diff --git a/adm/style/wpn_acp_settings.html b/adm/style/wpn_acp_settings.html index 9cd9a5f..cdd3add 100644 --- a/adm/style/wpn_acp_settings.html +++ b/adm/style/wpn_acp_settings.html @@ -32,12 +32,12 @@

{{ lang('WARNING') }}


{{ lang('WEBPUSH_DROPDOWN_SUBSCRIBE_EXPLAIN') }}
- +

{{ lang('WEBPUSH_METHOD_ENABLED_EXPLAIN') }}
- +
diff --git a/composer.json b/composer.json index b9e476a..b1d1710 100644 --- a/composer.json +++ b/composer.json @@ -28,7 +28,7 @@ "minishlink/web-push": "^7.0" }, "require-dev": { - "phing/phing": "2.4.*" + "phing/phing": "~2.4" }, "config": { "allow-plugins": { diff --git a/notification/method/webpush.php b/notification/method/webpush.php index 8ff7620..0fc2a08 100644 --- a/notification/method/webpush.php +++ b/notification/method/webpush.php @@ -28,7 +28,6 @@ * Web Push notification method class * This class handles sending push messages for notifications */ - class webpush extends messenger_base implements extended_method_interface { /** @var config */ @@ -379,7 +378,7 @@ public function get_ucp_template_data(helper $controller_helper, form_helper $fo } return [ - 'NOTIFICATIONS_WEBPUSH_ENABLE' => $this->config['wpn_webpush_dropdown_subscribe'] || stripos($this->user->page['page'], 'notification_options'), + 'NOTIFICATIONS_WEBPUSH_ENABLE' => $this->allowed_user() && ($this->config['wpn_webpush_dropdown_subscribe'] || stripos($this->user->page['page'], 'notification_options')), 'U_WEBPUSH_SUBSCRIBE' => $controller_helper->route('phpbb_webpushnotifications_ucp_push_subscribe_controller'), 'U_WEBPUSH_UNSUBSCRIBE' => $controller_helper->route('phpbb_webpushnotifications_ucp_push_unsubscribe_controller'), 'VAPID_PUBLIC_KEY' => $this->config['wpn_webpush_vapid_public'], @@ -553,4 +552,17 @@ protected function load_recipients_data(): array return $notify_users; } + + /** + * User is allowed to use web push notifications + * + * @return bool + */ + protected function allowed_user() + { + return $this->user->id() !== ANONYMOUS + && !$this->user->data['is_bot'] + && (int) $this->user->data['user_type'] !== USER_IGNORE + && (int) $this->user->data['user_type'] !== USER_INACTIVE; + } } diff --git a/tests/event/listener_test.php b/tests/event/listener_test.php index e84784f..42f5d02 100644 --- a/tests/event/listener_test.php +++ b/tests/event/listener_test.php @@ -69,6 +69,8 @@ protected function setUp(): void $user = new \phpbb\user($this->language, '\phpbb\datetime'); $this->user = $user; $this->user->data['user_form_salt'] = ''; + $this->user->data['is_bot'] = false; + $this->user->data['user_type'] = USER_NORMAL; $user_loader = new \phpbb\user_loader($db, $phpbb_root_path, $phpEx, 'phpbb_users'); $this->controller_helper = $this->getMockBuilder('\phpbb\controller\helper') diff --git a/ucp/controller/webpush.php b/ucp/controller/webpush.php index 66fe523..29ae22f 100644 --- a/ucp/controller/webpush.php +++ b/ucp/controller/webpush.php @@ -248,7 +248,7 @@ protected function check_subscribe_requests(): void } // Subscribe should only be available for logged-in "normal" users - if (!$this->request->is_ajax() || $this->user->id() == ANONYMOUS || $this->user->data['is_bot'] + if (!$this->request->is_ajax() || $this->user->id() === ANONYMOUS || $this->user->data['is_bot'] || $this->user->data['user_type'] == USER_IGNORE || $this->user->data['user_type'] == USER_INACTIVE) { throw new http_exception(Response::HTTP_FORBIDDEN, 'NO_AUTH_OPERATION');