Commit bf8a3c19 authored by Evan Prodromou's avatar Evan Prodromou

disallow login for users without validated email

parent a5154bf6
......@@ -24,6 +24,8 @@
* @package StatusNet
* @author Craig Andrews <candrews@integralblue.com>
* @author Brion Vibber <brion@status.net>
* @author Evan Prodromou <evan@status.net>
* @copyright 2011 StatusNet Inc. http://status.net/
* @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
......@@ -75,6 +77,12 @@ class RequireValidatedEmailPlugin extends Plugin
public $trustedOpenIDs = array();
/**
* Whether or not to disallow login for unvalidated users.
*/
public $disallowLogin = false;
/**
* Event handler for notice saves; rejects the notice
* if user's address isn't validated.
......@@ -246,7 +254,8 @@ class RequireValidatedEmailPlugin extends Plugin
*/
function onUserRightsCheck(Profile $profile, $right, &$result)
{
if ($right == Right::CREATEGROUP) {
if ($right == Right::CREATEGROUP ||
($this->disallowLogin && ($right == Right::WEBLOGIN || $right == Right::API))) {
$user = User::staticGet('id', $profile->id);
if ($user && !$this->validated($user)) {
$result = false;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment