From 0a8f7a59f894738d86564874fbabeb1c81f3178d Mon Sep 17 00:00:00 2001 From: Frédéric Buclin Date: Thu, 26 Feb 2015 15:27:30 +0100 Subject: Bug 1061271: Add a hook into Bugzilla::User::check_and_send_account_creation_confirmation() r=gerv a=glob --- Bugzilla/Hook.pm | 18 ++++++++++++++++++ Bugzilla/User.pm | 4 ++++ extensions/Example/Extension.pm | 22 +++++++++++++++++++++- 3 files changed, 43 insertions(+), 1 deletion(-) diff --git a/Bugzilla/Hook.pm b/Bugzilla/Hook.pm index 5abaabc7c..f711907d1 100644 --- a/Bugzilla/Hook.pm +++ b/Bugzilla/Hook.pm @@ -1592,6 +1592,24 @@ name), you can get it from here. =back +=head2 user_check_account_creation + +This hook permits you to do extra checks before the creation of a new user +account. This hook is called after email address validation has been done. +Note that this hook can also access the IP address of the requester thanks +to the C subroutine exported by C. + +Params: + +=over + +=item C + +The login of the new account. This is usually an email address, unless the +C parameter is not empty. + +=back + =head2 user_preferences This hook allows you to add additional panels to the User Preferences page, diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index fa2674366..b28d09323 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -21,6 +21,7 @@ use Bugzilla::Classification; use Bugzilla::Field; use Bugzilla::Group; use Bugzilla::BugUserLastVisit; +use Bugzilla::Hook; use DateTime::TimeZone; use List::Util qw(max); @@ -2417,6 +2418,9 @@ sub check_and_send_account_creation_confirmation { ThrowUserError('account_creation_restricted'); } + # Allow extensions to do extra checks. + Bugzilla::Hook::process('user_check_account_creation', { login => $login }); + # Create and send a token for this new account. require Bugzilla::Token; Bugzilla::Token::issue_new_user_account_token($login); diff --git a/extensions/Example/Extension.pm b/extensions/Example/Extension.pm index 0ab5220a7..a866e85e6 100644 --- a/extensions/Example/Extension.pm +++ b/extensions/Example/Extension.pm @@ -18,7 +18,7 @@ use Bugzilla::Error; use Bugzilla::Group; use Bugzilla::User; use Bugzilla::User::Setting; -use Bugzilla::Util qw(diff_arrays html_quote); +use Bugzilla::Util qw(diff_arrays html_quote remote_ip); use Bugzilla::Status qw(is_open_state); use Bugzilla::Install::Filesystem; use Bugzilla::WebService::Constants; @@ -953,6 +953,26 @@ sub template_before_process { } } +sub user_check_account_creation { + my ($self, $args) = @_; + + my $login = $args->{login}; + my $ip = remote_ip(); + + # Log all requests. + warn "USER ACCOUNT CREATION REQUEST FOR $login ($ip)"; + + # Reject requests based on their email address. + if ($login =~ /\@evil\.com$/) { + ThrowUserError('account_creation_restricted'); + } + + # Reject requests based on their IP address. + if ($ip =~ /^192\.168\./) { + ThrowUserError('account_creation_restricted'); + } +} + sub user_preferences { my ($self, $args) = @_; my $tab = $args->{current_tab}; -- cgit v1.2.3-24-g4f1b