Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/includes/user/BotPasswordStore.php

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

401 lines
12 KiB
PHP
Raw Normal View History

Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
<?php
/**
* BotPassword interaction with databases
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @file
*/
namespace MediaWiki\User;
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
use IDBAccessObject;
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
use MediaWiki\Config\ServiceOptions;
Add namespace and deprecation alias to FormatJson This patch introduces a namespace declaration for the MediaWiki\Json to FormatJson and establishes a class alias marked as deprecated since version 1.43. Bug: T353458 Change-Id: I5e1311e4eb7a878a7db319b725ae262f40671c32
2024-05-16 12:28:33 +00:00
use MediaWiki\Json\FormatJson;
Use MainConfigNames instead of string literals, #4 Now largely automated: VARS=$(grep -o "'[A-Za-z0-9_]*'" includes/MainConfigNames.php | \ tr "\n" '|' | sed "s/|$/\n/;s/'//g") sed -i -E "s/'($VARS)'/MainConfigNames::\1/g" \ $(grep -ERIl "'($VARS)'" includes/) Then git add -p with lots of error-prone manual checking. Then semi-manually add all the necessary "use" lines: vim $(grep -L 'use MediaWiki\\MainConfigNames;' \ $(git diff --cached --name-only --diff-filter=M HEAD^)) I didn't bother fixing lines that were over 100 characters unless they were over 120 and triggered phpcs. Bug: T305805 Change-Id: I74e0ab511abecb276717ad4276a124760a268147
2022-04-26 15:48:03 +00:00
use MediaWiki\MainConfigNames;
Namespace includes/password Bug: T353458 Change-Id: I1a701b5b7ff65356692abb0efde9a2207b6135b6
2024-05-16 17:55:24 +00:00
use MediaWiki\Password\Password;
use MediaWiki\Password\PasswordFactory;
Namespace remaining User-related classes under \MediaWiki\User Bug: T166010 Change-Id: Ibda1e8be0f23c6262a32b607f8260cad36f188fc
2023-09-19 16:42:44 +00:00
use MediaWiki\User\CentralId\CentralIdLookup;
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
use MWCryptRand;
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
use MWRestrictions;
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
use StatusValue;
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
use Wikimedia\Rdbms\IConnectionProvider;
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
use Wikimedia\Rdbms\IDatabase;
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
use Wikimedia\Rdbms\IReadableDatabase;
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
/**
* @author DannyS712
* @since 1.37
*/
Remove IDBAccessObject from being implemented in many classes This is inconsistent with the access pattern of other constants in MediaWiki. it's also confusing (e.g. it's unclear to a newcomer why UserFactory is implementing IDBAccessObject) and it's prone to clashes (e.g. BagOStuff class has a clashing constant). It has been already announced: https://w.wiki/9DAX Bug: T354194 Change-Id: Ic2357634b8385d65b55db2b557191419b06c40e0
2024-02-19 08:58:53 +00:00
class BotPasswordStore {
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
/**
* @internal For use by ServiceWiring
*/
public const CONSTRUCTOR_OPTIONS = [
Use MainConfigNames instead of string literals, #4 Now largely automated: VARS=$(grep -o "'[A-Za-z0-9_]*'" includes/MainConfigNames.php | \ tr "\n" '|' | sed "s/|$/\n/;s/'//g") sed -i -E "s/'($VARS)'/MainConfigNames::\1/g" \ $(grep -ERIl "'($VARS)'" includes/) Then git add -p with lots of error-prone manual checking. Then semi-manually add all the necessary "use" lines: vim $(grep -L 'use MediaWiki\\MainConfigNames;' \ $(git diff --cached --name-only --diff-filter=M HEAD^)) I didn't bother fixing lines that were over 100 characters unless they were over 120 and triggered phpcs. Bug: T305805 Change-Id: I74e0ab511abecb276717ad4276a124760a268147
2022-04-26 15:48:03 +00:00
MainConfigNames::EnableBotPasswords,
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
];
Add some typed properties to User-related services Change-Id: Ia73c3a044dfa50e9d9d43bf0e28eed2f65edcdce
2023-09-28 15:25:12 +00:00
private ServiceOptions $options;
