From a2db1205d01b3e5685aee6af5a666356ab8b7efa Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 08:53:57 +0200 Subject: [PATCH 01/32] Added migration file --- .../2022-12-13-200557_add_ban_columns.php | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 src/Database/Migrations/2022-12-13-200557_add_ban_columns.php diff --git a/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php b/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php new file mode 100644 index 000000000..ab55705ac --- /dev/null +++ b/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php @@ -0,0 +1,45 @@ +tables = $authConfig->tables; + } + + public function up(): void + { + // Users Table + $fields = [ + 'banned' => ['type' => 'tinyint', 'after' => 'active', 'constraint' => 1, 'null' => false, 'default' => 0], + 'ban_message' => ['type' => 'varchar', 'after' => 'banned', 'constraint' => 255, 'null' => true], + ]; + + $this->forge->addColumn($this->tables['users'], $fields); + } + + // -------------------------------------------------------------------- + + public function down(): void + { + $this->forge->dropColumn($this->tables['users'], 'banned'); + $this->forge->dropColumn($this->tables['users'], 'ban_message'); + } +} From 0293227d17208217ec6d2f9e5cee658b25f38b44 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 09:06:37 +0200 Subject: [PATCH 02/32] Added new feilds to the UserModel --- src/Models/UserModel.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Models/UserModel.php b/src/Models/UserModel.php index ab5eb49c2..a04cd93d4 100644 --- a/src/Models/UserModel.php +++ b/src/Models/UserModel.php @@ -26,6 +26,8 @@ class UserModel extends BaseModel 'status', 'status_message', 'active', + 'banned', + 'ban_message', 'last_active', 'deleted_at', ]; From 9886eb422e8df2f1ae551f3485b9310478037f68 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 09:37:50 +0200 Subject: [PATCH 03/32] Added methods to modify the ban status of a user --- src/Authorization/Traits/Authorizable.php | 35 +++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/src/Authorization/Traits/Authorizable.php b/src/Authorization/Traits/Authorizable.php index 9e3f32ff1..6410a189d 100644 --- a/src/Authorization/Traits/Authorizable.php +++ b/src/Authorization/Traits/Authorizable.php @@ -292,6 +292,32 @@ public function inGroup(string ...$groups): bool return false; } + /** + * Bans the user from logging in. + * + */ + public function ban(?string $reason = null): self + { + $this->banned = '1'; + $this->ban_message = $reason; + $this->modifyBanStatus(); + + return $this; + } + + /** + * Unbans the user and allows them to log in. + * + */ + public function unBan(): self + { + $this->banned = '0'; + $this->ban_message = null; + $this->modifyBanStatus(); + + return $this; + } + /** * Used internally to populate the User groups * so we hit the database as little as possible. @@ -405,4 +431,13 @@ private function getConfigPermissions(): array ? array_keys(setting('AuthGroups.permissions')) : array_keys(config('AuthGroups')->permissions); } + + /** + * modifies the banned status of the user + */ + private function modifyBanStatus(): void + { + $model = model(UserModel::class); + $model->save($this); + } } From cae90142b347787a6cfd6a9d3e6d20d3bad93b4a Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 09:38:25 +0200 Subject: [PATCH 04/32] Added exception for banned users --- src/Authentication/AuthenticationException.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Authentication/AuthenticationException.php b/src/Authentication/AuthenticationException.php index 68d34ecf5..ced1ff2e4 100644 --- a/src/Authentication/AuthenticationException.php +++ b/src/Authentication/AuthenticationException.php @@ -29,6 +29,11 @@ public static function forInvalidUser(): self return new self(lang('Auth.invalidUser')); } + public static function forBannedUser(): self + { + return new self(lang('Auth.invalidUser')); + } + public static function forNoEntityProvided(): self { return new self(lang('Auth.noUserEntity'), 500); From 1af7fd324e3c72c197cbbe36651cee640904b183 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 09:38:56 +0200 Subject: [PATCH 05/32] Added banned user checks on access tokens --- src/Authentication/Authenticators/AccessTokens.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/Authentication/Authenticators/AccessTokens.php b/src/Authentication/Authenticators/AccessTokens.php index 905033a7f..fc41a0815 100644 --- a/src/Authentication/Authenticators/AccessTokens.php +++ b/src/Authentication/Authenticators/AccessTokens.php @@ -65,6 +65,15 @@ public function attempt(array $credentials): Result $user = $result->extraInfo(); + if ($user->banned) { + $this->user = null; + + return new Result([ + 'success' => false, + 'reason' => $user->ban_message ?? lang('Auth.bannedUser'), + ]); + } + $user = $user->setAccessToken( $user->getAccessToken($this->getBearerToken()) ); From 2bb6a4ffc6e58db45ea7c8b350eb4473c1b65e8f Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 09:39:36 +0200 Subject: [PATCH 06/32] Added banned user checks on attempting to log in --- src/Authentication/Authenticators/Session.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/Authentication/Authenticators/Session.php b/src/Authentication/Authenticators/Session.php index 4f09b784e..1419bac13 100644 --- a/src/Authentication/Authenticators/Session.php +++ b/src/Authentication/Authenticators/Session.php @@ -147,7 +147,17 @@ public function attempt(array $credentials): Result /** @var User $user */ $user = $result->extraInfo(); + if ($user->banned) { + $this->user = null; + + return new Result([ + 'success' => false, + 'reason' => $user->ban_message ?? lang('Auth.bannedUser'), + ]); + } + $this->user = $user; + // Update the user's last used date on their password identity. $user->touchIdentity($user->getEmailIdentity()); @@ -527,6 +537,15 @@ public function isPending(): bool return $this->userState === self::STATE_PENDING; } + /** + * Checks if the user is currently banned. + * Their account needs to be unbanned. + */ + public function isBanned(): bool + { + return (bool)$this->getUser()->banned; + } + /** * Checks if the visitor is anonymous. The user's id is unknown. * They are not logged in, are not in pending login state. From d40e0909b877e2d3f6552b220a847ae1c6d61eeb Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 09:45:33 +0200 Subject: [PATCH 07/32] Added language translations for banned user --- src/Language/de/Auth.php | 2 ++ src/Language/en/Auth.php | 2 ++ src/Language/es/Auth.php | 2 ++ src/Language/fa/Auth.php | 2 ++ src/Language/fr/Auth.php | 2 ++ src/Language/id/Auth.php | 2 ++ src/Language/it/Auth.php | 2 ++ src/Language/ja/Auth.php | 2 ++ src/Language/pt-BR/Auth.php | 2 ++ src/Language/sk/Auth.php | 2 ++ src/Language/tr/Auth.php | 2 ++ 11 files changed, 22 insertions(+) diff --git a/src/Language/de/Auth.php b/src/Language/de/Auth.php index 1afb6f91b..47af57b0c 100644 --- a/src/Language/de/Auth.php +++ b/src/Language/de/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} ist kein gültiger Authentifikator.', 'unknownUserProvider' => 'Der zu verwendende User Provider konnte nicht ermittelt werden.', 'invalidUser' => 'Der angegebene Benutzer kann nicht gefunden werden.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'Sie konnten nicht angemeldet werden. Bitte überprüfen Sie Ihre Anmeldedaten.', 'noPassword' => 'Kann einen Benutzer ohne Passwort nicht validieren.', 'invalidPassword' => 'Sie können nicht angemeldet werden. Bitte überprüfen Sie Ihr Passwort.', diff --git a/src/Language/en/Auth.php b/src/Language/en/Auth.php index 1e58cc6e0..ac75d3315 100644 --- a/src/Language/en/Auth.php +++ b/src/Language/en/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} is not a valid authenticator.', 'unknownUserProvider' => 'Unable to determine the User Provider to use.', 'invalidUser' => 'Unable to locate the specified user.', + 'bannedUser' => 'Can not log you in as you are currently banned.', + 'logOutBannedUser' => 'You have been logged out because you have been banned.', 'badAttempt' => 'Unable to log you in. Please check your credentials.', 'noPassword' => 'Cannot validate a user without a password.', 'invalidPassword' => 'Unable to log you in. Please check your password.', diff --git a/src/Language/es/Auth.php b/src/Language/es/Auth.php index 869b0853f..6c0970f16 100644 --- a/src/Language/es/Auth.php +++ b/src/Language/es/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} no es un handler válido.', 'unknownUserProvider' => 'No podemos determinar que Proveedor de Usuarios usar.', 'invalidUser' => 'No podemos localizar este usuario.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'No puedes entrar. Por favor, comprueba tus creenciales.', 'noPassword' => 'No se puede validar un usuario sin una contraseña.', 'invalidPassword' => 'No uedes entrar. Por favor, comprueba tu contraseña.', diff --git a/src/Language/fa/Auth.php b/src/Language/fa/Auth.php index 62a80d8e5..b2e99cf5f 100644 --- a/src/Language/fa/Auth.php +++ b/src/Language/fa/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} احراز هویت معتبری نمی باشد.', 'unknownUserProvider' => 'قادر به تعیین ارائه دهنده کاربر برای استفاده نیست.', 'invalidUser' => 'قادر به پیداکردن کاربر مشخص شده نیست', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'امکان ورود به سیستم نیست. لطفا اعتبارنامه خود را بررسی کنید.', 'noPassword' => 'تایید کاربر بدون رمز عبور ممکن نیست.', 'invalidPassword' => 'ناتوان در ورود به سیستم. لطفا رمز عبور خود را بررسی کنید.', diff --git a/src/Language/fr/Auth.php b/src/Language/fr/Auth.php index ee80e4d0e..9b7b7f263 100644 --- a/src/Language/fr/Auth.php +++ b/src/Language/fr/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} n\'est pas un authentificateur valide.', 'unknownUserProvider' => 'Impossible de déterminer le User Provider à utiliser.', 'invalidUser' => 'Impossible de trouver l\'utilisateur.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'Connexion impossible. Veuillez vérifier les informations saisies.', 'noPassword' => 'Impossible de valider un utilisateur sans mot de passe.', 'invalidPassword' => 'Connexion impossible. Veuillez vérifier votre mot de passe.', diff --git a/src/Language/id/Auth.php b/src/Language/id/Auth.php index b5afa7918..b71c9a477 100644 --- a/src/Language/id/Auth.php +++ b/src/Language/id/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} bukan otentikator yang sah.', 'unknownUserProvider' => 'Tidak dapat menentukan Penyedia Pengguna yang akan digunakan.', 'invalidUser' => 'Tidak dapat menemukan pengguna yang spesifik.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'Anda tidak dapat masuk. Harap periksa kredensial Anda.', 'noPassword' => 'Tidak dapat memvalidasi pengguna tanpa kata sandi.', 'invalidPassword' => 'Anda tidak dapat masuk. Harap periksa kata sandi Anda.', diff --git a/src/Language/it/Auth.php b/src/Language/it/Auth.php index d3fb2b432..d9cd2e4a6 100644 --- a/src/Language/it/Auth.php +++ b/src/Language/it/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} non è un autenticatore valido.', 'unknownUserProvider' => 'Impossibile determinare lo User Provider da usare.', 'invalidUser' => 'Impossibile trovere l\'utente specificato.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'Impossibile accedere. Si prega di verificare le proprie credenziali.', 'noPassword' => 'Impossibile validare un utente senza una password.', 'invalidPassword' => 'Impossibile accedere. Si prega di verificare la propria password.', diff --git a/src/Language/ja/Auth.php b/src/Language/ja/Auth.php index eff2edccf..3f03f9848 100644 --- a/src/Language/ja/Auth.php +++ b/src/Language/ja/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} は有効なオーセンティケーターではありません。', // '{0} is not a valid authenticator.', 'unknownUserProvider' => '使用するユーザープロバイダーを決定できません。', // 'Unable to determine the User Provider to use.', 'invalidUser' => '指定されたユーザーを見つけることができません。', // 'Unable to locate the specified user.