Nostalgia was moved to an extension.
* Event namespace used by jquery.makeCollapsible has been changed from
'mw-collapse' to 'mw-collapsible' for consistency with the module name.
+* BREAKING CHANGE: The "ExternalAuth" authentication subsystem was removed, along
+ with its associated globals of $wgExternalAuthType, $wgExternalAuthConf,
+ $wgAutocreatePolicy and $wgAllowPrefChange. Affected users are encouraged to
+ use AuthPlugin for external authentication/authorization needs.
== Compatibility ==
'ExternalStoreHttp' => 'includes/externalstore/ExternalStoreHttp.php',
'ExternalStoreMedium' => 'includes/externalstore/ExternalStoreMedium.php',
'ExternalStoreMwstore' => 'includes/externalstore/ExternalStoreMwstore.php',
- 'ExternalUser' => 'includes/ExternalUser.php',
'FakeTitle' => 'includes/FakeTitle.php',
'Fallback' => 'includes/Fallback.php',
'FatalError' => 'includes/Exception.php',
'WikiDiff3' => 'includes/diff/WikiDiff3.php',
'WordLevelDiff' => 'includes/diff/DairikiDiff.php',
- # includes/extauth
- 'ExternalUser_Hardcoded' => 'includes/extauth/Hardcoded.php',
- 'ExternalUser_MediaWiki' => 'includes/extauth/MediaWiki.php',
- 'ExternalUser_vB' => 'includes/extauth/vB.php',
-
# includes/filebackend
'FileBackendGroup' => 'includes/filebackend/FileBackendGroup.php',
'FileBackend' => 'includes/filebackend/FileBackend.php',
*/
$wgUserrightsInterwikiDelimiter = '@';
-/**
- * Use some particular type of external authentication. The specific
- * authentication module you use will normally require some extra settings to
- * be specified.
- *
- * null indicates no external authentication is to be used. Otherwise,
- * $wgExternalAuthType must be the name of a non-abstract class that extends
- * ExternalUser.
- *
- * Core authentication modules can be found in includes/extauth/.
- */
-$wgExternalAuthType = null;
-
-/**
- * Configuration for the external authentication. This may include arbitrary
- * keys that depend on the authentication mechanism. For instance,
- * authentication against another web app might require that the database login
- * info be provided. Check the file where your auth mechanism is defined for
- * info on what to put here.
- */
-$wgExternalAuthConf = array();
-
-/**
- * When should we automatically create local accounts when external accounts
- * already exist, if using ExternalAuth? Can have three values: 'never',
- * 'login', 'view'. 'view' requires the external database to support cookies,
- * and implies 'login'.
- *
- * TODO: Implement 'view' (currently behaves like 'login').
- */
-$wgAutocreatePolicy = 'login';
-
-/**
- * Policies for how each preference is allowed to be changed, in the presence
- * of external authentication. The keys are preference keys, e.g., 'password'
- * or 'emailaddress' (see Preferences.php et al.). The value can be one of the
- * following:
- *
- * - local: Allow changes to this pref through the wiki interface but only
- * apply them locally (default).
- * - semiglobal: Allow changes through the wiki interface and try to apply them
- * to the foreign database, but continue on anyway if that fails.
- * - global: Allow changes through the wiki interface, but only let them go
- * through if they successfully update the foreign database.
- * - message: Allow no local changes for linked accounts; replace the change
- * form with a message provided by the auth plugin, telling the user how to
- * change the setting externally (maybe providing a link, etc.). If the auth
- * plugin provides no message for this preference, hide it entirely.
- *
- * Accounts that are not linked to an external account are never affected by
- * this setting. You may want to look at $wgHiddenPrefs instead.
- * $wgHiddenPrefs supersedes this option.
- *
- * TODO: Implement message, global.
- */
-$wgAllowPrefChange = array();
-
/**
* This is to let user authenticate using https when they come from http.
* Based on an idea by George Herbert on wikitech-l:
+++ /dev/null
-<?php
-/**
- * Authentication with a foreign database
- *
- * Copyright © 2009 Aryeh Gregor
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- * http://www.gnu.org/copyleft/gpl.html
- *
- * @file
- */
-
-/**
- * @defgroup ExternalUser ExternalUser
- */
-
-/**
- * A class intended to supplement, and perhaps eventually replace, AuthPlugin.
