[MediaWiki-commits] [Gerrit] mediawiki...PluggableAuth[master]: Fixed whitelist issue for non-English wikis.
jenkins-bot has submitted this change and it was merged.
Change subject: Fixed whitelist issue for non-English wikis.
..
Fixed whitelist issue for non-English wikis.
Change-Id: I77fe4d8c66df632b8a9c647ab3e69ac7f2fb86be
---
M PluggableAuthHooks.php
M ext.PluggableAuthAutoLogin.js
M extension.json
3 files changed, 77 insertions(+), 62 deletions(-)
Approvals:
Cicalese: Looks good to me, approved
jenkins-bot: Verified
diff --git a/PluggableAuthHooks.php b/PluggableAuthHooks.php
index cccd09d..d550b8a 100644
--- a/PluggableAuthHooks.php
+++ b/PluggableAuthHooks.php
@@ -27,15 +27,12 @@
/**
* Implements extension registration callback.
* See
https://www.mediawiki.org/wiki/Manual:Extension_registration#Customizing_registration
+* Removes password providers if local login is not enabled.
*
* @since 2.0
*
*/
public static function onRegistration() {
- if ( !$GLOBALS['wgWhitelistRead'] ) {
- $GLOBALS['wgWhitelistRead'] = [];
- }
- $GLOBALS['wgWhitelistRead'][] = 'Special:PluggableAuthLogin';
if ( $GLOBALS['wgPluggableAuth_EnableLocalLogin'] ) {
return;
}
@@ -56,8 +53,30 @@
/**
*
+* Implements TitleReadWhitelist hook.
+* See https://www.mediawiki.org/wiki/Manual:Hooks/TitleReadWhitelist
+* Adds PluggableAuth login special pages to whitelist.
+*
+* @since 2.0
+*
+*/
+ public static function onTitleReadWhitelist( $title, $user,
&$whitelisted ) {
+ $loginSpecialPages =
ExtensionRegistry::getInstance()->getAttribute(
+ 'PluggableAuthLoginSpecialPages' );
+ foreach ( $loginSpecialPages as $page ) {
+ if ( $title->isSpecial( $page ) ) {
+ $whitelisted = true;
+ return true;
+ }
+ }
+ return true;
+ }
+
+ /**
+*
* Implements AuthChangeFormFields hook.
* See https://www.mediawiki.org/wiki/Manual:Hooks/AuthChangeFormFields
+* Moves login button to bottom of form.
*
* @since 2.0
*
@@ -76,6 +95,7 @@
/**
* Implements UserLogoutComplete hook.
* See https://www.mediawiki.org/wiki/Manual:Hooks/UserLogoutComplete
+* Calls deauthenticate hook in authentication plugin.
*
* @since 2.0
*
@@ -100,6 +120,15 @@
/**
* Implements BeforePageDisplay hook.
+* Adds auto login JavaScript module if all of the following are true:
+* - auto login is enabled
+* - no user is already logged in
+* - the current page is not a PluggableAuth login special page (which
would
+* cause an infinite loop)
+* - if the wiki requires login to read, the current page is
whitelisted (in
+* other words, users than cannot login to a wiki that requires login
to
+* read will still be able to read whitelisted pages, since those
pages
+* will not trigger auto login).
*
* @since 2.0
*
@@ -107,15 +136,31 @@
* @param Skin $skin
*/
public static function autoLoginInit( &$out, &$skin ) {
- if ( $GLOBALS['wgPluggableAuth_EnableAutoLogin'] ) {
- $out->addModules( 'ext.PluggableAuthAutoLogin' );
+ if ( !$GLOBALS['wgPluggableAuth_EnableAutoLogin'] ) {
+ return true;
}
+ if ( !$out->getUser()->isAnon() ) {
+ return true;
+ }
+ $loginSpecialPages =
ExtensionRegistry::getInstance()->getAttribute(
+ 'PluggableAuthLoginSpecialPages' );
+ $title = $out->getTitle();
+ foreach ( $loginSpecialPages as $page ) {
+ if ( $title->isSpecial( $page ) ) {
+ return true;
+ }
+ }
+ if ( !User::isEveryoneAllowed( 'read' ) && $title->userCan(
'read' ) ) {
+ return true;
+ }
+ $out->addModules( 'ext.PluggableAuthAutoLogin' );
return true;
}
/**
* Implements PersonalUrls hook.
* See https://www.mediawiki.org/wiki/Manual:Hooks/PersonalUrls
+* Removes logout link from skin if auto login is enabled.
*
* @since 1.0
*
@@ -129,17 +174,5 @@
unset( $personal_urls['logout'] );
}
return true;
- }
-
- /**
-* Implements ResourceLoaderGetConfigVars hook.
-* See
https://www.mediawiki
[MediaWiki-commits] [Gerrit] mediawiki...PluggableAuth[master]: Fixed whitelist issue for non-English wikis.
