NeoZones
/
pennyspages
mirror of https://github.com/NeoZones/pennyspages


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189
							<?php
/**
 * MediaWiki session user info
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 * @ingroup Session
 */

namespace MediaWiki\Session;

use User;

/**
 * Object holding data about a session's user
 *
 * In general, this class exists for two purposes:
 * - User doesn't distinguish between "anonymous user" and "non-anonymous user
 *   that doesn't exist locally", while we do need to.
 * - We also need the "verified" property described below; tracking it via
 *   another data item to SessionInfo's constructor makes things much more
 *   confusing.
 *
 * A UserInfo may be "verified". This indicates that the creator knows that the
 * request really comes from that user, whether that's by validating OAuth
 * credentials, SSL client certificates, or by having both the user ID and
 * token available from cookies.
 *
 * An "unverified" UserInfo should be used when it's not possible to
 * authenticate the user, e.g. the user ID cookie is set but the user Token
 * cookie isn't. If the Token is available but doesn't match, don't return a
 * UserInfo at all.
 *
 * @ingroup Session
 * @since 1.27
 */
final class UserInfo {
	/** @var bool */
	private $verified = false;

	/** @var User|null */
	private $user = null;

	private function __construct( User $user = null, $verified ) {
		if ( $user && $user->isAnon() && !User::isUsableName( $user->getName() ) ) {
			$this->verified = true;
			$this->user = null;
		} else {
			$this->verified = $verified;
			$this->user = $user;
		}
	}

	/**
	 * Create an instance for an anonymous (i.e. not logged in) user
	 *
	 * Logged-out users are always "verified".
	 *
	 * @return UserInfo
	 */
	public static function newAnonymous() {
		return new self( null, true );
	}

	/**
	 * Create an instance for a logged-in user by ID
	 * @param int $id User ID
	 * @param bool $verified True if the user is verified
	 * @return UserInfo
	 */
	public static function newFromId( $id, $verified = false ) {
		$user = User::newFromId( $id );

		// Ensure the ID actually exists
		$user->load();
		if ( $user->isAnon() ) {
			throw new \InvalidArgumentException( 'Invalid ID' );
		}

		return new self( $user, $verified );
	}

	/**
	 * Create an instance for a logged-in user by name
	 * @param string $name User name (need not exist locally)
	 * @param bool $verified True if the user is verified
	 * @return UserInfo
	 */
	public static function newFromName( $name, $verified = false ) {
		$user = User::newFromName( $name, 'usable' );
		if ( !$user ) {
			throw new \InvalidArgumentException( 'Invalid user name' );
		}
		return new self( $user, $verified );
	}

	/**
	 * Create an instance from an existing User object
	 * @param User $user (need not exist locally)
	 * @param bool $verified True if the user is verified
	 * @return UserInfo
	 */
	public static function newFromUser( User $user, $verified = false ) {
		return new self( $user, $verified );
	}

	/**
	 * Return whether this is an anonymous user
	 * @return bool
	 */
	public function isAnon() {
		return $this->user === null;
	}

	/**
	 * Return whether this represents a verified user
	 * @return bool
	 */
	public function isVerified() {
		return $this->verified;
	}

	/**
	 * Return the user ID
	 * @note Do not use this to test for anonymous users!
	 * @return int
	 */
	public function getId() {
		return $this->user === null ? 0 : $this->user->getId();
	}

	/**
	 * Return the user name
	 * @return string|null
	 */
	public function getName() {
		return $this->user === null ? null : $this->user->getName();
	}

	/**
	 * Return the user token
	 * @return string
	 */
	public function getToken() {
		return $this->user === null || $this->user->getId() === 0 ? '' : $this->user->getToken( false );
	}

	/**
	 * Return a User object
	 * @return User
	 */
	public function getUser() {
		return $this->user === null ? new User : $this->user;
	}

	/**
	 * Return a verified version of this object
	 * @return UserInfo
	 */
	public function verified() {
		return $this->verified ? $this : new self( $this->user, true );
	}

	public function __toString() {
		if ( $this->user === null ) {
			return '<anon>';
		}
		return '<' .
			( $this->verified ? '+' : '-' ) . ':' .
			$this->getId() . ':' . $this->getName() .
			'>';
	}

}