jenkins-bot has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/358169 )
Change subject: Add user interface to manage list of allowed domains
......................................................................
Add user interface to manage list of allowed domains
Using the special page Special:GoogleLoginAllowedDomains, users with the
managegooglelogindomains permission can add and remove domains from the
list of allowed domains, which can be used to login using GoogleLogin.
Bug: T166423
Change-Id: I4c327da3a10d73dfdcb7c6d176ae9aeab744a101
---
M GoogleLogin.alias.php
M extension.json
M i18n/en.json
M i18n/qqq.json
M includes/alloweddomains/MutableAllowedDomainsStore.php
A includes/specials/SpecialGoogleLoginAllowedDomains.php
6 files changed, 142 insertions(+), 2 deletions(-)
Approvals:
Florianschmidtwelzow: Looks good to me, approved
jenkins-bot: Verified
diff --git a/GoogleLogin.alias.php b/GoogleLogin.alias.php
index 68c4b47..ef6986e 100644
--- a/GoogleLogin.alias.php
+++ b/GoogleLogin.alias.php
@@ -12,6 +12,7 @@
'GoogleLogin' => array( 'GoogleLogin', 'Login with Google' ),
'GoogleLoginReturn' => array( 'GoogleLoginReturn', 'GoogleLoginReturn'
),
'ManageGoogleLogin' => array( 'ManageGoogleLogin', 'Manage GoogleLogin
connections' ),
+ 'GoogleLoginAllowedDomains' => array( 'GoogleLoginAllowedDomains' ),
);
/** Arabic (العربية) */
diff --git a/extension.json b/extension.json
index 564fb94..f23cbdd 100644
--- a/extension.json
+++ b/extension.json
@@ -24,7 +24,8 @@
"SpecialPages": {
"GoogleLogin": "GoogleLogin\\Specials\\SpecialGoogleLogin",
"GoogleLoginReturn":
"GoogleLogin\\Specials\\SpecialGoogleLoginReturn",
- "ManageGoogleLogin":
"GoogleLogin\\Specials\\SpecialManageGoogleLogin"
+ "ManageGoogleLogin":
"GoogleLogin\\Specials\\SpecialManageGoogleLogin",
+ "GoogleLoginAllowedDomains":
"GoogleLogin\\Specials\\SpecialGoogleLoginAllowedDomains"
},
"DefaultUserOptions": {
"echo-subscriptions-web-change-googlelogin": true,
@@ -49,6 +50,7 @@
"GoogleLogin\\Specials\\SpecialGoogleLogin":
"includes/specials/SpecialGoogleLogin.php",
"GoogleLogin\\Specials\\SpecialGoogleLoginReturn":
"includes/specials/SpecialGoogleLoginReturn.php",
"GoogleLogin\\Specials\\SpecialManageGoogleLogin":
"includes/specials/SpecialManageGoogleLogin.php",
+ "GoogleLogin\\Specials\\SpecialGoogleLoginAllowedDomains":
"includes/specials/SpecialGoogleLoginAllowedDomains.php",
"GoogleLogin\\GoogleLoginHooks":
"includes/GoogleLogin.hooks.php",
"GoogleLogin\\GoogleUser": "includes/GoogleUser.php",
"GoogleLogin\\Constants": "includes/Constants.php",
diff --git a/i18n/en.json b/i18n/en.json
index 95b57ae..c576b51 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -13,6 +13,7 @@
"googlelogin": "Log in with Google",
"googlelogin-auth-service-name": "Google",
"managegooglelogin": "Manage GoogleLogin connections",
+ "googleloginalloweddomains": "Administrate allowed domains for
GoogleLogin",
"googlelogin-managelegend": "Find user to manage",
"googlelogin-manage-usersubmit": "Manage user",
"googlelogin-manage-user": "You manage the {{GENDER:$1|user}}
<strong>$1</strong>.",
@@ -65,6 +66,12 @@
"googlelogin-change-account-not-linked": "You can not remove a Google
account connection, because your account isn't connected with a Google
account.",
"googlelogin-auth-service-unknown-account": "Unknown Google account",
"googlelogin-access-denied": "Unable to log in. You denied the access
to your Google account information.",
+ "googlelogin-alloweddomains-notmanageable": "Allowed domains an not be
managed using this interface for this wiki. To enable to manage the allowed
domains for GoogleLogin, you need to enable the list to be stored in the
database.",
+ "googlelogin-alloweddomain-terminatebutton": "Remove",
+ "googlelogin-alloweddomain-addlabel": "Add allowed domain",
+ "googlelogin-alloweddomain-added-success": "The domain $1 was