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
private IConnectionProvider $dbProvider;
Add some typed properties to User-related services Change-Id: Ia73c3a044dfa50e9d9d43bf0e28eed2f65edcdce
2023-09-28 15:25:12 +00:00
private CentralIdLookup $centralIdLookup;
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
/**
* @param ServiceOptions $options
* @param CentralIdLookup $centralIdLookup
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
* @param IConnectionProvider $dbProvider
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
*/
public function __construct(
ServiceOptions $options,
CentralIdLookup $centralIdLookup,
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
IConnectionProvider $dbProvider
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
) {
$options->assertRequiredOptions( self::CONSTRUCTOR_OPTIONS );
$this->options = $options;
$this->centralIdLookup = $centralIdLookup;
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
$this->dbProvider = $dbProvider;
}
/**
* Get a database connection for the bot passwords database
* @return IReadableDatabase
* @internal
*/
public function getReplicaDatabase(): IReadableDatabase {
return $this->dbProvider->getReplicaDatabase( 'virtual-botpasswords' );
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
}
/**
* Get a database connection for the bot passwords database
* @return IDatabase
* @internal
*/
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
public function getPrimaryDatabase(): IDatabase {
return $this->dbProvider->getPrimaryDatabase( 'virtual-botpasswords' );
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
}
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
/**
BotPasswordStore: accept UserIdentity objects Now that CentralIdLookup doesn't require full User objects Bug: T265769 Follow-up: I67bf4f2442269b8aa1002868ede9a71a5ca43a84 Change-Id: I953333116f6cd6dc095914929914a970cc190292
2021-07-21 17:57:10 +00:00
* Load a BotPassword from the database based on a UserIdentity object
* @param UserIdentity $userIdentity
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
* @param string $appId
* @param int $flags IDBAccessObject read flags
* @return BotPassword|null
*/
public function getByUser(
BotPasswordStore: accept UserIdentity objects Now that CentralIdLookup doesn't require full User objects Bug: T265769 Follow-up: I67bf4f2442269b8aa1002868ede9a71a5ca43a84 Change-Id: I953333116f6cd6dc095914929914a970cc190292
2021-07-21 17:57:10 +00:00
UserIdentity $userIdentity,
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
string $appId,
Directly call IDBAccessObject constants instead of implementing it Instead of calling self::READ_* on these constants, just directly call it. Since these classes are public and might be relied on directly in other places, we can't remove the "implements IDBAccessObject" yet but we will start doing that soon. Bug: T354194 Change-Id: I3e26b9fc7f93efdfc55a1790a7cdfa5c0d562303
2024-01-10 21:15:28 +00:00
int $flags = IDBAccessObject::READ_NORMAL
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
): ?BotPassword {
Use MainConfigNames instead of string literals, #4 Now largely automated: VARS=$(grep -o "'[A-Za-z0-9_]*'" includes/MainConfigNames.php | \ tr "\n" '|' | sed "s/|$/\n/;s/'//g") sed -i -E "s/'($VARS)'/MainConfigNames::\1/g" \ $(grep -ERIl "'($VARS)'" includes/) Then git add -p with lots of error-prone manual checking. Then semi-manually add all the necessary "use" lines: vim $(grep -L 'use MediaWiki\\MainConfigNames;' \ $(git diff --cached --name-only --diff-filter=M HEAD^)) I didn't bother fixing lines that were over 100 characters unless they were over 120 and triggered phpcs. Bug: T305805 Change-Id: I74e0ab511abecb276717ad4276a124760a268147
2022-04-26 15:48:03 +00:00
if ( !$this->options->get( MainConfigNames::EnableBotPasswords ) ) {
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
return null;
}
$centralId = $this->centralIdLookup->centralIdFromLocalUser(
BotPasswordStore: accept UserIdentity objects Now that CentralIdLookup doesn't require full User objects Bug: T265769 Follow-up: I67bf4f2442269b8aa1002868ede9a71a5ca43a84 Change-Id: I953333116f6cd6dc095914929914a970cc190292
