From 0d3807c510762187f6364f22a3d1c78fab8f51d8 Mon Sep 17 00:00:00 2001
From: Reedy <reedy@wikimedia.org>
Date: Thu, 27 Dec 2018 20:19:35 +0000
Subject: [PATCH] Deprecate PasswordPolicyChecks::checkPopularPasswordBlacklist

Change-Id: I4c90e361b7538efeb0c5efa7ca61aed2e468591c
---
 RELEASE-NOTES-1.33                                           | 3 +++
 includes/DefaultSettings.php                                 | 2 ++
 includes/password/PasswordPolicyChecks.php                   | 3 +++
 tests/phpunit/includes/password/PasswordPolicyChecksTest.php | 1 +
 4 files changed, 9 insertions(+)

diff --git a/RELEASE-NOTES-1.33 b/RELEASE-NOTES-1.33
index 7566b63624..759d91273a 100644
--- a/RELEASE-NOTES-1.33
+++ b/RELEASE-NOTES-1.33
@@ -195,6 +195,9 @@ because of Phabricator reports.
   returns the same information in a more useful format.
 * For Linker::generateTOC() and Linker::tocList(), passing strings or booleans
   as the $lang parameter was deprecated. The same applies to DummyLinker.
+* The PasswordPolicy 'PasswordCannotBePopular' has been deprecated. To
+  follow best practices, it is reccommended to use 'PasswordNotInLargeBlacklist'
+  instead which blacklists 100,000 commonly used passwords.
 * â¦
 
 === Other changes in 1.33 ===
diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 7f0f59d5ca..f7c3fce124 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -4487,6 +4487,7 @@ $wgCentralIdLookupProvider = 'local';
  *		commonly chosen. Set to integer n to ban the top n passwords.
  *		If you want to ban all common passwords on file, use the
  *		PHP_INT_MAX constant.
+ *		Deprecated since 1.33. Use PasswordNotInLargeBlacklist instead.
  *	- PasswordNotInLargeBlacklist - Password not in best practices list of
  *		100,000 commonly used passwords. Due to the size of the list this
  *      is a probabilistic test.
@@ -8777,6 +8778,7 @@ $wgSearchRunSuggestedQuery = true;
  *
  * @see maintenance/createCommonPasswordCdb.php
  * @since 1.27
+ * @deprecated since 1.33
  * @var string path to file
  */
 $wgPopularPasswordFile = __DIR__ . '/password/commonpasswords.cdb';
diff --git a/includes/password/PasswordPolicyChecks.php b/includes/password/PasswordPolicyChecks.php
index 81b8a0d3ba..c3af88f07d 100644
--- a/includes/password/PasswordPolicyChecks.php
+++ b/includes/password/PasswordPolicyChecks.php
@@ -143,6 +143,7 @@ class PasswordPolicyChecks {
 	 * @param User $user
 	 * @param string $password
 	 * @since 1.27
+	 * @deprecated since 1.33
 	 * @return Status
 	 * @see $wgPopularPasswordFile
 	 */
@@ -150,6 +151,8 @@ class PasswordPolicyChecks {
 		global $wgPopularPasswordFile, $wgSitename;
 		$status = Status::newGood();
 		if ( $policyVal > 0 ) {
+			wfDeprecated( __METHOD__, '1.33' );
+
 			$langEn = Language::factory( 'en' );
 			$passwordKey = $langEn->lc( trim( $password ) );
 
diff --git a/tests/phpunit/includes/password/PasswordPolicyChecksTest.php b/tests/phpunit/includes/password/PasswordPolicyChecksTest.php
index 215201e9df..9f9824f8b7 100644
--- a/tests/phpunit/includes/password/PasswordPolicyChecksTest.php
+++ b/tests/phpunit/includes/password/PasswordPolicyChecksTest.php
@@ -148,6 +148,7 @@ class PasswordPolicyChecksTest extends MediaWikiTestCase {
 	 */
 	public function testCheckPopularPasswordBlacklist( $expected, $password ) {
 		global $IP;
+		$this->hideDeprecated( 'PasswordPolicyChecks::checkPopularPasswordBlacklist' );
 		$this->setMwGlobals( [
 			'wgSitename' => 'sitename',
 			'wgPopularPasswordFile' => "$IP/includes/password/commonpasswords.cdb"
-- 
2.20.1