[MediaWiki-commits] [Gerrit] Clean up User class password handing - change (mediawiki...CentralAuth)

Thu, 17 Sep 2015 09:00:13 -0700 

Anomie has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/239123

Change subject: Clean up User class password handing
......................................................................

Clean up User class password handing

In unit tests, use TestUser::setPasswordForUser() instead of
$user->setPassword(), since the former is going to not work very
efficiently in the future.

Also, replace to-be-deprecated User::getPasswordFactory() with just
constructing a password factory.

Change-Id: I9c5b1d23df0babceca360c912e840807a665b0bd
Depends-on: I2c736ad72d946fa9b859e6cd335fa58aececc0d5
---
M includes/CentralAuthUser.php
M tests/phpunit/CentralAuthPluginUsingDatabaseTest.php
M tests/phpunit/CentralAuthTestUser.php
3 files changed, 16 insertions(+), 10 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/CentralAuth 
refs/changes/23/239123/1

diff --git a/includes/CentralAuthUser.php b/includes/CentralAuthUser.php
index 6753bff..d39366d 100644
--- a/includes/CentralAuthUser.php
+++ b/includes/CentralAuthUser.php
@@ -1689,7 +1689,10 @@
                if ( $status->isGood() ) {
                        wfDebugLog( 'CentralAuth',
                                "authentication for '$this->mName' succeeded" );
-                       if ( User::getPasswordFactory()->needsUpdate( 
$status->getValue() ) ) {
+
+                       $passwordFactory = new PasswordFactory();
+                       $passwordFactory->init( 
RequestContext::getMain()->getConfig() );
+                       if ( $passwordFactory->needsUpdate( $status->getValue() 
) ) {
                                $this->setPassword( $password );
                                $this->saveSettings();
                        }
@@ -1770,7 +1773,8 @@
        private function getPasswordFromString( $encrypted, $salt ) {
                global $wgPasswordSalt;
 
-               $passwordFactory = User::getPasswordFactory();
+               $passwordFactory = new PasswordFactory();
+               $passwordFactory->init( RequestContext::getMain()->getConfig() 
);
 
                if ( preg_match( '/^[0-9a-f]{32}$/', $encrypted ) ) {
                        if ( $wgPasswordSalt ) {
@@ -2222,9 +2226,11 @@
         * @return array of strings, salt and hash
         */
        protected function saltedPassword( $password ) {
+               $passwordFactory = new PasswordFactory();
+               $passwordFactory->init( RequestContext::getMain()->getConfig() 
);
                return array(
                        '',
-                       User::getPasswordFactory()->newFromPlaintext( $password 
)->toString()
+                       $passwordFactory->newFromPlaintext( $password 
)->toString()
                );
        }
 
diff --git a/tests/phpunit/CentralAuthPluginUsingDatabaseTest.php 
b/tests/phpunit/CentralAuthPluginUsingDatabaseTest.php
index 24c9fdb..4831614 100644
--- a/tests/phpunit/CentralAuthPluginUsingDatabaseTest.php
+++ b/tests/phpunit/CentralAuthPluginUsingDatabaseTest.php
@@ -76,16 +76,14 @@
                $user = User::newFromName( 'GlobalConflictUser' );
                if ( $user->idForName() == 0 ) {
                        $user->addToDatabase();
-                       $user->setPassword( $this->password );
-                       $user->saveSettings();
+                       TestUser::setPasswordForUser( $user, $this->password );
                }
 
                // Local only account
                $user = User::newFromName( 'AnotherNewUser' );
                if ( $user->idForName() == 0 ) {
                        $user->addToDatabase();
-                       $user->setPassword( 'ANUP@ssword' );
-                       $user->saveSettings();
+                       TestUser::setPasswordForUser( $user, 'ANUP@ssword' );
                }
 
                // Global user who was renamed when migrated
diff --git a/tests/phpunit/CentralAuthTestUser.php 
b/tests/phpunit/CentralAuthTestUser.php
index 4142985..422080c 100644
--- a/tests/phpunit/CentralAuthTestUser.php
+++ b/tests/phpunit/CentralAuthTestUser.php
@@ -92,9 +92,12 @@
                $this->username = $username;
                $this->password = $password;
 
+               $passwordFactory = new PasswordFactory();
+               $passwordFactory->init( RequestContext::getMain()->getConfig() 
);
+
                $attrs += array(
                        'gu_id' => '1000',
-                       'gu_password' => 
User::getPasswordFactory()->newFromPlaintext( $password )->toString(),
+                       'gu_password' => $passwordFactory->newFromPlaintext( 
$password )->toString(),
                        'gu_salt' => '',
                        'gu_auth_token' => '1234',
                        'gu_locked' => 0,
@@ -143,8 +146,7 @@
                        $user = User::newFromName( $this->username );
                        if ( $user->idForName() == 0 ) {
                                $user->addToDatabase();
-                               $user->setPassword( $this->password );
-                               $user->saveSettings();
+                               TestUser::setPasswordForUser( $user, 
$this->password );
                        }
                }
 

-- 
To view, visit https://gerrit.wikimedia.org/r/239123
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I9c5b1d23df0babceca360c912e840807a665b0bd
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to