Changeset 1061280
- Timestamp:
- 01/06/2015 01:40:17 PM (11 years ago)
- Location:
- enzymes/trunk
- Files:
-
- 3 edited
-
EnzymesPlugin.php (modified) (1 diff)
-
lib/Enzymes3.php (modified) (11 diffs)
-
tests/lib/test-Enzymes3.php (modified) (20 diffs)
Legend:
- Unmodified
- Added
- Removed
-
enzymes/trunk/EnzymesPlugin.php
r1057855 r1061280 17 17 function engine() 18 18 { 19 if ( is_null(self::$enzymes)) {19 if ( is_null(self::$enzymes) ) { 20 20 require_once 'lib/Enzymes3.php'; 21 21 self::$enzymes = new Enzymes3(); -
enzymes/trunk/lib/Enzymes3.php
r1059585 r1061280 1 1 <?php 2 3 2 require_once 'Ando/Regex.php'; 3 require_once 'Sequence.php'; 4 4 5 5 class Enzymes3 … … 255 255 $this->init_grammar(); 256 256 $this->init_expressions(); 257 $this->add_roles_and_capabilities(); 257 258 } 258 259 … … 435 436 } 436 437 438 protected 439 function execute_code( $code, $arguments, $post_object ) 440 { 441 $current_user = wp_get_current_user(); 442 if ( author_can($post_object, 'create_php_enzymes') && 443 ($current_user->ID == $post_object->post_author || author_can($post_object, 'share_php_enzymes')) 444 ) { 445 list($result,) = $this->safe_eval($code, $arguments); 446 } else { 447 $result = null; 448 } 449 return $result; 450 } 451 437 452 /** 438 453 * @param string $post_item … … 452 467 $post_object = $this->wp_post($matches); 453 468 $code = $this->wp_post_field($post_object, $matches); 454 // We allow PHP execution by default, and optionally some HTML code properly unwrapped off PHP tags.455 469 $arguments = $num_args > 0 456 470 ? $this->catalyzed->pop($num_args) 457 471 : array(); 458 list($result,) = $this->safe_eval($code, $arguments);472 $result = $this->execute_code($code, $arguments, $post_object); 459 473 return $result; 460 474 } … … 477 491 $user_object = $this->wp_author($post_object); 478 492 $code = $this->wp_user_field($user_object, $matches); 479 // We allow PHP execution by default, and optionally some HTML code properly unwrapped off PHP tags.480 493 $arguments = $num_args > 0 481 494 ? $this->catalyzed->pop($num_args) 482 495 : array(); 483 list($result,) = $this->safe_eval($code, $arguments);496 $result = $this->execute_code($code, $arguments, $post_object); 484 497 return $result; 485 498 } … … 526 539 } 527 540 541 protected 542 function transclude_code( $code, $post_object ) 543 { 544 $current_user = wp_get_current_user(); 545 if ( author_can($post_object, 'create_php_enzymes') && 546 ($current_user->ID == $post_object->post_author || author_can($post_object, 'share_php_enzymes')) 547 ) { 548 list(, $output) = $this->safe_eval(" ?>$code<?php "); 549 } elseif ( author_can($post_object, 'create_html_enzymes') ) { 550 $output = $code; 551 } else { 552 $output = ''; 553 } 554 return $output; 555 } 556 528 557 /** 529 558 * @param string $post_item … … 541 570 preg_match($expression, $post_item, $matches); 542 571 $code = $this->wp_post_field($post_object, $matches); 543 // We allow HTML transclusion by default, and optionally some PHP code properly wrapped into PHP tags. 544 list(, $output) = $this->safe_eval(" ?>$code<?php "); 572 $output = $this->transclude_code($code, $post_object); 545 573 return $output; 546 574 } … … 580 608 $user_object = $this->wp_author($post_object); 581 609 $code = $this->wp_user_field($user_object, $matches); 582 // We allow HTML transclusion by default, and optionally some PHP code properly wrapped into PHP tags. 583 list(, $output) = $this->safe_eval(" ?