Unverified Commit aa161234 authored by Yassine Doghri's avatar Yassine Doghri
Browse files

style(ecs): add easy-coding-standard to enforce coding style rules for php

- update .devcontainer settings: remove auto-formatting
for php + set intelephense as default formatter
- remove prettier php plugin as it lacks php 8 support
- add captain hook action for checking style pre-commit
- fix style with ecs on all files except views
parent fb3593f8
......@@ -10,9 +10,9 @@
"terminal.integrated.defaultProfile.linux": "/bin/bash",
"editor.formatOnSave": true,
"[php]": {
"editor.defaultFormatter": "esbenp.prettier-vscode"
"editor.defaultFormatter": "bmewburn.vscode-intelephense-client",
"editor.formatOnSave": false
},
"phpSniffer.autoDetect": true,
"color-highlight.markerType": "dot-before",
"files.associations": {
"*.xml.dist": "xml",
......@@ -31,7 +31,6 @@
"jamesbirtles.svelte-vscode",
"dbaeumer.vscode-eslint",
"stylelint.vscode-stylelint",
"wongjn.php-sniffer",
"eamodio.gitlens",
"breezelin.phpstan",
"kasik96.latte"
......
<?xml version="1.0"?>
<ruleset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Castopod">
<description>Castopod Host's coding standard based on the PSR-1 standard.</description>
<!-- Include the whole PSR-1 standard -->
<rule ref="PSR1"/>
</ruleset>
\ No newline at end of file
{
"trailingComma": "es5",
"overrides": [
{
"files": "*.php",
"options": {
"phpVersion": "7.4",
"singleQuote": true
}
},
{
"files": "*.md",
"options": {
......
......@@ -7,9 +7,8 @@ use Myth\Auth\Authorization\FlatAuthorization as MythAuthFlatAuthorization;
class FlatAuthorization extends MythAuthFlatAuthorization
{
/**
* The group model to use. Usually the class noted
* below (or an extension thereof) but can be any
* compatible CodeIgniter Model.
* The group model to use. Usually the class noted below (or an extension thereof) but can be any compatible
* CodeIgniter Model.
*
* @var PermissionModel
*/
......@@ -18,19 +17,16 @@ class FlatAuthorization extends MythAuthFlatAuthorization
/**
* Checks a group to see if they have the specified permission.
*/
public function groupHasPermission(int|string $permission, int $groupId): bool
public function groupHasPermission(int | string $permission, int $groupId): bool
{
// Get the Permission ID
$permissionId = $this->getPermissionID($permission);
if (!is_numeric($permissionId)) {
if (! is_numeric($permissionId)) {
return false;
}
return $this->permissionModel->doesGroupHavePermission(
$groupId,
$permissionId,
);
return $this->permissionModel->doesGroupHavePermission($groupId, $permissionId,);
}
/**
......
......@@ -7,13 +7,10 @@ use Myth\Auth\Authorization\PermissionModel as MythAuthPermissionModel;
class PermissionModel extends MythAuthPermissionModel
{
/**
* Checks to see if a user, or one of their groups,
* has a specific permission.
* Checks to see if a user, or one of their groups, has a specific permission.
*/
public function doesGroupHavePermission(
int $groupId,
int $permissionId
): bool {
public function doesGroupHavePermission(int $groupId, int $permissionId): bool
{
// Check group permissions and take advantage of caching
$groupPerms = $this->getPermissionsForGroup($groupId);
......@@ -22,28 +19,20 @@ class PermissionModel extends MythAuthPermissionModel
}
/**
* Gets all permissions for a group in a way that can be
* easily used to check against:
* Gets all permissions for a group in a way that can be easily used to check against:
*
* [
* id => name,
* id => name
* ]
* [ id => name, id => name ]
*
* @return array<int, string>
*/
public function getPermissionsForGroup(int $groupId): array
{
$cacheName = "group{$groupId}_permissions";
if (!($found = cache($cacheName))) {
if (! ($found = cache($cacheName))) {
$groupPermissions = $this->db
->table('auth_groups_permissions')
->select('id, auth_permissions.name')
->join(
'auth_permissions',
'auth_permissions.id = permission_id',
'inner',
)
->join('auth_permissions', 'auth_permissions.id = permission_id', 'inner',)
->where('group_id', $groupId)
->get()
->getResultObject();
......@@ -53,7 +42,8 @@ class PermissionModel extends MythAuthPermissionModel
$found[$row->id] = strtolower($row->name);
}
cache()->save($cacheName, $found, 300);
cache()
->save($cacheName, $found, 300);
}
return $found;
......
