diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 3d4e679d..afb722f3 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -67,6 +67,6 @@ repos:
files: \.php$
exclude: |
(?x)^(
- resources/lib/UnitySite\.php$|
+ resources/lib/UnityHTTPD\.php$|
workers/.*|
)$
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index c3b80b86..e1d8b01d 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -7,7 +7,7 @@
* The maximum line length for any PHP file is 100 characters, instead of PSR-12's 120 characters.
* Comments should be used sparingly.
* Empty lines should be used sparingly.
-* No code should call `die()` or `exit()`, instead `UnitySite::die()`. This will avoid the premature death of our automated testing processes.
+* No code should call `die()` or `exit()`, instead `UnityHTTPD::die()`. This will avoid the premature death of our automated testing processes.
* Instead of `assert`, use `\ensure`. This will enforce conditions even in production.
This repository will automatically check PRs for linting compliance.
diff --git a/coverage.php b/coverage.php
index c2aa6dff..f2a48ae7 100644
--- a/coverage.php
+++ b/coverage.php
@@ -5,7 +5,7 @@
return [
new MinCoverageRule(
pattern: '*',
- minCoverage: 63,
+ minCoverage: 62,
exitOnLowCoverage: true
),
];
diff --git a/resources/autoload.php b/resources/autoload.php
index 02054293..a4326b05 100644
--- a/resources/autoload.php
+++ b/resources/autoload.php
@@ -19,7 +19,7 @@
require_once __DIR__ . "/lib/UnitySQL.php";
require_once __DIR__ . "/lib/UnityMailer.php";
require_once __DIR__ . "/lib/UnitySSO.php";
-require_once __DIR__ . "/lib/UnitySite.php";
+require_once __DIR__ . "/lib/UnityHTTPD.php";
require_once __DIR__ . "/lib/UnityConfig.php";
require_once __DIR__ . "/lib/UnityWebhook.php";
require_once __DIR__ . "/lib/UnityRedis.php";
diff --git a/resources/init.php b/resources/init.php
index a106992d..f388be53 100644
--- a/resources/init.php
+++ b/resources/init.php
@@ -12,9 +12,9 @@
use UnityWebPortal\lib\UnityRedis;
use UnityWebPortal\lib\UnityWebhook;
use UnityWebPortal\lib\UnityGithub;
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
-register_shutdown_function(array("UnityWebPortal\lib\UnitySite", "shutdown"));
+register_shutdown_function(array("UnityWebPortal\lib\UnityHTTPD", "shutdown"));
// shutdown function logs errors, don't want duplicate output
ini_set("log_errors", false);
diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php
index 454f77e7..94718929 100644
--- a/resources/lib/UnityGroup.php
+++ b/resources/lib/UnityGroup.php
@@ -349,11 +349,11 @@ public function newUserRequest(
$send_mail = true
) {
if ($this->userExists($new_user)) {
- UnitySite::errorLog("warning", "user '$new_user' already in group");
+ UnityHTTPD::errorLog("warning", "user '$new_user' already in group");
return;
}
if ($this->requestExists($new_user)) {
- UnitySite::errorLog("warning", "user '$new_user' already requested group membership");
+ UnityHTTPD::errorLog("warning", "user '$new_user' already requested group membership");
return;
}
if ($this->SQL->accDeletionRequestExists($new_user->uid)) {
diff --git a/resources/lib/UnitySite.php b/resources/lib/UnityHTTPD.php
similarity index 85%
rename from resources/lib/UnitySite.php
rename to resources/lib/UnityHTTPD.php
index ce5dfcdc..42e826e5 100644
--- a/resources/lib/UnitySite.php
+++ b/resources/lib/UnityHTTPD.php
@@ -2,11 +2,10 @@
namespace UnityWebPortal\lib;
-use phpseclib3\Crypt\PublicKeyLoader;
use UnityWebPortal\lib\exceptions\NoDieException;
use UnityWebPortal\lib\exceptions\ArrayKeyException;
-class UnitySite
+class UnityHTTPD
{
public static function die($x = null, $show_user = false)
{
@@ -172,28 +171,4 @@ public static function alert(string $message)
