dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "$wgHttpsPort should only be used in very special cases"
[lhc/web/wiklou.git] / includes / registration / ExtensionJsonValidator.php
1 <?php
2
3 /**
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License along
15 * with this program; if not, write to the Free Software Foundation, Inc.,
16 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 * http://www.gnu.org/copyleft/gpl.html
18 *
19 * @file
20 */
21
22 use Composer\Spdx\SpdxLicenses;
23 use JsonSchema\Validator;
24 use Seld\JsonLint\JsonParser;
25 use Seld\JsonLint\ParsingException;
26
27 /**
28 * Validate extension.json files against their JSON schema.
29 *
30 * This is used for static validation from the command-line via
31 * validateRegistrationFile.php, and the PHPUnit structure test suite
32 * (ExtensionJsonValidationTest).
33 *
34 * The files are normally read by the ExtensionRegistry
35 * and ExtensionProcessor classes.
36 *
37 * @since 1.29
38 */
39 class ExtensionJsonValidator {
40
41 /**
42 * @var callable
43 */
44 private $missingDepCallback;
45
46 /**
47 * @param callable $missingDepCallback
48 */
49 public function __construct( callable $missingDepCallback ) {
50 $this->missingDepCallback = $missingDepCallback;
51 }
52
53 /**
54 * @codeCoverageIgnore
55 * @return bool
56 */
57 public function checkDependencies() {
58 if ( !class_exists( Validator::class ) ) {
59 call_user_func( $this->missingDepCallback,
60 'The JsonSchema library cannot be found, please install it through composer.'
61 );
62 return false;
63 } elseif ( !class_exists( SpdxLicenses::class ) ) {
64 call_user_func( $this->missingDepCallback,
65 'The spdx-licenses library cannot be found, please install it through composer.'
66 );
67 return false;
68 } elseif ( !class_exists( JsonParser::class ) ) {
69 call_user_func( $this->missingDepCallback,
70 'The JSON lint library cannot be found, please install it through composer.'
71 );
72 }
73
74 return true;
75 }
76
77 /**
78 * @param string $path file to validate
79 * @return bool true if passes validation
80 * @throws ExtensionJsonValidationError on any failure
81 */
82 public function validate( $path ) {
83 $contents = file_get_contents( $path );
84 $jsonParser = new JsonParser();
85 try {
86 $data = $jsonParser->parse( $contents, JsonParser::DETECT_KEY_CONFLICTS );
87 } catch ( ParsingException $e ) {
88 if ( $e instanceof \Seld\JsonLint\DuplicateKeyException ) {
89 throw new ExtensionJsonValidationError( $e->getMessage() );
90 }
91 throw new ExtensionJsonValidationError( "$path is not valid JSON" );
92 }
93
94 if ( !isset( $data->manifest_version ) ) {
95 throw new ExtensionJsonValidationError(
96 "$path does not have manifest_version set." );
97 }
98
99 $version = $data->manifest_version;
100 $schemaPath = __DIR__ . "/../../docs/extension.schema.v$version.json";
101
102 // Not too old
103 if ( $version < ExtensionRegistry::OLDEST_MANIFEST_VERSION ) {
104 throw new ExtensionJsonValidationError(
105 "$path is using a non-supported schema version"
106 );
107 } elseif ( $version > ExtensionRegistry::MANIFEST_VERSION ) {
108 throw new ExtensionJsonValidationError(
109 "$path is using a non-supported schema version"
110 );
111 }
112
113 $extraErrors = [];
114 // Check if it's a string, if not, schema validation will display an error
115 if ( isset( $data->{'license-name'} ) && is_string( $data->{'license-name'} ) ) {
116 $licenses = new SpdxLicenses();
117 $valid = $licenses->validate( $data->{'license-name'} );
118 if ( !$valid ) {
119 $extraErrors[] = '[license-name] Invalid SPDX license identifier, '
120 . 'see <https://spdx.org/licenses/>';
121 }
122 }
123 if ( isset( $data->url ) && is_string( $data->url ) ) {
124 $parsed = wfParseUrl( $data->url );
125 $mwoUrl = false;
126 if ( $parsed['host'] === 'www.mediawiki.org' ) {
127 $mwoUrl = true;
128 } elseif ( $parsed['host'] === 'mediawiki.org' ) {
129 $mwoUrl = true;
130 $extraErrors[] = '[url] Should use www.mediawiki.org domain';
131 }
132
133 if ( $mwoUrl && $parsed['scheme'] !== 'https' ) {
134 $extraErrors[] = '[url] Should use HTTPS for www.mediawiki.org URLs';
135 }
136 }
137
138 $validator = new Validator;
139 $validator->check( $data, (object)[ '$ref' => 'file://' . $schemaPath ] );
140 if ( $validator->isValid() && !$extraErrors ) {
141 // All good.
142 return true;
143 } else {
144 $out = "$path did not pass validation.\n";
145 foreach ( $validator->getErrors() as $error ) {
146 $out .= "[{$error['property']}] {$error['message']}\n";
147 }
148 if ( $extraErrors ) {
149 $out .= implode( "\n", $extraErrors ) . "\n";
150 }
151 throw new ExtensionJsonValidationError( $out );
152 }
153 }
154 }
Wiklou, le Wiki du Wiklou