- * See: http://www.mediawiki.org/wiki/ExternalAuth
- *
- * The class represents a user whose data is in a foreign database. The
- * database may have entirely different conventions from MediaWiki, but it's
- * assumed to at least support the concept of a user id (possibly not an
- * integer), a user name (possibly not meeting MediaWiki's username
- * requirements), and a password.
- *
- * @ingroup ExternalUser
- */
-abstract class ExternalUser {
- protected function __construct() {}
-
- /**
- * Wrappers around initFrom*().
- */
-
- /**
- * @param $name string
- * @return mixed ExternalUser, or false on failure
- */
- public static function newFromName( $name ) {
- global $wgExternalAuthType;
- if ( is_null( $wgExternalAuthType ) ) {
- return false;
- }
- $obj = new $wgExternalAuthType;
- if ( !$obj->initFromName( $name ) ) {
- return false;
- }
- return $obj;
- }
-
- /**
- * @param $id string
- * @return mixed ExternalUser, or false on failure
- */
- public static function newFromId( $id ) {
- global $wgExternalAuthType;
- if ( is_null( $wgExternalAuthType ) ) {
- return false;
- }
- $obj = new $wgExternalAuthType;
- if ( !$obj->initFromId( $id ) ) {
- return false;
- }
- return $obj;
- }
-
- /**
- * @return mixed ExternalUser, or false on failure
- */
- public static function newFromCookie() {
- global $wgExternalAuthType;
- if ( is_null( $wgExternalAuthType ) ) {
- return false;
- }
- $obj = new $wgExternalAuthType;
- if ( !$obj->initFromCookie() ) {
- return false;
- }
- return $obj;
- }
-
- /**
- * Creates the object corresponding to the given User object, assuming the
- * user exists on the wiki and is linked to an external account. If either
- * of these is false, this will return false.
- *
- * This is a wrapper around newFromId().
- *
- * @param $user User
- * @return ExternalUser|bool False on failure
- */
- public static function newFromUser( $user ) {
- global $wgExternalAuthType;
- if ( is_null( $wgExternalAuthType ) ) {
- # Short-circuit to avoid database query in common case so no one
- # kills me
- return false;
- }
-
- $dbr = wfGetDB( DB_SLAVE );
- $id = $dbr->selectField( 'external_user', 'eu_external_id',
- array( 'eu_local_id' => $user->getId() ), __METHOD__ );
- if ( $id === false ) {
- return false;
- }
- return self::newFromId( $id );
- }
-
- /**
- * Given a name, which is a string exactly as input by the user in the
- * login form but with whitespace stripped, initialize this object to be
- * the corresponding ExternalUser. Return true if successful, otherwise
- * false.
- *
- * @param $name string
- * @return bool Success?
- */
- abstract protected function initFromName( $name );
-
- /**
- * Given an id, which was at some previous point in history returned by
- * getId(), initialize this object to be the corresponding ExternalUser.
- * Return true if successful, false otherwise.
- *
- * @param $id string
- * @return bool Success?
- */
- abstract protected function initFromId( $id );
-
- /**
- * Try to magically initialize the user from cookies or similar information
- * so he or she can be logged in on just viewing the wiki. If this is
- * impossible to do, just return false.
- *
- * TODO: Actually use this.
- *
- * @return bool Success?
- */
- protected function initFromCookie() {
- return false;
- }
-
- /**
- * This must return some identifier that stably, uniquely identifies the
- * user. In a typical web application, this could be an integer
- * representing the "user id". In other cases, it might be a string. In
- * any event, the return value should be a string between 1 and 255
- * characters in length; must uniquely identify the user in the foreign
- * database; and, if at all possible, should be permanent.
- *
- * This will only ever be used to reconstruct this ExternalUser object via
- * newFromId(). The resulting object in that case should correspond to the
- * same user, even if details have changed in the interim (e.g., renames or
- * preference changes).
- *
- * @return string
- */
- abstract public function getId();
-
- /**
- * This must return the name that the user would normally use for login to
- * the external database. It is subject to no particular restrictions
- * beyond rudimentary sanity, and in particular may be invalid as a
- * MediaWiki username. It's used to auto-generate an account name that
- * *is* valid for MediaWiki, either with or without user input, but
- * basically is only a hint.
- *
- * @return string
- */
- abstract public function getName();
-
- /**
- * Is the given password valid for the external user? The password is
- * provided in plaintext.
