Gergő Tisza has uploaded a new change for review. https://gerrit.wikimedia.org/r/296926
Change subject: Set domain even if there's only one ...................................................................... Set domain even if there's only one Despite LdapAuthenticationPlugin special-casing getDomain() when there's only one domain, it still breaks unless setDomain() is called. Sigh. Bug: T137377 Change-Id: Ibfd1f1e00f7aea52bc3989a2e702de603a589a0a (cherry picked from commit b9e6717777a75d9232eca6830a9beafc7100ae65) --- M LdapPrimaryAuthenticationProvider.php 1 file changed, 12 insertions(+), 9 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/LdapAuthentication refs/changes/26/296926/1 diff --git a/LdapPrimaryAuthenticationProvider.php b/LdapPrimaryAuthenticationProvider.php index 8c73b96..4dc2eac 100644 --- a/LdapPrimaryAuthenticationProvider.php +++ b/LdapPrimaryAuthenticationProvider.php @@ -72,6 +72,9 @@ */ private function setDomainForUser( LdapAuthenticationPlugin $ldap, User $user ) { if ( !$this->hasMultipleDomains ) { + // LdapAuthenticationPlugin still needs setDomain called, even if + // getDomain is deterministic. Sigh. + $ldap->setDomain( $ldap->getDomain() ); return null; } @@ -193,8 +196,10 @@ if ( !$ldap->validDomain( $domain ) ) { $domain = $ldap->getDomain(); } - $ldap->setDomain( $domain ); + } else { + $domain = $ldap->getDomain(); } + $ldap->setDomain( $domain ); if ( $this->testUserCanAuthenticateInternal( $ldap, User::newFromName( $username ) ) && $ldap->authenticate( $username, $req->password ) @@ -227,6 +232,7 @@ return false; } else { // Yay, easy way out. + $ldap->setDomain( $ldap->getDomain() ); return $this->testUserCanAuthenticateInternal( $ldap, User::newFromName( $username ) ); } } @@ -296,6 +302,7 @@ return false; } else { // Yay, easy way out. + $ldap->setDomain( $ldap->getDomain() ); return $ldap->userExistsReal( $username ); } } @@ -320,8 +327,8 @@ $ldap = LdapAuthenticationPlugin::getInstance(); $curDomain = $ldap->getDomain(); - if ( $checkData && $this->hasMultipleDomains ) { - $ldap->setDomain( $req->domain ); + if ( $checkData ) { + $ldap->setDomain( $this->hasMultipleDomains ? $req->domain : $curDomain ); } try { // If !$checkData the domain might be wrong. Nothing we can do about that. @@ -373,9 +380,7 @@ } $ldap = LdapAuthenticationPlugin::getInstance(); - if ( $this->hasMultipleDomains ) { - $ldap->setDomain( $req->domain ); - } + $ldap->setDomain( $this->hasMultipleDomains ? $req->domain : $ldap->getDomain() ); $user = User::newFromName( $username ); if ( !$ldap->setPassword( $user, $req->password ) ) { // This is totally unfriendly and leaves other @@ -417,9 +422,7 @@ } $ldap = LdapAuthenticationPlugin::getInstance(); - if ( $this->hasMultipleDomains ) { - $ldap->setDomain( $req->domain ); - } + $ldap->setDomain( $this->hasMultipleDomains ? $req->domain : $ldap->getDomain() ); if ( $ldap->addUser( $user, $req->password, $user->getEmail(), $user->getRealName() ) ) { -- To view, visit https://gerrit.wikimedia.org/r/296926 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ibfd1f1e00f7aea52bc3989a2e702de603a589a0a Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/LdapAuthentication Gerrit-Branch: REL1_27 Gerrit-Owner: Gergő Tisza <gti...@wikimedia.org> Gerrit-Reviewer: Anomie <bjor...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits