From eb09d10fa6dbf03a723d3ba5d9e794414f288b76 Mon Sep 17 00:00:00 2001
From: "Mark A. Hershberger" <mah@users.mediawiki.org>
Date: Tue, 12 Jul 2011 18:44:15 +0000
Subject: [PATCH] =?utf8?q?Bug=20#29807=20=E2=80=94=20Special:PasswordReset?=
 =?utf8?q?=20listed=20on=20Special:SpecialPages=20when=20Authplugin=20allo?=
 =?utf8?q?wPasswordChange()=20is=20false?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

After my spanking last week, I've gone over the patch more closely this time.
---
 includes/specials/SpecialPasswordReset.php | 34 +++++++++++++++++++---
 1 file changed, 30 insertions(+), 4 deletions(-)

diff --git a/includes/specials/SpecialPasswordReset.php b/includes/specials/SpecialPasswordReset.php
index f4dbf51bea..a400940392 100644
--- a/includes/specials/SpecialPasswordReset.php
+++ b/includes/specials/SpecialPasswordReset.php
@@ -36,9 +36,8 @@ class SpecialPasswordReset extends FormSpecialPage {
 		global $wgPasswordResetRoutes, $wgAuth;
 
 		// Maybe password resets are disabled, or there are no allowable routes
-		if ( !is_array( $wgPasswordResetRoutes )
-			|| !in_array( true, array_values( $wgPasswordResetRoutes ) ) )
-		{
+		if ( !is_array( $wgPasswordResetRoutes ) ||
+			 !in_array( true, array_values( $wgPasswordResetRoutes ) ) ) {
 			throw new ErrorPageError( 'internalerror', 'passwordreset-disabled' );
 		}
 
@@ -224,4 +223,31 @@ class SpecialPasswordReset extends FormSpecialPage {
 		$this->getOutput()->addWikiMsg( 'passwordreset-emailsent' );
 		$this->getOutput()->returnToMain();
 	}
-}
+
+	/**
+	 * Hide the password reset page if resets are disabled.
+	 * @return Bool
+	 */
+	function isListed() {
+		global $wgPasswordResetRoutes, $wgAuth;
+
+		// Maybe password resets are disabled, or there are no allowable routes
+		if ( !is_array( $wgPasswordResetRoutes ) ||
+			 !in_array( true, array_values( $wgPasswordResetRoutes ) ) ) {
+			return false;
+		}
+
+		// Maybe the external auth plugin won't allow local password changes
+		if ( !$wgAuth->allowPasswordChange() ) {
+			return false;
+		}
+
+		// Maybe the user is blocked (check this here rather than relying on the parent
+		// method as we have a more specific error message to use here
+		if ( $user->isBlocked() ) {
+			return false;
+		}
+
+		return parent::isListed();
+	}
+}
\ No newline at end of file
-- 
2.20.1