mirror of
https://github.com/phpbb/phpbb.git
synced 2025-03-14 04:30:29 +01:00
[ticket/16524] Remove u_emoji permission checks
PHPBB3-16524
This commit is contained in:
parent
b1c6b3bc94
commit
befab4f3c1
@ -82,7 +82,6 @@ services:
|
||||
profilefields.type.string:
|
||||
class: phpbb\profilefields\type\type_string
|
||||
arguments:
|
||||
- '@auth'
|
||||
- '@request'
|
||||
- '@template'
|
||||
- '@user'
|
||||
@ -92,7 +91,6 @@ services:
|
||||
profilefields.type.text:
|
||||
class: phpbb\profilefields\type\type_text
|
||||
arguments:
|
||||
- '@auth'
|
||||
- '@request'
|
||||
- '@template'
|
||||
- '@user'
|
||||
@ -102,7 +100,6 @@ services:
|
||||
profilefields.type.url:
|
||||
class: phpbb\profilefields\type\type_url
|
||||
arguments:
|
||||
- '@auth'
|
||||
- '@request'
|
||||
- '@template'
|
||||
- '@user'
|
||||
|
@ -79,7 +79,7 @@ $lang = array_merge($lang, array(
|
||||
'ACL_U_SAVEDRAFTS' => 'Can save drafts',
|
||||
'ACL_U_CHGCENSORS' => 'Can disable word censors',
|
||||
'ACL_U_SIG' => 'Can use signature',
|
||||
'ACL_U_EMOJI' => 'Can use emoji and rich text characters in topic title<br><em>This setting also affects profile fields.</em>',
|
||||
'ACL_U_EMOJI' => 'Can use emoji and rich text characters in topic title',
|
||||
|
||||
'ACL_U_SENDPM' => 'Can send private messages',
|
||||
'ACL_U_MASSPM' => 'Can send private messages to multiple users',
|
||||
|
@ -256,14 +256,10 @@ class manager
|
||||
$cp_data['pf_' . $row['field_ident']] = $profile_field->get_profile_field($row);
|
||||
|
||||
/**
|
||||
* Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL with UCR/NCR
|
||||
* using their Numeric Character Reference's Hexadecimal notation.
|
||||
* Check the permissions for using Emojis first.
|
||||
* Replace Emoji and other 4bit UTF-8 chars not allowed by MySQL
|
||||
* with their Numeric Character Reference's Hexadecimal notation.
|
||||
*/
|
||||
if ($this->auth->acl_get('u_emoji'))
|
||||
{
|
||||
$cp_data['pf_' . $row['field_ident']] = utf8_encode_ucr($cp_data['pf_' . $row['field_ident']]);
|
||||
}
|
||||
$cp_data['pf_' . $row['field_ident']] = utf8_encode_ucr($cp_data['pf_' . $row['field_ident']]);
|
||||
|
||||
$check_value = $cp_data['pf_' . $row['field_ident']];
|
||||
|
||||
|
@ -15,12 +15,6 @@ namespace phpbb\profilefields\type;
|
||||
|
||||
class type_string extends type_string_common
|
||||
{
|
||||
/**
|
||||
* Auth object
|
||||
* @var \phpbb\auth\auth
|
||||
*/
|
||||
protected $auth;
|
||||
|
||||
/**
|
||||
* Request object
|
||||
* @var \phpbb\request\request
|
||||
@ -42,14 +36,12 @@ class type_string extends type_string_common
|
||||
/**
|
||||
* Construct
|
||||
*
|
||||
* @param \phpbb\auth\auth $auth Auth object
|
||||
* @param \phpbb\request\request $request Request object
|
||||
* @param \phpbb\template\template $template Template object
|
||||
* @param \phpbb\user $user User object
|
||||
*/
|
||||
public function __construct(\phpbb\auth\auth $auth, \phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
|
||||
public function __construct(\phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
|
||||
{
|
||||
$this->auth = $auth;
|
||||
$this->request = $request;
|
||||
$this->template = $template;
|
||||
$this->user = $user;
|
||||
@ -107,17 +99,6 @@ class type_string extends type_string_common
|
||||
*/
|
||||
public function validate_profile_field(&$field_value, $field_data)
|
||||
{
|
||||
/**
|
||||
* Check for out-of-bounds characters that are currently
|
||||
* not supported by utf8_bin in MySQL if Emoji are not allowed
