// Skip functions aren't even parseable
'!resources/src/dom-level2-skip.js',
'!resources/src/es5-skip.js',
- '!resources/src/json-skip.js',
'!resources/src/mediawiki.hidpi-skip.js'
]
},
determines whether to set a cookie when a user is autoblocked. Doing so means
that a blocked user, even after logging out and moving to a new IP address,
will still be blocked.
+* The resetpassword right and associated password reset capture feature has
+ been removed.
=== New features in 1.29 ===
* (T5233) A cookie can now be set when a user is autoblocked, to track that user if
action=createaccount, action=linkaccount, and action=changeauthenticationdata
in the query string is now an error. They should be submitted in the POST
body instead.
+* The capture option for action=resetpassword has been removed
=== Action API internal changes in 1.29 ===
/**
* Set to true to put the sending user's email in a Reply-To header
- * instead of From. ($wgEmergencyContact will be used as From.)
+ * instead of From. ($wgPasswordSender will be used as From.)
*
* Some mailers (eg SMTP) set the SMTP envelope sender to the From value,
* which can cause problems with SPF validation and leak recipient addresses
* @deprecated since 1.28
*/
public static function singleton() {
- return MediaWikiServices::getInstance()->getMIMEAnalyzer();
+ return MediaWikiServices::getInstance()->getMimeAnalyzer();
}
/**
/**
* An action that views article content
*
- * This is a wrapper that will call Article::render().
+ * This is a wrapper that will call Article::view().
*
* @ingroup Actions
*/
*
* @file
*/
+use MediaWiki\MediaWikiServices;
/**
* This class contains a list of pages that the client has requested.
}
// Get gender information
- $genderCache = GenderCache::singleton();
+ $genderCache = MediaWikiServices::getInstance()->getGenderCache();
$genderCache->doQuery( $usernames, __METHOD__ );
}
}
}
// Get gender information
- $genderCache = GenderCache::singleton();
+ $genderCache = MediaWikiServices::getInstance()->getGenderCache();
$genderCache->doQuery( $usernames, __METHOD__ );
return $linkBatch;
*
* @file
*/
+use MediaWiki\MediaWikiServices;
/**
* Query module to enumerate all available pages.
foreach ( $res as $row ) {
$users[] = $row->page_title;
}
- GenderCache::singleton()->doQuery( $users, __METHOD__ );
+ MediaWikiServices::getInstance()->getGenderCache()->doQuery( $users, __METHOD__ );
$res->rewind(); // reset
}
$data['maxuploadsize'] = UploadBase::getMaxUploadSize();
$data['minuploadchunksize'] = (int)$config->get( 'MinUploadChunkSize' );
+ $data['galleryoptions'] = $config->get( 'GalleryOptions' );
+
$data['thumblimits'] = $config->get( 'ThumbLimits' );
ApiResult::setArrayType( $data['thumblimits'], 'BCassoc' );
ApiResult::setIndexedTagName( $data['thumblimits'], 'limit' );
$passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
- $status = $passwordReset->isAllowed( $this->getUser(), $params['capture'] );
+ $status = $passwordReset->isAllowed( $this->getUser() );
if ( !$status->isOK() ) {
$this->dieStatus( Status::wrap( $status ) );
}
$status = $passwordReset->execute(
- $this->getUser(), $params['user'], $params['email'], $params['capture']
+ $this->getUser(), $params['user'], $params['email']
);
if ( !$status->isOK() ) {
$status->value = null;
$result = $this->getResult();
$result->addValue( [ 'resetpassword' ], 'status', 'success' );
- if ( $params['capture'] ) {
- $passwords = $status->getValue() ?: [];
- ApiResult::setArrayType( $passwords, 'kvp', 'user' );
- ApiResult::setIndexedTagName( $passwords, 'p' );
- $result->addValue( [ 'resetpassword' ], 'passwords', $passwords );
- }
}
public function isWriteMode() {
'email' => [
ApiBase::PARAM_TYPE => 'string',
],
- 'capture' => false,
];
$resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
"apihelp-resetpassword-description-noroutes": "No password reset routes are available.\n\nEnable routes in <var>[[mw:Manual:$wgPasswordResetRoutes|$wgPasswordResetRoutes]]</var> to use this module.",
"apihelp-resetpassword-param-user": "User being reset.",
"apihelp-resetpassword-param-email": "Email address of the user being reset.",
- "apihelp-resetpassword-param-capture": "Return the temporary passwords that were sent. Requires the <code>passwordreset</code> user right.",
"apihelp-resetpassword-example-user": "Send a password reset email to user <kbd>Example</kbd>.",
"apihelp-resetpassword-example-email": "Send a password reset email for all users with email address <kbd>user@example.com</kbd>.",
"apihelp-resetpassword-description-noroutes": "{{doc-apihelp-description|resetpassword|info=This message is used when no known routes are enabled in <var>[[mw:Manual:$wgPasswordResetRoutes|$wgPasswordResetRoutes]]</var>.|seealso={{msg-mw|apihelp-resetpassword-description}}}}",
"apihelp-resetpassword-param-user": "{{doc-apihelp-param|resetpassword|user}}",
"apihelp-resetpassword-param-email": "{{doc-apihelp-param|resetpassword|email}}",
- "apihelp-resetpassword-param-capture": "{{doc-apihelp-param|resetpassword|capture}}",
"apihelp-resetpassword-example-user": "{{doc-apihelp-example|resetpassword}}",
"apihelp-resetpassword-example-email": "{{doc-apihelp-example|resetpassword}}",
"apihelp-revisiondelete-description": "{{doc-apihelp-description|revisiondelete}}",
/** @var bool Email password to the user. */
public $mailpassword = false;
- /**
- * @var bool Do not fail certain operations if the password cannot be mailed, there is a
- * backchannel present.
