/** * @desc Returns instance cached version of user's effective groups not to call User::getEffectiveGroups too many times * * @return null | array */ protected function getUsersEffectiveGroups() { if (is_null($this->usersEffectiveGroups)) { $this->usersEffectiveGroups = $this->user->getEffectiveGroups(); } return $this->usersEffectiveGroups; }
/** * @param User $user * @param IContextSource $context * @param array $defaultPreferences * @return void */ static function profilePreferences($user, IContextSource $context, &$defaultPreferences) { global $wgAuth, $wgContLang, $wgParser; $config = $context->getConfig(); // retrieving user name for GENDER and misc. $userName = $user->getName(); # # User info ##################################### // Information panel $defaultPreferences['username'] = array('type' => 'info', 'label-message' => array('username', $userName), 'default' => $userName, 'section' => 'personal/info'); # Get groups to which the user belongs $userEffectiveGroups = $user->getEffectiveGroups(); $userGroups = $userMembers = array(); foreach ($userEffectiveGroups as $ueg) { if ($ueg == '*') { // Skip the default * group, seems useless here continue; } $groupName = User::getGroupName($ueg); $userGroups[] = User::makeGroupLinkHTML($ueg, $groupName); $memberName = User::getGroupMember($ueg, $userName); $userMembers[] = User::makeGroupLinkHTML($ueg, $memberName); } asort($userGroups); asort($userMembers); $lang = $context->getLanguage(); $defaultPreferences['usergroups'] = array('type' => 'info', 'label' => $context->msg('prefs-memberingroups')->numParams(count($userGroups))->params($userName)->parse(), 'default' => $context->msg('prefs-memberingroups-type')->rawParams($lang->commaList($userGroups), $lang->commaList($userMembers))->escaped(), 'raw' => true, 'section' => 'personal/info'); $editCount = Linker::link(SpecialPage::getTitleFor("Contributions", $userName), $lang->formatNum($user->getEditCount())); $defaultPreferences['editcount'] = array('type' => 'info', 'raw' => true, 'label-message' => 'prefs-edits', 'default' => $editCount, 'section' => 'personal/info'); if ($user->getRegistration()) { $displayUser = $context->getUser(); $userRegistration = $user->getRegistration(); $defaultPreferences['registrationdate'] = array('type' => 'info', 'label-message' => 'prefs-registration', 'default' => $context->msg('prefs-registration-date-time', $lang->userTimeAndDate($userRegistration, $displayUser), $lang->userDate($userRegistration, $displayUser), $lang->userTime($userRegistration, $displayUser))->parse(), 'section' => 'personal/info'); } $canViewPrivateInfo = $user->isAllowed('viewmyprivateinfo'); $canEditPrivateInfo = $user->isAllowed('editmyprivateinfo'); // Actually changeable stuff $defaultPreferences['realname'] = array('type' => $canEditPrivateInfo && $wgAuth->allowPropChange('realname') ? 'text' : 'info', 'default' => $user->getRealName(), 'section' => 'personal/info', 'label-message' => 'yourrealname', 'help-message' => 'prefs-help-realname'); if ($canEditPrivateInfo && $wgAuth->allowPasswordChange()) { $link = Linker::link(SpecialPage::getTitleFor('ChangePassword'), $context->msg('prefs-resetpass')->escaped(), array(), array('returnto' => SpecialPage::getTitleFor('Preferences')->getPrefixedText())); $defaultPreferences['password'] = array('type' => 'info', 'raw' => true, 'default' => $link, 'label-message' => 'yourpassword', 'section' => 'personal/info'); } // Only show prefershttps if secure login is turned on if ($config->get('SecureLogin') && wfCanIPUseHTTPS($context->getRequest()->getIP())) { $defaultPreferences['prefershttps'] = array('type' => 'toggle', 'label-message' => 'tog-prefershttps', 'help-message' => 