2021-07-21 17:57:10 +00:00
$userIdentity,
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
CentralIdLookup::AUDIENCE_RAW,
$flags
);
return $centralId ? $this->getByCentralId( $centralId, $appId, $flags ) : null;
}
/**
* Load a BotPassword from the database
* @param int $centralId from CentralIdLookup
* @param string $appId
* @param int $flags IDBAccessObject read flags
* @return BotPassword|null
*/
public function getByCentralId(
int $centralId,
string $appId,
Directly call IDBAccessObject constants instead of implementing it Instead of calling self::READ_* on these constants, just directly call it. Since these classes are public and might be relied on directly in other places, we can't remove the "implements IDBAccessObject" yet but we will start doing that soon. Bug: T354194 Change-Id: I3e26b9fc7f93efdfc55a1790a7cdfa5c0d562303
2024-01-10 21:15:28 +00:00
int $flags = IDBAccessObject::READ_NORMAL
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
): ?BotPassword {
Use MainConfigNames instead of string literals, #4 Now largely automated: VARS=$(grep -o "'[A-Za-z0-9_]*'" includes/MainConfigNames.php | \ tr "\n" '|' | sed "s/|$/\n/;s/'//g") sed -i -E "s/'($VARS)'/MainConfigNames::\1/g" \ $(grep -ERIl "'($VARS)'" includes/) Then git add -p with lots of error-prone manual checking. Then semi-manually add all the necessary "use" lines: vim $(grep -L 'use MediaWiki\\MainConfigNames;' \ $(git diff --cached --name-only --diff-filter=M HEAD^)) I didn't bother fixing lines that were over 100 characters unless they were over 120 and triggered phpcs. Bug: T305805 Change-Id: I74e0ab511abecb276717ad4276a124760a268147
2022-04-26 15:48:03 +00:00
if ( !$this->options->get( MainConfigNames::EnableBotPasswords ) ) {
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
return null;
}
rdbms: Remove more usages of DBAccessObjectUtils::getDBOptions() Also remove the fallback index and options as it was agreed upon in the ticket as its needlessly complicates the function and is only used in SqlBlobStore which can have its own copy of the function Bug: T354194 Change-Id: I38b179c9bfeb7d2c3e92fa4845dce19558f45a0f
2024-02-15 14:29:26 +00:00
if ( ( $flags & IDBAccessObject::READ_LATEST ) == IDBAccessObject::READ_LATEST ) {
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
$db = $this->dbProvider->getPrimaryDatabase( 'virtual-botpasswords' );
} else {
$db = $this->dbProvider->getReplicaDatabase( 'virtual-botpasswords' );
}
Migrate more calls of Database::select* to SelectQueryBuilder Using a php parser written on top of ANTLR4, done semi-automatically. I checked everything and made adjustments. Bug: T311866 Change-Id: I6150c6909bce8f3dbd745a26380cc0af9d9c547f
2023-07-25 13:37:41 +00:00
$row = $db->newSelectQueryBuilder()
->select( [ 'bp_user', 'bp_app_id', 'bp_token', 'bp_restrictions', 'bp_grants' ] )
->from( 'bot_passwords' )
->where( [ 'bp_user' => $centralId, 'bp_app_id' => $appId ] )
rdbms: Introduce and use SQB::recency to phase out DBAccessObjectUtils This can slowly simplify and clean up this class. Bug: T354194 Change-Id: I925544ec3107334d40afa42da37be930c25358a8
2024-01-10 21:48:50 +00:00
->recency( $flags )
Migrate more calls of Database::select* to SelectQueryBuilder Using a php parser written on top of ANTLR4, done semi-automatically. I checked everything and made adjustments. Bug: T311866 Change-Id: I6150c6909bce8f3dbd745a26380cc0af9d9c547f
2023-07-25 13:37:41 +00:00
->caller( __METHOD__ )->fetchRow();
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
return $row ? new BotPassword( $row, true, $flags ) : null;
}
/**
* Create an unsaved BotPassword
* @param array $data Data to use to create the bot password. Keys are:
BotPasswordStore: accept UserIdentity objects Now that CentralIdLookup doesn't require full User objects Bug: T265769 Follow-up: I67bf4f2442269b8aa1002868ede9a71a5ca43a84 Change-Id: I953333116f6cd6dc095914929914a970cc190292
2021-07-21 17:57:10 +00:00
* - user: (UserIdentity) UserIdentity to create the password for. Overrides username and centralId.