- */
- public $hasBackchannel = false;
-
/** @var string Username or IP address of the caller */
public $caller;
$sv->merge( $this->checkPasswordValidity( $username, $req->password ) );
if ( $req->mailpassword ) {
- if ( !$this->emailEnabled && !$req->hasBackchannel ) {
+ if ( !$this->emailEnabled ) {
return \StatusValue::newFatal( 'passwordreset-emaildisabled' );
}
$ret = \StatusValue::newGood();
if ( $req ) {
- if ( $req->mailpassword && !$req->hasBackchannel ) {
+ if ( $req->mailpassword ) {
if ( !$this->emailEnabled ) {
$ret->merge( \StatusValue::newFatal( 'emaildisabled' ) );
} elseif ( !$user->getEmail() ) {
* @param bool $useDB
* @param int $expiry Lifetime for cache. @see $mExpiry.
*/
- function __construct( $memCached, $useDB, $expiry ) {
+ function __construct( BagOStuff $memCached, $useDB, $expiry ) {
global $wgUseLocalMessageCache;
- if ( !$memCached ) {
- $memCached = wfGetCache( CACHE_NONE );
- }
-
$this->mMemc = $memCached;
$this->mDisable = !$useDB;
$this->mExpiry = $expiry;
* @file
* @ingroup Parser
*/
+use MediaWiki\MediaWikiServices;
/**
* Various core parser functions, registered in Parser::firstCallInit()
// check parameter, or use the ParserOptions if in interface message
$user = User::newFromName( $username );
+ $genderCache = MediaWikiServices::getInstance()->getGenderCache();
if ( $user ) {
- $gender = GenderCache::singleton()->getGenderOf( $user, __METHOD__ );
+ $gender = $genderCache->getGenderOf( $user, __METHOD__ );
} elseif ( $username === '' && $parser->getOptions()->getInterfaceMessage() ) {
- $gender = GenderCache::singleton()->getGenderOf( $parser->getOptions()->getUser(), __METHOD__ );
+ $gender = $genderCache->getGenderOf( $parser->getOptions()->getUser(), __METHOD__ );
}
$ret = $parser->getFunctionLang()->gender( $gender, $forms );
return $ret;
];
}
- if ( $this->getUser()->isAllowed( 'passwordreset' ) ) {
- $a['Capture'] = [
- 'type' => 'check',
- 'label-message' => 'passwordreset-capture',
- 'help-message' => 'passwordreset-capture-help',
- ];
- }
-
return $a;
}
* @return Status
*/
public function onSubmit( array $data ) {
- if ( isset( $data['Capture'] ) && !$this->getUser()->isAllowed( 'passwordreset' ) ) {
- // The user knows they don't have the passwordreset permission,
- // but they tried to spoof the form. That's naughty
- throw new PermissionsError( 'passwordreset' );
- }
-
$username = isset( $data['Username'] ) ? $data['Username'] : null;
$email = isset( $data['Email'] ) ? $data['Email'] : null;
- $capture = !empty( $data['Capture'] );
$this->method = $username ? 'username' : 'email';
$this->result = Status::wrap(
- $this->getPasswordReset()->execute( $this->getUser(), $username, $email, $capture ) );
- if ( $capture && $this->result->isOK() ) {
- $this->passwords = $this->result->getValue();
- }
+ $this->getPasswordReset()->execute( $this->getUser(), $username, $email ) );
if ( $this->result->hasMessage( 'actionthrottledtext' ) ) {
throw new ThrottledError;
}
public function onSuccess() {
- if ( $this->getUser()->isAllowed( 'passwordreset' ) && $this->passwords ) {
- if ( $this->result->isGood() ) {
- $this->getOutput()->addWikiMsg( 'passwordreset-emailsent-capture2',
- count( $this->passwords ) );
- } else {
- $this->getOutput()->addWikiMsg( 'passwordreset-emailerror-capture2',
- $this->result->getMessage(), key( $this->passwords ), count( $this->passwords ) );
- }
-
- $this->getOutput()->addHTML( Html::openElement( 'ul' ) );
- foreach ( $this->passwords as $username => $pwd ) {
- $this->getOutput()->addHTML( Html::rawElement( 'li', [],
- htmlspecialchars( $username, ENT_QUOTES )
- . $this->msg( 'colon-separator' )->text()
- . htmlspecialchars( $pwd, ENT_QUOTES )
- ) );
- }
- $this->getOutput()->addHTML( Html::closeElement( 'ul' ) );
- }
-
if ( $this->method === 'email' ) {
$this->getOutput()->addWikiMsg( 'passwordreset-emailsentemail' );
} else {
protected $logger;
/**
- * In-process cache for isAllowed lookups, by username. Contains pairs of StatusValue objects
- * (for false and true value of $displayPassword, respectively).
+ * In-process cache for isAllowed lookups, by username.
+ * Contains a StatusValue object
* @var HashBagOStuff
*/
private $permissionCache;
* @param User $user
* @param bool $displayPassword If set, also check whether the user is allowed to reset the
* password of another user and see the temporary password.
+ * @since 1.29 Second argument for displayPassword removed.
