Elgg  Version master
Validation.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Users;
4 
7 
13 class Validation {
14 
22  public static function addRiverActivityAfterValidation(\Elgg\Event $event) {
23  if (!(bool) elgg_get_config('user_joined_river')) {
24  return;
25  }
26 
28  'action_type' => 'join',
29  'subject_guid' => $event->getObject()->guid,
30  'object_guid' => elgg_get_site_entity()->guid,
31  ]);
32  }
33 
41  public static function checkAdminValidation(\Elgg\Event $event) {
42 
43  if (!(bool) elgg_get_config('require_admin_validation')) {
44  return;
45  }
46 
47  $user = $event->getUserParam();
48  if (!$user instanceof \ElggUser) {
49  return;
50  }
51 
53 
54  if ($user->isEnabled()) {
55  // disable the user until validation
56  $user->disable('admin_validation_required', false);
57  }
58 
59  // set validation status
60  $user->setValidationStatus(false);
61 
62  // store a flag in session so we can forward the user correctly
64  $session->set('admin_validation', true);
65 
67  });
68  }
69 
75  protected static function notifyAdminsAboutPendingUsers(): void {
76  if (!(bool) elgg_get_config('admin_validation_notification')) {
77  return;
78  }
79 
80  $unvalidated_count = elgg_call(ELGG_IGNORE_ACCESS | ELGG_SHOW_DISABLED_ENTITIES, function() {
81  return elgg_count_entities([
82  'type' => 'user',
83  'metadata_name_value_pairs' => [
84  'validated' => 0,
85  ],
86  ]);
87  });
88 
89  if (empty($unvalidated_count)) {
90  // shouldn't be able to get here because this function is triggered when a user is marked as unvalidated
91  return;
92  }
93 
95  $admins = elgg_get_admins([
96  'limit' => false,
97  'batch' => true,
98  ]);
99 
100  $url = elgg_normalize_url('admin/users/unvalidated');
101 
102  /* @var $admin \ElggUser */
103  foreach ($admins as $admin) {
104  $notification_preferences = $admin->getNotificationSettings('admin_validation_notification');
105  $notification_preferences = array_keys(array_filter($notification_preferences));
106  if (empty($notification_preferences)) {
107  continue;
108  }
109 
110  $subject = elgg_echo('admin:notification:unvalidated_users:subject', [$site->getDisplayName()], $admin->getLanguage());
111  $body = elgg_echo('admin:notification:unvalidated_users:body', [
112  $unvalidated_count,
113  $site->getDisplayName(),
114  $url,
115  ], $admin->getLanguage());
116 
117  $params = [
118  'action' => 'admin:unvalidated',
119  'object' => $admin,
120  ];
121 
122  notify_user($admin->guid, $site->guid, $subject, $body, $params, $notification_preferences);
123  }
124  }
125 
135  public static function preventUserLogin(\Elgg\Event $event) {
136 
137  if (!(bool) elgg_get_config('require_admin_validation')) {
138  return;
139  }
140 
141  $user = $event->getObject();
142  if (!$user instanceof \ElggUser) {
143  return;
144  }
145 
146  elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($user) {
147  if ($user->isEnabled() && $user->isValidated() !== false) {
148  return;
149  }
150 
151  throw new LoginException(elgg_echo('LoginException:AdminValidationPending'));
152  });
153  }
154 
162  public static function setRegistrationForwardUrl(\Elgg\Event $event) {
163 
164  $response = $event->getValue();
165  if (!$response instanceof ResponseBuilder) {
166  return;
167  }
168 
170  if (!$session->get('admin_validation')) {
171  return;
172  }
173 
174  // if other plugins already have set forwarding, don't do anything
175  if (!empty($response->getForwardURL()) && $response->getForwardURL() !== REFERRER) {
176  return;
177  }
178 
179  $response->setForwardURL(elgg_generate_url('account:validation:pending'));
180 
181  return $response;
182  }
183 
192  public static function removeUnvalidatedUsers(\Elgg\Event $event): void {
193 
194  $days = (int) elgg_get_config('remove_unvalidated_users_days');
195  if ($days < 1) {
196  return;
197  }
198 
199  // removing users could take a while
200  set_time_limit(0);
201 
202  elgg_call(ELGG_IGNORE_ACCESS | ELGG_SHOW_DISABLED_ENTITIES, function() use ($days) {
203  /* @var $users \ElggBatch */
205  'type' => 'user',
206  'metadata_name_value_pairs' => [
207  'validated' => false,
208  ],
209  'created_before' => "-{$days} days",
210  'limit' => false,
211  'batch' => true,
212  'batch_inc_offset' => false,
213  ]);
214 
215  /* @var $user \ElggUser */
216  foreach ($users as $user) {
217  if (!$user->delete()) {
218  // make sure the batch skips over the failed user in the next iteration
219  $users->reportFailure();
220  }
221  }
222  });
223  }
224 }
$site
Definition: icons.php:5
$params
Saves global plugin settings.
