 'm');
$currentUser = $msz->getActiveUser(); $authInfo = $msz->getAuthInfo();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? '0' : $currentUser->getId(); $currentUserId = $currentUser === null ? '0' : $currentUser->getId();
if($mode === 'mark') { if($mode === 'mark') {
if(!$msz->isLoggedIn()) if(!$authInfo->isLoggedIn())
Template::throwError(403); Template::throwError(403);
$categoryId = filter_input(INPUT_GET, 'f', FILTER_SANITIZE_NUMBER_INT); $categoryId = filter_input(INPUT_GET, 'f', FILTER_SANITIZE_NUMBER_INT);
@ -23,7 +24,7 @@ if($mode === 'mark') {
: $forum->getCategoryChildren(parentInfo: $categoryId, includeSelf: true); : $forum->getCategoryChildren(parentInfo: $categoryId, includeSelf: true);
foreach($categoryInfos as $categoryInfo) { foreach($categoryInfos as $categoryInfo) {
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo); $perms = $authInfo->getPerms('forum', $categoryInfo);
if($perms->check(Perm::F_CATEGORY_LIST)) if($perms->check(Perm::F_CATEGORY_LIST))
$forum->updateUserReadCategory($userInfo, $categoryInfo); $forum->updateUserReadCategory($userInfo, $categoryInfo);
} }
@ -49,7 +50,7 @@ if($mode !== '')
$categories = $forum->getCategories(hidden: false, asTree: true); $categories = $forum->getCategories(hidden: false, asTree: true);
foreach($categories as $categoryId => $category) { foreach($categories as $categoryId => $category) {
$perms = $msz->getAuthInfo()->getPerms('forum', $category->info); $perms = $authInfo->getPerms('forum', $category->info);
if(!$perms->check(Perm::F_CATEGORY_LIST)) { if(!$perms->check(Perm::F_CATEGORY_LIST)) {
unset($categories[$categoryId]); unset($categories[$categoryId]);
continue; continue;
@ -59,7 +60,7 @@ foreach($categories as $categoryId => $category) {
if($category->info->mayHaveChildren()) if($category->info->mayHaveChildren())
foreach($category->children as $childId => $child) { foreach($category->children as $childId => $child) {
$childPerms = $msz->getAuthInfo()->getPerms('forum', $child->info); $childPerms = $authInfo->getPerms('forum', $child->info);
if(!$childPerms->check(Perm::F_CATEGORY_LIST)) { if(!$childPerms->check(Perm::F_CATEGORY_LIST)) {
unset($category->children[$childId]); unset($category->children[$childId]);
continue; continue;
@ -70,7 +71,7 @@ foreach($categories as $categoryId => $category) {
if($category->info->isListing()) { if($category->info->isListing()) {
if($child->info->mayHaveChildren()) { if($child->info->mayHaveChildren()) {
foreach($child->children as $grandChildId => $grandChild) { foreach($child->children as $grandChildId => $grandChild) {
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChild->info); $grandChildPerms = $authInfo->getPerms('forum', $grandChild->info);
if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) { if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) {
unset($child->children[$grandChildId]); unset($child->children[$grandChildId]);
continue; continue;
@ -81,7 +82,7 @@ foreach($categories as $categoryId => $category) {
if($grandChild->info->mayHaveTopics()) { if($grandChild->info->mayHaveTopics()) {
$catIds = [$grandChild->info->getId()]; $catIds = [$grandChild->info->getId()];
foreach($grandChild->childIds as $greatGrandChildId) { foreach($grandChild->childIds as $greatGrandChildId) {
$greatGrandChildPerms = $msz->getAuthInfo()->getPerms('forum', $greatGrandChildId); $greatGrandChildPerms = $authInfo->getPerms('forum', $greatGrandChildId);
if($greatGrandChildPerms->check(Perm::F_CATEGORY_LIST)) if($greatGrandChildPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $greatGrandChildId; $catIds[] = $greatGrandChildId;
} }
@ -99,7 +100,7 @@ foreach($categories as $categoryId => $category) {
if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) { if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) {
$catIds = [$child->info->getId()]; $catIds = [$child->info->getId()];
foreach($child->childIds as $grandChildId) { foreach($child->childIds as $grandChildId) {
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChildId); $grandChildPerms = $authInfo->getPerms('forum', $grandChildId);
if($grandChildPerms->check(Perm::F_CATEGORY_LIST)) if($grandChildPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $grandChildId; $catIds[] = $grandChildId;
} }
@ -152,7 +153,7 @@ foreach($categories as $categoryId => $category) {
if($category->info->mayHaveChildren() || $category->info->mayHaveTopics()) { if($category->info->mayHaveChildren() || $category->info->mayHaveTopics()) {
$catIds = [$category->info->getId()]; $catIds = [$category->info->getId()];
foreach($category->childIds as $childId) { foreach($category->childIds as $childId) {
$childPerms = $msz->getAuthInfo()->getPerms('forum', $childId); $childPerms = $authInfo->getPerms('forum', $childId);
if($childPerms->check(Perm::F_CATEGORY_LIST)) if($childPerms->check(Perm::F_CATEGORY_LIST))
$catIds[] = $childId; $catIds[] = $childId;
} }

