public function __construct($username, $realname = 'Real Name', $email = '*****@*****.**', $groups = array()) { $this->assertNotReal(); $this->username = $username; $this->password = '******'; $this->user = User::newFromName($this->username); $this->user->load(); // In an ideal world we'd have a new wiki (or mock data store) for every single test. // But for now, we just need to create or update the user with the desired properties. // we particularly need the new password, since we just generated it randomly. // In core MediaWiki, there is no functionality to delete users, so this is the best we can do. if (!$this->user->isLoggedIn()) { // create the user $this->user = User::createNew($this->username, array("email" => $email, "real_name" => $realname)); if (!$this->user) { throw new MWException("Error creating TestUser " . $username); } } // Update the user to use the password and other details $change = $this->setPassword($this->password) || $this->setEmail($email) || $this->setRealName($realname); // Adjust groups by adding any missing ones and removing any extras $currentGroups = $this->user->getGroups(); foreach (array_diff($groups, $currentGroups) as $group) { $this->user->addGroup($group); } foreach (array_diff($currentGroups, $groups) as $group) { $this->user->removeGroup($group); } if ($change) { $this->user->saveSettings(); } }
/** * Reject edit action if user attempts to edit another users page or subpage * Usage: $wgHooks['userCan'][] = 'keepYourHandsToYourself'; * @param Title $title Title of the article. (passed by reference) * @param User $user User attempting action on article - presumably $wgUser. (passed by reference) * @param String $action Action being taken on article. (passed by value) * @param Mixed $result The result of processing. (passed by reference) * @return true Always true so other extensions have a chance to process 'userCan' */ function keepYourHandsToYourself($title, $user, $action, $result) { # Check for Namespace, edit action, and sysopship if ($title->getNamespace() != NS_USER || $action != 'edit' || in_array('sysop', $user->getGroups() || in_array('jrsysop', $user->getGroups()))) { return true; } # Check if the page name matches or starts with the username $name = $user->getName(); $text = $title->getText(); if ($name == $text || preg_match('/^' . preg_quote($name) . '\\//', $text)) { return true; } # If we got this far, then it's a user trying to edit another user's page $result = false; return true; }
/** * Assert whether the current user is a sysop */ protected function currentUserIsASysop(User $user) { $user_groups = $user->getGroups(); if (!in_array('sysop', $user_groups)) { return false; } return true; }
function match(Invoice $invoice, InvoiceItem $item, User $aff, $paymentNumber = 0, $tier = 0, $paymentDate = 'now') { switch ($this->type) { case self::TYPE_GLOBAL_1: return $tier == 0; case self::TYPE_GLOBAL_2: return $tier == 1; } if ($tier != 0) { return false; } // no custom rules for 2-tier // check conditions foreach ($this->getConditions() as $conditionType => $vars) { switch ($conditionType) { case self::COND_AFF_SALES_COUNT: case self::COND_AFF_SALES_AMOUNT: if (empty($vars['count']) || empty($vars['days'])) { return false; } $e = sqlDate($paymentDate); $b = sqlDate($e . '-' . $vars['days'] . ' days'); $stats = $this->getDi()->affCommissionTable->getAffStats($aff->pk(), $b, $e); $key = $conditionType == self::COND_AFF_SALES_AMOUNT ? 'amount' : 'count'; if ($stats[$key] < $vars['count']) { return false; } break; case self::COND_AFF_GROUP_ID: if (!array_intersect($aff->getGroups(), (array) $vars)) { return false; } break; case self::COND_PRODUCT_ID: if ($item->item_type != 'product' || !in_array($item->item_id, (array) $vars)) { return false; } break; case self::COND_PRODUCT_CATEGORY_ID: if ($item->item_type != 'product') { return false; } $pr = $item->tryLoadProduct(); if (!$pr) { return false; } if (!array_intersect($pr->getCategories(), (array) $vars)) { return false; } break; default: return false; } } return true; }
