dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Follow-up 3535a5f327: Remove old CSS now caches have expired"
[lhc/web/wiklou.git] / includes / auth / CheckBlocksSecondaryAuthenticationProvider.php
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
17 *
18 * @file
19 * @ingroup Auth
20 */
21
22 namespace MediaWiki\Auth;
23
24 use Config;
25 use StatusValue;
26
27 /**
28 * Check if the user is blocked, and prevent authentication if so.
29 *
30 * @ingroup Auth
31 * @since 1.27
32 */
33 class CheckBlocksSecondaryAuthenticationProvider extends AbstractSecondaryAuthenticationProvider {
34
35 /** @var bool */
36 protected $blockDisablesLogin = null;
37
38 /**
39 * @param array $params
40 * - blockDisablesLogin: (bool) Whether blocked accounts can log in,
41 * defaults to $wgBlockDisablesLogin
42 */
43 public function __construct( $params = [] ) {
44 if ( isset( $params['blockDisablesLogin'] ) ) {
45 $this->blockDisablesLogin = (bool)$params['blockDisablesLogin'];
46 }
47 }
48
49 public function setConfig( Config $config ) {
50 parent::setConfig( $config );
51
52 if ( $this->blockDisablesLogin === null ) {
53 $this->blockDisablesLogin = $this->config->get( 'BlockDisablesLogin' );
54 }
55 }
56
57 public function getAuthenticationRequests( $action, array $options ) {
58 return [];
59 }
60
61 public function beginSecondaryAuthentication( $user, array $reqs ) {
62 // @TODO Partial blocks should not prevent the user from logging in.
63 // see: https://phabricator.wikimedia.org/T208895
64 if ( !$this->blockDisablesLogin ) {
65 return AuthenticationResponse::newAbstain();
66 } elseif ( $user->getBlock() ) {
67 return AuthenticationResponse::newFail(
68 new \Message( 'login-userblocked', [ $user->getName() ] )
69 );
70 } else {
71 return AuthenticationResponse::newPass();
72 }
73 }
74
75 public function beginSecondaryAccountCreation( $user, $creator, array $reqs ) {
76 return AuthenticationResponse::newAbstain();
77 }
78
79 public function testUserForCreation( $user, $autocreate, array $options = [] ) {
80 $block = $user->isBlockedFromCreateAccount();
81 if ( $block ) {
82 if ( $block->getReason() ) {
83 $reason = $block->getReason();
84 } else {
85 $msg = \Message::newFromKey( 'blockednoreason' );
86 if ( !\RequestContext::getMain()->getUser()->isSafeToLoad() ) {
87 $msg->inContentLanguage();
88 }
89 $reason = $msg->text();
90 }
91
92 $errorParams = [
93 $block->getTarget(),
94 $reason,
95 $block->getByName()
96 ];
97
98 if ( $block->getType() === \Block::TYPE_RANGE ) {
99 $errorMessage = 'cantcreateaccount-range-text';
100 $errorParams[] = $this->manager->getRequest()->getIP();
101 } else {
102 $errorMessage = 'cantcreateaccount-text';
103 }
104
105 return StatusValue::newFatal(
106 new \Message( $errorMessage, $errorParams )
107 );
108 } else {
109 return StatusValue::newGood();
110 }
111 }
112
113 }
Wiklou, le Wiki du Wiklou