<?php
/**
* The goal of this file is to allow developers a location
* where they can overwrite core procedural functions and
* replace them with their own. This file is loaded during
* the bootstrap process and is called during the frameworks
* The goal of this file is to allow developers a location where they can overwrite core procedural functions and
* replace them with their own. This file is loaded during the bootstrap process and is called during the frameworks
* execution.
*
* This can be looked at as a `master helper` file that is
* loaded early on, and may also contain additional functions
* This can be looked at as a `master helper` file that is loaded early on, and may also contain additional functions
* that you'd like to use throughout your entire application
*
* @link: https://codeigniter4.github.io/CodeIgniter4/
......
<?php namespace Config;
<?php
namespace Config;
use App\Libraries\PodcastActor;
use App\Libraries\NoteObject;
use ActivityPub\Config\ActivityPub as ActivityPubBase;
use App\Libraries\NoteObject;
use App\Libraries\PodcastActor;
class ActivityPub extends ActivityPubBase
{
......
......@@ -23,7 +23,8 @@ class Analytics extends AnalyticsBase
// set the analytics gateway behind the admin gateway.
// Only logged in users should be able to view analytics
$this->gateway = config('App')->adminGateway . '/analytics';
$this->gateway = config('App')
->adminGateway . '/analytics';
}
/**
......
......@@ -2,8 +2,8 @@
namespace Config;
use CodeIgniter\Session\Handlers\FileHandler;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Session\Handlers\FileHandler;
class App extends BaseConfig
{
......@@ -21,7 +21,6 @@ class App extends BaseConfig
* and path to your installation. However, you should always configure this
* explicitly and never rely on auto-guessing, especially in production
* environments.
*
*/
public string $baseURL = 'http://localhost:8080/';
......@@ -34,7 +33,6 @@ class App extends BaseConfig
* WITH a trailing slash:
*
* http://cdn.example.com/
*
*/
public string $mediaBaseURL = 'http://127.0.0.2:8080/';
......@@ -46,7 +44,6 @@ class App extends BaseConfig
* Typically this will be your index.php file, unless you've renamed it to
* something else. If you are using mod_rewrite to remove the page set this
* variable so that it is blank.
*
*/
public string $indexPage = '';
......@@ -64,7 +61,6 @@ class App extends BaseConfig
* 'PATH_INFO' Uses $_SERVER['PATH_INFO']
*
* WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded!
*
*/
public string $uriProtocol = 'REQUEST_URI';
......@@ -77,7 +73,6 @@ class App extends BaseConfig
* is viewing the site from. It affects the language strings and other
* strings (like currency markers, numbers, etc), that your program
* should run under for this request.
*
*/
public string $defaultLocale = 'en';
......@@ -113,7 +108,6 @@ class App extends BaseConfig
*
* The default timezone that will be used in your application to display
* dates with the date helper, and can be retrieved through app_timezone()
*
*/
public string $appTimezone = 'UTC';
......@@ -126,7 +120,6 @@ class App extends BaseConfig
* that require a character set to be provided.
*
* @see http://php.net/htmlspecialchars for a list of supported charsets.
*
*/
public string $charset = 'UTF-8';
......@@ -139,7 +132,6 @@ class App extends BaseConfig
* made via a secure connection (HTTPS). If the incoming request is not
* secure, the user will be redirected to a secure version of the page
* and the HTTP Strict Transport Security header will be set.
*
*/
public bool $forceGlobalSecureRequests = true;
......@@ -153,7 +145,6 @@ class App extends BaseConfig
* - `CodeIgniter\Session\Handlers\DatabaseHandler`
* - `CodeIgniter\Session\Handlers\MemcachedHandler`
* - `CodeIgniter\Session\Handlers\RedisHandler`
*
*/
public string $sessionDriver = FileHandler::class;
......@@ -163,7 +154,6 @@ class App extends BaseConfig
* --------------------------------------------------------------------------
*
* The session cookie name, must contain only [0-9a-z_-] characters
*
*/
public string $sessionCookieName = 'ci_session';
......@@ -174,7 +164,6 @@ class App extends BaseConfig
*
* The number of SECONDS you want the session to last.
* Setting to 0 (zero) means expire when the browser is closed.
*
*/
public int $sessionExpiration = 7200;
......@@ -192,7 +181,6 @@ class App extends BaseConfig
* Please read up the manual for the format with other session drivers.
*
* IMPORTANT: You are REQUIRED to set a valid save path!
*
*/
public string $sessionSavePath = WRITEPATH . 'session';
......@@ -205,7 +193,6 @@ class App extends BaseConfig
*
* WARNING: If you're using the database driver, don't forget to update
* your session table's PRIMARY KEY when changing this setting.
*
*/
public bool $sessionMatchIP = false;
......@@ -215,7 +202,6 @@ class App extends BaseConfig
* --------------------------------------------------------------------------
*
* How many seconds between CI regenerating the session ID.