View file

@ -4,6 +4,7 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
$forum = $msz->getForum(); $forum = $msz->getForum();
$usersCtx = $msz->getUsersContext();
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0; $postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
$postMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : ''; $postMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
@ -11,13 +12,14 @@ $submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) &
$postRequestVerified = CSRF::validateRequest(); $postRequestVerified = CSRF::validateRequest();
if(!empty($postMode) && !$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!empty($postMode) && !$authInfo->isLoggedIn())
Template::displayInfo('You must be logged in to manage posts.', 401); Template::displayInfo('You must be logged in to manage posts.', 401);
$currentUser = $msz->getActiveUser(); $currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? '0' : $currentUser->getId(); $currentUserId = $currentUser === null ? '0' : $currentUser->getId();
if($postMode !== '' && $msz->hasActiveBan()) if($postMode !== '' && $usersCtx->hasActiveBan($currentUser))
Template::displayInfo('You have been banned, check your profile for more information.', 403); Template::displayInfo('You have been banned, check your profile for more information.', 403);
try { try {
@ -26,7 +28,7 @@ try {
Template::throwError(404); Template::throwError(404);
} }
$perms = $msz->getAuthInfo()->getPerms('forum', $postInfo->getCategoryId()); $perms = $authInfo->getPerms('forum', $postInfo->getCategoryId());
if(!$perms->check(Perm::F_CATEGORY_VIEW)) if(!$perms->check(Perm::F_CATEGORY_VIEW))
Template::throwError(403); Template::throwError(403);

View file

@ -7,17 +7,18 @@ use Index\DateTime;
use Misuzu\Forum\ForumTopicInfo; use Misuzu\Forum\ForumTopicInfo;
use Misuzu\Parsers\Parser; use Misuzu\Parsers\Parser;
if(!$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401); Template::throwError(401);
$currentUser = $msz->getActiveUser();
$currentUserId = $currentUser->getId();
if($msz->hasActiveBan())
Template::throwError(403);
$forum = $msz->getForum(); $forum = $msz->getForum();
$usersCtx = $msz->getUsersContext(); $usersCtx = $msz->getUsersContext();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser->getId();
if($usersCtx->hasActiveBan($currentUser))
Template::throwError(403);
$userPostsCounts = []; $userPostsCounts = [];
$forumPostingModes = [ $forumPostingModes = [
@ -104,7 +105,7 @@ if(empty($forumId)) {
$hasCategoryInfo = true; $hasCategoryInfo = true;
} }
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo); $perms = $authInfo->getPerms('forum', $categoryInfo);
if($categoryInfo->isArchived() if($categoryInfo->isArchived()
|| (isset($topicInfo) && $topicInfo->isLocked() && !$perms->check(Perm::F_TOPIC_LOCK)) || (isset($topicInfo) && $topicInfo->isLocked() && !$perms->check(Perm::F_TOPIC_LOCK))

