From 2267cbcf894029290d97bd71b81cf95e1f8987b9 Mon Sep 17 00:00:00 2001 From: GeorgeClark Date: Sat, 5 Jan 2013 04:27:51 +0000 Subject: [PATCH] Item12329: Add {Register}{ExpireAfter} setting git-svn-id: http://svn.foswiki.org/trunk@16331 0b4bb1d4-4e5a-0410-9cc4-b2b747904278 --- UnitTestContrib/test/unit/RegisterTests.pm | 14 +++-- core/lib/Foswiki.spec | 19 ++++++- .../Checkers/Register/ExpireAfter.pm | 55 +++++++++++++++++++ .../Checkers/Sessions/ExpireAfter.pm | 2 +- core/lib/Foswiki/Contrib/core/MANIFEST | 1 + core/lib/Foswiki/UI/Register.pm | 26 ++++++--- core/tools/tick_foswiki.pl | 2 +- 7 files changed, 104 insertions(+), 15 deletions(-) create mode 100644 core/lib/Foswiki/Configure/Checkers/Register/ExpireAfter.pm diff --git a/UnitTestContrib/test/unit/RegisterTests.pm b/UnitTestContrib/test/unit/RegisterTests.pm index 069be10bf3..a196ce56a4 100644 --- a/UnitTestContrib/test/unit/RegisterTests.pm +++ b/UnitTestContrib/test/unit/RegisterTests.pm @@ -1061,7 +1061,7 @@ sub verify_rejectDuplicatePendingEmail { my $this = shift; $Foswiki::cfg{Register}{NeedVerification} = 1; $Foswiki::cfg{Register}{UniqueEmail} = 1; - $Foswiki::cfg{Sessions}{ExpireAfter} = '-23600'; + $Foswiki::cfg{Register}{ExpireAfter} = '-23600'; #$Foswiki::cfg{PasswordManager} = 'Foswiki::Users::HtPasswdUser'; $Foswiki::cfg{Register}{AllowLoginName} = 0; @@ -1130,7 +1130,10 @@ sub verify_rejectDuplicatePendingEmail { $this->{session}->net->setMailHandler( \&FoswikiFnTestCase::sentMail ); $Foswiki::cfg{Register}{NeedVerification} = 1; $Foswiki::cfg{Register}{UniqueEmail} = 1; - $Foswiki::cfg{Sessions}{ExpireAfter} = '-23600'; + + # Should use Sessions expiration if Registration is not defined. + $Foswiki::cfg{Register}{ExpireAfter} = undef; + $Foswiki::cfg{Sessions}{ExpireAfter} = '-23600'; try { $this->captureWithKey( register => $REG_UI_FN, $this->{session} ); @@ -1954,7 +1957,7 @@ sub test_PendingRegistrationManualCleanup { $Foswiki::cfg{Register}{NeedVerification} = 1; $Foswiki::cfg{Register}{EnableNewUserRegistration} = 1; $Foswiki::cfg{Register}{UniqueEmail} = 0; - $Foswiki::cfg{Sessions}{ExpireAfter} = '-600'; + $Foswiki::cfg{Register}{ExpireAfter} = '-600'; $Foswiki::cfg{LoginManager} = 'Foswiki::LoginManager::TemplateLogin'; $Foswiki::cfg{PasswordManager} = 'Foswiki::Users::HtPasswdUser'; my $query = Unit::Request->new( @@ -2019,7 +2022,10 @@ sub test_PendingRegistrationAutoCleanup { $Foswiki::cfg{Register}{NeedVerification} = 1; $Foswiki::cfg{Register}{EnableNewUserRegistration} = 1; $Foswiki::cfg{Register}{UniqueEmail} = 0; - $Foswiki::cfg{Sessions}{ExpireAfter} = 600; + + # Should use Sessions expiration if Registration is not defined. + $Foswiki::cfg{Register}{ExpireAfter} = undef; + $Foswiki::cfg{Sessions}{ExpireAfter} = 600; $Foswiki::cfg{LoginManager} = 'Foswiki::LoginManager::TemplateLogin'; $Foswiki::cfg{PasswordManager} = 'Foswiki::Users::HtPasswdUser'; my $query = Unit::Request->new( diff --git a/core/lib/Foswiki.spec b/core/lib/Foswiki.spec index 6537c71014..04a2c2df82 100644 --- a/core/lib/Foswiki.spec +++ b/core/lib/Foswiki.spec @@ -291,7 +291,7 @@ $Foswiki::cfg{DetailedOS} = ''; # cons of using persistent sessions.

