| Index: trunk/extensions/CentralAuth/SpecialGlobalGroupMembership.php |
| — | — | @@ -9,7 +9,7 @@ |
| 10 | 10 | class SpecialGlobalGroupMembership extends UserrightsPage { |
| 11 | 11 | var $mGlobalUser; |
| 12 | 12 | function SpecialGlobalGroupMembership() { |
| 13 | | - SpecialPage::SpecialPage( 'GlobalGroupMembership' ); |
| | 13 | + parent::__construct( 'GlobalGroupMembership' ); |
| 14 | 14 | wfLoadExtensionMessages('SpecialCentralAuth'); |
| 15 | 15 | |
| 16 | 16 | global $wgUser; |
| Index: trunk/extensions/CentralAuth/CentralAuthUser.php |
| — | — | @@ -900,6 +900,44 @@ |
| 901 | 901 | } |
| 902 | 902 | |
| 903 | 903 | /** |
| | 904 | + * Hide a global account |
| | 905 | + */ |
| | 906 | + function adminHide() { |
| | 907 | + $dbw = self::getCentralDB(); |
| | 908 | + $dbw->begin(); |
| | 909 | + $dbw->update( 'globaluser', array( 'gu_hidden' => 1 ), |
| | 910 | + array( 'gu_name' => $this->mName ), __METHOD__ ); |
| | 911 | + if ( !$dbw->affectedRows() ) { |
| | 912 | + $dbw->commit(); |
| | 913 | + return Status::newFatal( 'centralauth-admin-hide-nonexistent', $this->mName ); |
| | 914 | + } |
| | 915 | + $dbw->commit(); |
| | 916 | + |
| | 917 | + $this->invalidateCache(); |
| | 918 | + |
| | 919 | + return Status::newGood(); |
| | 920 | + } |
| | 921 | + |
| | 922 | + /** |
| | 923 | + * Unhide a global account |
| | 924 | + */ |
| | 925 | + function adminUnhide() { |
| | 926 | + $dbw = self::getCentralDB(); |
| | 927 | + $dbw->begin(); |
| | 928 | + $dbw->update( 'globaluser', array( 'gu_hidden' => 0 ), |
| | 929 | + array( 'gu_name' => $this->mName ), __METHOD__ ); |
| | 930 | + if ( !$dbw->affectedRows() ) { |
| | 931 | + $dbw->commit(); |
| | 932 | + return Status::newFatal( 'centralauth-admin-unhide-nonexistent', $this->mName ); |
| | 933 | + } |
| | 934 | + $dbw->commit(); |
| | 935 | + |
| | 936 | + $this->invalidateCache(); |
| | 937 | + |
| | 938 | + return Status::newGood(); |
| | 939 | + } |
| | 940 | + |
| | 941 | + /** |
| 904 | 942 | * Add a local account record for the given wiki to the central database. |
| 905 | 943 | * @param string $wikiID |
| 906 | 944 | * @param int $localid |
| Index: trunk/extensions/CentralAuth/SpecialGlobalGroupPermissions.php |
| — | — | @@ -27,7 +27,7 @@ |
| 28 | 28 | class SpecialGlobalGroupPermissions extends SpecialPage |
| 29 | 29 | { |
| 30 | 30 | function __construct() { |
| 31 | | - SpecialPage::SpecialPage('GlobalGroupPermissions', 'globalgrouppermissions'); |
| | 31 | + parent::__construct('GlobalGroupPermissions', 'globalgrouppermissions'); |
| 32 | 32 | wfLoadExtensionMessages('SpecialCentralAuth'); |
| 33 | 33 | } |
| 34 | 34 | |
| Index: trunk/extensions/CentralAuth/CentralAuth.php |
| — | — | @@ -150,6 +150,7 @@ |
| 151 | 151 | $wgHooks['UserGetRights'][] = 'CentralAuthHooks::onUserGetRights'; |
| 152 | 152 | $wgHooks['UserSetCookies'][] = 'CentralAuthHooks::onUserSetCookies'; |
| 153 | 153 | $wgHooks['UserLoadDefaults'][] = 'CentralAuthHooks::onUserLoadDefaults'; |
| | 154 | +$wgHooks['getUserPermissionsErrorsExpensive'][] = 'CentralAuthHooks::onGetUserPermissionsErrorsExpensive'; |
| 154 | 155 | |
| 155 | 156 | // For interaction with the Special:Renameuser extension |
| 156 | 157 | $wgHooks['RenameUserAbort'][] = 'CentralAuthHooks::onRenameUserAbort'; |
| — | — | @@ -176,6 +177,8 @@ |
| 177 | 178 | $wgLogActions['globalauth/delete'] = 'centralauth-log-entry-delete'; |
| 178 | 179 | $wgLogActions['globalauth/lock'] = 'centralauth-log-entry-lock'; |
