Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php declare(strict_types=1); /** * Passbolt ~ Open source password manager for teams ..
Decoded Output download
<?php
declare(strict_types=1);
/**
* Passbolt ~ Open source password manager for teams
* Copyright (c) Passbolt SA (https://www.passbolt.com)
*
* Licensed under GNU Affero General Public License version 3 of the or any later version.
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Passbolt SA (https://www.passbolt.com)
* @license https://opensource.org/licenses/AGPL-3.0 AGPL License
* @link https://www.passbolt.com Passbolt(tm)
* @since 3.1.0
*/
namespace App\Command;
use App\Service\Command\ProcessUserService;
use Cake\Command\Command;
use Cake\Console\Arguments;
use Cake\Console\ConsoleIo;
use Cake\Console\ConsoleOptionParser;
use Cake\Core\Configure;
/**
* Passbolt command.
*/
class PassboltCommand extends Command
{
/**
* The Passbolt welcome banner should be shown only once.
* This is a memory cell to that aim.
*
* @var bool
*/
public static $welcomeBannerWasAlreadyShown = false;
/**
* List of popular webserver usernames.
*
* @var string[]
*/
public const KNOWN_WEBSERVER_USERS = [
'www-data',
'nginx',
'apache',
'http',
];
/**
* @inheritDoc
*/
public function initialize(): void
{
parent::initialize();
CommandBootstrap::init();
}
/**
* All commands are extend the present command.
* There execution in the console should called by "passbolt this-command".
* This method prepends the name of the command if required.
*
* @return string
*/
public static function defaultName(): string
{
$consoleName = parent::defaultName();
if (strtolower($consoleName) !== 'passbolt') {
$consoleName = 'passbolt ' . $consoleName;
}
return $consoleName;
}
/**
* Hook method for defining this command's option parser.
*
* @see https://book.cakephp.org/4/en/console-commands/commands.html#defining-arguments-and-options
* @param \Cake\Console\ConsoleOptionParser $parser The parser to be defined
* @return \Cake\Console\ConsoleOptionParser The built parser.
*/
public function buildOptionParser(ConsoleOptionParser $parser): ConsoleOptionParser
{
$parser->setDescription(
__('The Passbolt CLI offers an access to the passbolt API directly from the console.')
);
$parser->addArgument('cleanup', [
'help' => __d('cake_console', 'Identify and fix database relational integrity issues.'),
]);
$parser->addArgument('datacheck', [
'help' => __d('cake_console', 'Revalidate the data of the passbolt installation.'),
]);
$parser->addArgument('drop_tables', [
'help' => __d('cake_console', 'Drop all the tables. Dangerous but useful for a full reinstall.'),
]);
$parser->addArgument('healthcheck', [
'help' => __d('cake_console', 'Run a healthcheck for this passbolt instance.'),
]);
$parser->addArgument('install', [
'help' => __d('cake_console', 'Installation shell for the passbolt application.'),
]);
$parser->addArgument('keyring_init', [
'help' => __d('cake_console', 'Init the GnuPG keyring.'),
]);
if (Configure::read('passbolt.plugins.license')) {
$parser->addArgument('license_check', [
'help' => __d('cake_console', 'Check the license.'),
]);
}
$parser->addArgument('migrate', [
'help' => __d('cake_console', 'Run database migrations.'),
]);
$parser->addArgument('mysql_export', [
'help' =>
__d('cake_console', 'Utility to export mysql database backups.') . ' ' .
__d('cake_console', 'Deprecated, use instead sql_export.'),
]);
$parser->addArgument('mysql_import', [
'help' => __d('cake_console', 'Utility to import mysql database backups.'),
]);
$parser->addArgument('purge_email_queue', [
'help' => __d('cake_console', 'Purge email queue table content.'),
]);
$parser->addArgument('recover_user', [
'help' => __d('cake_console', 'Get an existing account recovery token, or create a new one.'),
]);
$parser->addArgument('register_user', [
'help' => __d('cake_console', 'Register a new user.'),
]);
$parser->addArgument('send_test_email', [
'help' => __d('cake_console', 'Try to send a test email and display debug information.'),
]);
$parser->addArgument('show_logs_path', [
'help' => __d('cake_console', 'Show application logs.'),
]);
$parser->addArgument('show_queued_emails', [
'help' => __d('cake_console', 'Shows records from email_queue table.'),
]);
$parser->addArgument('sql_export', [
'help' => __d('cake_console', 'Utility to export sql database backups.'),
]);
$parser->addArgument('version', [
'help' => __d('cake_console', 'Provide version number'),
]);
return $parser;
}
/**
* Implement this method with your command's logic.
