Gergő Tisza has uploaded a new change for review.
https://gerrit.wikimedia.org/r/293775
Change subject: Add new convenience User method for authentication data change
......................................................................
Add new convenience User method for authentication data change
Also update createAndPromote.php to use it so it can display errors.
Note that there are two possible approaches. The other is to
do the update for all requests for which the test passed,
even if some tests fail. The approach of the patch seems
more manageable from the caller's point of view
(either the operation was a success, or it failed and
nothing happened).
Change-Id: I86abed4b80472cd888337444fac0cbcb870b1246
(cherry picked from commit b568497e9a863bf71338b254eb05ca3da9c38eb5)
---
M includes/user/User.php
M languages/i18n/en.json
M languages/i18n/qqq.json
M maintenance/changePassword.php
M maintenance/createAndPromote.php
5 files changed, 79 insertions(+), 18 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core
refs/changes/75/293775/1
diff --git a/includes/user/User.php b/includes/user/User.php
index 9afd72d..f246b3b 100644
--- a/includes/user/User.php
+++ b/includes/user/User.php
@@ -2592,23 +2592,16 @@
throw new LogicException( 'Cannot set a
password for a user that is not in the database.' );
}
- $data = [
+ $status = $this->changeAuthenticationData( [
'username' => $this->getName(),
'password' => $str,
'retype' => $str,
- ];
- $reqs = $manager->getAuthenticationRequests(
AuthManager::ACTION_CHANGE, $this );
- $reqs =
AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
- foreach ( $reqs as $req ) {
- $status =
$manager->allowsAuthenticationDataChange( $req );
- if ( !$status->isGood() ) {
-
\MediaWiki\Logger\LoggerFactory::getInstance( 'authentication' )
- ->info( __METHOD__ . ':
Password change rejected: ' . $status->getWikiText() );
- return false;
- }
- }
- foreach ( $reqs as $req ) {
- $manager->changeAuthenticationData( $req );
+ ] );
+ if ( !$status->isGood() ) {
+ \MediaWiki\Logger\LoggerFactory::getInstance(
'authentication' )
+ ->info( __METHOD__ . ': Password change
rejected: '
+ . $status->getWikiText( null,
null, 'en' ) );
+ return false;
}
$this->setOption( 'watchlisttoken', false );
@@ -2620,6 +2613,45 @@
}
/**
+ * Changes credentials of the user.
+ *
+ * This is a convenience wrapper around
AuthManager::changeAuthenticationData.
+ * Note that this can return a status that isOK() but not isGood() on
certain types of failures,
+ * e.g. when no provider handled the change.
+ *
+ * @param array $data A set of authentication data in fieldname =>
value format. This is the
+ * same data you would pass the changeauthenticationdata API -
'username', 'password' etc.
+ * @return Status
+ * @since 1.27
+ */
+ public function changeAuthenticationData( array $data ) {
+ global $wgDisableAuthManager;
+ if ( $wgDisableAuthManager ) {
+ throw new LogicException( __METHOD__ . ' cannot be
called when $wgDisableAuthManager '
+ . 'is true' );
+ }
+
+ $manager = AuthManager::singleton();
+ $reqs = $manager->getAuthenticationRequests(
AuthManager::ACTION_CHANGE, $this );
+ $reqs = AuthenticationRequest::loadRequestsFromSubmission(
$reqs, $data );
+
+ $status = Status::newGood( 'ignored' );
+ foreach ( $reqs as $req ) {
+ $status->merge(
$manager->allowsAuthenticationDataChange( $req ), true );
+ }
+ if ( $status->getValue() === 'ignored' ) {
+ $status->warning( 'authenticationdatachange-ignored' );
+ }
+
+ if ( $status->isGood() ) {
+ foreach ( $reqs as $req ) {
+ $manager->changeAuthenticationData( $req );
+ }
+ }
+ return $status;
+ }
+
+ /**
* Get the user's current token.
