Add new authentication-related hooks (and remove one) replacing some AuthPlugin methods

* LocalUserCreated: Replaces AuthPlugin::initUser() * UserGroupsChanged: Replaces AuthPlugin::updateExternalDBGroups() ** The similar UserRights hook is deprecated, mainly to get rid of the passing of $user by reference. * UserIsHidden: Replaces AuthPluginUser::isHidden() * UserIsLocked: Replaces AuthPluginUser::isLocked() * UserLoggedIn: Replaces AuthPlugin::updateUser() Also, AuthPlugin::updateExternalDB() is deprecated in favor of the existing UserSaveSettings hook. Also, 'ResetSessionID' has been removed. Nothing uses it, I don't know why I even added it in the first place. Also, replacing the User object passed to AuthPlugin::initUser() and AuthPlugin::updateUser() will now raise a warning. Change-Id: If7474cfb26a29b11c2e78147069419ca3b1cba95
2015-09-04 12:55:34 -04:00 · 2015-09-04 12:55:34 -04:00 · 37062a0c0d
commit 37062a0c0d
parent 66522e9928
8 changed files with 65 additions and 9 deletions
--- a/RELEASE-NOTES-1.26
+++ b/RELEASE-NOTES-1.26
@ -30,6 +30,17 @@ production.
 * Custom LESS functions (defined via $wgResourceLoaderLESSFunctions)
  have been removed, after being deprecated in 1.24.
 * $wgAlwaysUseTidy has been removed.
 * ResetSessionID hook has been removed. Nothing seems to use it.
 * Certain AuthPlugin methods are deprecated in favor of new hooks:
 ** AuthPlugin::initUser() is replaced by LocalUserCreated.
 ** AuthPlugin::updateUser() is replaced by UserLoggedIn.
 ** AuthPlugin::updateExternalDB() is replaced by the existing UserSaveSettings.
 ** AuthPlugin::updateExternalDBGroups() is replaced by UserGroupsChanged.
 ** AuthPluginUser::isHidden() is replaced by UserIsHidden.
 ** AuthPluginUser::isLocked() is replaced by UserIsLocked.
 * The UserRights hook is deprecated in favor of the new UserGroupsChanged hook.
 * AuthPlugin::initUser() and AuthPlugin::updateUser() should no longer replace
  the passed User object.
 === New features in 1.26 ===
 * (T51506) Now action=info gives estimates of actual watchers for a page.
--- a/docs/hooks.txt
+++ b/docs/hooks.txt
@ -1844,6 +1844,10 @@ optional localisation messages
 &$ignored: Array of ignored message keys
 &$optional: Array of optional message keys
 'LocalUserCreated': Called when a local user has been created
 $user: User object for the created user
 $autocreated: Boolean, whether this was an auto-creation
 'LogEventsListGetExtraInputs': When getting extra inputs to display on
 Special:Log for a specific log type
 $type: String of log type being displayed
@ -2447,10 +2451,6 @@ $context: (IContextSource) The RequestContext the skin is being created for.
 $user: The user having their password expiration reset
 &$newExpire: The new expiration date
 'ResetSessionID': Called from wfResetSessionID
 $oldSessionID: old session id
 $newSessionID: new session id
 'ResourceLoaderForeignApiModules': Called from ResourceLoaderForeignApiModule.
 Use this to add dependencies to 'mediawiki.ForeignApi' module when you wish
 to override its behavior. See the module docs for more information.
@ -3203,6 +3203,11 @@ $context: IContextSource object
 $user: User to get rights for
 &$rights: Current rights
 'UserGroupsChanged': Called after user groups are changed.
 $user: User whose groups changed
 $added: Groups added
 $removed: Groups removed
 'UserIsBlockedFrom': Check if a user is blocked from a specific page (for
 specific block exemptions).
 $user: User in question
@ -3220,6 +3225,14 @@ $ip: User's IP address
 false if a UserGetRights hook might remove the named right.
 $right: The user right being checked
 'UserIsHidden': Check if the user's name should be hidden. See User::isHidden().
 $user: User in question.
 &$hidden: Set true if the user's name should be hidden.
 'UserIsLocked': Check if the user is locked. See User::isLocked().
 $user: User in question.
 &$locked: Set true if the user should be locked.
 'UserLoadAfterLoadFromSession': Called to authenticate users on external or
 environmental means; occurs after session is loaded.
 $user: user object being loaded
@ -3243,6 +3256,9 @@ database.
 $user: User object
 &$options: Options, can be modified.
 'UserLoggedIn': Called after a user is logged in
 $user: User object for the logged-in user
 'UserLoginComplete': After a user has logged in.
 $user: the user object that was created on login
 $inject_html: Any HTML to inject after the "logged in" message.
@ -3288,8 +3304,9 @@ message(s).
 $user: user retrieving new talks messages
 $talks: array of new talks page(s)
-'UserRights': After a user's group memberships are changed.
+'UserRights': DEPRECATED! Use UserGroupsChanged instead.
-$user: User object that was changed
+After a user's group memberships are changed.
 &$user: User object that was changed
 $add: Array of strings corresponding to groups added
 $remove: Array of strings corresponding to groups removed
--- a/includes/AuthPlugin.php
+++ b/includes/AuthPlugin.php
@ -120,6 +120,8 @@ class AuthPlugin {
 	 * The User object is passed by reference so it can be modified; don't
 	 * forget the & on your function declaration.
