events.php 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224
  1. <?php
  2. /**
  3. * All event handler callback functions are handled in this file
  4. */
  5. /**
  6. * Event is called when an user is made admin on the site
  7. *
  8. * @param string $event make_admin
  9. * @param string $type user
  10. * @param ElggUser $user the affected user
  11. *
  12. * @return void
  13. */
  14. function security_tools_make_admin_handler($event, $type, ElggUser $user) {
  15. if (empty($user) || !elgg_instanceof($user, "user")) {
  16. return;
  17. }
  18. $site = elgg_get_site_entity();
  19. $logged_in_user = elgg_get_logged_in_user_entity();
  20. // notify other administrators about this
  21. $setting = elgg_get_plugin_setting("mails_admin_admins", "security_tools");
  22. if ($setting != "no") {
  23. // get all the site administrators
  24. $options = array(
  25. "limit" => false,
  26. "joins" => array("JOIN " . elgg_get_config("dbprefix") . "entity_relationships r ON e.guid = r.guid_one"),
  27. "wheres" => array("(r.relationship = 'member_of_site' AND r.guid_two = " . $site->getGUID() . ")")
  28. );
  29. $admins = elgg_get_admins($options);
  30. // allow other plugins to modify the admins
  31. $params = array(
  32. "event" => "make_admin",
  33. "admins" => $admins,
  34. "user" => $user
  35. );
  36. $admins = elgg_trigger_plugin_hook("notify_admins", "security_tools", $params, $admins);
  37. // if we have administrators left, notify them
  38. if (!empty($admins) && is_array($admins)) {
  39. $subject = elgg_echo("security_tools:notify_admins:make_admin:subject", array($site->name));
  40. $message = elgg_echo("security_tools:notify_admins:make_admin:message", array(
  41. $user->name,
  42. $logged_in_user->name,
  43. $user->getURL(),
  44. $site->url
  45. ));
  46. foreach ($admins as $admin) {
  47. // force notifications to email so nobody misses this
  48. notify_user($admin->getGUID(), $site->getGUID(), $subject, $message, null, "email");
  49. }
  50. }
  51. }
  52. // notify the user about this
  53. $setting = elgg_get_plugin_setting("mails_admin_user", "security_tools");
  54. if ($setting == "yes") {
  55. $notify = true;
  56. // allow other plugins to block this notification
  57. $params = array(
  58. "event" => "make_admin",
  59. "user" => $user,
  60. );
  61. $notify = elgg_trigger_plugin_hook("notify_user", "security_tools", $params, $notify);
  62. if ($notify) {
  63. $subject = elgg_echo("security_tools:notify_user:make_admin:subject", array($site->name));
  64. $message = elgg_echo("security_tools:notify_user:make_admin:message", array(
  65. $user->name,
  66. $logged_in_user->name,
  67. $site->url
  68. ));
  69. notify_user($user->getGUID(), $site->getGUID(), $subject, $message, null, "email");
  70. }
  71. }
  72. }
  73. /**
  74. * Event is called when the admin rights of an user are removed
  75. *
  76. * @param string $event remove_admin
  77. * @param string $type user
  78. * @param ElggUser $user the affected user
  79. *
  80. * @return void
  81. */
  82. function security_tools_remove_admin_handler($event, $type, ElggUser $user) {
  83. if (empty($user) || !elgg_instanceof($user, "user")) {
  84. return;
  85. }
  86. $site = elgg_get_site_entity();
  87. $logged_in_user = elgg_get_logged_in_user_entity();
  88. // notify other administrators about this
  89. $setting = elgg_get_plugin_setting("mails_admin_admins", "security_tools");
  90. if ($setting != "no") {
  91. // get all the site administrators
  92. $options = array(
  93. "limit" => false,
  94. "joins" => array("JOIN " . elgg_get_config("dbprefix") . "entity_relationships r ON e.guid = r.guid_one"),
  95. "wheres" => array(