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'ログインできません。認証情報を確認してください。', // 'Unable to log you in. Please check your credentials.', 'noPassword' => 'パスワードのないユーザーは認証できません。', // 'Cannot validate a user without a password.', 'invalidPassword' => 'ログインできません。パスワードを確認してください。', // 'Unable to log you in. Please check your password.', diff --git a/src/Language/pt-BR/Auth.php b/src/Language/pt-BR/Auth.php index 7e078617a..2feb6a2df 100644 --- a/src/Language/pt-BR/Auth.php +++ b/src/Language/pt-BR/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} não é um autenticador válido.', 'unknownUserProvider' => 'Não foi possível determinar o provedor de usuário a ser usado.', 'invalidUser' => 'Não foi possível localizar o usuário especificado.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'Não foi possível fazer login. Por favor, verifique suas credenciais.', 'noPassword' => 'Não é possível validar um usuário sem uma senha.', 'invalidPassword' => 'Não foi possível fazer login. Por favor, verifique sua senha.', diff --git a/src/Language/sk/Auth.php b/src/Language/sk/Auth.php index 74df1dbe6..5a73ba29f 100644 --- a/src/Language/sk/Auth.php +++ b/src/Language/sk/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} nie je platný autentifikátor.', 'unknownUserProvider' => 'Nie je možné určiť poskytovateľa používateľa, ktorý sa má použiť.', 'invalidUser' => 'Nie je možné nájsť zadaného používateľa.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'Prihlásenie zlyhalo. Skontrolujte svoje prihlasovacie údaje.', 'noPassword' => 'Nie je možné overiť používateľa bez hesla.', 'invalidPassword' => 'Prihlásenie zlyhalo. Skontrolujte svoje heslo.', diff --git a/src/Language/tr/Auth.php b/src/Language/tr/Auth.php index 70b924652..56cea0615 100644 --- a/src/Language/tr/Auth.php +++ b/src/Language/tr/Auth.php @@ -7,6 +7,8 @@ 'unknownAuthenticator' => '{0} geçerli bir kimlik doğrulayıcı değil.', 'unknownUserProvider' => 'Kullanılacak Kullanıcı Sağlayıcı belirlenemiyor.', 'invalidUser' => 'Belirtilen kullanıcı bulunamadı.', + 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', + 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', 'badAttempt' => 'Oturumunuz açılamıyor. Lütfen kimlik bilgilerinizi kontrol edin.', 'noPassword' => 'Parola olmadan bir kullanıcı doğrulanamaz.', 'invalidPassword' => 'Oturumunuz açılamıyor. Lütfen şifrenizi kontrol edin.', From ddfed191443e0679a9d980419cc0855f6dca1956 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 09:58:25 +0200 Subject: [PATCH 08/32] Fixed coding standard fail --- src/Authentication/Authenticators/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Authentication/Authenticators/Session.php b/src/Authentication/Authenticators/Session.php index 1419bac13..dd8bf6f69 100644 --- a/src/Authentication/Authenticators/Session.php +++ b/src/Authentication/Authenticators/Session.php @@ -543,7 +543,7 @@ public function isPending(): bool */ public function isBanned(): bool { - return (bool)$this->getUser()->banned; + return (bool) $this->getUser()->banned; } /** From 00654ed83bcc349cc07a1464bb7cbe35b4522582 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 10:00:38 +0200 Subject: [PATCH 09/32] cs fix --- src/Authorization/Traits/Authorizable.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/Authorization/Traits/Authorizable.php b/src/Authorization/Traits/Authorizable.php index 6410a189d..5cbb92f0e 100644 --- a/src/Authorization/Traits/Authorizable.php +++ b/src/Authorization/Traits/Authorizable.php @@ -294,7 +294,6 @@ public function inGroup(string ...$groups): bool /** * Bans the user from logging in. - * */ public function ban(?string $reason = null): self { @@ -307,14 +306,13 @@ public function ban(?string $reason = null): self /** * Unbans the user and allows them to log in. - * */ public function unBan(): self { $this->banned = '0'; $this->ban_message = null; $this->modifyBanStatus(); - + return $this; } From b8625de4d6b3df9001c0e71c0d098248395ef399 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 10:06:57 +0200 Subject: [PATCH 10/32] Added user model to list of imported classes --- src/Authorization/Traits/Authorizable.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/Authorization/Traits/Authorizable.php b/src/Authorization/Traits/Authorizable.php index 5cbb92f0e..38d26df25 100644 --- a/src/Authorization/Traits/Authorizable.php +++ b/src/Authorization/Traits/Authorizable.php @@ -9,6 +9,7 @@ use CodeIgniter\Shield\Exceptions\LogicException; use CodeIgniter\Shield\Models\GroupModel; use CodeIgniter\Shield\Models\PermissionModel; +use CodeIgniter\Shield\Models\UserModel; trait Authorizable { From c9963dd0539ab9d032b331642058f5430797a439 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 10:09:29 +0200 Subject: [PATCH 11/32] Removed extra whitespace --- src/Authentication/Authenticators/Session.