public function __construct($username, $realname = 'Real Name', $email = '*****@*****.**', $groups = []) { $this->assertNotReal(); $this->username = $username; $this->password = '******'; $this->user = User::newFromName($this->username); $this->user->load(); // In an ideal world we'd have a new wiki (or mock data store) for every single test. // But for now, we just need to create or update the user with the desired properties. // we particularly need the new password, since we just generated it randomly. // In core MediaWiki, there is no functionality to delete users, so this is the best we can do. if (!$this->user->isLoggedIn()) { // create the user $this->user = User::createNew($this->username, ["email" => $email, "real_name" => $realname]); if (!$this->user) { throw new MWException("Error creating TestUser " . $username); } } // Update the user to use the password and other details $this->setPassword($this->password); $change = $this->setEmail($email) || $this->setRealName($realname); // Adjust groups by adding any missing ones and removing any extras $currentGroups = $this->user->getGroups(); foreach (array_diff($groups, $currentGroups) as $group) { $this->user->addGroup($group); } foreach (array_diff($currentGroups, $groups) as $group) { $this->user->removeGroup($group); } if ($change) { // Disable CAS check before saving. The User object may have been initialized from cached // information that may be out of whack with the database during testing. If tests were // perfectly isolated, this would not happen. But if it does happen, let's just ignore the // inconsistency, and just write the data we want - during testing, we are not worried // about data loss. $this->user->mTouched = ''; $this->user->saveSettings(); } }
function getRole($type = null) { if (isset(Yii::app()->user->id)) { $groups = User::getGroups($this->id); if ($role = User::getRole($this->id)) { $role['role'] = $groups[$role['groupId']]; return $role; } else { $role['groupId'] = 6; $role['role'] = $groups[6]; return $role; } } else { $role['groupId'] = 0; $role['role'] = 0; return $role; } }
/** * Put the user in the effective group 'artist' if she is not already in. * @param User $user * @return boolean false if she is already in the group, true if just added */ private static function addSubscribersGroupToUser($user) { if (!in_array(WP_SUBSCRIBERS_USER_GROUP, $user->getGroups())) { $user->addGroup(WP_SUBSCRIBERS_USER_GROUP); return true; } return false; }
function getNotificationsByTargetUser(User $user) { $user_group_ids = $user->getGroups(); array_push($user_group_ids, '-1'); //to avoide SQL error return $this->getDi()->db->selectCol("SELECT notification_id FROM ?_notification WHERE\n notification_id IN (\n SELECT notification_id FROM ?_notification_access WHERE\n ((fn=? AND id = ?) OR\n (fn=?)) OR\n (fn=? AND id IN (?a))\n )\n AND\n (begin IS NULL OR begin<=?) AND\n (expire IS NULL OR expire>=?) AND\n is_disabled=0\n ", 'user_id', $user->pk(), 'free', 'user_group_id', $user_group_ids, sqlDate('now'), sqlDate('now')); }
/** * Handles special cases for permissions, which include: * * - Only AUTHOR group can edit/submit the manuals and versions pages. * - Only AUTHORS and EMPLOYEES can edit/submit pages in Documentation namespace. * * @param Title $title The title to test permission against. * @param User $user The user requestion the action. * @param string $action The actual action (edit, view, etc.) * @param boolean $result The result, which we store in; true=allow, false=do not. * @return boolean Return true to continue checking, false to stop checking, null to not care. */ public static function onUserCan(&$title, &$user, $action, &$result) { global $wgExtraNamespaces, $wgPonyDocsEmployeeGroup, $wgPonyDocsBaseAuthorGroup; $authProductGroup = PonyDocsExtension::getDerivedGroup(); $continueProcessing = TRUE; /** * WEB-5280 Only docteam and admin users should be able to see these pages * (Documentation:productShortName:Manuals). */ if (preg_match(PONYDOCS_PRODUCTVERSION_TITLE_REGEX, $title->__toString())) { $groups = $user->getGroups(); if (!in_array($authProductGroup, $groups) && !in_array($wgPonyDocsBaseAuthorGroup, $groups)) { $result = FALSE; $continueProcessing = FALSE; } } if (!strcmp('zipmanual', $action)) { /** * Users can only see and use "download manual as zip" link if they are a member of that product's docteam group */ $groups = $user->getGroups(); if (in_array($authProductGroup, $groups)) { $result = TRUE; $continueProcessing = FALSE; } } /** * WEB-6031 - Block access to history/diff