| 179 | 180 | $wgLogActions['globalauth/unlock'] = 'centralauth-log-entry-unlock'; |
| | 181 | +$wgLogActions['globalauth/hide'] = 'centralauth-log-entry-hide'; |
| | 182 | +$wgLogActions['globalauth/unhide'] = 'centralauth-log-entry-unhide'; |
| 180 | 183 | |
| 181 | 184 | $wgLogTypes[] = 'gblrights'; |
| 182 | 185 | $wgLogNames['gblrights'] = 'centralauth-rightslog-name'; |
| Index: trunk/extensions/CentralAuth/SpecialCentralAuth.php |
| — | — | @@ -66,7 +66,7 @@ |
| 67 | 67 | return; |
| 68 | 68 | } |
| 69 | 69 | |
| 70 | | - $deleted = $locked = $unlocked = false; |
| | 70 | + $deleted = $locked = $unlocked = $hidden = $unhidden = false; |
| 71 | 71 | |
| 72 | 72 | if( $this->mPosted ) { |
| 73 | 73 | if ( !$wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) { |
| — | — | @@ -111,6 +111,26 @@ |
| 112 | 112 | $unlocked = true; |
| 113 | 113 | $this->logAction( 'unlock', $this->mUserName, $wgRequest->getVal( 'reason' ) ); |
| 114 | 114 | } |
| | 115 | + } elseif( $this->mMethod == 'hide' ) { |
| | 116 | + $status = $globalUser->adminHide(); |
| | 117 | + if ( !$status->isGood() ) { |
| | 118 | + $this->showStatusError( $status->getWikiText() ); |
| | 119 | + } else { |
| | 120 | + global $wgLang; |
| | 121 | + $this->showSuccess( 'centralauth-admin-hide-success', $this->mUserName ); |
| | 122 | + $hidden = true; |
| | 123 | + $this->logAction( 'hide', $this->mUserName, $wgRequest->getVal( 'reason' ) ); |
| | 124 | + } |
| | 125 | + } elseif( $this->mMethod == 'unhide' ) { |
| | 126 | + $status = $globalUser->adminUnhide(); |
| | 127 | + if ( !$status->isGood() ) { |
| | 128 | + $this->showStatusError( $status->getWikiText() ); |
| | 129 | + } else { |
| | 130 | + global $wgLang; |
| | 131 | + $this->showSuccess( 'centralauth-admin-unhide-success', $this->mUserName ); |
| | 132 | + $unhidden = true; |
| | 133 | + $this->logAction( 'unhide', $this->mUserName, $wgRequest->getVal( 'reason' ) ); |
| | 134 | + } |
| 115 | 135 | } else { |
| 116 | 136 | $this->showError( 'centralauth-admin-bad-input' ); |
| 117 | 137 | } |
| — | — | @@ -120,11 +140,17 @@ |
| 121 | 141 | $this->showUsernameForm(); |
| 122 | 142 | if ( !$deleted ) { |
| 123 | 143 | $this->showInfo(); |
| 124 | | - $this->showDeleteForm(); |
| | 144 | + $this->showActionForm( 'delete' ); |
| 125 | 145 | if( !$globalUser->isLocked() && !$locked ) |
| 126 | | - $this->showLockForm(); |
| | 146 | + $this->showActionForm( 'lock' ); |
| 127 | 147 | if( $globalUser->isLocked() && !$unlocked ) |
| 128 | | - $this->showUnlockForm(); |
| | 148 | + $this->showActionForm( 'unlock' ); |
| | 149 | + if( !$globalUser->isHidden() && !$hidden ) { |
| | 150 | + $this->showActionForm( 'hide' ); |
| | 151 | + } |
| | 152 | + if( $globalUser->isHidden() && !$unhidden ) { |
| | 153 | + $this->showActionForm( 'unhide' ); |
| | 154 | + } |
| 129 | 155 | } |
| 130 | 156 | } |
| 131 | 157 | |
| — | — | @@ -309,66 +335,26 @@ |
| 310 | 336 | Xml::check( 'wpWikis[]', false, array( 'value' => $wikiID ) ); |
| 311 | 337 | } |
| 312 | 338 | |
| 313 | | - function showDeleteForm() { |
| | 339 | + function showActionForm( $action ) { |
| 314 | 340 | global $wgOut, $wgUser; |
| 315 | 341 | $wgOut->addHtml( |
| 316 | | - Xml::element( 'h2', array(), wfMsg( 'centralauth-admin-delete-title' ) ) . |
| | 342 | + Xml::element( 'h2', array(), wfMsg( "centralauth-admin-{$action}-title" ) ) . |
| 317 | 343 | Xml::openElement( 'form', array( |
| 318 | 344 | 'method' => 'POST', |