*
*/
public int $sessionTimeToUpdate = 300;
......@@ -227,7 +213,6 @@ class App extends BaseConfig
* Whether to destroy session data associated with the old session ID
* when auto-regenerating the session ID. When set to FALSE, the data
* will be later deleted by the garbage collector.
*
*/
public bool $sessionRegenerateDestroy = false;
......@@ -238,8 +223,6 @@ class App extends BaseConfig
*
* Set a cookie name prefix if you need to avoid collisions.
*
* @var string
*
* @deprecated use Config\Cookie::$prefix property instead.
*/
public string $cookiePrefix = '';
......@@ -251,8 +234,6 @@ class App extends BaseConfig
*
* Set to `.your-domain.com` for site-wide cookies.
*
* @var string
*
* @deprecated use Config\Cookie::$domain property instead.
*/
public string $cookieDomain = '';
......@@ -264,8 +245,6 @@ class App extends BaseConfig
*
* Typically will be a forward slash.
*
* @var string
*
* @deprecated use Config\Cookie::$path property instead.
*/
public string $cookiePath = '/';
......@@ -277,8 +256,6 @@ class App extends BaseConfig
*
* Cookie will only be set if a secure HTTPS connection exists.
*
* @var bool
*
* @deprecated use Config\Cookie::$secure property instead.
*/
public bool $cookieSecure = false;
......@@ -316,8 +293,6 @@ class App extends BaseConfig
* (empty string) means default SameSite attribute set by browsers (`Lax`)
* will be set on cookies. If set to `None`, `$cookieSecure` must also be set.
*
* @var string
*
* @deprecated use Config\Cookie::$samesite property instead.
*/
public string $cookieSameSite = 'Lax';
......@@ -340,7 +315,7 @@ class App extends BaseConfig
*
* @var string|string[]
*/
public string|array $proxyIPs = '';
public string | array $proxyIPs = '';
/**
* --------------------------------------------------------------------------
......
......@@ -40,7 +40,7 @@ class Autoload extends AutoloadConfig
* @var array<string, string>
*/
public $psr4 = [
APP_NAMESPACE => APPPATH, // For custom app namespace
APP_NAMESPACE => APPPATH,
'Config' => APPPATH . 'Config',
'ActivityPub' => APPPATH . 'Libraries/ActivityPub',
'Analytics' => APPPATH . 'Libraries/Analytics',
......
......@@ -8,14 +8,7 @@
* it and display a generic error message.
*/
ini_set('display_errors', '0');
error_reporting(
E_ALL &
~E_NOTICE &
~E_DEPRECATED &
~E_STRICT &
~E_USER_NOTICE &
~E_USER_DEPRECATED,
);
error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED,);
/**
* --------------------------------------------------------------------------
......
......@@ -19,7 +19,6 @@ class Cache extends BaseConfig
*
* The name of the preferred handler that should be used. If for some reason
* it is not available, the $backupHandler will be used in its place.
*
*/
public string $handler = 'file';
......@@ -31,7 +30,6 @@ class Cache extends BaseConfig
* The name of the handler that will be used in case the first one is
* unreachable. Often, 'file' is used here since the filesystem is
* always available, though that's not always practical for the app.
*
*/
public string $backupHandler = 'dummy';
......@@ -64,7 +62,7 @@ class Cache extends BaseConfig
*
* @var boolean|string[]
*/
public bool|array $cacheQueryString = false;
public bool | array $cacheQueryString = false;
/**
* --------------------------------------------------------------------------
......@@ -73,7 +71,6 @@ class Cache extends BaseConfig
*
* This string is added to all cache item names to help avoid collisions
* if you run multiple applications with the same cache engine.
*
*/
public string $prefix = '';
......
......@@ -5,9 +5,8 @@ namespace Config;
use CodeIgniter\Config\BaseConfig;
/**
* Stores the default settings for the ContentSecurityPolicy, if you
* choose to use it. The values here will be read in and set as defaults
* for the site. If needed, they can be overridden on a page-by-page basis.
* Stores the default settings for the ContentSecurityPolicy, if you choose to use it. The values here will be read in
* and set as defaults for the site. If needed, they can be overridden on a page-by-page basis.
*
* Suggested reference for explanations:
*
......@@ -15,64 +14,49 @@ use CodeIgniter\Config\BaseConfig;
*/
class ContentSecurityPolicy extends BaseConfig
{
//-------------------------------------------------------------------------
// Broadbrush CSP management
//-------------------------------------------------------------------------
/**
* Default CSP report context
*
*/
public bool $reportOnly = false;
/**
* Specifies a URL where a browser will send reports
* when a content security policy is violated.
*
* @var string|null
* Specifies a URL where a browser will send reports when a content security policy is violated.