>$code<?php "); 610 $output = $this->transclude_code($code, $post_object); 584 611 return $output; 585 612 } … … 738 765 739 766 /** 740 * @param string $content741 * @param null 767 * @param string $content 768 * @param null|WP_Post $default_post 742 769 * 743 770 * @return array|null|string … … 746 773 function metabolize( $content, $default_post = null ) 747 774 { 748 if ( ! $this->there_is_an_injection($content, $matches) ) {749 return $content;750 }751 775 $this->post = is_object($default_post) 752 776 ? $default_post 753 777 : get_post(); 778 if ( is_null($this->post) ) { 779 return $content; 780 } 781 if ( ! author_can($this->post, 'inject_enzymes') ) { 782 return $content; 783 } 784 if ( ! $this->there_is_an_injection($content, $matches) ) { 785 return $content; 786 } 754 787 $this->new_content = ''; 755 788 do { … … 771 804 return $result; 772 805 } 806 807 protected 808 function add_roles_and_capabilities() 809 { 810 $capabilities = array( 811 'inject_enzymes' => 'it allows a post author to inject enzymes', 812 'create_html_enzymes' => 'it allows her to use her non_evaluated enzymes', 813 'create_php_enzymes' => 'it allows her to use her evaluated enzymes', 814 'share_html_enzymes' => 'it allows others to use her non_evaluated enzymes', 815 'share_php_enzymes' => 'it allows others to use her evaluated enzymes', 816 ); 817 818 remove_role('enzymes_user'); 819 add_role('enzymes_user', __('Enzymes User'), array('inject_enzymes' => true)); 820 821 remove_role('client_enzymes_coder'); 822 add_role('client_enzymes_coder', __('Client Enzymes Coder'), 823 array('inject_enzymes' => true, 'create_html_enzymes' => true, 'share_html_enzymes' => true)); 824 825 remove_role('server_enzymes_coder'); 826 add_role('server_enzymes_coder', __('Server Enzymes Coder'), 827 array('inject_enzymes' => true, 'create_php_enzymes' => true, 'share_php_enzymes' => true)); 828 829 global $wp_roles; 830 /* @var $wp_roles WP_Roles */ 831 $wp_roles->add_cap('administrator', 'inject_enzymes'); 832 $wp_roles->add_cap('administrator', 'create_php_enzymes'); 833 $wp_roles->add_cap('administrator', 'share_php_enzymes'); 834 // $admins = get_users(array('role' => 'administrator')); /* @var $admins WP_User[] */ 835 // foreach ($admins as $admin) { 836 // $admin->add_role('server_enzymes_coder'); 837 // } 838 } 839 840 // protected 841 // function is_trusted( $user_id ) 842 // { 843 // $admin_id = 1; 844 // $result = $user_id == $admin_id; 845 // if ( $result ) { 846 // return $result; 847 // } 848 // 849 // list($trusted_users) = trim(get_user_meta($admin_id, array('field' => 'enzymes-trusted-users'))); 850 // $result = strpos(" $trusted_users ", $user_id) !== false; 851 // if ( $result ) { 852 // return $result; 853 // } 854 // 855 // list($trusted_roles) = trim(get_user_meta($admin_id, array('field' => 'enzymes-trusted-roles'))); 856 // $trusted_roles = explode(' ', $trusted_users); 857 // $user_roles = $this->wp_roles($user_id); 858 // 859 // } 773 860 } -
enzymes/trunk/tests/lib/test-Enzymes3.php
r1059576 r1061280 1 1 <?php 2 3 //fwrite(STDERR, "\n\n" . print_r($result, TRUE));4 5 2 require_once 'lib/Enzymes3.php'; 6 3 … … 53 50 } 54 51 52 function setUp() 53 { 54 parent::setUp(); 55 56 $admin_id = $this->factory->user->create(array( 57 'role' => 'administrator' 58 )); 59 global $current_user; 60 $current_user = new WP_User($admin_id); 61 62 $global_post_id = $this->factory->post->create(array( 63 'post_author' => $admin_id, 64 'post_title' => 'This is the global post.' 65 )); 66 global $post; 67 $post = get_post($global_post_id); 68 } 69 55 70 function test_an_escaped_injection_is_ignored() 56 71 { 57 72 $enzymes = new Enzymes3(); 73 74 // $enzymes->debug_on = true; 75 // $enzymes->debug_print(get_post()->post_title); 76 // $enzymes->debug_on = false; 58 77 59 78 $content1 = 'This is something before {{[ whatever ]} and this is after.'; … … 72 91 function