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
* - username: (string) Username to create the password for. Overrides centralId.
* - centralId: (int) User central ID to create the password for.
* - appId: (string, required) App ID for the password.
* - restrictions: (MWRestrictions, optional) Restrictions.
* - grants: (string[], optional) Grants.
* @param int $flags IDBAccessObject read flags
* @return BotPassword|null
*/
public function newUnsavedBotPassword(
array $data,
Directly call IDBAccessObject constants instead of implementing it Instead of calling self::READ_* on these constants, just directly call it. Since these classes are public and might be relied on directly in other places, we can't remove the "implements IDBAccessObject" yet but we will start doing that soon. Bug: T354194 Change-Id: I3e26b9fc7f93efdfc55a1790a7cdfa5c0d562303
2024-01-10 21:15:28 +00:00
int $flags = IDBAccessObject::READ_NORMAL
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
): ?BotPassword {
BotPasswordStore: accept UserIdentity objects Now that CentralIdLookup doesn't require full User objects Bug: T265769 Follow-up: I67bf4f2442269b8aa1002868ede9a71a5ca43a84 Change-Id: I953333116f6cd6dc095914929914a970cc190292
2021-07-21 17:57:10 +00:00
if ( isset( $data['user'] ) && ( !$data['user'] instanceof UserIdentity ) ) {
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
return null;
}
$row = (object)[
'bp_user' => 0,
Replace some more isset() with shorter ?? syntax Change-Id: Ie119167bc2584f047e29174f95c39b65f99a64a6
2021-11-02 09:39:38 +00:00
'bp_app_id' => trim( $data['appId'] ?? '' ),
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
'bp_token' => '**unsaved**',
'bp_restrictions' => $data['restrictions'] ?? MWRestrictions::newDefault(),
'bp_grants' => $data['grants'] ?? [],
];
if (
$row->bp_app_id === '' ||
strlen( $row->bp_app_id ) > BotPassword::APPID_MAXLENGTH ||
!$row->bp_restrictions instanceof MWRestrictions ||
!is_array( $row->bp_grants )
) {
return null;
}
$row->bp_restrictions = $row->bp_restrictions->toJson();
$row->bp_grants = FormatJson::encode( $row->bp_grants );
if ( isset( $data['user'] ) ) {
BotPasswordStore: accept UserIdentity objects Now that CentralIdLookup doesn't require full User objects Bug: T265769 Follow-up: I67bf4f2442269b8aa1002868ede9a71a5ca43a84 Change-Id: I953333116f6cd6dc095914929914a970cc190292
2021-07-21 17:57:10 +00:00
// Must be a UserIdentity object, already checked above
Move BotPassword lookup methods to BotPasswordStore I was considering adding a separate service for the creation/fetching of BotPassword instances (probably BotPasswordLookup or BotPasswordFactory) but since it would need to access the same bot password database that BotPasswordStore uses, it would either need to duplicate the logic, or have a store injected, which would reduce the benefits of having separate services. The following methods were moved: * newFromUser (also renamed to getByUser) * newFromCentralId (also renamed to getByCentralId) * newUnsaved Additionally, BotPassword::__construct() is made public, though marked as @internal Bug: T265769 Change-Id: I2a5f46a8fbdf3867517eeb006d886b943fa85af1
2021-07-15 20:27:29 +00:00
$row->bp_user = $this->centralIdLookup->centralIdFromLocalUser(
$data['user'],
CentralIdLookup::AUDIENCE_RAW,
$flags
);
} elseif ( isset( $data['username'] ) ) {
$row->bp_user = $this->centralIdLookup->centralIdFromName(
$data['username'],
CentralIdLookup::AUDIENCE_RAW,
$flags
);
} elseif ( isset( $data['centralId'] ) ) {
$row->bp_user = $data['centralId'];
}
if ( !$row->bp_user ) {
return null;
}
return new BotPassword( $row, false, $flags );
}
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
/**
* Save the new BotPassword to the database