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Authentication/Authenticators/Session.php b/src/Authentication/Authenticators/Session.php index dd8bf6f69..24a6e0b28 100644 --- a/src/Authentication/Authenticators/Session.php +++ b/src/Authentication/Authenticators/Session.php @@ -158,7 +158,6 @@ public function attempt(array $credentials): Result $this->user = $user; - // Update the user's last used date on their password identity. $user->touchIdentity($user->getEmailIdentity()); From d6c2425a2872860795f32947e018c2951a10372e Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 11:40:56 +0200 Subject: [PATCH 12/32] ran composer cs-fix --- src/Authentication/Authenticators/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Authentication/Authenticators/Session.php b/src/Authentication/Authenticators/Session.php index 24a6e0b28..e5ce9e85c 100644 --- a/src/Authentication/Authenticators/Session.php +++ b/src/Authentication/Authenticators/Session.php @@ -157,7 +157,7 @@ public function attempt(array $credentials): Result } $this->user = $user; - + // Update the user's last used date on their password identity. $user->touchIdentity($user->getEmailIdentity()); From 5cddb9404d7f29f027df6af46fb69e5bbec4edc7 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 12:26:50 +0200 Subject: [PATCH 13/32] Added a bannable trait --- .../Authenticators/AccessTokens.php | 4 +- src/Authentication/Authenticators/Session.php | 13 +---- src/Authorization/Traits/Authorizable.php | 34 ------------- src/Entities/User.php | 2 + src/Filters/SessionAuth.php | 10 +++- src/Traits/Bannable.php | 50 +++++++++++++++++++ tests/Authorization/AuthorizableTest.php | 20 ++++++++ 7 files changed, 85 insertions(+), 48 deletions(-) create mode 100644 src/Traits/Bannable.php diff --git a/src/Authentication/Authenticators/AccessTokens.php b/src/Authentication/Authenticators/AccessTokens.php index fc41a0815..a09000703 100644 --- a/src/Authentication/Authenticators/AccessTokens.php +++ b/src/Authentication/Authenticators/AccessTokens.php @@ -65,12 +65,12 @@ public function attempt(array $credentials): Result $user = $result->extraInfo(); - if ($user->banned) { + if ($user->isBanned()) { $this->user = null; return new Result([ 'success' => false, - 'reason' => $user->ban_message ?? lang('Auth.bannedUser'), + 'reason' => $user->getBanMessage() ?? lang('Auth.bannedUser'), ]); } diff --git a/src/Authentication/Authenticators/Session.php b/src/Authentication/Authenticators/Session.php index e5ce9e85c..c765f1aa8 100644 --- a/src/Authentication/Authenticators/Session.php +++ b/src/Authentication/Authenticators/Session.php @@ -147,12 +147,12 @@ public function attempt(array $credentials): Result /** @var User $user */ $user = $result->extraInfo(); - if ($user->banned) { + if ($user->isBanned()) { $this->user = null; return new Result([ 'success' => false, - 'reason' => $user->ban_message ?? lang('Auth.bannedUser'), + 'reason' => $user->getBanMessage() ?? lang('Auth.bannedUser'), ]); } @@ -536,15 +536,6 @@ public function isPending(): bool return $this->userState === self::STATE_PENDING; } - /** - * Checks if the user is currently banned. - * Their account needs to be unbanned. - */ - public function isBanned(): bool - { - return (bool) $this->getUser()->banned; - } - /** * Checks if the visitor is anonymous. The user's id is unknown. * They are not logged in, are not in pending login state. diff --git a/src/Authorization/Traits/Authorizable.php b/src/Authorization/Traits/Authorizable.php index 38d26df25..9e3f32ff1 100644 --- a/src/Authorization/Traits/Authorizable.php +++ b/src/Authorization/Traits/Authorizable.php @@ -9,7 +9,6 @@ use CodeIgniter\Shield\Exceptions\LogicException; use CodeIgniter\Shield\Models\GroupModel; use CodeIgniter\Shield\Models\PermissionModel; -use CodeIgniter\Shield\Models\UserModel; trait Authorizable { @@ -293,30 +292,6 @@ public function inGroup(string ...$groups): bool return false; } - /** - * Bans the user from logging in. - */ - public function ban(?string $reason = null): self - { - $this->banned = '1'; - $this->ban_message = $reason; - $this->modifyBanStatus(); - - return $this; - } - - /** - * Unbans the user and allows them to log in. - */ - public function unBan(): self - { - $this->banned = '0'; - $this->ban_message = null; - $this->modifyBanStatus(); - - return $this; - } - /** * Used internally to populate the User groups * so we hit the database as little as possible. @@ -430,13 +405,4 @@ private function getConfigPermissions(): array ? array_keys(setting('AuthGroups.permissions')) : array_keys(config('AuthGroups')->permissions); } - - /** - * modifies the banned status of the user - */ - private function modifyBanStatus(): void - { - $model = model(UserModel::class); - $model->save($this); - } } diff --git a/src/Entities/User.php b/src/Entities/User.php index ca0fc96ae..00a420fe7 100644 --- a/src/Entities/User.php +++ b/src/Entities/User.php @@ -12,6 +12,7 @@ use CodeIgniter\Shield\Models\LoginModel; use CodeIgniter\Shield\Models\UserIdentityModel; use CodeIgniter\Shield\Traits\Activatable; +use CodeIgniter\Shield\Traits\Bannable; use CodeIgniter\Shield\Traits\Resettable; /** @@ -29,6 +30,7 @@ class User extends Entity use HasAccessTokens; use Resettable; use Activatable; + use Bannable; /** * @var UserIdentity[]|null diff --git a/src/Filters/SessionAuth.php b/src/Filters/SessionAuth.php index 294773c7d..ee5d41a29 100644 --- a/src/Filters/SessionAuth.php +++ b/src/Filters/SessionAuth.php @@ -51,10 +51,18 @@ public function before(RequestInterface $request, $arguments = null) // Block inactive users when Email Activation is enabled $user = $authenticator->getUser(); + + if ($user->isBanned()) { + $authenticator->logout(); + + return redirect()->to(config('Auth')->logoutRedirect()) + ->with('error', lang('Auth.logOutBannedUser')); + } + if ($user !== null && ! $user->isActivated()) { $authenticator->logout(); - return redirect()->route('login') + return redirect()->to(config('Auth')->logoutRedirect()) ->with('error', lang('Auth.activationBlocked')); } diff --git a/src/Traits/Bannable.php b/src/Traits/Bannable.php new file mode 100644 index 000000000..628e00a16 --- /dev/null +++ b/src/Traits/Bannable.php @@ -0,0 +1,50 @@ +banned; + } + + /** + * Ban the user from logging in. + * + * @return $this + */ + public function ban(?string $message = null): self + { + $this->banned = '1'; + $this->ban_message = $message; + + return $this; + } + + /** + * Unban the user and allow them to login + * + * @return $this + */ + public function unBan(): self + { + $this->banned = '0'; + $this->ban_message = null; + + return $this; + } + + /** + * Returns the ban message. + */ + public function getBanMessage(): ?string + { + return $this->ban_message; + } +} diff --git a/tests/Authorization/AuthorizableTest.php b/tests/Authorization/AuthorizableTest.php index aeeaeb7c7..d2fb58104 100644 --- a/tests/Authorization/AuthorizableTest.php +++ b/tests/Authorization/AuthorizableTest.php @@ -326,4 +326,24 @@ public function testCreatedAtIfDefaultLocaleSetFaWithAddGroup(): void Locale::setDefault($currentLocale); Time::setTestNow(); } + + public function testBanningUser(): void + { + $this->assertFalse($this->user->isBanned()); + + $this->user->ban(); + + $this->assertTrue($this->user->isBanned()); + } + + public function testUnbanningUser(): void + { + $this->user->ban(); + + $this->assertTrue($this->user->isBanned()); + + $this->user->unBan(); + + $this->assertFalse($this->user->isBanned()); + } } From 28206d1be8729559290f632c86a117211f70dfdd Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 14:24:22 +0200 Subject: [PATCH 14/32] Completed banning logic --- .../2022-12-13-200557_add_ban_columns.php | 6 +++--- src/Entities/User.php | 9 +++++---- src/Models/UserModel.php | 2 +- src/Traits/Bannable.php | 18 +++++++++++++----- 4 files changed, 22 insertions(+), 13 deletions(-) diff --git a/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php b/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php index ab55705ac..325778419 100644 --- a/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php +++ b/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php @@ -28,8 +28,8 @@ public function up(): void { // Users Table $fields = [ - 'banned' => ['type' => 'tinyint', 'after' => 'active', 'constraint' => 1, 'null' => false, 'default' => 0], - 'ban_message' => ['type' => 'varchar', 'after' => 'banned', 'constraint' => 255, 'null' => true], + 'banned' => ['type' => 'tinyint', 'after' => 'active', 'constraint' => 1, 'null' => false, 'default' => 0], + 'banned_message' => ['type' => 'varchar', 'after' => 'banned', 'constraint' => 255, 'null' => true], ]; $this->forge->addColumn($this->tables['users'], $fields); @@ -40,6 +40,6 @@ public function up(): void public function down(): void { $this->forge->dropColumn($this->tables['users'], 'banned'); - $this->forge->dropColumn($this->tables['users'], 'ban_message'); + $this->forge->dropColumn($this->tables['users'], 'banned_message'); } } diff --git a/src/Entities/User.php b/src/Entities/User.php index 00a420fe7..087304c05 100644 --- a/src/Entities/User.php +++ b/src/Entities/User.php @@ -57,10 +57,11 @@ class User extends Entity * @var array */ protected $casts = [ - 'id' => '?integer', - 'active' => 'int_bool', - 'permissions' => 'array', - 'groups' => 'array', + 'id' => '?integer', + 'active' => 'int_bool', + 'banned' => 'int_bool', + 'permissions' => 'array', + 'groups' => 'array', ]; /** diff --git a/src/Models/UserModel.php b/src/Models/UserModel.php index a04cd93d4..93387a1c8 100644 --- a/src/Models/UserModel.php +++ b/src/Models/UserModel.php @@ -27,7 +27,7 @@ class UserModel extends BaseModel 'status_message', 'active', 'banned', - 'ban_message', + 'banned_message', 'last_active', 'deleted_at', ]; diff --git a/src/Traits/Bannable.php b/src/Traits/Bannable.php index 628e00a16..601811e95 100644 --- a/src/Traits/Bannable.php +++ b/src/Traits/Bannable.php @@ -21,8 +21,12 @@ public function isBanned(): bool */ public function ban(?string $message = null): self { - $this->banned = '1'; - $this->ban_message = $message; + $this->banned = '1'; + $this->banned_message = $message; + + $users = auth()->getProvider(); + + $users->save($this); return $this; } @@ -34,8 +38,12 @@ public function ban(?string $message = null): self */ public function unBan(): self { - $this->banned = '0'; - $this->ban_message = null; + $this->banned = '0'; + $this->banned_message = null; + + $users = auth()->getProvider(); + + $users->save($this); return $this; } @@ -45,6 +53,6 @@ public function unBan(): self */ public function getBanMessage(): ?string { - return $this->ban_message; + return $this->banned_message; } } From 1bc78de8481f9c8f234dfc0c6c2740f4fbc2a990 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 16:16:10 +0200 Subject: [PATCH 15/32] Added docs for banning feature --- docs/banning_users.md | 89 +++++++++++++++++++++++++++++++++++++++++++ src/Entities/User.php | 10 ++--- 2 files changed, 94 insertions(+), 5 deletions(-) create mode 100644 docs/banning_users.md diff --git a/docs/banning_users.md b/docs/banning_users.md new file mode 100644 index 000000000..c8f1908b0 --- /dev/null +++ b/docs/banning_users.md @@ -0,0 +1,89 @@ + +# Banning Users + + + +Shield provides a way to ban users from your application. This is useful if you need to prevent a user from logging in, or logging them out in the event that they breach your terms of service. + + + +- [Checking if the User is Banned](#check-if-a-user-is-banned) + +- [Banning a User](#banning-a-user) + +- [Unbanning a User](#unbanning-a-user) + +- [Getting the Reason for Ban ](#getting-the-reason-for-ban) + + + +### Check if a User is Banned + + + +You can check if a user is banned using `isBanned()` method on the `User` entity. The method returns a boolean `true`/`false`. + + + +```php + +if ($user->isBanned()) { + +//... + +} + +``` + + + +### Banning a User + + + +To ban a user from the application, the `ban(?string $message = null)` method can be called on the `User` entity. The method takes an optional string as a parameter. The string acts as the reason for the ban. + + + +```php +// banning a user without passing a message +$user->ban(); + +// banning a user with a message and reason for the ban passed. +$user->ban('Your reason for banning the user here'); + +``` + + + +### Unbanning a User + + + +Unbanning a user can be done using the `unBan()` method on the `User` entity. This method will also reset the `banned_message` property. + + + +```php + +$user->unBan(); + +``` + + + +### Getting the Reason for Ban + + + +The reason for the ban can be obtained user the `getBanMessage()` method on the `User` entity. + + + +```php + +$user->getBanMessage(); + +``` + + diff --git a/src/Entities/User.php b/src/Entities/User.php index 087304c05..783dfbab1 100644 --- a/src/Entities/User.php +++ b/src/Entities/User.php @@ -57,11 +57,11 @@ class User extends Entity * @var array */ protected $casts = [ - 'id' => '?integer', - 'active' => 'int_bool', - 'banned' => 'int_bool', - 'permissions' => 'array', - 'groups' => 'array', + 'id' => '?integer', + 'active' => 'int_bool', + 'banned' => 'int_bool', + 'permissions' => 'array', + 'groups' => 'array', ]; /** From 0e27d3bacb44cb3c142f8990c3e7930ea4467ca8 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 22 Feb 2023 16:21:11 +0200 Subject: [PATCH 16/32] Fixed failing unit test --- src/Entities/User.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Entities/User.php b/src/Entities/User.php index 783dfbab1..00a420fe7 100644 --- a/src/Entities/User.php +++ b/src/Entities/User.php @@ -59,7 +59,6 @@ class User extends Entity protected $casts = [ 'id' => '?integer', 'active' => 'int_bool', - 'banned' => 'int_bool', 'permissions' => 'array', 'groups' => 'array', ]; From 70880526831b49119de6a2a54b8947e763db511b Mon Sep 17 00:00:00 2001 From: David Nsai <44303729+davidnsai@users.noreply.github.com> Date: Thu, 23 Feb 2023 19:37:05 +0200 Subject: [PATCH 17/32] Update docs/banning_users.md Co-authored-by: Pooya Parsa Dadashi --- docs/banning_users.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/banning_users.md b/docs/banning_users.md index c8f1908b0..a84807519 100644 --- a/docs/banning_users.md +++ b/docs/banning_users.md @@ -1,5 +1,4 @@ - -# Banning Users +# Banning Users From ad2984f949414dd67f88338138317b07790571ef Mon Sep 17 00:00:00 2001 From: David Nsai <44303729+davidnsai@users.noreply.github.com> Date: Thu, 23 Feb 2023 19:40:02 +0200 Subject: [PATCH 18/32] Update src/Filters/SessionAuth.php Co-authored-by: Pooya Parsa Dadashi --- src/Filters/SessionAuth.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Filters/SessionAuth.php b/src/Filters/SessionAuth.php index ee5d41a29..7ead40028 100644 --- a/src/Filters/SessionAuth.php +++ b/src/Filters/SessionAuth.php @@ -53,10 +53,11 @@ public function before(RequestInterface $request, $arguments = null) $user = $authenticator->getUser(); if ($user->isBanned()) { + $error = $user->getBanMessage() ?? lang('Auth.logOutBannedUser'); $authenticator->logout(); return redirect()->to(config('Auth')->logoutRedirect()) - ->with('error', lang('Auth.logOutBannedUser')); + ->with('error', $error); } if ($user !== null && ! $user->isActivated()) { From 70ab02f8073c5233439780fc7e98b424f36a4442 Mon Sep 17 00:00:00 2001 From: David Nsai <44303729+davidnsai@users.noreply.github.com> Date: Thu, 23 Feb 2023 19:40:26 +0200 Subject: [PATCH 19/32] Update src/Language/fa/Auth.php Co-authored-by: Pooya Parsa Dadashi --- src/Language/fa/Auth.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Language/fa/Auth.php b/src/Language/fa/Auth.php index b2e99cf5f..ebf34a003 100644 --- a/src/Language/fa/Auth.php +++ b/src/Language/fa/Auth.php @@ -7,8 +7,8 @@ 'unknownAuthenticator' => '{0} احراز هویت معتبری نمی باشد.', 'unknownUserProvider' => 'قادر به تعیین ارائه دهنده کاربر برای استفاده نیست.', 'invalidUser' => 'قادر به پیداکردن کاربر مشخص شده نیست', - 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', - 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', + 'bannedUser' => 'در حال حاضر نمی توانید وارد شوید، چون مسدود شده اید.', + 'logOutBannedUser' => 'شما به دلیل مسدود شدن، از سیستم خارج شده اید.', 'badAttempt' => 'امکان ورود به سیستم نیست. لطفا اعتبارنامه خود را بررسی کنید.', 'noPassword' => 'تایید کاربر بدون رمز عبور ممکن نیست.', 'invalidPassword' => 'ناتوان در ورود به سیستم. لطفا رمز عبور خود را بررسی کنید.', From f256b697301bb5b4b5648ac2c0365f89d01aa531 Mon Sep 17 00:00:00 2001 From: David Nsai <44303729+davidnsai@users.noreply.github.com> Date: Fri, 24 Feb 2023 11:30:02 +0200 Subject: [PATCH 20/32] Update src/Language/ja/Auth.php Thank you for your translation Co-authored-by: kenjis --- src/Language/ja/Auth.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Language/ja/Auth.php b/src/Language/ja/Auth.php index 3f03f9848..a4bd4a54e 100644 --- a/src/Language/ja/Auth.php +++ b/src/Language/ja/Auth.php @@ -7,8 +7,8 @@ 'unknownAuthenticator' => '{0} は有効なオーセンティケーターではありません。', // '{0} is not a valid authenticator.', 'unknownUserProvider' => '使用するユーザープロバイダーを決定できません。', // 'Unable to determine the User Provider to use.', 'invalidUser' => '指定されたユーザーを見つけることができません。', // 'Unable to locate the specified user.', - 'bannedUser' => '(To be translated) Can not log you in as you are currently banned.', - 'logOutBannedUser' => '(To be translated) You have been logged out because you have been banned.', + 'bannedUser' => '現在あなたはアクセスが禁止されているため、ログインできません。', + 'logOutBannedUser' => 'アクセスが禁止されたため、ログアウトされました。', 'badAttempt' => 'ログインできません。認証情報を確認してください。', // 'Unable to log you in. Please check your credentials.', 'noPassword' => 'パスワードのないユーザーは認証できません。', // 'Cannot validate a user without a password.', 'invalidPassword' => 'ログインできません。