 	 *
 	 * @deprecated since 1.26, use the UserLoggedIn hook instead. And assigning
 	 *  a different User object to $user is no longer supported.
 	 * @param User $user
 	 * @return bool
 	 */
@ -204,6 +206,7 @@ class AuthPlugin {
 	 * Update user information in the external authentication database.
 	 * Return true if successful.
 	 *
 	 * @deprecated since 1.26, use the UserSaveSettings hook instead.
 	 * @param User $user
 	 * @return bool
 	 */
@ -215,6 +218,7 @@ class AuthPlugin {
 	 * Update user groups in the external authentication database.
 	 * Return true if successful.
 	 *
 	 * @deprecated since 1.26, use the UserGroupsChanged hook instead.
 	 * @param User $user
 	 * @param array $addgroups Groups to add.
 	 * @param array $delgroups Groups to remove.
@ -278,6 +282,8 @@ class AuthPlugin {
 	 * The User object is passed by reference so it can be modified; don't
 	 * forget the & on your function declaration.
 	 *
 	 * @deprecated since 1.26, use the UserLoggedIn hook instead. And assigning
 	 *  a different User object to $user is no longer supported.
 	 * @param User $user
 	 * @param bool $autocreate True if user is being autocreated on login
 	 */
@ -326,11 +332,21 @@ class AuthPluginUser {
 		return -1;
 	}
 	/**
 	 * Indicate whether the user is locked
 	 * @deprecated since 1.26, use the UserIsLocked hook instead.
 	 * @return bool
 	 */
 	public function isLocked() {
 		# Override this!
 		return false;
 	}
 	/**
 	 * Indicate whether the user is hidden
 	 * @deprecated since 1.26, use the UserIsHidden hook instead.
 	 * @return bool
 	 */
 	public function isHidden() {
 		# Override this!
 		return false;
--- a/includes/GlobalFunctions.php
+++ b/includes/GlobalFunctions.php
@ -3466,7 +3466,6 @@ function wfResetSessionID() {
 		$_SESSION = $tmp;
 	}
 	$newSessionId = session_id();
 	Hooks::run( 'ResetSessionID', array( $oldSessionId, $newSessionId ) );
 }
 /**
--- a/includes/Preferences.php
+++ b/includes/Preferences.php
@ -1433,10 +1433,10 @@ class Preferences {
 			}
 			Hooks::run( 'PreferencesFormPreSave', array( $formData, $form, $user, &$result ) );
 			$user->saveSettings();
 		}
 		$wgAuth->updateExternalDB( $user );
 		$user->saveSettings();
 		return $result;
 	}
--- a/includes/User.php
+++ b/includes/User.php
@ -1430,8 +1430,8 @@ class User implements IDBAccessObject {
 		foreach ( $toPromote as $group ) {
 			$this->addGroup( $group );
 		}
 		// update groups in external authentication database
 		Hooks::run( 'UserGroupsChanged', array( $this, $toPromote, array() ) );
 		$wgAuth->updateExternalDBGroups( $this, $toPromote );
 		$newGroups = array_merge( $oldGroups, $toPromote ); // all groups
@ -1993,6 +1993,7 @@ class User implements IDBAccessObject {
 		global $wgAuth;
 		$authUser = $wgAuth->getUserInstance( $this );
 		$this->mLocked = (bool)$authUser->isLocked();
 		Hooks::run( 'UserIsLocked', array( $this, &$this->mLocked ) );
 		return $this->mLocked;
 	}
@ -2010,6 +2011,7 @@ class User implements IDBAccessObject {
 			global $wgAuth;
 			$authUser = $wgAuth->getUserInstance( $this );
 			$this->mHideName = (bool)$authUser->isHidden();
 			Hooks::run( 'UserIsHidden', array( $this, &$this->mHideName ) );
 		}
 		return $this->mHideName;
 	}
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@ -674,7 +674,12 @@ class LoginForm extends SpecialPage {
 		$u->setRealName( $this->mRealName );
 		$u->setToken();
 		Hooks::run( 'LocalUserCreated', array( $u, $autocreate ) );
 		$oldUser = $u;
 		$wgAuth->initUser( $u, $autocreate );
 		if ( $oldUser !== $u ) {
 			wfWarn( get_class( $wgAuth ) . '::initUser() replaced the user object' );
 		}
 		$u->saveSettings();
@ -820,7 +825,12 @@ class LoginForm extends SpecialPage {
 			$retval = self::RESET_PASS;
 			$this->mAbortLoginErrorMsg = 'resetpass-expired';
 		} else {
 			Hooks::run( 'UserLoggedIn', array( $u ) );
 			$oldUser = $u;
 			$wgAuth->updateUser( $u );
 			if ( $oldUser !== $u ) {
 				wfWarn( get_class( $wgAuth ) . '::updateUser() replaced the user object' );
 			}
 			$wgUser = $u;
 			// This should set it for OutputPage and the Skin
 			// which is needed or the personal links will be
--- a/includes/specials/SpecialUserrights.php
+++ b/includes/specials/SpecialUserrights.php
@ -269,6 +269,7 @@ class UserrightsPage extends SpecialPage {
 		$user->invalidateCache();
 		// update groups in external authentication database
 		Hooks::run( 'UserGroupsChanged', array( $user, $add, $remove ) );
 		$wgAuth->updateExternalDBGroups( $user, $add, $remove );
 		wfDebug( 'oldGroups: ' . print_r( $oldGroups, true ) . "\n" );