- *
- * @param $password string
- * @return bool
- */
- abstract public function authenticate( $password );
-
- /**
- * Retrieve the value corresponding to the given preference key. The most
- * important values are:
- *
- * - emailaddress
- * - language
- *
- * The value must meet MediaWiki's requirements for values of this type,
- * and will be checked for validity before use. If the preference makes no
- * sense for the backend, or it makes sense but is unset for this user, or
- * is unrecognized, return null.
- *
- * $pref will never equal 'password', since passwords are usually hashed
- * and cannot be directly retrieved. authenticate() is used for this
- * instead.
- *
- * TODO: Currently this is only called for 'emailaddress'; generalize! Add
- * some config option to decide which values are grabbed on user
- * initialization.
- *
- * @param $pref string
- * @return mixed
- */
- public function getPref( $pref ) {
- return null;
- }
-
- /**
- * Return an array of identifiers for all the foreign groups that this user
- * has. The identifiers are opaque objects that only need to be
- * specifiable by the administrator in LocalSettings.php when configuring
- * $wgAutopromote. They may be, for instance, strings or integers.
- *
- * TODO: Support this in $wgAutopromote.
- *
- * @return array
- */
- public function getGroups() {
- return array();
- }
-
- /**
- * Given a preference key (e.g., 'emailaddress'), provide an HTML message
- * telling the user how to change it in the external database. The
- * administrator has specified that this preference cannot be changed on
- * the wiki, and may only be changed in the foreign database. If no
- * message is available, such as for an unrecognized preference, return
- * false.
- *
- * TODO: Use this somewhere.
- *
- * @param $pref string
- * @return mixed String or false
- */
- public static function getPrefMessage( $pref ) {
- return false;
- }
-
- /**
- * Set the given preference key to the given value. Two important
- * preference keys that you might want to implement are 'password' and
- * 'emailaddress'. If the set fails, such as because the preference is
- * unrecognized or because the external database can't be changed right
- * now, return false. If it succeeds, return true.
- *
- * If applicable, you should make sure to validate the new value against
- * any constraints the external database may have, since MediaWiki may have
- * more limited constraints (e.g., on password strength).
- *
- * TODO: Untested.
- *
- * @param $key string
- * @param $value string
- * @return bool Success?
- */
- public static function setPref( $key, $value ) {
- return false;
- }
-
- /**
- * Create a link for future reference between this object and the provided
- * user_id. If the user was already linked, the old link will be
- * overwritten.
- *
- * This is part of the core code and is not overridable by specific
- * plugins. It's in this class only for convenience.
- *
- * @param int $id user_id
- */
- final public function linkToLocal( $id ) {
- $dbw = wfGetDB( DB_MASTER );
- $dbw->replace( 'external_user',
- array( 'eu_local_id', 'eu_external_id' ),
- array( 'eu_local_id' => $id,
- 'eu_external_id' => $this->getId() ),
- __METHOD__ );
- }
-
- /**
- * Check whether this external user id is already linked with
- * a local user.
- * @return Mixed User if the account is linked, Null otherwise.
- */
- final public function getLocalUser() {
- $dbr = wfGetDB( DB_SLAVE );
- $row = $dbr->selectRow(
- 'external_user',
- '*',
- array( 'eu_external_id' => $this->getId() )
- );
- return $row
- ? User::newFromId( $row->eu_local_id )
- : null;
- }
-
-}
* @return Bool True if the user is logged in, false otherwise.