View file

@ -13,7 +13,8 @@ $categoryId = null;
$moderationMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : ''; $moderationMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
$submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1'; $submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1';
$currentUser = $msz->getActiveUser(); $authInfo = $msz->getAuthInfo();
$currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? '0' : $currentUser->getId(); $currentUserId = $currentUser === null ? '0' : $currentUser->getId();
if($topicId < 1 && $postId > 0) { if($topicId < 1 && $postId > 0) {
@ -24,7 +25,7 @@ if($topicId < 1 && $postId > 0) {
} }
$categoryId = $postInfo->getCategoryId(); $categoryId = $postInfo->getCategoryId();
$perms = $msz->getAuthInfo()->getPerms('forum', $postInfo->getCategoryId()); $perms = $authInfo->getPerms('forum', $postInfo->getCategoryId());
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY); $canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
if($postInfo->isDeleted() && !$canDeleteAny) if($postInfo->isDeleted() && !$canDeleteAny)
@ -50,10 +51,10 @@ if(!$topicIsNuked) {
if($categoryId !== (int)$topicInfo->getCategoryId()) { if($categoryId !== (int)$topicInfo->getCategoryId()) {
$categoryId = (int)$topicInfo->getCategoryId(); $categoryId = (int)$topicInfo->getCategoryId();
$perms = $msz->getAuthInfo()->getPerms('forum', $topicInfo->getCategoryId()); $perms = $authInfo->getPerms('forum', $topicInfo->getCategoryId());
} }
if($msz->hasActiveBan()) if($usersCtx->hasActiveBan($currentUser))
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW)); $perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY); $canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
@ -106,10 +107,11 @@ if(in_array($moderationMode, $validModerationModes, true)) {
if(!CSRF::validateRequest()) if(!CSRF::validateRequest())
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403); Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
if(!$msz->isLoggedIn()) $authInfo = $authInfo;
if(!$authInfo->isLoggedIn())
Template::displayInfo('You must be logged in to manage posts.', 401); Template::displayInfo('You must be logged in to manage posts.', 401);
if($msz->hasActiveBan()) if($usersCtx->hasActiveBan($currentUser))
Template::displayInfo('You have been banned, check your profile for more information.', 403); Template::displayInfo('You have been banned, check your profile for more information.', 403);
switch($moderationMode) { switch($moderationMode) {

View file

@ -7,7 +7,8 @@ use Index\DateTime;
use Index\XArray; use Index\XArray;
use Misuzu\Changelog\Changelog; use Misuzu\Changelog\Changelog;
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_CL_CHANGES_MANAGE)) $authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('global')->check(Perm::G_CL_CHANGES_MANAGE))
Template::throwError(403); Template::throwError(403);
$changeActions = []; $changeActions = [];
@ -113,5 +114,5 @@ Template::render('manage.changelog.change', [
'change_info_tags' => $changeTagIds, 'change_info_tags' => $changeTagIds,
'change_tags' => $tagInfos, 'change_tags' => $tagInfos,
'change_actions' => $changeActions, 'change_actions' => $changeActions,
'change_author_id' => $msz->getActiveUser()->getId(), 'change_author_id' => $authInfo->getUserInfo(),
]); ]);

View file

@ -1,7 +1,8 @@
<?php <?php
namespace Misuzu; namespace Misuzu;
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_FORUM_TOPIC_REDIRS_MANAGE)) $authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('global')->check(Perm::G_FORUM_TOPIC_REDIRS_MANAGE))
Template::throwError(403); Template::throwError(403);
$forum = $msz->getForum(); $forum = $msz->getForum();
@ -14,7 +15,7 @@ if($_SERVER['REQUEST_METHOD'] === 'POST') {
$rTopicURL = trim((string)filter_input(INPUT_POST, 'topic_redir_url')); $rTopicURL = trim((string)filter_input(INPUT_POST, 'topic_redir_url'));
$msz->createAuditLog('FORUM_TOPIC_REDIR_CREATE', [$rTopicId]); $msz->createAuditLog('FORUM_TOPIC_REDIR_CREATE', [$rTopicId]);
$forum->createTopicRedirect($rTopicId, $msz->getActiveUser(), $rTopicURL); $forum->createTopicRedirect($rTopicId, $authInfo->getUserInfo(), $rTopicURL);
url_redirect('manage-forum-topic-redirs'); url_redirect('manage-forum-topic-redirs');
return; return;
} }

