Make topic subscriptions unavailable to temp users

Bug: T332432 Change-Id: Icf91f0900ef3435cf3e9eedcf983e61ad9aeea69
2024-11-27 17:51:09 +00:00 · 2023-06-02 21:11:36 +02:00 · 2023-06-02 21:11:36 +02:00 · b405fd9b40
parent 648e11dab1
commit b405fd9b40
8 changed files with 19 additions and 12 deletions
--- a/includes/Actions/SubscribeAction.php
+++ b/includes/Actions/SubscribeAction.php
@ -156,7 +156,7 @@ class SubscribeAction extends FormAction {
 	 */
 	protected function checkCanExecute( User $user ) {
 		// Must be logged in
-		if ( $user->isAnon() ) {
+		if ( !$user->isNamed() ) {
 			throw new UserNotLoggedIn();
 		}

--- a/includes/Actions/UnsubscribeAction.php
+++ b/includes/Actions/UnsubscribeAction.php
@ -158,7 +158,7 @@ class UnsubscribeAction extends FormAction {
 	 */
 	protected function checkCanExecute( User $user ) {
 		// Must be logged in
-		if ( $user->isAnon() ) {
+		if ( !$user->isNamed() ) {
 			throw new UserNotLoggedIn();
 		}

--- a/includes/ApiDiscussionToolsGetSubscriptions.php
+++ b/includes/ApiDiscussionToolsGetSubscriptions.php
@ -26,7 +26,7 @@ class ApiDiscussionToolsGetSubscriptions extends ApiBase {
 	 */
 	public function execute() {
 		$user = $this->getUser();
-		if ( !$user->isRegistered() ) {
+		if ( !$user->isNamed() ) {
 			$this->dieWithError( 'apierror-mustbeloggedin-generic', 'notloggedin' );
 		}

--- a/includes/ApiDiscussionToolsSubscribe.php
+++ b/includes/ApiDiscussionToolsSubscribe.php
@ -27,7 +27,7 @@ class ApiDiscussionToolsSubscribe extends ApiBase {
 	 */
 	public function execute() {
 		$user = $this->getUser();
-		if ( !$user->isRegistered() ) {
+		if ( !$user->isNamed() ) {
 			$this->dieWithError( 'apierror-mustbeloggedin-generic', 'notloggedin' );
 		}

--- a/includes/Hooks/HookUtils.php
+++ b/includes/Hooks/HookUtils.php
@ -213,10 +213,12 @@ class HookUtils {
 		$services = MediaWikiServices::getInstance();
 		$dtConfig = $services->getConfigFactory()->makeConfig( 'discussiontools' );

+		$userNameUtils = $services->getUserNameUtils();
 		if (
 			( $feature === static::TOPICSUBSCRIPTION || $feature === static::AUTOTOPICSUB ) &&
 			// Users must be logged in to use topic subscription, and Echo must be installed (T322498)
-			( !$user->isRegistered() || !ExtensionRegistry::getInstance()->isLoaded( 'Echo' ) )
+			( !$user->isRegistered() || $userNameUtils->isTemp( $user->getName() ) ||
+				!ExtensionRegistry::getInstance()->isLoaded( 'Echo' ) )
 		) {
 			return false;
 		}
@ -458,7 +460,7 @@ class HookUtils {
 				$feature === static::SOURCEMODETOOLBAR ||
 				// Even though mobile ignores user preferences, TOPICSUBSCRIPTION must
 				// still be disabled if the user isn't registered.
-				( $feature === static::TOPICSUBSCRIPTION && $output->getUser()->isRegistered() ) ||
+				( $feature === static::TOPICSUBSCRIPTION && $output->getUser()->isNamed() ) ||
 				$feature === static::VISUALENHANCEMENTS ||
 				$feature === static::VISUALENHANCEMENTS_REPLY ||
 				$feature === static::VISUALENHANCEMENTS_PAGEFRAME;
--- a/includes/ServiceWiring.php
+++ b/includes/ServiceWiring.php
@ -32,7 +32,8 @@ return [
 			$services->getConfigFactory(),
 			$services->getDBLoadBalancerFactory(),
 			$services->getReadOnlyMode(),
-			$services->getUserFactory()
+			$services->getUserFactory(),
+			$services->getUserNameUtils()
 		);
 	},
 	'DiscussionTools.ThreadItemStore' => static function ( MediaWikiServices $services ): ThreadItemStore {
--- a/includes/SpecialTopicSubscriptions.php
+++ b/includes/SpecialTopicSubscriptions.php
@ -26,7 +26,7 @@ class SpecialTopicSubscriptions extends SpecialPage {
 	 * @throws ErrorPageError
 	 */
 	public function execute( $subpage ) {
-		$this->requireLogin();
+		$this->requireNamedUser();

 		parent::execute( $subpage );

--- a/includes/SubscriptionStore.php
+++ b/includes/SubscriptionStore.php
@ -7,6 +7,7 @@ use ConfigFactory;
 use MediaWiki\Linker\LinkTarget;
 use MediaWiki\User\UserFactory;
 use MediaWiki\User\UserIdentity;
+use MediaWiki\User\UserNameUtils;
 use ReadOnlyMode;
 use stdClass;
 use TitleValue;
@ -28,17 +29,20 @@ class SubscriptionStore {
 	private IConnectionProvider $dbProvider;
 	private ReadOnlyMode $readOnlyMode;
 	private UserFactory $userFactory;
+	private UserNameUtils $userNameUtils;

 	public function __construct(
 		ConfigFactory $configFactory,
 		IConnectionProvider $dbProvider,
 		ReadOnlyMode $readOnlyMode,
-		UserFactory $userFactory
+		UserFactory $userFactory,
+		UserNameUtils $userNameUtils
 	) {
 		$this->config = $configFactory->makeConfig( 'discussiontools' );
 		$this->dbProvider = $dbProvider;
 		$this->readOnlyMode = $readOnlyMode;
 		$this->userFactory = $userFactory;
+		$this->userNameUtils = $userNameUtils;
 	}

 	/**
@ -98,7 +102,7 @@ class SubscriptionStore {
 		array $options = []
 	): array {
 		// Only a registered user can be subscribed
-		if ( !$user->isRegistered() ) {
+		if ( !$user->isRegistered() || $this->userNameUtils->isTemp( $user->getName() ) ) {
 			return [];
 		}

@ -207,7 +211,7 @@ class SubscriptionStore {
 			return false;
 		}
 		// Only a registered user can subscribe
-		if ( !$user->isRegistered() ) {
+		if ( !$user->isRegistered() || $this->userNameUtils->isTemp( $user->getName() ) ) {
 			return false;
 		}
 		$dbw = $this->dbProvider->getPrimaryDatabase();
@ -244,7 +248,7 @@ class SubscriptionStore {
 			return false;
 		}
 		// Only a registered user can subscribe
-		if ( !$user->isRegistered() ) {
+		if ( !$user->isRegistered() || $this->userNameUtils->isTemp( $user->getName() ) ) {
 			return false;
 		}
 		$dbw = $this->dbProvider->getPrimaryDatabase();