*
* @internal
*
* @param BotPassword $botPassword
* @param Password|null $password Use null for an invalid password
* @return StatusValue if everything worked, the value of the StatusValue is the new token
*/
public function insertBotPassword(
BotPassword $botPassword,
Password $password = null
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
): StatusValue {
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
$res = $this->validateBotPassword( $botPassword );
if ( !$res->isGood() ) {
return $res;
}
if ( $password === null ) {
$password = PasswordFactory::newInvalidPassword();
}
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
$dbw = $this->getPrimaryDatabase();
Mass migrate Database::insert calls to InsertQueryBuilder Done automatically based on a php parser written on top of ANTLR4 Bug: T335377 Change-Id: Ie8fabc594edab18e55cb1d5bbf573762106e3d71
2023-08-03 20:05:22 +00:00
$dbw->newInsertQueryBuilder()
In query builders, use insertInto() and deleteFrom() instead of insert() and delete() The design principle for SelectQueryBuilder was to make the chained builder calls look as much like SQL as possible, so that developers could leverage their knowledge of SQL to understand what the query builder is doing. That's why SelectQueryBuilder::select() takes a list of fields, and by the same principle, it makes sense for UpdateQueryBuilder::update() to take a table. However with "insert" and "delete", the SQL designers chose to add prepositions "into" and "from", and I think it makes sense to follow that here. In terms of natural language, we update a table, but we don't delete a table, or insert a table. We delete rows from a table, or insert rows into a table. The table is not the object of the verb. So, add insertInto() as an alias for insert(), and add deleteFrom() as an alias for delete(). Use the new methods in MW core callers where PHPStorm knows the type. Change-Id: Idb327a54a57a0fb2288ea067472c1e9727016000
2023-09-08 00:06:59 +00:00
->insertInto( 'bot_passwords' )
Mass migrate Database::insert calls to InsertQueryBuilder Done automatically based on a php parser written on top of ANTLR4 Bug: T335377 Change-Id: Ie8fabc594edab18e55cb1d5bbf573762106e3d71
2023-08-03 20:05:22 +00:00
->ignore()
->row( [
'bp_user' => $botPassword->getUserCentralId(),
'bp_app_id' => $botPassword->getAppId(),
'bp_token' => MWCryptRand::generateHex( User::TOKEN_LENGTH ),
'bp_restrictions' => $botPassword->getRestrictions()->toJson(),
'bp_grants' => FormatJson::encode( $botPassword->getGrants() ),
'bp_password' => $password->toString(),
] )
->caller( __METHOD__ )->execute();
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
$ok = (bool)$dbw->affectedRows();
if ( $ok ) {
Migrate more calls of Database::select* to SelectQueryBuilder Using a php parser written on top of ANTLR4, done semi-automatically. I checked everything and made adjustments. Bug: T311866 Change-Id: I6150c6909bce8f3dbd745a26380cc0af9d9c547f
2023-07-25 13:37:41 +00:00
$token = $dbw->newSelectQueryBuilder()
->select( 'bp_token' )
->from( 'bot_passwords' )
->where( [ 'bp_user' => $botPassword->getUserCentralId(), 'bp_app_id' => $botPassword->getAppId(), ] )
->caller( __METHOD__ )->fetchField();
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
return StatusValue::newGood( $token );
}
return StatusValue::newFatal( 'botpasswords-insert-failed', $botPassword->getAppId() );
}
/**
* Update an existing BotPassword in the database
*
* @internal
*
* @param BotPassword $botPassword
* @param Password|null $password Use null for an invalid password
* @return StatusValue if everything worked, the value of the StatusValue is the new token
*/
public function updateBotPassword(
BotPassword $botPassword,
