From 05bd7c028057e0c635116f8496f0570d9dcad331 Mon Sep 17 00:00:00 2001
From: Jan-Hendrik Willms <tleilax+studip@gmail.com>
Date: Fri, 9 Jun 2023 08:04:05 +0000
Subject: [PATCH] implement User::isBlocked() and User::isExpired() and use
them across the system, fixes #2025
Closes #2025
Merge request studip/studip!1318
---
lib/classes/ForumAbo.php | 14 ++---------
.../auth_plugins/StudipAuthAbstract.class.php | 4 +---
.../send_mail_notifications.class.php | 6 +----
lib/messaging.inc.php | 4 ++--
lib/models/User.class.php | 24 +++++++++++++++++++
lib/phplib/Seminar_Auth.class.php | 8 +++----
6 files changed, 33 insertions(+), 27 deletions(-)
diff --git a/lib/classes/ForumAbo.php b/lib/classes/ForumAbo.php
index c32761c790f..334b4245553 100644
--- a/lib/classes/ForumAbo.php
+++ b/lib/classes/ForumAbo.php
@@ -108,17 +108,6 @@ class ForumAbo
$user = User::find($user_id);
- // check if user wants an email for all or selected messages only
- $force_email = false;
- if ($messaging->user_wants_email($user_id)) {
- $force_email = true;
- }
- // do not send mails when account is locked or expired
- $expiration = UserConfig::get($user->id)->EXPIRATION_DATE;
- if ($user->locked || ($expiration > 0 && $expiration < time())) {
- $force_email = false;
- }
-
setTempLanguage($data['user_id']);
$notification = sprintf(
_('%s hat einen Beitrag geschrieben'),
@@ -138,7 +127,8 @@ class ForumAbo
Icon::create('forum', 'clickable')
);
- if ($force_email) {
+ // check if user wants an email for all or selected messages only
+ if (!$user->isBlocked() && $messaging->user_wants_email($user_id)) {
$title = implode(' >> ', ForumEntry::getFlatPathToPosting($topic_id));
$subject = _('[Forum]') . ' ' . ($title ?: _('Neuer Beitrag'));
diff --git a/lib/classes/auth_plugins/StudipAuthAbstract.class.php b/lib/classes/auth_plugins/StudipAuthAbstract.class.php
index f18ecd441ab..d1bcfac6080 100644
--- a/lib/classes/auth_plugins/StudipAuthAbstract.class.php
+++ b/lib/classes/auth_plugins/StudipAuthAbstract.class.php
@@ -149,9 +149,7 @@ class StudipAuthAbstract
$checkIPRange = ($GLOBALS['ENABLE_ADMIN_IP_CHECK'] && $user['perms'] === 'admin')
|| ($GLOBALS['ENABLE_ROOT_IP_CHECK'] && $user['perms'] === 'root');
- $exp_d = UserConfig::get($user['user_id'])->EXPIRATION_DATE;
-
- if ($exp_d > 0 && $exp_d < time()) {
+ if ($user->isExpired()) {
$error .= _('Dieses Benutzerkonto ist abgelaufen.<br> Wenden Sie sich bitte an die Administration.') . '<BR>';
return ['uid' => false, 'error' => $error];
} else if ($locked) {
diff --git a/lib/cronjobs/send_mail_notifications.class.php b/lib/cronjobs/send_mail_notifications.class.php
index 08882943b94..5565218e4a5 100644
--- a/lib/cronjobs/send_mail_notifications.class.php
+++ b/lib/cronjobs/send_mail_notifications.class.php
@@ -106,11 +106,7 @@ class SendMailNotificationsJob extends CronJob
[],
function ($user_id) use ($parameters, $notification) {
$user = User::find($user_id);
- if (
- !$user
- || $user->locked
- || ($user->config->EXPIRATION_DATE > 0 && $user->config->EXPIRATION_DATE < time())
- ) {
+ if (!$user || $user->isBlocked()) {
return;
}
diff --git a/lib/messaging.inc.php b/lib/messaging.inc.php
index b055c7f1a13..ce194c375ce 100644
--- a/lib/messaging.inc.php
+++ b/lib/messaging.inc.php
@@ -166,9 +166,9 @@ class messaging
if (!$to) {
return;
}
+
// do not send mails when account is locked or expired
- $expiration = UserConfig::get($receiver->id)->EXPIRATION_DATE;
- if ($receiver->locked || ($expiration > 0 && $expiration < time())) {
+ if ($receiver->isBlocked()) {
return;
}
diff --git a/lib/models/User.class.php b/lib/models/User.class.php
index 9fa05226859..5f10a7e870e 100644
--- a/lib/models/User.class.php
+++ b/lib/models/User.class.php
@@ -1474,4 +1474,28 @@ class User extends AuthUserMd5 implements Range, PrivacyObject
{
return $this->getFullName();
}
+
+ /**
+ * Returns whether a user is blocked either explicitely due to the "locked"
+ * property or by a set expiration date.
+ *
+ * @return bool
+ * @since Stud.IP 5.4
+ */
+ public function isBlocked(): bool
+ {
+ return $this->locked || $this->isExpired();
+ }
+
+ /**
+ * Returns whether a user account is expired.
+ *
+ * @return bool
+ * @since Stud.IP 5.4
+ */
+ public function isExpired(): bool
+ {
+ return $this->config->EXPIRATION_DATE > 0
+ && $this->config->EXPIRATION_DATE < time();
+ }
}
diff --git a/lib/phplib/Seminar_Auth.class.php b/lib/phplib/Seminar_Auth.class.php
index fd3080fe142..dc65d19ef90 100644
--- a/lib/phplib/Seminar_Auth.class.php
+++ b/lib/phplib/Seminar_Auth.class.php
@@ -230,12 +230,11 @@ class Seminar_Auth
if (!empty($this->auth['uid']) && !in_array($this->auth['uid'], ['form', 'nobody'])) {
$user = null;
if (isset($GLOBALS['user']) && $GLOBALS['user']->id == $this->auth['uid']) {
- $user = $GLOBALS['user'];
+ $user = $GLOBALS['user']->getAuthenticatedUser();
} else {
$user = User::find($this->auth['uid']);
}
- $exp_d = $user->username ? UserConfig::get($user->id)->EXPIRATION_DATE : 0;
- if (!$user->username || $user->locked || ($exp_d > 0 && $exp_d < time())) {
+ if (!$user->username || $user->isBlocked()) {
$this->unauth();
}
} elseif ($cfg->getValue('MAINTENANCE_MODE_ENABLE') && Request::username('loginname')) {
@@ -265,8 +264,7 @@ class Seminar_Auth
$authplugin->authenticateUser('', '');
if ($authplugin->getUser()) {
$user = $authplugin->getStudipUser($authplugin->getUser());
- $exp_d = UserConfig::get($user->id)->EXPIRATION_DATE;
- if ($exp_d > 0 && $exp_d < time()) {
+ if ($user->isExpired()) {
throw new AccessDeniedException(_('Dieses Benutzerkonto ist abgelaufen. Wenden Sie sich bitte an die Administration.'));
}
if ($user->locked == 1) {
--
GitLab