Merge remote-tracking branch 'upstream/master' into mail-translations

.github/workflows/lint-and-analyse-php.yml

@@ -0,0 +1,91 @@
+name: Lint and analyse php files
+
+# If a pull-request is pushed then cancel all previously running jobs related
+# to that pull-request
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
+  cancel-in-progress: true
+
+on:
+  # push:
+  pull_request:
+    types: [opened, synchronize, reopened]
+    branches:
+      - develop
+
+permissions:
+  contents: read
+
+jobs:
+  lint-php-files:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        php-version: ["8.1"]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up PHP ${{ matrix.php-version }}
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-version }}
+
+      # TODO: Enable this after resolving issues
+      # - name: Validate composer.json and composer.lock
+      #   run: composer validate --strict
+
+      - name: Install Composer dependencies
+        # Allow the previous check to fail but not abort
+        if: always()
+        uses: ramsey/composer-install@v2
+        with:
+          # Ignore zip for php-webdriver/webdriver
+          composer-options: "--ignore-platform-req=ext-zip"
+
+      # TODO: Enable this after resolving issues
+      # - name: Cache coding-standard
+      #   # Allow the previous check to fail but not abort
+      #   if: always()
+      #   uses: actions/cache@v4
+      #   with:
+      #     path: .phpcs-cache
+      #     key: phpcs-cache
+
+      - name: Lint PHP files
+        # Allow the previous check to fail but not abort
+        if: always()
+        run: ./ci/ci-phplint
+
+      # TODO: Enable this after resolving issues
+      # - name: Check coding-standard
+      #   # Allow the previous check to fail but not abort
+      #   if: always()
+      #   run: composer phpcs
+
+# TODO: Enable this after resolving issues
+#  analyse-php:
+#    runs-on: ubuntu-latest
+#    strategy:
+#      matrix:
+#        php-version: ["8.1"]
+#    steps:
+#      - name: Checkout code
+#        uses: actions/checkout@v4
+#
+#      - name: Set up PHP ${{ matrix.php-version }}
+#        uses: shivammathur/setup-php@v2
+#        with:
+#          php-version: ${{ matrix.php-version }}
+#          extensions: mbstring, iconv, mysqli, zip, gd, bz2
+#
+#      - name: Install Composer dependencies
+#        uses: ramsey/composer-install@v2
+#
+#      - name: Analyse files with PHPStan
+#        run: composer phpstan -- --memory-limit 2G
+#
+#      - name: Analyse files with Psalm
+#        # Allow the previous check to fail but not abort
+#        if: always()
+#        run: composer psalm -- --shepherd

.htaccess

@@ -5,10 +5,8 @@ RewriteEngine On
 #RewriteCond %{HTTPS} off
 #RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
 
-RewriteRule ^Web - [L,NC]
-#RewriteCond %{REQUEST_FILENAME} !-d
-#RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^(.*)$ Web/$1 [QSA,L]
+RewriteCond %{REQUEST_URI} !^/Web/
+RewriteRule ^(.*)$ /Web/$1 [R]
 
 #Header Set Access-Control-Allow-Origin "*"
 #Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"

Controls/CaptchaControl.php

@@ -1,6 +1,6 @@
 <?php
 
-if (file_exists(ROOT_DIR . 'vendor/autoload.php')) { 
+if (file_exists(ROOT_DIR . 'vendor/autoload.php')) {
     require_once ROOT_DIR . 'vendor/autoload.php';
 }
 
@@ -29,11 +29,24 @@ private function showRecaptcha()
 
         $publicKey = Configuration::Instance()->GetSectionKey(ConfigSection::RECAPTCHA, ConfigKeys::RECAPTCHA_PUBLIC_KEY);
 