* @return StatusValue
*/
- public function isAllowed( User $user, $displayPassword = false ) {
- $statuses = $this->permissionCache->get( $user->getName() );
- if ( $statuses ) {
- list ( $status, $status2 ) = $statuses;
- } else {
+ public function isAllowed( User $user ) {
+ $status = $this->permissionCache->get( $user->getName() );
+ if ( !$status ) {
$resetRoutes = $this->config->get( 'PasswordResetRoutes' );
$status = StatusValue::newGood();
$status = StatusValue::newFatal( 'blocked-mailpassword' );
}
- $status2 = StatusValue::newGood();
- if ( !$user->isAllowed( 'passwordreset' ) ) {
- $status2 = StatusValue::newFatal( 'badaccess' );
- }
-
- $this->permissionCache->set( $user->getName(), [ $status, $status2 ] );
+ $this->permissionCache->set( $user->getName(), $status );
}
- if ( !$displayPassword || !$status->isGood() ) {
- return $status;
- } else {
- return $status2;
- }
+ return $status;
}
/**
* Process the form. At this point we know that the user passes all the criteria in
* userCanExecute(), and if the data array contains 'Username', etc, then Username
* resets are allowed.
+ *
+ * @since 1.29 Fourth argument for displayPassword removed.
* @param User $performingUser The user that does the password reset
* @param string $username The user whose password is reset
* @param string $email Alternative way to specify the user
- * @param bool $displayPassword Whether to display the password
* @return StatusValue Will contain the passwords as a username => password array if the
* $displayPassword flag was set
* @throws LogicException When the user is not allowed to perform the action
* @throws MWException On unexpected DB errors
*/
public function execute(
- User $performingUser, $username = null, $email = null, $displayPassword = false
+ User $performingUser, $username = null, $email = null
) {
- if ( !$this->isAllowed( $performingUser, $displayPassword )->isGood() ) {
- $action = $this->isAllowed( $performingUser )->isGood() ? 'display' : 'reset';
+ if ( !$this->isAllowed( $performingUser )->isGood() ) {
throw new LogicException( 'User ' . $performingUser->getName()
- . ' is not allowed to ' . $action . ' passwords' );
+ . ' is not allowed to reset passwords' );
}
$resetRoutes = $this->config->get( 'PasswordResetRoutes' )
$data = [
'Username' => $username,
'Email' => $email,
- 'Capture' => $displayPassword ? '1' : null,
];
if ( !Hooks::run( 'SpecialPasswordResetOnSubmit', [ &$users, $data, &$error ] ) ) {
return StatusValue::newFatal( Message::newFromSpecifier( $error ) );
$req = TemporaryPasswordAuthenticationRequest::newRandom();
$req->username = $user->getName();
$req->mailpassword = true;
- $req->hasBackchannel = $displayPassword;
$req->caller = $performingUser->getName();
$status = $this->authManager->allowsAuthenticationDataChange( $req, true );
if ( $status->isGood() && $status->getValue() !== 'ignored' ) {
'targetUsername' => $username,
'targetEmail' => $email,
'actualUser' => $firstUser->getName(),
- 'capture' => $displayPassword,
];
if ( !$result->isGood() ) {
$passwords = [];
foreach ( $reqs as $req ) {
$this->authManager->changeAuthenticationData( $req );
- // TODO record mail sending errors
- if ( $displayPassword ) {
- $passwords[$req->username] = $req->password;
- }
}
- if ( $displayPassword ) {
- // The password capture thing is scary, so log
- // at a higher warning level.
- $this->logger->warning(
- "{requestingUser} did password reset of {actualUser} with password capturing!",
- $logContext
- );
- } else {
- $this->logger->info(
- "{requestingUser} did password reset of {actualUser}",
- $logContext
- );
- }
+ $this->logger->info(
+ "{requestingUser} did password reset of {actualUser}",
+ $logContext
+ );
return StatusValue::newGood( $passwords );
}
'noratelimit',
'override-export-depth',
'pagelang',
- 'passwordreset',
'patrol',
'patrolmarks',
'protect',
"passwordreset-emaildisabled": "Email features have been disabled on this wiki.",
"passwordreset-username": "Username:",
"passwordreset-domain": "Domain:",
- "passwordreset-capture": "View the resulting email?",
- "passwordreset-capture-help": "If you check this box, the email (with the temporary password) will be shown to you as well as being sent to the user.",
"passwordreset-email": "Email address:",
"passwordreset-emailtitle": "Account details on {{SITENAME}}",
"passwordreset-emailtext-ip": "Someone (probably you, from IP address $1) requested a reset of your\npassword for {{SITENAME}} ($4). The following user {{PLURAL:$3|account is|accounts are}}\nassociated with this email address:\n\n$2\n\n{{PLURAL:$3|This temporary password|These temporary passwords}} will expire in {{PLURAL:$5|one day|$5 days}}.\nYou should log in and choose a new password now. If someone else made this\nrequest, or if you have remembered your original password, and you no longer\nwish to change it, you may ignore this message and continue using your old\npassword.",
"passwordreset-emailelement": "Username:\n$1\n\nTemporary password:\n$2",
"passwordreset-emailsentemail": "If this email address is associated with your account, then a password reset email will be sent.",
"passwordreset-emailsentusername": "If there is an email address associated with this username, then a password reset email will be sent.",
- "passwordreset-emailsent-capture2": "The password reset {{PLURAL:$1|email has|emails have}} been sent. The {{PLURAL:$1|username and password|list of usernames and passwords}} is shown here.",
