Merge remote-tracking branch 'EXreaction/ticket/12006' into develop

* EXreaction/ticket/12006:
  [ticket/12006] global $phpbb_dispatcher;
  [ticket/12006] Missing a space
  [ticket/12006] Add module_auth event
  [ticket/12006] Test for ext module auth
  [ticket/12006] Add extension enabled check token to module auth
  [ticket/12006] Cleanup the module auth function token replacement code

phpBB/includes/functions_module.php

@@ -334,7 +334,7 @@ class p_master
 	static function module_auth($module_auth, $forum_id)
 	{
 		global $auth, $config;
-		global $request;
+		global $request, $phpbb_extension_manager, $phpbb_dispatcher;
 
 		$module_auth = trim($module_auth);
 
@@ -351,6 +351,30 @@ class p_master
 			[(),]                                  |
 			[^\s(),]+)/x', $module_auth, $match);
 
+		// Valid tokens for auth and their replacements
+		$valid_tokens = array(
+			'acl_([a-z0-9_]+)(,\$id)?'		=> '(int) $auth->acl_get(\'\\1\'\\2)',
+			'\$id'							=> '(int) $forum_id',
+			'aclf_([a-z0-9_]+)'				=> '(int) $auth->acl_getf_global(\'\\1\')',
+			'cfg_([a-z0-9_]+)'				=> '(int) $config[\'\\1\']',
+			'request_([a-zA-Z0-9_]+)'		=> '$request->variable(\'\\1\', false)',
+			'ext_([a-zA-Z0-9_/]+)'			=> 'array_key_exists(\'\\1\', $phpbb_extension_manager->all_enabled())',
+		);
+
+		/**
+		* Alter tokens for module authorisation check
+		*
+		* @event core.module_auth
+		* @var	array	valid_tokens		Valid tokens and their auth check
+		*									replacements
+		* @var	string	module_auth			The module_auth of the current
+		* 									module
+		* @var	int		forum_id			The current forum_id
+		* @since 3.1-A3
+		*/
+		$vars = array('valid_tokens', 'module_auth', 'forum_id');
+		extract($phpbb_dispatcher->trigger_event('core.module_auth', compact($vars)));
+
 		$tokens = $match[0];
 		for ($i = 0, $size = sizeof($tokens); $i < $size; $i++)
 		{
@@ -366,7 +390,7 @@ class p_master
 				break;
 
 				default:
-					if (!preg_match('#(?:acl_([a-z0-9_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z0-9_]+))|(?:cfg_([a-z0-9_]+))|(?:request_([a-zA-Z0-9_]+))#', $token))
+					if (!preg_match('#(?:' . implode(array_keys($valid_tokens), ')|(?:') . ')#', $token))
 					{
 						$token = '';
 					}
@@ -379,8 +403,17 @@ class p_master
 		// Make sure $id separation is working fine
 		$module_auth = str_replace(' , ', ',', $module_auth);
 
+		$module_auth = preg_replace(
+			// Array keys with # prepended/appended
+			array_map(function($value) {
+				return '#' . $value . '#';
+			}, array_keys($valid_tokens)),
+			array_values($valid_tokens),
+			$module_auth
+		);
+
 		$is_auth = false;
-		eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '$request->variable(\'\\1\', false)'), $module_auth) . ');');
+		eval('$is_auth = (int) (' .	$module_auth . ');');
 
 		return $is_auth;
 	}

tests/extension/ext/vendor2/foo/acp/a_info.php

@@ -11,7 +11,7 @@ class a_info
 			'title'		=> 'Foobar',
 			'version'	=> '3.1.0-dev',
 			'modes'		=> array(
-				'config'		=> array('title' => 'Config',	'auth' => '', 'cat' => array('ACP_MODS')),
+				'config'		=> array('title' => 'Config',	'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
 			),
 		);
 	}

tests/extension/modules_test.php

@@ -12,6 +12,7 @@ require_once dirname(__FILE__) . '/ext/vendor2/foo/mcp/a_info.php';
 require_once dirname(__FILE__) . '/ext/vendor2/foo/acp/fail_info.php';
 require_once dirname(__FILE__) . '/ext/vendor2/bar/acp/a_info.php';
 require_once dirname(__FILE__) . '/../../phpBB/includes/acp/acp_modules.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_module.php';
 
 class phpbb_extension_modules_test extends phpbb_test_case
 {
@@ -59,7 +60,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
 					'title'		=> 'Foobar',
 					'version'	=> '3.1.0-dev',
 					'modes'		=> array(
-						'config'		=> array('title' => 'Config',	'auth' => '', 'cat' => array('ACP_MODS')),
+						'config'		=> array('title' => 'Config',	'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
 					),
 				),
 				'acp_foobar' => array(
@@ -133,7 +134,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
 					'title' => 'Foobar',
 					'version' => '3.1.0-dev',
 					'modes' => array (
-						'config'		=> array ('title' => 'Config', 'auth' => '', 'cat' => array ('ACP_MODS')),
+						'config'		=> array ('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array ('ACP_MODS')),
 					),
 				),
 			), $acp_modules);
@@ -157,7 +158,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
 					'title'		=> 'Foobar',
 					'version'	=> '3.1.0-dev',
 					'modes'		=> array(
-						'config'		=> array('title' => 'Config',	'auth' => '', 'cat' => array('ACP_MODS')),
+						'config'		=> array('title' => 'Config',	'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
 					),
 				),
 				'acp_foobar' => array(
@@ -191,4 +192,41 @@ class phpbb_extension_modules_test extends phpbb_test_case
 				)
 			), $acp_modules);
 	}
+
+	public function module_auth_test_data()
+	{
+		return array(
+			// module_auth, expected result
+			array('ext_foo', false),
+			array('ext_foo/bar', false),
+			array('ext_vendor3/bar', false),
+			array('ext_vendor2/foo', true),
+		);
+	}
+
+	/**
+	* @dataProvider module_auth_test_data
+	*/
+	public function test_modules_auth($module_auth, $expected)
+	{
+		global $phpbb_extension_manager;
+
+		$phpbb_extension_manager = $this->extension_manager = new phpbb_mock_extension_manager(
+			dirname(__FILE__) . '/',
+			array(
+				'vendor2/foo' => array(
+					'ext_name' => 'vendor2/foo',
+					'ext_active' => '1',
+					'ext_path' => 'ext/vendor2/foo/',
+				),
+				'vendor3/bar' => array(
+					'ext_name' => 'vendor3/bar',
+					'ext_active' => '0',
+					'ext_path' => 'ext/vendor3/bar/',
+				),
+			)
+		);
+
+		$this->assertEquals($expected, p_master::module_auth($module_auth, 0));
+	}
 }