From b1d154f8f078ca8690935206d0449e210e302c48 Mon Sep 17 00:00:00 2001 From: Florian Date: Wed, 27 Jul 2016 22:01:43 +0200 Subject: [PATCH] Special:UserLogin: Don't show login button when not required If no AuthenticationRequest requires a separate login button, it shouldn'tbe visible. This is, for example, the case, when only link providers are used, that require the user to redirect to a third party site, as it usually just shows a single submit button. In this case, the login button is still visible because of other additional fields, such as the remember me button. This change checks each primary authentication provider, if it provides its provide his own submit button or not, and if so, removes the login button completely. Bug: T141471 Change-Id: Ib18a69582cb3f79d438ab009d8755f0d5e415bcb --- .../specialpage/AuthManagerSpecialPage.php | 44 ++++++++++++------- .../specialpage/LoginSignupSpecialPage.php | 6 +-- .../specials/SpecialChangeCredentials.php | 2 +- 3 files changed, 33 insertions(+), 19 deletions(-) diff --git a/includes/specialpage/AuthManagerSpecialPage.php b/includes/specialpage/AuthManagerSpecialPage.php index 85b8dc3ad6..68f0d00ddb 100644 --- a/includes/specialpage/AuthManagerSpecialPage.php +++ b/includes/specialpage/AuthManagerSpecialPage.php @@ -536,7 +536,7 @@ abstract class AuthManagerSpecialPage extends SpecialPage { $form->setAction( $this->getFullTitle()->getFullURL( $this->getPreservedParams() ) ); $form->addHiddenField( $this->getTokenName(), $this->getToken()->toString() ); $form->addHiddenField( 'authAction', $this->authAction ); - $form->suppressDefaultSubmit( !$this->needsSubmitButton( $formDescriptor ) ); + $form->suppressDefaultSubmit( !$this->needsSubmitButton( $requests ) ); return $form; } @@ -554,24 +554,38 @@ abstract class AuthManagerSpecialPage extends SpecialPage { } /** - * Returns true if the form has fields which take values. If all available providers use the - * redirect flow, the form might contain nothing but submit buttons, in which case we should - * not add an extra submit button which does nothing. + * Returns true if the form built from the given AuthenticationRequests has fields which take + * values. If all available providers use the redirect flow, the form might contain nothing + * but submit buttons, in which case we should not add an extra submit button which does nothing. * - * @param array $formDescriptor A HTMLForm descriptor + * @param AuthenticationRequest[] $requests An array of AuthenticationRequests from which the + * form will be built * @return bool */ - protected function needsSubmitButton( $formDescriptor ) { - return (bool)array_filter( $formDescriptor, function ( $item ) { - $class = false; - if ( array_key_exists( 'class', $item ) ) { - $class = $item['class']; - } elseif ( array_key_exists( 'type', $item ) ) { - $class = HTMLForm::$typeMappings[$item['type']]; + protected function needsSubmitButton( array $requests ) { + foreach ( $requests as $req ) { + if ( $req->required === AuthenticationRequest::PRIMARY_REQUIRED && + $this->doesRequestNeedsSubmitButton( $req ) + ) { + return true; } - return !is_a( $class, \HTMLInfoField::class, true ) && - !is_a( $class, \HTMLSubmitField::class, true ); - } ); + } + return false; + } + + /** + * Checks if the given AuthenticationRequest needs a submit button or not. + * + * @param AuthenticationRequest $req The request to check + * @return bool + */ + protected function doesRequestNeedsSubmitButton( AuthenticationRequest $req ) { + foreach ( $req->getFieldInfo() as $field => $info ) { + if ( $info['type'] === 'button' ) { + return false; + } + } + return true; } /** diff --git a/includes/specialpage/LoginSignupSpecialPage.php b/includes/specialpage/LoginSignupSpecialPage.php index 8a2e0d65b0..cf1a4d05ac 100644 --- a/includes/specialpage/LoginSignupSpecialPage.php +++ b/includes/specialpage/LoginSignupSpecialPage.php @@ -585,7 +585,7 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { $this->fakeTemplate = $fakeTemplate; // FIXME there should be a saner way to pass this to the hook // this will call onAuthChangeFormFields() $formDescriptor = static::fieldInfoToFormDescriptor( $requests, $fieldInfo, $this->authAction ); - $this->postProcessFormDescriptor( $formDescriptor ); + $this->postProcessFormDescriptor( $formDescriptor, $requests ); $context = $this->getContext(); if ( $context->getRequest() !== $this->getRequest() ) { @@ -1237,7 +1237,7 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { /** * @param array $formDescriptor */ - protected function postProcessFormDescriptor( &$formDescriptor ) { + protected function postProcessFormDescriptor( &$formDescriptor, $requests ) { // Pre-fill username (if not creating an account, T46775). if ( isset( $formDescriptor['username'] ) && @@ -1255,7 +1255,7 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { // don't show a submit button if there is nothing to submit (i.e. the only form content // is other submit buttons, for redirect flows) - if ( !$this->needsSubmitButton( $formDescriptor ) ) { + if ( !$this->needsSubmitButton( $requests ) ) { unset( $formDescriptor['createaccount'], $formDescriptor['loginattempt'] ); } diff --git a/includes/specials/SpecialChangeCredentials.php b/includes/specials/SpecialChangeCredentials.php index d98504da46..ff70848e25 100644 --- a/includes/specials/SpecialChangeCredentials.php +++ b/includes/specials/SpecialChangeCredentials.php @@ -149,7 +149,7 @@ class SpecialChangeCredentials extends AuthManagerSpecialPage { return $form; } - protected function needsSubmitButton( $formDescriptor ) { + protected function needsSubmitButton( array $requests ) { // Change/remove forms show are built from a single AuthenticationRequest and do not allow // for redirect flow; they always need a submit button. return true; -- 2.20.1