- "passwordreset-emailerror-capture2": "Emailing the {{GENDER:$2|user}} failed: $1 The {{PLURAL:$3|username and password|list of usernames and passwords}} is shown here.",
"passwordreset-nocaller": "A caller must be provided",
"passwordreset-nosuchcaller": "Caller does not exist: $1",
"passwordreset-ignored": "The password reset was not handled. Maybe no provider was configured?",
"right-siteadmin": "Lock and unlock the database",
"right-override-export-depth": "Export pages including linked pages up to a depth of 5",
"right-sendemail": "Send email to other users",
- "right-passwordreset": "View password reset emails",
"right-managechangetags": "Create and (de)activate [[Special:Tags|tags]]",
"right-applychangetags": "Apply [[Special:Tags|tags]] along with one's changes",
"right-changetags": "Add and remove arbitrary [[Special:Tags|tags]] on individual revisions and log entries",
"passwordreset-emaildisabled": "Used as error message in changing password when site's email feature is disabled.",
"passwordreset-username": "{{Identical|Username}}",
"passwordreset-domain": "A domain like used in Domain Name System (DNS) or more specifically like a domain component in the Lightweight Directory Access Protocol (LDAP).\n{{Identical|Domain}}",
- "passwordreset-capture": "Label for checkbox asking the user whether they want to see the contents of the password reset email (only shown if they have the <code>passwordreset</code> permission).",
- "passwordreset-capture-help": "Longer explanatory message for the capture checkbox label.",
"passwordreset-email": "{{Identical|E-mail address}}",
"passwordreset-emailtitle": "Used as subject (title) of email.",
"passwordreset-emailtext-ip": "Be consistent with {{msg-mw|Passwordreset-emailtext-user}}.\n\nParameters:\n* $1 - an IP address\n* $2 - message {{msg-mw|Passwordreset-emailelement}} repeated $3 times\n* $3 - the number of repetitions in $2\n* $4 - base URL of the wiki\n* $5 - number of days",
"passwordreset-emailelement": "This is a body of a password reset email to allow them into the system with a new password. Parameters:\n* $1 - the user's login name. This parameter can be used for GENDER.\n* $2 - the temporary password given by the system",
"passwordreset-emailsentemail": "Used in [[Special:PasswordReset]].\n\nSee also:\n* {{msg-mw|Passwordreset-emailsent-capture}}\n* {{msg-mw|Passwordreset-emailerror-capture}}",
"passwordreset-emailsentusername": "Used in [[Special:PasswordReset]].\n\nSee also:\n* {{msg-mw|Passwordreset-emailsent-capture}}\n* {{msg-mw|Passwordreset-emailerror-capture}}",
- "passwordreset-emailsent-capture2": "Used in [[Special:PasswordReset]].\n\nParameters:\n* $1 - number of accounts notified\n\nSee also:\n* {{msg-mw|Passwordreset-emailsentemail}}\n* {{msg-mw|Passwordreset-emailsentusername}}\n* {{msg-mw|Passwordreset-emailerror-capture}}",
- "passwordreset-emailerror-capture2": "Error message displayed in [[Special:PasswordReset]] when sending an email fails. Parameters:\n* $1 - error message\n* $2 - username, used for GENDER\n* $3 - number of accounts notified\n\nSee also:\n* {{msg-mw|Passwordreset-emailsentemail}}\n* {{msg-mw|Passwordreset-emailsentusername}}\n* {{msg-mw|Passwordreset-emailsent-capture}}\n* {{msg-mw|Passwordreset-emailerror-capture}}",
"passwordreset-nocaller": "Shown when a password reset was requested but the process failed due to an internal error related to missing details about the origin (caller) of the password reset request.",
"passwordreset-nosuchcaller": "Shown when a password reset was requested but the username of the caller could not be resolved to a user. This is an internal error.\n\nParameters:\n* $1 - username of the caller",
"passwordreset-ignored": "Shown when password reset was unsuccessful due to configuration problems.",
"right-siteadmin": "{{doc-right|siteadmin}}",
"right-override-export-depth": "{{doc-right|override-export-depth}}",
"right-sendemail": "{{doc-right|sendemail}}",
- "right-passwordreset": "{{doc-right|passwordreset}}",
"right-managechangetags": "{{doc-right|managechangetags}}",
"right-applychangetags": "{{doc-right|applychangetags}}",
"right-changetags": "{{doc-right|changetags}}",
"grunt-contrib-copy": "1.0.0",
"grunt-contrib-watch": "1.0.0",
"grunt-eslint": "19.0.0",
- "grunt-jsonlint": "1.0.7",
+ "grunt-jsonlint": "1.1.0",
"grunt-karma": "2.0.0",
"grunt-stylelint": "0.6.0",
"karma": "1.1.0",
'message' => 'Please use "mediawiki.storage" instead.',
],
'scripts' => 'resources/lib/jquery/jquery.jStorage.js',
- 'dependencies' => 'json',
],
'jquery.suggestions' => [
'scripts' => 'resources/src/jquery/jquery.suggestions.js',
/* json2 */
+ // Deprecated since MediaWiki 1.29.0
'json' => [
- 'scripts' => 'resources/lib/json2/json2.js',
+ 'deprecated' => 'Use of the "json" MediaWiki module is deprecated since MediaWiki 1.29.0',
'targets' => [ 'desktop', 'mobile' ],
- 'skipFunction' => 'resources/src/json-skip.js',
],
/* Moment.js */
'dom-level2-shim',
'mediawiki.api',
'mediawiki.api.edit',
- 'json',
],
'targets' => [ 'desktop', 'mobile' ],
],
'dependencies' => [
'jquery.byteLength',
'mediawiki.RegExp',
- 'json',
],
'targets' => [ 'desktop', 'mobile' ],
],
'targets' => [ 'desktop', 'mobile' ],
'dependencies' => [
'es5-shim',
- 'json',
],
],
+++ /dev/null
-/*
- json2.js
- 2015-05-03
-
- Public Domain.
