Elgg  Version master
Validation.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Users;
4 
7 
13 class Validation {
14 
22  public static function addRiverActivityAfterValidation(\Elgg\Event $event) {
23  if (!(bool) elgg_get_config('user_joined_river')) {
24  return;
25  }
26 
28  'action_type' => 'join',
29  'subject_guid' => $event->getObject()->guid,
30  'object_guid' => elgg_get_site_entity()->guid,
31  ]);
32  }
33 
41  public static function checkAdminValidation(\Elgg\Event $event) {
42 
43  if (!(bool) elgg_get_config('require_admin_validation')) {
44  return;
45  }
46 
47  $user = $event->getUserParam();
48  if (!$user instanceof \ElggUser) {
49  return;
50  }
51 
53 
54  if ($user->isEnabled()) {
55  // disable the user until validation
56  $user->disable('admin_validation_required', false);
57  }
58 
59  // set validation status
60  $user->setValidationStatus(false);
61 
62  // store a flag in session so we can forward the user correctly
64  $session->set('admin_validation', true);
65 
66  self::notifyAdminsAboutPendingUsers();
67  });
68  }
69 
75  protected static function notifyAdminsAboutPendingUsers(): void {
76  if (!(bool) elgg_get_config('admin_validation_notification')) {
77  return;
78  }
79 
80  $unvalidated_count = elgg_call(ELGG_IGNORE_ACCESS | ELGG_SHOW_DISABLED_ENTITIES, function() {
81  return elgg_count_entities([
82  'type' => 'user',
83  'metadata_name_value_pairs' => [
84  'validated' => 0,
85  ],
86  ]);
87  });
88 
89  if (empty($unvalidated_count)) {
90  // shouldn't be able to get here because this function is triggered when a user is marked as unvalidated
91  return;
92  }
93 
95  $admins = elgg_get_admins([
96  'limit' => false,
97  'batch' => true,
98  ]);
99 
100  $url = elgg_normalize_url('admin/users/unvalidated');
101 
102  /* @var $admin \ElggUser */
103  foreach ($admins as $admin) {
104  $notification_preferences = $admin->getNotificationSettings('admin_validation_notification');
105  $notification_preferences = array_keys(array_filter($notification_preferences));
106  if (empty($notification_preferences)) {
107  continue;
108  }
109 
110  $subject = elgg_echo('admin:notification:unvalidated_users:subject', [$site->getDisplayName()], $admin->getLanguage());
111  $body = elgg_echo('admin:notification:unvalidated_users:body', [
112  $unvalidated_count,
113  $site->getDisplayName(),
114  $url,
115  ], $admin->getLanguage());
116 
117  $params = [
118  'action' => 'admin:unvalidated',
119  'object' => $admin,
120  ];
121 
122  notify_user($admin->guid, $site->guid, $subject, $body, $params, $notification_preferences);
123  }
124  }
125 
135  public static function preventUserLogin(\Elgg\Event $event) {
136 
137  if (!(bool) elgg_get_config('require_admin_validation')) {
138  return;
139  }
140 
141  $user = $event->getObject();
142  if (!$user instanceof \ElggUser) {
143  return;
144  }
145 
146  elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($user) {
147  if ($user->isEnabled() && $user->isValidated() !== false) {
148  return;
149  }
150 
151  throw new LoginException(elgg_echo('LoginException:AdminValidationPending'));
152  });
153  }
154 
162  public static function setRegistrationForwardUrl(\Elgg\Event $event) {
163 
164  $response = $event->getValue();
165  if (!$response instanceof ResponseBuilder) {
166  return;
167  }
168 
170  if (!$session->get('admin_validation')) {
171  return;
172  }
173 
174  // if other plugins already have set forwarding, don't do anything
175  if (!empty($response->getForwardURL()) && $response->getForwardURL() !== REFERRER) {
176  return;
177  }
178 
179  $response->setForwardURL(elgg_generate_url('account:validation:pending'));
180 
181  return $response;
182  }
183 
192  public static function removeUnvalidatedUsers(\Elgg\Event $event): void {
193 
194  $days = (int) elgg_get_config('remove_unvalidated_users_days');
195  if ($days < 1) {
196  return;
197  }
198 
199  // removing users could take a while
200  set_time_limit(0);
201 
202  elgg_call(ELGG_IGNORE_ACCESS | ELGG_SHOW_DISABLED_ENTITIES, function() use ($days) {
203  /* @var $users \ElggBatch */
205  'type' => 'user',
206  'metadata_name_value_pairs' => [
207  'validated' => false,
208  ],
209  'created_before' => "-{$days} days",
210  'limit' => false,
211  'batch' => true,
212  'batch_inc_offset' => false,
213  ]);
214 
215  /* @var $user \ElggUser */
216  foreach ($users as $user) {
217  if (!$user->delete()) {
218  // make sure the batch skips over the failed user in the next iteration
219  $users->reportFailure();
220  }
221  }
222  });
223  }
224 }
elgg_call(int $flags, Closure $closure)
Calls a callable autowiring the arguments using public DI services and applying logic based on flags...