page for non-employee **/ if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'history' || isset($_REQUEST['diff'])) { $groups = $user->getGroups(); if (!in_array($wgPonyDocsEmployeeGroup, $groups)) { $result = FALSE; $continueProcessing = FALSE; } } if (!strcmp('edit', $action) || !strcmp('submit', $action)) { $groups = $user->getGroups(); /** *WEB-5278 - Documentation:Products should be editable by docteam */ if (!strcmp(PONYDOCS_DOCUMENTATION_PRODUCTS_TITLE, $title->__toString())) { if (!in_array($wgPonyDocsBaseAuthorGroup, $groups)) { $result = FALSE; $continueProcessing = FALSE; } } elseif (preg_match(PONYDOCS_PRODUCTVERSION_TITLE_REGEX, $title->__toString()) || preg_match(PONYDOCS_PRODUCTMANUAL_TITLE_REGEX, $title->__toString())) { if (in_array($authProductGroup, $groups)) { $result = TRUE; $continueProcessing = FALSE; } } elseif ($title->getNamespace() == NS_PONYDOCS || !strcmp($title->__toString(), PONYDOCS_DOCUMENTATION_NAMESPACE_NAME)) { /** * Allow edits for employee or authors/docteam group only. */ if (in_array($authProductGroup, $groups) || in_array($wgPonyDocsEmployeeGroup, $groups)) { $result = TRUE; $continueProcessing = FALSE; } } } return $continueProcessing; }
/** * Retrieve all groups or user groups * * @param User $user * @return array */ public function getGroups($user = null) { if ($user) { return $user->getGroups()->lists('name', 'id'); } else { return $this->sentry->findAllGroups(); } }
/** * * For the given userId, returns the html for that user's * avatar. Also makes $foundAdmin true if the current user * is an admin. * */ static function getActualAvatar($user_id, &$foundAdmin) { if ($user_id) { $u = new User(); $u->setID($user_id); if ($u->loadFromDatabase()) { $foundAdmin = $foundAdmin || $u->getGroups() && $u->isSysop(); } $img = Avatar::getAvatarURL($u->getName()); if ($img == '') { $img = Avatar::getDefaultPicture(); } else { $img = "<img src='{$img}' />"; } $avatar = "<div class='nfd_avatar'><a href='{$u->getUserPage()->getFullURL()}' target='_blank' class='tooltip'>{$img}</a>"; $avatar .= "<span class='tooltip_span'>Hi, I'm {$u->getName()}</span></div>"; } return $avatar; }
function valuesToForm(&$values, User $record) { $values['_groups'] = $record->getGroups(); $values = $this->getDi()->userTable->customFields()->valuesFromTable($values); $event = new Am_Event_UserForm(Am_Event_UserForm::VALUES_TO_FORM, $this->grid->getForm(), $record, $values); $event->run(); $values = $event->getValues(); }
/** * Save user groups changes in the database. * * @param User|UserRightsProxy $user * @param array $add Array of groups to add * @param array $remove Array of groups to remove * @param string $reason Reason for group change * @return array Tuple of added, then removed groups */ function doSaveUserGroups($user, $add, $remove, $reason = '') { global $wgAuth; // Validate input set... $isself = $user->getName() == $this->getUser()->getName(); $groups = $user->getGroups(); $changeable = $this->changeableGroups(); $addable = array_merge($changeable['add'], $isself ? $changeable['add-self'] : array()); $removable = array_merge($changeable['remove'], $isself ? $changeable['remove-self'] : array()); $remove = array_unique(array_intersect((array) $remove, $removable, $groups)); $add = array_unique(array_diff(array_intersect((array) $add, $addable), $groups)); $oldGroups = $user->getGroups(); $newGroups = $oldGroups; // Remove then add groups if ($remove) { foreach ($remove as $index => $group) { if (!$user->removeGroup($group)) { unset($remove[$index]); } } $newGroups = array_diff($newGroups, $remove); } if ($add) { foreach ($add as $index => $group) { if (!$user->addGroup($group)) { unset($add[$index]); } } $newGroups = array_merge($newGroups, $add); } $newGroups = array_unique($newGroups); // Ensure that caches are cleared $user->invalidateCache(); // update groups in external authentication database Hooks::run('UserGroupsChanged', array($user, $add, $remove, $this->getUser())); $wgAuth->updateExternalDBGroups($user, $add, $remove); wfDebug('oldGroups: ' . print_r($oldGroups, true) . "\n"); wfDebug('newGroups: ' . print_r($newGroups, true) . "\n"); // Deprecated in favor of UserGroupsChanged hook Hooks::run('UserRights', array(&$user, $add, $remove), '1.26'); if ($newGroups != $oldGroups) { $this->addLogEntry($user, $oldGroups, $newGroups, $reason); } return array($add, $remove); }
