aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoas Schilling <nickvergessen@gmx.de>2014-01-18 21:20:01 +0100
committerJoas Schilling <nickvergessen@gmx.de>2014-01-18 21:20:01 +0100
commitdea91108feac4d0d9bf9c67548764527119e579c (patch)
tree85664c09f7847e9130761b9d70c1fe2e0b8d896f
parentab41396707e722ae817d9e5e5f2299d0d681d620 (diff)
parent2cf4b68351aa3abcb63f51e33e491ada097ded7c (diff)
downloadforums-dea91108feac4d0d9bf9c67548764527119e579c.tar
forums-dea91108feac4d0d9bf9c67548764527119e579c.tar.gz
forums-dea91108feac4d0d9bf9c67548764527119e579c.tar.bz2
forums-dea91108feac4d0d9bf9c67548764527119e579c.tar.xz
forums-dea91108feac4d0d9bf9c67548764527119e579c.zip
Merge remote-tracking branch 'EXreaction/ticket/12006' into develop
* EXreaction/ticket/12006: [ticket/12006] global $phpbb_dispatcher; [ticket/12006] Missing a space [ticket/12006] Add module_auth event [ticket/12006] Test for ext module auth [ticket/12006] Add extension enabled check token to module auth [ticket/12006] Cleanup the module auth function token replacement code
-rw-r--r--phpBB/includes/functions_module.php39
-rw-r--r--tests/extension/ext/vendor2/foo/acp/a_info.php2
-rw-r--r--tests/extension/modules_test.php44
3 files changed, 78 insertions, 7 deletions
diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php
index e1259eba12..53055752f6 100644
--- a/phpBB/includes/functions_module.php
+++ b/phpBB/includes/functions_module.php
@@ -334,7 +334,7 @@ class p_master
static function module_auth($module_auth, $forum_id)
{
global $auth, $config;
- global $request;
+ global $request, $phpbb_extension_manager, $phpbb_dispatcher;
$module_auth = trim($module_auth);
@@ -351,6 +351,30 @@ class p_master
[(),] |
[^\s(),]+)/x', $module_auth, $match);
+ // Valid tokens for auth and their replacements
+ $valid_tokens = array(
+ 'acl_([a-z0-9_]+)(,\$id)?' => '(int) $auth->acl_get(\'\\1\'\\2)',
+ '\$id' => '(int) $forum_id',
+ 'aclf_([a-z0-9_]+)' => '(int) $auth->acl_getf_global(\'\\1\')',
+ 'cfg_([a-z0-9_]+)' => '(int) $config[\'\\1\']',
+ 'request_([a-zA-Z0-9_]+)' => '$request->variable(\'\\1\', false)',
+ 'ext_([a-zA-Z0-9_/]+)' => 'array_key_exists(\'\\1\', $phpbb_extension_manager->all_enabled())',
+ );
+
+ /**
+ * Alter tokens for module authorisation check
+ *
+ * @event core.module_auth
+ * @var array valid_tokens Valid tokens and their auth check
+ * replacements
+ * @var string module_auth The module_auth of the current
+ * module
+ * @var int forum_id The current forum_id
+ * @since 3.1-A3
+ */
+ $vars = array('valid_tokens', 'module_auth', 'forum_id');
+ extract($phpbb_dispatcher->trigger_event('core.module_auth', compact($vars)));
+
$tokens = $match[0];
for ($i = 0, $size = sizeof($tokens); $i < $size; $i++)
{
@@ -366,7 +390,7 @@ class p_master
break;
default:
- if (!preg_match('#(?:acl_([a-z0-9_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z0-9_]+))|(?:cfg_([a-z0-9_]+))|(?:request_([a-zA-Z0-9_]+))#', $token))
+ if (!preg_match('#(?:' . implode(array_keys($valid_tokens), ')|(?:') . ')#', $token))
{
$token = '';
}
@@ -379,8 +403,17 @@ class p_master
// Make sure $id separation is working fine
$module_auth = str_replace(' , ', ',', $module_auth);
+ $module_auth = preg_replace(
+ // Array keys with # prepended/appended
+ array_map(function($value) {
+ return '#' . $value . '#';
+ }, array_keys($valid_tokens)),
