X-Git-Url: https://git.cyclocoop.org/%242?a=blobdiff_plain;f=includes%2Fauth%2FAuthManager.php;h=f9174a78fc6e554e17be516914b7e6f98570283f;hb=ddf37fec6d3e7c6a382dc94087e380864eac60d4;hp=e82f2b83fa1f4027f8f5c42ea3b62df5fbf7b2f9;hpb=39bfecf4097a3ab210c7c0c6d4dc51125c86afe1;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/auth/AuthManager.php b/includes/auth/AuthManager.php
index e82f2b83fa..f9174a78fc 100644
--- a/includes/auth/AuthManager.php
+++ b/includes/auth/AuthManager.php
@@ -54,7 +54,8 @@ use Wikimedia\ObjectFactory;
  * Code that is related to some SessionProvider or PrimaryAuthenticationProvider can
  * create a (non-reserved) user by calling AuthManager::autoCreateUser(); it is then the provider's
  * responsibility to ensure that the user can authenticate somehow (see especially
- * PrimaryAuthenticationProvider::autoCreatedAccount()).
+ * PrimaryAuthenticationProvider::autoCreatedAccount()). The same functionality can also be used
+ * from Maintenance scripts such as createAndPromote.php.
  * If you are writing code that is not associated with such a provider and needs to create accounts
  * programmatically for real users, you should rethink your architecture. There is no good way to
  * do that as such code has no knowledge of what authentication methods are enabled on the wiki and
@@ -113,6 +114,9 @@ class AuthManager implements LoggerAwareInterface {
 	/** Auto-creation is due to SessionManager */
 	const AUTOCREATE_SOURCE_SESSION = \MediaWiki\Session\SessionManager::class;
 
+	/** Auto-creation is due to a Maintenance script */
+	const AUTOCREATE_SOURCE_MAINT = '::Maintenance::';
+
 	/** @var AuthManager|null */
 	private static $instance = null;
 
@@ -1213,7 +1217,7 @@ class AuthManager implements LoggerAwareInterface {
 			$user->load( User::READ_LOCKING );
 
 			if ( $state['userid'] === 0 ) {
-				if ( $user->getId() != 0 ) {
+				if ( $user->getId() !== 0 ) {
 					$this->logger->debug( __METHOD__ . ': User exists locally', [
 						'user' => $user->getName(),
 						'creator' => $creator->getName(),
@@ -1234,7 +1238,7 @@ class AuthManager implements LoggerAwareInterface {
 						"User \"{$state['username']}\" should exist now, but doesn't!"
 					);
 				}
-				if ( $user->getId() != $state['userid'] ) {
+				if ( $user->getId() !== $state['userid'] ) {
 					$this->logger->debug( __METHOD__ . ': User ID/name mismatch', [
 						'user' => $user->getName(),
 						'creator' => $creator->getName(),
@@ -1243,7 +1247,7 @@ class AuthManager implements LoggerAwareInterface {
 					] );
 					throw new \UnexpectedValueException(
 						"User \"{$state['username']}\" exists, but " .
-							"ID {$user->getId()} != {$state['userid']}!"
+							"ID {$user->getId()} !== {$state['userid']}!"
 					);
 				}
 			}
@@ -1542,13 +1546,16 @@ class AuthManager implements LoggerAwareInterface {
 	 * explicitly (e.g. from a maintenance script) is also fine.
 	 *
 	 * @param User $user User to auto-create
-	 * @param string $source What caused the auto-creation? This must be the ID
-	 *  of a PrimaryAuthenticationProvider or the constant self::AUTOCREATE_SOURCE_SESSION.
+	 * @param string $source What caused the auto-creation? This must be one of:
+	 *  - the ID of a PrimaryAuthenticationProvider,
+	 *  - the constant self::AUTOCREATE_SOURCE_SESSION, or
+	 *  - the constant AUTOCREATE_SOURCE_MAINT.
 	 * @param bool $login Whether to also log the user in
 	 * @return Status Good if user was created, Ok if user already existed, otherwise Fatal
 	 */
 	public function autoCreateUser( User $user, $source, $login = true ) {
 		if ( $source !== self::AUTOCREATE_SOURCE_SESSION &&
+			$source !== self::AUTOCREATE_SOURCE_MAINT &&
 			!$this->getAuthenticationProvider( $source ) instanceof PrimaryAuthenticationProvider
 		) {
 			throw new \InvalidArgumentException( "Unknown auto-creation source: $source" );
@@ -1565,7 +1572,7 @@ class AuthManager implements LoggerAwareInterface {
 		// @codeCoverageIgnoreStart
 		if (
 			!$localId &&
-			MediaWikiServices::getInstance()->getDBLoadBalancer()->getReaderIndex() != 0
+			MediaWikiServices::getInstance()->getDBLoadBalancer()->getReaderIndex() !== 0
 		) {
 			$localId = User::idFromName( $username, User::READ_LATEST );
 			$flags = User::READ_LATEST;
@@ -1628,7 +1635,9 @@ class AuthManager implements LoggerAwareInterface {
 
 		// Is the IP user able to create accounts?
 		$anon = new User;
-		if ( !$anon->isAllowedAny( 'createaccount', 'autocreateaccount' ) ) {
+		if ( $source !== self::AUTOCREATE_SOURCE_MAINT &&
+			!$anon->isAllowedAny( 'createaccount', 'autocreateaccount' )
+		) {
 			$this->logger->debug( __METHOD__ . ': IP lacks the ability to create or autocreate accounts', [
 				'username' => $username,
 				'ip' => $anon->getName(),
@@ -1930,10 +1939,10 @@ class AuthManager implements LoggerAwareInterface {
 				$session->remove( 'AuthManager::accountLinkState' );
 				return AuthenticationResponse::newFail( wfMessage( 'noname' ) );
 			}
-			if ( $user->getId() != $state['userid'] ) {
+			if ( $user->getId() !== $state['userid'] ) {
 				throw new \UnexpectedValueException(
 					"User \"{$state['username']}\" is valid, but " .
-						"ID {$user->getId()} != {$state['userid']}!"
+						"ID {$user->getId()} !== {$state['userid']}!"
 				);
 			}