| 319 | 345 | 'action' => $this->getTitle()->getFullUrl( 'target=' . urlencode( $this->mUserName ) ) ) ) . |
| 320 | | - Xml::hidden( 'wpMethod', 'delete' ) . |
| | 346 | + Xml::hidden( 'wpMethod', $action ) . |
| 321 | 347 | Xml::hidden( 'wpEditToken', $wgUser->editToken() ) . |
| 322 | | - wfMsgExt( 'centralauth-admin-delete-description', 'parse' ) . |
| | 348 | + wfMsgExt( "centralauth-admin-{$action}-description", 'parse' ) . |
| 323 | 349 | '<p>' . |
| 324 | | - Xml::label( wfMsgHtml( 'centralauth-admin-reason' ), 'delete-reason' ) . |
| 325 | | - Xml::input( 'reason', false, false, array( 'id' => 'delete-reason' ) ) . |
| | 350 | + Xml::label( wfMsgHtml( 'centralauth-admin-reason' ), "{$action}-reason" ) . ' ' . |
| | 351 | + Xml::input( 'reason', false, false, array( 'id' => "{$action}-reason" ) ) . |
| 326 | 352 | '</p>' . |
| 327 | 353 | '<p>' . |
| 328 | | - Xml::submitButton( wfMsg( 'centralauth-admin-delete-button' ) ) . |
| | 354 | + Xml::submitButton( wfMsg( "centralauth-admin-{$action}-button" ) ) . |
| 329 | 355 | '</p>' . |
| 330 | 356 | '</form>' ); |
| 331 | 357 | } |
| 332 | 358 | |
| 333 | | - function showLockForm() { |
| 334 | | - global $wgOut, $wgUser; |
| 335 | | - $wgOut->addHtml( |
| 336 | | - Xml::element( 'h2', array(), wfMsg( 'centralauth-admin-lock-title' ) ) . |
| 337 | | - Xml::openElement( 'form', array( |
| 338 | | - 'method' => 'POST', |
| 339 | | - 'action' => $this->getTitle()->getFullUrl( 'target=' . urlencode( $this->mUserName ) ) ) ) . |
| 340 | | - Xml::hidden( 'wpMethod', 'lock' ) . |
| 341 | | - Xml::hidden( 'wpEditToken', $wgUser->editToken() ) . |
| 342 | | - wfMsgExt( 'centralauth-admin-lock-description', 'parse' ) . |
| 343 | | - '<p>' . |
| 344 | | - Xml::label( wfMsgHtml( 'centralauth-admin-reason' ), 'lock-reason' ) . |
| 345 | | - Xml::input( 'reason', false, false, array( 'id' => 'lock-reason' ) ) . |
| 346 | | - '</p>' . |
| 347 | | - '<p>' . |
| 348 | | - Xml::submitButton( wfMsg( 'centralauth-admin-lock-button' ) ) . |
| 349 | | - '</p>' . |
| 350 | | - '</form>' ); |
| 351 | | - } |
| 352 | | - |
| 353 | | - function showUnlockForm() { |
| 354 | | - global $wgOut, $wgUser; |
| 355 | | - $wgOut->addHtml( |
| 356 | | - Xml::element( 'h2', array(), wfMsg( 'centralauth-admin-unlock-title' ) ) . |
| 357 | | - Xml::openElement( 'form', array( |
| 358 | | - 'method' => 'POST', |
| 359 | | - 'action' => $this->getTitle()->getFullUrl( 'target=' . urlencode( $this->mUserName ) ) ) ) . |
| 360 | | - Xml::hidden( 'wpMethod', 'unlock' ) . |
| 361 | | - Xml::hidden( 'wpEditToken', $wgUser->editToken() ) . |
| 362 | | - wfMsgExt( 'centralauth-admin-unlock-description', 'parse' ) . |
| 363 | | - '<p>' . |
| 364 | | - Xml::label( wfMsgHtml( 'centralauth-admin-reason' ), 'unlock-reason' ) . |
| 365 | | - Xml::input( 'reason', false, false, array( 'id' => 'unlock-reason' ) ) . |
| 366 | | - '</p>' . |
| 367 | | - '<p>' . |
| 368 | | - Xml::submitButton( wfMsg( 'centralauth-admin-unlock-button' ) ) . |
| 369 | | - '</p>' . |
| 370 | | - '</form>' ); |
| 371 | | - } |
| 372 | | - |
| 373 | 359 | function logAction( $action, $target, $reason = '' ) { |
| 374 | 360 | $log = new LogPage( 'globalauth' ); //Not centralauth because of some weird length limitiations |
| 375 | 361 | $log->addEntry( $action, Title::newFromText( "User:{$target}@global" ), $reason ); |
| Index: trunk/extensions/CentralAuth/CentralAuthHooks.php |
| — | — | @@ -471,4 +471,18 @@ |
| 472 | 472 | } |
| 473 | 473 | return true; |
| 474 | 474 | } |
| | 475 | + |