-        $response = '<script src="https://www.google.com/recaptcha/api.js?render=' . $publicKey . '"></script>';
-        $response .= '<input type="hidden" name="g-recaptcha-response" value="" id="g-recaptcha-response">';
-        $response .= '<script> grecaptcha.ready(function () { grecaptcha.execute(\''. $publicKey .'\', { action: \'submit\' }).then(function (token) { var captcha = document.getElementById(\'g-recaptcha-response\'); captcha.value = token;})}); </script>';
-
-        echo $response;
+        echo <<<ReCaptcha
+        <script src="https://www.google.com/recaptcha/api.js?onload=ReCaptchaCallbackV3&render=$publicKey"></script>
+        <input type="hidden" name="g-recaptcha-response" value="" id="g-recaptcha-response">
+        <script>
+            var ReCaptchaCallbackV3 = function()
+            {
+                grecaptcha.ready(function ()
+                {
+                    grecaptcha.public_key = '$publicKey';
+                    grecaptcha.execute(grecaptcha.public_key, { action: 'submit' }).then(function (token)
+                       {
+                           var captcha = document.getElementById('g-recaptcha-response');
+                           captcha.value = token;
+                       })
+                });
+            };
+        </script>
+        ReCaptcha;
     }
 
     private function showCaptcha()

Domain/Access/IResourceRepository.php

@@ -49,6 +49,21 @@ public function Delete(BookableResource $resource);
      */
     public function GetResourceList();
 
+    /**
+     * @return array|$resourceIds[] array of all resource IDs
+     */
+    public function GetResourceIdList(): array;
+
+    /**
+     * @return array|BookableResource[] array of user accessible resources
+     */
+    public function GetUserResourceList();
+
+    /**
+     * @return array|$resourceIds[] array of user accessible resources IDs
+     */
+    public function GetUserResourceIdList();
+
     /**
      * @param int $pageNumber
      * @param int $pageSize
@@ -95,7 +110,7 @@ public function GetUserResourcePermissions($userId, $resourceIds = []);
      * @param array $resourceIds
      */
     public function GetUserGroupResourcePermissions($userId, $resourceIds = []);
-    
+
     /**
      * @param int $userId
      * @param array $resourceIds

Domain/Access/ResourceRepository.php

@@ -49,6 +49,9 @@ public function GetScheduleResources($scheduleId)
         return $resources;
     }
 
+    /**
+     * Gets all the resources
+     */
     public function GetResourceList()
     {
         $resources = [];
@@ -63,6 +66,73 @@ public function GetResourceList()
         return $resources;
     }
 
+    /**
+     * Gets the resource IDs for all the resources
+     */
+    public function GetResourceIdList(): array {
+        $resourceIds = [];
+        $reader = ServiceLocator::GetDatabase()->Query(new GetAllResourcesCommand());
+        while ($row = $reader->GetRow()) {
+            $resourceId = $row[ColumnNames::RESOURCE_ID];
+
+            if (!array_key_exists($resourceId, $resourceIds)) {
+                $resourceIds[$resourceId] = $resourceId;
+            }
+        }
+        $reader->Free();
+        return $resourceIds;
+    }
+
+    /**
+     * Gets, for the logged in user, the resources that the user and the user groups
+     * have permissions to. Admin user will return all resources.
+     */
+    public function GetUserResourceList()
+    {
+        $userSession = ServiceLocator::GetUserSession();
+        if (is_null($userSession)) {
+            return [];
+        }
+        if ($userSession->IsAdmin){
+            return $this->GetResourceList();
+        }
+        $resourceIds = $this->GetUserResourceIdList();
+        $resources = [];
+        foreach($resourceIds as $resourceId){
+            $resource = $this->LoadById($resourceId);
+            if($resource->GetStatusId() != ResourceStatus::HIDDEN){
+                $resources[$resourceId] = $resource;
+            }
+        }
+        return $resources;
+    }
+
+    /**
+     * Gets the resource IDs that the logged in user has permissions (full access and view only permissions)
+     * This is used to block a user from seeing a resource if they don't have permissions to it.
+     */
+    public function GetUserResourceIdList() {
+        $userSession = ServiceLocator::GetUserSession();
+        if (is_null($userSession)) {
+            return [];
+        }
+        if ($userSession->IsAdmin){
+            return $this->GetResourceIdList();
+        }
+        $resourceIds = $this->GetUserResourcePermissions(userId: $userSession->UserId);
+        $resourceIds = $this->GetUserGroupResourcePermissions(userId: $userSession->UserId, resourceIds: $resourceIds);
+
+
+        if ($userSession->IsResourceAdmin){
+            $resourceIds = $this->GetResourceAdminResourceIds(userId: $userSession->UserId, resourceIds: $resourceIds);
+        }
+
+        if ($userSession->IsScheduleAdmin){
+            $resourceIds = $this->GetScheduleAdminResourceIds(userId: $userSession->UserId, resourceIds: $resourceIds);
+        }
+        return $resourceIds;
+    }
+
     public function GetResourceGroupsList()
     {
         $reader = ServiceLocator::GetDatabase()->Query(new GetAllResourceGroupsCommand());
@@ -388,9 +458,9 @@ public function GetUserResourcePermissions($userId, $resourceIds = []){
 
