From 26d2ea79dd660fd9284de4cbe842e452d3313dc0 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Gerg=C5=91=20Tisza?= <gtisza@wikimedia.org>
Date: Mon, 6 Jun 2016 14:43:03 +0000
Subject: [PATCH] Password change request should be optional on soft reset

Non-optional fields are required by HTMLForm now so the skip button
would not work properly.

Change-Id: Iad937767f0f7cf6dce43f7882720d1ed730ee28d
---
 .../auth/ResetPasswordSecondaryAuthenticationProvider.php | 2 ++
 .../ResetPasswordSecondaryAuthenticationProviderTest.php  | 8 ++++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php b/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
index f87a7620f2..dd97830dae 100644
--- a/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
+++ b/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
@@ -99,6 +99,8 @@ class ResetPasswordSecondaryAuthenticationProvider extends AbstractSecondaryAuth
 		if ( !$needReq->action ) {
 			$needReq->action = AuthManager::ACTION_CHANGE;
 		}
+		$needReq->required = $data->hard ? AuthenticationRequest::REQUIRED
+			: AuthenticationRequest::OPTIONAL;
 		$needReqs = [ $needReq ];
 		if ( !$data->hard ) {
 			$needReqs[] = new ButtonAuthenticationRequest(
diff --git a/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php b/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
index 59ededed72..79c138b5da 100644
--- a/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
+++ b/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
@@ -216,7 +216,9 @@ class ResetPasswordSecondaryAuthenticationProviderTest extends \MediaWikiTestCas
 		$this->assertSame( AuthenticationResponse::UI, $res->status );
 		$this->assertEquals( $msg, $res->message );
 		$this->assertCount( 2, $res->neededRequests );
-		$this->assertEquals( $passReq, $res->neededRequests[0] );
+		$expectedPassReq = clone $passReq;
+		$expectedPassReq->required = AuthenticationRequest::OPTIONAL;
+		$this->assertEquals( $expectedPassReq, $res->neededRequests[0] );
 		$this->assertEquals( $skipReq, $res->neededRequests[1] );
 		$this->assertNotNull( $manager->getAuthenticationSessionData( 'reset-pass' ) );
 		$this->assertFalse( $passReq->done );
@@ -304,7 +306,9 @@ class ResetPasswordSecondaryAuthenticationProviderTest extends \MediaWikiTestCas
 		$this->assertSame( AuthenticationResponse::UI, $res->status );
 		$this->assertEquals( $msg, $res->message );
 		$this->assertCount( 2, $res->neededRequests );
-		$this->assertEquals( $passReq2, $res->neededRequests[0] );
+		$expectedPassReq = clone $passReq2;
+		$expectedPassReq->required = AuthenticationRequest::OPTIONAL;
+		$this->assertEquals( $expectedPassReq, $res->neededRequests[0] );
 		$this->assertEquals( $skipReq, $res->neededRequests[1] );
 		$this->assertNotNull( $manager->getAuthenticationSessionData( 'reset-pass' ) );
 		$this->assertFalse( $passReq->done );
-- 
2.20.1