-
- NO WARRANTY EXPRESSED OR IMPLIED. USE AT YOUR OWN RISK.
-
- See http://www.JSON.org/js.html
-
-
- This code should be minified before deployment.
- See http://javascript.crockford.com/jsmin.html
-
- USE YOUR OWN COPY. IT IS EXTREMELY UNWISE TO LOAD CODE FROM SERVERS YOU DO
- NOT CONTROL.
-
-
- This file creates a global JSON object containing two methods: stringify
- and parse. This file is provides the ES5 JSON capability to ES3 systems.
- If a project might run on IE8 or earlier, then this file should be included.
- This file does nothing on ES5 systems.
-
- JSON.stringify(value, replacer, space)
- value any JavaScript value, usually an object or array.
-
- replacer an optional parameter that determines how object
- values are stringified for objects. It can be a
- function or an array of strings.
-
- space an optional parameter that specifies the indentation
- of nested structures. If it is omitted, the text will
- be packed without extra whitespace. If it is a number,
- it will specify the number of spaces to indent at each
- level. If it is a string (such as '\t' or ' '),
- it contains the characters used to indent at each level.
-
- This method produces a JSON text from a JavaScript value.
-
- When an object value is found, if the object contains a toJSON
- method, its toJSON method will be called and the result will be
- stringified. A toJSON method does not serialize: it returns the
- value represented by the name/value pair that should be serialized,
- or undefined if nothing should be serialized. The toJSON method
- will be passed the key associated with the value, and this will be
- bound to the value
-
- For example, this would serialize Dates as ISO strings.
-
- Date.prototype.toJSON = function (key) {
- function f(n) {
- // Format integers to have at least two digits.
- return n < 10
- ? '0' + n
- : n;
- }
-
- return this.getUTCFullYear() + '-' +
- f(this.getUTCMonth() + 1) + '-' +
- f(this.getUTCDate()) + 'T' +
- f(this.getUTCHours()) + ':' +
- f(this.getUTCMinutes()) + ':' +
- f(this.getUTCSeconds()) + 'Z';
- };
-
- You can provide an optional replacer method. It will be passed the
- key and value of each member, with this bound to the containing
- object. The value that is returned from your method will be
- serialized. If your method returns undefined, then the member will
- be excluded from the serialization.
-
- If the replacer parameter is an array of strings, then it will be
- used to select the members to be serialized. It filters the results
- such that only members with keys listed in the replacer array are
- stringified.
-
- Values that do not have JSON representations, such as undefined or
- functions, will not be serialized. Such values in objects will be
- dropped; in arrays they will be replaced with null. You can use
- a replacer function to replace those with JSON values.
- JSON.stringify(undefined) returns undefined.
-
- The optional space parameter produces a stringification of the
- value that is filled with line breaks and indentation to make it
- easier to read.
-
- If the space parameter is a non-empty string, then that string will
- be used for indentation. If the space parameter is a number, then
- the indentation will be that many spaces.
-
- Example:
-
- text = JSON.stringify(['e', {pluribus: 'unum'}]);
- // text is '["e",{"pluribus":"unum"}]'
-
-
- text = JSON.stringify(['e', {pluribus: 'unum'}], null, '\t');
- // text is '[\n\t"e",\n\t{\n\t\t"pluribus": "unum"\n\t}\n]'
-
- text = JSON.stringify([new Date()], function (key, value) {
- return this[key] instanceof Date
- ? 'Date(' + this[key] + ')'
- : value;
- });
- // text is '["Date(---current time---)"]'
-
-
- JSON.parse(text, reviver)
- This method parses a JSON text to produce an object or array.
- It can throw a SyntaxError exception.
-
- The optional reviver parameter is a function that can filter and
- transform the results. It receives each of the keys and values,
- and its return value is used instead of the original value.
- If it returns what it received, then the structure is not modified.
- If it returns undefined then the member is deleted.
-
- Example:
-
- // Parse the text. Values that look like ISO date strings will
- // be converted to Date objects.
-
- myData = JSON.parse(text, function (key, value) {
- var a;
- if (typeof value === 'string') {
- a =
-/^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2}(?:\.\d*)?)Z$/.exec(value);
- if (a) {
- return new Date(Date.UTC(+a[1], +a[2] - 1, +a[3], +a[4],
- +a[5], +a[6]));
- }
- }
- return value;
- });
-
- myData = JSON.parse('["Date(09/09/2001)"]', function (key, value) {
- var d;
- if (typeof value === 'string' &&
- value.slice(0, 5) === 'Date(' &&
- value.slice(-1) === ')') {
- d = new Date(value.slice(5, -1));
- if (d) {
- return d;
- }
- }
- return value;
- });
-
-
- This is a reference implementation. You are free to copy, modify, or
- redistribute.
-*/
-
-/*jslint
- eval, for, this
-*/
-
-/*property
- JSON, apply, call, charCodeAt, getUTCDate, getUTCFullYear, getUTCHours,
- getUTCMinutes, getUTCMonth, getUTCSeconds, hasOwnProperty, join,
- lastIndex, length, parse, prototype, push, replace, slice, stringify,
- test, toJSON, toString, valueOf
-*/
-
-
-// Create a JSON object only if one does not already exist. We create the
-// methods in a closure to avoid creating global variables.
