if (!validate_csrf_token($csrf_token_name)) {
report_error('Invalid token.');
response_footer();
exit;
}
// Got a new maintainer?
if (isset($_POST['handle']['new']) && !empty($_POST['handle']['new'])) {
$new = strip_tags($_POST['handle']['new']);
include_once 'pear-database-user.php';
if (!ereg('^[0-9a-z_]{2,20}$', $new)) {
report_error('Invalid handle: ' . $new);
} elseif (!user::exists($new)) {
report_error($new . ' does not exist.');
} else {
$role = $_POST['role']['new'];
if (!maintainer::isValidRole($role)) {
report_error('Invalid role.');
} else {
if (maintainer::add($pid, $new, $role)) {
$message = 'Maintainer ' . $new . 'sucessfully added.';
$maintainers[$new] = array('role' => $role, 'active' => 1);
}
}
}
} else {
$new = '';
}
// Role, active, and marked for removal
$roles = $_POST['role'];
if (isset($_POST['active'])) {
$active = $_POST['active'];
/**
* Update user and roles of a package
*
* @static
* @param int $pkgid The package id to update
* @param array $users Assoc array containing the list of users
* in the form: '<user>' => array('role' => '<role>', 'active' => '<active>')
* @return mixed PEAR_Error or true
*/
function updateAll($pkgid, $users)
{
global $dbh, $auth_user;
$admin = $auth_user->isAdmin();
// Only admins and leads can do this.
if (maintainer::mayUpdate($pkgid) == false) {
return PEAR::raiseError('maintainer::updateAll: insufficient privileges');
}
$pkg_name = package::info((int) $pkgid, "name", true);
// Needed for logging
if (empty($pkg_name)) {
PEAR::raiseError('maintainer::updateAll: no such package');
}
$old = maintainer::get($pkgid);
if (DB::isError($old)) {
return $old;
}
$old_users = array_keys($old);
$new_users = array_keys($users);
if (!$admin && !in_array($auth_user->handle, $new_users)) {
return PEAR::raiseError("You can not delete your own maintainer role or you will not " . "be able to complete the update process. Set your name " . "in package.xml or let the new lead developer upload " . "the new release");
}
foreach ($users as $user => $u) {
$role = $u['role'];
$active = $u['active'];
if (!maintainer::isValidRole($role)) {
return PEAR::raiseError("invalid role '{$role}' for user '{$user}'");
}
// The user is not present -> add him
if (!in_array($user, $old_users)) {
$e = maintainer::add($pkgid, $user, $role, $active);
if (PEAR::isError($e)) {
return $e;
}
continue;
}
// Users exists but role has changed -> update it
if ($role != $old[$user]['role']) {
$res = maintainer::update($pkgid, $user, $role, $active);
if (DB::isError($res)) {
return $res;
}
}
}
// Drop users who are no longer maintainers
foreach ($old_users as $old_user) {
if (!in_array($old_user, $new_users)) {
$res = maintainer::remove($pkgid, $old_user);
if (DB::isError($res)) {
return $res;
}
}
}
return true;
}
/**
* Update user and roles of a package
*
* @static
* @param int $pkgid The package id to update
* @param array $users Assoc array containing the list of users
* in the form: '<user>' => array('role' => '<role>', 'active' => '<active>')
* @param bool Whether to print the logging information to the screen
* @return mixed PEAR_Error or true
*/
static function updateAll($pkgid, $users, $print = false, $releasing = false)
{
require_once 'Damblan/Log.php';
global $dbh, $auth_user;
// Only admins and leads can do this.
if (maintainer::mayUpdate($pkgid) == false) {
return PEAR::raiseError('maintainer::updateAll: insufficient privileges');
}
$logger = new Damblan_Log();
if ($print) {
require_once 'Damblan/Log/Print.php';
$observer = new Damblan_Log_Print();
$logger->attach($observer);
}
include_once 'pear-database-package.php';
$pkg_name = package::info((int) $pkgid, "name");
// Needed for logging
if (empty($pkg_name)) {
PEAR::raiseError('maintainer::updateAll: no such package');
}
$old = maintainer::get($pkgid);
if (DB::isError($old)) {
return $old;
}
$old_users = array_keys($old);
$new_users = array_keys($users);
$admin = $auth_user->isAdmin();
$qa = $auth_user->isQA();
if (!$admin && !$qa && !in_array($auth_user->handle, $new_users)) {
return PEAR::raiseError("You can not delete your own maintainer role or you will not " . "be able to complete the update process. Set your name " . "in package.xml or let the new lead developer upload " . "the new release");
}
if ($releasing && user::maintains($auth_user->handle, (int) $pkgid, 'lead') && $users[$auth_user->handle]['role'] != 'lead') {
return PEAR::raiseError('You cannot demote your role from lead to ' . $users[$auth_user->handle]['role']);
}
foreach ($users as $user => $u) {
$role = $u['role'];
$active = $u['active'];
if (!maintainer::isValidRole($role)) {
return PEAR::raiseError("invalid role '{$role}' for user '{$user}'");
}
// The user is not present -> add him
if (!in_array($user, $old_users)) {
$e = maintainer::add($pkgid, $user, $role, $active);
if (PEAR::isError($e)) {
return $e;
}
$logger->log("[Maintainer] NEW: " . $user . " (" . $role . ") to package " . $pkg_name . " by " . $auth_user->handle);
continue;
}
// Users exists but the role or the "active" flag have changed -> update it
if ($role != $old[$user]['role'] || $active != $old[$user]['active']) {
$res = maintainer::update($pkgid, $user, $role, $active);
if (DB::isError($res)) {
return $res;
}
$logger->log("[Maintainer] UPDATE: " . $user . " (" . $role . ") to package " . $pkg_name . " by " . $auth_user->handle);
}
}
// Drop users who are no longer maintainers
foreach ($old_users as $old_user) {
if (!in_array($old_user, $new_users)) {
$res = maintainer::remove($pkgid, $old_user);
if (DB::isError($res)) {
return $res;
}
$logger->log("[Maintainer] REMOVED: " . $old_user . " (" . $role . ") to package " . $pkg_name . " by " . $auth_user->handle);
}
}
return true;
}