パスワードを確認してください。', // 'Unable to log you in. Please check your password.', From 5fdc1558fdaaa4867447f5689d4cf6cabcd204db Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 8 Mar 2023 09:48:33 +0200 Subject: [PATCH 21/32] Removed migration adding banned and banned_message fields --- .../2022-12-13-200557_add_ban_columns.php | 45 ------------------- 1 file changed, 45 deletions(-) delete mode 100644 src/Database/Migrations/2022-12-13-200557_add_ban_columns.php diff --git a/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php b/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php deleted file mode 100644 index 325778419..000000000 --- a/src/Database/Migrations/2022-12-13-200557_add_ban_columns.php +++ /dev/null @@ -1,45 +0,0 @@ -tables = $authConfig->tables; - } - - public function up(): void - { - // Users Table - $fields = [ - 'banned' => ['type' => 'tinyint', 'after' => 'active', 'constraint' => 1, 'null' => false, 'default' => 0], - 'banned_message' => ['type' => 'varchar', 'after' => 'banned', 'constraint' => 255, 'null' => true], - ]; - - $this->forge->addColumn($this->tables['users'], $fields); - } - - // -------------------------------------------------------------------- - - public function down(): void - { - $this->forge->dropColumn($this->tables['users'], 'banned'); - $this->forge->dropColumn($this->tables['users'], 'banned_message'); - } -} From 040f17a4a25efa16e95c7aec7fb8b417264fd256 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 8 Mar 2023 09:50:26 +0200 Subject: [PATCH 22/32] Removed banned fields from user model --- src/Models/UserModel.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/Models/UserModel.php b/src/Models/UserModel.php index 93387a1c8..ab5eb49c2 100644 --- a/src/Models/UserModel.php +++ b/src/Models/UserModel.php @@ -26,8 +26,6 @@ class UserModel extends BaseModel 'status', 'status_message', 'active', - 'banned', - 'banned_message', 'last_active', 'deleted_at', ]; From 9d54ac52dc3ef493a390e964a529d7302fcf7b82 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 8 Mar 2023 09:54:43 +0200 Subject: [PATCH 23/32] Implemented ban and unban logic --- src/Traits/Bannable.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/Traits/Bannable.php b/src/Traits/Bannable.php index 601811e95..b025f52c9 100644 --- a/src/Traits/Bannable.php +++ b/src/Traits/Bannable.php @@ -11,7 +11,7 @@ trait Bannable */ public function isBanned(): bool { - return (bool) $this->banned; + return (bool) ($this->status && $this->status === 'banned'); } /** @@ -21,8 +21,8 @@ public function isBanned(): bool */ public function ban(?string $message = null): self { - $this->banned = '1'; - $this->banned_message = $message; + $this->status = 'banned'; + $this->status_message = $message; $users = auth()->getProvider(); @@ -38,7 +38,7 @@ public function ban(?string $message = null): self */ public function unBan(): self { - $this->banned = '0'; + $this->banned = null; $this->banned_message = null; $users = auth()->getProvider(); @@ -53,6 +53,6 @@ public function unBan(): self */ public function getBanMessage(): ?string { - return $this->banned_message; + return $this->status_message; } } From 6371431de2989404c2a6e6ed69e618b8a37150d5 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 8 Mar 2023 09:56:36 +0200 Subject: [PATCH 24/32] FIxed docs on banning users --- docs/banning_users.md | 2 +- src/Traits/Bannable.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/banning_users.md b/docs/banning_users.md index a84807519..7ad33f072 100644 --- a/docs/banning_users.md +++ b/docs/banning_users.md @@ -59,7 +59,7 @@ $user->ban('Your reason for banning the user here'); -Unbanning a user can be done using the `unBan()` method on the `User` entity. This method will also reset the `banned_message` property. +Unbanning a user can be done using the `unBan()` method on the `User` entity. This method will also reset the `status_message` property. diff --git a/src/Traits/Bannable.php b/src/Traits/Bannable.php index b025f52c9..50649cb8d 100644 --- a/src/Traits/Bannable.php +++ b/src/Traits/Bannable.php @@ -38,8 +38,8 @@ public function ban(?string $message = null): self */ public function unBan(): self { - $this->banned = null; - $this->banned_message = null; + $this->status = null; + $this->status_message = null; $users = auth()->getProvider(); From df48197d96ad269be71710c41789cc2ba43d645d Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 8 Mar 2023 10:01:15 +0200 Subject: [PATCH 25/32] removed unneccessary (bool) --- src/Traits/Bannable.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Traits/Bannable.php b/src/Traits/Bannable.php index 50649cb8d..b151c1b64 100644 --- a/src/Traits/Bannable.php +++ b/src/Traits/Bannable.php @@ -11,7 +11,7 @@ trait Bannable */ public function isBanned(): bool { - return (bool) ($this->status && $this->status === 'banned'); + return $this->status && $this->status === 'banned'; } /** From 206fe9ad2e9e368eaff9fabe2d8f2493cc4d0035 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Wed, 8 Mar 2023 10:05:46 +0200 Subject: [PATCH 26/32] Reverted redirect route for when a user is not activated --- src/Filters/SessionAuth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Filters/SessionAuth.php b/src/Filters/SessionAuth.php index 7ead40028..d95f89c07 100644 --- a/src/Filters/SessionAuth.php +++ b/src/Filters/SessionAuth.php @@ -63,7 +63,7 @@ public function before(RequestInterface $request, $arguments = null) if ($user !== null && ! $user->isActivated()) { $authenticator->logout(); - return redirect()->to(config('Auth')->logoutRedirect()) + return redirect()->route('login') ->with('error', lang('Auth.activationBlocked')); } From c00b84e5ab0dff8f9a70b0b00c1ea01a2ff97e7c Mon Sep 17 00:00:00 2001 From: davidnsai Date: Thu, 9 Mar 2023 11:12:54 +0200 Subject: [PATCH 27/32] Added test for getBanMessage() --- tests/Authorization/AuthorizableTest.