|
||||
*/
|
||||
if (!$this->auth->acl_get('u_emoji'))
|
||||
{
|
||||
if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $field_value))
|
||||
{
|
||||
return $this->user->lang('FIELD_INVALID_CHARS_INVALID', $this->get_field_name($field_data['lang_name']));
|
||||
}
|
||||
}
|
||||
return $this->validate_string_profile_field('string', $field_value, $field_data);
|
||||
}
|
||||
|
||||
|
@ -15,12 +15,6 @@ namespace phpbb\profilefields\type;
|
||||
|
||||
class type_text extends type_string_common
|
||||
{
|
||||
/**
|
||||
* Auth object
|
||||
* @var \phpbb\auth\auth
|
||||
*/
|
||||
protected $auth;
|
||||
|
||||
/**
|
||||
* Request object
|
||||
* @var \phpbb\request\request
|
||||
@ -42,14 +36,12 @@ class type_text extends type_string_common
|
||||
/**
|
||||
* Construct
|
||||
*
|
||||
* @param \phpbb\auth\auth $auth Auth object
|
||||
* @param \phpbb\request\request $request Request object
|
||||
* @param \phpbb\template\template $template Template object
|
||||
* @param \phpbb\user $user User object
|
||||
*/
|
||||
public function __construct(\phpbb\auth\auth $auth, \phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
|
||||
public function __construct(\phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
|
||||
{
|
||||
$this->auth = $auth;
|
||||
$this->request = $request;
|
||||
$this->template = $template;
|
||||
$this->user = $user;
|
||||
@ -107,17 +99,6 @@ class type_text extends type_string_common
|
||||
*/
|
||||
public function validate_profile_field(&$field_value, $field_data)
|
||||
{
|
||||
/**
|
||||
* Check for out-of-bounds characters that are currently
|
||||
* not supported by utf8_bin in MySQL if Emoji are not allowed
|
||||
*/
|
||||
if (!$this->auth->acl_get('u_emoji'))
|
||||
{
|
||||
if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $field_value))
|
||||
{
|
||||
return $this->user->lang('FIELD_INVALID_CHARS_INVALID', $this->get_field_name($field_data['lang_name']));
|
||||
}
|
||||
}
|
||||
return $this->validate_string_profile_field('text', $field_value, $field_data);
|
||||
}
|
||||
|
||||
|
@ -47,7 +47,7 @@ class phpbb_functional_ucp_profile_test extends phpbb_functional_test_case
|
||||
$this->assertEquals('phpbb.youtube', $form->get('pf_phpbb_youtube')->getValue());
|
||||
}
|
||||
|
||||
public function test_submitting_emoji_allowed()
|
||||
public function test_submitting_emoji()
|
||||
{
|
||||
$this->add_lang('ucp');
|
||||
$this->login();
|
||||
@ -65,70 +65,4 @@ class phpbb_functional_ucp_profile_test extends phpbb_functional_test_case
|
||||
$form = $crawler->selectButton('Submit')->form();
|
||||
$this->assertEquals('😁', $form->get('pf_phpbb_location')->getValue());
|
||||
}
|
||||
|
||||
public function test_submitting_emoji_disallowed()
|
||||
{
|
||||
$this->add_lang(['ucp', 'acp/permissions']);
|
||||
$this->login();
|
||||
$this->admin_login();
|
||||
|
||||
// Group global permissions
|
||||
$crawler = self::request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_group_global&sid=' . $this->sid);
|
||||
$this->assertContainsLang('ACP_GROUPS_PERMISSIONS_EXPLAIN', $this->get_content());
|
||||
|
||||
// Select Registered users group
|
||||
$form = $crawler->selectButton($this->lang('SUBMIT'))->form(['group_id' => [2]]);
|
||||
$crawler = self::submit($form);
|
||||
$this->assertContainsLang('ACL_SET', $crawler->filter('h1')->eq(1)->text());
|
||||
|
||||
// Globals for \phpbb\auth\auth
|
||||
global $db, $cache;
|
||||
$db = $this->get_db();
|
||||