test_content_with_injections_is_filtered() 73 92 { 93 // compare with test_dangling_enzymes_are_ignored 94 74 95 $mock = $this->getMockBuilder('Enzymes3') 75 96 ->setMethods(array('process')) … … 85 106 } 86 107 108 function test_dangling_enzymes_are_ignored() 109 { 110 // compare with test_content_with_injections_is_filtered 111 112 $mock = $this->getMockBuilder('Enzymes3') 113 ->setMethods(array('process')) 114 //->disableOriginalConstructor() 115 ->getMock(); 116 $mock->expects($this->any()) 117 ->method('process') 118 ->will($this->returnValue('"Hello, World!"')); 119 120 global $post; 121 $post = null; 122 123 $content1 = 'This is something before {[ whatever ]} and this is after.'; 124 $content2 = 'This is something before {[ whatever ]} and this is after.'; 125 $this->assertEquals($content2, $mock->metabolize($content1)); 126 } 127 87 128 function test_default_empty() 88 129 { 89 130 // case when the initial array is not empty 90 131 $values = array( 91 'one' 132 'one' => 1, 92 133 'three' => 3, 93 134 ); … … 125 166 function test_wp_post() 126 167 { 127 $global_post_id = $this->factory->post->create(array('post_title' => 'This is the global post.'));128 168 global $post; 129 $post = get_post($global_post_id);130 169 131 170 $target_post_id = $this->factory->post->create(array('post_title' => 'This is the target post.')); … … 137 176 $enzymes->metabolize('This post has a {[ fake ]} injection.'); 138 177 $result = $this->call_method('wp_post', array(array()), $enzymes); 139 $this->assertEquals($ global_post_id, $result->ID);178 $this->assertEquals($post->ID, $result->ID); 140 179 141 180 // this must return the target post (default) … … 146 185 // this must return the target post (numeric) 147 186 $enzymes->metabolize('This post has a {[ fake ]} injection.', $target); 148 $result = $this->call_method('wp_post', array(array('post' => $ global_post_id)), $enzymes);149 $this->assertEquals($ global_post_id, $result->ID);187 $result = $this->call_method('wp_post', array(array('post' => $post->ID)), $enzymes); 188 $this->assertEquals($post->ID, $result->ID); 150 189 151 190 // this must return the target post (slug) … … 153 192 $result = $this->call_method('wp_post', array( 154 193 array( 155 'post' => '@this-is-the-global-post', 'slug' => 'this-is-the-global-post' 194 'post' => '@this-is-the-global-post', 195 'slug' => 'this-is-the-global-post', 156 196 ) 157 197 ), $enzymes); 158 $this->assertEquals($ global_post_id, $result->ID);198 $this->assertEquals($post->ID, $result->ID); 159 199 } 160 200 … … 257 297 $content1 = 'Before "{[ .sample-name ]}" between "{[ .=sample name= ]}" and after.'; 258 298 $content2 = 'Before "sample-value" between "sample value" and after.'; 259 // $enzymes->debug_on = true; 260 $this->assertEquals($content2, $enzymes->metabolize($content1, $post)); 261 // $enzymes->debug_on = false; 299 $this->assertEquals($content2, $enzymes->metabolize($content1, $post)); 262 300 } 263 301 … … 447 485 $attrs_count = count($attrs); 448 486 449 $user = $this->factory->user->create_and_get(); 487 // This role is not really needed for attributes, but it makes my test easier to write. 488 $user = $this->factory->user->create_and_get(array('role' => 'server_enzymes_coder')); 450 489 $data = array(); 451 490 foreach ($attrs as $key) { … … 453 492 } 454 493 $data = "(" . implode(")(", $data) . ")"; 455 // $enzymes->debug_on = true;456 // $enzymes->debug_print($data);457 // $enzymes->debug_on = false;458 494 459 495 $post_id = $this->factory->post->create(array('post_author' => $user->ID)); … … 473 509 function test_transcluded_author_from_current_post() 474 510 { 475 $user_id = $this->factory->user->create( );511 $user_id = $this->factory->user->create(array('role' => 'client_enzymes_coder')); 476 512 add_user_meta($user_id, 'sample-name', 'sample-value'); 477 513 add_user_meta($user_id, 'sample name', 'sample value'); … … 483 519 $content1 = 'Before "{[ /author.sample-name ]}" between "{[ /author.