*/
private function loadFromSession() {
- global $wgExternalAuthType, $wgAutocreatePolicy;
-
$result = null;
wfRunHooks( 'UserLoadFromSession', array( $this, &$result ) );
if ( $result !== null ) {
return $result;
}
- if ( $wgExternalAuthType && $wgAutocreatePolicy == 'view' ) {
- $extUser = ExternalUser::newFromCookie();
- if ( $extUser ) {
- # TODO: Automatically create the user here (or probably a bit
- # lower down, in fact)
- }
- }
-
$request = $this->getRequest();
$cookieId = $request->getCookie( 'UserID' );
* @todo document
*/
protected function saveOptions() {
- global $wgAllowPrefChange;
-
$this->loadOptions();
// Not using getOptions(), to keep hidden preferences in database
return;
}
- $extuser = ExternalUser::newFromUser( $this );
$userId = $this->getId();
$insert_rows = array();
foreach( $saveOptions as $key => $value ) {
'up_value' => $value,
);
}
- if ( $extuser && isset( $wgAllowPrefChange[$key] ) ) {
- switch ( $wgAllowPrefChange[$key] ) {
- case 'local':
- case 'message':
- break;
- case 'semiglobal':
- case 'global':
- $extuser->setPref( $key, $value );
- }
- }
}
$dbw = wfGetDB( DB_MASTER );
* an extension, et cetera). Do not use this to connect to the MediaWiki
* database. Example uses in core:
* @see LoadBalancer::reallyOpenConnection()
- * @see ExternalUser_MediaWiki::initFromCond()
* @see ForeignDBRepo::getMasterDB()
* @see WebInstaller_DBConnect::execute()
*
+++ /dev/null
-<?php
-/**
- * External authentication with hardcoded user names and passwords
- *
- * Copyright © 2009 Aryeh Gregor
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- * http://www.gnu.org/copyleft/gpl.html
- *
- * @file
- */
-
-/**
- * This class supports external authentication from a literal array dumped in
- * LocalSettings.php. It's mostly useful for testing. Example configuration:
- *
- * $wgExternalAuthType = 'ExternalUser_Hardcoded';
- * $wgExternalAuthConf = array(
- * 'Bob Smith' => array(
- * 'password' => 'literal string',
- * 'emailaddress' => 'bob@example.com',
- * ),
- * );
- *
- * Multiple names may be provided. The keys of the inner arrays can be either
- * 'password', or the name of any preference.
- *
- * @ingroup ExternalUser
- */
-class ExternalUser_Hardcoded extends ExternalUser {
- private $mName;
-
- protected function initFromName( $name ) {
- global $wgExternalAuthConf;
-
- if ( isset( $wgExternalAuthConf[$name] ) ) {
- $this->mName = $name;
- return true;
- }
- return false;
- }
-
- protected function initFromId( $id ) {
- return $this->initFromName( $id );
- }
-
- public function getId() {
- return $this->mName;
- }
-
- public function getName() {
- return $this->mName;
- }
-
- public function authenticate( $password ) {
- global $wgExternalAuthConf;
-
- return isset( $wgExternalAuthConf[$this->mName]['password'] )
- && $wgExternalAuthConf[$this->mName]['password'] == $password;
- }
-
- public function getPref( $pref ) {
- global $wgExternalAuthConf;
-
- if ( isset( $wgExternalAuthConf[$this->mName][$pref] ) ) {
- return $wgExternalAuthConf[$this->mName][$pref];
- }
- return null;
- }
-
- # TODO: Implement setPref() via regex on LocalSettings. (Just kidding.)
-}
+++ /dev/null
-<?php
-/**
- * External authentication with external MediaWiki database.
- *
- * Copyright © 2009 Aryeh Gregor
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- * http://www.gnu.org/copyleft/gpl.html
- *
- * @file
- */
-
-/**
- * This class supports authentication against an external MediaWiki database,
- * probably any version back to 1.5 or something. Example configuration:
- *
- * $wgExternalAuthType = 'ExternalUser_MediaWiki';
- * $wgExternalAuthConf = array(
- * 'DBtype' => 'mysql',
- * 'DBserver' => 'localhost',
- * 'DBname' => 'wikidb',
- * 'DBuser' => 'quasit',
- * 'DBpassword' => 'a5Cr:yf9u-6[{`g',
- * 'DBprefix' => '',
- * );
- *
- * All fields must be present. These mean the same things as $wgDBtype,
- * $wgDBserver, etc. This implementation is quite crude; it could easily
- * support multiple database servers, for instance, and memcached, and it
- * probably has bugs. Kind of hard to reuse code when things might rely on who
- * knows what configuration globals.
- *
- * If either wiki uses the UserComparePasswords hook, password authentication
- * might fail unexpectedly unless they both do the exact same validation.
- * There may be other corner cases like this where this will fail, but it
- * should be unlikely.
- *
- * @ingroup ExternalUser
- */
-class ExternalUser_MediaWiki extends ExternalUser {
- private $mRow;
-
- /**
- * @var DatabaseBase
- */
- private $mDb;
-
- /**
- * @param $name string
- * @return bool
- */
- protected function initFromName( $name ) {
- # We might not need the 'usable' bit, but let's be safe. Theoretically
- # this might return wrong results for old versions, but it's probably
- # good enough.
