- +
diff --git a/src/Backend.php b/src/Backend.php index 115e558..2dc0e5a 100644 --- a/src/Backend.php +++ b/src/Backend.php @@ -7,6 +7,7 @@ namespace Dotclear\Plugin\FrontendSession; use ArrayObject; use Dotclear\App; use Dotclear\Core\Process; +use Dotclear\Core\Backend\Notices; use Dotclear\Helper\Html\Form\{ Checkbox, Div, @@ -16,6 +17,7 @@ use Dotclear\Helper\Html\Form\{ Textarea }; use Dotclear\Helper\Html\Html; +use Dotclear\Helper\Network\Http; use Dotclear\Interface\Core\BlogSettingsInterface; /** @@ -93,6 +95,23 @@ class Backend extends Process $attr[2] = App::blog()->url() . App::url()->getURLFor(My::id()); } }, + 'adminUsersActions' => function (array $users, array $blogs, string $action, string $redir): void { + if ($action == My::id()) { + foreach ($users as $u) { + try { + $cur = App::auth()->openUserCursor(); + $cur->user_status = My::USER_PENDING; + App::users()->updUser($u, $cur); + } catch (Exception $e) { + App::error()->add($e->getMessage()); + } + } + if (!App::error()->flag()) { + Notices::addSuccessNotice(__('User has been successfully marked as pending.')); + Http::redirect($redir); + } + } + }, ]); return true; diff --git a/src/Frontend.php b/src/Frontend.php index b140685..e7589b8 100644 --- a/src/Frontend.php +++ b/src/Frontend.php @@ -93,30 +93,47 @@ class Frontend extends Process // we check the user and its perm if (App::auth()->checkUser($user_id, $user_pwd, $user_key, false) === true && App::auth()->check(My::id(), App::blog()->id()) === true + //&& !App::status()->user()->isRestricted((int) App::auth()->getInfo('user_status')) ) { - if ($user_key === null) { - $cookie_console = Http::browserUID( - App::config()->masterKey() . - $user_id . - App::auth()->cryptLegacy($user_id) - ) . bin2hex(pack('a32', $user_id)); + // check if user is pending activation + if ((int) App::auth()->getInfo('user_status') == My::USER_PENDING) { + self::resetCookie(); + Http::redirect(App::blog()->url() . App::url()->getURLFor(My::id()) . '/pending'); + // check if user is not enabled + } elseif (App::status()->user()->isRestricted((int) App::auth()->getInfo('user_status'))) { + self::resetCookie(); + Http::redirect(Http::getSelfURI()); } else { - $cookie_console = $_COOKIE[My::id()]; + if ($user_key === null) { + $cookie_console = Http::browserUID( + App::config()->masterKey() . + $user_id . + App::auth()->cryptLegacy($user_id) + ) . bin2hex(pack('a32', $user_id)); + } else { + $cookie_console = $_COOKIE[My::id()]; + } + setcookie(My::id(), $cookie_console, strtotime('+20 hours'), '/', '', self::useSSL()); } - setcookie(My::id(), $cookie_console, strtotime('+20 hours'), '/', '', self::useSSL()); } else { - //App::frontend()->context()->form_error = __("Error: your password may be wrong or you haven't an account or you haven't ask for its activation."); - - if (isset($_COOKIE[My::id()])) { - unset($_COOKIE[My::id()]); - setcookie(My::id(), '', time() - 3600, '/', '', self::useSSL()); - } + self::resetCookie(); // need to replay doAuthControl() to remove user information from Auth if it exists but have no permissions Http::redirect(Http::getSelfURI()); } } } + /** + * Remove cookie + */ + public static function resetCookie(): void + { + if (isset($_COOKIE[My::id()])) { + unset($_COOKIE[My::id()]); + setcookie(My::id(), '', time() - 3600, '/', '', self::useSSL()); + } + } + /** * Check SSL. */ diff --git a/src/My.php b/src/My.php index 7968bbb..c7ed4ce 100644 --- a/src/My.php +++ b/src/My.php @@ -18,5 +18,5 @@ use Dotclear\Module\MyPlugin; */ class My extends MyPlugin { - // nothing special + public const USER_PENDING = -201; } diff --git a/src/Prepend.php b/src/Prepend.php index 216f5d6..eecf10a 100644 --- a/src/Prepend.php +++ b/src/Prepend.php @@ -5,9 +5,8 @@ declare(strict_types=1); namespace Dotclear\Plugin\FrontendSession; use Dotclear\App; -use Dotclear\Core\PostType; use Dotclear\Core\Process; -use Dotclear\Database\MetaRecord; +use Dotclear\Helper\Stack\Status; /** * @brief FrontendSession module prepend. @@ -29,13 +28,13 @@ class Prepend extends Process return false; } - // contributor permission + // Add frontend permission (required to login in frontend) App::auth()->setPermissionType( My::id(), My::name() ); - // add session login URL + // Add session login URL App::url()->register( My::id(), 'session/login', @@ -43,6 +42,15 @@ class Prepend extends Process [UrlHandler::class, 'sessionLogin'] ); + // Add user status + App::status()->user()->set((new Status( + My::USER_PENDING , + My::id(), + 'Pending registration', + 'pending registration (>1)', + My::fileURL('icon.svg')) + )); + return true; } } diff --git a/src/UrlHandler.php b/src/UrlHandler.php index e432a69..518cdb0 100644 --- a/src/UrlHandler.php +++ b/src/UrlHandler.php @@ -49,6 +49,10 @@ class UrlHandler extends Url App::blog()->triggerBlog(); Http::redirect(App::blog()->url()); + // user pending activation + } elseif (is_array($args) && $args[0] == 'pending' && App::auth()->userID() == '') { + App::frontend()->context()->form_error = __("Error: your account is not yet activated."); + self::serveTemplate(My::id() . '.html'); // no loggin session, go to login page } elseif (App::auth()->userID() == '') { self::serveTemplate(My::id() . '.html'); diff --git a/src/Widgets.php b/src/Widgets.php index 755d03c..52ff8fe 100644 --- a/src/Widgets.php +++ b/src/Widgets.php @@ -59,7 +59,7 @@ class Widgets } else { $res .= '