*/
public ?string $reportURI = null;
/**
* Instructs user agents to rewrite URL schemes, changing
* HTTP to HTTPS. This directive is for websites with
* large numbers of old URLs that need to be rewritten.
*
* Instructs user agents to rewrite URL schemes, changing HTTP to HTTPS. This directive is for websites with large
* numbers of old URLs that need to be rewritten.
*/
public bool $upgradeInsecureRequests = false;
//-------------------------------------------------------------------------
// Sources allowed
// Note: once you set a policy to 'none', it cannot be further restricted
//-------------------------------------------------------------------------
/**
* Will default to self if not overridden
*
* @var string|string[]|null
*/
public string|array|null $defaultSrc;
public string | array | null $defaultSrc;
/**
* Lists allowed scripts' URLs.
*
* @var string|string[]
*/
public string|array $scriptSrc = 'self';
public string | array $scriptSrc = 'self';
/**
* Lists allowed stylesheets' URLs.
*
* @var string|string[]
*/
public string|array $styleSrc = 'self';
public string | array $styleSrc = 'self';
/**
* Defines the origins from which images can be loaded.
*
* @var string|string[]
*/
public string|array $imageSrc = 'self';
public string | array $imageSrc = 'self';
/**
* Restricts the URLs that can appear in a page's `<base>` element.
......@@ -81,77 +65,75 @@ class ContentSecurityPolicy extends BaseConfig
*
* @var string|string[]|null
*/
public string|array|null $baseURI;
public string | array | null $baseURI;
/**
* Lists the URLs for workers and embedded frame contents
*
* @var string|string[]
*/
public string|array $childSrc = 'self';
public string | array $childSrc = 'self';
/**
* Limits the origins that you can connect to (via XHR,
* WebSockets, and EventSource).
* Limits the origins that you can connect to (via XHR, WebSockets, and EventSource).
*
* @var string|string[]
*/
public string|array $connectSrc = 'self';
public string | array $connectSrc = 'self';
/**
* Specifies the origins that can serve web fonts.
*
* @var string|string[]
*/
public string|array $fontSrc;
public string | array $fontSrc;
/**
* Lists valid endpoints for submission from `<form>` tags.
*
* @var string|string[]
*/
public string|array $formAction = 'self';
public string | array $formAction = 'self';
/**
* Specifies the sources that can embed the current page.
* This directive applies to `<frame>`, `<iframe>`, `<embed>`,
* and `<applet>` tags. This directive can't be used in
* `<meta>` tags and applies only to non-HTML resources.
* Specifies the sources that can embed the current page. This directive applies to `<frame>`, `<iframe>`,
* `<embed>`, and `<applet>` tags. This directive can't be used in `<meta>` tags and applies only to non-HTML
* resources.
*
* @var string|string[]|null
*/
public string|array|null $frameAncestors;
public string | array | null $frameAncestors;
/**
* Restricts the origins allowed to deliver video and audio.
*
* @var string|string[]|null
*/
public string|array|null $mediaSrc;
public string | array | null $mediaSrc;
/**
* Allows control over Flash and other plugins.
*
* @var string|string[]
*/
public string|array $objectSrc = 'self';
public string | array $objectSrc = 'self';
/**
* @var string|string[]|null
*/
public string|array|null $manifestSrc;
public string | array | null $manifestSrc;
/**
* Limits the kinds of plugins a page may invoke.
*
* @var string|string[]|null
*/
public string|array|null $pluginTypes;
public string | array | null $pluginTypes;
/**
* List of actions allowed.
*
* @var string|string[]|null
*/
public string|array|null $sandbox;
public string | array | null $sandbox;
}
......@@ -13,7 +13,6 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Set a cookie name prefix if you need to avoid collisions.
*
*/
public string $prefix = '';
......@@ -25,9 +24,8 @@ class Cookie extends BaseConfig
* Default expires timestamp for cookies. Setting this to `0` will mean the
* cookie will not have the `Expires` attribute and will behave as a session
* cookie.
*
*/
public DateTimeInterface|int|string $expires = 0;
public DateTimeInterface | int | string $expires = 0;
/**
* --------------------------------------------------------------------------
......@@ -35,7 +33,6 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Typically will be a forward slash.
*
*/
public string $path = '/';
......@@ -45,7 +42,6 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Set to `.your-domain.com` for site-wide cookies.
*
*/
public string $domain = '';
......@@ -55,7 +51,6 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Cookie will only be set if a secure HTTPS connection exists.
*
*/
public bool $secure = false;
......@@ -65,7 +60,6 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Cookie will only be accessible via HTTP(S) (no JavaScript).
*
*/
public bool $httponly = true;
......@@ -88,7 +82,6 @@ class Cookie extends BaseConfig