- $name = User::getCanonicalName( $name, 'usable' );
-
- if ( !is_string( $name ) ) {
- return false;
- }
-
- return $this->initFromCond( array( 'user_name' => $name ) );
- }
-
- /**
- * @param $id int
- * @return bool
- */
- protected function initFromId( $id ) {
- return $this->initFromCond( array( 'user_id' => $id ) );
- }
-
- /**
- * @param $cond array
- * @return bool
- */
- private function initFromCond( $cond ) {
- global $wgExternalAuthConf;
-
- $this->mDb = DatabaseBase::factory( $wgExternalAuthConf['DBtype'],
- array(
- 'host' => $wgExternalAuthConf['DBserver'],
- 'user' => $wgExternalAuthConf['DBuser'],
- 'password' => $wgExternalAuthConf['DBpassword'],
- 'dbname' => $wgExternalAuthConf['DBname'],
- 'tablePrefix' => $wgExternalAuthConf['DBprefix'],
- )
- );
-
- $row = $this->mDb->selectRow(
- 'user',
- array(
- 'user_name', 'user_id', 'user_password', 'user_email',
- 'user_email_authenticated'
- ),
- $cond,
- __METHOD__
- );
- if ( !$row ) {
- return false;
- }
- $this->mRow = $row;
-
- return true;
- }
-
- # TODO: Implement initFromCookie().
-
- public function getId() {
- return $this->mRow->user_id;
- }
-
- /**
- * @return string
- */
- public function getName() {
- return $this->mRow->user_name;
- }
-
- public function authenticate( $password ) {
- # This might be wrong if anyone actually uses the UserComparePasswords hook
- # (on either end), so don't use this if you those are incompatible.
- return User::comparePasswords( $this->mRow->user_password, $password,
- $this->mRow->user_id );
- }
-
- public function getPref( $pref ) {
- # @todo FIXME: Return other prefs too. Lots of global-riddled code that does
- # this normally.
- if ( $pref === 'emailaddress'
- && $this->row->user_email_authenticated !== null ) {
- return $this->mRow->user_email;
- }
- return null;
- }
-
- /**
- * @return array
- */
- public function getGroups() {
- # @todo FIXME: Untested.
- $groups = array();
- $res = $this->mDb->select(
- 'user_groups',
- 'ug_group',
- array( 'ug_user' => $this->mRow->user_id ),
- __METHOD__
- );
- foreach ( $res as $row ) {
- $groups[] = $row->ug_group;
- }
- return $groups;
- }
-
- # TODO: Implement setPref().
-}
+++ /dev/null
-<?php
-/**
- * External authentication with a vBulletin database.
- *
- * Copyright © 2009 Aryeh Gregor
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- * http://www.gnu.org/copyleft/gpl.html
- *
- * @file
- */
-
-/**
- * This class supports the proprietary vBulletin forum system
- * <http://www.vbulletin.com>, versions 3.5 and up. It calls no functions or
- * code, only reads from the database. Example lines to put in
- * LocalSettings.php:
- *
- * $wgExternalAuthType = 'ExternalUser_vB';
- * $wgExternalAuthConf = array(
- * 'server' => 'localhost',
- * 'username' => 'forum',
- * 'password' => 'udE,jSqDJ<""p=fI.K9',
- * 'dbname' => 'forum',
- * 'tablePrefix' => '',
- * 'cookieprefix' => 'bb'
- * );
- *
- * @ingroup ExternalUser
- */
-class ExternalUser_vB extends ExternalUser {
- private $mRow;
-
- protected function initFromName( $name ) {
- return $this->initFromCond( array( 'username' => $name ) );
- }
-
- protected function initFromId( $id ) {
- return $this->initFromCond( array( 'userid' => $id ) );
- }
-
- protected function initFromCookie() {
- # Try using the session table. It will only have a row if the user has
- # an active session, so it might not always work, but it's a lot easier
- # than trying to convince PHP to give us vB's $_SESSION.
- global $wgExternalAuthConf, $wgRequest;
- if ( !isset( $wgExternalAuthConf['cookieprefix'] ) ) {
- $prefix = 'bb';
- } else {
- $prefix = $wgExternalAuthConf['cookieprefix'];
- }
- if ( $wgRequest->getCookie( 'sessionhash', $prefix ) === null ) {
- return false;
- }
-
- $db = $this->getDb();
-
- $row = $db->selectRow(
- array( 'session', 'user' ),
- $this->getFields(),
- array(
- 'session.userid = user.userid',
- 'sessionhash' => $wgRequest->getCookie( 'sessionhash', $prefix ),
- ),
- __METHOD__
- );
- if ( !$row ) {
- return false;
- }
- $this->mRow = $row;
-
- return true;
- }
-
- private function initFromCond( $cond ) {
- $db = $this->getDb();
-
- $row = $db->selectRow(
- 'user',
- $this->getFields(),
- $cond,
- __METHOD__
- );
- if ( !$row ) {
- return false;
- }
- $this->mRow = $row;
-
- return true;
- }
-
- private function getDb() {
- global $wgExternalAuthConf;
- return DatabaseBase::factory( 'mysql',
- array(
- 'host' => $wgExternalAuthConf['server'],
- 'user' => $wgExternalAuthConf['username'],
- 'password' => $wgExternalAuthConf['password'],
- 'dbname' => $wgExternalAuthConf['dbname'],
- 'tablePrefix' => $wgExternalAuthConf['tablePrefix'],
- )
- );
- }
-
- private function getFields() {
- return array( 'user.userid', 'username', 'password', 'salt', 'email',
- 'usergroupid', 'membergroupids' );
- }
-
- public function getId() { return $this->mRow->userid; }
- public function getName() { return $this->mRow->username; }
-
- public function authenticate( $password ) {
- # vBulletin seemingly strips whitespace from passwords
- $password = trim( $password );
- return $this->mRow->password == md5( md5( $password )
- . $this->mRow->salt );
- }
-
- public function getPref( $pref ) {
- if ( $pref == 'emailaddress' && $this->mRow->email ) {
- # TODO: only return if validated?
- return $this->mRow->email;
- }
- return null;
- }
-
- public function getGroups() {
- $groups = array( $this->mRow->usergroupid );
- $groups = array_merge( $groups, explode( ',', $this->mRow->membergroupids ) );
- $groups = array_unique( $groups );
- return $groups;
- }
-}
array( 'doLogUsertextPopulation' ), # listed separately from the previous update because 1.16 was released without this update
array( 'doLogSearchPopulation' ),
array( 'addTable', 'l10n_cache', 'patch-l10n_cache.sql' ),
- array( 'addTable', 'external_user', 'patch-external_user.sql' ),
array( 'addIndex', 'log_search', 'ls_field_val', 'patch-log_search-rename-index.sql' ),
array( 'addIndex', 'change_tag', 'change_tag_rc_tag', 'patch-change_tag-indexes.sql' ),
array( 'addField', 'redirect', 'rd_interwiki', 'patch-rd_interwiki.sql' ),
array( 'doUpdateTranscacheField' ),
- array( 'renameEuWikiId' ),
array( 'doUpdateMimeMinorField' ),
// 1.17
return $this->applyPatch( 'patch-pl-tl-il-unique.sql', false, "Making pl_namespace, tl_namespace and il_to indices UNIQUE" );
}
- protected function renameEuWikiId() {
- if ( $this->db->fieldExists( 'external_user', 'eu_local_id', __METHOD__ ) ) {
- $this->output( "...eu_wiki_id already renamed to eu_local_id.\n" );
- return;
- }
-
- $this->applyPatch( 'patch-eu_local_id.sql', false, "Renaming eu_wiki_id -> eu_local_id" );
- }
-
protected function doUpdateMimeMinorField() {
if ( $this->updateRowExists( 'mime_minor_length' ) ) {
$this->output( "...*_mime_minor fields are already long enough.\n" );
array( 'addTable', 'module_deps', 'patch-module_deps.sql' ),
array( 'addTable', 'uploadstash', 'patch-uploadstash.sql' ),
array( 'addTable', 'user_former_groups','patch-user_former_groups.sql' ),
- array( 'addTable', 'external_user', 'patch-external_user.sql' ),
array( 'addTable', 'sites', 'patch-sites.sql' ),
# Needed before new field
array( 'doLogUsertextPopulation' ), # listed separately from the previous update because 1.16 was released without this update
array( 'doLogSearchPopulation' ),
array( 'addTable', 'l10n_cache', 'patch-l10n_cache.sql' ),
- array( 'addTable', 'external_user', 'patch-external_user.sql' ),
array( 'addIndex', 'log_search', 'ls_field_val', 'patch-log_search-rename-index.sql' ),
array( 'addIndex', 'change_tag', 'change_tag_rc_tag', 'patch-change_tag-indexes.sql' ),
array( 'addField', 'redirect', 'rd_interwiki', 'patch-rd_interwiki.sql' ),
var $mAbortLoginErrorMsg = 'login-abort-generic';
private $mLoaded = false;
- /**
- * @var ExternalUser
- */
- private $mExtUser = null;
-
/**
* @ var WebRequest
*/
$wgAuth->initUser( $u, $autocreate );
- if ( $this->mExtUser ) {
- $this->mExtUser->linkToLocal( $u->getId() );
- $email = $this->mExtUser->getPref( 'emailaddress' );
- if ( $email && !$this->mEmail ) {
- $u->setEmail( $email );
- }
- }
-
$u->setOption( 'rememberpassword', $this->mRemember ? 1 : 0 );
$u->saveSettings();
return self::SUCCESS;
}
- $this->mExtUser = ExternalUser::newFromName( $this->mUsername );
-
- # TODO: Allow some magic here for invalid external names, e.g., let the
- # user choose a different wiki name.