successfully added to the list of allowed domains.",
+ "googlelogin-alloweddomain-removed-success": "The domain $1 was
successfully removed from the list of allowed domains.",
+ "googlelogin-alloweddomain-change-error": "An error occurred during the
change of the list of allowed domains.",
"tag-googlelogin": "[[Special:GoogleLogin|GoogleLogin]]",
"tag-googlelogin-description": "Registrations with this tag were made
with [[Special:GoogleLogin|GoogleLogin]]",
"action-managegooglelogin": "manage GoogleLogin connections",
diff --git a/i18n/qqq.json b/i18n/qqq.json
index eba3279..c5f48a4 100644
--- a/i18n/qqq.json
+++ b/i18n/qqq.json
@@ -20,6 +20,7 @@
"googlelogin-auth-service-name": "The name of the service used to
authenticate an user.",
"managegooglelogin": "Title of Special:ManageGoogleLogin",
"googlelogin-managelegend": "Text used in legend on
Special:ManageGoogleLogin.",
+ "googleloginalloweddomains": "Title of
[[Special:GoogleLoginAllowedDomains]]",
"googlelogin-manage-usersubmit": "Submit text for find user form on
Special:ManageGoogleLogin.",
"googlelogin-manage-user": "Used on Special:ManageGoogleLogin to show,
which user is managed.\n* $1 - The name of the managed user, used for GENDER",
"googlelogin-manage-linked": "Message, that indicates, that the Wiki
user is linked with one or more Google account(s).\n* $1 - Number of Google
accounts (used for PLURAL support only)",
@@ -71,6 +72,12 @@
"googlelogin-change-account-not-linked": "Error message when an user
tries to remove a Google account connection, but the wiki account has no
connected Google accounts.",
"googlelogin-auth-service-unknown-account": "Used in the very rare
case, that the Google ID connected with the MediaWiki User isn't known
anymore.",
"googlelogin-access-denied": "Message returned to the user, when the
access to the Google account information was rejected.",
+ "googlelogin-alloweddomains-notmanageable": "A message that informs the
user, that the list of allowed domains, which can be used to login with
GoogleLogin, can not be changed/managed using the user interface, e.g. because
it is managed using an array in the LocalSettings.php.",
+ "googlelogin-alloweddomain-terminatebutton": "Label of a column with
checkboxes to remove, when selected, a specific allowed domain from the list of
allowed domains.",
+ "googlelogin-alloweddomain-addlabel": "Label of a text field, which can
be used to add a domain to the list of allowed domains.",
+ "googlelogin-alloweddomain-added-success": "Message, which is printed
when a domain was successfully added to the list of allowed
domains.\n\nParameters:\n* $1 - The domain, which was added",
+ "googlelogin-alloweddomain-removed-success": "Message, which is printed
when a domain was successfully removed from the list of allowed
domains.\n\nParameters:\n* $1 - The domain, which was removed",
+ "googlelogin-alloweddomain-change-error": "Error message, which is
printed when a domain could not be added or removed for an unknown reason.",
"tag-googlelogin": "Tag in [[Special:RecentChanges]] for user account
creations made with GoogleLogin.\n\nSee also:\n*
{{msg-mw|Tag-googlelogin-description}}",
"tag-googlelogin-description": "Short description, that account
creations with this tag are made with GoogleLogin.",
"action-managegooglelogin": "Message key for user right
\"managegooglelogin\"\n\n{{doc-action|managegooglelogin}}",
diff --git a/includes/alloweddomains/MutableAllowedDomainsStore.php
b/includes/alloweddomains/MutableAllowedDomainsStore.php
index 1c5116f..1cb61ee 100644
--- a/includes/alloweddomains/MutableAllowedDomainsStore.php
+++ b/includes/alloweddomains/MutableAllowedDomainsStore.php
@@ -9,7 +9,7 @@
*
* @package GoogleLogin\AllowedDomains
*/
-interface MutableAllowedDomainsStore {
+interface MutableAllowedDomainsStore extends AllowedDomainsStore {
/**
* Adds the host of the given EmailDomain to the store.