// json_encode escapes quotes
echo "";
}
-
- public static function testValidSSHKey($key_str)
- {
- // key loader still throws, these just mute warnings for phpunit
- // https://github.com/phpseclib/phpseclib/issues/2079
- if ($key_str == "") {
- return false;
- }
- // https://github.com/phpseclib/phpseclib/issues/2076
- // https://github.com/phpseclib/phpseclib/issues/2077
- // there are actually valid JSON keys (JWK), but I don't think anybody uses it
- if (!is_null(@json_decode($key_str))) {
- return false;
- }
- try {
- PublicKeyLoader::load($key_str);
- return true;
- // phpseclib should throw only NoKeyLoadedException but that is not the case
- // https://github.com/phpseclib/phpseclib/pull/2078
- // } catch (\phpseclib3\Exception\NoKeyLoadedException $e) {
- } catch (\Throwable $e) {
- return false;
- }
- }
}
diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php
index dadfb9db..7d1ae60d 100644
--- a/resources/lib/UnityLDAP.php
+++ b/resources/lib/UnityLDAP.php
@@ -99,7 +99,7 @@ public function getNextUIDGIDNumber($uid)
return $customMappedID;
}
if (!is_null($customMappedID) && in_array($customMappedID, $IDNumsInUse)) {
- UnitySite::errorLog(
+ UnityHTTPD::errorLog(
"warning",
"user '$uid' has a custom mapped IDNumber $customMappedID but it's already in use!",
);
@@ -157,7 +157,7 @@ private function getCustomIDMappings()
array_push($output, $row);
}
} else {
- UnitySite::errorLog(
+ UnityHTTPD::errorLog(
"warning",
"custom ID mapping file '$filename' ignored, extension != .csv",
);
@@ -330,7 +330,7 @@ public function getAllPIGroupOwnerAttributes($attributes)
array_map(fn($x) => $x["uid"][0], $owner_attributes)
);
if (count($owners_not_found) > 0) {
- UnitySite::errorLog(
+ UnityHTTPD::errorLog(
"warning",
"PI group owners not found: " . json_encode($owners_not_found) . "\n"
);
@@ -353,7 +353,7 @@ public function getAllUID2PIGIDs()
if (array_key_exists($uid, $uid2pigids)) {
array_push($uid2pigids[$uid], $gid);
} else {
- UnitySite::errorLog(
+ UnityHTTPD::errorLog(
"warning",
"user '$uid' is a member of a PI group but is not a Unity user!"
);
diff --git a/resources/lib/UnityRedis.php b/resources/lib/UnityRedis.php
index 2f2bd9c9..e17e624d 100644
--- a/resources/lib/UnityRedis.php
+++ b/resources/lib/UnityRedis.php
@@ -36,7 +36,7 @@ public function setCache($object, $key, $data)
$keyStr = $object;
}
if (is_null($data)) {
- UnitySite::errorLog("warning", "setting '$keyStr' to null");
+ UnityHTTPD::errorLog("warning", "setting '$keyStr' to null");
}
$this->client->set($keyStr, serialize($data));
}
diff --git a/resources/lib/utils.php b/resources/lib/utils.php
index b3f311f6..b5f5411a 100644
--- a/resources/lib/utils.php
+++ b/resources/lib/utils.php
@@ -2,6 +2,7 @@
use UnityWebPortal\lib\exceptions\ArrayKeyException;
use UnityWebPortal\lib\exceptions\EnsureException;
+use phpseclib3\Crypt\PublicKeyLoader;
function arrayGet($array, ...$keys)
{
@@ -28,3 +29,27 @@ function ensure(bool $condition, ?string $message = null)
throw new EnsureException($message ?? "ensure condition is false");
}
}
+
+function testValidSSHKey($key_str)
+{
+ // key loader still throws, these just mute warnings for phpunit
+ // https://github.com/phpseclib/phpseclib/issues/2079
+ if ($key_str == "") {
+ return false;
+ }
+ // https://github.com/phpseclib/phpseclib/issues/2076
+ // https://github.com/phpseclib/phpseclib/issues/2077
+ // there are actually valid JSON keys (JWK), but I don't think anybody uses it
+ if (!is_null(@json_decode($key_str))) {
+ return false;
+ }
+ try {
+ PublicKeyLoader::load($key_str);
+ return true;
+ // phpseclib should throw only NoKeyLoadedException but that is not the case
+ // https://github.com/phpseclib/phpseclib/pull/2078
