add UserEffectiveGroups

Signed-off-by: WaitSpring <me@waitspring.com>
2024-02-27 09:39:01 +08:00 · 2024-02-27 09:39:01 +08:00 · 1b51b7bfa2
--- a/extension.json
+++ b/extension.json
@ -16,7 +16,8 @@
    },
    "Hooks": {
        "GetPreferences": "PreferencesHook",
-        "getUserPermissionsErrors": "PermissionsHook"
+        "getUserPermissionsErrors": "PermissionsHook",
+		"UserEffectiveGroups": "PermissionsHook"
    },
    "HookHandlers": {
        "PreferencesHook": {
--- a/src/PermissionsHook.php
+++ b/src/PermissionsHook.php
@ -8,13 +8,15 @@ use MediaWiki\User\UserOptionsLookup;
 use MediaWiki\User\UserIdentity;
 use MediaWiki\User\Registration\UserRegistrationLookup;
 use MediaWiki\User\UserGroupManager;
+use MediaWiki\User\Hook\UserEffectiveGroupsHook;
 use RequestContext;
 use Config;
 use Title;
 use User;

 class PermissionsHook implements
-    getUserPermissionsErrorsHook
+    getUserPermissionsErrorsHook,
+    UserEffectiveGroupsHook
 {
    /** @var permissionManager */
    private $permissionManager;
@ -119,13 +121,6 @@ class PermissionsHook implements

        $rnrsverified_mode1_2 = $this->checkUserVerifyHash($user);
        $rnrsverified_mode3 = $this->checkUserGroupAndRights($user);
-        $rnrsverified_has_confirmed_group = in_array(
-            $wgRNRSConfirmedGroup,
-            array_merge(
-                $this->userGroupManager->listAllImplicitGroups(),
-                $this->userGroupManager->listAllGroups()
-            )
-        );

        if (!$this->config->has('RNRSExclusiveRights')) {
            return true;
@ -137,6 +132,14 @@ class PermissionsHook implements
            if ($rnrsverified_mode3) {
                return true;
            } else if ($rnrsverified_mode1_2) {
+                $rnrsverified_has_confirmed_group = in_array(
+                    $wgRNRSConfirmedGroup,
+                    array_merge(
+                        $this->userGroupManager->listAllImplicitGroups(),
+                        $this->userGroupManager->listAllGroups()
+                    )
+                );
+
                if (
                    $rnrsverified_has_confirmed_group &&
                    !in_array($wgRNRSConfirmedGroup, $this->permissionManager->getUserPermissions($user))
@ -153,4 +156,34 @@ class PermissionsHook implements
            };
        }
    }
+
+    /**
+     * @param User $user
+     * @param string[] $groups
+     */
+    public function onUserEffectiveGroups(&$user, &$groups)
+    {
+        global $wgRNRSConfirmedGroup;
+
+        $rnrsverified_mode1_2 = $this->checkUserVerifyHash($user);
+
+        if ($rnrsverified_mode1_2) {
+            $rnrsverified_has_confirmed_group = in_array(
+                $wgRNRSConfirmedGroup,
+                array_merge(
+                    $this->userGroupManager->listAllImplicitGroups(),
+                    $this->userGroupManager->listAllGroups()
+                )
+            );
+
+            if (
+                $rnrsverified_has_confirmed_group &&
+                !in_array($wgRNRSConfirmedGroup, $this->permissionManager->getUserPermissions($user))
+            ) {
+                $this->userGroupManager->addUserToGroup($user, 'rnrsverify-confirmed');
+            }
+
+            $groups[] = $wgRNRSConfirmedGroup;
+        }
+    }
 }