1 | <?php |
||
2 | /** |
||
3 | * Email user validation plugin. |
||
4 | * Non-admin accounts are invalid until their email address is confirmed. |
||
5 | * |
||
6 | * @package Elgg.Core.Plugin |
||
7 | * @subpackage UserValidationByEmail |
||
8 | */ |
||
9 | |||
10 | /** |
||
11 | * User validation by email init |
||
12 | * |
||
13 | * @return void |
||
14 | */ |
||
15 | function uservalidationbyemail_init() { |
||
16 | |||
17 | 77 | require_once dirname(__FILE__) . '/lib/functions.php'; |
|
18 | |||
19 | // mark users as unvalidated and disable when they register |
||
20 | 77 | elgg_register_plugin_hook_handler('register', 'user', 'uservalidationbyemail_disable_new_user'); |
|
21 | |||
22 | // forward to uservalidationbyemail/emailsent page after register |
||
23 | 77 | elgg_register_plugin_hook_handler('response', 'action:register', 'uservalidationbyemail_after_registration_url'); |
|
24 | |||
25 | // canEdit override to allow not logged in code to disable a user |
||
26 | 77 | elgg_register_plugin_hook_handler('permissions_check', 'user', 'uservalidationbyemail_allow_new_user_can_edit'); |
|
27 | |||
28 | // admin user validation page |
||
29 | 77 | elgg_register_plugin_hook_handler('register', 'menu:user:unvalidated', '_uservalidationbyemail_user_unvalidated_menu'); |
|
30 | 77 | elgg_register_plugin_hook_handler('register', 'menu:user:unvalidated:bulk', '_uservalidationbyemail_user_unvalidated_bulk_menu'); |
|
31 | |||
32 | // prevent users from logging in if they aren't validated |
||
33 | 77 | register_pam_handler('uservalidationbyemail_check_auth_attempt', "required"); |
|
34 | |||
35 | // prevent the engine from logging in users via login() |
||
36 | 77 | elgg_register_event_handler('login:before', 'user', 'uservalidationbyemail_check_manual_login'); |
|
37 | |||
38 | // make admin users always validated |
||
39 | 77 | elgg_register_event_handler('make_admin', 'user', 'uservalidationbyemail_validate_new_admin_user'); |
|
40 | 77 | } |
|
41 | |||
42 | /** |
||
43 | * Disables a user upon registration |
||
44 | * |
||
45 | * @param \Elgg\Hook $hook 'register', 'user' |
||
46 | * |
||
47 | * @return void |
||
48 | */ |
||
49 | function uservalidationbyemail_disable_new_user(\Elgg\Hook $hook) { |
||
50 | |||
51 | $user = $hook->getUserParam(); |
||
52 | // no clue what's going on, so don't react. |
||
53 | if (!$user instanceof ElggUser) { |
||
54 | return; |
||
55 | } |
||
56 | |||
57 | // another plugin is requesting that registration be terminated |
||
58 | // no need for uservalidationbyemail |
||
59 | if (!$hook->getValue()) { |
||
60 | return; |
||
61 | } |
||
62 | |||
63 | // has the user already been validated? |
||
64 | if ($user->isValidated()) { |
||
65 | return; |
||
66 | } |
||
67 | |||
68 | // disable user to prevent showing up on the site |
||
69 | // set context so our canEdit() override works |
||
70 | elgg_push_context('uservalidationbyemail_new_user'); |
||
71 | |||
72 | elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function () use ($user) { |
||
73 | // Don't do a recursive disable. Any entities owned by the user at this point |
||
74 | // are products of plugins that hook into create user and might need |
||
75 | // access to the entities. |
||
76 | // @todo That ^ sounds like a specific case...would be nice to track it down... |
||
77 | $user->disable('uservalidationbyemail_new_user', false); |
||
78 | |||