=sample name= ]}" and after.'; 484 520 $content2 = 'Before "sample-value" between "sample value" and after.'; 485 // $enzymes->debug_on = true; 486 $this->assertEquals($content2, $enzymes->metabolize($content1, $post)); 487 // $enzymes->debug_on = false; 521 $this->assertEquals($content2, $enzymes->metabolize($content1, $post)); 488 522 } 489 523 490 524 function test_transcluded_author_from_another_post() 491 525 { 492 $user_1_id = $this->factory->user->create( );526 $user_1_id = $this->factory->user->create(array('role' => 'enzymes_user')); 493 527 add_user_meta($user_1_id, 'sample-name', 'sample value 1'); 494 528 $post_1_id = $this->factory->post->create(array('post_author' => $user_1_id)); 495 529 $post_1 = get_post($post_1_id); 496 530 497 $user_2_id = $this->factory->user->create( );531 $user_2_id = $this->factory->user->create(array('role' => 'client_enzymes_coder')); 498 532 add_user_meta($user_2_id, 'sample-name', 'sample value 2'); 499 533 $post_2_id = $this->factory->post->create(array('post_author' => $user_2_id)); … … 508 542 function test_transcluded_author_from_another_post_by_slug() 509 543 { 510 $user_1_id = $this->factory->user->create( );544 $user_1_id = $this->factory->user->create(array('role' => 'enzymes_user')); 511 545 add_user_meta($user_1_id, 'sample-name', 'sample value 1'); 512 546 $post_1_id = $this->factory->post->create(array('post_author' => $user_1_id)); 513 547 $post_1 = get_post($post_1_id); 514 548 515 $user_2_id = $this->factory->user->create( );549 $user_2_id = $this->factory->user->create(array('role' => 'client_enzymes_coder')); 516 550 add_user_meta($user_2_id, 'sample-name', 'sample value 2'); 517 551 $post_2_id = $this->factory->post->create(array( … … 574 608 } 575 609 $data = "(" . implode(")(", $data) . ")"; 576 // $enzymes->debug_on = true;577 // $enzymes->debug_print($data);578 // $enzymes->debug_on = false;579 610 580 611 $post_id = $post->ID; … … 593 624 function test_executed_author_with_no_arguments() 594 625 { 595 $user_id = $this->factory->user->create( );626 $user_id = $this->factory->user->create(array('role' => 'server_enzymes_coder')); 596 627 add_user_meta($user_id, 'sample-name', ' 597 628 $a = 100; … … 613 644 function test_executed_author_with_one_argument() 614 645 { 615 $user_id = $this->factory->user->create( );646 $user_id = $this->factory->user->create(array('role' => 'server_enzymes_coder')); 616 647 add_user_meta($user_id, 'sample-name', ' 617 648 list($a) = $arguments; … … 633 664 function test_executed_author_with_many_arguments() 634 665 { 635 $user_id = $this->factory->user->create( );666 $user_id = $this->factory->user->create(array('role' => 'server_enzymes_coder')); 636 667 add_user_meta($user_id, 'sample-name', ' 637 668 list($a, $b, $c) = $arguments; … … 651 682 function test_executed_author_with_an_array_argument() 652 683 { 653 $user_id = $this->factory->user->create( );684 $user_id = $this->factory->user->create(array('role' => 'server_enzymes_coder')); 654 685 add_user_meta($user_id, 'sample-name', ' 655 686 list($a, $bc) = $arguments; … … 669 700 function test_executed_author_with_a_hash_argument() 670 701 { 671 $user_id = $this->factory->user->create( );702 $user_id = $this->factory->user->create(array('role' => 'server_enzymes_coder')); 672 703 add_user_meta($user_id, 'sample-name', ' 673 704 list($hash) = $arguments;
Note: See TracChangeset
for help on using the changeset viewer.