$u = User::newFromName( $this->mUsername );
if( !( $u instanceof User ) || !User::isUsableName( $u->getName() ) ) {
return self::ILLEGAL;
$isAutoCreated = true;
}
} else {
- global $wgExternalAuthType, $wgAutocreatePolicy;
- if ( $wgExternalAuthType && $wgAutocreatePolicy != 'never'
- && is_object( $this->mExtUser )
- && $this->mExtUser->authenticate( $this->mPassword )
- ) {
- # The external user and local user have the same name and
- # password, so we assume they're the same.
- $this->mExtUser->linkToLocal( $u->getID() );
- }
-
$u->load();
}
* @return integer Status code
*/
function attemptAutoCreate( $user ) {
- global $wgAuth, $wgAutocreatePolicy;
+ global $wgAuth;
if ( $this->getUser()->isBlockedFromCreateAccount() ) {
wfDebug( __METHOD__ . ": user is blocked from account creation\n" );
return self::CREATE_BLOCKED;
}
-
- /**
- * If the external authentication plugin allows it, automatically cre-
- * ate a new account for users that are externally defined but have not
- * yet logged in.
- */
- if ( $this->mExtUser ) {
- # mExtUser is neither null nor false, so use the new ExternalAuth
- # system.
- if ( $wgAutocreatePolicy == 'never' ) {
- return self::NOT_EXISTS;
- }
- if ( !$this->mExtUser->authenticate( $this->mPassword ) ) {
- return self::WRONG_PLUGIN_PASS;
- }
- } else {
- # Old AuthPlugin.
- if ( !$wgAuth->autoCreate() ) {
- return self::NOT_EXISTS;
- }
- if ( !$wgAuth->userExists( $user->getName() ) ) {
- wfDebug( __METHOD__ . ": user does not exist\n" );
- return self::NOT_EXISTS;
- }
- if ( !$wgAuth->authenticate( $user->getName(), $this->mPassword ) ) {
- wfDebug( __METHOD__ . ": \$wgAuth->authenticate() returned false, aborting\n" );
- return self::WRONG_PLUGIN_PASS;
- }
+ if ( !$wgAuth->autoCreate() ) {
+ return self::NOT_EXISTS;
+ }
+ if ( !$wgAuth->userExists( $user->getName() ) ) {
+ wfDebug( __METHOD__ . ": user does not exist\n" );
+ return self::NOT_EXISTS;
+ }
+ if ( !$wgAuth->authenticate( $user->getName(), $this->mPassword ) ) {
+ wfDebug( __METHOD__ . ": \$wgAuth->authenticate() returned false, aborting\n" );
+ return self::WRONG_PLUGIN_PASS;
}
$abortError = '';
+++ /dev/null
-ALTER TABLE /*_*/external_user
-CHANGE COLUMN eu_wiki_id
-eu_local_id int unsigned NOT NULL;
+++ /dev/null
-CREATE TABLE /*_*/external_user (
- -- Foreign key to user_id
- eu_local_id int unsigned NOT NULL PRIMARY KEY,
-
- -- Some opaque identifier provided by the external database
- eu_external_id varchar(255) binary NOT NULL
-) /*$wgDBTableOptions*/;
-
-CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id);
-- Maximum key length ON SQL Server is 900 bytes
CREATE INDEX /*$wgDBprefix*/externallinks_index ON /*$wgDBprefix*/externallinks(el_index);
---
--- Track external user accounts, if ExternalAuth is used
---
-CREATE TABLE /*$wgDBprefix*/external_user (
- -- Foreign key to user_id
- eu_local_id INT NOT NULL PRIMARY KEY,
- -- opaque identifier provided by the external database
- eu_external_id NVARCHAR(255) NOT NULL,
-);
-CREATE UNIQUE INDEX /*$wgDBprefix*/eu_external_idx ON /*$wgDBprefix*/external_user(eu_external_id);
-
--
-- Track INTerlanguage links
--
CREATE INDEX &mw_prefix.externallinks_i02 ON &mw_prefix.externallinks (el_to, el_from);