+ // } catch (\phpseclib3\Exception\NoKeyLoadedException $e) {
+ } catch (\Throwable $e) {
+ return false;
+ }
+}
diff --git a/resources/templates/header.php b/resources/templates/header.php
index 5103f138..23435428 100644
--- a/resources/templates/header.php
+++ b/resources/templates/header.php
@@ -1,6 +1,6 @@
assertEquals($expected, UnitySite::testValidSSHKey($key));
+ $this->assertEquals($expected, testValidSSHKey($key));
}
}
diff --git a/webroot/admin/ajax/get_group_members.php b/webroot/admin/ajax/get_group_members.php
index 6d0a1a17..cebf4115 100644
--- a/webroot/admin/ajax/get_group_members.php
+++ b/webroot/admin/ajax/get_group_members.php
@@ -3,14 +3,14 @@
require_once __DIR__ . "/../../../resources/autoload.php";
use UnityWebPortal\lib\UnityGroup;
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
if (!$USER->isAdmin()) {
- UnitySite::forbidden("not an admin");
+ UnityHTTPD::forbidden("not an admin");
}
if (!isset($_GET["gid"])) {
- UnitySite::badRequest("PI UID not set");
+ UnityHTTPD::badRequest("PI UID not set");
}
$group = new UnityGroup($_GET["gid"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
diff --git a/webroot/admin/ajax/get_page_contents.php b/webroot/admin/ajax/get_page_contents.php
index a799e990..d21077c5 100644
--- a/webroot/admin/ajax/get_page_contents.php
+++ b/webroot/admin/ajax/get_page_contents.php
@@ -2,14 +2,14 @@
require_once __DIR__ . "/../../../resources/autoload.php";
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
if (!$USER->isAdmin()) {
- UnitySite::forbidden("not an admin");
+ UnityHTTPD::forbidden("not an admin");
}
if (!isset($_GET["pageid"])) {
- UnitySite::badRequest("Pageid not found");
+ UnityHTTPD::badRequest("Pageid not found");
}
$page = $SQL->getPage($_GET["pageid"]);
diff --git a/webroot/admin/content.php b/webroot/admin/content.php
index 9cab5ba8..620a8fac 100644
--- a/webroot/admin/content.php
+++ b/webroot/admin/content.php
@@ -2,10 +2,10 @@
require_once __DIR__ . "/../../resources/autoload.php";
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
if (!$USER->isAdmin()) {
- UnitySite::forbidden("not an admin");
+ UnityHTTPD::forbidden("not an admin");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
diff --git a/webroot/admin/notices.php b/webroot/admin/notices.php
index e8580f14..2c42cac9 100644
--- a/webroot/admin/notices.php
+++ b/webroot/admin/notices.php
@@ -2,10 +2,10 @@
require_once __DIR__ . "/../../resources/autoload.php";
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
if (!$USER->isAdmin()) {
- UnitySite::forbidden("not an admin");
+ UnityHTTPD::forbidden("not an admin");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
diff --git a/webroot/admin/pi-mgmt.php b/webroot/admin/pi-mgmt.php
index 86edbd0a..dc247326 100644
--- a/webroot/admin/pi-mgmt.php
+++ b/webroot/admin/pi-mgmt.php
@@ -4,10 +4,10 @@
use UnityWebPortal\lib\UnityUser;
use UnityWebPortal\lib\UnityGroup;
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
if (!$USER->isAdmin()) {
- UnitySite::forbidden("not an admin");
+ UnityHTTPD::forbidden("not an admin");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
diff --git a/webroot/admin/user-mgmt.php b/webroot/admin/user-mgmt.php
index 0ef5694d..7df16e5c 100644
--- a/webroot/admin/user-mgmt.php
+++ b/webroot/admin/user-mgmt.php
@@ -2,17 +2,17 @@
require_once __DIR__ . "/../../resources/autoload.php";
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
if (!$USER->isAdmin()) {
- UnitySite::forbidden("not an admin");
+ UnityHTTPD::forbidden("not an admin");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
switch ($_POST["form_type"]) {
case "viewAsUser":
$_SESSION["viewUser"] = $_POST["uid"];