$Foswiki::cfg{UseClientSessions} = 1; -# **NUMBER FEEDBACK=AUTO 20 EXPERT DISPLAY_IF {UseClientSessions}** +# **NUMBER FEEDBACK=AUTO 20 DISPLAY_IF {UseClientSessions}** # Set the session timeout, in seconds. The session will be cleared after this # amount of time without the session being accessed. The default is 6 hours # (21600 seconds).

@@ -305,7 +305,7 @@ $Foswiki::cfg{UseClientSessions} = 1; # job to clean up expired sessions. The standard maintenance cron script # tools/tick_foswiki.pl includes this function. #

Session files are stored in the {WorkingDir}/tmp directory.

-#

This setting is also used to set a lifetime for registration requests.

+#

This setting is also used to set a lifetime for passthru redirect requests.

$Foswiki::cfg{Sessions}{ExpireAfter} = 21600; # **NUMBER FEEDBACK=AUTO EXPERT DISPLAY_IF {UseClientSessions} && {LoginManager}=='Foswiki::LoginManager::TemplateLogin'** @@ -719,6 +719,21 @@ $Foswiki::cfg{Register}{NeedApproval} = $FALSE; # administrator. $Foswiki::cfg{Register}{Approvers} = ''; +# **NUMBER FEEDBACK=AUTO 20 DISPLAY_IF {Register}{NeedVerification} || {Register}{NeedApproval}** +# Set the pending registration timeout, in seconds. The pending registration +# will be cleared after this amount of time. The default is 6 hours +# (21600 seconds).

+# Note By default, registration expiry is done "on the fly" +# during the registration process. For best performance, you can set {Register}{ExpireAfter} +# to a negative number, which will mean that Foswiki won't try to clean +# up expired registrations durning registration. Instead you should use a cron +# job to clean up expired sessions. The standard maintenance cron script +# tools/tick_foswiki.pl includes this function. +#

Note that if you are using registration approval by 3rd party reviewers, +# this timer should most likely be significantly increased. 24 hours = 86400, 3 days = 259200.

+#

Pending registration requests are stored in the {WorkingDir}/registration_approvals directory.