             if (!array_key_exists($resourceId, $resourceIds)) {
                 $resourceIds[$resourceId] = $resourceId;
-            }         
+            }
         }
-        
+
         $reader->Free();
 
         return $resourceIds;
@@ -408,7 +478,7 @@ public function GetUserGroupResourcePermissions($userId, $resourceIds = []){
 
             if (!array_key_exists($resourceId, $resourceIds)) {
                 $resourceIds[$resourceId] = $resourceId;
-            } 
+            }
         }
         $reader->Free();
 
@@ -419,8 +489,11 @@ public function GetUserGroupResourcePermissions($userId, $resourceIds = []){
      * Gets the resource ids that are under the responsability of the given resource user groups
      */
     public function GetResourceAdminResourceIds($userId, $resourceIds = []){
-
-        if (ServiceLocator::GetServer()->GetUserSession()->IsResourceAdmin){    
+        $userSession = ServiceLocator::GetUserSession();
+        if (is_null($userSession)) {
+            return $resourceIds;
+        }
+        if ($userSession->IsResourceAdmin){
             $command = new GetResourceAdminResourcesCommand($userId);
             $reader = ServiceLocator::GetDatabase()->Query($command);
 
@@ -429,7 +502,7 @@ public function GetResourceAdminResourceIds($userId, $resourceIds = []){
 
                 if (!array_key_exists($resourceId, $resourceIds)) {
                     $resourceIds[$resourceId] = $resourceId;
-                } 
+                }
             }
             $reader->Free();
         }
@@ -440,8 +513,11 @@ public function GetResourceAdminResourceIds($userId, $resourceIds = []){
      * Gets the resource ids that are under the responsability of the given schedule user groups
      */
     public function GetScheduleAdminResourceIds($userId, $resourceIds = []){
-
-        if (ServiceLocator::GetServer()->GetUserSession()->IsScheduleAdmin){
+        $userSession = ServiceLocator::GetUserSession();
+        if (is_null($userSession)) {
+            return $resourceIds;
+        }
+        if ($userSession->IsScheduleAdmin){
             $command = new GetScheduleAdminResourcesCommand($userId);
             $reader = ServiceLocator::GetDatabase()->Query($command);
 
@@ -450,7 +526,7 @@ public function GetScheduleAdminResourceIds($userId, $resourceIds = []){
 
                 if (!array_key_exists($resourceId, $resourceIds)) {
                     $resourceIds[$resourceId] = $resourceId;
-                } 
+                }
             }
             $reader->Free();
         }

Domain/BookableResource.php

@@ -582,7 +582,10 @@ public function __construct(
         $scheduleId = null,
         $adminGroupId = null,
         $minNoticeUpdate = null,
-        $minNoticeDelete = null
+        $minNoticeDelete = null,
+        $bufferTime = null,
+        $groupIds = null,
+        $resourceTypeId = null,
     ) {
         $this->SetResourceId($resourceId);
         $this->SetName($name);
@@ -602,6 +605,9 @@ public function __construct(
         $this->SetMaxNotice($maxNotice);
         $this->SetScheduleId($scheduleId);
         $this->SetAdminGroupId($adminGroupId);
+        $this->SetBufferTime($bufferTime);
+        $this->SetResourceGroupIds($groupIds ?? []);
+        $this->SetResourceTypeId($resourceTypeId);
     }
 
     /**