- UnitySite::redirect(CONFIG["site"]["prefix"] . "/panel/account.php");
+ UnityHTTPD::redirect(CONFIG["site"]["prefix"] . "/panel/account.php");
break;
}
}
diff --git a/webroot/api/content/index.php b/webroot/api/content/index.php
index 45ee79ec..c62701e5 100644
--- a/webroot/api/content/index.php
+++ b/webroot/api/content/index.php
@@ -1,6 +1,6 @@
getPage($_GET["content_name"])["content"];
diff --git a/webroot/js/ajax/ssh_validate.php b/webroot/js/ajax/ssh_validate.php
index b80bbe60..cde6a4d1 100644
--- a/webroot/js/ajax/ssh_validate.php
+++ b/webroot/js/ajax/ssh_validate.php
@@ -1,6 +1,5 @@
getPIGroupGIDs()) > 0;
if ($_SERVER['REQUEST_METHOD'] == "POST") {
- switch (UnitySite::getPostData("form_type")) {
+ switch (UnityHTTPD::getPostData("form_type")) {
case "addKey":
$keys = array();
- switch (UnitySite::getPostData("add_type")) {
+ switch (UnityHTTPD::getPostData("add_type")) {
case "paste":
- array_push($keys, UnitySite::getPostData("key"));
+ array_push($keys, UnityHTTPD::getPostData("key"));
break;
case "import":
- $key = UnitySite::getUploadedFileContents("keyfile");
+ $key = UnityHTTPD::getUploadedFileContents("keyfile");
array_push($keys, $key);
break;
case "generate":
- array_push($keys, UnitySite::getPostData("gen_key"));
+ array_push($keys, UnityHTTPD::getPostData("gen_key"));
break;
case "github":
- $githubUsername = UnitySite::getPostData("gh_user");
+ $githubUsername = UnityHTTPD::getPostData("gh_user");
$githubKeys = $GITHUB->getSshPublicKeys($githubUsername);
$keys = array_merge($keys, $githubKeys);
break;
}
if (!empty($keys)) {
$keys = array_map("trim", $keys);
- $validKeys = array_filter(
- $keys,
- ["UnityWebPortal\lib\UnitySite", "testValidSSHKey"]
- );
+ $validKeys = array_filter($keys, "testValidSSHKey");
$USER->setSSHKeys(array_merge($USER->getSSHKeys(), $validKeys));
if (count($keys) != count($validKeys)) {
- UnitySite::alert("invalid SSH key");
+ UnityHTTPD::alert("invalid SSH key");
}
}
break;
@@ -59,13 +56,13 @@
break;
case "pi_request":
if ($USER->isPI()) {
- UnitySite::badRequest("already a PI");
+ UnityHTTPD::badRequest("already a PI");
}
if ($SQL->requestExists($USER->uid)) {
- UnitySite::badRequest("already requested to be PI");
+ UnityHTTPD::badRequest("already requested to be PI");
}
if ($USER->uid != $SSO["user"]) {
- UnitySite::badRequest(
+ UnityHTTPD::badRequest(
"cannot request due to uid mismatch: " .
"USER='{$USER->uid}' SSO[user]='{$SSO["user"]}'"
);
diff --git a/webroot/panel/ajax/get_group_members.php b/webroot/panel/ajax/get_group_members.php
index 8b8c74dd..45ff6bd3 100644
--- a/webroot/panel/ajax/get_group_members.php
+++ b/webroot/panel/ajax/get_group_members.php
@@ -3,15 +3,15 @@
require_once __DIR__ . "/../../../resources/autoload.php";
use UnityWebPortal\lib\UnityGroup;
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
if (!isset($_GET["gid"])) {
- UnitySite::badRequest("PI UID not set");
+ UnityHTTPD::badRequest("PI UID not set");
}
$group = new UnityGroup($_GET["gid"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
if (!$group->userExists($USER)) {
- UnitySite::forbidden("not a group member");
+ UnityHTTPD::forbidden("not a group member");
}
$members = $group->getGroupMembers();
$count = count($members);
diff --git a/webroot/panel/groups.php b/webroot/panel/groups.php
index 5d8ddbe0..0c7c104b 100644
--- a/webroot/panel/groups.php
+++ b/webroot/panel/groups.php
@@ -3,7 +3,7 @@
require_once __DIR__ . "/../../resources/autoload.php";
use UnityWebPortal\lib\UnityGroup;
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$modalErrors = array();
@@ -27,7 +27,7 @@
}
if ($USER->uid != $SSO["user"]) {
$sso_user = $SSO["user"];
- UnitySite::badRequest(
+ UnityHTTPD::badRequest(
"cannot request due to uid mismatch: " .
