DisableOATHForUser.php

Go to the documentation of this file.

<?php
 
namespace MediaWiki\Extension\OATHAuth\Special;
 
use MediaWiki\Extension\OATHAuth\OATHUserRepository;
use MediaWiki\MediaWikiServices;
use MediaWiki\Extension\OATHAuth\IModule;
use MediaWiki\Logger\LoggerFactory;
use FormSpecialPage;
use HTMLForm;
use User;
use UserBlockedError;
use UserNotLoggedIn;
use ConfigException;
use Message;
use MWException;
use ManualLogEntry;
 
class DisableOATHForUser extends FormSpecialPage {
    private $userRepo;
 
    public function __construct() {
        parent::__construct( 'DisableOATHForUser', 'oathauth-disable-for-user' );
 
        $this->userRepo = MediaWikiServices::getInstance()->getService( 'OATHUserRepository' );
    }
 
    public function doesWrites() {
        return true;
    }
 
    protected function getLoginSecurityLevel() {
        return $this->getName();
    }
 
    public function alterForm( HTMLForm $form ) {
        $form->setMessagePrefix( 'oathauth' );
        $form->setWrapperLegend( $this->msg( 'oathauth-disable-header' ) );
        $form->setPreText( $this->msg( 'oathauth-disable-intro' ) );
        $form->getOutput()->setPageTitle( $this->msg( 'oathauth-disable-for-user' ) );
    }
 
    protected function getDisplayFormat() {
        return 'ooui';
    }
 
    public function requiresUnblock() {
        return false;
    }
 
    protected function checkExecutePermissions( User $user ) {
        parent::checkExecutePermissions( $user );
 
        $this->requireLogin();
    }
 
    protected function getFormFields() {
        return [
            'user' => [
                'type' => 'user',
                'default' => '',
                'label-message' => 'oathauth-enteruser',
                'name' => 'user',
                'required' => true,
            ],
            'reason' => [
                'type' => 'text',
                'default' => '',
                'label-message' => 'oathauth-enterreason',
                'name' => 'reason',
                'required' => true,
            ],
        ];
    }
 
    public function onSubmit( array $formData ) {
        $user = User::newFromName( $formData['user'] );
        if ( $user && $user->getId() === 0 ) {
            return [ 'oathauth-user-not-found' ];
        }
        $oathUser = $this->userRepo->findByUser( $user );
 
        if ( !( $oathUser->getModule() instanceof IModule ) ||
            !$oathUser->getModule()->isEnabled( $oathUser ) ) {
            return [ 'oathauth-user-not-does-not-have-oath-enabled' ];
        }
 
        if ( $this->getUser()->pingLimiter( 'disableoath', 0 ) ) {
            // Arbitrary duration given here
            return [ 'oathauth-throttled', Message::durationParam( 60 ) ];
        }
 
        $oathUser->disable();
        $this->userRepo->remove( $oathUser, $this->getRequest()->getIP() );
 
        $logEntry = new ManualLogEntry( 'oath', 'disable-other' );
        $logEntry->setPerformer( $this->getUser() );
        $logEntry->setTarget( $user->getUserPage() );
        $logEntry->setComment( $formData['reason'] );
        $logEntry->insert();
 
        LoggerFactory::getInstance( 'authentication' )->info(
            'OATHAuth disabled for {usertarget} by {user} from {clientip}', [
                'user' => $this->getUser()->getName(),
                'usertarget' => $formData['user'],
                'clientip' => $this->getRequest()->getIP(),
            ]
        );
 
        return true;
    }
 
    public function onSuccess() {
        $this->getOutput()->addWikiMsg( 'oathauth-disabledoath' );
        $this->getOutput()->returnToMain();
    }
 
}