Bug 1061271: Add a hook into Bugzilla::User::check_and_send_account_creation_confirmation()

r=gerv a=glob

Bug 1061271: Add a hook into Bugzilla::User::check_and_send_account_creation_confirmation()
a7b4b1ba · Frédéric Buclin · d96dbf24 · a7b4b1ba · a7b4b1ba · a7b4b1ba
Commit a7b4b1ba authored Feb 26, 2015 by Frédéric Buclin
Hide whitespace changes
Inline Side-by-side

Showing with 43 additions and 1 deletion

Hook.pm Bugzilla/Hook.pm +18 -0

User.pm Bugzilla/User.pm +4 -0

Extension.pm extensions/Example/Extension.pm +21 -1

No files found.
--- a/Bugzilla/Hook.pm
+++ b/Bugzilla/Hook.pm
@@ -1526,6 +1526,24 @@ name), you can get it from here.

 =back

+=head2 user_check_account_creation
+
+This hook permits you to do extra checks before the creation of a new user
+account. This hook is called after email address validation has been done.
+Note that this hook can also access the IP address of the requester thanks
+to the C<remote_ip()> subroutine exported by C<Bugzilla::Util>.
+
+Params:
+
+=over
+
+=item C<login>
+
+The login of the new account. This is usually an email address, unless the
+C<emailsuffix> parameter is not empty.
+
+=back
+
 =head2 user_preferences

 This hook allows you to add additional panels to the User Preferences page,

--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -21,6 +21,7 @@ use Bugzilla::Classification;
 use Bugzilla::Field;
 use Bugzilla::Group;
 use Bugzilla::BugUserLastVisit;
+use Bugzilla::Hook;

 use DateTime::TimeZone;
 use List::Util qw(max);
@@ -2409,6 +2410,9 @@ sub check_and_send_account_creation_confirmation {
        ThrowUserError('account_creation_restricted');
    }

+    # Allow extensions to do extra checks.
+    Bugzilla::Hook::process('user_check_account_creation', { login => $login });
+
    # Create and send a token for this new account.
    require Bugzilla::Token;
    Bugzilla::Token::issue_new_user_account_token($login);

--- a/extensions/Example/Extension.pm
+++ b/extensions/Example/Extension.pm
@@ -18,7 +18,7 @@ use Bugzilla::Error;
 use Bugzilla::Group;
 use Bugzilla::User;
 use Bugzilla::User::Setting;
-use Bugzilla::Util qw(diff_arrays html_quote);
+use Bugzilla::Util qw(diff_arrays html_quote remote_ip);
 use Bugzilla::Status qw(is_open_state);
 use Bugzilla::Install::Filesystem;
 use Bugzilla::WebService::Constants;
@@ -930,6 +930,26 @@ sub template_before_process {
    }
 }

+sub user_check_account_creation {
+    my ($self, $args) = @_;
+
+    my $login = $args->{login};
+    my $ip = remote_ip();
+
+    # Log all requests.
+    warn "USER ACCOUNT CREATION REQUEST FOR $login ($ip)";
+
+    # Reject requests based on their email address.
+    if ($login =~ /\@evil\.com$/) {
+        ThrowUserError('account_creation_restricted');
+    }
+
+    # Reject requests based on their IP address.
+    if ($ip =~ /^192\.168\./) {
+        ThrowUserError('account_creation_restricted');
+    }
+}
+
 sub user_preferences {
    my ($self, $args) = @_;
    my $tab = $args->{current_tab};