*
* @param \Cake\Console\Arguments $args The command arguments.
* @param \Cake\Console\ConsoleIo $io The console io
* @return null|int The exit code or null for success
*/
public function execute(Arguments $args, ConsoleIo $io): ?int
{
if ($this->skipPassboltWelcome($args)) {
return $this->successCode();
}
$io->out();
$io->out(' ____ __ ____ ');
$io->out(' / __ \____ _____ ____/ /_ ____ / / /_ ');
$io->out(' / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/ ');
$io->out(' / ____/ /_/ (__ |__ ) /_/ / /_/ / / / ');
$io->out(' /_/ \__,_/____/____/_.___/\____/_/\__/ ');
$io->out();
$io->out(' Open source password manager for teams');
$io->hr();
self::$welcomeBannerWasAlreadyShown = true;
$this->showHelp($args, $io);
return $this->successCode();
}
/**
* Appends a series of options to the options provided.
*
* @param \Cake\Console\Arguments $args Arguments.
* @param array $options Options to append.
* @return array
*/
public function formatOptions(Arguments $args, array $options = []): array
{
if ($args->getOption('quiet') && !in_array('-q', $options)) {
$options[] = '-q';
}
return $options;
}
/**
* Display an error message
*
* @param string $msg message
* @param \Cake\Console\ConsoleIo $io Console IO.
* @return void
*/
public function error(string $msg, ConsoleIo $io): void
{
$io->out('<error>' . $msg . '</error>');
}
/**
* Display a success message
*
* @param string $msg message
* @param \Cake\Console\ConsoleIo $io Console IO.
* @return void
*/
protected function success(string $msg, ConsoleIo $io): void
{
$io->out('<success>' . $msg . '</success>');
}
/**
* Checks if user running the command is valid or not. If not, aborts or shows warning depending on severity.
*
* @param \Cake\Console\ConsoleIo $io IO object.
* @param \App\Service\Command\ProcessUserService $processUserService process user service
* @return void
*/
protected function assertCurrentProcessUser(ConsoleIo $io, ProcessUserService $processUserService)
{
if (!$this->assertNotRoot($processUserService, $io)) {
$this->error(__('aborting'), $io);
$this->abort();
}
$isWebserverUser = in_array($processUserService->getName(), self::KNOWN_WEBSERVER_USERS);
if (!$isWebserverUser) {
$io->out();
$io->warning(__('Passbolt commands should only be executed as the web server user.'));
$io->out();
$io->info(__('The command should be executed with the same user as your web server. By instance:'));
$io->info('su -s /bin/bash -c "' . ROOT . '/bin/cake COMMAND" HTTP_USER');
$io->info(
__(
'where HTTP_USER match your web server user: {0}',
implode(', ', self::KNOWN_WEBSERVER_USERS)
)
);
$io->out();
}
}
/**
* Some of the passbolt commands shouldn't be executed as root.
* By instance it's the case of the healthcheck command that needs to be executed with the same user as your web server.
*
* @param \App\Service\Command\ProcessUserService $processUserService Process user service.
* @param \Cake\Console\ConsoleIo $io Console IO.
