Authx - validate if the user is blocked

civicrm · Oct 7, 2023 · f81a47f · f81a47f
1 parent b82b9ff
commit f81a47f
Show file tree

Hide file tree

Showing 8 changed files with 64 additions and 0 deletions.
diff --git a/ext/authx/Civi/Authx/Authenticator.php b/ext/authx/Civi/Authx/Authenticator.php
@@ -262,6 +262,10 @@ protected function login(AuthenticatorTarget $tgt) {
       return !empty($a) && (string) $a === (string) $b;
     };
 
+    if ($tgt->userId !== NULL && $this->authxUf->getUserIsBlocked($tgt->userId)) {
+      $this->reject('Cannot login. User is blocked.');
+    }
+
     if (\CRM_Core_Session::getLoggedInContactID() || $this->authxUf->getCurrentUserId()) {
       if ($isSameValue(\CRM_Core_Session::getLoggedInContactID(), $tgt->contactId)  && $isSameValue($this->authxUf->getCurrentUserId(), $tgt->userId)) {
         // Already logged in. Post-condition met - but by unusual means.

diff --git a/ext/authx/Civi/Authx/AuthxInterface.php b/ext/authx/Civi/Authx/AuthxInterface.php
@@ -71,4 +71,12 @@ public function loginStateless($userId);
    */
   public function getCurrentUserId();
 
+  /**
+   * Determine the user status, if is blocked or not.
+   *
+   * @param int|string $userId
+   * @return int|NULL
+   */
+  public function getUserIsBlocked($userId);
+
 }
diff --git a/ext/authx/Civi/Authx/Backdrop.php b/ext/authx/Civi/Authx/Backdrop.php
@@ -55,4 +55,12 @@ public function getCurrentUserId() {
     return $user && $user->uid ? $user->uid : NULL;
   }
 
+  /**
+   * @inheritDoc
+   */
+  public function getUserIsBlocked($userId) {
+    // ToDo
+    return FALSE;
+  }
+
 }
diff --git a/ext/authx/Civi/Authx/Drupal.php b/ext/authx/Civi/Authx/Drupal.php
@@ -55,4 +55,12 @@ public function getCurrentUserId() {
     return $user && $user->uid ? $user->uid : NULL;
   }
 
+  /**
+   * @inheritDoc
+   */
+  public function getUserIsBlocked($userId) {
+    // ToDo
+    return FALSE;
+  }
+
 }
diff --git a/ext/authx/Civi/Authx/Drupal8.php b/ext/authx/Civi/Authx/Drupal8.php
@@ -57,4 +57,16 @@ public function getCurrentUserId() {
     return $user && $user->getAccount()->id() ? $user->getAccount()->id() : NULL;
   }
 
+  /**
+   * @inheritDoc
+   */
+  public function getUserIsBlocked($userId) {
+    $user = \Drupal\user\Entity\User::load($userId);
+    // The user will not be blocked if there is no existence.
+    if (!$user) {
+      return FALSE;
+    }
+    return $user->isBlocked();
+  }
+
 }
diff --git a/ext/authx/Civi/Authx/Joomla.php b/ext/authx/Civi/Authx/Joomla.php
@@ -95,4 +95,12 @@ public function getCurrentUserId() {
     return ($user->guest) ? NULL : $user->id;
   }
 
+  /**
+   * @inheritDoc
+   */
+  public function getUserIsBlocked($userId) {
+    // ToDo
+    return FALSE;
+  }
+
 }
diff --git a/ext/authx/Civi/Authx/None.php b/ext/authx/Civi/Authx/None.php
@@ -48,4 +48,12 @@ public function getCurrentUserId() {
     throw new \Exception("Cannot determine active user: Unrecognized user framework");
   }
 
+  /**
+   * @inheritDoc
+   */
+  public function getUserIsBlocked($userId) {
+    // ToDo
+    return FALSE;
+  }
+
 }
diff --git a/ext/authx/Civi/Authx/WordPress.php b/ext/authx/Civi/Authx/WordPress.php
@@ -67,4 +67,12 @@ public function getCurrentUserId() {
     return empty($id) ? NULL : $id;
   }
 
+  /**
+   * @inheritDoc
+   */
+  public function getUserIsBlocked($userId) {
+    // ToDo
+    return FALSE;
+  }
+
 }