79 | // set user as unvalidated and send out validation email |
||
80 | $user->setValidationStatus(false); |
||
81 | uservalidationbyemail_request_validation($user->guid); |
||
82 | |||
83 | }); |
||
84 | |||
85 | elgg_pop_context(); |
||
86 | } |
||
87 | |||
88 | /** |
||
89 | * Override the URL to be forwarded after registration |
||
90 | * |
||
91 | * @param \Elgg\Hook $hook 'response', 'action:register' |
||
92 | * |
||
93 | * @return void|\Elgg\Http\ResponseBuilder |
||
94 | */ |
||
95 | function uservalidationbyemail_after_registration_url(\Elgg\Hook $hook) { |
||
96 | if (elgg_get_session()->get('emailsent')) { |
||
97 | $value = $hook->getValue(); |
||
98 | $value->setForwardURL(elgg_normalize_url('uservalidationbyemail/emailsent')); |
||
99 | return $value; |
||
100 | } |
||
101 | } |
||
102 | |||
103 | /** |
||
104 | * Override the canEdit() call for if we're in the context of registering a new user. |
||
105 | * |
||
106 | * @param \Elgg\Hook $hook 'permissions_check', 'user' |
||
107 | * |
||
108 | * @return void|true |
||
109 | */ |
||
110 | function uservalidationbyemail_allow_new_user_can_edit(\Elgg\Hook $hook) { |
||
111 | |||
112 | // $params['user'] is the user to check permissions for. |
||
113 | // we want the entity to check, which is a user. |
||
114 | 134 | if (!$hook->getEntityParam() instanceof ElggUser) { |
|
115 | return; |
||
116 | } |
||
117 | |||
118 | 134 | $context = elgg_get_context(); |
|
119 | 134 | if ($context == 'uservalidationbyemail_new_user' || $context == 'uservalidationbyemail_validate_user') { |
|
120 | return true; |
||
121 | } |
||
122 | 134 | } |
|
123 | |||
124 | /** |
||
125 | * Checks if an account is validated |
||
126 | * |
||
127 | * @param array $credentials The username and password |
||
128 | * |
||
129 | * @return void |
||
130 | */ |
||
131 | function uservalidationbyemail_check_auth_attempt($credentials) { |
||
132 | |||
133 | 10 | if (!isset($credentials['username'])) { |
|
134 | 2 | return; |
|
135 | } |
||
136 | |||
137 | 8 | $username = $credentials['username']; |
|
138 | |||
139 | // See if the user exists and isn't validated |
||
140 | elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($username) { |
||
141 | // check if logging in with email address |
||
142 | 8 | if (strpos($username, '@') !== false) { |
|
143 | $users = get_user_by_email($username); |
||
144 | if (!empty($users)) { |
||
145 | $username = $users[0]->username; |
||
146 | } |
||
147 | } |
||
148 | |||
149 | 8 | $user = get_user_by_username($username); |
|
150 | 8 | if ($user && isset($user->validated) && !$user->validated) { |
|
151 | // show an error and resend validation email |
||
152 | uservalidationbyemail_request_validation($user->guid); |
||
153 | |||
154 | throw new LoginException(elgg_echo('uservalidationbyemail:login:fail')); |
||
155 | } |
||
156 | 8 | }); |
|
157 | 8 | } |
|
158 | |||
159 | /** |
||
160 | * Make sure any admin users are automatically validated |
||
161 | * |
||
162 | * @param \Elgg\Event $event 'make_admin', 'user' |
||
163 | * |
||
164 | * @return void |
||
165 | */ |
||
166 | function uservalidationbyemail_validate_new_admin_user(\Elgg\Event $event) { |
||
167 | 4 | $user = $event->getObject(); |
|
168 | 4 | if ($user instanceof ElggUser && $user->isValidated() !== true) { |
|
169 | 4 | $user->setValidationStatus(true, 'admin_user'); |
|
170 | } |
||
171 | 4 | } |
|
172 | |||
173 | /** |
||
174 | * Prevent a manual code login with login() |