CREATE INDEX &mw_prefix.externallinks_i03 ON &mw_prefix.externallinks (el_index);
-CREATE TABLE &mw_prefix.external_user (
- eu_local_id NUMBER NOT NULL,
- eu_external_id varchar2(255) NOT NULL
-);
-ALTER TABLE &mw_prefix.external_user ADD CONSTRAINT &mw_prefix.external_user_pk PRIMARY KEY (eu_local_id);
-CREATE UNIQUE INDEX &mw_prefix.external_user_u01 ON &mw_prefix.external_user (eu_external_id);
-
CREATE TABLE &mw_prefix.langlinks (
ll_from NUMBER NOT NULL,
ll_lang VARCHAR2(20),
+++ /dev/null
-CREATE TABLE external_user (
- eu_local_id INTEGER NOT NULL PRIMARY KEY,
- eu_external_id TEXT
-);
-
-CREATE UNIQUE INDEX eu_external_id ON external_user (eu_external_id);
CREATE INDEX externallinks_from_to ON externallinks (el_from,el_to);
CREATE INDEX externallinks_index ON externallinks (el_index);
-CREATE TABLE external_user (
- eu_local_id INTEGER NOT NULL PRIMARY KEY,
- eu_external_id TEXT
-);
-
-CREATE UNIQUE INDEX eu_external_id ON external_user (eu_external_id);
-
CREATE TABLE langlinks (
ll_from INTEGER NOT NULL REFERENCES page (page_id) ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED,
ll_lang TEXT,
CREATE INDEX /*i*/el_to ON /*_*/externallinks (el_to(60), el_from);
CREATE INDEX /*i*/el_index ON /*_*/externallinks (el_index(60));
-
---
--- Track external user accounts, if ExternalAuth is used
---
-CREATE TABLE /*_*/external_user (
- -- Foreign key to user_id
- eu_local_id int unsigned NOT NULL PRIMARY KEY,
-
- -- Some opaque identifier provided by the external database
- eu_external_id varchar(255) binary NOT NULL
-) /*$wgDBTableOptions*/;
-
-CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id);
-
-
--
-- Track interlanguage links
--
CREATE INDEX /*i*/el_from ON /*_*/externallinks (el_from, el_to(40));
CREATE INDEX /*i*/el_to ON /*_*/externallinks (el_to(60), el_from);
CREATE INDEX /*i*/el_index ON /*_*/externallinks (el_index(60));
-CREATE TABLE /*_*/external_user (
- eu_local_id int unsigned NOT NULL PRIMARY KEY,
- eu_external_id varchar(255) binary NOT NULL
-) /*$wgDBTableOptions*/;
-CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id);
CREATE TABLE /*_*/langlinks (
ll_from int unsigned NOT NULL default 0,
ll_lang varbinary(20) NOT NULL default '',
CREATE INDEX /*i*/el_from ON /*_*/externallinks (el_from, el_to(40));
CREATE INDEX /*i*/el_to ON /*_*/externallinks (el_to(60), el_from);
CREATE INDEX /*i*/el_index ON /*_*/externallinks (el_index(60));
-CREATE TABLE /*_*/external_user (
- eu_local_id int unsigned NOT NULL PRIMARY KEY,
- eu_external_id varchar(255) binary NOT NULL
-) /*$wgDBTableOptions*/;
-CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id);
CREATE TABLE /*_*/langlinks (
ll_from int unsigned NOT NULL default 0,
ll_lang varbinary(20) NOT NULL default '',
CREATE INDEX /*i*/el_from ON /*_*/externallinks (el_from, el_to(40));
CREATE INDEX /*i*/el_to ON /*_*/externallinks (el_to(60), el_from);
CREATE INDEX /*i*/el_index ON /*_*/externallinks (el_index(60));
-CREATE TABLE /*_*/external_user (
- eu_local_id int unsigned NOT NULL PRIMARY KEY,
- eu_external_id varchar(255) binary NOT NULL
-) /*$wgDBTableOptions*/;
-CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id);
CREATE TABLE /*_*/langlinks (
ll_from int unsigned NOT NULL default 0,
ll_lang varbinary(20) NOT NULL default '',