From cba114c8506d5740ca1df00711a46b6c303e2205 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 7 Dec 2009 11:29:18 -0800 Subject: [PATCH] Add a "grandfather" creation date cutoff to RequireValidatedEmail plugin; will allow us to use this for temporary emergency moderation of new registrations without affecting older accounts. --- plugins/RequireValidatedEmail/README | 21 ++++++++ .../RequireValidatedEmailPlugin.php | 52 ++++++++++++++++++- 2 files changed, 71 insertions(+), 2 deletions(-) create mode 100644 plugins/RequireValidatedEmail/README diff --git a/plugins/RequireValidatedEmail/README b/plugins/RequireValidatedEmail/README new file mode 100644 index 0000000000..ccd94d271d --- /dev/null +++ b/plugins/RequireValidatedEmail/README @@ -0,0 +1,21 @@ +This plugin disables posting for accounts that do not have a +validated email address. + +Example: + + addPlugin('RequireValidatedEmail'); + +If you don't want to apply the validationr equirement to existing +accounts, you can specify a cutoff date to grandfather in users +registered prior to that timestamp. + + addPlugin('RequireValidatedEmail', + array('grandfatherCutoff' => 'Dec 7, 2009'); + + +Todo: +* make email field required on registration form +* add a more visible indicator that validation is still outstanding +* localization for UI strings +* test with XMPP, API posting + diff --git a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php index 4806538a04..04adbf00ee 100644 --- a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php +++ b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php @@ -21,7 +21,7 @@ * * @category Plugin * @package StatusNet - * @author Craig Andrews + * @author Craig Andrews , Brion Vibber * @copyright 2009 Craig Andrews http://candrews.integralblue.com * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ @@ -33,20 +33,68 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { class RequireValidatedEmailPlugin extends Plugin { + // Users created before this time will be grandfathered in + // without the validation requirement. + public $grandfatherCutoff=null; + function __construct() { parent::__construct(); } + /** + * Event handler for notice saves; rejects the notice + * if user's address isn't validated. + * + * @param Notice $notice + * @return bool hook result code + */ function onStartNoticeSave($notice) { $user = User::staticGet('id', $notice->profile_id); if (!empty($user)) { // it's a remote notice - if (empty($user->email)) { + if (!$this->validated($user)) { throw new ClientException(_("You must validate your email address before posting.")); } } return true; } + + /** + * Check if a user has a validated email address or has been + * otherwise grandfathered in. + * + * @param User $user + * @return bool + */ + protected function validated($user) + { + if ($this->grandfathered($user)) { + return true; + } + + // The email field is only stored after validation... + // Until then you'll find them in confirm_address. + return !empty($user->email); + } + + /** + * Check if a user was created before the grandfathering cutoff. + * If so, we won't need to check for validation. + * + * @param User $user + * @return bool + */ + protected function grandfathered($user) + { + if ($this->grandfatherCutoff) { + $created = strtotime($user->created . " GMT"); + $cutoff = strtotime($this->grandfatherCutoff); + if ($created < $cutoff) { + return true; + } + } + return false; + } }