-
-if (typeof JSON !== 'object') {
- JSON = {};
-}
-
-(function () {
- 'use strict';
-
- var rx_one = /^[\],:{}\s]*$/,
- rx_two = /\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g,
- rx_three = /"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g,
- rx_four = /(?:^|:|,)(?:\s*\[)+/g,
- rx_escapable = /[\\\"\u0000-\u001f\u007f-\u009f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g,
- rx_dangerous = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g;
-
- function f(n) {
- // Format integers to have at least two digits.
- return n < 10
- ? '0' + n
- : n;
- }
-
- function this_value() {
- return this.valueOf();
- }
-
- if (typeof Date.prototype.toJSON !== 'function') {
-
- Date.prototype.toJSON = function () {
-
- return isFinite(this.valueOf())
- ? this.getUTCFullYear() + '-' +
- f(this.getUTCMonth() + 1) + '-' +
- f(this.getUTCDate()) + 'T' +
- f(this.getUTCHours()) + ':' +
- f(this.getUTCMinutes()) + ':' +
- f(this.getUTCSeconds()) + 'Z'
- : null;
- };
-
- Boolean.prototype.toJSON = this_value;
- Number.prototype.toJSON = this_value;
- String.prototype.toJSON = this_value;
- }
-
- var gap,
- indent,
- meta,
- rep;
-
-
- function quote(string) {
-
-// If the string contains no control characters, no quote characters, and no
-// backslash characters, then we can safely slap some quotes around it.
-// Otherwise we must also replace the offending characters with safe escape
-// sequences.
-
- rx_escapable.lastIndex = 0;
- return rx_escapable.test(string)
- ? '"' + string.replace(rx_escapable, function (a) {
- var c = meta[a];
- return typeof c === 'string'
- ? c
- : '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
- }) + '"'
- : '"' + string + '"';
- }
-
-
- function str(key, holder) {
-
-// Produce a string from holder[key].
-
- var i, // The loop counter.
- k, // The member key.
- v, // The member value.
- length,
- mind = gap,
- partial,
- value = holder[key];
-
-// If the value has a toJSON method, call it to obtain a replacement value.
-
- if (value && typeof value === 'object' &&
- typeof value.toJSON === 'function') {
- value = value.toJSON(key);
- }
-
-// If we were called with a replacer function, then call the replacer to
-// obtain a replacement value.
-
- if (typeof rep === 'function') {
- value = rep.call(holder, key, value);
- }
-
-// What happens next depends on the value's type.
-
- switch (typeof value) {
- case 'string':
- return quote(value);
-
- case 'number':
-
-// JSON numbers must be finite. Encode non-finite numbers as null.
-
- return isFinite(value)
- ? String(value)
- : 'null';
-
- case 'boolean':
- case 'null':
-
-// If the value is a boolean or null, convert it to a string. Note:
-// typeof null does not produce 'null'. The case is included here in
-// the remote chance that this gets fixed someday.
-
- return String(value);
-
-// If the type is 'object', we might be dealing with an object or an array or
-// null.
-
- case 'object':
-
-// Due to a specification blunder in ECMAScript, typeof null is 'object',
-// so watch out for that case.
-
- if (!value) {
- return 'null';
- }
-
-// Make an array to hold the partial results of stringifying this object value.
-
- gap += indent;
- partial = [];
-
-// Is the value an array?
-
- if (Object.prototype.toString.apply(value) === '[object Array]') {
-
-// The value is an array. Stringify every element. Use null as a placeholder
-// for non-JSON values.
-
- length = value.length;
- for (i = 0; i < length; i += 1) {
- partial[i] = str(i, value) || 'null';
- }
-
-// Join all of the elements together, separated with commas, and wrap them in
-// brackets.
-
- v = partial.length === 0
- ? '[]'
- : gap
- ? '[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']'
- : '[' + partial.join(',') + ']';
- gap = mind;
- return v;
- }
-
-// If the replacer is an array, use it to select the members to be stringified.
-
- if (rep && typeof rep === 'object') {
- length = rep.length;
- for (i = 0; i < length; i += 1) {
- if (typeof rep[i] === 'string') {
- k = rep[i];
- v = str(k, value);
- if (v) {
- partial.push(quote(k) + (
- gap
- ? ': '
- : ':'
- ) + v);
- }
- }
- }
- } else {
-
-// Otherwise, iterate through all of the keys in the object.
-
- for (k in value) {
- if (Object.prototype.hasOwnProperty.call(value, k)) {
- v = str(k, value);
- if (v) {
- partial.push(quote(k) + (
- gap
- ? ': '
- : ':'
- ) + v);
- }
- }
- }
- }
-
-// Join all of the member texts together, separated with commas,
-// and wrap them in braces.
-
- v = partial.length === 0
- ? '{}'
- : gap
- ? '{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}'
- : '{' + partial.join(',') + '}';
- gap = mind;
- return v;
- }
- }
-
-// If the JSON object does not yet have a stringify method, give it one.
-
- if (typeof JSON.stringify !== 'function') {
- meta = { // table of character substitutions
- '\b': '\\b',
- '\t': '\\t',
- '\n': '\\n',
- '\f': '\\f',
- '\r': '\\r',
- '"': '\\"',
- '\\': '\\\\'
- };
- JSON.stringify = function (value, replacer, space) {
-
-// The stringify method takes a value and an optional replacer, and an optional
-// space parameter, and returns a JSON text. The replacer can be a function
-// that can replace values, or an array of strings that will select the keys.
-// A default replacer method can be provided. Use of the space parameter can
-// produce text that is more easily readable.