$cache = new phpbb_mock_null_cache;
|
||||
|
||||
$auth = new \phpbb\auth\auth;
|
||||
// Hardcoded user_id
|
||||
$user_data = $auth->obtain_user_data(2);
|
||||
$auth->acl($user_data);
|
||||
$this->assertEquals(1, $auth->acl_get('u_emoji'));
|
||||
|
||||
// Set u_emoji to never
|
||||
$form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(['setting[2][0][u_emoji]' => '0']);
|
||||
$crawler = self::submit($form);
|
||||
$this->assertContainsLang('AUTH_UPDATED', $crawler->text());
|
||||
|
||||
// check acl again
|
||||
$auth = new \phpbb\auth\auth;
|
||||
$user_data = $auth->obtain_user_data(2);
|
||||
$auth->acl($user_data);
|
||||
$this->assertEquals(0, $auth->acl_get('u_emoji'));
|
||||
|
||||
$crawler = self::request('GET', 'ucp.php?i=ucp_profile&mode=profile_info');
|
||||
$this->assertContainsLang('UCP_PROFILE_PROFILE_INFO', $crawler->filter('#cp-main h2')->text());
|
||||
|
||||
$form = $crawler->selectButton('Submit')->form([
|
||||
'pf_phpbb_location' => '😁', // grinning face with smiling eyes Emoji
|
||||
]);
|
||||
|
||||
$crawler = self::submit($form);
|
||||
$this->assertContains('The field “Location” has invalid characters.', $crawler->filter('p[class="error"]')->text());
|
||||
|
||||
// Set u_emoji back to Yes
|
||||
$crawler = self::request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_group_global&sid=' . $this->sid);
|
||||
$this->assertContainsLang('ACP_GROUPS_PERMISSIONS_EXPLAIN', $this->get_content());
|
||||
// Select Registered users group
|
||||
$form = $crawler->selectButton($this->lang('SUBMIT'))->form(['group_id' => [2]]);
|
||||
$crawler = self::submit($form);
|
||||
$this->assertContainsLang('ACL_SET', $crawler->filter('h1')->eq(1)->text());
|
||||
// Set u_emoji to never
|
||||
$form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(["setting[2][0][u_emoji]" => '1']);
|
||||
$crawler = self::submit($form);
|
||||
$this->assertContainsLang('AUTH_UPDATED', $crawler->text());
|
||||
|
||||
// check acl again
|
||||
$auth = new \phpbb\auth\auth;
|
||||
$user_data = $auth->obtain_user_data(2);
|
||||
$auth->acl($user_data);
|
||||
$this->assertEquals(1, $auth->acl_get('u_emoji'));
|
||||
}
|
||||
}
|
||||
|
@ -26,7 +26,6 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case
|
||||
{
|
||||
global $config, $request, $user, $cache, $phpbb_root_path, $phpEx;
|
||||
|
||||
$auth = new \phpbb\auth\auth();
|
||||
$user = $this->getMock('\phpbb\user', array(), array(
|
||||
new \phpbb\language\language(new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx)),
|
||||
'\phpbb\datetime'
|
||||
@ -41,7 +40,6 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case
|
||||
$template = $this->getMock('\phpbb\template\template');
|
||||
|
||||
$this->cp = new \phpbb\profilefields\type\type_string(
|
||||
$auth,
|
||||
$request,
|
||||
$template,
|
||||
$user
|
||||
|
@ -30,7 +30,6 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
|
||||
{
|
||||
global $config, $request, $user, $cache, $phpbb_root_path, $phpEx;
|
||||
|
||||
$auth = new \phpbb\auth\auth();
|
||||
$config = new \phpbb\config\config([]);
|
||||
$cache = new phpbb_mock_cache;
|
||||
$user = $this->getMock('\phpbb\user', array(), array(
|
||||
@ -45,7 +44,6 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
|
||||
$template = $this->getMock('\phpbb\template\template');
|
||||
|
||||
$this->cp = new \phpbb\profilefields\type\type_url(
|
||||
$auth,
|
||||
$request,
|
||||
$template,
|
||||
$user
|
||||
|
Loading…
x
Reference in New Issue
Block a user