* @file
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
/**
* A special page that allows users to send e-mails to other users
}
public function getDescription() {
- $target = self::getTarget( $this->mTarget );
+ $target = self::getTarget( $this->mTarget, $this->getUser() );
if ( !$target instanceof User ) {
return $this->msg( 'emailuser-title-notarget' )->text();
}
}
protected function getFormFields() {
+ $linkRenderer = $this->getLinkRenderer();
return [
'From' => [
'type' => 'info',
'raw' => 1,
- 'default' => Linker::link(
+ 'default' => $linkRenderer->makeLink(
$this->getUser()->getUserPage(),
- htmlspecialchars( $this->getUser()->getName() )
+ $this->getUser()->getName()
),
'label-message' => 'emailfrom',
'id' => 'mw-emailuser-sender',
'To' => [
'type' => 'info',
'raw' => 1,
- 'default' => Linker::link(
+ 'default' => $linkRenderer->makeLink(
$this->mTargetObj->getUserPage(),
- htmlspecialchars( $this->mTargetObj->getName() )
+ $this->mTargetObj->getName()
),
'label-message' => 'emailto',
'id' => 'mw-emailuser-recipient',
throw new ErrorPageError( $title, $msg, $params );
}
// Got a valid target user name? Else ask for one.
- $ret = self::getTarget( $this->mTarget );
+ $ret = self::getTarget( $this->mTarget, $this->getUser() );
if ( !$ret instanceof User ) {
if ( $this->mTarget != '' ) {
// Messages used here: notargettext, noemailtext, nowikiemailtext
* Validate target User
*
* @param string $target Target user name
- * @return User User object on success or a string on error
+ * @param User|null $sender User sending the email
+ * @return User|string User object on success or a string on error
*/
- public static function getTarget( $target ) {
+ public static function getTarget( $target, User $sender = null ) {
+ if ( $sender === null ) {
+ wfDeprecated( __METHOD__ . ' without specifying the sending user', '1.30' );
+ }
+
if ( $target == '' ) {
wfDebug( "Target is empty.\n" );
}
$nu = User::newFromName( $target );
- if ( !$nu instanceof User || !$nu->getId() ) {
+ $error = self::validateTarget( $nu, $sender );
+
+ return $error ?: $nu;
+ }
+
+ /**
+ * Validate target User
+ *
+ * @param User $target Target user
+ * @param User|null $sender User sending the email
+ * @return string Error message or empty string if valid.
+ * @since 1.30
+ */
+ public static function validateTarget( $target, User $sender = null ) {
+ if ( $sender === null ) {
+ wfDeprecated( __METHOD__ . ' without specifying the sending user', '1.30' );
+ }
+
+ if ( !$target instanceof User || !$target->getId() ) {
wfDebug( "Target is invalid user.\n" );
return 'notarget';
- } elseif ( !$nu->isEmailConfirmed() ) {
+ }
+
+ if ( !$target->isEmailConfirmed() ) {
wfDebug( "User has no valid email.\n" );
return 'noemail';
- } elseif ( !$nu->canReceiveEmail() ) {
+ }
+
+ if ( !$target->canReceiveEmail() ) {
wfDebug( "User does not allow user emails.\n" );
return 'nowikiemail';
}
- return $nu;
+ if ( $sender !== null && !$target->getOption( 'email-allow-new-users' ) &&
+ $sender->isNewbie()
+ ) {
+ wfDebug( "User does not allow user emails from new users.\n" );
+
+ return 'nowikiemail';
+ }
+
+ if ( $sender !== null ) {
+ $blacklist = $target->getOption( 'email-blacklist', [] );
+ if ( $blacklist ) {
+ $lookup = CentralIdLookup::factory();
+ $senderId = $lookup->centralIdFromLocalUser( $sender );
+ if ( $senderId !== 0 && in_array( $senderId, $blacklist ) ) {
+ wfDebug( "User does not allow user emails from this user.\n" );
+
+ return 'nowikiemail';
+ }
+ }
+ }
+
+ return '';
}
/**
public static function getPermissionsError( $user, $editToken, Config $config = null ) {