-
- var i;
- gap = '';
- indent = '';
-
-// If the space parameter is a number, make an indent string containing that
-// many spaces.
-
- if (typeof space === 'number') {
- for (i = 0; i < space; i += 1) {
- indent += ' ';
- }
-
-// If the space parameter is a string, it will be used as the indent string.
-
- } else if (typeof space === 'string') {
- indent = space;
- }
-
-// If there is a replacer, it must be a function or an array.
-// Otherwise, throw an error.
-
- rep = replacer;
- if (replacer && typeof replacer !== 'function' &&
- (typeof replacer !== 'object' ||
- typeof replacer.length !== 'number')) {
- throw new Error('JSON.stringify');
- }
-
-// Make a fake root object containing our value under the key of ''.
-// Return the result of stringifying the value.
-
- return str('', {'': value});
- };
- }
-
-
-// If the JSON object does not yet have a parse method, give it one.
-
- if (typeof JSON.parse !== 'function') {
- JSON.parse = function (text, reviver) {
-
-// The parse method takes a text and an optional reviver function, and returns
-// a JavaScript value if the text is a valid JSON text.
-
- var j;
-
- function walk(holder, key) {
-
-// The walk method is used to recursively walk the resulting structure so
-// that modifications can be made.
-
- var k, v, value = holder[key];
- if (value && typeof value === 'object') {
- for (k in value) {
- if (Object.prototype.hasOwnProperty.call(value, k)) {
- v = walk(value, k);
- if (v !== undefined) {
- value[k] = v;
- } else {
- delete value[k];
- }
- }
- }
- }
- return reviver.call(holder, key, value);
- }
-
-
-// Parsing happens in four stages. In the first stage, we replace certain
-// Unicode characters with escape sequences. JavaScript handles many characters
-// incorrectly, either silently deleting them, or treating them as line endings.
-
- text = String(text);
- rx_dangerous.lastIndex = 0;
- if (rx_dangerous.test(text)) {
- text = text.replace(rx_dangerous, function (a) {
- return '\\u' +
- ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
- });
- }
-
-// In the second stage, we run the text against regular expressions that look
-// for non-JSON patterns. We are especially concerned with '()' and 'new'
-// because they can cause invocation, and '=' because it can cause mutation.
-// But just to be safe, we want to reject all unexpected forms.
-
-// We split the second stage into 4 regexp operations in order to work around
-// crippling inefficiencies in IE's and Safari's regexp engines. First we
-// replace the JSON backslash pairs with '@' (a non-JSON character). Second, we
-// replace all simple value tokens with ']' characters. Third, we delete all
-// open brackets that follow a colon or comma or that begin the text. Finally,
-// we look to see that the remaining characters are only whitespace or ']' or
-// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval.
-
- if (
- rx_one.test(
- text
- .replace(rx_two, '@')
- .replace(rx_three, ']')
- .replace(rx_four, '')
- )
- ) {
-
-// In the third stage we use the eval function to compile the text into a
-// JavaScript structure. The '{' operator is subject to a syntactic ambiguity
-// in JavaScript: it can begin a block or an object literal. We wrap the text
-// in parens to eliminate the ambiguity.
-
- j = eval('(' + text + ')');
-
-// In the optional fourth stage, we recursively walk the new structure, passing
-// each name/value pair to a reviver function for possible transformation.
-
- return typeof reviver === 'function'
- ? walk({'': j}, '')
- : j;
- }
-
-// If the text is not JSON parseable, then a SyntaxError is thrown.
-
- throw new SyntaxError('JSON.parse');
- };
- }
-}());
+++ /dev/null
-/*!
- * Skip function for json2.js.
- */
-return !!( window.JSON && JSON.stringify && JSON.parse );
$result.empty();
if ( /^text\/mediawiki-api-prettyprint-wrapped(?:;|$)/.test( ct ) ) {
- data = $.parseJSON( data );
+ data = JSON.parse( data );
if ( data.modules.length ) {
mw.loader.load( data.modules );
}
// If the user can't upload anything, don't give them the option to.
api.getUserInfo().then( function ( userInfo ) {
if ( userInfo.rights.indexOf( 'upload' ) === -1 ) {
- // TODO Use a better error message when not all logged-in users can upload
- booklet.getPage( 'upload' ).$element.msg( 'api-error-mustbeloggedin' );
+ if ( mw.user.isAnon() ) {
+ booklet.getPage( 'upload' ).$element.msg( 'api-error-mustbeloggedin' );
+ } else {
+ booklet.getPage( 'upload' ).$element.msg( 'api-error-badaccess-groups' );
+ }
}
return $.Deferred().resolve();
} )
* - DOM Level 4 & Selectors API Level 1
* - HTML5 & Web Storage
* - DOM Level 2 Events
+ * - JSON
*
* Browsers we support in our modern run-time (Grade A):
- * - Chrome
+ * - Chrome 4+
* - IE 9+
* - Firefox 3.5+
- * - Safari 4+
+ * - Safari 5+
* - Opera 10.5+
- * - Mobile Safari (iOS 1+)
+ * - Mobile Safari (iOS 4+)
* - Android 2.0+
*
* Browsers we support in our no-javascript run-time (Grade C):
+ * - Chrome 1+
* - IE 6+
* - Firefox 3+
* - Safari 3+
// http://caniuse.com/#feat=addeventlistener
'addEventListener' in window &&
+ // http://caniuse.com/#feat=json
+ // https://phabricator.wikimedia.org/T141344#2784065
+ ( window.JSON && JSON.stringify && JSON.parse ) &&
+
// Hardcoded exceptions for browsers that pass the requirement but we don't want to
// support in the modern run-time.