Definition: elgglib.php:304
User Validation related events.
Definition: Validation.php:13
HTTP response builder interface.
$params
Saves global plugin settings.
Definition: save.php:13
elgg_get_config(string $name, $default=null)
Get an Elgg configuration value.
Generic parent class for login exceptions.
if(empty($user_guids)) $users
Definition: ban.php:12
$response
Definition: content.php:10
$admin
Definition: useradd.php:19
static notifyAdminsAboutPendingUsers()
Send a notification to all admins that there are pending user validations.
Definition: Validation.php:75
static checkAdminValidation(\Elgg\Event $event)
Check if new users need to be validated by an administrator.
Definition: Validation.php:41
elgg_get_session()
Gets Elgg&#39;s session object.
Definition: sessions.php:15
c Accompany it with the information you received as to the offer to distribute corresponding source complete source code means all the source code for all modules it plus any associated interface definition plus the scripts used to control compilation and installation of the executable as a special the source code distributed need not include anything that is normally and so on of the operating system on which the executable unless that component itself accompanies the executable If distribution of executable or object code is made by offering access to copy from a designated then offering equivalent access to copy the source code from the same place counts as distribution of the source even though third parties are not compelled to copy the source along with the object code You may not or distribute the Program except as expressly provided under this License Any attempt otherwise to sublicense or distribute the Program is void
Definition: LICENSE.txt:215
elgg_echo(string $message_key, array $args=[], string $language= '')
Elgg language module Functions to manage language and translations.
Definition: languages.php:17
elgg_create_river_item(array $options=[])
Elgg river.
Definition: river.php:28
$site
Definition: icons.php:5
static removeUnvalidatedUsers(\Elgg\Event $event)
Remove unvalidated users after x days.
Definition: Validation.php:192
elgg_get_admins(array $options=[])
Elgg admin functions.
Definition: admin.php:26
const ELGG_IGNORE_ACCESS
elgg_call() flags
Definition: constants.php:121
static preventUserLogin(\Elgg\Event $event)
Prevent unvalidated users from logging in.
Definition: Validation.php:135
const REFERRER
Used in calls to forward() to specify the browser should be redirected to the referring page...
Definition: constants.php:37
const ELGG_SHOW_DISABLED_ENTITIES
Definition: constants.php:123
elgg_get_entities(array $options=[])
Fetches/counts entities or performs a calculation on their properties.
Definition: entities.php:507
elgg_count_entities(array $options=[])
Returns a count of entities.
Definition: entities.php:518
$user
Definition: ban.php:7
static addRiverActivityAfterValidation(\Elgg\Event $event)
Adds river activity that a new user joined the site.
Definition: Validation.php:22
$body
Definition: useradd.php:55
elgg_get_site_entity()
Get the current site entity.
Definition: entities.php:101
if(isset($_COOKIE['elggperm'])) $session
Definition: login_as.php:29
static setRegistrationForwardUrl(\Elgg\Event $event)
Set the correct forward url after user registration.
Definition: Validation.php:162
notify_user(int|array $to, int $from=0, string $subject= '', string $message= '', array $params=[], $methods_override=null)
Notify a user via their preferences.
foreach($plugin_guids as $guid) if(empty($deactivated_plugins)) $url
Definition: deactivate.php:39
elgg_generate_url(string $name, array $parameters=[])
Generate a URL for named route.
elgg_normalize_url(string $url)
Definition: output.php:163
Login as the specified user.
$subject
Definition: useradd.php:54
Models an event passed to event handlers.
Definition: Event.php:11