Add config option for RequireValidatedEmail plugin to skip the check for folks with...

Also added an event that other plugins or local config can use to override the checks.

diff --git a/plugins/RequireValidatedEmail/README b/plugins/RequireValidatedEmail/README
index 46ee24d5fe1e496baef4ebe96b9dd7155e4431ee..84b1485b250d37682ea3c2eb9f2e5d5a6693692f 100644 (file)
--- a/plugins/RequireValidatedEmail/README
+++ b/plugins/RequireValidatedEmail/README
@@ -12,6 +12,20 @@ registered prior to that timestamp.
   addPlugin('RequireValidatedEmail',
             array('grandfatherCutoff' => 'Dec 7, 2009');
 
+You can also exclude the validation checks from OpenID accounts
+connected to a trusted provider, by providing a list of regular
+expressions to match their provider URLs.
+
+For example, to trust WikiHow and Wikipedia users:
+
+  addPlugin('RequireValidatedEmailPlugin', array(
+     'trustedOpenIDs' => array(
+         '!^http://\w+\.wikihow\.com/!',
+         '!^http://\w+\.wikipedia\.org/!',
+     ),
+  ));
+
+
 
 Todo:
 * add a more visible indicator that validation is still outstanding

diff --git a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php
index ccefa14f62f7abffa33ececd6faace9859e94370..009a2f78e1ff432c06dcbde9346f3dff833cc3bc 100644 (file)
--- a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php
+++ b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php
@@ -37,6 +37,20 @@ class RequireValidatedEmailPlugin extends Plugin
     // without the validation requirement.
     public $grandfatherCutoff=null;
 
+    // If OpenID plugin is installed, users with a verified OpenID
+    // association whose provider URL matches one of these regexes
+    // will be considered to be sufficiently valid for our needs.
+    //
+    // For example, to trust WikiHow and Wikipedia OpenID users:
+    //
+    // addPlugin('RequireValidatedEmailPlugin', array(
+    //    'trustedOpenIDs' => array(
+    //        '!^http://\w+\.wikihow\.com/!',
+    //        '!^http://\w+\.wikipedia\.org/!',
+    //    ),
+    // ));
+    public $trustedOpenIDs=array();
+
     function __construct()
     {
         parent::__construct();
@@ -90,13 +104,17 @@ class RequireValidatedEmailPlugin extends Plugin
      */
     protected function validated($user)
     {
-        if ($this->grandfathered($user)) {
-            return true;
-        }
-
         // The email field is only stored after validation...
         // Until then you'll find them in confirm_address.
-        return !empty($user->email);
+        $knownGood = !empty($user->email) ||
+                     $this->grandfathered($user) ||
+                     $this->hasTrustedOpenID($user);
+
+        // Give other plugins a chance to override, if they can validate
+        // that somebody's ok despite a non-validated email.
+        Event::handle('RequireValidatedEmailPlugin_Override', array($user, &$knownGood));
+
+        return $knownGood;
     }
 
     /**
@@ -118,6 +136,28 @@ class RequireValidatedEmailPlugin extends Plugin
         return false;
     }
 
+    /**
+     * Override for RequireValidatedEmail plugin. If we have a user who's
+     * not validated an e-mail, but did come from a trusted provider,
+     * we'll consider them ok.
+     */
+    function hasTrustedOpenID($user)
+    {
+        if ($this->trustedOpenIDs && class_exists('User_openid')) {
+            foreach ($this->trustedOpenIDs as $regex) {
+                $oid = new User_openid();
+                $oid->user_id = $user->id;
+                $oid->find();
+                while ($oid->fetch()) {
+                    if (preg_match($regex, $oid->canonical)) {
+                        return true;
+                    }
+                }
+            }
+        }
+        return false;
+    }
+
     function onPluginVersion(&$versions)
     {
         $versions[] = array('name' => 'Require Validated Email',