anon-ghost mode, and ghosts can't sign up for accounts

2019-11-28 21:32:18 +00:00 · 2019-11-28 21:32:18 +00:00 · 30b85f58db
commit 30b85f58db
parent 26e24c8988
6 changed files with 92 additions and 72 deletions
--- a/composer.lock
+++ b/composer.lock
@ -388,12 +388,12 @@
            "source": {
                "type": "git",
                "url": "https://github.com/shish/microcrud.git",
-                "reference": "6471a4c7445e872282f12d1de3730db55d5c06e2"
+                "reference": "7c917baa46f137c5e0f6bd4d9874b1c61014797e"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/shish/microcrud/zipball/6471a4c7445e872282f12d1de3730db55d5c06e2",
-                "reference": "6471a4c7445e872282f12d1de3730db55d5c06e2",
+                "url": "https://api.github.com/repos/shish/microcrud/zipball/7c917baa46f137c5e0f6bd4d9874b1c61014797e",
+                "reference": "7c917baa46f137c5e0f6bd4d9874b1c61014797e",
                "shasum": ""
            },
            "require": {
@ -429,7 +429,7 @@
                "crud",
                "generator"
            ],
-            "time": "2019-11-28T15:53:53+00:00"
+            "time": "2019-11-28T21:02:52+00:00"
        },
        {
            "name": "shish/microhtml",
--- a/core/permissions.php
+++ b/core/permissions.php
@ -13,6 +13,7 @@ abstract class Permissions
    public const VIEW_IP = "view_ip";         # view IP addresses associated with things
    public const BAN_IP = "ban_ip";

+    public const CREATE_USER = "create_user";
    public const EDIT_USER_NAME = "edit_user_name";
    public const EDIT_USER_PASSWORD = "edit_user_password";
    public const EDIT_USER_INFO = "edit_user_info";  # email address, etc
--- a/core/userclass.php
+++ b/core/userclass.php
@ -83,6 +83,7 @@ new UserClass("base", null, [
    Permissions::VIEW_IP => false,         # view IP addresses associated with things
    Permissions::BAN_IP => false,

+    Permissions::CREATE_USER => false,
    Permissions::EDIT_USER_NAME => false,
    Permissions::EDIT_USER_PASSWORD => false,
    Permissions::EDIT_USER_INFO => false,  # email address, etc
@ -163,6 +164,7 @@ new UserClass("ghost", "base", [
 // Anonymous users can't do anything by default, but
 // the admin might grant them some permissions
 new UserClass("anonymous", "base", [
+    Permissions::CREATE_USER => true,
 ]);

 new UserClass("user", "base", [
--- a/ext/ipban/main.php
+++ b/ext/ipban/main.php
@ -21,10 +21,16 @@ class IPBanTable extends Table
 			) AS tbl1
 		";

-        $this->size = 10;
+        $this->size = 100;
+        $this->limit = 1000000;
        $this->columns = [
            new InetColumn("ip", "IP"),
-            new EnumColumn("mode", "Mode", ["Block"=>"block", "Firewall"=>"firewall", "Ghost"=>"ghost"]),
+            new EnumColumn("mode", "Mode", [
+                "Block"=>"block",
+                "Firewall"=>"firewall",
+                "Ghost"=>"ghost",
+                "Anon Ghost"=>"anon-ghost"
+            ]),
            new TextColumn("reason", "Reason"),
            new StringColumn("banner", "Banner"),
            new DateColumn("added", "Added"),
@ -37,7 +43,7 @@ class IPBanTable extends Table
        $this->create_url = make_link("ip_ban/create");
        $this->delete_url = make_link("ip_ban/delete");

-		$this->table_attrs = ["class" => "sortable zebra"];
+        $this->table_attrs = ["class" => "zebra"];
    }
 }

@ -119,8 +125,7 @@ class IPBan extends Extension
        $active_ban_id = null;
        if (isset($ips[$remote])) {
            $active_ban_id = $ips[$remote];
-        }
-		else {
+        } else {
            foreach ($networks as $range => $ban_id) {
                if (ip_in_range($remote, $range)) {
                    $active_ban_id = $ban_id;
@ -149,6 +154,13 @@ class IPBan extends Extension
                $b->is_content = false;
                $page->add_block($b);
                $event->user->class = $_shm_user_classes["ghost"];
+            } elseif ($row["mode"] == "anon-ghost") {
+                if ($event->user->is_anonymous()) {
+                    $b = new Block(null, $msg, "main", 0);
+                    $b->is_content = false;
+                    $page->add_block($b);
+                    $event->user->class = $_shm_user_classes["ghost"];
+                }
            } else {
                header("HTTP/1.0 403 Forbidden");
                print "$msg";
--- a/ext/user/main.php
+++ b/ext/user/main.php
@ -397,7 +397,12 @@ class UserPage extends Extension

    private function page_create()
    {
-        global $config, $page;
+        global $config, $page, $user;
+        if ($user->can(Permissions::CREATE_USER)) {
+            $this->theme->display_error(403, "Account creation blocked", "Account creation is currently disabled");
+            return;
+        }
+
        if (!$config->get_bool("login_signup_enabled")) {
            $this->theme->display_signups_disabled($page);
        } elseif (!isset($_POST['name'])) {
--- a/ext/user/theme.php
+++ b/ext/user/theme.php
@ -167,7 +167,7 @@ class UserPageTheme extends Themelet

    public function display_login_block(Page $page)
    {
-        global $config;
+        global $config, $user;
        $html = '
 			'.make_form(make_link("user_admin/login"))."
 				<table style='width: 100%;' class='form'>
@ -187,7 +187,7 @@ class UserPageTheme extends Themelet
 				</table>
 			</form>
 		";
-        if ($config->get_bool("login_signup_enabled")) {
+        if ($config->get_bool("login_signup_enabled") && $user->can(Permissions::CREATE_USER)) {
            $html .= "<small><a href='".make_link("user_admin/create")."'>Create Account</a></small>";
        }
        $page->add_block(new Block("Login", $html, "left", 90));