Password $password = null
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
): StatusValue {
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
$res = $this->validateBotPassword( $botPassword );
if ( !$res->isGood() ) {
return $res;
}
$conds = [
'bp_user' => $botPassword->getUserCentralId(),
'bp_app_id' => $botPassword->getAppId(),
];
$fields = [
'bp_token' => MWCryptRand::generateHex( User::TOKEN_LENGTH ),
'bp_restrictions' => $botPassword->getRestrictions()->toJson(),
'bp_grants' => FormatJson::encode( $botPassword->getGrants() ),
];
if ( $password !== null ) {
$fields['bp_password'] = $password->toString();
}
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
$dbw = $this->getPrimaryDatabase();
Migrate Database::update() to UpdateQueryBuilder I did this using a script written on top of antlr4 parser so it doesn't have some clean ups a human would do but it's pretty nice already. Bug: T330640 Change-Id: I608566700c6d737ee986bf47dda87effc69614d6
2023-06-07 22:07:31 +00:00
$dbw->newUpdateQueryBuilder()
->update( 'bot_passwords' )
->set( $fields )
->where( $conds )
->caller( __METHOD__ )->execute();
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
$ok = (bool)$dbw->affectedRows();
if ( $ok ) {
Migrate more calls of Database::select* to SelectQueryBuilder Using a php parser written on top of ANTLR4, done semi-automatically. I checked everything and made adjustments. Bug: T311866 Change-Id: I6150c6909bce8f3dbd745a26380cc0af9d9c547f
2023-07-25 13:37:41 +00:00
$token = $dbw->newSelectQueryBuilder()
->select( 'bp_token' )
->from( 'bot_passwords' )
->where( $conds )
->caller( __METHOD__ )->fetchField();
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
return StatusValue::newGood( $token );
}
return StatusValue::newFatal( 'botpasswords-update-failed', $botPassword->getAppId() );
}
/**
* Check if a BotPassword is valid to save in the database (either inserting a new
* one or updating an existing one) based on the size of the restrictions and grants
*
* @param BotPassword $botPassword
* @return StatusValue
*/
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
private function validateBotPassword( BotPassword $botPassword ): StatusValue {
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
$res = StatusValue::newGood();
$restrictions = $botPassword->getRestrictions()->toJson();
if ( strlen( $restrictions ) > BotPassword::RESTRICTIONS_MAXLENGTH ) {
$res->fatal( 'botpasswords-toolong-restrictions' );
}
$grants = FormatJson::encode( $botPassword->getGrants() );
if ( strlen( $grants ) > BotPassword::GRANTS_MAXLENGTH ) {
$res->fatal( 'botpasswords-toolong-grants' );
}
return $res;
}
/**
* Delete an existing BotPassword in the database
*
* @param BotPassword $botPassword
* @return bool
*/
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
public function deleteBotPassword( BotPassword $botPassword ): bool {
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
$dbw = $this->getPrimaryDatabase();
user: Switch Database::delete to DeleteQueryBuilder Change-Id: I9a3f9bae80560c56197606a46ba29ad85a5a1844
2023-04-29 22:03:51 +00:00
$dbw->newDeleteQueryBuilder()
In query builders, use insertInto() and deleteFrom() instead of insert() and delete() The design principle for SelectQueryBuilder was to make the chained builder calls look as much like SQL as possible, so that developers could leverage their knowledge of SQL to understand what the query builder is doing. That's why SelectQueryBuilder::select() takes a list of fields, and by the same principle, it makes sense for UpdateQueryBuilder::update() to take a table. However with "insert" and "delete", the SQL designers chose to add prepositions "into" and "from", and I think it makes sense to follow that here. In terms of natural language, we update a table, but we don't delete a table, or insert a table. We delete rows from a table, or insert rows into a table. The table is not the object of the verb. So, add insertInto() as an alias for insert(), and add deleteFrom() as an alias for delete(). Use the new methods in MW core callers where PHPStorm knows the type. Change-Id: Idb327a54a57a0fb2288ea067472c1e9727016000
2023-09-08 00:06:59 +00:00
->deleteFrom( 'bot_passwords' )
user: Switch Database::delete to DeleteQueryBuilder Change-Id: I9a3f9bae80560c56197606a46ba29ad85a5a1844
2023-04-29 22:03:51 +00:00
->where( [ 'bp_user' => $botPassword->getUserCentralId() ] )
->andWhere( [ 'bp_app_id' => $botPassword->getAppId() ] )
->caller( __METHOD__ )->execute();
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
return (bool)$dbw->affectedRows();
}
/**
* Invalidate all passwords for a user, by name
Remove some more comments that literally repeat the code Nothing to learn from these. You can find a longer explanation in the comments in I93751e6. Change-Id: I195aae70fc282b58be5b18160783f27d38605d15
2021-11-26 15:21:17 +00:00
* @param string $username
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
* @return bool Whether any passwords were invalidated
*/
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
public function invalidateUserPasswords( string $username ): bool {
Use MainConfigNames instead of string literals, #4 Now largely automated: VARS=$(grep -o "'[A-Za-z0-9_]*'" includes/MainConfigNames.php | \ tr "\n" '|' | sed "s/|$/\n/;s/'//g") sed -i -E "s/'($VARS)'/MainConfigNames::\1/g" \ $(grep -ERIl "'($VARS)'" includes/) Then git add -p with lots of error-prone manual checking. Then semi-manually add all the necessary "use" lines: vim $(grep -L 'use MediaWiki\\MainConfigNames;' \ $(git diff --cached --name-only --diff-filter=M HEAD^)) I didn't bother fixing lines that were over 100 characters unless they were over 120 and triggered phpcs. Bug: T305805 Change-Id: I74e0ab511abecb276717ad4276a124760a268147
2022-04-26 15:48:03 +00:00
if ( !$this->options->get( MainConfigNames::EnableBotPasswords ) ) {
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
return false;
}
$centralId = $this->centralIdLookup->centralIdFromName(
$username,
CentralIdLookup::AUDIENCE_RAW,
Remove more indirect calls to IDBAccessObject::READ_* constants Found via (?<!IDBAccessObject)::READ_ We are planning to deprecate and remove implementing IDBAccessObject interface just to use the constants. Bug: T354194 Change-Id: I89d442fa493b8e5332ce118e5bf13f13b8dd3477
2024-01-23 14:01:06 +00:00
IDBAccessObject::READ_LATEST
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
);
if ( !$centralId ) {
return false;
}
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
$dbw = $this->getPrimaryDatabase();
Migrate Database::update() to UpdateQueryBuilder I did this using a script written on top of antlr4 parser so it doesn't have some clean ups a human would do but it's pretty nice already. Bug: T330640 Change-Id: I608566700c6d737ee986bf47dda87effc69614d6
2023-06-07 22:07:31 +00:00
$dbw->newUpdateQueryBuilder()
->update( 'bot_passwords' )
->set( [ 'bp_password' => PasswordFactory::newInvalidPassword()->toString() ] )
->where( [ 'bp_user' => $centralId ] )
->caller( __METHOD__ )->execute();
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
return (bool)$dbw->affectedRows();
}
/**
* Remove all passwords for a user, by name
Remove some more comments that literally repeat the code Nothing to learn from these. You can find a longer explanation in the comments in I93751e6. Change-Id: I195aae70fc282b58be5b18160783f27d38605d15
2021-11-26 15:21:17 +00:00
* @param string $username
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
