X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=includes%2FSetup.php;h=2c780617509b30856798675e9a995c41401694cb;hb=db35eca0949cdadc223cb03a01b1112a76c97577;hp=9db997adc55b67d1ccb80206119208901206e290;hpb=3198421632712b2a389eec5f222fd1c344ea74fc;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/Setup.php b/includes/Setup.php index 9db997adc5..2c78061750 100644 --- a/includes/Setup.php +++ b/includes/Setup.php @@ -450,6 +450,22 @@ if ( $wgProfileOnly ) { $wgDebugLogFile = ''; } +// Disable AuthManager API modules if $wgDisableAuthManager +if ( $wgDisableAuthManager ) { + $wgAPIModules += [ + 'clientlogin' => 'ApiDisabled', + 'createaccount' => 'ApiCreateAccount', // Use the non-AuthManager version + 'linkaccount' => 'ApiDisabled', + 'unlinkaccount' => 'ApiDisabled', + 'changeauthenticationdata' => 'ApiDisabled', + 'removeauthenticationdata' => 'ApiDisabled', + 'resetpassword' => 'ApiDisabled', + ]; + $wgAPIMetaModules += [ + 'authmanagerinfo' => 'ApiQueryDisabled', + ]; +} + // Backwards compatibility with old password limits if ( $wgMinimalPasswordLength !== false ) { $wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = $wgMinimalPasswordLength; @@ -501,7 +517,7 @@ if ( !class_exists( 'AutoLoader' ) ) { // Reset the global service locator, so any services that have already been created will be // re-created while taking into account any custom settings and extensions. -MediaWikiServices::resetGlobalInstance( new GlobalVarConfig() ); +MediaWikiServices::resetGlobalInstance( new GlobalVarConfig(), 'quick' ); // Define a constant that indicates that the bootstrapping of the service locator // is complete. @@ -692,9 +708,22 @@ $wgContLang->initContLang(); $wgRequest->interpolateTitle(); if ( !is_object( $wgAuth ) ) { - $wgAuth = new AuthPlugin; + $wgAuth = $wgDisableAuthManager ? new AuthPlugin : new MediaWiki\Auth\AuthManagerAuthPlugin; Hooks::run( 'AuthPluginSetup', [ &$wgAuth ] ); } +if ( !$wgDisableAuthManager && + $wgAuth && !$wgAuth instanceof MediaWiki\Auth\AuthManagerAuthPlugin +) { + MediaWiki\Auth\AuthManager::singleton()->forcePrimaryAuthenticationProviders( [ + new MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider( [ + 'authoritative' => false, + ] ), + new MediaWiki\Auth\AuthPluginPrimaryAuthenticationProvider( $wgAuth ), + new MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider( [ + 'authoritative' => true, + ] ), + ], '$wgAuth is ' . get_class( $wgAuth ) ); +} // Set up the session $ps_session = Profiler::instance()->scopedProfileIn( $fname . '-session' ); @@ -820,8 +849,21 @@ if ( !defined( 'MW_NO_SESSION' ) && !$wgCommandLineMode ) { $sessionUser = MediaWiki\Session\SessionManager::getGlobalSession()->getUser(); if ( $sessionUser->getId() === 0 && User::isValidUserName( $sessionUser->getName() ) ) { $ps_autocreate = Profiler::instance()->scopedProfileIn( $fname . '-autocreate' ); - MediaWiki\Session\SessionManager::autoCreateUser( $sessionUser ); + if ( $wgDisableAuthManager ) { + $res = MediaWiki\Session\SessionManager::autoCreateUser( $sessionUser ); + } else { + $res = MediaWiki\Auth\AuthManager::singleton()->autoCreateUser( + $sessionUser, + MediaWiki\Auth\AuthManager::AUTOCREATE_SOURCE_SESSION, + true + ); + } Profiler::instance()->scopedProfileOut( $ps_autocreate ); + \MediaWiki\Logger\LoggerFactory::getInstance( 'authmanager' )->info( 'Autocreation attempt', [ + 'event' => 'autocreate', + 'status' => $res, + ] ); + unset( $res ); } unset( $sessionUser ); }