1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
<?php
/**
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @file
* @ingroup Auth
*/
namespace MediaWiki\Auth;
use Config;
use StatusValue;
/**
* Check if the user is blocked, and prevent authentication if so.
*
* @ingroup Auth
* @since 1.27
*/
class CheckBlocksSecondaryAuthenticationProvider extends AbstractSecondaryAuthenticationProvider {
/** @var bool */
protected $blockDisablesLogin = null;
/**
* @param array $params
* - blockDisablesLogin: (bool) Whether blocked accounts can log in,
* defaults to $wgBlockDisablesLogin
*/
public function __construct( $params = [] ) {
if ( isset( $params['blockDisablesLogin'] ) ) {
$this->blockDisablesLogin = (bool)$params['blockDisablesLogin'];
}
}
public function setConfig( Config $config ) {
parent::setConfig( $config );
if ( $this->blockDisablesLogin === null ) {
$this->blockDisablesLogin = $this->config->get( 'BlockDisablesLogin' );
}
}
public function getAuthenticationRequests( $action, array $options ) {
return [];
}
public function beginSecondaryAuthentication( $user, array $reqs ) {
if ( !$this->blockDisablesLogin ) {
return AuthenticationResponse::newAbstain();
} elseif ( $user->isBlocked() ) {
return AuthenticationResponse::newFail(
new \Message( 'login-userblocked', [ $user->getName() ] )
);
} else {
return AuthenticationResponse::newPass();
}
}
public function beginSecondaryAccountCreation( $user, $creator, array $reqs ) {
return AuthenticationResponse::newAbstain();
}
public function testUserForCreation( $user, $autocreate, array $options = [] ) {
$block = $user->isBlockedFromCreateAccount();
if ( $block ) {
if ( $block->mReason ) {
$reason = $block->mReason;
} else {
$msg = \Message::newFromKey( 'blockednoreason' );
if ( !\RequestContext::getMain()->getUser()->isSafeToLoad() ) {
$msg->inContentLanguage();
}
$reason = $msg->text();
}
$errorParams = [
$block->getTarget(),
$reason,
$block->getByName()
];
if ( $block->getType() === \Block::TYPE_RANGE ) {
$errorMessage = 'cantcreateaccount-range-text';
$errorParams[] = $this->manager->getRequest()->getIP();
} else {
$errorMessage = 'cantcreateaccount-text';
}
return StatusValue::newFatal(
new \Message( $errorMessage, $errorParams )
);
} else {
return StatusValue::newGood();
}
}
}
|