Aaron Schulz has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/53882


Change subject: Fixed importScopedSession() and moved exportUserSession() to 
RequestContext.
......................................................................

Fixed importScopedSession() and moved exportUserSession() to RequestContext.

* Renamed WebRequest::exportUserSession -> RequestContext::exportSession.
  Updated the only callers of this new function.
* Init the user with User::newFromId() instead of relying on the session
  (which breaks when things like CentralAuth are enabled).
* Made RequestContext::exportSession() include the user ID.
* Removed now-redundant user ID checks in upload jobs.

Change-Id: I543e6766f7a8a828ea5d270328c3bc7738c6fe94
---
M includes/WebRequest.php
M includes/api/ApiUpload.php
M includes/context/RequestContext.php
M includes/job/jobs/AssembleUploadChunksJob.php
M includes/job/jobs/PublishStashedFileJob.php
5 files changed, 26 insertions(+), 27 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/82/53882/1

diff --git a/includes/WebRequest.php b/includes/WebRequest.php
index 9b6d9ce..98007ef 100644
--- a/includes/WebRequest.php
+++ b/includes/WebRequest.php
@@ -1133,21 +1133,6 @@
        public function setIP( $ip ) {
                $this->ip = $ip;
        }
-
-       /**
-        * Export the resolved user IP, HTTP headers, and session ID.
-        * The result will be reasonably sized to allow for serialization.
-        *
-        * @return Array
-        * @since 1.21
-        */
-       public function exportUserSession() {
-               return array(
-                       'ip'        => $this->getIP(),
-                       'headers'   => $this->getAllHeaders(),
-                       'sessionId' => session_id()
-               );
-       }
 }
 
 /**
diff --git a/includes/api/ApiUpload.php b/includes/api/ApiUpload.php
index f2733bd..deeb1c1 100644
--- a/includes/api/ApiUpload.php
+++ b/includes/api/ApiUpload.php
@@ -224,8 +224,7 @@
                                        array(
                                                'filename'  => 
$this->mParams['filename'],
                                                'filekey'   => 
$this->mParams['filekey'],
-                                               'session'   => 
$this->getRequest()->exportUserSession(),
-                                               'userid'    => 
$this->getUser()->getId()
+                                               'session'   => 
$this->getContext()->exportSession()
                                        )
                                ) );
                                if ( $ok ) {
@@ -594,8 +593,7 @@
                                        'comment'   => 
$this->mParams['comment'],
                                        'text'      => $this->mParams['text'],
                                        'watch'     => $watch,
-                                       'session'   => 
$this->getRequest()->exportUserSession(),
-                                       'userid'    => $this->getUser()->getId()
+                                       'session'   => 
$this->getContext()->exportSession()
                                )
                        ) );
                        if ( $ok ) {
diff --git a/includes/context/RequestContext.php 
b/includes/context/RequestContext.php
index 60c8cd3..35b39c9 100644
--- a/includes/context/RequestContext.php
+++ b/includes/context/RequestContext.php
@@ -393,15 +393,31 @@
        }
 
        /**
-        * Import the resolved user IP, HTTP headers, and session ID.
+        * Export the resolved user IP, HTTP headers, user ID, and session ID.
+        * The result will be reasonably sized to allow for serialization.
+        *
+        * @return Array
+        * @since 1.21
+        */
+       public function exportSession() {
+               return array(
+                       'ip'        => $this->getRequest()->getIP(),
+                       'headers'   => $this->getRequest()->getAllHeaders(),
+                       'sessionId' => session_id(),
+                       'userId'    => $this->getUser()->getId()
+               );
+       }
+
+       /**
+        * Import the resolved user IP, HTTP headers, user ID, and session ID.
         * This sets the current session and sets $wgUser and $wgRequest.
         * Once the return value falls out of scope, the old context is 
restored.
         * This function can only be called within CLI mode scripts.
         *
         * This will setup the session from the given ID. This is useful when
-        * background scripts inherit some context when acting on behalf of a 
user.
+        * background scripts inherit context when acting on behalf of a user.
         *
-        * $param array $params Result of WebRequest::exportUserSession()
+        * $param array $params Result of RequestContext::exportSession()
         * @return ScopedCallback
         * @throws MWException
         * @since 1.21
@@ -434,13 +450,13 @@
                        // Set the current context to use the new WebRequest
                        $context->setRequest( $request );
                        $wgRequest = $context->getRequest(); // b/c
-                       // Set the current user based on the new session and 
WebRequest
-                       $context->setUser( User::newFromSession( $request ) ); 
// uses $_SESSION
+                       // Set the current user based on the new session
+                       $context->setUser( User::newFromId( $params['userId'] ) 
);
                        $wgUser = $context->getUser(); // b/c
                };
 
                // Stash the old session and load in the new one
-               $oldParams = self::getMain()->getRequest()->exportUserSession();
+               $oldParams = self::getMain()->exportSession();
                $importSessionFunction( $params );
 
                // Set callback to save and close the new session and reload 
the old one
diff --git a/includes/job/jobs/AssembleUploadChunksJob.php 
b/includes/job/jobs/AssembleUploadChunksJob.php
index f243b0c..c5dd9ea 100644
--- a/includes/job/jobs/AssembleUploadChunksJob.php
+++ b/includes/job/jobs/AssembleUploadChunksJob.php
@@ -37,7 +37,7 @@
                $context = RequestContext::getMain();
                try {
                        $user = $context->getUser();
-                       if ( !$user->isLoggedIn() || $user->getId() != 
$this->params['userid'] ) {
+                       if ( !$user->isLoggedIn() ) {
                                $this->setLastError( "Could not load the author 
user from session." );
                                return false;
                        }
diff --git a/includes/job/jobs/PublishStashedFileJob.php 
b/includes/job/jobs/PublishStashedFileJob.php
index 87dffc9..d3feda2 100644
--- a/includes/job/jobs/PublishStashedFileJob.php
+++ b/includes/job/jobs/PublishStashedFileJob.php
@@ -37,7 +37,7 @@
                $context = RequestContext::getMain();
                try {
                        $user = $context->getUser();
-                       if ( !$user->isLoggedIn() || $user->getId() != 
$this->params['userid'] ) {
+                       if ( !$user->isLoggedIn() ) {
                                $this->setLastError( "Could not load the author 
user from session." );
                                return false;
                        }

-- 
To view, visit https://gerrit.wikimedia.org/r/53882
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I543e6766f7a8a828ea5d270328c3bc7738c6fe94
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Aaron Schulz <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to