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_NEWS_POSTS_MANAGE)) $authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('global')->check(Perm::G_NEWS_POSTS_MANAGE))
Template::throwError(403); Template::throwError(403);
$news = $msz->getNews(); $news = $msz->getNews();
@ -37,7 +38,7 @@ while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$body = trim((string)filter_input(INPUT_POST, 'np_body')); $body = trim((string)filter_input(INPUT_POST, 'np_body'));
if($isNew) { if($isNew) {
$postInfo = $news->createPost($category, $title, $body, $featured, $msz->getActiveUser()); $postInfo = $news->createPost($category, $title, $body, $featured, $authInfo->getUserInfo());
} else { } else {
if($category === $postInfo->getCategoryId()) if($category === $postInfo->getCategoryId())
$category = null; $category = null;

View file

@ -5,7 +5,8 @@ use DateTimeInterface;
use RuntimeException; use RuntimeException;
use Index\DateTime; use Index\DateTime;
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_BANS_MANAGE)) $authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('user')->check(Perm::U_BANS_MANAGE))
Template::throwError(403); Template::throwError(403);
$usersCtx = $msz->getUsersContext(); $usersCtx = $msz->getUsersContext();
@ -33,7 +34,7 @@ try {
Template::throwError(404); Template::throwError(404);
} }
$modInfo = $msz->getActiveUser(); $modInfo = $authInfo->getUserInfo();
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) { while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$expires = (int)filter_input(INPUT_POST, 'ub_expires', FILTER_SANITIZE_NUMBER_INT); $expires = (int)filter_input(INPUT_POST, 'ub_expires', FILTER_SANITIZE_NUMBER_INT);

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_NOTES_MANAGE)) $authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('user')->check(Perm::U_NOTES_MANAGE))
Template::throwError(403); Template::throwError(403);
$hasNoteId = filter_has_var(INPUT_GET, 'n'); $hasNoteId = filter_has_var(INPUT_GET, 'n');
@ -24,7 +25,7 @@ if($hasUserId) {
Template::throwError(404); Template::throwError(404);
} }
$authorInfo = $msz->getActiveUser(); $authorInfo = $authInfo->getUserInfo();
} elseif($hasNoteId) { } elseif($hasNoteId) {
$isNew = false; $isNew = false;

View file

@ -6,7 +6,8 @@ use Index\Colour\Colour;
use Index\Colour\ColourRGB; use Index\Colour\ColourRGB;
use Misuzu\Perm; use Misuzu\Perm;
$viewerPerms = $msz->getAuthInfo()->getPerms('user'); $authInfo = $msz->getAuthInfo();
$viewerPerms = $authInfo->getPerms('user');
if(!$viewerPerms->check(Perm::U_ROLES_MANAGE)) if(!$viewerPerms->check(Perm::U_ROLES_MANAGE))
Template::throwError(403); Template::throwError(403);
@ -26,7 +27,7 @@ if(filter_has_var(INPUT_GET, 'r')) {
} }
} else $isNew = true; } else $isNew = true;
$currentUser = $msz->getActiveUser(); $currentUser = $authInfo->getUserInfo();
$canEditPerms = $viewerPerms->check(Perm::U_PERMS_MANAGE); $canEditPerms = $viewerPerms->check(Perm::U_PERMS_MANAGE);
$permsInfos = $perms->getPermissionInfo(roleInfo: $roleInfo, categoryNames: Perm::INFO_FOR_ROLE); $permsInfos = $perms->getPermissionInfo(roleInfo: $roleInfo, categoryNames: Perm::INFO_FOR_ROLE);