+ array_values($valid_tokens),
+ $module_auth
+ );
+
$is_auth = false;
- eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '$request->variable(\'\\1\', false)'), $module_auth) . ');');
+ eval('$is_auth = (int) (' . $module_auth . ');');
return $is_auth;
}
diff --git a/tests/extension/ext/vendor2/foo/acp/a_info.php b/tests/extension/ext/vendor2/foo/acp/a_info.php
index 27e67c1556..e1eaa340b7 100644
--- a/tests/extension/ext/vendor2/foo/acp/a_info.php
+++ b/tests/extension/ext/vendor2/foo/acp/a_info.php
@@ -11,7 +11,7 @@ class a_info
'title' => 'Foobar',
'version' => '3.1.0-dev',
'modes' => array(
- 'config' => array('title' => 'Config', 'auth' => '', 'cat' => array('ACP_MODS')),
+ 'config' => array('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
),
);
}
diff --git a/tests/extension/modules_test.php b/tests/extension/modules_test.php
index 5dcb24c691..c0a136e173 100644
--- a/tests/extension/modules_test.php
+++ b/tests/extension/modules_test.php
@@ -12,6 +12,7 @@ require_once dirname(__FILE__) . '/ext/vendor2/foo/mcp/a_info.php';
require_once dirname(__FILE__) . '/ext/vendor2/foo/acp/fail_info.php';
require_once dirname(__FILE__) . '/ext/vendor2/bar/acp/a_info.php';
require_once dirname(__FILE__) . '/../../phpBB/includes/acp/acp_modules.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_module.php';
class phpbb_extension_modules_test extends phpbb_test_case
{
@@ -59,7 +60,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
'title' => 'Foobar',
'version' => '3.1.0-dev',
'modes' => array(
- 'config' => array('title' => 'Config', 'auth' => '', 'cat' => array('ACP_MODS')),
+ 'config' => array('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
),
),
'acp_foobar' => array(
@@ -133,7 +134,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
'title' => 'Foobar',
'version' => '3.1.0-dev',
'modes' => array (
- 'config' => array ('title' => 'Config', 'auth' => '', 'cat' => array ('ACP_MODS')),
+ 'config' => array ('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array ('ACP_MODS')),
),
),
), $acp_modules);
@@ -157,7 +158,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
'title' => 'Foobar',
'version' => '3.1.0-dev',
'modes' => array(
- 'config' => array('title' => 'Config', 'auth' => '', 'cat' => array('ACP_MODS')),
+ 'config' => array('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
),
),
'acp_foobar' => array(
@@ -191,4 +192,41 @@ class phpbb_extension_modules_test extends phpbb_test_case
)
), $acp_modules);
}
+
+ public function module_auth_test_data()
+ {
+ return array(
+ // module_auth, expected result
+ array('ext_foo', false),
+ array('ext_foo/bar', false),
+ array('ext_vendor3/bar', false),
+ array('ext_vendor2/foo', true),
+ );
+ }
+
+ /**
+ * @dataProvider module_auth_test_data
+ */
+ public function test_modules_auth($module_auth, $expected)
+ {
+ global $phpbb_extension_manager;
+
+ $phpbb_extension_manager = $this->extension_manager = new phpbb_mock_extension_manager(
+ dirname(__FILE__) . '/',
+ array(
+ 'vendor2/foo' => array(
+ 'ext_name' => 'vendor2/foo',
+ 'ext_active' => '1',
+ 'ext_path' => 'ext/vendor2/foo/',
+ ),
+ 'vendor3/bar' => array(
+ 'ext_name' => 'vendor3/bar',
+ 'ext_active' => '0',
+ 'ext_path' => 'ext/vendor3/bar/',
+ ),
+ )
+ );
+
+ $this->assertEquals($expected, p_master::module_auth($module_auth, 0));
+ }
}