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/Authorization/AuthorizableTest.php b/tests/Authorization/AuthorizableTest.php index d2fb58104..464cfcf1c 100644 --- a/tests/Authorization/AuthorizableTest.php +++ b/tests/Authorization/AuthorizableTest.php @@ -346,4 +346,13 @@ public function testUnbanningUser(): void $this->assertFalse($this->user->isBanned()); } + + public function testGetBanMessage(): void + { + $this->assertNull($this->user->getBanMessage()); + + $this->user->ban('You are banned'); + + $this->assertSame('You are banned', $this->user->getBanMessage()); + } } From ed74635ef006ed375d4d2df3082c41aaff541663 Mon Sep 17 00:00:00 2001 From: davidnsai Date: Thu, 9 Mar 2023 11:20:22 +0200 Subject: [PATCH 28/32] Removed unnecesary whitespaces from the docs --- docs/banning_users.md | 55 +++++-------------------------------------- 1 file changed, 6 insertions(+), 49 deletions(-) diff --git a/docs/banning_users.md b/docs/banning_users.md index 7ad33f072..9c9d71fb8 100644 --- a/docs/banning_users.md +++ b/docs/banning_users.md @@ -1,88 +1,45 @@ # Banning Users - - Shield provides a way to ban users from your application. This is useful if you need to prevent a user from logging in, or logging them out in the event that they breach your terms of service. - - - [Checking if the User is Banned](#check-if-a-user-is-banned) - - [Banning a User](#banning-a-user) - - [Unbanning a User](#unbanning-a-user) - - [Getting the Reason for Ban ](#getting-the-reason-for-ban) - - - -### Check if a User is Banned - +### Check if a User is Banned -You can check if a user is banned using `isBanned()` method on the `User` entity. The method returns a boolean `true`/`false`. - - +You can check if a user is banned using `isBanned()` method on the `User` entity. The method returns a boolean `true`/`false`. ```php - if ($user->isBanned()) { - -//... - + //... } - -``` - - +``` ### Banning a User - - To ban a user from the application, the `ban(?string $message = null)` method can be called on the `User` entity. The method takes an optional string as a parameter. The string acts as the reason for the ban. - - ```php // banning a user without passing a message $user->ban(); - // banning a user with a message and reason for the ban passed. $user->ban('Your reason for banning the user here'); - ``` - - ### Unbanning a User - - -Unbanning a user can be done using the `unBan()` method on the `User` entity. This method will also reset the `status_message` property. - - +Unbanning a user can be done using the `unBan()` method on the `User` entity. This method will also reset the `status_message` property. ```php - $user->unBan(); - ``` - - ### Getting the Reason for Ban - - The reason for the ban can be obtained user the `getBanMessage()` method on the `User` entity. - - ```php - $user->getBanMessage(); - -``` - - +``` \ No newline at end of file From 88bb918ed4c92107fc306c64fa757fade4ad7168 Mon Sep 17 00:00:00 2001 From: David Nsai <44303729+davidnsai@users.noreply.github.com> Date: Fri, 10 Mar 2023 21:44:29 +0200 Subject: [PATCH 29/32] Update docs/banning_users.md Co-authored-by: Pooya Parsa Dadashi --- docs/banning_users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/banning_users.md b/docs/banning_users.md index 9c9d71fb8..edcec909c 100644 --- a/docs/banning_users.md +++ b/docs/banning_users.md @@ -7,7 +7,7 @@ Shield provides a way to ban users from your application. This is useful if you - [Unbanning a User](#unbanning-a-user) - [Getting the Reason for Ban ](#getting-the-reason-for-ban) -### Check if a User is Banned +### Check if a User is Banned You can check if a user is banned using `isBanned()` method on the `User` entity. The method returns a boolean `true`/`false`. From 524a6c9243c8296681298b39b4405cf61207426a Mon Sep 17 00:00:00 2001 From: David Nsai <44303729+davidnsai@users.noreply.github.com> Date: Fri, 10 Mar 2023 21:44:41 +0200 Subject: [PATCH 30/32] Update docs/banning_users.md Co-authored-by: Pooya Parsa Dadashi --- docs/banning_users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/banning_users.md b/docs/banning_users.md index edcec909c..5889e2b35 100644 --- a/docs/banning_users.md +++ b/docs/banning_users.md @@ -17,7 +17,7 @@ if ($user->isBanned()) { } ``` -### Banning a User +### Banning a User To ban a user from the application, the `ban(?string $message = null)` method can be called on the `User` entity. The method takes an optional string as a parameter. The string acts as the reason for the ban. From fb1e8511cc51ceab63dac209f3ea021c7cf16b41 Mon Sep 17 00:00:00 2001 From: David Nsai <44303729+davidnsai@users.noreply.github.com> Date: Fri, 10 Mar 2023 21:44:55 +0200 Subject: [PATCH 31/32] Update docs/banning_users.md Co-authored-by: Pooya Parsa Dadashi --- docs/banning_users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/banning_users.md b/docs/banning_users.md index 5889e2b35..d9ab9db2d 100644 --- a/docs/banning_users.md +++ b/docs/banning_users.md @@ -28,7 +28,7 @@ $user->ban(); $user->ban('Your reason for banning the user here'); ``` -### Unbanning a User +### Unbanning a User Unbanning a user can be done using the `unBan()` method on the `User` entity. This method will also reset the `status_message` property. From 713487115f26b55e285dde45fb6c42dc07cd1ad5 Mon Sep 17 00:00:00 2001 From: David Nsai <44303729+davidnsai@users.noreply.github.com> Date: Fri, 10 Mar 2023 21:45:09 +0200 Subject: [PATCH 32/32] Update docs/banning_users.md Co-authored-by: Pooya Parsa Dadashi --- docs/banning_users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/banning_users.md b/docs/banning_users.md index d9ab9db2d..b0a81c4da 100644 --- a/docs/banning_users.md +++ b/docs/banning_users.md @@ -36,7 +36,7 @@ Unbanning a user can be done using the `unBan()` method on the `User` entity. Th $user->unBan(); ``` -### Getting the Reason for Ban +### Getting the Reason for Ban The reason for the ban can be obtained user the `getBanMessage()` method on the `User` entity.