View file

@ -7,8 +7,9 @@ use Misuzu\Perm;
use Misuzu\Auth\AuthTokenCookie; use Misuzu\Auth\AuthTokenCookie;
use Misuzu\Users\User; use Misuzu\Users\User;
$viewerPerms = $msz->getAuthInfo()->getPerms('user'); $authInfo = $msz->getAuthInfo();
if(!$msz->isLoggedIn()) $viewerPerms = $authInfo->getPerms('user');
if(!$authInfo->isLoggedIn())
Template::throwError(403); Template::throwError(403);
$usersCtx = $msz->getUsersContext(); $usersCtx = $msz->getUsersContext();
@ -16,7 +17,7 @@ $users = $usersCtx->getUsers();
$roles = $usersCtx->getRoles(); $roles = $usersCtx->getRoles();
$perms = $msz->getPerms(); $perms = $msz->getPerms();
$currentUser = $msz->getActiveUser(); $currentUser = $authInfo->getUserInfo();
$canManageUsers = $viewerPerms->check(Perm::U_USERS_MANAGE); $canManageUsers = $viewerPerms->check(Perm::U_USERS_MANAGE);
$canManagePerms = $viewerPerms->check(Perm::U_PERMS_MANAGE); $canManagePerms = $viewerPerms->check(Perm::U_PERMS_MANAGE);
@ -66,7 +67,7 @@ if(CSRF::validateRequest() && $canEdit) {
if($allowToImpersonate) { if($allowToImpersonate) {
$msz->createAuditLog('USER_IMPERSONATE', [$userInfo->getId(), $userInfo->getName()]); $msz->createAuditLog('USER_IMPERSONATE', [$userInfo->getId(), $userInfo->getName()]);
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder(); $tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
$tokenBuilder->setImpersonatedUserId($userInfo->getId()); $tokenBuilder->setImpersonatedUserId($userInfo->getId());
$tokenInfo = $tokenBuilder->toInfo(); $tokenInfo = $tokenBuilder->toInfo();

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_WARNINGS_MANAGE)) $authInfo = $msz->getAuthInfo();
if(!$authInfo->getPerms('user')->check(Perm::U_WARNINGS_MANAGE))
Template::throwError(403); Template::throwError(403);
$usersCtx = $msz->getUsersContext(); $usersCtx = $msz->getUsersContext();
@ -32,7 +33,7 @@ try {
Template::throwError(404); Template::throwError(404);
} }
$modInfo = $msz->getActiveUser(); $modInfo = $authInfo->getUserInfo();
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) { while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$body = trim((string)filter_input(INPUT_POST, 'uw_body')); $body = trim((string)filter_input(INPUT_POST, 'uw_body'));

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
if(!$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(403); Template::throwError(403);
// TODO: restore forum-topics and forum-posts orderings // TODO: restore forum-topics and forum-posts orderings
@ -74,7 +75,7 @@ if($roleId === null) {
} }
} }
$canManageUsers = $msz->getAuthInfo()->getPerms('user')->check(Perm::U_USERS_MANAGE); $canManageUsers = $authInfo->getPerms('user')->check(Perm::U_USERS_MANAGE);
$deleted = $canManageUsers ? null : false; $deleted = $canManageUsers ? null : false;
$rolesAll = $roles->getRoles(hidden: false); $rolesAll = $roles->getRoles(hidden: false);

View file

@ -19,7 +19,8 @@ $usersCtx = $msz->getUsersContext();
$users = $usersCtx->getUsers(); $users = $usersCtx->getUsers();
$forum = $msz->getForum(); $forum = $msz->getForum();
$viewerInfo = $msz->getActiveUser(); $authInfo = $msz->getAuthInfo();
$viewerInfo = $authInfo->getUserInfo();
$viewingAsGuest = $viewerInfo === null; $viewingAsGuest = $viewerInfo === null;
$viewerId = $viewingAsGuest ? '0' : $viewerInfo->getId(); $viewerId = $viewingAsGuest ? '0' : $viewerInfo->getId();
@ -66,9 +67,9 @@ $notices = [];
$userRank = $usersCtx->getUserRank($userInfo); $userRank = $usersCtx->getUserRank($userInfo);
$viewerRank = $usersCtx->getUserRank($viewerInfo); $viewerRank = $usersCtx->getUserRank($viewerInfo);
$viewerPerms = $msz->getAuthInfo()->getPerms('user'); $viewerPerms = $authInfo->getPerms('user');
$activeBanInfo = $msz->tryGetActiveBan($userInfo); $activeBanInfo = $usersCtx->tryGetActiveBan($userInfo);
$isBanned = $activeBanInfo !== null; $isBanned = $activeBanInfo !== null;
$profileFields = $msz->getProfileFields(); $profileFields = $msz->getProfileFields();
$viewingOwnProfile = (string)$viewerId === $userInfo->getId(); $viewingOwnProfile = (string)$viewerId === $userInfo->getId();

