openrat-cms

OpenRat Content Management System
git clone http://git.code.weiherhei.de/openrat-cms.git
Log | Files | Refs | README
commit bb23115d57e63d621d964cb88cc1d1ecc03dd8bf
parent 18051f7ab8eb163821b3dfde1f5825631606389e
Author: Jan Dankert <develop@jandankert.de>
Date:   Sun, 25 Oct 2020 02:51:56 +0200

Using the object-based configuration.

Diffstat:

Mmodules/cms/Dispatcher.class.php | 22++++++++++++----------


Mmodules/cms/action/UserAction.class.php | 22+++++++++++-----------


Mmodules/cms/auth/InternalAuth.class.php | 8+++-----


Mmodules/cms/base/Configuration.class.php | 2+-


Mmodules/configuration/Config.class.php | 19+++++++++++++------


5 files changed, 40 insertions(+), 33 deletions(-)

diff --git a/modules/cms/Dispatcher.class.php b/modules/cms/Dispatcher.class.php
@@ -161,7 +161,9 @@ class Dispatcher
 
     private function checkPostToken()
     {
-        if (Configuration::config('security', 'use_post_token') && $this->request->isAction && $this->request->getToken() != Session::token()) {
+        if ( Configuration::subset('security')->is('use_post_token',true) &&
+			 $this->request->isAction &&
+			 $this->request->getToken() != Session::token() ) {
             Logger::error('Token mismatch: Needed ' . Session::token() . ' but got ' . Logger::sanitizeInput($this->request->getToken()) . '. Maybe an attacker?');
             throw new SecurityException("Token mismatch");
         }
@@ -173,21 +175,21 @@ class Dispatcher
     private function initializeLogger()
     {
 
-        $logConfig = Configuration::config('log');
+        $logConfig = Configuration::subset('log');
 
-        $logFile = $logConfig['file'];
+        $logFile = $logConfig->get('file','');
 
         // Wenn Logfile relativ angegeben wurde, dann muss dies relativ zum Root der Anwendung sein.
-        if   ( !empty($logFile) && $logFile[0] != '/' )
+        if   ( $logFile && $logFile[0] != '/' )
             $logFile = __DIR__ . '/../../' . $logFile;
 
-        Logger::$messageFormat = $logConfig['format'];
+        Logger::$messageFormat = $logConfig->get('format',['time','level','host','text']);
         Logger::$filename   = $logFile;
-        Logger::$dateFormat = $logConfig['date_format'];
-        Logger::$nsLookup   = $logConfig['ns_lookup'];
+        Logger::$dateFormat = $logConfig->get('date_format','r');
+        Logger::$nsLookup   = $logConfig->is('ns_lookup',false);
 
-		Logger::$outputType = (int) @constant('\\logger\\Logger::OUTPUT_' . strtoupper($logConfig['output']));
-		Logger::$level      = (int) @constant('\\logger\\Logger::LEVEL_'  . strtoupper($logConfig['level' ]));
+		Logger::$outputType = (int) @constant('\\logger\\Logger::OUTPUT_' . strtoupper($logConfig->get('output','PLAIN')));
+		Logger::$level      = (int) @constant('\\logger\\Logger::LEVEL_'  . strtoupper($logConfig->get('level' ,'WARN' )));
 
         Logger::$messageCallback = function ( $key ) {
 
@@ -357,7 +359,7 @@ class Dispatcher
 
             $dbids = array_keys( $databases );
 
-            $defaultDbId = Configuration::config('database-default','default-id');
+            $defaultDbId = Configuration::subset('database-default')->get('default-id' );
 
             if  ( $defaultDbId && in_array($defaultDbId,$dbids) )
                 // Default-Datenbankverbindung ist konfiguriert und vorhanden.
diff --git a/modules/cms/action/UserAction.class.php b/modules/cms/action/UserAction.class.php
@@ -2,6 +2,7 @@
 
 namespace cms\action;
 
+use cms\base\Configuration;
 use cms\model\Acl;
 use cms\model\User;
 use cms\model\Project;
@@ -160,31 +161,30 @@ class UserAction extends BaseAction
 
 
 	/**
-	 * Aendern des Kennwortes
+	 * Change password for user.
 	 */
 	public function pwPost()
 	{
-		$conf = \cms\base\Configuration::rawConfig();
-
 		$password = $this->getRequestVar('password');
 
 		if   ( !$password )
 			$password = $this->getRequestVar('password_proposal');
 
