Add ECUID (edit user cuid) to session and return in acl array

publish/last.published

@@ -1 +1 @@
-9.20.0
+9.21.0

src/ACL/Login.php

@@ -75,6 +75,8 @@ class Login
 {
 	/** @var ?int the user id var*/
 	private ?int $euid;
+	/** @var ?string the user cuid (note will be super seeded with uuid v4 later) */
+	private ?string $ecuid;
 	/** @var string _GET/_POST loginUserId parameter for non password login */
 	private string $login_user_id = '';
 	/** @var string source, either _GET or _POST or empty */
@@ -757,7 +759,7 @@ class Login
 		}
 		// have to get the global stuff here for setting it later
 		// we have to get the themes in here too
-		$q = "SELECT eu.edit_user_id, eu.username, eu.password, "
+		$q = "SELECT eu.edit_user_id, eu.cuid, eu.username, eu.password, "
 			. "eu.edit_group_id, "
 			. "eg.name AS edit_group_name, eu.admin, "
 			// additinal acl lists
@@ -889,6 +891,7 @@ class Login
 			// normal user processing
 			// set class var and session var
 			$_SESSION['EUID'] = $this->euid = (int)$res['edit_user_id'];
+			$_SESSION['ECUID'] = $this->ecuid = (string)$res['cuid'];
 			// check if user is okay
 			$this->loginCheckPermissions();
 			if ($this->login_error == 0) {
@@ -1132,6 +1135,8 @@ class Login
 		// username (login), group name
 		$this->acl['user_name'] = $_SESSION['USER_NAME'];
 		$this->acl['group_name'] = $_SESSION['GROUP_NAME'];
+		// edit user cuid
+		$this->acl['ecuid'] = $_SESSION['ECUID'];
 		// set additional acl
 		$this->acl['additional_acl'] = [
 			'user' => $_SESSION['USER_ADDITIONAL_ACL'],
@@ -1862,6 +1867,8 @@ HTML;
 		}
 		// if there is none, there is none, saves me POST/GET check
 		$this->euid = array_key_exists('EUID', $_SESSION) ? (int)$_SESSION['EUID'] : 0;
+		// TODO: allow load from cuid
+		// $this->ecuid = array_key_exists('ECUID', $_SESSION) ? (string)$_SESSION['ECUID'] : '';
 		// get login vars, are so, can't be changed
 		// prepare
 		// pass on vars to Object vars
@@ -2111,6 +2118,7 @@ HTML;
 		$this->session->sessionDestroy();
 		// unset euid
 		$this->euid = null;
+		$this->ecuid = null;
 		// then prints the login screen again
 		$this->permission_okay = false;
 	}
@@ -2128,11 +2136,12 @@ HTML;
 		if (empty($this->euid)) {
 			return $this->permission_okay;
 		}
+		// euid must match ecuid
 		// bail for previous wrong page match, eg if method is called twice
 		if ($this->login_error == 103) {
 			return $this->permission_okay;
 		}
-		$q = "SELECT ep.filename, "
+		$q = "SELECT ep.filename, eu.cuid, "
 			// base lock flags
 			. "eu.deleted, eu.enabled, eu.locked, "
 			// date based lock
@@ -2198,6 +2207,8 @@ HTML;
 		} else {
 			$this->login_error = 103;
 		}
+		// set ECUID
+		$_SESSION['ECUID'] = $this->ecuid = (string)$res['cuid'];
 		// if called from public, so we can check if the permissions are ok
 		return $this->permission_okay;
 	}
@@ -2503,6 +2514,16 @@ HTML;
 	{
 		return (string)$this->euid;
 	}
+
+	/**
+	 * Get the current set ECUID (edit user cuid)
+	 *
+	 * @return string ECUID as string
+	 */
+	public function loginGetEcid(): string
+	{
+		return (string)$this->ecuid;
+	}
 }
 