View file

@ -6,7 +6,8 @@ use RuntimeException;
use Index\XArray; use Index\XArray;
use Misuzu\Comments\CommentsCategory; use Misuzu\Comments\CommentsCategory;
if(!$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(403); Template::throwError(403);
$searchQuery = !empty($_GET['q']) && is_string($_GET['q']) ? $_GET['q'] : ''; $searchQuery = !empty($_GET['q']) && is_string($_GET['q']) ? $_GET['q'] : '';
@ -74,12 +75,12 @@ if(!empty($searchQuery)) {
} }
if(empty($searchQueryEvaluated['type']) || str_starts_with($searchQueryEvaluated['type'], 'forum')) { if(empty($searchQueryEvaluated['type']) || str_starts_with($searchQueryEvaluated['type'], 'forum')) {
$currentUser = $msz->getActiveUser(); $currentUser = $authInfo->getUserInfo();
$currentUserId = $currentUser === null ? 0 : (int)$currentUser->getId(); $currentUserId = $currentUser === null ? 0 : (int)$currentUser->getId();
$forumCategoryIds = XArray::where( $forumCategoryIds = XArray::where(
$forum->getCategories(hidden: false), $forum->getCategories(hidden: false),
fn($categoryInfo) => $categoryInfo->mayHaveTopics() && $msz->getAuthInfo()->getPerms('forum', $categoryInfo)->check(Perm::F_CATEGORY_VIEW) fn($categoryInfo) => $categoryInfo->mayHaveTopics() && $authInfo->getPerms('forum', $categoryInfo)->check(Perm::F_CATEGORY_VIEW)
); );
$forumTopicInfos = $forum->getTopics(categoryInfo: $forumCategoryIds, deleted: false, searchQuery: $searchQueryEvaluated); $forumTopicInfos = $forum->getTopics(categoryInfo: $forumCategoryIds, deleted: false, searchQuery: $searchQueryEvaluated);

View file

@ -6,15 +6,16 @@ use Misuzu\Users\User;
use chillerlan\QRCode\QRCode; use chillerlan\QRCode\QRCode;
use chillerlan\QRCode\QROptions; use chillerlan\QRCode\QROptions;
if(!$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401); Template::throwError(401);
$errors = []; $errors = [];
$usersCtx = $msz->getUsersContext(); $usersCtx = $msz->getUsersContext();
$users = $usersCtx->getUsers(); $users = $usersCtx->getUsers();
$roles = $usersCtx->getRoles(); $roles = $usersCtx->getRoles();
$userInfo = $msz->getActiveUser(); $userInfo = $authInfo->getUserInfo();
$isRestricted = $msz->hasActiveBan(); $isRestricted = $usersCtx->hasActiveBan($userInfo);
$isVerifiedRequest = CSRF::validateRequest(); $isVerifiedRequest = CSRF::validateRequest();
if(!$isRestricted && $isVerifiedRequest && !empty($_POST['role'])) { if(!$isRestricted && $isVerifiedRequest && !empty($_POST['role'])) {

View file

@ -6,7 +6,8 @@ use Index\XString;
use Index\IO\FileStream; use Index\IO\FileStream;
use Misuzu\Users\UserInfo; use Misuzu\Users\UserInfo;
if(!$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401); Template::throwError(401);
$dbConn = $msz->getDbConn(); $dbConn = $msz->getDbConn();
@ -98,7 +99,7 @@ function db_to_zip(ZipArchive $archive, UserInfo $userInfo, string $baseName, ar
} }
$errors = []; $errors = [];
$userInfo = $msz->getActiveUser(); $userInfo = $authInfo->getUserInfo();
if(isset($_POST['action']) && is_string($_POST['action'])) { if(isset($_POST['action']) && is_string($_POST['action'])) {
if(isset($_POST['password']) && is_string($_POST['password']) if(isset($_POST['password']) && is_string($_POST['password'])

