Also update createAndPromote.php to use it so it can display errors.
Note that there are two possible approaches. The other is to
do the update for all requests for which the test passed,
even if some tests fail. The approach of the patch seems
more manageable from the caller's point of view
(either the operation was a success, or it failed and
nothing happened).
Change-Id: I86abed4b80472cd888337444fac0cbcb870b1246
throw new LogicException( 'Cannot set a password for a user that is not in the database.' );
}
- $data = [
+ $status = $this->changeAuthenticationData( [
'username' => $this->getName(),
'password' => $str,
'retype' => $str,
- ];
- $reqs = $manager->getAuthenticationRequests( AuthManager::ACTION_CHANGE, $this );
- $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
- foreach ( $reqs as $req ) {
- $status = $manager->allowsAuthenticationDataChange( $req );
- if ( !$status->isGood() ) {
- \MediaWiki\Logger\LoggerFactory::getInstance( 'authentication' )
- ->info( __METHOD__ . ': Password change rejected: ' . $status->getWikiText() );
- return false;
- }
- }
- foreach ( $reqs as $req ) {
- $manager->changeAuthenticationData( $req );
+ ] );
+ if ( !$status->isGood() ) {
+ \MediaWiki\Logger\LoggerFactory::getInstance( 'authentication' )
+ ->info( __METHOD__ . ': Password change rejected: '
+ . $status->getWikiText( null, null, 'en' ) );
+ return false;
}
$this->setOption( 'watchlisttoken', false );
return true;
}
+ /**
+ * Changes credentials of the user.
+ *
+ * This is a convenience wrapper around AuthManager::changeAuthenticationData.
+ * Note that this can return a status that isOK() but not isGood() on certain types of failures,
+ * e.g. when no provider handled the change.
+ *
+ * @param array $data A set of authentication data in fieldname => value format. This is the
+ * same data you would pass the changeauthenticationdata API - 'username', 'password' etc.
+ * @return Status
+ * @since 1.27
+ */
+ public function changeAuthenticationData( array $data ) {
+ global $wgDisableAuthManager;
+ if ( $wgDisableAuthManager ) {
+ throw new LogicException( __METHOD__ . ' cannot be called when $wgDisableAuthManager '
+ . 'is true' );
+ }
+
+ $manager = AuthManager::singleton();
+ $reqs = $manager->getAuthenticationRequests( AuthManager::ACTION_CHANGE, $this );
+ $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
+
+ $status = Status::newGood( 'ignored' );
+ foreach ( $reqs as $req ) {
+ $status->merge( $manager->allowsAuthenticationDataChange( $req ), true );
+ }
+ if ( $status->getValue() === 'ignored' ) {
+ $status->warning( 'authenticationdatachange-ignored' );
+ }
+
+ if ( $status->isGood() ) {
+ foreach ( $reqs as $req ) {
+ $manager->changeAuthenticationData( $req );
+ }
+ }
+ return $status;
+ }
+
/**
* Get the user's current token.
* @param bool $forceCreation Force the generation of a new token if the
"linkaccounts-success-text": "The account was linked.",
"linkaccounts-submit": "Link accounts",
"unlinkaccounts": "Unlink accounts",
- "unlinkaccounts-success": "The account was unlinked."
+ "unlinkaccounts-success": "The account was unlinked.",
+ "authenticationdatachange-ignored": "The authentication data change was not handled. Maybe no provider was configured?"
}
"linkaccounts-success-text": "Text shown on top of the form after a successful action.",
"linkaccounts-submit": "Text of the main submit button on [[Special:LinkAccounts]] (when there is one)",
"unlinkaccounts": "Title of the special page [[Special:UnlinkAccounts]] which allows the user to remove linked remote accounts.",
- "unlinkaccounts-success": "Account unlinking form success message"
+ "unlinkaccounts-success": "Account unlinking form success message",
+ "authenticationdatachange-ignored": "Shown when authentication data change was unsuccessful due to configuration problems."
}
}
public function execute() {
+ global $wgDisableAuthManager;
+
if ( $this->hasOption( "user" ) ) {
$user = User::newFromName( $this->getOption( 'user' ) );
} elseif ( $this->hasOption( "userid" ) ) {
if ( !$user || !$user->getId() ) {
$this->error( "No such user: " . $this->getOption( 'user' ), true );
}
+ $password = $this->getOption( 'password' );
try {
- $user->setPassword( $this->getOption( 'password' ) );
+ if ( $wgDisableAuthManager ) {
+ $user->setPassword( $password );
+ } else {
+ $status = $user->changeAuthenticationData( [
+ 'username' => $user->getName(),
+ 'password' => $password,
+ 'retype' => $password,
+ ] );
+ if ( !$status->isGood() ) {
+ throw new PasswordError( $status->getWikiText( null, null, 'en' ) );
+ }
+ }
$user->saveSettings();
$this->output( "Password set for " . $user->getName() . "\n" );
} catch ( PasswordError $pwe ) {
}
public function execute() {
+ global $wgDisableAuthManager;
+
$username = $this->getArg( 0 );
$password = $this->getArg( 1 );
$force = $this->hasOption( 'force' );
if ( $password ) {
# Try to set the password
try {
- $user->setPassword( $password );
+ if ( $wgDisableAuthManager ) {
+ $user->setPassword( $password );
+ } else {
+ $status = $user->changeAuthenticationData( [
+ 'username' => $user->getName(),
+ 'password' => $password,
+ 'retype' => $password,
+ ] );
+ if ( !$status->isGood() ) {
+ throw new PasswordError( $status->getWikiText( null, null, 'en' ) );
+ }
+ }
if ( $exists ) {
$this->output( "Password set.\n" );
$user->saveSettings();