 // __END__

src/Convert/Color/Coordinates/HSB.php

@@ -26,7 +26,7 @@ class HSB implements Interface\CoordinatesInterface
 	private float $B = 0.0;
 
 	/** @var string color space: either ok or cie */
-	private string $colorspace = '';
+	private string $colorspace = ''; /** @phpstan-ignore-line */
 
 	/**
 	 * HSB (HSV) color coordinates

src/Convert/Color/Coordinates/HSL.php

@@ -25,7 +25,7 @@ class HSL implements Interface\CoordinatesInterface
 	/** @var float lightness (luminance) */
 	private float $L = 0.0;
 
-	/** @var string color space: either ok or cie */
+	/** @var string color space: either sRGB */
 	private string $colorspace = '';
 
 	/**

src/Create/Uids.php

@@ -56,26 +56,6 @@ class Uids
 	 */
 	public static function uuidv4(): string
 	{
-		/* return sprintf(
-			'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
-			// 32 bits for "time_low"
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff),
-			// 16 bits for "time_mid"
-			mt_rand(0, 0xffff),
-			// 16 bits for "time_hi_and_version",
-			// four most significant bits holds version number 4
-			mt_rand(0, 0x0fff) | 0x4000,
-			// 16 bits, 8 bits for "clk_seq_hi_res",
-			// 8 bits for "clk_seq_low",
-			// two most significant bits holds zero and one for variant DCE1.1
-			mt_rand(0, 0x3fff) | 0x8000,
-			// 48 bits for "node"
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff)
-		); */
-
 		$data = random_bytes(16);
 		assert(strlen($data) == 16);
 
@@ -93,6 +73,20 @@ class Uids
 		return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
 	}
 
+	/**
+	 * regex validate uuid v4
+	 *
+	 * @param  string $uuidv4
+	 * @return bool
+	 */
+	public static function validateUuuidv4(string $uuidv4): bool
+	{
+		if (!preg_match("/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/", $uuidv4)) {
+			return false;
+		}
+		return true;
+	}
+
 	/**
 	 * creates a uniq id based on lengths
 	 *

test/phpunit/ACL/CoreLibsACLLoginTest.php

@@ -243,6 +243,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[],
 				[
 					'EUID' => 1,
+					'ECUID' => 'abc',
 				],
 				2,
 				[],
@@ -260,6 +261,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[],
 				[
 					'EUID' => 1,
+					'ECUID' => 'abc',
 					'USER_NAME' => '',
 					'GROUP_NAME' => '',
 					'ADMIN' => 1,

test/phpunit/Create/CoreLibsCreateUidsTest.php

@@ -121,6 +121,7 @@ final class CoreLibsCreateUidsTest extends TestCase
 	 * must match 7e78fe0d-59b8-4637-af7f-e88d221a7d1e
 	 *
 	 * @covers ::uuidv4
+	 * @covers ::validateUuidv4
 	 * @testdox uuidv4 check that return is matching regex [$_dataName]
 	 *
 	 * @return void
@@ -129,13 +130,18 @@ final class CoreLibsCreateUidsTest extends TestCase
 	{
 		$uuid = \CoreLibs\Create\Uids::uuidv4();
 		$this->assertMatchesRegularExpression(
-			'/^[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}$/',
+			'/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/',
-			$uuid
+			$uuid,
+			'Failed regex check'
+		);
+		$this->assertTrue(
+			\CoreLibs\Create\Uids::validateUuuidv4($uuid),
+			'Failed validate regex method'
+		);
+		$this->assertFalse(
+			\CoreLibs\Create\Uids::validateUuuidv4('not-a-uuidv4'),
+			'Failed wrong uuid validated as true'
 		);
-		// $this->assertStringMatchesFormat(
-		// 	'%4s%4s-%4s-%4s-%4s-%4s%4s%4s',
-		// 	$uuid
-		// );
 	}
 
 	/**