* Code that is related to some SessionProvider or PrimaryAuthenticationProvider can
* create a (non-reserved) user by calling AuthManager::autoCreateUser(); it is then the provider's
* responsibility to ensure that the user can authenticate somehow (see especially
- * PrimaryAuthenticationProvider::autoCreatedAccount()).
+ * PrimaryAuthenticationProvider::autoCreatedAccount()). The same functionality can also be used
+ * from Maintenance scripts such as createAndPromote.php.
* If you are writing code that is not associated with such a provider and needs to create accounts
* programmatically for real users, you should rethink your architecture. There is no good way to
* do that as such code has no knowledge of what authentication methods are enabled on the wiki and
/** Auto-creation is due to SessionManager */
const AUTOCREATE_SOURCE_SESSION = \MediaWiki\Session\SessionManager::class;
+ /** Auto-creation is due to a Maintenance script */
+ const AUTOCREATE_SOURCE_MAINT = '::Maintenance::';
+
/** @var AuthManager|null */
private static $instance = null;
}
/**
- * Call a legacy AuthPlugin method, if necessary
+ * This used to call a legacy AuthPlugin method, if necessary. Since that code has
+ * been removed, it now just returns the $return parameter.
+ *
* @codeCoverageIgnore
* @deprecated For backwards compatibility only, should be avoided in new code
* @param string $method AuthPlugin method to call
* @return mixed Return value from the AuthPlugin method, or $return
*/
public static function callLegacyAuthPlugin( $method, array $params, $return = null ) {
- global $wgAuth;
-
- if ( $wgAuth && !$wgAuth instanceof AuthManagerAuthPlugin ) {
- return $wgAuth->$method( ...$params );
- } else {
- return $return;
- }
+ wfDeprecated( __METHOD__, '1.33' );
+ return $return;
}
/**
* explicitly (e.g. from a maintenance script) is also fine.
*
* @param User $user User to auto-create
- * @param string $source What caused the auto-creation? This must be the ID
- * of a PrimaryAuthenticationProvider or the constant self::AUTOCREATE_SOURCE_SESSION.
+ * @param string $source What caused the auto-creation? This must be one of:
+ * - the ID of a PrimaryAuthenticationProvider,
+ * - the constant self::AUTOCREATE_SOURCE_SESSION, or
+ * - the constant AUTOCREATE_SOURCE_MAINT.
* @param bool $login Whether to also log the user in
* @return Status Good if user was created, Ok if user already existed, otherwise Fatal
*/
public function autoCreateUser( User $user, $source, $login = true ) {
if ( $source !== self::AUTOCREATE_SOURCE_SESSION &&
+ $source !== self::AUTOCREATE_SOURCE_MAINT &&
!$this->getAuthenticationProvider( $source ) instanceof PrimaryAuthenticationProvider
) {
throw new \InvalidArgumentException( "Unknown auto-creation source: $source" );
// Is the IP user able to create accounts?
$anon = new User;
- if ( !$anon->isAllowedAny( 'createaccount', 'autocreateaccount' ) ) {
+ if ( $source !== self::AUTOCREATE_SOURCE_MAINT &&
+ !$anon->isAllowedAny( 'createaccount', 'autocreateaccount' )
+ ) {
$this->logger->debug( __METHOD__ . ': IP lacks the ability to create or autocreate accounts', [
'username' => $username,
'ip' => $anon->getName(),
// Inform the providers
$this->callMethodOnProviders( 6, 'autoCreatedAccount', [ $user, $source ] );
- \Hooks::run( 'AuthPluginAutoCreate', [ $user ], '1.27' );
\Hooks::run( 'LocalUserCreated', [ $user, true ] );
$user->saveSettings();