implement User::isBlocked() and User::isExpired() and use them across the system, fixes #2025

Closes #2025 Merge request studip/studip!1318

implement User::isBlocked() and User::isExpired() and use them across the system, fixes #2025
05bd7c02 · Jan-Hendrik Willms · ec43f9bf · 05bd7c02 · 05bd7c02 · 05bd7c02
Commit 05bd7c02 authored 1 year ago by Jan-Hendrik Willms
--- a/lib/classes/ForumAbo.php
+++ b/lib/classes/ForumAbo.php
@@ -108,17 +108,6 @@ class ForumAbo
            $user = User::find($user_id);
-            // check if user wants an email for all or selected messages only
-            $force_email = false;
-            if ($messaging->user_wants_email($user_id)) {
-                $force_email = true;
-            }
-            // do not send mails when account is locked or expired
-            $expiration = UserConfig::get($user->id)->EXPIRATION_DATE;
-            if ($user->locked || ($expiration > 0 && $expiration < time())) {
-                $force_email = false;
-            }
            setTempLanguage($data['user_id']);
            $notification = sprintf(
                _('%s hat einen Beitrag geschrieben'),
@@ -138,7 +127,8 @@ class ForumAbo
                Icon::create('forum', 'clickable')
            );
-            if ($force_email) {
+            // check if user wants an email for all or selected messages only
+            if (!$user->isBlocked() && $messaging->user_wants_email($user_id)) {
                $title = implode(' >> ', ForumEntry::getFlatPathToPosting($topic_id));
                $subject = _('[Forum]') . ' ' . ($title ?: _('Neuer Beitrag'));

--- a/lib/classes/auth_plugins/StudipAuthAbstract.class.php
+++ b/lib/classes/auth_plugins/StudipAuthAbstract.class.php
@@ -149,9 +149,7 @@ class StudipAuthAbstract
                    $checkIPRange = ($GLOBALS['ENABLE_ADMIN_IP_CHECK'] && $user['perms'] === 'admin')
                        || ($GLOBALS['ENABLE_ROOT_IP_CHECK'] && $user['perms'] === 'root');
-                    $exp_d = UserConfig::get($user['user_id'])->EXPIRATION_DATE;
+                    if ($user->isExpired()) {
-                    if ($exp_d > 0 && $exp_d < time()) {
                        $error .= _('Dieses Benutzerkonto ist abgelaufen.<br> Wenden Sie sich bitte an die Administration.') . '<BR>';
                        return ['uid' => false, 'error' => $error];
                    } else if ($locked) {

--- a/lib/cronjobs/send_mail_notifications.class.php
+++ b/lib/cronjobs/send_mail_notifications.class.php
@@ -106,11 +106,7 @@ class SendMailNotificationsJob extends CronJob
            [],
            function ($user_id) use ($parameters, $notification) {
                $user = User::find($user_id);
-                if (
+                if (!$user || $user->isBlocked()) {
-                    !$user
-                    || $user->locked
-                    || ($user->config->EXPIRATION_DATE > 0 && $user->config->EXPIRATION_DATE < time())
-                ) {
                    return;
                }

--- a/lib/messaging.inc.php
+++ b/lib/messaging.inc.php
@@ -166,9 +166,9 @@ class messaging
        if (!$to) {
            return;
        }
        // do not send mails when account is locked or expired
-        $expiration = UserConfig::get($receiver->id)->EXPIRATION_DATE;
+        if ($receiver->isBlocked()) {
-        if ($receiver->locked || ($expiration > 0 && $expiration < time())) {
            return;
        }

--- a/lib/models/User.class.php
+++ b/lib/models/User.class.php
@@ -1474,4 +1474,28 @@ class User extends AuthUserMd5 implements Range, PrivacyObject
    {
        return $this->getFullName();
    }
+    /**
+     * Returns whether a user is blocked either explicitely due to the "locked"
+     * property or by a set expiration date.
+     *
+     * @return bool
+     * @since Stud.IP 5.4
+     */
+    public function isBlocked(): bool
+    {
+        return $this->locked || $this->isExpired();
+    }
+    /**
+     * Returns whether a user account is expired.
+     *
+     * @return bool
+     * @since Stud.IP 5.4
+     */
+    public function isExpired(): bool
+    {
+        return $this->config->EXPIRATION_DATE > 0
+            && $this->config->EXPIRATION_DATE < time();
+    }
 }
--- a/lib/phplib/Seminar_Auth.class.php
+++ b/lib/phplib/Seminar_Auth.class.php
@@ -230,12 +230,11 @@ class Seminar_Auth
        if (!empty($this->auth['uid']) && !in_array($this->auth['uid'], ['form', 'nobody'])) {
            $user = null;
            if (isset($GLOBALS['user']) && $GLOBALS['user']->id == $this->auth['uid']) {
-                $user = $GLOBALS['user'];
+                $user = $GLOBALS['user']->getAuthenticatedUser();
            } else {
                $user = User::find($this->auth['uid']);
            }
-            $exp_d = $user->username ? UserConfig::get($user->id)->EXPIRATION_DATE : 0;
+            if (!$user->username || $user->isBlocked()) {
-            if (!$user->username || $user->locked || ($exp_d > 0 && $exp_d < time())) {
                $this->unauth();
            }
        } elseif ($cfg->getValue('MAINTENANCE_MODE_ENABLE') && Request::username('loginname')) {
@@ -265,8 +264,7 @@ class Seminar_Auth
                $authplugin->authenticateUser('', '');
                if ($authplugin->getUser()) {
                    $user = $authplugin->getStudipUser($authplugin->getUser());
-                    $exp_d = UserConfig::get($user->id)->EXPIRATION_DATE;
+                    if ($user->isExpired()) {
-                    if ($exp_d > 0 && $exp_d < time()) {
                        throw new AccessDeniedException(_('Dieses Benutzerkonto ist abgelaufen. Wenden Sie sich bitte an die Administration.'));
                    }
                    if ($user->locked == 1) {