View file

@ -1,7 +1,8 @@
<?php <?php
namespace Misuzu; namespace Misuzu;
if(!$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401); Template::throwError(401);
url_redirect('settings-account'); url_redirect('settings-account');

View file

@ -3,7 +3,8 @@ namespace Misuzu;
use Misuzu\Pagination; use Misuzu\Pagination;
$currentUser = $msz->getActiveUser(); $authInfo = $msz->getAuthInfo();
$currentUser = $authInfo->getUserInfo();
if($currentUser === null) if($currentUser === null)
Template::throwError(401); Template::throwError(401);

View file

@ -3,13 +3,14 @@ namespace Misuzu;
use RuntimeException; use RuntimeException;
if(!$msz->isLoggedIn()) $authInfo = $msz->getAuthInfo();
if(!$authInfo->isLoggedIn())
Template::throwError(401); Template::throwError(401);
$errors = []; $errors = [];
$sessions = $msz->getSessions(); $sessions = $msz->getSessions();
$currentUser = $msz->getActiveUser(); $currentUser = $authInfo->getUserInfo();
$activeSessionId = $msz->getAuthInfo()->getSessionId(); $activeSessionId = $authInfo->getSessionId();
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) { while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$sessionId = (string)filter_input(INPUT_POST, 'session'); $sessionId = (string)filter_input(INPUT_POST, 'session');

View file

@ -117,11 +117,12 @@ if($tokenInfo->hasUserId() && $tokenInfo->hasSessionToken()) {
} }
} }
$msz->getAuthInfo()->setInfo($tokenInfo, $userInfo, $sessionInfo, $userInfoReal); $authInfo = $msz->getAuthInfo();
$authInfo->setInfo($tokenInfo, $userInfo, $sessionInfo, $userInfoReal);
CSRF::init( CSRF::init(
$cfg->getString('csrf.secret', 'soup'), $cfg->getString('csrf.secret', 'soup'),
($msz->isLoggedIn() ? $sessionInfo->getToken() : $_SERVER['REMOTE_ADDR']) ($authInfo->isLoggedIn() ? $sessionInfo->getToken() : $_SERVER['REMOTE_ADDR'])
); );
$msz->startTemplating(); $msz->startTemplating();

View file

@ -183,32 +183,9 @@ class MisuzuContext {
return $this->authInfo; return $this->authInfo;
} }
// isLoggedIn and getActiveUser are proxied for convenience, supply authInfo to things in the future
public function isLoggedIn(): bool {
return $this->authInfo->isLoggedIn();
}
public function getActiveUser(): ?UserInfo {
return $this->authInfo->getUserInfo();
}
public function tryGetActiveBan(UserInfo|string|null $userInfo = null): ?BanInfo {
if($userInfo === null) {
if($this->isLoggedIn())
$userInfo = $this->getActiveUser();
else return null;
}
return $this->usersCtx->tryGetActiveBan($userInfo);
}
public function hasActiveBan(UserInfo|string|null $userInfo = null): bool {
return $this->tryGetActiveBan($userInfo) !== null;
}
public function createAuditLog(string $action, array $params = [], UserInfo|string|null $userInfo = null): void { public function createAuditLog(string $action, array $params = [], UserInfo|string|null $userInfo = null): void {
if($userInfo === null && $this->isLoggedIn()) if($userInfo === null && $this->authInfo->isLoggedIn())
$userInfo = $this->getActiveUser(); $userInfo = $this->authInfo->getUserInfo();
$this->auditLog->createLog( $this->auditLog->createLog(
$userInfo, $userInfo,
@ -221,8 +198,9 @@ class MisuzuContext {
private ?bool $hasManageAccess = null; private ?bool $hasManageAccess = null;
public function hasManageAccess(): bool { public function hasManageAccess(): bool {
$this->hasManageAccess ??= $this->authInfo->isLoggedIn() && !$this->hasActiveBan() $this->hasManageAccess ??= $this->authInfo->isLoggedIn()
&& $this->getAuthInfo()->getPerms('global')->check(Perm::G_IS_JANITOR); && !$this->usersCtx->hasActiveBan($this->authInfo->getUserInfo())
&& $this->authInfo->getPerms('global')->check(Perm::G_IS_JANITOR);
return $this->hasManageAccess; return $this->hasManageAccess;
} }
@ -245,12 +223,11 @@ class MisuzuContext {
['eeprom.app:s', '', 'eeprom_app'], ['eeprom.app:s', '', 'eeprom_app'],
]); ]);
$authInfo = $this->getAuthInfo();
$globals['assets'] = $this->getWebAssetInfo(); $globals['assets'] = $this->getWebAssetInfo();
$globals['auth_info'] = $authInfo; $globals['auth_info'] = $this->authInfo;
$globals['active_ban_info'] = $this->tryGetActiveBan(); $globals['active_ban_info'] = $this->usersCtx->tryGetActiveBan($this->authInfo->getUserInfo());
$globals['display_timings_info'] = MSZ_DEBUG $globals['display_timings_info'] = MSZ_DEBUG
|| $authInfo->getPerms('global')->check(Perm::G_TIMINGS_VIEW); || $this->authInfo->getPerms('global')->check(Perm::G_TIMINGS_VIEW);
$templating = new SasaeEnvironment( $templating = new SasaeEnvironment(
MSZ_TEMPLATES, MSZ_TEMPLATES,

