父节点
072e98229e
当前提交
7bba4123e0
|
|
@ -60,12 +60,10 @@ class PermissionsHook implements
|
|||
$rnrssalt = $this->config->get('RNRSSalt');
|
||||
$lookup = MediaWikiServices::getInstance()->getCentralIdLookup();
|
||||
$rnrsverifyhash = $this->userOptionsLookup->getOption($user, 'rnrsverifyhash');
|
||||
$rnrsverifyhash2 = $this->userOptionsLookup->getOption($user, 'rnrsverifyhash2');
|
||||
$rnrsverifyuserid = $this->userOptionsLookup->getOption($user, 'rnrsverifyuserid');
|
||||
$localuserid = (string)RequestContext::getMain()->getUser()->getID();
|
||||
$centralid = (string)$lookup->centralIdFromLocalUser($user);
|
||||
$rnrsverifytime = $this->userOptionsLookup->getOption($user, 'rnrsverifytime');
|
||||
$registration = $this->userRegistrationLookup->getRegistration($user);
|
||||
|
||||
// Mode 1: user ID + verify time + salt
|
||||
$rnrsverified_mode1 = (
|
||||
|
|
@ -74,12 +72,7 @@ class PermissionsHook implements
|
|||
$rnrsverifyhash === hash('sha3-256', $centralid . $rnrsverifytime . hash('sha3-256', $rnrssalt))
|
||||
);
|
||||
|
||||
// Mode2: registration timestamp + verify time + salt
|
||||
$rnrsverified_mode2 = $rnrsverifyhash2 === hash('sha3-256', $registration . $rnrsverifytime . hash('sha3-256', $rnrssalt));
|
||||
|
||||
$rnrsverified = $rnrsverified_mode1 || $rnrsverified_mode2;
|
||||
|
||||
if ($rnrsverified) {
|
||||
if ($rnrsverified_mode1) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
|
|
@ -93,12 +86,10 @@ class PermissionsHook implements
|
|||
*/
|
||||
private function checkUserGroupAndRights(UserIdentity $user)
|
||||
{
|
||||
global $wgRNRSExemptGroup;
|
||||
|
||||
// Mode3: exempted from verification
|
||||
$rnrsverified_mode3 = (
|
||||
$this->permissionManager->userHasRight($user, 'rnrsverify-exempt') ||
|
||||
in_array($wgRNRSExemptGroup, $this->permissionManager->getUserPermissions($user)) ||
|
||||
in_array($this->config->get('RNRSExemptGroup'), $this->permissionManager->getUserPermissions($user)) ||
|
||||
in_array('bot', $this->permissionManager->getUserPermissions($user))
|
||||
);
|
||||
|
||||
|
|
@ -119,30 +110,30 @@ class PermissionsHook implements
|
|||
*/
|
||||
public function onGetUserPermissionsErrors($title, $user, $action, &$result)
|
||||
{
|
||||
global $wgRNRSConfirmedGroup;
|
||||
|
||||
$rnrsverified_mode1_2 = $this->checkUserVerifyHash($user);
|
||||
$rnrsverified_mode1 = $this->checkUserVerifyHash($user);
|
||||
$rnrsverified_mode3 = $this->checkUserGroupAndRights($user);
|
||||
$rnrsverified_enabled_confirmed_group = in_array(
|
||||
$wgRNRSConfirmedGroup,
|
||||
$this->config->get('RNRSConfirmedGroup'),
|
||||
array_merge(
|
||||
$this->userGroupManager->listAllImplicitGroups(),
|
||||
$this->userGroupManager->listAllGroups()
|
||||
)
|
||||
);
|
||||
|
||||
if (!$this->config->has('RNRSExclusiveRights')) {
|
||||
if (
|
||||
!$this->config->has('RNRSExclusiveRights') ||
|
||||
!$this->config->has('RNRSSalt')
|
||||
) {
|
||||
return true;
|
||||
} else if (!$this->config->has('RNRSSalt')) {
|
||||
} else if (
|
||||
$this->permissionManager->userHasRight($user, 'rnrsverify-confirmed') ||
|
||||
$this->permissionManager->userHasRight($user, 'rnrsverify-exempt')
|
||||
) {
|
||||
return true;
|
||||
} else if ($this->permissionManager->userHasRight($user, 'rnrsverify-confirmed')) {
|
||||
return true;
|
||||
} else if ($this->permissionManager->userHasRight($user, 'rnrsverify-exempt')) {
|
||||
return true;
|
||||
} else if ($rnrsverified_mode1_2) {
|
||||
} else if ($rnrsverified_mode1) {
|
||||
if (
|
||||
$rnrsverified_enabled_confirmed_group &&
|
||||
!in_array($wgRNRSConfirmedGroup, $this->permissionManager->getUserPermissions($user))
|
||||
!in_array($this->config->get('RNRSConfirmedGroup'), $this->permissionManager->getUserPermissions($user))
|
||||
) {
|
||||
$this->userGroupManager->addUserToGroup($user, 'rnrsverify-confirmed');
|
||||
}
|
||||
|
|
@ -150,7 +141,7 @@ class PermissionsHook implements
|
|||
} else if ($rnrsverified_mode3) {
|
||||
return true;
|
||||
} else if (
|
||||
!$rnrsverified_mode1_2 && !$rnrsverified_mode3 &&
|
||||
!$rnrsverified_mode1 && !$rnrsverified_mode3 &&
|
||||
in_array($action, $this->config->get('RNRSExclusiveRights'))
|
||||
) {
|
||||
$result = 'rnrshook-action-restricted';
|
||||
|
|
@ -167,13 +158,11 @@ class PermissionsHook implements
|
|||
*/
|
||||
public function onSpecialContributionsBeforeMainOutput($userId, $user, $special)
|
||||
{
|
||||
global $wgRNRSConfirmedGroup;
|
||||
$rnrsverified_mode1 = $this->checkUserVerifyHash($user);
|
||||
|
||||
$rnrsverified_mode1_2 = $this->checkUserVerifyHash($user);
|
||||
|
||||
if ($rnrsverified_mode1_2) {
|
||||
if ($rnrsverified_mode1) {
|
||||
$rnrsverified_enabled_confirmed_group = in_array(
|
||||
$wgRNRSConfirmedGroup,
|
||||
$this->config->get('RNRSConfirmedGroup'),
|
||||
array_merge(
|
||||
$this->userGroupManager->listAllImplicitGroups(),
|
||||
$this->userGroupManager->listAllGroups()
|
||||
|
|
@ -182,7 +171,7 @@ class PermissionsHook implements
|
|||
|
||||
if (
|
||||
$rnrsverified_enabled_confirmed_group &&
|
||||
!in_array($wgRNRSConfirmedGroup, $this->permissionManager->getUserPermissions($user))
|
||||
!in_array($this->config->get('RNRSConfirmedGroup'), $this->permissionManager->getUserPermissions($user))
|
||||
) {
|
||||
$this->userGroupManager->addUserToGroup($user, 'rnrsverify-confirmed');
|
||||
}
|
||||
|
|
|
|||
正在加载...
在新工单中引用