]> git.mxchange.org Git - quix0rs-gnu-social.git/blobdiff - plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php
remove superfluous whitespace
[quix0rs-gnu-social.git] / plugins / RequireValidatedEmail / RequireValidatedEmailPlugin.php
index 4806538a040b2fe0d5c4b1795e72589746cdcf91..719dba89cda520a7337b1bf8cc54c9c1f0e4f28b 100644 (file)
@@ -22,7 +22,8 @@
  * @category  Plugin
  * @package   StatusNet
  * @author    Craig Andrews <candrews@integralblue.com>
- * @copyright 2009 Craig Andrews http://candrews.integralblue.com
+ * @author    Brion Vibber <brion@status.net>
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  * @link      http://status.net/
  */
@@ -33,20 +34,139 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
 
 class RequireValidatedEmailPlugin extends Plugin
 {
+    // Users created before this time will be grandfathered in
+    // without the validation requirement.
+    public $grandfatherCutoff=null;
+
+    // If OpenID plugin is installed, users with a verified OpenID
+    // association whose provider URL matches one of these regexes
+    // will be considered to be sufficiently valid for our needs.
+    //
+    // For example, to trust WikiHow and Wikipedia OpenID users:
+    //
+    // addPlugin('RequireValidatedEmailPlugin', array(
+    //    'trustedOpenIDs' => array(
+    //        '!^http://\w+\.wikihow\.com/!',
+    //        '!^http://\w+\.wikipedia\.org/!',
+    //    ),
+    // ));
+    public $trustedOpenIDs=array();
+
     function __construct()
     {
         parent::__construct();
     }
 
+    /**
+     * Event handler for notice saves; rejects the notice
+     * if user's address isn't validated.
+     *
+     * @param Notice $notice
+     * @return bool hook result code
+     */
     function onStartNoticeSave($notice)
     {
         $user = User::staticGet('id', $notice->profile_id);
         if (!empty($user)) { // it's a remote notice
-            if (empty($user->email)) {
-                throw new ClientException(_("You must validate your email address before posting."));
+            if (!$this->validated($user)) {
+                throw new ClientException(_m("You must validate your email address before posting."));
             }
         }
         return true;
     }
-}
 
+    /**
+     * Event handler for registration attempts; rejects the registration
+     * if email field is missing.
+     *
+     * @param RegisterAction $action
+     * @return bool hook result code
+     */
+    function onStartRegistrationTry($action)
+    {
+        $email = $action->trimmed('email');
+
+        if (empty($email)) {
+            $action->showForm(_m('You must provide an email address to register.'));
+            return false;
+        }
+
+        // Default form will run address format validation and reject if bad.
+
+        return true;
+    }
+
+    /**
+     * Check if a user has a validated email address or has been
+     * otherwise grandfathered in.
+     *
+     * @param User $user
+     * @return bool
+     */
+    protected function validated($user)
+    {
+        // The email field is only stored after validation...
+        // Until then you'll find them in confirm_address.
+        $knownGood = !empty($user->email) ||
+                     $this->grandfathered($user) ||
+                     $this->hasTrustedOpenID($user);
+
+        // Give other plugins a chance to override, if they can validate
+        // that somebody's ok despite a non-validated email.
+        Event::handle('RequireValidatedEmailPlugin_Override', array($user, &$knownGood));
+
+        return $knownGood;
+    }
+
+    /**
+     * Check if a user was created before the grandfathering cutoff.
+     * If so, we won't need to check for validation.
+     *
+     * @param User $user
+     * @return bool
+     */
+    protected function grandfathered($user)
+    {
+        if ($this->grandfatherCutoff) {
+            $created = strtotime($user->created . " GMT");
+            $cutoff = strtotime($this->grandfatherCutoff);
+            if ($created < $cutoff) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Override for RequireValidatedEmail plugin. If we have a user who's
+     * not validated an e-mail, but did come from a trusted provider,
+     * we'll consider them ok.
+     */
+    function hasTrustedOpenID($user)
+    {
+        if ($this->trustedOpenIDs && class_exists('User_openid')) {
+            foreach ($this->trustedOpenIDs as $regex) {
+                $oid = new User_openid();
+                $oid->user_id = $user->id;
+                $oid->find();
+                while ($oid->fetch()) {
+                    if (preg_match($regex, $oid->canonical)) {
+                        return true;
+                    }
+                }
+            }
+        }
+        return false;
+    }
+
+    function onPluginVersion(&$versions)
+    {
+        $versions[] = array('name' => 'Require Validated Email',
+                            'version' => STATUSNET_VERSION,
+                            'author' => 'Craig Andrews, Evan Prodromou, Brion Vibber',
+                            'homepage' => 'http://status.net/wiki/Plugin:RequireValidatedEmail',
+                            'rawdescription' =>
+                            _m('The Require Validated Email plugin disables posting for accounts that do not have a validated email address.'));
+        return true;
+    }
+}