| | 476 | + static function onGetUserPermissionsErrorsExpensive( $title, $user, $action, &$result ) { |
| | 477 | + if( $action == 'read' || $user->isAnon() ) { |
| | 478 | + return true; |
| | 479 | + } |
| | 480 | + $centralUser = CentralAuthUser::getInstance( $user ); |
| | 481 | + if( !($centralUser->exists() && !$centralUser->isAttached()) ) { |
| | 482 | + return true; |
| | 483 | + } |
| | 484 | + if( $centralUser->isLocked() ) { |
| | 485 | + $result = 'centralauth-error-locked'; |
| | 486 | + return false; |
| | 487 | + } |
| | 488 | + } |
| 475 | 489 | } |
| Index: trunk/extensions/CentralAuth/CentralAuth.i18n.php |
| — | — | @@ -69,6 +69,7 @@ |
| 70 | 70 | 'centralauth-notice-dryrun' => "<div class='successbox'>Demo mode only</div><br clear='all'/>", |
| 71 | 71 | |
| 72 | 72 | 'centralauth-disabled-dryrun' => "Account unification is currently in a demo / debugging mode, so actual merging operations are disabled. Sorry!", |
| | 73 | + 'centralauth-error-locked' => 'You cannot edit because your account is locked.', |
| 73 | 74 | |
| 74 | 75 | // Appended to various messages above |
| 75 | 76 | 'centralauth-readmore-text' => ":''[[meta:Help:Unified login|Read more about '''unified login''']]…''", |
| — | — | @@ -160,7 +161,17 @@ |
| 161 | 162 | 'centralauth-admin-unlock-button' => 'Unlock this account', |
| 162 | 163 | 'centralauth-admin-unlock-success' => 'Successfully unlocked the global account for "<nowiki>$1</nowiki>"', |
| 163 | 164 | 'centralauth-admin-unlock-nonexistent' => 'Error: the global account "<nowiki>$1</nowiki>" does not exist.', |
| 164 | | - 'centralauth-admin-reason' => 'Reason: ', |
| | 165 | + 'centralauth-admin-hide-title' => 'Hide account', |
| | 166 | + 'centralauth-admin-hide-description' => 'Hidden accounts are not shown on [[Special:GlobalUsers]].', |
| | 167 | + 'centralauth-admin-hide-button' => 'Hide this account', |
| | 168 | + 'centralauth-admin-hide-success' => 'Successfully hid the global account for "<nowiki>$1</nowiki>"', |
| | 169 | + 'centralauth-admin-hide-nonexistent' => 'Error: the global account "<nowiki>$1</nowiki>" does not exist.', |
| | 170 | + 'centralauth-admin-unhide-title' => 'Unhide account', |
| | 171 | + 'centralauth-admin-unhide-description' => 'Unhiding account will make it again appear on [[Special:GlobalUsers]].', |
| | 172 | + 'centralauth-admin-unhide-button' => 'Unhide this account', |
| | 173 | + 'centralauth-admin-unhide-success' => 'Successfully unhid the global account for "<nowiki>$1</nowiki>"', |
| | 174 | + 'centralauth-admin-unhide-nonexistent' => 'Error: the global account "<nowiki>$1</nowiki>" does not exist.', |
| | 175 | + 'centralauth-admin-reason' => 'Reason:', |
| 165 | 176 | |
| 166 | 177 | // List of global users |
| 167 | 178 | 'globalusers' => 'Global user list', |
| — | — | @@ -206,6 +217,8 @@ |
| 207 | 218 | 'centralauth-log-entry-delete' => 'deleted global account "<nowiki>$1</nowiki>"', |
| 208 | 219 | 'centralauth-log-entry-lock' => 'locked global account "<nowiki>$1</nowiki>"', |
| 209 | 220 | 'centralauth-log-entry-unlock' => 'unlocked global account "<nowiki>$1</nowiki>"', |
| | 221 | + 'centralauth-log-entry-hide' => 'hid global account "<nowiki>$1</nowiki>"', |
| | 222 | + 'centralauth-log-entry-unhide' => 'unhid global account "<nowiki>$1</nowiki>"', |
| 210 | 223 | |
| 211 | 224 | 'centralauth-rightslog-name' => 'Global rights log', |
| 212 | 225 | 'centralauth-rightslog-entry-usergroups' => 'changed global group membership for $1 from $2 to $3', |