父节点
a0868973c1
当前提交
072e98229e
|
@ -17,8 +17,7 @@
|
|||
"Hooks": {
|
||||
"GetPreferences": "PreferencesHook",
|
||||
"getUserPermissionsErrors": "PermissionsHook",
|
||||
"SpecialContributionsBeforeMainOutput": "PermissionsHook",
|
||||
"ApiOptions": "PermissionsHook"
|
||||
"SpecialContributionsBeforeMainOutput": "PermissionsHook"
|
||||
},
|
||||
"HookHandlers": {
|
||||
"PreferencesHook": {
|
||||
|
|
|
@ -11,8 +11,6 @@ use MediaWiki\User\UserGroupManager;
|
|||
use MediaWiki\Hook\SpecialContributionsBeforeMainOutputHook;
|
||||
use MediaWiki\MediaWikiServices;
|
||||
use MediaWiki\SpecialPage;
|
||||
use MediaWiki\Api\Hook\ApiOptionsHook;
|
||||
use ApiOptions;
|
||||
use RequestContext;
|
||||
use Config;
|
||||
use Title;
|
||||
|
@ -20,8 +18,7 @@ use User;
|
|||
|
||||
class PermissionsHook implements
|
||||
getUserPermissionsErrorsHook,
|
||||
SpecialContributionsBeforeMainOutputHook,
|
||||
ApiOptionsHook
|
||||
SpecialContributionsBeforeMainOutputHook
|
||||
{
|
||||
/** @var permissionManager */
|
||||
private $permissionManager;
|
||||
|
@ -193,61 +190,4 @@ class PermissionsHook implements
|
|||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param ApiOptions $apiModule
|
||||
* @param User $user
|
||||
* @param array $changes
|
||||
* @param string[] $resetKinds
|
||||
* @return bool|void
|
||||
*/
|
||||
public function onApiOptions($apiModule, $user, $changes, $resetKinds)
|
||||
{
|
||||
// Only hook to the core module but not to our code that inherits from it
|
||||
if ($apiModule->getModuleName() !== 'options' && $apiModule->getModuleName() !== 'globalpreferences') {
|
||||
return;
|
||||
}
|
||||
|
||||
global $wgRNRSConfirmedGroup;
|
||||
|
||||
$localuserid = (string)RequestContext::getMain()->getUser()->getID();
|
||||
$centralid = (string)$lookup->centralIdFromLocalUser($user);
|
||||
$registration = $this->userRegistrationLookup->getRegistration($user);
|
||||
|
||||
foreach ($changes as $preference) {
|
||||
$rnrsverifyhash = $preference['rnrsverifyhash'];
|
||||
$rnrsverifyhash2 = $preference['rnrsverifyhash2'];
|
||||
$rnrsverifyuserid = $preference['rnrsverifyuserid'];
|
||||
$rnrsverifytime = $preference['rnrsverifytime'];
|
||||
|
||||
// Mode 1: user ID + verify time + salt
|
||||
$rnrsverified_mode1 = (
|
||||
$rnrsverifyhash === hash('sha3-256', $rnrsverifyuserid . $rnrsverifytime . hash('sha3-256', $rnrssalt)) ||
|
||||
$rnrsverifyhash === hash('sha3-256', $localuserid . $rnrsverifytime . hash('sha3-256', $rnrssalt)) ||
|
||||
$rnrsverifyhash === hash('sha3-256', $centralid . $rnrsverifytime . hash('sha3-256', $rnrssalt))
|
||||
);
|
||||
|
||||
// Mode2: registration timestamp + verify time + salt
|
||||
$rnrsverified_mode2 = $rnrsverifyhash2 === hash('sha3-256', $registration . $rnrsverifytime . hash('sha3-256', $rnrssalt));
|
||||
|
||||
$rnrsverified = $rnrsverified_mode1 || $rnrsverified_mode2;
|
||||
|
||||
if ($rnrsverified) {
|
||||
$rnrsverified_enabled_confirmed_group = in_array(
|
||||
$wgRNRSConfirmedGroup,
|
||||
array_merge(
|
||||
$this->userGroupManager->listAllImplicitGroups(),
|
||||
$this->userGroupManager->listAllGroups()
|
||||
)
|
||||
);
|
||||
|
||||
if (
|
||||
$rnrsverified_enabled_confirmed_group &&
|
||||
!in_array($wgRNRSConfirmedGroup, $this->permissionManager->getUserPermissions($user))
|
||||
) {
|
||||
$this->userGroupManager->addUserToGroup($user, 'rnrsverify-confirmed');
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
正在加载...
在新工单中引用