if ( $config === null ) {
wfDebug( __METHOD__ . ' called without a Config instance passed to it' );
- $config = ConfigFactory::getDefaultInstance()->makeConfig( 'main' );
+ $config = MediaWikiServices::getInstance()->getMainConfig();
}
if ( !$config->get( 'EnableEmail' ) || !$config->get( 'EnableUserEmail' ) ) {
return 'usermaildisabled';
}
- if ( !$user->isAllowed( 'sendemail' ) ) {
- return 'badaccess';
- }
-
+ // Run this before $user->isAllowed, to show appropriate message to anons (T160309)
if ( !$user->isEmailConfirmed() ) {
return 'mailnologin';
}
+ if ( !$user->isAllowed( 'sendemail' ) ) {
+ return 'badaccess';
+ }
+
if ( $user->isBlockedFromEmailuser() ) {
wfDebug( "User is blocked from sending e-mail.\n" );
return "blockedemailuser";
}
- if ( $user->pingLimiter( 'emailuser' ) ) {
+ // Check the ping limiter without incrementing it - we'll check it
+ // again later and increment it on a successful send
+ if ( $user->pingLimiter( 'emailuser', 0 ) ) {
wfDebug( "Ping limiter triggered.\n" );
return 'actionthrottledtext';
'text',
[
'id' => 'emailusertarget',
- 'class' => 'mw-autocomplete-user', // used by mediawiki.userSuggest
+ 'class' => 'mw-autocomplete-user', // used by mediawiki.userSuggest
'autofocus' => true,
'size' => 30,
]
* @since 1.20
* @param array $data
* @param HTMLForm $form
- * @return Status|string|bool
+ * @return Status|bool
*/
public static function uiSubmit( array $data, HTMLForm $form ) {
return self::submit( $data, $form->getContext() );
*
* @param array $data
* @param IContextSource $context
- * @return Status|string|bool Status object, or potentially a String on error
- * or maybe even true on success if anything uses the EmailUser hook.
+ * @return Status|bool
*/
public static function submit( array $data, IContextSource $context ) {
$config = $context->getConfig();
- $target = self::getTarget( $data['Target'] );
+ $target = self::getTarget( $data['Target'], $context->getUser() );
if ( !$target instanceof User ) {
// Messages used here: notargettext, noemailtext, nowikiemailtext
- return $context->msg( $target . 'text' )->parseAsBlock();
+ return Status::newFatal( $target . 'text' );
}
$to = MailAddress::newFromUser( $target );
$text .= $context->msg( 'emailuserfooter',
$from->name, $to->name )->inContentLanguage()->text();
- $error = '';
+ // Check and increment the rate limits
+ if ( $context->getUser()->pingLimiter( 'emailuser' ) ) {
+ throw new ThrottledError();
+ }
+
+ $error = false;
if ( !Hooks::run( 'EmailUser', [ &$to, &$from, &$subject, &$text, &$error ] ) ) {
- return $error;
+ if ( $error instanceof Status ) {
+ return $error;
+ } elseif ( $error === false || $error === '' || $error === [] ) {
+ // Possibly to tell HTMLForm to pretend there was no submission?
+ return false;
+ } elseif ( $error === true ) {
+ // Hook sent the mail itself and indicates success?
+ return Status::newGood();
+ } elseif ( is_array( $error ) ) {
+ $status = Status::newGood();
+ foreach ( $error as $e ) {
+ $status->fatal( $e );
+ }
+ return $status;
+ } elseif ( $error instanceof MessageSpecifier ) {
+ return Status::newFatal( $error );
+ } else {
+ // Ugh. Either a raw HTML string, or something that's supposed
+ // to be treated like one.
+ $type = is_object( $error ) ? get_class( $error ) : gettype( $error );
+ wfDeprecated( "EmailUser hook returning a $type as \$error", '1.29' );
+ return Status::newFatal( new ApiRawMessage(
+ [ '$1', Message::rawParam( (string)$error ) ], 'hookaborted'
+ ) );
+ }
}
if ( $config->get( 'UserEmailUseReplyTo' ) ) {
dépôts / lhc / web / wiklou.git / blobdiff