user creation

ext/user/events.php

@@ -20,14 +20,10 @@ class UserBlockBuildingEvent extends Event
 class UserOperationsBuildingEvent extends Event
 {
     public array $parts = [];
-    public User $user;
-    public BaseConfig $user_config;
 
-    public function __construct(User $user, BaseConfig $user_config)
+    public function __construct(public User $user, public BaseConfig $user_config)
     {
         parent::__construct();
-        $this->user = $user;
-        $this->user_config = $user_config;
     }
 
     public function add_html(string $html): void
@@ -38,13 +34,11 @@ class UserOperationsBuildingEvent extends Event
 
 class UserPageBuildingEvent extends Event
 {
-    public User $display_user;
     public array $stats = [];
 
-    public function __construct(User $display_user)
+    public function __construct(public User $display_user)
     {
         parent::__construct();
-        $this->display_user = $display_user;
     }
 
     public function add_stats(string $html, int $position=50)
@@ -58,38 +52,29 @@ class UserPageBuildingEvent extends Event
 
 class UserCreationEvent extends Event
 {
-    public string $username;
+    public function __construct(
-    public string $password;
+        public string $username,
-    public string $email;
+        public string $password,
-    public bool $login;
+        public string $password2,
-
+        public string $email,
-    public function __construct(string $name, string $pass, string $email, bool $login)
+        public bool $login
-    {
+    ) {
         parent::__construct();
-        $this->username = $name;
-        $this->password = $pass;
-        $this->email = $email;
-        $this->login = $login;
     }
 }
 
 class UserLoginEvent extends Event
 {
-    public User $user;
+    public function __construct(public User $user)
-    public function __construct(User $user)
     {
         parent::__construct();
-        $this->user = $user;
     }
 }
 
 class UserDeletionEvent extends Event
 {
-    public int $id;
+    public function __construct(public int $id)
-
-    public function __construct(int $id)
     {
         parent::__construct();
-        $this->id = $id;
     }
 }

ext/user/main.php

@@ -79,7 +79,7 @@ class NullUserException extends SCoreException
 {
 }
 
-#[Type(name: "LoginResult")]
+#[Type]
 class LoginResult
 {
     public function __construct(
@@ -92,11 +92,11 @@ class LoginResult
     ) {
     }
 
-    #[Mutation(name: "login")]
+    #[Mutation]
-    public static function login(string $name, string $pass): LoginResult
+    public static function login(string $username, string $password): LoginResult
     {
         global $config;
-        $duser = User::by_name_and_pass($name, $pass);
+        $duser = User::by_name_and_pass($username, $password);
         if (!is_null($duser)) {
             return new LoginResult(
                 $duser,
@@ -112,7 +112,28 @@ class LoginResult
             );
         }
     }
+
+    #[Mutation]
+    public static function create_user(string $username, string $password1, string $password2, string $email): LoginResult
+    {
+        global $config;
+        try {
+            $uce = send_event(new UserCreationEvent($username, $password1, $password2, $email, true));
+            return new LoginResult(
+                User::by_name($username),
+                UserPage::get_session_id($username),
+                null
+            );
+        } catch (UserCreationException $ex) {
+            return new LoginResult(
+                User::by_id($config->get_int("anon_id", 0)),
+                null,
+                $ex->getMessage()
+            );
+        }
+    }
 }
+
 class UserPage extends Extension
 {
     /** @var UserPageTheme $theme */
@@ -154,7 +175,7 @@ class UserPage extends Extension
             } elseif ($event->get_arg(0) == "create") {
                 $this->page_create();
             } elseif ($event->get_arg(0) == "create_other") {
-                send_event(new UserCreationEvent($_POST['name'], $_POST['pass1'], $_POST['email'], false));
+                send_event(new UserCreationEvent($_POST['name'], $_POST['pass1'], $_POST['pass1'], $_POST['email'], false));
                 $page->set_mode(PageMode::REDIRECT);
                 $page->set_redirect(make_link("admin"));
                 $page->flash("Created new user");
@@ -393,7 +414,36 @@ class UserPage extends Extension
 