Definition: save.php:13
$body
Definition: useradd.php:55
$admin
Definition: useradd.php:19
$subject
Definition: useradd.php:54
$user
Definition: ban.php:7
if(empty($user_guids)) $users
Definition: ban.php:12
Models an event passed to event handlers.
Definition: Event.php:11
Generic parent class for login exceptions.
User Validation related events.
Definition: Validation.php:13
static setRegistrationForwardUrl(\Elgg\Event $event)
Set the correct forward url after user registration.
Definition: Validation.php:162
static removeUnvalidatedUsers(\Elgg\Event $event)
Remove unvalidated users after x days.
Definition: Validation.php:192
static preventUserLogin(\Elgg\Event $event)
Prevent unvalidated users from logging in.
Definition: Validation.php:135
static notifyAdminsAboutPendingUsers()
Send a notification to all admins that there are pending user validations.
Definition: Validation.php:75
static checkAdminValidation(\Elgg\Event $event)
Check if new users need to be validated by an administrator.
Definition: Validation.php:41
static addRiverActivityAfterValidation(\Elgg\Event $event)
Adds river activity that a new user joined the site.
Definition: Validation.php:22
elgg_get_config(string $name, $default=null)
Get an Elgg configuration value.
const ELGG_IGNORE_ACCESS
elgg_call() flags
Definition: constants.php:121
const ELGG_SHOW_DISABLED_ENTITIES
Definition: constants.php:123
const REFERRER
Used in calls to forward() to specify the browser should be redirected to the referring page.
Definition: constants.php:37
foreach($plugin_guids as $guid) if(empty($deactivated_plugins)) $url
Definition: deactivate.php:39
elgg_call(int $flags, Closure $closure)
Calls a callable autowiring the arguments using public DI services and applying logic based on flags.
Definition: elgglib.php:306
elgg_get_admins(array $options=[])
Elgg admin functions.
Definition: admin.php:26
elgg_count_entities(array $options=[])
Returns a count of entities.
Definition: entities.php:518
elgg_get_entities(array $options=[])
Fetches/counts entities or performs a calculation on their properties.
Definition: entities.php:507
elgg_get_site_entity()
Get the current site entity.
Definition: entities.php:101
HTTP response builder interface.
elgg_echo(string $message_key, array $args=[], string $language='')
Elgg language module Functions to manage language and translations.
Definition: languages.php:17
if(isset($_COOKIE['elggperm'])) $session
Definition: login_as.php:29
notify_user(int|array $to, int $from=0, string $subject='', string $message='', array $params=[], $methods_override=null)
Notify a user via their preferences.
elgg_normalize_url(string $url)
Definition: output.php:163
elgg_generate_url(string $name, array $parameters=[])
Generate a URL for named route.
elgg_create_river_item(array $options=[])
Elgg river.
Definition: river.php:28
if(parse_url(elgg_get_site_url(), PHP_URL_PATH) !=='/') if(file_exists(elgg_get_root_path() . 'robots.txt'))
Set robots.txt.
Definition: robots.php:10
elgg_get_session()
Gets Elgg's session object.
Definition: sessions.php:15
$response
Definition: content.php:10