Aaron Schulz has uploaded a new change for review.
https://gerrit.wikimedia.org/r/53882
Change subject: Fixed importScopedSession() and moved exportUserSession() to
RequestContext.
......................................................................
Fixed importScopedSession() and moved exportUserSession() to RequestContext.
* Renamed WebRequest::exportUserSession -> RequestContext::exportSession.
Updated the only callers of this new function.
* Init the user with User::newFromId() instead of relying on the session
(which breaks when things like CentralAuth are enabled).
* Made RequestContext::exportSession() include the user ID.
* Removed now-redundant user ID checks in upload jobs.
Change-Id: I543e6766f7a8a828ea5d270328c3bc7738c6fe94
---
M includes/WebRequest.php
M includes/api/ApiUpload.php
M includes/context/RequestContext.php
M includes/job/jobs/AssembleUploadChunksJob.php
M includes/job/jobs/PublishStashedFileJob.php
5 files changed, 26 insertions(+), 27 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core
refs/changes/82/53882/1
diff --git a/includes/WebRequest.php b/includes/WebRequest.php
index 9b6d9ce..98007ef 100644
--- a/includes/WebRequest.php
+++ b/includes/WebRequest.php
@@ -1133,21 +1133,6 @@
public function setIP( $ip ) {
$this->ip = $ip;
}
-
- /**
- * Export the resolved user IP, HTTP headers, and session ID.
- * The result will be reasonably sized to allow for serialization.
- *
- * @return Array
- * @since 1.21
- */
- public function exportUserSession() {
- return array(
- 'ip' => $this->getIP(),
- 'headers' => $this->getAllHeaders(),
- 'sessionId' => session_id()
- );
- }
}
/**
diff --git a/includes/api/ApiUpload.php b/includes/api/ApiUpload.php
index f2733bd..deeb1c1 100644
--- a/includes/api/ApiUpload.php
+++ b/includes/api/ApiUpload.php
@@ -224,8 +224,7 @@
array(
'filename' =>
$this->mParams['filename'],
'filekey' =>
$this->mParams['filekey'],
- 'session' =>
$this->getRequest()->exportUserSession(),
- 'userid' =>
$this->getUser()->getId()
+ 'session' =>
$this->getContext()->exportSession()
)
) );
if ( $ok ) {
@@ -594,8 +593,7 @@
'comment' =>
$this->mParams['comment'],
'text' => $this->mParams['text'],
'watch' => $watch,
- 'session' =>
$this->getRequest()->exportUserSession(),
- 'userid' => $this->getUser()->getId()
+ 'session' =>
$this->getContext()->exportSession()
)
) );
if ( $ok ) {
diff --git a/includes/context/RequestContext.php
b/includes/context/RequestContext.php
index 60c8cd3..35b39c9 100644
--- a/includes/context/RequestContext.php
+++ b/includes/context/RequestContext.php
@@ -393,15 +393,31 @@
}
/**
- * Import the resolved user IP, HTTP headers, and session ID.
+ * Export the resolved user IP, HTTP headers, user ID, and session ID.
+ * The result will be reasonably sized to allow for serialization.
+ *
+ * @return Array
+ * @since 1.21
+ */
+ public function exportSession() {
+ return array(
+ 'ip' => $this->getRequest()->getIP(),
+ 'headers' => $this->getRequest()->getAllHeaders(),
+ 'sessionId' => session_id(),
+ 'userId' => $this->getUser()->getId()
+ );
+ }
+
+ /**
+ * Import the resolved user IP, HTTP headers, user ID, and session ID.
* This sets the current session and sets $wgUser and $wgRequest.
* Once the return value falls out of scope, the old context is
restored.
* This function can only be called within CLI mode scripts.
*
* This will setup the session from the given ID. This is useful when
- * background scripts inherit some context when acting on behalf of a
user.
+ * background scripts inherit context when acting on behalf of a user.
*
- * $param array $params Result of WebRequest::exportUserSession()
+ * $param array $params Result of RequestContext::exportSession()
* @return ScopedCallback
* @throws MWException
* @since 1.21
@@ -434,13 +450,13 @@
// Set the current context to use the new WebRequest
$context->setRequest( $request );
$wgRequest = $context->getRequest(); // b/c
- // Set the current user based on the new session and
WebRequest
- $context->setUser( User::newFromSession( $request ) );
// uses $_SESSION
+ // Set the current user based on the new session
+ $context->setUser( User::newFromId( $params['userId'] )
);
$wgUser = $context->getUser(); // b/c
};
// Stash the old session and load in the new one
- $oldParams = self::getMain()->getRequest()->exportUserSession();
+ $oldParams = self::getMain()->exportSession();
$importSessionFunction( $params );
// Set callback to save and close the new session and reload
the old one
diff --git a/includes/job/jobs/AssembleUploadChunksJob.php
b/includes/job/jobs/AssembleUploadChunksJob.php
index f243b0c..c5dd9ea 100644
--- a/includes/job/jobs/AssembleUploadChunksJob.php
+++ b/includes/job/jobs/AssembleUploadChunksJob.php
@@ -37,7 +37,7 @@
$context = RequestContext::getMain();
try {
$user = $context->getUser();
- if ( !$user->isLoggedIn() || $user->getId() !=
$this->params['userid'] ) {
+ if ( !$user->isLoggedIn() ) {
$this->setLastError( "Could not load the author
user from session." );
return false;
}
diff --git a/includes/job/jobs/PublishStashedFileJob.php
b/includes/job/jobs/PublishStashedFileJob.php
index 87dffc9..d3feda2 100644
--- a/includes/job/jobs/PublishStashedFileJob.php
+++ b/includes/job/jobs/PublishStashedFileJob.php
@@ -37,7 +37,7 @@
$context = RequestContext::getMain();
try {
$user = $context->getUser();
- if ( !$user->isLoggedIn() || $user->getId() !=
$this->params['userid'] ) {
+ if ( !$user->isLoggedIn() ) {
$this->setLastError( "Could not load the author
user from session." );
return false;
}
--
To view, visit https://gerrit.wikimedia.org/r/53882
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I543e6766f7a8a828ea5d270328c3bc7738c6fe94
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Aaron Schulz <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