* @return bool true if user is root
*/
protected function assertNotRoot(ProcessUserService $processUserService, ConsoleIo $io): bool
{
if ($processUserService->getName() === 'root') {
$io->out();
$this->error('Passbolt commands cannot be executed as root.', $io);
$io->out();
$io->out('The command should be executed with the same user as your web server. By instance:');
$io->out('su -s /bin/bash -c "' . ROOT . '/bin/cake COMMAND" HTTP_USER');
$io->out(
__(
'where HTTP_USER match your web server user: {0}',
implode(', ', self::KNOWN_WEBSERVER_USERS)
)
);
$io->out();
return false;
}
return true;
}
/**
* Checks if current process user is known webserver user or not.
*
* @return bool Returns `true` if known webserver user, `false` otherwise.
*/
protected function isWebserverUser(): bool
{
return in_array(PROCESS_USER, self::KNOWN_WEBSERVER_USERS);
}
/**
* Return error code
*
* @return int
*/
protected function errorCode(): int
{
return self::CODE_ERROR;
}
/**
* Return success code
*
* @return int
*/
protected function successCode(): int
{
return self::CODE_SUCCESS;
}
/**
* Skip the Passbolt welcome message.
*
* @param \Cake\Console\Arguments $args Arguments.
* @return bool
*/
protected function skipPassboltWelcome(Arguments $args): bool
{
if ($args->getOption('quiet') || self::$welcomeBannerWasAlreadyShown) {
return true;
}
return in_array(static::class, [
ShowLogsPathCommand::class,
]);
}
/**
* Display help options if "bin/cake passbolt" is called.
*
* @param \Cake\Console\Arguments $args Arguments.
* @param \Cake\Console\ConsoleIo $io Console IO.
* @return void
*/
private function showHelp(Arguments $args, ConsoleIo $io): void
{
$command = static::class;
if (!$args->getOption('help') && ($command === PassboltCommand::class)) {
$this->displayHelp($this->getOptionParser(), $args, $io);
}
}
/**
* Abort command if not in debug mode.
*
* @param \Cake\Console\ConsoleIo $io Console IO
* @return void
*/
protected function abortIfNotInDebugMode(ConsoleIo $io): void
{
if (Configure::read('debug') !== true) {
$io->error('This command is available in debug mode only.');
$this->abort();
}
}
}
?>
Did this file decode correctly?
Original Code
<?php
declare(strict_types=1);
/**
* Passbolt ~ Open source password manager for teams
* Copyright (c) Passbolt SA (https://www.passbolt.com)
*
* Licensed under GNU Affero General Public License version 3 of the or any later version.
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Passbolt SA (https://www.passbolt.com)
* @license https://opensource.org/licenses/AGPL-3.0 AGPL License
* @link https://www.passbolt.com Passbolt(tm)
* @since 3.1.0
*/
namespace App\Command;
use App\Service\Command\ProcessUserService;
use Cake\Command\Command;
use Cake\Console\Arguments;
use Cake\Console\ConsoleIo;
use Cake\Console\ConsoleOptionParser;
use Cake\Core\Configure;
/**
* Passbolt command.
*/
class PassboltCommand extends Command
{
/**
* The Passbolt welcome banner should be shown only once.
* This is a memory cell to that aim.
*
* @var bool
*/
public static $welcomeBannerWasAlreadyShown = false;
/**
* List of popular webserver usernames.
*
* @var string[]
*/
public const KNOWN_WEBSERVER_USERS = [
'www-data',
'nginx',
'apache',
'http',
];
/**
* @inheritDoc
*/
public function initialize(): void
{
parent::initialize();
CommandBootstrap::init();
}
/**
* All commands are extend the present command.
* There execution in the console should called by "passbolt this-command".
* This method prepends the name of the command if required.
*
* @return string
*/
public static function defaultName(): string
{
$consoleName = parent::defaultName();
if (strtolower($consoleName) !== 'passbolt') {
$consoleName = 'passbolt ' . $consoleName;
}
return $consoleName;
}
/**
* Hook method for defining this command's option parser.
*
* @see https://book.cakephp.org/4/en/console-commands/commands.html#defining-arguments-and-options
* @param \Cake\Console\ConsoleOptionParser $parser The parser to be defined
* @return \Cake\Console\ConsoleOptionParser The built parser.
