From 8b48ba727efd708b3b2bf3bc0858f8ee1368244f Mon Sep 17 00:00:00 2001
From: Marcin Kurczewski <mkurczew@gmail.com>
Date: Mon, 26 May 2014 12:40:02 +0200
Subject: [PATCH] Added option to disallow anonymous uploads

---
 data/config.ini                         |  3 ++-
 src/Api/Jobs/PostJobs/AddPostJob.php    |  4 +++-
 src/Views/post/post-upload.phtml        | 12 +++++++-----
 tests/Tests/JobTests/AddPostJobTest.php | 25 +++++++++++++++++++++++++
 tests/config.ini                        |  3 ++-
 5 files changed, 39 insertions(+), 8 deletions(-)

diff --git a/data/config.ini b/data/config.ini
index e91559b8..18d7e4e8 100644
--- a/data/config.ini
+++ b/data/config.ini
@@ -57,7 +57,8 @@ needEmailForCommenting = 0
 
 [uploads]
 needEmailForUploading = 1
-logAnonymousUploads=1
+logAnonymousUploadsNicknames = 1
+allowAnonymousUploads = 1
 
 [registration]
 staffActivation   = 0
diff --git a/src/Api/Jobs/PostJobs/AddPostJob.php b/src/Api/Jobs/PostJobs/AddPostJob.php
index 09fab51c..1675ab8e 100644
--- a/src/Api/Jobs/PostJobs/AddPostJob.php
+++ b/src/Api/Jobs/PostJobs/AddPostJob.php
@@ -18,6 +18,8 @@ class AddPostJob extends AbstractJob
 		$anonymous = false;
 		if ($this->hasArgument(JobArgs::ARG_ANONYMOUS))
 			$anonymous = TextHelper::toBoolean($this->getArgument(JobArgs::ARG_ANONYMOUS));
+		if ($anonymous and !Core::getConfig()->uploads->allowAnonymousUploads)
+			throw new SimpleException('Anonymous uploads are not allowed');
 
 		if (Auth::isLoggedIn() and !$anonymous)
 			$post->setUploader(Auth::getCurrentUser());
@@ -48,7 +50,7 @@ class AddPostJob extends AbstractJob
 		PostModel::save($post);
 
 		Logger::log('{user} added {post} (tags: {tags}, safety: {safety}, source: {source})', [
-			'user' => ($anonymous and !Core::getConfig()->uploads->logAnonymousUploads)
+			'user' => ($anonymous and !Core::getConfig()->uploads->logAnonymousUploadsNicknames)
 				? TextHelper::reprUser(UserModel::getAnonymousName())
 				: TextHelper::reprUser(Auth::getCurrentUser()),
 			'post' => TextHelper::reprPost($post),
diff --git a/src/Views/post/post-upload.phtml b/src/Views/post/post-upload.phtml
index c0b76804..80757208 100644
--- a/src/Views/post/post-upload.phtml
+++ b/src/Views/post/post-upload.phtml
@@ -95,11 +95,13 @@ $this->assets->addScript('../lib/tagit/jquery.tagit.js');
 								<?php $checked = true ?>
 							</label>
 						<?php endforeach ?>
-						<input type="hidden" name="anonymous" value="0"/>
-						<label>
-							<input type="checkbox" name="anonymous" value="1"/>
-							Upload anonymously
-						</label>
+						<?php if (Core::getConfig()->uploads->allowAnonymousUploads): ?>
+							<input type="hidden" name="anonymous" value="0"/>
+							<label>
+								<input type="checkbox" name="anonymous" value="1"/>
+								Upload anonymously
+							</label>
+						<?php endif ?>
 					</div>
 				</div>
 
diff --git a/tests/Tests/JobTests/AddPostJobTest.php b/tests/Tests/JobTests/AddPostJobTest.php
index 9e0a31de..8b274d88 100644
--- a/tests/Tests/JobTests/AddPostJobTest.php
+++ b/tests/Tests/JobTests/AddPostJobTest.php
@@ -87,6 +87,31 @@ class AddPostJobTest extends AbstractTest
 		$this->assert->isNull($post->getUploaderId());
 	}
 
+	public function testAnonymousUploadsPrivilegeFail()
+	{
+		$this->prepare();
+
+		$this->grantAccess('addPost');
+		$this->grantAccess('addPostTags');
+		$this->grantAccess('addPostContent');
+
+		Core::getConfig()->uploads->allowAnonymousUploads = false;
+
+		$this->login($this->userMocker->mockSingle());
+
+		$this->assert->throws(function()
+		{
+			return Api::run(
+				new AddPostJob(),
+				[
+					JobArgs::ARG_ANONYMOUS => '1',
+					JobArgs::ARG_NEW_TAG_NAMES => ['kamen', 'raider'],
+					JobArgs::ARG_NEW_POST_CONTENT =>
+						new ApiFileInput($this->testSupport->getPath('image.jpg'), 'test.jpg'),
+				]);
+		}, 'Anonymous uploads are not allowed');
+	}
+
 	public function testPartialPrivilegeFail()
 	{
 		$this->prepare();
diff --git a/tests/config.ini b/tests/config.ini
index eb9e94bc..47ba1b23 100644
--- a/tests/config.ini
+++ b/tests/config.ini
@@ -50,7 +50,8 @@ commentsPerPage = 10
 maxCommentsInList = 5
 
 [uploads]
-logAnonymousUploads=1
+logAnonymousUploadsNicknames = 1
+allowAnonymousUploads = 1
 
 [registration]
 staffActivation   = 0