'prefs-help-prefershttps', 'section' => 'personal/info'); } // Language $languages = Language::fetchLanguageNames(null, 'mw'); $languageCode = $config->get('LanguageCode'); if (!array_key_exists($languageCode, $languages)) { $languages[$languageCode] = $languageCode; } ksort($languages); $options = array(); foreach ($languages as $code => $name) { $display = wfBCP47($code) . ' - ' . $name; $options[$display] = $code; } $defaultPreferences['language'] = array('type' => 'select', 'section' => 'personal/i18n', 'options' => $options, 'label-message' => 'yourlanguage'); $defaultPreferences['gender'] = array('type' => 'radio', 'section' => 'personal/i18n', 'options' => array($context->msg('parentheses')->params($context->msg('gender-unknown')->plain())->escaped() => 'unknown', $context->msg('gender-female')->escaped() => 'female', $context->msg('gender-male')->escaped() => 'male'), 'label-message' => 'yourgender', 'help-message' => 'prefs-help-gender'); // see if there are multiple language variants to choose from if (!$config->get('DisableLangConversion')) { foreach (LanguageConverter::$languagesWithVariants as $langCode) { if ($langCode == $wgContLang->getCode()) { $variants = $wgContLang->getVariants(); if (count($variants) <= 1) { continue; } $variantArray = array(); foreach ($variants as $v) { $v = str_replace('_', '-', strtolower($v)); $variantArray[$v] = $lang->getVariantname($v, false); } $options = array(); foreach ($variantArray as $code => $name) { $display = wfBCP47($code) . ' - ' . $name; $options[$display] = $code; } $defaultPreferences['variant'] = array('label-message' => 'yourvariant', 'type' => 'select', 'options' => $options, 'section' => 'personal/i18n', 'help-message' => 'prefs-help-variant'); } else { $defaultPreferences["variant-{$langCode}"] = array('type' => 'api'); } } } // Stuff from Language::getExtraUserToggles() // FIXME is this dead code? $extraUserToggles doesn't seem to be defined for any language $toggles = $wgContLang->getExtraUserToggles(); foreach ($toggles as $toggle) { $defaultPreferences[$toggle] = array('type' => 'toggle', 'section' => 'personal/i18n', 'label-message' => "tog-{$toggle}"); } // show a preview of the old signature first $oldsigWikiText = $wgParser->preSaveTransform('~~~', $context->getTitle(), $user, ParserOptions::newFromContext($context)); $oldsigHTML = $context->getOutput()->parseInline($oldsigWikiText, true, true); $defaultPreferences['oldsig'] = array('type' => 'info', 'raw' => true, 'label-message' => 'tog-oldsig', 'default' => $oldsigHTML, 'section' => 'personal/signature'); $defaultPreferences['nickname'] = array('type' => $wgAuth->allowPropChange('nickname') ? 'text' : 'info', 'maxlength' => $config->get('MaxSigChars'), 'label-message' => 'yournick', 'validation-callback' => array('Preferences', 'validateSignature'), 'section' => 'personal/signature', 'filter-callback' => array('Preferences', 'cleanSignature')); $defaultPreferences['fancysig'] = array('type' => 'toggle', 'label-message' => 'tog-fancysig', 'help-message' => 'prefs-help-signature', 'section' => 'personal/signature'); # # Email stuff if ($config->get('EnableEmail')) { if ($canViewPrivateInfo) { $helpMessages[] = $config->get('EmailConfirmToEdit') ? 'prefs-help-email-required' : 'prefs-help-email'; if ($config->get('EnableUserEmail')) { // additional messages when users can send email to each other $helpMessages[] = 'prefs-help-email-others'; } $emailAddress = $user->getEmail() ? htmlspecialchars($user->getEmail()) : ''; if ($canEditPrivateInfo && $wgAuth->allowPropChange('emailaddress')) { $link = Linker::link(SpecialPage::getTitleFor('ChangeEmail'), $context->msg($user->getEmail() ? 'prefs-changeemail' : 'prefs-setemail')->escaped(), array(), array('returnto' => SpecialPage::getTitleFor('Preferences')->getPrefixedText())); $emailAddress .= $emailAddress == '' ? $link : $context->msg('word-separator')->escaped() . $context->msg('parentheses')->rawParams($link)->escaped(); } $defaultPreferences['emailaddress'] = array('type' => 'info', 'raw' => true, 'default' => $emailAddress, 'label-message' => 'youremail', 'section' => 'personal/email', 'help-messages' => $helpMessages); } $disableEmailPrefs = false; if ($config->get('EmailAuthentication')) { $emailauthenticationclass = 'mw-email-not-authenticated'; if ($user->getEmail()) { if ($user->getEmailAuthenticationTimestamp()) { // date and time are separate parameters to facilitate localisation. // $time is kept for backward compat reasons. // 'emailauthenticated' is also used in SpecialConfirmemail.php $displayUser = $context->getUser(); $emailTimestamp = $user->getEmailAuthenticationTimestamp(); $time = $lang->userTimeAndDate($emailTimestamp, $displayUser); $d = $lang->userDate($emailTimestamp, $displayUser); $t = $lang->userTime($emailTimestamp, $displayUser); $emailauthenticated = $context->msg('emailauthenticated', $time, $d, $t)->parse() . '<br />'; $disableEmailPrefs = false; $emailauthenticationclass = 'mw-email-authenticated'; } else { $disableEmailPrefs = true; $emailauthenticated = $context->msg('emailnotauthenticated')->parse() . '<br />' . Linker::linkKnown(SpecialPage::getTitleFor('Confirmemail'), $context->msg('emailconfirmlink')->escaped()) . '<br />'; $emailauthenticationclass = "mw-email-not-authenticated"; } } else { $disableEmailPrefs = true; $emailauthenticated = $context->msg('noemailprefs')->escaped(); $emailauthenticationclass = 'mw-email-none'; } if ($canViewPrivateInfo) { $defaultPreferences['emailauthentication'] = array('type' => 'info', 'raw' => true, 'section' => 'personal/email', 'label-message' => 'prefs-emailconfirm-label', 'default' => $emailauthenticated, 'cssclass' => $emailauthenticationclass); } } if ($config->get('EnableUserEmail') && $user->isAllowed('sendemail')) { $defaultPreferences['disablemail'] = array('type' => 'toggle', 'invert' => true, 'section' => 'personal/email', 'label-message' => 'allowemail', 'disabled' => $disableEmailPrefs); $defaultPreferences['ccmeonemails'] = array('type' => 'toggle', 'section' => 'personal/email', 'label-message' => 'tog-ccmeonemails', 'disabled' => $disableEmailPrefs); } if ($config->get('EnotifWatchlist')) { $defaultPreferences['enotifwatchlistpages'] = array('type' => 'toggle', 'section' => 'personal/email', 'label-message' => 'tog-enotifwatchlistpages', 'disabled' => $disableEmailPrefs); } if ($config->get('EnotifUserTalk')) { $defaultPreferences['enotifusertalkpages'] = array('type' => 'toggle', 'section' => 'personal/email', 'label-message' => 'tog-enotifusertalkpages', 'disabled' => $disableEmailPrefs); } if ($config->get('EnotifUserTalk') || $config->get('EnotifWatchlist')) { $defaultPreferences['enotifminoredits'] = array('type' => 'toggle', 'section' => 'personal/email', 'label-message' => 'tog-enotifminoredits', 'disabled' => $disableEmailPrefs); if ($config->get('EnotifRevealEditorAddress')) { $defaultPreferences['enotifrevealaddr'] = array('type' => 'toggle', 'section' => 'personal/email', 'label-message' => 'tog-enotifrevealaddr', 'disabled' => $disableEmailPrefs); } } } }