*/
public function buildOptionParser(ConsoleOptionParser $parser): ConsoleOptionParser
{
$parser->setDescription(
__('The Passbolt CLI offers an access to the passbolt API directly from the console.')
);
$parser->addArgument('cleanup', [
'help' => __d('cake_console', 'Identify and fix database relational integrity issues.'),
]);
$parser->addArgument('datacheck', [
'help' => __d('cake_console', 'Revalidate the data of the passbolt installation.'),
]);
$parser->addArgument('drop_tables', [
'help' => __d('cake_console', 'Drop all the tables. Dangerous but useful for a full reinstall.'),
]);
$parser->addArgument('healthcheck', [
'help' => __d('cake_console', 'Run a healthcheck for this passbolt instance.'),
]);
$parser->addArgument('install', [
'help' => __d('cake_console', 'Installation shell for the passbolt application.'),
]);
$parser->addArgument('keyring_init', [
'help' => __d('cake_console', 'Init the GnuPG keyring.'),
]);
if (Configure::read('passbolt.plugins.license')) {
$parser->addArgument('license_check', [
'help' => __d('cake_console', 'Check the license.'),
]);
}
$parser->addArgument('migrate', [
'help' => __d('cake_console', 'Run database migrations.'),
]);
$parser->addArgument('mysql_export', [
'help' =>
__d('cake_console', 'Utility to export mysql database backups.') . ' ' .
__d('cake_console', 'Deprecated, use instead sql_export.'),
]);
$parser->addArgument('mysql_import', [
'help' => __d('cake_console', 'Utility to import mysql database backups.'),
]);
$parser->addArgument('purge_email_queue', [
'help' => __d('cake_console', 'Purge email queue table content.'),
]);
$parser->addArgument('recover_user', [
'help' => __d('cake_console', 'Get an existing account recovery token, or create a new one.'),
]);
$parser->addArgument('register_user', [
'help' => __d('cake_console', 'Register a new user.'),
]);
$parser->addArgument('send_test_email', [
'help' => __d('cake_console', 'Try to send a test email and display debug information.'),
]);
$parser->addArgument('show_logs_path', [
'help' => __d('cake_console', 'Show application logs.'),
]);
$parser->addArgument('show_queued_emails', [
'help' => __d('cake_console', 'Shows records from email_queue table.'),
]);
$parser->addArgument('sql_export', [
'help' => __d('cake_console', 'Utility to export sql database backups.'),
]);
$parser->addArgument('version', [
'help' => __d('cake_console', 'Provide version number'),
]);
return $parser;
}
/**
* Implement this method with your command's logic.
*
* @param \Cake\Console\Arguments $args The command arguments.
* @param \Cake\Console\ConsoleIo $io The console io
* @return null|int The exit code or null for success
*/
public function execute(Arguments $args, ConsoleIo $io): ?int
{
if ($this->skipPassboltWelcome($args)) {
return $this->successCode();
}
$io->out();
$io->out(' ____ __ ____ ');
$io->out(' / __ \____ _____ ____/ /_ ____ / / /_ ');
$io->out(' / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/ ');
$io->out(' / ____/ /_/ (__ |__ ) /_/ / /_/ / / / ');
$io->out(' /_/ \__,_/____/____/_.___/\____/_/\__/ ');
$io->out();
$io->out(' Open source password manager for teams');
$io->hr();
self::$welcomeBannerWasAlreadyShown = true;
$this->showHelp($args, $io);
return $this->successCode();
}
/**
* Appends a series of options to the options provided.
*
* @param \Cake\Console\Arguments $args Arguments.
* @param array $options Options to append.
* @return array
*/
public function formatOptions(Arguments $args, array $options = []): array
{
if ($args->getOption('quiet') && !in_array('-q', $options)) {
$options[] = '-q';
}
return $options;
}
/**
* Display an error message
*
* @param string $msg message
* @param \Cake\Console\ConsoleIo $io Console IO.
* @return void
*/
public function error(string $msg, ConsoleIo $io): void
{
$io->out('<error>' . $msg . '</error>');
}
/**
* Display a success message
*
* @param string $msg message
* @param \Cake\Console\ConsoleIo $io Console IO.