* @param bool $forceCreation Force the generation of a new token if the
* user doesn't have one (default=true for backwards compatibility).
diff --git a/languages/i18n/en.json b/languages/i18n/en.json
index 4ced6df..5c67092 100644
--- a/languages/i18n/en.json
+++ b/languages/i18n/en.json
@@ -4171,5 +4171,6 @@
"linkaccounts-success-text": "The account was linked.",
"linkaccounts-submit": "Link accounts",
"unlinkaccounts": "Unlink accounts",
- "unlinkaccounts-success": "The account was unlinked."
+ "unlinkaccounts-success": "The account was unlinked.",
+ "authenticationdatachange-ignored": "The authentication data change was
not handled. Maybe no provider was configured?"
}
diff --git a/languages/i18n/qqq.json b/languages/i18n/qqq.json
index 29d926d..fa0b464 100644
--- a/languages/i18n/qqq.json
+++ b/languages/i18n/qqq.json
@@ -4349,5 +4349,6 @@
"linkaccounts-success-text": "Text shown on top of the form after a
successful action.",
"linkaccounts-submit": "Text of the main submit button on
[[Special:LinkAccounts]] (when there is one)",
"unlinkaccounts": "Title of the special page [[Special:UnlinkAccounts]]
which allows the user to remove linked remote accounts.",
- "unlinkaccounts-success": "Account unlinking form success message"
+ "unlinkaccounts-success": "Account unlinking form success message",
+ "authenticationdatachange-ignored": "Shown when authentication data
change was unsuccessful due to configuration problems."
}
diff --git a/maintenance/changePassword.php b/maintenance/changePassword.php
index 8687f81..a550d12 100644
--- a/maintenance/changePassword.php
+++ b/maintenance/changePassword.php
@@ -41,6 +41,8 @@
}
public function execute() {
+ global $wgDisableAuthManager;
+
if ( $this->hasOption( "user" ) ) {
$user = User::newFromName( $this->getOption( 'user' ) );
} elseif ( $this->hasOption( "userid" ) ) {
@@ -51,8 +53,20 @@
if ( !$user || !$user->getId() ) {
$this->error( "No such user: " . $this->getOption(
'user' ), true );
}
+ $password = $this->getOption( 'password' );
try {
- $user->setPassword( $this->getOption( 'password' ) );
+ if ( $wgDisableAuthManager ) {
+ $user->setPassword( $password );
+ } else {
+ $status = $user->changeAuthenticationData( [
+ 'username' => $user->getName(),
+ 'password' => $password,
+ 'retype' => $password,
+ ] );
+ if ( !$status->isGood() ) {
+ throw new PasswordError(
$status->getWikiText( null, null, 'en' ) );
+ }
+ }
$user->saveSettings();
$this->output( "Password set for " . $user->getName() .
"\n" );
} catch ( PasswordError $pwe ) {
diff --git a/maintenance/createAndPromote.php b/maintenance/createAndPromote.php
index 848c2f7..3591b9c 100644
--- a/maintenance/createAndPromote.php
+++ b/maintenance/createAndPromote.php
@@ -56,6 +56,8 @@
}
public function execute() {
+ global $wgDisableAuthManager;
+
$username = $this->getArg( 0 );
$password = $this->getArg( 1 );
$force = $this->hasOption( 'force' );
@@ -120,7 +122,18 @@
if ( $password ) {
# Try to set the password
try {
- $user->setPassword( $password );
+ if ( $wgDisableAuthManager ) {
+ $user->setPassword( $password );
+ } else {
+ $status =
$user->changeAuthenticationData( [
+ 'username' => $user->getName(),
+ 'password' => $password,
+ 'retype' => $password,
+ ] );
+ if ( !$status->isGood() ) {
+ throw new PasswordError(
$status->getWikiText( null, null, 'en' ) );
+ }
+ }
if ( $exists ) {
$this->output( "Password set.\n" );
$user->saveSettings();
--
To view, visit https://gerrit.wikimedia.org/r/293775
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I86abed4b80472cd888337444fac0cbcb870b1246
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: REL1_27
Gerrit-Owner: Gergő Tisza <gti...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