  96. "(r.relationship = 'member_of_site' AND r.guid_two = " . $site->getGUID() . ")",
  97. "(e.guid <> " . $user->getGUID() . ")"
  98. )
  99. );
  100. $admins = elgg_get_admins($options);
  101. // allow other plugins to modify the admins
  102. $params = array(
  103. "event" => "remove_admin",
  104. "admins" => $admins,
  105. "user" => $user
  106. );
  107. $admins = elgg_trigger_plugin_hook("notify_admins", "security_tools", $params, $admins);
  108. // if we have administrators left, notify them
  109. if (!empty($admins) && is_array($admins)) {
  110. $subject = elgg_echo("security_tools:notify_admins:remove_admin:subject", array($site->name));
  111. $message = elgg_echo("security_tools:notify_admins:remove_admin:message", array(
  112. $user->name,
  113. $logged_in_user->name,
  114. $user->getURL(),
  115. $site->url
  116. ));
  117. foreach ($admins as $admin) {
  118. // force notifications to email so nobody misses this
  119. notify_user($admin->getGUID(), $site->getGUID(), $subject, $message, null, "email");
  120. }
  121. }
  122. }
  123. // notify the user about this
  124. $setting = elgg_get_plugin_setting("mails_admin_user", "security_tools");
  125. if ($setting == "yes") {
  126. $notify = true;
  127. // allow other plugins to block this notification
  128. $params = array(
  129. "event" => "remove_admin",
  130. "user" => $user,
  131. );
  132. $notify = elgg_trigger_plugin_hook("notify_user", "security_tools", $params, $notify);
  133. if ($notify) {
  134. $subject = elgg_echo("security_tools:notify_user:remove_admin:subject", array($site->name));
  135. $message = elgg_echo("security_tools:notify_user:remove_admin:message", array(
  136. $user->name,
  137. $logged_in_user->name
  138. ));
  139. notify_user($user->getGUID(), $site->getGUID(), $subject, $message, null, "email");
  140. }
  141. }
  142. }
  143. /**
  144. * Event to notify a user that he is banned
  145. *
  146. * @param string $event ban
  147. * @param string $type user
  148. * @param ElggUser $user the affected user
  149. *
  150. * @return void
  151. */
  152. function security_tools_ban_user_handler($event, $type, ElggUser $user) {
  153. if (empty($user) || !elgg_instanceof($user, "user")) {
  154. return;
  155. }
  156. // should we notify the user about this
  157. $setting = elgg_get_plugin_setting("mails_banned", "security_tools");
  158. if ($setting != "yes") {
  159. return;
  160. }
  161. $site = elgg_get_site_entity();
  162. $subject = elgg_echo("security_tools:notify_user:ban:subject", array($site->name));
  163. $message = elgg_echo("security_tools:notify_user:ban:message", array(
  164. $user->name,
  165. $site->name
  166. ));
  167. notify_user($user->getGUID(), $site->getGUID(), $subject, $message, null, "email");
  168. }
  169. /**
  170. * Event to notify a user that he is unbanned
  171. *
  172. * @param string $event unban
  173. * @param string $type user
  174. * @param ElggUser $user the affected user
  175. *
  176. * @return void
  177. */
  178. function security_tools_unban_user_handler($event, $type, ElggUser $user) {
  179. if (empty($user) || !elgg_instanceof($user, "user")) {
  180. return;
  181. }
  182. // should we notify the user about this
  183. $setting = elgg_get_plugin_setting("mails_banned", "security_tools");
  184. if ($setting != "yes") {
  185. return;
  186. }
  187. $site = elgg_get_site_entity();
  188. $subject = elgg_echo("security_tools:notify_user:unban:subject", array($site->name));
  189. $message = elgg_echo("security_tools:notify_user:unban:message", array(
  190. $user->name,
  191. $site->name,
  192. $site->url
  193. ));
  194. notify_user($user->getGUID(), $site->getGUID(), $subject, $message, null, "email");
  195. }