Cicalese has uploaded a new change for review.
https://gerrit.wikimedia.org/r/315502
Change subject: Fixed whitelist issue for non-English wikis.
..
Fixed whitelist issue for non-English wikis.
Change-Id: I77fe4d8c66df632b8a9c647ab3e69ac7f2fb86be
---
M PluggableAuthHooks.php
M ext.PluggableAuthAutoLogin.js
M extension.json
3 files changed, 44 insertions(+), 65 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/PluggableAuth
refs/changes/02/315502/1
diff --git a/PluggableAuthHooks.php b/PluggableAuthHooks.php
index cccd09d..9fc09f8 100644
--- a/PluggableAuthHooks.php
+++ b/PluggableAuthHooks.php
@@ -25,17 +25,17 @@
class PluggableAuthHooks {
/**
-* Implements extension registration callback.
-* See
https://www.mediawiki.org/wiki/Manual:Extension_registration#Customizing_registration
+* Implements extension function.
+* See https://www.mediawiki.org/wiki/Manual:$wgExtensionFunctions
+* Adds localized name of PluggableAuthLogin special page to whitelist.
+* Removes password providers if local login is not enabled.
*
* @since 2.0
*
*/
- public static function onRegistration() {
- if ( !$GLOBALS['wgWhitelistRead'] ) {
- $GLOBALS['wgWhitelistRead'] = [];
- }
- $GLOBALS['wgWhitelistRead'][] = 'Special:PluggableAuthLogin';
+ public static function extensionFunction() {
+ $title = Title::newFromText( 'PluggableAuthLogin', NS_SPECIAL );
+ $GLOBALS['wgWhitelistRead'][] = $title->getPrefixedText();
if ( $GLOBALS['wgPluggableAuth_EnableLocalLogin'] ) {
return;
}
@@ -58,6 +58,7 @@
*
* Implements AuthChangeFormFields hook.
* See https://www.mediawiki.org/wiki/Manual:Hooks/AuthChangeFormFields
+* Moves login button to bottom of form.
*
* @since 2.0
*
@@ -76,6 +77,7 @@
/**
* Implements UserLogoutComplete hook.
* See https://www.mediawiki.org/wiki/Manual:Hooks/UserLogoutComplete
+* Calls deauthenticate hook in authentication plugin.
*
* @since 2.0
*
@@ -100,6 +102,8 @@
/**
* Implements BeforePageDisplay hook.
+* Adds auto login JavaScript module if auto login is enabled, no user
is
+* logged in, and the current page is not whitelisted.
*
* @since 2.0
*
@@ -107,7 +111,13 @@
* @param Skin $skin
*/
public static function autoLoginInit( &$out, &$skin ) {
- if ( $GLOBALS['wgPluggableAuth_EnableAutoLogin'] ) {
+ if ( $GLOBALS['wgPluggableAuth_EnableAutoLogin'] &&
+ $out->getUser()->isAnon() ) {
+ $page = $out->getTitle()->getPrefixedText();
+ $whitelist = $GLOBALS['wgWhitelistRead'];
+ if ( in_array( $page, $whitelist ) ) {
+ return true;
+ }
$out->addModules( 'ext.PluggableAuthAutoLogin' );
}
return true;
@@ -116,6 +126,7 @@
/**
* Implements PersonalUrls hook.
* See https://www.mediawiki.org/wiki/Manual:Hooks/PersonalUrls
+* Removes logout link from skin if auto login is enabled.
*
* @since 1.0
*
@@ -129,17 +140,5 @@
unset( $personal_urls['logout'] );
}
return true;
- }
-
- /**
-* Implements ResourceLoaderGetConfigVars hook.
-* See
https://www.mediawiki.org/wiki/Manual:Hooks/ResourceLoaderGetConfigVars
-*
-* @since 2.0
-*
-* @param array &$vars
-*/
- public static function onResourceLoaderGetConfigVars( array &$vars ) {
- $vars['wgWhitelistRead'] = $GLOBALS['wgWhitelistRead'];
}
}
diff --git a/ext.PluggableAuthAutoLogin.js b/ext.PluggableAuthAutoLogin.js
index cf5f12c..990c78f 100644
--- a/ext.PluggableAuthAutoLogin.js
+++ b/ext.PluggableAuthAutoLogin.js
@@ -21,56 +21,35 @@
*/
( function ( mw ) {
- // Are we already logged in?
- if ( mw.config.get( 'wgUserName' ) !== null ) {
- return;
- }
-
- var pageName = mw.config.get( 'wgPageName' );
- var namespace = mw.config.get( 'wgCanonicalNamespace' );
- if ( namespace === 'Special' ) {
- var specialPageName = mw.config.get(
'wgCanonicalSpecialPageName' );
- if ( specialPageName === 'Userlogin' || pageName ===
'Special:UserLogin' ) {
- return;
- } else if ( specialPageName === 'Badtitle' || pageName ===
'Special:Badtitle' ) {
- pageName = null;
-
