Add a way to disable/enable users (#3056)

If you want to block users without deleting their account, you can now
disable them from the interface.

3 files changed, 10 insertions, 1 deletions

diff --git a/p/api/fever.php b/p/api/fever.php
index a714561da..909e29d32 100644
--- a/p/api/fever.php
+++ b/p/api/fever.php
@@ -163,7 +163,7 @@ class FeverAPI
 				$username = trim($username);
 				Minz_Session::_param('currentUser', $username);
 				$user_conf = get_user_configuration($username);
-				if ($user_conf != null && $feverKey === $user_conf->feverKey) {
+				if ($user_conf != null && $feverKey === $user_conf->feverKey && $user_conf->enabled) {
 					FreshRSS_Context::$user_conf = $user_conf;
 					Minz_Translate::init(FreshRSS_Context::$user_conf->language);
 					$this->entryDAO = FreshRSS_Factory::createEntryDao();
diff --git a/p/api/greader.php b/p/api/greader.php
index a9e6398d2..b87387bd7 100644
--- a/p/api/greader.php
+++ b/p/api/greader.php
@@ -157,6 +157,10 @@ function authorizationToUser() {
 					Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.');
 					unauthorized();
 				}
+				if (!FreshRSS_Context::$user_conf->enabled) {
+					Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.');
+					unauthorized();
+				}
 				if ($headerAuthX[1] === sha1(FreshRSS_Context::$system_conf->salt . $user . FreshRSS_Context::$user_conf->apiPasswordHash)) {
 					return $user;
 				} else {
diff --git a/p/api/pshb.php b/p/api/pshb.php
index e8109cbb0..1e07c0f80 100644
--- a/p/api/pshb.php
+++ b/p/api/pshb.php
@@ -140,6 +140,11 @@ foreach ($users as $userFilename) {
 			Minz_Translate::reset(FreshRSS_Context::$user_conf->language);
 		}
 
+		if (!FreshRSS_Context::$user_conf->enabled) {
+			Minz_Log::warning('FreshRSS skip disabled user ' . $username);
+			continue;
+		}
+
 		list($updated_feeds, $feed, $nb_new_articles) = FreshRSS_feed_Controller::actualizeFeed(0, $self, false, $simplePie);
 		if ($updated_feeds > 0 || $feed != false) {
 			$nb++;