* @return bool Whether any passwords were removed
*/
build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 The following sniffs now pass and were enabled: * Generic.ControlStructures.InlineControlStructure * MediaWiki.PHPUnit.AssertCount.NotUsed npm: * svgo: 2.3.0 → 2.3.1 * https://npmjs.com/advisories/1754 (CVE-2021-33587) Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:11:47 +00:00
public function removeUserPasswords( string $username ): bool {
Use MainConfigNames instead of string literals, #4 Now largely automated: VARS=$(grep -o "'[A-Za-z0-9_]*'" includes/MainConfigNames.php | \ tr "\n" '|' | sed "s/|$/\n/;s/'//g") sed -i -E "s/'($VARS)'/MainConfigNames::\1/g" \ $(grep -ERIl "'($VARS)'" includes/) Then git add -p with lots of error-prone manual checking. Then semi-manually add all the necessary "use" lines: vim $(grep -L 'use MediaWiki\\MainConfigNames;' \ $(git diff --cached --name-only --diff-filter=M HEAD^)) I didn't bother fixing lines that were over 100 characters unless they were over 120 and triggered phpcs. Bug: T305805 Change-Id: I74e0ab511abecb276717ad4276a124760a268147
2022-04-26 15:48:03 +00:00
if ( !$this->options->get( MainConfigNames::EnableBotPasswords ) ) {
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
return false;
}
$centralId = $this->centralIdLookup->centralIdFromName(
$username,
CentralIdLookup::AUDIENCE_RAW,
Remove more indirect calls to IDBAccessObject::READ_* constants Found via (?<!IDBAccessObject)::READ_ We are planning to deprecate and remove implementing IDBAccessObject interface just to use the constants. Bug: T354194 Change-Id: I89d442fa493b8e5332ce118e5bf13f13b8dd3477
2024-01-23 14:01:06 +00:00
IDBAccessObject::READ_LATEST
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
);
if ( !$centralId ) {
return false;
}
Migrate bot passwords to virtual domains Bug: T351559 Change-Id: I645f1e4a4517b9177286e834236b0c047bef928c
2023-11-22 15:42:02 +00:00
$dbw = $this->getPrimaryDatabase();
user: Switch Database::delete to DeleteQueryBuilder Change-Id: I9a3f9bae80560c56197606a46ba29ad85a5a1844
2023-04-29 22:03:51 +00:00
$dbw->newDeleteQueryBuilder()
In query builders, use insertInto() and deleteFrom() instead of insert() and delete() The design principle for SelectQueryBuilder was to make the chained builder calls look as much like SQL as possible, so that developers could leverage their knowledge of SQL to understand what the query builder is doing. That's why SelectQueryBuilder::select() takes a list of fields, and by the same principle, it makes sense for UpdateQueryBuilder::update() to take a table. However with "insert" and "delete", the SQL designers chose to add prepositions "into" and "from", and I think it makes sense to follow that here. In terms of natural language, we update a table, but we don't delete a table, or insert a table. We delete rows from a table, or insert rows into a table. The table is not the object of the verb. So, add insertInto() as an alias for insert(), and add deleteFrom() as an alias for delete(). Use the new methods in MW core callers where PHPStorm knows the type. Change-Id: Idb327a54a57a0fb2288ea067472c1e9727016000
2023-09-08 00:06:59 +00:00
->deleteFrom( 'bot_passwords' )
user: Switch Database::delete to DeleteQueryBuilder Change-Id: I9a3f9bae80560c56197606a46ba29ad85a5a1844
2023-04-29 22:03:51 +00:00
->where( [ 'bp_user' => $centralId ] )
->caller( __METHOD__ )->execute();
Add BotPasswordStore service Does not (yet) handle looking up bot passwords in the database, just inserting/updating/removing them. Bug: T265769 Change-Id: I20e3aaee63ec182483489681282dae52fe41ec90
2020-10-30 17:33:33 +00:00
return (bool)$dbw->affectedRows();
}
}
Reference in a new issue Copy permalink