-		if ( strlen($password) < intval($conf['security']['password']['min_length']) )
-			throw new ValidationException('password' );
+		if ( strlen($password) < Configuration::subset(['security','password'])->get('min_length',8) )
+			throw new ValidationException('password',Messages::PASSWORD_MINLENGTH );
 
-		// Kennwoerter identisch und lang genug
 		$this->user->setPassword($password,!$this->hasRequestVar('timeout') ); // Kennwort setzen
 		
 		// E-Mail mit dem neuen Kennwort an Benutzer senden
-		if	( $this->hasRequestVar('email') && !empty($this->user->mail) && $conf['mail']['enabled'] )
-		{
-		    $this->mailPw( $newPassword );
-			$this->addNotice('user', 0, $this->user->name, 'MAIL_SENT', 'ok');
+		if	( $this->hasRequestVar('email') &&
+			  $this->user->mail                      && // user has an e-mail.
+			  Configuration::subset('mail')->is('enabled',true)
+			) {
+		    $this->mailPw( $password );
+			$this->addNoticeFor( $this->user, Messages::MAIL_SENT);
 		}
 
-		$this->addNotice('user', 0, $this->user->name, 'SAVED', 'ok');
+		$this->addNoticeFor($this->user, Messages::SAVED);
 
 	}
 
diff --git a/modules/cms/auth/InternalAuth.class.php b/modules/cms/auth/InternalAuth.class.php
@@ -2,6 +2,7 @@
 
 namespace cms\auth;
 
+use cms\base\Configuration;
 use cms\base\DB as Db;
 use cms\model\User;
 use LogicException;
@@ -48,7 +49,7 @@ SQL
 
 		// Behandeln von Klartext-Kennwoertern (Igittigitt).
 		if ($row_user['password_algo'] == Password::ALGO_PLAIN) {
-			if (\cms\base\Configuration::config('security', 'password', 'force_change_if_cleartext'))
+			if (Configuration::subset(['security', 'password'] )->is('force_change_if_cleartext',true))
 				// Kennwort steht in der Datenbank im Klartext.
 				// Das Kennwort muss geaendert werden
 				return Auth::STATUS_PW_EXPIRED;
@@ -62,7 +63,7 @@ SQL
 
 			// Wenn das kennwort abgelaufen ist, kann es eine bestimmte Dauer noch benutzt und geändert werden.
 			// Nach Ablauf dieser Dauer wird das Login abgelehnt.
-			if ($row_user['password_expires'] + (\cms\base\Configuration::config('security', 'deny_after_expiration_duration') * 60 * 60) < time())
+			if ($row_user['password_expires'] + (Configuration::config('security', 'deny_after_expiration_duration') * 60 * 60) < time())
 				return false; // Abgelaufenes Kennwort wird nicht mehr akzeptiert.
 			else
 				return Auth::STATUS_PW_EXPIRED; // Kennwort ist abgelaufen, kann aber noch geändert werden.
@@ -90,5 +91,3 @@ SQL
 		return null;
 	}
 }
-
-?>-
\ No newline at end of file
diff --git a/modules/cms/base/Configuration.class.php b/modules/cms/base/Configuration.class.php
@@ -57,7 +57,7 @@ class Configuration {
 
 	/**
 	 * Gives the subset with this key.
-	 * @param $key string subset key
+	 * @param $key string|array subset key
 	 * @return Config
 	 */
 	public static function subset( $key ) {
diff --git a/modules/configuration/Config.class.php b/modules/configuration/Config.class.php
@@ -47,15 +47,22 @@ class Config
 	/**
      * Giving the child configuration with a fluent interface.
      *
-     * @param $name string
+     * @param $names string|array
      * @return Config
      */
-    public function subset($name)
+    public function subset($names)
     {
-        if (isset($this->config[$name]) && is_array($this->config[$name]))
-            return new Config($this->config[$name]);
-        else
-            return new Config(array());
+    	if   ( !is_array($names) )
+    		$names = [$names];
+
+    	$config = $this->config;
+    	foreach($names as $key )
+			if (isset($this->config[$key]) && is_array($this->config[$key]))
+	    		$config = $config[$key];
+			else
+				return new Config( [] );
+
+        return new Config( $config );
     }