/** * check if user can welcome other users * * @static * @access public * * @param User $User instance of User class * * @return boolean status of operation */ public static function isWelcomer(&$User) { wfProfileIn(__METHOD__); $sysop = trim(wfMsgForContent("welcome-user")); $groups = $User->getEffectiveGroups(); $result = false; /** * bots can't welcome */ if (!in_array("bot", $groups)) { global $wgMemc; $sysopId = $wgMemc->get(wfMemcKey("last-sysop-id")); if ($sysop === "@sysop" || !empty($sysopId)) { $result = in_array("sysop", $groups) ? true : false; } else { $result = in_array("sysop", $groups) || in_array("staff", $groups) ? true : false; } } wfProfileOut(__METHOD__); return $result; }
/** * Get the policy for a user, based on their group membership. Public so * UI elements can access and inform the user. * @param User $user * @return array the effective policy for $user */ public function getPoliciesForUser(User $user) { $effectivePolicy = self::getPoliciesForGroups($this->policies, $user->getEffectiveGroups(), $this->policies['default']); Hooks::run('PasswordPoliciesForUser', array($user, &$effectivePolicy)); return $effectivePolicy; }
/** * Helper function for updateUser() and initUser(). Adds users into MediaWiki security groups * based upon groups retreived from LDAP. * * @param User $user * @access private */ function setGroups(&$user) { global $wgGroupPermissions; // TODO: this is *really* ugly code. clean it up! $this->printDebug("Entering setGroups.", NONSENSITIVE); # Add ldap groups as local groups if ($this->getConf('GroupsPrevail')) { $this->printDebug("Adding all groups to wgGroupPermissions: ", SENSITIVE, $this->allLDAPGroups); foreach ($this->allLDAPGroups["short"] as $ldapgroup) { if (!array_key_exists($ldapgroup, $wgGroupPermissions)) { $wgGroupPermissions[$ldapgroup] = array(); } } } # add groups permissions $localAvailGrps = $user->getAllGroups(); $localUserGrps = $user->getEffectiveGroups(); $defaultLocallyManagedGrps = array('bot', 'sysop', 'bureaucrat'); $locallyManagedGrps = $this->getConf('LocallyManagedGroups'); if ($locallyManagedGrps) { $locallyManagedGrps = array_unique(array_merge($defaultLocallyManagedGrps, $locallyManagedGrps)); $this->printDebug("Locally managed groups: ", SENSITIVE, $locallyManagedGrps); } else { $locallyManagedGrps = $defaultLocallyManagedGrps; $this->printDebug("Locally managed groups is unset, using defaults: ", SENSITIVE, $locallyManagedGrps); } $this->printDebug("Available groups are: ", NONSENSITIVE, $localAvailGrps); $this->printDebug("Effective groups are: ", NONSENSITIVE, $localUserGrps); # note: $localUserGrps does not need to be updated with $cGroup added, # as $localAvailGrps contains $cGroup only once. foreach ($localAvailGrps as $cGroup) { # did we once add the user to the group? if (in_array($cGroup, $localUserGrps)) { $this->printDebug("Checking to see if we need to remove user from: {$cGroup}", NONSENSITIVE); if (!$this->hasLDAPGroup($cGroup) && !in_array($cGroup, $locallyManagedGrps)) { $this->printDebug("Removing user from: {$cGroup}", NONSENSITIVE); # the ldap group overrides the local group # so as the user is currently not a member of the ldap group, he shall be removed from the local group $user->removeGroup($cGroup); } } else { # no, but maybe the user has recently been added to the ldap group? $this->printDebug("Checking to see if user is in: {$cGroup}", NONSENSITIVE); if ($this->hasLDAPGroup($cGroup)) { $this->printDebug("Adding user to: {$cGroup}", NONSENSITIVE); $user->addGroup($cGroup); } } } }
/** * Get the policy for a user, based on their group membership. Public so * UI elements can access and inform the user. * @param User $user * @param string $purpose one of 'login', 'create', 'reset' * @return array the effective policy for $user */ public function getPoliciesForUser(User $user, $purpose = 'login') { $effectivePolicy = $this->policies['default']; if ($purpose !== 'create') { $effectivePolicy = self::getPoliciesForGroups($this->policies, $user->getEffectiveGroups(), $this->policies['default']); } Hooks::run('PasswordPoliciesForUser', [$user, &$effectivePolicy, $purpose]); return $effectivePolicy; }