||
175 | * |
||
176 | * @param \Elgg\Event $event 'login:before', 'user' |
||
177 | * |
||
178 | * @return void |
||
179 | * |
||
180 | * @throws LoginException |
||
181 | */ |
||
182 | function uservalidationbyemail_check_manual_login(\Elgg\Event $event) { |
||
183 | 9 | $user = $event->getObject(); |
|
184 | elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($user) { |
||
185 | 9 | if (($user instanceof ElggUser) && !$user->isEnabled() && !$user->validated) { |
|
186 | // send new validation email |
||
187 | uservalidationbyemail_request_validation($user->guid); |
||
188 | |||
189 | // throw error so we get a nice error message |
||
190 | throw new LoginException(elgg_echo('uservalidationbyemail:login:fail')); |
||
191 | } |
||
192 | 9 | }); |
|
193 | 9 | } |
|
194 | |||
195 | /** |
||
196 | * Add a menu item to an unvalidated user |
||
197 | * |
||
198 | * @param \Elgg\Hook $hook the plugin hook 'register' 'menu:user:unvalidated' |
||
199 | * |
||
200 | * @return void|ElggMenuItem[] |
||
201 | * |
||
202 | * @since 3.0 |
||
203 | * @internal |
||
204 | */ |
||
205 | function _uservalidationbyemail_user_unvalidated_menu(\Elgg\Hook $hook) { |
||
0 ignored issues
–
show
Coding Style
introduced
by
Loading history...
|
|||
206 | |||
207 | if (!elgg_is_admin_logged_in()) { |
||
208 | return; |
||
209 | } |
||
210 | |||
211 | $entity = $hook->getEntityParam(); |
||
212 | if (!$entity instanceof ElggUser) { |
||
213 | return; |
||
214 | } |
||
215 | |||
216 | $return = $hook->getValue(); |
||
217 | |||
218 | $return[] = ElggMenuItem::factory([ |
||
219 | 'name' => 'uservalidationbyemail:resend', |
||
220 | 'text' => elgg_echo('uservalidationbyemail:admin:resend_validation'), |
||
221 | 'href' => elgg_http_add_url_query_elements('action/uservalidationbyemail/resend_validation', [ |
||
222 | 'user_guids[]' => $entity->guid, |
||
223 | ]), |
||
224 | 'confirm' => elgg_echo('uservalidationbyemail:confirm_resend_validation', [$entity->getDisplayName()]), |
||
225 | 'priority' => 100, |
||
226 | ]); |
||
227 | |||
228 | return $return; |
||
229 | } |
||
230 | |||
231 | /** |
||
232 | * Add a menu item to the buld actions for unvalidated users |
||
233 | * |
||
234 | * @param \Elgg\Hook $hook the plugin hook 'register' 'menu:user:unvalidated:bulk' |
||
235 | * |
||
236 | * @return void|ElggMenuItem[] |
||
237 | * |
||
238 | * @since 3.0 |
||
239 | * @internal |
||
240 | */ |
||
241 | function _uservalidationbyemail_user_unvalidated_bulk_menu(\Elgg\Hook $hook) { |
||
0 ignored issues
–
show
|
|||
242 | |||
243 | if (!elgg_is_admin_logged_in()) { |
||
244 | return; |
||
245 | } |
||
246 | |||
247 | $return = $hook->getValue(); |
||
248 | |||
249 | $return[] = ElggMenuItem::factory([ |
||
250 | 'id' => 'uservalidationbyemail-bulk-resend', |
||
251 | 'name' => 'uservalidationbyemail:resend:bulk', |
||
252 | 'text' => elgg_echo('uservalidationbyemail:admin:resend_validation'), |
||
253 | 'href' => 'action/uservalidationbyemail/resend_validation', |
||
254 | 'confirm' => elgg_echo('uservalidationbyemail:confirm_resend_validation_checked'), |
||
255 | 'priority' => 100, |
||
256 | 'section' => 'right', |
||
257 | 'deps' => 'elgg/uservalidationbyemail', |
||
258 | ]); |
||
259 | |||
260 | return $return; |
||
261 | } |
||
262 | |||
263 | return function() { |
||
264 | 80 | elgg_register_event_handler('init', 'system', 'uservalidationbyemail_init'); |
|
265 | }; |
||
266 |