includes/registration/ExtensionJsonValidator.php

   1 <?php
   2
   3 /**
   4  * This program is free software; you can redistribute it and/or modify
   5  * it under the terms of the GNU General Public License as published by
   6  * the Free Software Foundation; either version 2 of the License, or
   7  * (at your option) any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12  * GNU General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU General Public License along
  15  * with this program; if not, write to the Free Software Foundation, Inc.,
  16  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  17  * http://www.gnu.org/copyleft/gpl.html
  18  *
  19  * @file
  20  */
  21
  22 use Composer\Spdx\SpdxLicenses;
  23 use JsonSchema\Validator;
  24 use Seld\JsonLint\JsonParser;
  25 use Seld\JsonLint\ParsingException;
  26
  27 /**
  28  * @since 1.29
  29  */
  30 class ExtensionJsonValidator {
  31
  32         /**
  33          * @var callable
  34          */
  35         private $missingDepCallback;
  36
  37         /**
  38          * @param callable $missingDepCallback
  39          */
  40         public function __construct( callable $missingDepCallback ) {
  41                 $this->missingDepCallback = $missingDepCallback;
  42         }
  43
  44         /**
  45          * @codeCoverageIgnore
  46          * @return bool
  47          */
  48         public function checkDependencies() {
  49                 if ( !class_exists( Validator::class ) ) {
  50                         call_user_func( $this->missingDepCallback,
  51                                 'The JsonSchema library cannot be found, please install it through composer.'
  52                         );
  53                         return false;
  54                 } elseif ( !class_exists( SpdxLicenses::class ) ) {
  55                         call_user_func( $this->missingDepCallback,
  56                                 'The spdx-licenses library cannot be found, please install it through composer.'
  57                         );
  58                         return false;
  59                 } elseif ( !class_exists( JsonParser::class ) ) {
  60                         call_user_func( $this->missingDepCallback,
  61                                 'The JSON lint library cannot be found, please install it through composer.'
  62                         );
  63                 }
  64
  65                 return true;
  66         }
  67
  68         /**
  69          * @param string $path file to validate
  70          * @return bool true if passes validation
  71          * @throws ExtensionJsonValidationError on any failure
  72          */
  73         public function validate( $path ) {
  74                 $contents = file_get_contents( $path );
  75                 $jsonParser = new JsonParser();
  76                 try {
  77                         $data = $jsonParser->parse( $contents, JsonParser::DETECT_KEY_CONFLICTS );
  78                 } catch ( ParsingException $e ) {
  79                         if ( $e instanceof \Seld\JsonLint\DuplicateKeyException ) {
  80                                 throw new ExtensionJsonValidationError( $e->getMessage() );
  81                         }
  82                         throw new ExtensionJsonValidationError( "$path is not valid JSON" );
  83                 }
  84
  85                 if ( !isset( $data->manifest_version ) ) {
  86                         throw new ExtensionJsonValidationError(
  87                                 "$path does not have manifest_version set." );
  88                 }
  89
  90                 $version = $data->manifest_version;
  91                 $schemaPath = __DIR__ . "/../../docs/extension.schema.v$version.json";
  92
  93                 // Not too old
  94                 if ( $version < ExtensionRegistry::OLDEST_MANIFEST_VERSION ) {
  95                         throw new ExtensionJsonValidationError(
  96                                 "$path is using a non-supported schema version"
  97                         );
  98                 } elseif ( $version > ExtensionRegistry::MANIFEST_VERSION ) {
  99                         throw new ExtensionJsonValidationError(
 100                                 "$path is using a non-supported schema version"
 101                         );
 102                 }
 103
 104                 $extraErrors = [];
 105                 // Check if it's a string, if not, schema validation will display an error
 106                 if ( isset( $data->{'license-name'} ) && is_string( $data->{'license-name'} ) ) {
 107                         $licenses = new SpdxLicenses();
 108                         $valid = $licenses->validate( $data->{'license-name'} );
 109                         if ( !$valid ) {
 110                                 $extraErrors[] = '[license-name] Invalid SPDX license identifier, '
 111                                         . 'see <https://spdx.org/licenses/>';
 112                         }
 113                 }
 114                 if ( isset( $data->url ) && is_string( $data->url ) ) {
 115                         $parsed = wfParseUrl( $data->url );
 116                         $mwoUrl = false;
 117                         if ( $parsed['host'] === 'www.mediawiki.org' ) {
 118                                 $mwoUrl = true;
 119                         } elseif ( $parsed['host'] === 'mediawiki.org' ) {
 120                                 $mwoUrl = true;
 121                                 $extraErrors[] = '[url] Should use www.mediawiki.org domain';
 122                         }
 123
 124                         if ( $mwoUrl && $parsed['scheme'] !== 'https' ) {
 125                                 $extraErrors[] = '[url] Should use HTTPS for www.mediawiki.org URLs';
 126                         }
 127                 }
 128
 129                 $validator = new Validator;
 130                 $validator->check( $data, (object)[ '$ref' => 'file://' . $schemaPath ] );
 131                 if ( $validator->isValid() && !$extraErrors ) {
 132                         // All good.
 133                         return true;
 134                 } else {
 135                         $out = "$path did not pass validation.\n";
 136                         foreach ( $validator->getErrors() as $error ) {
 137                                 $out .= "[{$error['property']}] {$error['message']}\n";
 138                         }
 139                         if ( $extraErrors ) {
 140                                 $out .= implode( "\n", $extraErrors ) . "\n";
 141                         }
 142                         throw new ExtensionJsonValidationError( $out );
 143                 }
 144         }
 145 }