+$Foswiki::cfg{Register}{ExpireAfter} = 21600; + # **BOOLEAN EXPERT** # Controls whether the user password has to be entered twice on the # registration page or not. The default is to require confirmation, in which diff --git a/core/lib/Foswiki/Configure/Checkers/Register/ExpireAfter.pm b/core/lib/Foswiki/Configure/Checkers/Register/ExpireAfter.pm new file mode 100644 index 0000000000..07e23ea2b6 --- /dev/null +++ b/core/lib/Foswiki/Configure/Checkers/Register/ExpireAfter.pm @@ -0,0 +1,55 @@ +# See bottom of file for license and copyright information +package Foswiki::Configure::Checkers::Register::ExpireAfter; + +use strict; +use warnings; + +require Foswiki::Configure::Checkers::NUMBER; +our @ISA = ('Foswiki::Configure::Checkers::NUMBER'); + +sub check { + my $this = shift; + + return '' + unless ( $Foswiki::cfg{Register}{NeedVerification} + || $Foswiki::cfg{Register}{NeedApproval} ); + + my $e = ''; + $e .= $this->SUPER::check(@_); + return $e if ( $e =~ /Error:/ ); + + if ( $Foswiki::cfg{Register}{ExpireAfter} < 0 ) { + $e .= $this->WARN(<<'MESSAGE'); +Foswiki will *not* clean up pending registrations automatically. Make sure you +have a cron job running the tools/tick_foswiki.pl script. +MESSAGE + } + return $e; +} + +1; +__END__ +Foswiki - The Free and Open Source Wiki, http://foswiki.org/ + +Copyright (C) 2008-2010 Foswiki Contributors. Foswiki Contributors +are listed in the AUTHORS file in the root of this distribution. +NOTE: Please extend that file, not this notice. + +Additional copyrights apply to some or all of the code in this +file as follows: + +Copyright (C) 2000-2006 TWiki Contributors. All Rights Reserved. +TWiki Contributors are listed in the AUTHORS file in the root +of this distribution. NOTE: Please extend that file, not this notice. + +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; either version 2 +of the License, or (at your option) any later version. For +more details read LICENSE in the root of this distribution. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +As per the GPL, removal of this notice is prohibited. diff --git a/core/lib/Foswiki/Configure/Checkers/Sessions/ExpireAfter.pm b/core/lib/Foswiki/Configure/Checkers/Sessions/ExpireAfter.pm index 5377a26403..a50a667af4 100644 --- a/core/lib/Foswiki/Configure/Checkers/Sessions/ExpireAfter.pm +++ b/core/lib/Foswiki/Configure/Checkers/Sessions/ExpireAfter.pm @@ -19,7 +19,7 @@ sub check { if ( $Foswiki::cfg{Sessions}{ExpireAfter} < 0 ) { $e .= $this->WARN(<<'MESSAGE'); Foswiki will *not* clean up sessions automatically. Make sure you -have a cron job running. +have a cron job running the tools/tick_foswiki.pl script. MESSAGE } return $e; diff --git a/core/lib/Foswiki/Contrib/core/MANIFEST b/core/lib/Foswiki/Contrib/core/MANIFEST index 7c9b2e4f29..220d4ff999 100644 --- a/core/lib/Foswiki/Contrib/core/MANIFEST +++ b/core/lib/Foswiki/Contrib/core/MANIFEST @@ -588,6 +588,7 @@ lib/Foswiki/Configure/Checkers/RCS/unlockCmd.pm 0444 lib/Foswiki/Configure/Checkers/REGEX.pm 0444 lib/Foswiki/Configure/Checkers/Register/AllowLoginName.pm 0444 lib/Foswiki/Configure/Checkers/Register/EmailFilter.pm 0444 +lib/Foswiki/Configure/Checkers/Register/ExpireAfter.pm 0444 lib/Foswiki/Configure/Checkers/Register/NeedVerification.pm 0444 lib/Foswiki/Configure/Checkers/RegistrationApprovals.pm 0444 lib/Foswiki/Configure/Checkers/SMTP/MAILHOST.pm 0444 diff --git a/core/lib/Foswiki/UI/Register.pm b/core/lib/Foswiki/UI/Register.pm index 08e5df68b7..009aa173a3 100755 --- a/core/lib/Foswiki/UI/Register.pm +++ b/core/lib/Foswiki/UI/Register.pm @@ -1526,14 +1526,23 @@ sub _buildConfirmationEmail { sub _validateRegistration { my ( $session, $data, $requireForm ) = @_; + # Set the registration timeout. If it's not configured + # Use the session timeout, and if that's not configure + # then default to 10 hours. + my $exp = + ( defined $Foswiki::cfg{Register}{ExpireAfter} ) + ? $Foswiki::cfg{Register}{ExpireAfter} + : ( defined $Foswiki::cfg{Sessions}{ExpireAfter} ) + ? $Foswiki::cfg{Sessions}{ExpireAfter} + : 36000; # 10 hours + # Expire stale registrations, but if email addresses are being # checked for duplicate registrations, then let that code # read all the pending registration files. Don't do it twice. # Also don't do it if ExpireAfter is negative. Use tick_foswiki instead. unless ( $Foswiki::cfg{Register}{UniqueEmail} ) { - if ( $Foswiki::cfg{Sessions}{ExpireAfter} > 1 ) { - _checkPendingRegistrations( undef, - $Foswiki::cfg{Sessions}{ExpireAfter} ); + if ( $exp > 1 ) { + _checkPendingRegistrations( undef, $exp ); } } @@ -1736,9 +1745,7 @@ sub _validateRegistration { if ( $Foswiki::cfg{Register}{UniqueEmail} ) { my @existingNames = Foswiki::Func::emailToWikiNames( $data->{Email} ); if ( $Foswiki::cfg{Register}{NeedVerification} ) { - my @pending = - _checkPendingRegistrations( $data->{Email}, - $Foswiki::cfg{Sessions}{ExpireAfter} ); + my @pending = _checkPendingRegistrations( $data->{Email}, $exp ); push @existingNames, @pending if scalar @pending; } if ( scalar(@existingNames) ) { @@ -2044,7 +2051,12 @@ tick_foswiki to expire stale registrations. =cut sub expirePendingRegistrations { - my $exp = $Foswiki::cfg{Sessions}{ExpireAfter} || 36000; # 10 hours + my $exp = + ( defined $Foswiki::cfg{Register}{ExpireAfter} ) + ? $Foswiki::cfg{Register}{ExpireAfter} + : ( defined $Foswiki::cfg{Sessions}{ExpireAfter} ) + ? $Foswiki::cfg{Sessions}{ExpireAfter} + : 36000; # 10 hours $exp = -$exp if $exp < 0; _checkPendingRegistrations( undef, $exp ); diff --git a/core/tools/tick_foswiki.pl b/core/tools/tick_foswiki.pl index 18d239e4fd..ed3f821b46 100755 --- a/core/tools/tick_foswiki.pl +++ b/core/tools/tick_foswiki.pl @@ -40,7 +40,7 @@ BEGIN Foswiki::LoginManager::expireDeadSessions(); # This will expire pending registrations that have not been used for -# |{Sessions}{ExpireAfter}| seconds i.e. if you set {Sessions}{ExpireAfter} +# |{Register}{ExpireAfter}| seconds i.e. if you set {Register}{ExpireAfter} # to -36000 or 36000 it will expire registrations that have not been verified for # more than 10 hours,