// overwriting mBlockedby, surely?
$this->load();
+ // TODO: Block checking shouldn't really be done from the User object. Block
+ // checking can involve checking for IP blocks, cookie blocks, and/or XFF blocks,
+ // which need more knowledge of the request context than the User should have.
+ // Since we do currently check blocks from the User, we have to do the following
+ // here:
+ // - Check if this is the user associated with the main request
+ // - If so, pass the relevant request information to the block manager
+ $request = null;
+
+ // The session user is set up towards the end of Setup.php. Until then,
+ // assume it's a logged-out user.
+ $sessionUser = RequestContext::getMain()->getUser();
+ $globalUserName = $sessionUser->isSafeToLoad()
+ ? $sessionUser->getName()
+ : IP::sanitizeIP( $sessionUser->getRequest()->getIP() );
+
+ if ( $this->getName() === $globalUserName ) {
+ // This is the global user, so we need to pass the request
+ $request = $this->getRequest();
+ }
+
// @phan-suppress-next-line PhanAccessMethodInternal It's the only allowed use
$block = MediaWikiServices::getInstance()->getBlockManager()->getUserBlock(
$this,
+ $request,
$fromReplica
);
// Avoid PHP 7.1 warning of passing $this by reference
$thisUser = $this;
// Extensions
- Hooks::run( 'GetBlockedStatus', [ &$thisUser ] );
+ Hooks::run( 'GetBlockedStatus', [ &$thisUser ], '1.34' );
}
/**
if ( !$this->mHideName ) {
// Reset for hook
$this->mHideName = false;
- Hooks::run( 'UserIsHidden', [ $this, &$this->mHideName ] );
+ Hooks::run( 'UserIsHidden', [ $this, &$this->mHideName ], '1.34' );
}
return (bool)$this->mHideName;
}
}
}
- /**
- * Set the password for a password reminder or new account email
- *
- * @deprecated Removed in 1.27. Use PasswordReset instead.
- * @param string $str New password to set or null to set an invalid
- * password hash meaning that the user will not be able to use it
- * @param bool $throttle If true, reset the throttle timestamp to the present
- */
- public function setNewpassword( $str, $throttle = true ) {
- throw new BadMethodCallException( __METHOD__ . ' has been removed in 1.27' );
- }
-
/**
* Get the user's e-mail address
* @return string User's email address
$this->setNewtalk( false );
// If there is a new, unseen, revision, use its timestamp
- $nextid = $oldid
- ? $title->getNextRevisionID( $oldid, Title::GAID_FOR_UPDATE )
- : null;
- if ( $nextid ) {
- $this->setNewtalk( true, Revision::newFromId( $nextid ) );
+ if ( $oldid ) {
+ $rl = MediaWikiServices::getInstance()->getRevisionLookup();
+ $oldRev = $rl->getRevisionById( $oldid, Title::READ_LATEST );
+ if ( $oldRev ) {
+ $newRev = $rl->getNextRevision( $oldRev );
+ if ( $newRev ) {
+ // TODO: actually no need to wrap in a revision,
+ // setNewtalk really only needs a RevRecord
+ $this->setNewtalk( true, new Revision( $newRev ) );
+ }
+ }
}
} );
}
'password' => $password,
]
);
- $res = AuthManager::singleton()->beginAuthentication( $reqs, 'null:' );
+ $res = $manager->beginAuthentication( $reqs, 'null:' );
switch ( $res->status ) {
case AuthenticationResponse::PASS:
return true;
case AuthenticationResponse::FAIL:
// Hope it's not a PreAuthenticationProvider that failed...
- \MediaWiki\Logger\LoggerFactory::getInstance( 'authentication' )
+ LoggerFactory::getInstance( 'authentication' )
->info( __METHOD__ . ': Authentication failed: ' . $res->message->plain() );
return false;
default: