[MediaWiki-commits] [Gerrit] Use new hooks in API action=createaccount for Captcha - change (mediawiki...ConfirmEdit)

Mon, 03 Feb 2014 15:12:10 -0800 

JGonera has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/111114

Change subject: Use new hooks in API action=createaccount for Captcha
......................................................................

Use new hooks in API action=createaccount for Captcha

Hooks used:
* AddNewAccountApiForm
* AddNewAccountApiResult

This adds a 'captcha' section to the results with the same format
as we provide for editing; you'll get this for instance at the
same time as you do a first-request that prompts for a token.

No modification to the result status is included; presence of
the 'captcha' section is assumed to be enough to prompt the client
to fetch and render the captcha prompt.

Failure to pass a captcha will return an API error message; a
subsequent commit fixes problems with that error message being
hard to machine-read.

Note that logic from inside Captcha::confirmUserCreate has been
pulled out to Captcha::needCreateAccountCaptcha so we don't
send captcha information to users who don't need it.

Requires core changes: If5b7dab8

Sample API client: https://github.com/brion/api-createaccount

Bug: 46072

Change-Id: Id628defaeab2bf5979ca8f4284d14fc42d9c3e46
(cherry picked from commit 78e6f5ec79e3f624ae90ae29a8359eb42001dfaf)
---
M Captcha.php
M ConfirmEdit.php
M ConfirmEditHooks.php
3 files changed, 79 insertions(+), 10 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/ConfirmEdit 
refs/changes/14/111114/1

diff --git a/Captcha.php b/Captcha.php
index b15de61..19f70ae 100644
--- a/Captcha.php
+++ b/Captcha.php
@@ -540,15 +540,7 @@
         * @return bool true to continue, false to abort user creation
         */
        function confirmUserCreate( $u, &$message ) {
-               global $wgCaptchaTriggers, $wgUser;
-               if ( $wgCaptchaTriggers['createaccount'] ) {
-                       if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
-                               wfDebug( "ConfirmEdit: user group allows 
skipping captcha on account creation\n" );
-                               return true;
-                       }
-                       if ( $this->isIPWhitelisted() )
-                               return true;
-
+               if ( $this->needCreateAccountCaptcha() ) {
                        $this->trigger = "new account '" . $u->getName() . "'";
                        if ( !$this->passCaptcha() ) {
                                $message = wfMessage( 
'captcha-createaccount-fail' )->text();
@@ -556,6 +548,27 @@
                        }
                }
                return true;
+       }
+       
+       /**
+        * Logic to check if we need to pass a captcha for the current user
+        * to create a new account, or not
+        *
+        * @return bool true to show captcha, false to skip captcha
+        */
+       function needCreateAccountCaptcha() {
+               global $wgCaptchaTriggers, $wgUser;
+               if ( $wgCaptchaTriggers['createaccount'] ) {
+                       if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
+                               wfDebug( "ConfirmEdit: user group allows 
skipping captcha on account creation\n" );
+                               return false;
+                       }
+                       if ( $this->isIPWhitelisted() ) {
+                               return false;
+                       }
+                       return true;
+               }
+               return false;
        }
 
        /**
@@ -619,7 +632,7 @@
         * @return bool
         */
        protected function isAPICaptchaModule( $module ) {
-               return $module instanceof ApiEditPage;
+               return $module instanceof ApiEditPage || $module instanceof 
ApiCreateAccount;
        }
 
        /**
@@ -770,4 +783,50 @@
                        $wgOut->addWikiMsg( 'captchahelp-cookies-needed' );
                }
        }
+
+       /**
+        * Pass API captcha parameters on to the login form when using
+        * API account creation.
+        *
+        * @param ApiCreateAccount $apiModule
+        * @param LoginForm $loginForm
+        * @return hook return value
+        */
+       function addNewAccountApiForm( $apiModule, $loginForm ) {
+               global $wgRequest;
+               $main = $apiModule->getMain();
+
+               $id = $main->getVal( 'captchaid' );
+               if ( $id ) {
+                       $wgRequest->setVal( 'wpCaptchaId', $id );
+
+                       // Suppress "unrecognized parameter" warning:
+                       $main->getVal( 'wpCaptchaId' );
+               }
+
+               $word = $main->getVal( 'captchaword' );
+               if ( $word ) {
+                       $wgRequest->setVal( 'wpCaptchaWord', $word );
+
+                       // Suppress "unrecognized parameter" warning:
+                       $main->getVal( 'wpCaptchaWord' );
+               }
+
+               return true;
+       }
+       
+       /**
+        * Pass extra data back in API results for account creation.
+        *
+        * @param ApiCreateAccount $apiModule
+        * @param LoginForm &loginForm
+        * @param array &$params
+        * @return hook return value
+        */
+       function addNewAccountApiResult( $apiModule, $loginPage, &$result ) {
+               if ( $result['result'] !== 'success' && 
$this->needCreateAccountCaptcha() ) {
+                       $this->addCaptchaAPI( $result );
+               }
+               return true;
+       }
 }
diff --git a/ConfirmEdit.php b/ConfirmEdit.php
index d861a04..72e1392 100644
--- a/ConfirmEdit.php
+++ b/ConfirmEdit.php
@@ -189,6 +189,8 @@
 $wgHooks['APIEditBeforeSave'][] = 'ConfirmEditHooks::confirmEditAPI';
 $wgHooks['APIGetAllowedParams'][] = 'ConfirmEditHooks::APIGetAllowedParams';
 $wgHooks['APIGetParamDescription'][] = 
'ConfirmEditHooks::APIGetParamDescription';
+$wgHooks['AddNewAccountApiForm'][] = 'ConfirmEditHooks::addNewAccountApiForm';
+$wgHooks['AddNewAccountApiResult'][] = 
'ConfirmEditHooks::addNewAccountApiResult';
 
 $wgAutoloadClasses['ConfirmEditHooks'] = 
"$wgConfirmEditIP/ConfirmEditHooks.php";
 $wgAutoloadClasses['SimpleCaptcha'] = "$wgConfirmEditIP/Captcha.php";
diff --git a/ConfirmEditHooks.php b/ConfirmEditHooks.php
index bc85138..c03e316 100644
--- a/ConfirmEditHooks.php
+++ b/ConfirmEditHooks.php
@@ -26,6 +26,14 @@
        static function confirmEditAPI( $editPage, $newtext, &$resultArr ) {
                return self::getInstance()->confirmEditAPI( $editPage, 
$newtext, $resultArr );
        }
+       
+       static function addNewAccountApiForm( $apiModule, $loginForm ) {
+               return self::getInstance()->addNewAccountApiForm( $apiModule, 
$loginForm );
+       }
+       
+       static function addNewAccountApiResult( $apiModule, $loginPage, 
&$result ) {
+               return self::getInstance()->addNewAccountApiResult( $apiModule, 
$loginPage, $result );
+       }
 
        static function injectUserCreate( &$template ) {
                return self::getInstance()->injectUserCreate( $template );

-- 
To view, visit https://gerrit.wikimedia.org/r/111114
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Id628defaeab2bf5979ca8f4284d14fc42d9c3e46
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/ConfirmEdit
Gerrit-Branch: wmf/1.23wmf11
Gerrit-Owner: JGonera <[email protected]>
Gerrit-Reviewer: Brion VIBBER <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to