// Note: Please extend the regex instead of adding new ones
$provider = $this->getProvider( [ 'emailEnabled' => false ] );
$status = $provider->providerAllowsAuthenticationDataChange( $req, true );
$this->assertEquals( \StatusValue::newFatal( 'passwordreset-emaildisabled' ), $status );
- $req->hasBackchannel = true;
- $status = $provider->providerAllowsAuthenticationDataChange( $req, true );
- $this->assertFalse( $status->hasMessage( 'passwordreset-emaildisabled' ) );
- $req->hasBackchannel = false;
$provider = $this->getProvider( [ 'passwordReminderResendTime' => 10 ] );
$status = $provider->providerAllowsAuthenticationDataChange( $req, true );
$provider = $this->getProvider( [ 'emailEnabled' => false ] );
$status = $provider->testForAccountCreation( $user, $creator, [ $req ] );
$this->assertEquals( \StatusValue::newFatal( 'emaildisabled' ), $status );
- $req->hasBackchannel = true;
- $status = $provider->testForAccountCreation( $user, $creator, [ $req ] );
- $this->assertFalse( $status->hasMessage( 'emaildisabled' ) );
- $req->hasBackchannel = false;
$provider = $this->getProvider( [ 'emailEnabled' => true ] );
$status = $provider->testForAccountCreation( $user, $creator, [ $req ] );
$this->assertEquals( \StatusValue::newFatal( 'noemailcreate' ), $status );
- $req->hasBackchannel = true;
- $status = $provider->testForAccountCreation( $user, $creator, [ $req ] );
- $this->assertFalse( $status->hasMessage( 'noemailcreate' ) );
- $req->hasBackchannel = false;
$user->setEmail( 'test@localhost.localdomain' );
$status = $provider->testForAccountCreation( $user, $creator, [ $req ] );
<?php
+use MediaWiki\MediaWikiServices;
/**
* @group Database
* @covers GenderCache::getGenderOf
*/
public function testUserName( $userKey, $expectedGender ) {
- $genderCache = GenderCache::singleton();
+ $genderCache = MediaWikiServices::getInstance()->getGenderCache();
$username = isset( self::$nameMap[$userKey] ) ? self::$nameMap[$userKey] : $userKey;
$gender = $genderCache->getGenderOf( $username );
$this->assertEquals( $gender, $expectedGender, "GenderCache normal" );
*/
public function testUserObjects( $userKey, $expectedGender ) {
$username = isset( self::$nameMap[$userKey] ) ? self::$nameMap[$userKey] : $userKey;
- $genderCache = GenderCache::singleton();
+ $genderCache = MediaWikiServices::getInstance()->getGenderCache();
$gender = $genderCache->getGenderOf( $username );
$this->assertEquals( $gender, $expectedGender, "GenderCache normal" );
}
*/
public function testStripSubpages( $userKey, $expectedGender ) {
$username = isset( self::$nameMap[$userKey] ) ? self::$nameMap[$userKey] : $userKey;
- $genderCache = GenderCache::singleton();
+ $genderCache = MediaWikiServices::getInstance()->getGenderCache();
$gender = $genderCache->getGenderOf( "$username/subpage" );
$this->assertEquals( $gender, $expectedGender, "GenderCache must strip of subpages" );
}
*/
public function testIsAllowed( $passwordResetRoutes, $enableEmail,
$allowsAuthenticationDataChange, $canEditPrivate, $canSeePassword,
- $userIsBlocked, $isAllowed, $isAllowedToDisplayPassword
+ $userIsBlocked, $isAllowed
) {
$config = new HashConfig( [
'PasswordResetRoutes' => $passwordResetRoutes,
$passwordReset = new PasswordReset( $config, $authManager );
$this->assertSame( $isAllowed, $passwordReset->isAllowed( $user )->isGood() );
- $this->assertSame( $isAllowedToDisplayPassword,
- $passwordReset->isAllowed( $user, true )->isGood() );
}
public function provideIsAllowed() {
'canSeePassword' => true,
'userIsBlocked' => false,
'isAllowed' => false,
- 'isAllowedToDisplayPassword' => false,
],
[
'passwordResetRoutes' => [ 'username' => true ],
'canSeePassword' => true,
'userIsBlocked' => false,
'isAllowed' => false,
- 'isAllowedToDisplayPassword' => false,
],
[
'passwordResetRoutes' => [ 'username' => true ],
'canSeePassword' => true,
'userIsBlocked' => false,
'isAllowed' => false,
- 'isAllowedToDisplayPassword' => false,
],
[
'passwordResetRoutes' => [ 'username' => true ],
'canSeePassword' => true,
'userIsBlocked' => false,
'isAllowed' => false,
- 'isAllowedToDisplayPassword' => false,
],
[
'passwordResetRoutes' => [ 'username' => true ],
'canSeePassword' => true,
'userIsBlocked' => true,
'isAllowed' => false,
- 'isAllowedToDisplayPassword' => false,
],
[
'passwordResetRoutes' => [ 'username' => true ],
'canSeePassword' => false,
'userIsBlocked' => false,
'isAllowed' => true,
- 'isAllowedToDisplayPassword' => false,
],
[
'passwordResetRoutes' => [ 'username' => true ],
'canSeePassword' => true,
'userIsBlocked' => false,
'isAllowed' => true,
- 'isAllowedToDisplayPassword' => true,
],
];
}