We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit 223795a2 authored by Brion Vibber's avatar Brion Vibber

Add config option for RequireValidatedEmail plugin to skip the check for folks...

Add config option for RequireValidatedEmail plugin to skip the check for folks with a trusted OpenID association.
Also added an event that other plugins or local config can use to override the checks.
parent 74a89b1f
......@@ -12,6 +12,20 @@ registered prior to that timestamp.
addPlugin('RequireValidatedEmail',
array('grandfatherCutoff' => 'Dec 7, 2009');
You can also exclude the validation checks from OpenID accounts
connected to a trusted provider, by providing a list of regular
expressions to match their provider URLs.
For example, to trust WikiHow and Wikipedia users:
addPlugin('RequireValidatedEmailPlugin', array(
'trustedOpenIDs' => array(
'!^http://\w+\.wikihow\.com/!',
'!^http://\w+\.wikipedia\.org/!',
),
));
Todo:
* add a more visible indicator that validation is still outstanding
......
......@@ -37,6 +37,20 @@ class RequireValidatedEmailPlugin extends Plugin
// without the validation requirement.
public $grandfatherCutoff=null;
// If OpenID plugin is installed, users with a verified OpenID
// association whose provider URL matches one of these regexes
// will be considered to be sufficiently valid for our needs.
//
// For example, to trust WikiHow and Wikipedia OpenID users:
//
// addPlugin('RequireValidatedEmailPlugin', array(
// 'trustedOpenIDs' => array(
// '!^http://\w+\.wikihow\.com/!',
// '!^http://\w+\.wikipedia\.org/!',
// ),
// ));
public $trustedOpenIDs=array();
function __construct()
{
parent::__construct();
......@@ -90,13 +104,17 @@ class RequireValidatedEmailPlugin extends Plugin
*/
protected function validated($user)
{
if ($this->grandfathered($user)) {
return true;
}
// The email field is only stored after validation...
// Until then you'll find them in confirm_address.
return !empty($user->email);
$knownGood = !empty($user->email) ||
$this->grandfathered($user) ||
$this->hasTrustedOpenID($user);
// Give other plugins a chance to override, if they can validate
// that somebody's ok despite a non-validated email.
Event::handle('RequireValidatedEmailPlugin_Override', array($user, &$knownGood));
return $knownGood;
}
/**
......@@ -118,6 +136,28 @@ class RequireValidatedEmailPlugin extends Plugin
return false;
}
/**
* Override for RequireValidatedEmail plugin. If we have a user who's
* not validated an e-mail, but did come from a trusted provider,
* we'll consider them ok.
*/
function hasTrustedOpenID($user)
{
if ($this->trustedOpenIDs && class_exists('User_openid')) {
foreach ($this->trustedOpenIDs as $regex) {
$oid = new User_openid();
$oid->user_id = $user->id;
$oid->find();
while ($oid->fetch()) {
if (preg_match($regex, $oid->canonical)) {
return true;
}
}
}
}
return false;
}
function onPluginVersion(&$versions)
{
$versions[] = array('name' => 'Require Validated Email',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment