3 * MediaWiki session user info
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
24 namespace MediaWiki\Session
;
29 * Object holding data about a session's user
31 * In general, this class exists for two purposes:
32 * - User doesn't distinguish between "anonymous user" and "non-anonymous user
33 * that doesn't exist locally", while we do need to.
34 * - We also need the "verified" property described below; tracking it via
35 * another data item to SessionInfo's constructor makes things much more
38 * A UserInfo may be "verified". This indicates that the creator knows that the
39 * request really comes from that user, whether that's by validating OAuth
40 * credentials, SSL client certificates, or by having both the user ID and
41 * token available from cookies.
43 * An "unverified" UserInfo should be used when it's not possible to
44 * authenticate the user, e.g. the user ID cookie is set but the user Token
45 * cookie isn't. If the Token is available but doesn't match, don't return a
51 final class UserInfo
{
53 private $verified = false;
58 private function __construct( User
$user = null, $verified ) {
59 if ( $user && $user->isAnon() && !User
::isUsableName( $user->getName() ) ) {
60 $this->verified
= true;
63 $this->verified
= $verified;
69 * Create an instance for an anonymous (i.e. not logged in) user
71 * Logged-out users are always "verified".
75 public static function newAnonymous() {
76 return new self( null, true );
80 * Create an instance for a logged-in user by ID
81 * @param int $id User ID
82 * @param bool $verified True if the user is verified
85 public static function newFromId( $id, $verified = false ) {
86 $user = User
::newFromId( $id );
88 // Ensure the ID actually exists
90 if ( $user->isAnon() ) {
91 throw new \
InvalidArgumentException( 'Invalid ID' );
94 return new self( $user, $verified );
98 * Create an instance for a logged-in user by name
99 * @param string $name User name (need not exist locally)
100 * @param bool $verified True if the user is verified
103 public static function newFromName( $name, $verified = false ) {
104 $user = User
::newFromName( $name, 'usable' );
106 throw new \
InvalidArgumentException( 'Invalid user name' );
108 return new self( $user, $verified );
112 * Create an instance from an existing User object
113 * @param User $user (need not exist locally)
114 * @param bool $verified True if the user is verified
117 public static function newFromUser( User
$user, $verified = false ) {
118 return new self( $user, $verified );
122 * Return whether this is an anonymous user
125 public function isAnon() {
126 return $this->user
=== null;
130 * Return whether this represents a verified user
133 public function isVerified() {
134 return $this->verified
;
139 * @note Do not use this to test for anonymous users!
142 public function getId() {
143 return $this->user
=== null ?
0 : $this->user
->getId();
147 * Return the user name
148 * @return string|null
150 public function getName() {
151 return $this->user
=== null ?
null : $this->user
->getName();
155 * Return the user token
158 public function getToken() {
159 return $this->user
=== null ||
$this->user
->getId() === 0 ?
'' : $this->user
->getToken( false );
163 * Return a User object
166 public function getUser() {
167 return $this->user
=== null ?
new User
: $this->user
;
171 * Return a verified version of this object
174 public function verified() {
175 return $this->verified ?
$this : new self( $this->user
, true );
178 public function __toString() {
179 if ( $this->user
=== null ) {
183 ( $this->verified ?
'+' : '-' ) . ':' .
184 $this->getId() . ':' . $this->getName() .