"USER='{$USER->uid}' SSO[user]='$sso_user'"
);
diff --git a/webroot/panel/modal/pi_search.php b/webroot/panel/modal/pi_search.php
index 449f18cb..be2250f8 100644
--- a/webroot/panel/modal/pi_search.php
+++ b/webroot/panel/modal/pi_search.php
@@ -2,12 +2,12 @@
require_once __DIR__ . "/../../../resources/autoload.php"; // Load required libs
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
$search_query = $_GET["search"]; // Search is passed as a get var
if (empty($search_query)) {
echo "No Results";
- UnitySite::die();
+ UnityHTTPD::die();
}
$assocs = $LDAP->getAllPIGroups($SQL, $MAILER, $REDIS, $WEBHOOK);
diff --git a/webroot/panel/new_account.php b/webroot/panel/new_account.php
index 953b93e9..34863657 100644
--- a/webroot/panel/new_account.php
+++ b/webroot/panel/new_account.php
@@ -2,12 +2,12 @@
require_once __DIR__ . "/../../resources/autoload.php";
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
use UnityWebPortal\lib\UnityGroup;
use UnityWebPortal\lib\UnitySQL;
if ($USER->exists()) {
- UnitySite::redirect(CONFIG["site"]["prefix"] . "/panel/account.php");
+ UnityHTTPD::redirect(CONFIG["site"]["prefix"] . "/panel/account.php");
}
$pending_requests = $SQL->getRequestsByUser($USER->uid);
@@ -15,18 +15,18 @@
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST["new_user_sel"])) {
if (!isset($_POST["eula"]) || $_POST["eula"] != "agree") {
- UnitySite::badRequest("user did not agree to EULA");
+ UnityHTTPD::badRequest("user did not agree to EULA");
}
if ($USER->uid != $SSO["user"]) {
$sso_user = $SSO["user"];
- UnitySite::badRequest(
+ UnityHTTPD::badRequest(
"cannot request due to uid mismatch: USER='{$USER->uid}' SSO[user]='$sso_user'"
);
}
if ($_POST["new_user_sel"] == "not_pi") {
$form_group = new UnityGroup($_POST["pi"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
if (!$form_group->exists()) {
- UnitySite::badRequest("The selected PI '" . $_POST["pi"] . "'does not exist");
+ UnityHTTPD::badRequest("The selected PI '" . $_POST["pi"] . "'does not exist");
}
$form_group->newUserRequest(
$USER,
@@ -38,7 +38,7 @@
}
if ($_POST["new_user_sel"] == "pi") {
if (!isset($_POST["confirm_pi"]) || $_POST["confirm_pi"] != "agree") {
- UnitySite::badRequest("user did not agree to account policy");
+ UnityHTTPD::badRequest("user did not agree to account policy");
}
$USER->getPIGroup()->requestGroup(
$SSO["firstname"],
diff --git a/webroot/panel/pi.php b/webroot/panel/pi.php
index a177ae0c..08531a0c 100644
--- a/webroot/panel/pi.php
+++ b/webroot/panel/pi.php
@@ -3,12 +3,12 @@
require_once __DIR__ . "/../../resources/autoload.php";
use UnityWebPortal\lib\UnityUser;
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
$group = $USER->getPIGroup();
if (!$USER->isPI()) {
- UnitySite::forbidden("not a PI");
+ UnityHTTPD::forbidden("not a PI");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
diff --git a/workers/update-ldap-cache.php b/workers/update-ldap-cache.php
index ddab6f4e..96bd02f0 100755
--- a/workers/update-ldap-cache.php
+++ b/workers/update-ldap-cache.php
@@ -9,7 +9,7 @@
use UnityWebPortal\lib\UnityLDAP;
use UnityWebPortal\lib\UnityMailer;
use UnityWebPortal\lib\UnitySQL;
-use UnityWebPortal\lib\UnitySite;
+use UnityWebPortal\lib\UnityHTTPD;
use UnityWebPortal\lib\UnitySSO;
use UnityWebPortal\lib\UnityUser;
use UnityWebPortal\lib\UnityRedis;
@@ -22,7 +22,7 @@
f: flush cache and then update
u: update cache even if already initialized
h --help: display this message\n";
- UnitySite::die();
+ UnityHTTPD::die();
}
if (array_key_exists("f", $options)) {
echo "flushing cache...\n";