*
diff --git a/includes/specials/SpecialGoogleLoginAllowedDomains.php
b/includes/specials/SpecialGoogleLoginAllowedDomains.php
new file mode 100644
index 0000000..9e33c03
--- /dev/null
+++ b/includes/specials/SpecialGoogleLoginAllowedDomains.php
@@ -0,0 +1,123 @@
+<?php
+
+namespace GoogleLogin\Specials;
+
+use GoogleLogin\AllowedDomains\AllowedDomainsStore;
+use GoogleLogin\AllowedDomains\EmailDomain;
+use GoogleLogin\AllowedDomains\MutableAllowedDomainsStore;
+use GoogleLogin\Constants;
+use MediaWiki\MediaWikiServices;
+use SpecialPage;
+use HTMLForm;
+
+class SpecialGoogleLoginAllowedDomains extends SpecialPage {
+
+ function __construct() {
+ parent::__construct( 'GoogleLoginAllowedDomains',
'managegooglelogindomains' );
+ $this->listed = true;
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ /**
+ * Special page executer
+ * @param string $par Subpage
+ */
+ function execute( $par ) {
+ $user = $this->getUser();
+ $out = $this->getOutput();
+ if ( !$this->userCanExecute( $user ) ) {
+ $this->displayRestrictionError();
+ return;
+ }
+ $this->setHeaders();
+
+ $formFields = [];
+ /** @var AllowedDomainsStore $allowedDomains */
+ $allowedDomains = MediaWikiServices::getInstance()->getService(
+ Constants::SERVICE_ALLOWED_DOMAINS_STORE );
+ if ( !$allowedDomains || !$allowedDomains instanceof
MutableAllowedDomainsStore ) {
+ $out->addWikiMsg(
'googlelogin-alloweddomains-notmanageable' );
+ return;
+ }
+ if ( $allowedDomains->getAllowedDomains() ) {
+ $formFields['alloweddomains'] = [
+ 'type' => 'checkmatrix',
+ 'columns' => [
+ $this->msg(
'googlelogin-alloweddomain-terminatebutton' )->escaped() => 'ad'
+ ],
+ 'rows' => array_flip(
$allowedDomains->getAllowedDomains() ),
+ 'id' => 'mw-gl-alloweddomain',
+ ];
+ }
+ $formFields['addallowedomain'] = [
+ 'type' => 'text',
+ 'label-message' => 'googlelogin-alloweddomain-addlabel',
+ ];
+ $htmlForm = HTMLForm::factory(
+ 'ooui',
+ $formFields,
+ $this->getContext(),
+ 'googlelogin-allowedomain'
+ );
+ $htmlForm->addHiddenField( 'username', $user->getName() );
+ $htmlForm->setWrapperLegend( '' );
+ $htmlForm->setSubmitCallback( [ $this, 'submitForm' ] );
+ $htmlForm->show();
+ }
+
+ public function submitForm( array $data ) {
+ $out = $this->getOutput();
+ /** @var MutableAllowedDomainsStore $allowedDomains */
+ $allowedDomainsStore =
MediaWikiServices::getInstance()->getService(
+ Constants::SERVICE_ALLOWED_DOMAINS_STORE );
+
+ $requestAdd = null;
+ $requestRemove = null;
+ if ( isset( $data['alloweddomains'] ) ) {
+ $requestRemove = $data['alloweddomains'];
+ }
+ if ( isset( $data['addallowedomain'] ) ) {
+ $requestAdd = $data['addallowedomain'];
+ }
+ if ( isset( $requestRemove ) ) {
+ // terminate the connection
+ $allowedDomains =
$allowedDomainsStore->getAllowedDomains();
+ $error = false;
+ foreach ( $requestRemove as $count => $allowedDomain ) {
+ $id = str_replace( 'ad-', '', $allowedDomain );
+
+ if (
+ isset( $allowedDomains[$id] ) &&
+ $allowedDomainsStore->remove( new
EmailDomain( $allowedDomains[$id] ) )
+ ) {
+ $out->addWikiMsg(
'googlelogin-alloweddomain-removed-success', $allowedDomains[$id] );
+ } else {
+ $out->addWikiMsg(
'googlelogin-alloweddomain-change-error' );
+ $error = true;
+ }
+ }
+ if ( $error ) {
+ return false;
+ }
+ }
+
+ if ( $requestAdd ) {
+ $status = $allowedDomainsStore->add( new EmailDomain(
$requestAdd ) );
+ if ( $status !== -1 ) {
+ $out->addWikiMsg(
'googlelogin-alloweddomain-added-success', $requestAdd );
+ } else {
+ $out->addWikiMsg(
'googlelogin-alloweddomain-change-error' );
+ return false;
+ }
+ }
+ $out->addReturnTo( $this->getPageTitle() );
+ return true;
+ }
+
+ protected function getGroupName() {
+ return 'users';
+ }
+}
--
To view, visit https://gerrit.wikimedia.org/r/358169
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I4c327da3a10d73dfdcb7c6d176ae9aeab744a101
Gerrit-PatchSet: 4
Gerrit-Project: mediawiki/extensions/GoogleLogin
Gerrit-Branch: master
Gerrit-Owner: Florianschmidtwelzow <florian.schmidt.stargatewis...@gmail.com>
Gerrit-Reviewer: Florianschmidtwelzow <florian.schmidt.stargatewis...@gmail.com>
Gerrit-Reviewer: Siebrand <siebr...@kitano.nl>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