     public function onUserCreation(UserCreationEvent $event)
     {
-        $this->check_user_creation($event);
+        $name = $event->username;
+        //$pass = $event->password;
+        //$email = $event->email;
+
+        global $config, $page, $user;
+        if (!$user->can(Permissions::CREATE_USER)) {
+            throw new UserCreationException("Account creation is currently disabled");
+        }
+        if (!$config->get_bool("login_signup_enabled")) {
+            throw new UserCreationException("Account creation is currently disabled");
+        }
+        if (strlen($name) < 1) {
+            throw new UserCreationException("Username must be at least 1 character");
+        }
+        if (!preg_match('/^[a-zA-Z0-9-_]+$/', $name)) {
+            throw new UserCreationException(
+                "Username contains invalid characters. Allowed characters are ".
+                    "letters, numbers, dash, and underscore"
+            );
+        }
+        if (User::by_name($name)) {
+            throw new UserCreationException("That username is already taken");
+        }
+        if (!captcha_check()) {
+            throw new UserCreationException("Error in captcha");
+        }
+        if ($event->password != $event->password2) {
+            throw new UserCreationException("Passwords don't match");
+        }
+
         $new_user = $this->create_user($event);
         if ($event->login) {
             send_event(new UserLoginEvent($new_user));
@@ -533,15 +583,9 @@ class UserPage extends Extension
             $this->theme->display_signups_disabled($page);
         } elseif (!isset($_POST['name'])) {
             $this->theme->display_signup_page($page);
-        } elseif ($_POST['pass1'] != $_POST['pass2']) {
-            $this->theme->display_error(400, "Password Mismatch", "Passwords don't match");
         } else {
             try {
-                if (!captcha_check()) {
+                $uce = send_event(new UserCreationEvent($_POST['name'], $_POST['pass1'], $_POST['pass2'], $_POST['email'], true));
-                    throw new UserCreationException("Error in captcha");
-                }
-
-                $uce = send_event(new UserCreationEvent($_POST['name'], $_POST['pass1'], $_POST['email'], true));
                 $this->set_login_cookie($uce->username);
                 $page->set_mode(PageMode::REDIRECT);
                 $page->set_redirect(make_link("user"));
@@ -551,24 +595,6 @@ class UserPage extends Extension
         }
     }
 
-    private function check_user_creation(UserCreationEvent $event): void
-    {
-        $name = $event->username;
-        //$pass = $event->password;
-        //$email = $event->email;
-
-        if (strlen($name) < 1) {
-            throw new UserCreationException("Username must be at least 1 character");
-        } elseif (!preg_match('/^[a-zA-Z0-9-_]+$/', $name)) {
-            throw new UserCreationException(
-                "Username contains invalid characters. Allowed characters are ".
-                    "letters, numbers, dash, and underscore"
-            );
-        } elseif (User::by_name($name)) {
-            throw new UserCreationException("That username is already taken");
-        }
-    }
-
     private function create_user(UserCreationEvent $event): User
     {
         global $database;

tests/bootstrap.php

@@ -41,6 +41,7 @@ $config->set_string("thumb_engine", "static");  # GD has less overhead per-call
 $config->set_bool("nice_urls", true);
 send_event(new DatabaseUpgradeEvent());
 send_event(new InitExtEvent());
+$user = User::by_id($config->get_int("anon_id", 0));
 $_tracer->end();
 
 abstract class ShimmiePHPUnitTestCase extends TestCase
@@ -100,7 +101,7 @@ abstract class ShimmiePHPUnitTestCase extends TestCase
     {
         if (is_null(User::by_name($name))) {
             $userPage = new UserPage();
-            $userPage->onUserCreation(new UserCreationEvent($name, $name, "", false));
+            $userPage->onUserCreation(new UserCreationEvent($name, $name, $name, "", false));
             assert(!is_null(User::by_name($name)), "Creation of user $name failed");
         }
     }