Merge branch 'main' into patch-6

Author: simonLeary42

resources/lib/UnityGroup.php

@@ -47,6 +47,11 @@ public function equals($other_group)
         return $this->getPIUID() == $other_group->getPIUID();
     }
 
+    public function __toString()
+    {
+        return $this->getPIUID();
+    }
+
     /**
      * Returns this group's PI UID
      *
@@ -133,6 +138,12 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
      */
     public function approveGroup($operator = null, $send_mail = true)
     {
+        if (!$this->SQL->requestExists($this->getOwner()->getUID())) {
+            throw new Exception(
+                "attempt to approve nonexistent request for group='{$this->getPIUID()}' uid='$new_user'"
+            );
+        }
+
         // check for edge cases...
         if ($this->exists()) {
             return;
@@ -277,6 +288,12 @@ public function cancelGroupJoinRequest($user, $send_mail = true)
      */
     public function approveUser($new_user, $send_mail = true)
     {
+        if (!$this->requestExists($new_user)) {
+            throw new Exception(
+                "attempt to approve nonexistent request for group='{$this->getPIUID()}' uid='$new_user'"
+            );
+        }
+
         // check if user exists
         if (!$new_user->exists()) {
             $new_user->init();
@@ -382,15 +399,17 @@ public function removeUser($new_user, $send_mail = true)
     public function newUserRequest($new_user, $send_mail = true)
     {
         if ($this->userExists($new_user)) {
+            UnitySite::errorLog("warning", "user '$new_user' already in group");
             return;
         }
 
         if ($this->requestExists($new_user)) {
+            UnitySite::errorLog("warning", "user '$new_user' already requested group membership");
             return;
         }
 
-        // check if account deletion request already exists
         if ($this->SQL->accDeletionRequestExists($new_user->getUID())) {
+            throw new Exception("user '$new_user' requested account deletion");
             return;
         }
 
@@ -441,22 +460,8 @@ public function getRequests()
 
     public function getGroupMembers($ignorecache = false)
     {
-        if (!$ignorecache) {
-            $cached_val = $this->REDIS->getCache($this->getPIUID(), "members");
-            if (!is_null($cached_val)) {
-                $members = $cached_val;
-            }
-        }
-
-        $updatecache = false;
-        if (!isset($members)) {
-            $pi_group = $this->getLDAPPiGroup();
-            $members = $pi_group->getAttribute("memberuid");
-            $updatecache = true;
-        }
-
+        $members = $this->getGroupMemberUIDs($ignorecache);
         $out = array();
-        $cache_arr = array();
         $owner_uid = $this->getOwner()->getUID();
         foreach ($members as $member) {
                 $user_obj = new UnityUser(
@@ -468,22 +473,28 @@ public function getGroupMembers($ignorecache = false)
                     $this->WEBHOOK
                 );
                 array_push($out, $user_obj);
-                array_push($cache_arr, $user_obj->getUID());
-        }
-
-        if (!$ignorecache && $updatecache) {
-            sort($cache_arr);
-            $this->REDIS->setCache($this->getPIUID(), "members", $cache_arr);
         }
-
         return $out;
     }
 
-    public function getGroupMemberUIDs()
+    public function getGroupMemberUIDs($ignorecache = false)
     {
-        $pi_group = $this->getLDAPPiGroup();
-        $members = $pi_group->getAttribute("memberuid");
-
+        if (!$ignorecache) {
+            $cached_val = $this->REDIS->getCache($this->getPIUID(), "members");
+            if (!is_null($cached_val)) {
+                $members = $cached_val;
+            }
+        }
+        $updatecache = false;
+        if (!isset($members)) {
+            $pi_group = $this->getLDAPPiGroup();
+            $members = $pi_group->getAttribute("memberuid");
+            $updatecache = true;
+        }
+        if (!$ignorecache && $updatecache) {
+            sort($members);
+            $this->REDIS->setCache($this->getPIUID(), "members", $members);
+        }
         return $members;
     }
 

resources/lib/UnitySite.php

@@ -7,7 +7,7 @@
 
 class UnitySite
 {
-    public static function die($x = null)
+    public static function die($x = null, $show_user = false)
     {
         if (@$GLOBALS["PHPUNIT_NO_DIE_PLEASE"] == true) {
             if (is_null($x)) {
@@ -16,18 +16,18 @@ public static function die($x = null)
                 throw new PhpUnitNoDieException($x);
             }
         } else {
-            if (is_null($x)) {
-                die();
-            } else {
+            if (!is_null($x) and $show_user) {
                 die($x);
+            } else {
+                die();
             }
         }
     }
 
     public static function redirect($destination)
     {
         header("Location: $destination");
-        self::die("Redirect failed, click <a href='$destination'>here</a> to continue.");
+        self::die("Redirect failed, click <a href='$destination'>here</a> to continue.", true);
     }
 
     private static function headerResponseCode(int $code, string $reason)
@@ -55,25 +55,34 @@ public static function badRequest($message)
     {
         self::headerResponseCode(400, "bad request");
         self::errorLog("bad request", $message);
-        self::die();
+        self::die($message);
     }
 
     public static function forbidden($message)
     {
         self::headerResponseCode(403, "forbidden");
         self::errorLog("forbidden", $message);
-        self::die();
+        self::die($message);
     }
 
-    public static function removeTrailingWhitespace($arr)
+    public static function arrayGetOrBadRequest(array $array, ...$keys)
     {
-        $out = array();
-        foreach ($arr as $str) {
-            $new_string = rtrim($str);
-            array_push($out, $new_string);
+        $cursor = $array;
+        $keysTraversed = [];
+        foreach ($keys as $key) {
+            array_push($keysTraversed, $key);
+            if (!isset($cursor[$key])) {
+                self::badRequest("array key not found: " . json_encode($keysTraversed));
+            }
+            $cursor = $cursor[$key];
         }
+        return $cursor;
+    }
 
-        return $out;
+    public static function alert(string $message)
+    {
+        // json_encode escapes quotes
+        echo "<script type='text/javascript'>alert(" . json_encode($message) . ");</script>";
     }
 
     public static function testValidSSHKey($key_str)

resources/lib/UnityUser.php

@@ -38,6 +38,11 @@ public function equals($other_user)
         return $this->getUID() == $other_user->getUID();
     }
 
+    public function __toString()
+    {
+        return $this->uid;
+    }
+
     /**
      * This is the method that is run when a new account is created
      *