View file

@ -129,6 +129,7 @@ final class MisuzuSasaeExtension extends AbstractExtension {
public function getUserMenu(bool $inBroomCloset, string $manageUrl = ''): array { public function getUserMenu(bool $inBroomCloset, string $manageUrl = ''): array {
$menu = []; $menu = [];
$authInfo = $this->ctx->getAuthInfo(); $authInfo = $this->ctx->getAuthInfo();
$usersCtx = $this->ctx->getUsersContext();
if($authInfo->isLoggedIn()) { if($authInfo->isLoggedIn()) {
$userInfo = $authInfo->getUserInfo(); $userInfo = $authInfo->getUserInfo();
@ -149,7 +150,7 @@ final class MisuzuSasaeExtension extends AbstractExtension {
'icon' => 'fas fa-search fa-fw', 'icon' => 'fas fa-search fa-fw',
]; ];
if(!$this->ctx->hasActiveBan($userInfo) && $authInfo->getPerms('global')->check(Perm::G_IS_JANITOR)) { if(!$usersCtx->hasActiveBan($userInfo) && $authInfo->getPerms('global')->check(Perm::G_IS_JANITOR)) {
// restore behaviour where clicking this button switches between // restore behaviour where clicking this button switches between
// site version and broom version // site version and broom version
if($inBroomCloset) if($inBroomCloset)

View file

@ -317,7 +317,7 @@ final class SharpChatRoutes implements IRouteHandler {
$userId = ''; $userId = '';
} }
$banInfo = $this->usersCtx->getBans()->tryGetActiveBan($userId); $banInfo = $this->usersCtx->tryGetActiveBan($userId);
if($banInfo === null) if($banInfo === null)
return ['is_ban' => false]; return ['is_ban' => false];
@ -421,7 +421,7 @@ final class SharpChatRoutes implements IRouteHandler {
if($type !== 'user') if($type !== 'user')
return 404; return 404;
$banInfo = $this->usersCtx->getBans()->tryGetActiveBan($subject); $banInfo = $this->usersCtx->tryGetActiveBan($subject);
if($banInfo === null) if($banInfo === null)
return 404; return 404;

View file

@ -94,7 +94,10 @@ class UsersContext {
return $this->activeBans[$userInfo]; return $this->activeBans[$userInfo];
} }
public function hasActiveBan(UserInfo|string|null $userInfo = null): bool { public function hasActiveBan(
return $this->tryGetActiveBan($userInfo) !== null; UserInfo|string|null $userInfo = null,
int $minimumSeverity = Bans::SEVERITY_MIN
): bool {
return $this->tryGetActiveBan($userInfo, $minimumSeverity) !== null;
} }
} }