public static function userInProjectGroup(Title &$title, User &$user) { if ($user->isLoggedIn() && in_array(self::getGroup($title), $user->getGroups())) { return true; } return false; }
function match(Invoice $invoice, InvoiceItem $item, User $aff, $paymentNumber = 0, $tier = 0, $paymentDate = 'now') { if ($this->type == self::TYPE_GLOBAL) { return $tier == $this->tier; } if ($tier != 0) { return false; } // no custom rules for 2-tier // check conditions foreach ($this->getConditions() as $conditionType => $vars) { switch ($conditionType) { case self::COND_AFF_SALES_COUNT: case self::COND_AFF_ITEMS_COUNT: case self::COND_AFF_SALES_AMOUNT: if (empty($vars['count']) || empty($vars['days'])) { return false; } $e = sqlDate($paymentDate); $b = sqlDate($e . '-' . $vars['days'] . ' days'); $stats = $this->getDi()->affCommissionTable->getAffStats($aff->pk(), $b, $e); switch ($conditionType) { case self::COND_AFF_ITEMS_COUNT: $key = 'items_count'; break; case self::COND_AFF_SALES_COUNT: $key = 'count'; break; default: $key = 'amount'; } if ($stats[$key] < $vars['count']) { return false; } break; case self::COND_AFF_GROUP_ID: if (!array_intersect($aff->getGroups(), (array) $vars)) { return false; } break; case self::COND_PRODUCT_ID: if ($item->item_type != 'product' || !in_array($item->item_id, (array) $vars)) { return false; } break; case self::COND_PRODUCT_CATEGORY_ID: if ($item->item_type != 'product') { return false; } $pr = $item->tryLoadProduct(); if (!$pr) { return false; } if (!array_intersect($pr->getCategories(), (array) $vars)) { return false; } break; case self::COND_COUPON: $coupon = $invoice->getCoupon(); switch ($vars['type']) { case 'any': $coupon_cond_match = (bool) $coupon; break; case 'coupon': $coupon_cond_match = $coupon && $vars['code'] == $coupon->code; break; case 'batch': $coupon_cond_match = $coupon && $vars['batch_id'] == $coupon->batch_id; break; } if ($vars['used'] ? !$coupon_cond_match : $coupon_cond_match) { return false; } break; case self::COND_PAYSYS_ID: if (!in_array($invoice->paysys_id, (array) $vars)) { return false; } break; default: return false; } } return true; }
/** * As recCheckCondition, but *not* recursive. The only valid conditions * are those whose first element is APCOND_EMAILCONFIRMED/APCOND_EDITCOUNT/ * APCOND_AGE. Other types will throw an exception if no extension evalu- * ates them. * * @param array $cond A condition, which must not contain other conditions * @param User $user The user to check the condition against * @return bool Whether the condition is true for the user */ private static function checkCondition($cond, User $user) { if (count($cond) < 1) { return false; } switch ($cond[0]) { case APCOND_EMAILCONFIRMED: if (User::isValidEmailAddr($user->getEmail())) { global $wgEmailAuthentication; if ($wgEmailAuthentication) { return $user->getEmailAuthenticationTimestamp() ? true : false; } else { return true; } } return false; case APCOND_EDITCOUNT: return $user->getEditCount() >= $cond[1]; case APCOND_AGE: $age = time() - wfTimestampOrNull(TS_UNIX, $user->getRegistration()); return $age >= $cond[1]; case APCOND_INGROUPS: $groups = array_slice($cond, 1); return count(array_intersect($groups, $user->getGroups())) == count($groups); default: $result = null; wfRunHooks('AutopromoteCondition', array($cond[0], array_slice($cond, 1), $user, &$result)); if ($result === null) { throw new MWException("Unrecognized condition {$cond[0]} for autopromotion!"); } return $result ? true : false; } }
/** * Get the list of groups of user * @param User $user The user object to get the list from * @return string comma separated list of user groups */ function listGroups(User $user) { # Get groups to which the user belongs $userGroups = $user->getGroups(); $userMembers = array(); foreach ($userGroups as $n => $ug) { $memberName = User::getGroupMember($ug, $user->getName()); if ($n == 0) { $memberName = $this->getLanguage()->ucfirst($memberName); } $userMembers[] = User::makeGroupLinkHTML($ug, $memberName); } return $this->getLanguage()->commaList($userMembers); }
