jenkins-bot has submitted this change and it was merged.
Change subject: Check for non-null username before creating CentralAuthUser in
hooks
......................................................................
Check for non-null username before creating CentralAuthUser in hooks
Ensure that the session data actually names a user before creating
a CentralAuthUser from it when peeking at things in hook callbacks.
Bug: T124406
Change-Id: I334899e6e7fd55edaf55dfa952367657dae93b08
---
M includes/CentralAuthHooks.php
M includes/session/CentralAuthSessionProvider.php
2 files changed, 15 insertions(+), 9 deletions(-)
Approvals:
Anomie: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/CentralAuthHooks.php b/includes/CentralAuthHooks.php
index bf1e66a..83fdfb9 100644
--- a/includes/CentralAuthHooks.php
+++ b/includes/CentralAuthHooks.php
@@ -1670,10 +1670,13 @@
* @return bool
*/
public static function onSessionCheckInfo( &$reason, $info ) {
- $centralUser = new CentralAuthUser(
$info->getUserInfo()->getName() );
- if ( $centralUser->renameInProgress() ) {
- $reason = 'CentralAuth rename in progress';
- return false;
+ $name = $info->getUserInfo()->getName();
+ if ( $name !== null ) {
+ $centralUser = new CentralAuthUser( $name );
+ if ( $centralUser->renameInProgress() ) {
+ $reason = 'CentralAuth rename in progress';
+ return false;
+ }
}
return true;
}
diff --git a/includes/session/CentralAuthSessionProvider.php
b/includes/session/CentralAuthSessionProvider.php
index d91aa0e..d35d6d6 100644
--- a/includes/session/CentralAuthSessionProvider.php
+++ b/includes/session/CentralAuthSessionProvider.php
@@ -195,11 +195,14 @@
public function refreshSessionInfo( SessionInfo $info, WebRequest
$request, &$metadata ) {
// Sanity check on the metadata, to avoid T124409
if ( isset( $metadata['CentralAuthSource'] ) ) {
- $centralUser = new CentralAuthUser(
$info->getUserInfo()->getName() );
- if ( $centralUser->exists() &&
$centralUser->isAttached() ) {
- return $metadata['CentralAuthSource'] ===
'CentralAuth';
- } else {
- return $metadata['CentralAuthSource'] ===
'Local';
+ $name = $info->getUserInfo()->getName();
+ if ( $name !== null ) {
+ $centralUser = new CentralAuthUser( $name );
+ if ( $centralUser->exists() &&
$centralUser->isAttached() ) {
+ return $metadata['CentralAuthSource']
=== 'CentralAuth';
+ } else {
+ return $metadata['CentralAuthSource']
=== 'Local';
+ }
}
}
--
To view, visit https://gerrit.wikimedia.org/r/265759
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I334899e6e7fd55edaf55dfa952367657dae93b08
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: BryanDavis <[email protected]>
Gerrit-Reviewer: Alex Monk <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: Gergő Tisza <[email protected]>
Gerrit-Reviewer: Legoktm <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