* @return void
*/
protected function success(string $msg, ConsoleIo $io): void
{
$io->out('<success>' . $msg . '</success>');
}
/**
* Checks if user running the command is valid or not. If not, aborts or shows warning depending on severity.
*
* @param \Cake\Console\ConsoleIo $io IO object.
* @param \App\Service\Command\ProcessUserService $processUserService process user service
* @return void
*/
protected function assertCurrentProcessUser(ConsoleIo $io, ProcessUserService $processUserService)
{
if (!$this->assertNotRoot($processUserService, $io)) {
$this->error(__('aborting'), $io);
$this->abort();
}
$isWebserverUser = in_array($processUserService->getName(), self::KNOWN_WEBSERVER_USERS);
if (!$isWebserverUser) {
$io->out();
$io->warning(__('Passbolt commands should only be executed as the web server user.'));
$io->out();
$io->info(__('The command should be executed with the same user as your web server. By instance:'));
$io->info('su -s /bin/bash -c "' . ROOT . '/bin/cake COMMAND" HTTP_USER');
$io->info(
__(
'where HTTP_USER match your web server user: {0}',
implode(', ', self::KNOWN_WEBSERVER_USERS)
)
);
$io->out();
}
}
/**
* Some of the passbolt commands shouldn't be executed as root.
* By instance it's the case of the healthcheck command that needs to be executed with the same user as your web server.
*
* @param \App\Service\Command\ProcessUserService $processUserService Process user service.
* @param \Cake\Console\ConsoleIo $io Console IO.
* @return bool true if user is root
*/
protected function assertNotRoot(ProcessUserService $processUserService, ConsoleIo $io): bool
{
if ($processUserService->getName() === 'root') {
$io->out();
$this->error('Passbolt commands cannot be executed as root.', $io);
$io->out();
$io->out('The command should be executed with the same user as your web server. By instance:');
$io->out('su -s /bin/bash -c "' . ROOT . '/bin/cake COMMAND" HTTP_USER');
$io->out(
__(
'where HTTP_USER match your web server user: {0}',
implode(', ', self::KNOWN_WEBSERVER_USERS)
)
);
$io->out();
return false;
}
return true;
}
/**
* Checks if current process user is known webserver user or not.
*
* @return bool Returns `true` if known webserver user, `false` otherwise.
*/
protected function isWebserverUser(): bool
{
return in_array(PROCESS_USER, self::KNOWN_WEBSERVER_USERS);
}
/**
* Return error code
*
* @return int
*/
protected function errorCode(): int
{
return self::CODE_ERROR;
}
/**
* Return success code
*
* @return int
*/
protected function successCode(): int
{
return self::CODE_SUCCESS;
}
/**
* Skip the Passbolt welcome message.
*
* @param \Cake\Console\Arguments $args Arguments.
* @return bool
*/
protected function skipPassboltWelcome(Arguments $args): bool
{
if ($args->getOption('quiet') || self::$welcomeBannerWasAlreadyShown) {
return true;
}
return in_array(static::class, [
ShowLogsPathCommand::class,
]);
}
/**
* Display help options if "bin/cake passbolt" is called.
*
* @param \Cake\Console\Arguments $args Arguments.
* @param \Cake\Console\ConsoleIo $io Console IO.
* @return void
*/
private function showHelp(Arguments $args, ConsoleIo $io): void
{
$command = static::class;
if (!$args->getOption('help') && ($command === PassboltCommand::class)) {
$this->displayHelp($this->getOptionParser(), $args, $io);
}
}
/**
* Abort command if not in debug mode.
*
* @param \Cake\Console\ConsoleIo $io Console IO
* @return void
*/
protected function abortIfNotInDebugMode(ConsoleIo $io): void
{
if (Configure::read('debug') !== true) {
$io->error('This command is available in debug mode only.');
$this->abort();
}
}
}
Function Calls
None |
Stats
MD5 | 711d394a65adf65fd73fea2d308b7c3d |
Eval Count | 0 |
Decode Time | 88 ms |