/** * * Judge whether a user is the super user. * @param User $user */ public static function isSuperUser($user) { global $ACL_supergroups; //error_log("user groups".print_r($user->getGroups(), true)); $commongroups = array_intersect($user->getGroups(), $ACL_supergroups); if ($commongroups) { return true; } else { return false; } }
function valuesToForm(&$values, User $record) { $values['_groups'] = $record->getGroups(); }
/** * As recCheckCondition, but *not* recursive. The only valid conditions * are those whose first element is APCOND_EMAILCONFIRMED/APCOND_EDITCOUNT/ * APCOND_AGE. Other types will throw an exception if no extension evalu- * ates them. * * @param $cond Array: A condition, which must not contain other conditions * @param $user User The user to check the condition against * @return bool Whether the condition is true for the user */ private static function checkCondition($cond, User $user) { global $wgEmailAuthentication, $wgEnableEditCountLocal; if (count($cond) < 1) { return false; } switch ($cond[0]) { case APCOND_EMAILCONFIRMED: if (Sanitizer::validateEmail($user->getEmail())) { if ($wgEmailAuthentication) { return (bool) $user->getEmailAuthenticationTimestamp(); } else { return true; } } return false; case APCOND_EDITCOUNT: if (!empty($wgEnableEditCountLocal)) { return $user->getEditCountLocal() >= $cond[1]; } else { return $user->getEditCount() >= $cond[1]; } case APCOND_AGE: $age = time() - wfTimestampOrNull(TS_UNIX, $user->getRegistration()); return $age >= $cond[1]; case APCOND_AGE_FROM_EDIT: $age = time() - wfTimestampOrNull(TS_UNIX, $user->getFirstEditTimestamp()); return $age >= $cond[1]; case APCOND_INGROUPS: $groups = array_slice($cond, 1); return count(array_intersect($groups, $user->getGroups())) == count($groups); case APCOND_ISIP: return $cond[1] == $user->getRequest()->getIP(); case APCOND_IPINRANGE: return IP::isInRange($user->getRequest()->getIP(), $cond[1]); case APCOND_BLOCKED: return $user->isBlocked(); case APCOND_ISBOT: return in_array('bot', User::getGroupPermissions($user->getGroups())); default: $result = null; wfRunHooks('AutopromoteCondition', array($cond[0], array_slice($cond, 1), $user, &$result)); if ($result === null) { throw new MWException("Unrecognized condition {$cond[0]} for autopromotion!"); } return (bool) $result; } }
/** * Shortcut for checking if given user is in the sandbox. * @param User $user * @return bool * @since 2013.06 */ public static function isSandboxed(User $user) { if (in_array('translate-sandboxed', $user->getGroups(), true)) { return true; } return false; }
function getNotificationsForUser(User $user) { $product_ids = $user->getActiveProductIds(); array_push($product_ids, '-1'); //to avoide SQL error $category_ids = array(); array_push($category_ids, '-1'); //to avoide SQL error $category_product = $this->getDi()->productCategoryTable->getCategoryProducts(); foreach ($category_product as $category_id => $list) { if (array_intersect($product_ids, $list)) { array_push($category_ids, $category_id); } } $user_group_ids = $user->getGroups(); array_push($user_group_ids, '-1'); //to avoide SQL error return $this->selectObjects("SELECT * FROM ?_notification WHERE\n notification_id IN (\n SELECT notification_id FROM ?_notification_access WHERE\n ((fn=? AND id = ?) OR\n (fn=? AND id IN (?a)) OR\n (fn=? AND id IN (?a)) OR\n (fn=?)) OR\n (fn=? AND id IN (?a))\n )\n AND\n (begin IS NULL OR begin<=?) AND\n (expire IS NULL OR expire>=?) AND\n is_disabled=0\n ORDER BY sort_order", 'user_id', $user->pk(), 'product_id', $product_ids, 'product_category_id', $category_ids, 'free', 'user_group_id', $user_group_ids, sqlDate('now'), sqlDate('now')); }
/** * Hook handler * * If a sysop makes an edit, unset any flags that have been set so far * because the adoption clock starts over again * @author Owen Davis * * @static * @param Article $article * @param User $user * @param $text * @param $summary * @param $minoredit * @param $watchthis * @param $sectionanchor * @param $flags * @param $revision * @param $status * @param $baseRevId * @return bool */ static function onArticleSaveComplete(&$article, &$user, $text, $summary, $minoredit, $watchthis, $sectionanchor, &$flags, $revision, &$status, $baseRevId) { global $wgCityId; if (in_array('sysop', $user->getGroups())) { WikiFactory::resetFlags($wgCityId, WikiFactory::FLAG_ADOPTABLE | WikiFactory::FLAG_ADOPT_MAIL_FIRST | WikiFactory::FLAG_ADOPT_MAIL_SECOND, true); } return true; }