/** * check if user can welcome other users * * @static * @access public * * @param User $User instance of User class * * @return boolean status of operation */ public static function isWelcomer(&$User) { wfProfileIn(__METHOD__); $sysop = trim(wfMsgForContent("welcome-user")); $groups = $User->getEffectiveGroups(); $result = false; /** * bots can't welcome */ if (!in_array("bot", $groups)) { if ($sysop === "@sysop") { $result = in_array("sysop", $groups) ? true : false; } else { $result = in_array("sysop", $groups) || in_array("newarticlepatrol", $groups) ? true : false; } } wfProfileOut(__METHOD__); return $result; }
/** * Helper function for updateUser() and initUser(). Adds users into MediaWiki security groups * based upon groups retreived from LDAP. * * @param User $user * @access private */ function setGroups(&$user) { $this->printDebug("Pulling groups from LDAP.", 1); # add groups permissions $localAvailGrps = $user->getAllGroups(); $localUserGrps = $user->getEffectiveGroups(); $this->printDebug("Available groups are: " . implode(",", $localAvailGrps) . "", 1); $this->printDebug("Effective groups are: " . implode(",", $localUserGrps) . "", 1); # note: $localUserGrps does not need to be updated with $cGroup added, # as $localAvailGrps contains $cGroup only once. foreach ($localAvailGrps as $cGroup) { # did we once add the user to the group? if (in_array($cGroup, $localUserGrps)) { $this->printDebug("Checking to see if we need to remove user from: {$cGroup}", 1); if (!$this->hasLDAPGroup($cGroup) && $this->isLDAPGroup($cGroup)) { $this->printDebug("Removing user from: {$cGroup}", 1); # the ldap group overrides the local group # so as the user is currently not a member of the ldap group, he shall be removed from the local group $user->removeGroup($cGroup); } } else { # no, but maybe the user has recently been added to the ldap group? $this->printDebug("Checking to see if user is in: {$cGroup}", 1); if ($this->hasLDAPGroup($cGroup)) { $this->printDebug("Adding user to: {$cGroup}", 1); # so use the addGroup function $user->addGroup($cGroup); # completedfor $cGroup. } } } }
static function isUserExempt(User &$user) { global $wgWRGoogleSearchExemptGroups; $userGroups = $user->getEffectiveGroups(true); $match = array_intersect($userGroups, $wgWRGoogleSearchExemptGroups); return !empty($match); }
/** * When a user logs in, optionally fill in preferences and such. * For instance, you might pull the email address or real name from the * external user database. * * The User object is passed by reference so it can be modified; don't * forget the & on your function declaration. * * @param User $user * @access public */ function updateUser(&$user) { if (!is_resource($this->db)) { $this->openDB(); } $query = mysql_query("SELECT username,email,usergroup,additionalgroups FROM {$this->table_prefix}users WHERE username='******'", $this->db); $res = mysql_fetch_array($query); if ($res) { if (in_array($res['usergroup'], $this->admin_usergroups)) { $is_admin = true; } $memberships = explode(",", $res['additionalgroups']); for ($i = 0; $i < count($memberships); $i++) { if (in_array($memberships[$x], $this->admin_usergroups)) { $is_admin = true; } } if ($is_admin == true) { // If a user is not a sysop, make them a sysop if (!in_array("sysop", $user->getEffectiveGroups())) { $user->addGroup('sysop'); } } else { if (in_array("sysop", $user->getEffectiveGroups())) { $user->removeGroup('sysop'); return TRUE; } } $user->setEmail($res['email']); $user->setRealName($res['username']); return TRUE; } return false; }