Merge "API: Use MediaWikiServices::getAuthManager in various Api classes"
This commit is contained in:
jenkins-bot
Gerrit Code Review
commit
daff5b8e5a
10 changed files with 41 additions and 24 deletions
|
|
@ -22,6 +22,7 @@
|
||||||
|
|
||||||
use MediaWiki\Auth\AuthenticationResponse;
|
use MediaWiki\Auth\AuthenticationResponse;
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\Auth\AuthManager;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create an account with AuthManager
|
* Create an account with AuthManager
|
||||||
|
|
@ -63,8 +64,8 @@ class ApiAMCreateAccount extends ApiBase {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$helper = new ApiAuthManagerHelper( $this );
|
$manager = MediaWikiServices::getInstance()->getAuthManager();
|
||||||
$manager = AuthManager::singleton();
|
$helper = new ApiAuthManagerHelper( $this, $manager );
|
||||||
|
|
||||||
// Make sure it's possible to create accounts
|
// Make sure it's possible to create accounts
|
||||||
if ( !$manager->canCreateAccounts() ) {
|
if ( !$manager->canCreateAccounts() ) {
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,7 @@ use MediaWiki\Auth\AuthenticationResponse;
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\Auth\AuthManager;
|
||||||
use MediaWiki\Auth\CreateFromLoginAuthenticationRequest;
|
use MediaWiki\Auth\CreateFromLoginAuthenticationRequest;
|
||||||
use MediaWiki\Logger\LoggerFactory;
|
use MediaWiki\Logger\LoggerFactory;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Helper class for AuthManager-using API modules. Intended for use via
|
* Helper class for AuthManager-using API modules. Intended for use via
|
||||||
|
|
@ -41,23 +42,29 @@ class ApiAuthManagerHelper {
|
||||||
/** @var string Message output format */
|
/** @var string Message output format */
|
||||||
private $messageFormat;
|
private $messageFormat;
|
||||||
|
|
||||||
|
/** @var AuthManager */
|
||||||
|
private $authManager;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param ApiBase $module API module, for context and parameters
|
* @param ApiBase $module API module, for context and parameters
|
||||||
|
* @param AuthManager|null $authManager
|
||||||
*/
|
*/
|
||||||
public function __construct( ApiBase $module ) {
|
public function __construct( ApiBase $module, AuthManager $authManager = null ) {
|
||||||
$this->module = $module;
|
$this->module = $module;
|
||||||
|
|
||||||
$params = $module->extractRequestParams();
|
$params = $module->extractRequestParams();
|
||||||
$this->messageFormat = $params['messageformat'] ?? 'wikitext';
|
$this->messageFormat = $params['messageformat'] ?? 'wikitext';
|
||||||
|
$this->authManager = $authManager ?: MediaWikiServices::getInstance()->getAuthManager();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Static version of the constructor, for chaining
|
* Static version of the constructor, for chaining
|
||||||
* @param ApiBase $module API module, for context and parameters
|
* @param ApiBase $module API module, for context and parameters
|
||||||
|
* @param AuthManager|null $authManager
|
||||||
* @return ApiAuthManagerHelper
|
* @return ApiAuthManagerHelper
|
||||||
*/
|
*/
|
||||||
public static function newForModule( ApiBase $module ) {
|
public static function newForModule( ApiBase $module, AuthManager $authManager = null ) {
|
||||||
return new self( $module );
|
return new self( $module, $authManager );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -97,7 +104,7 @@ class ApiAuthManagerHelper {
|
||||||
* @throws ApiUsageException
|
* @throws ApiUsageException
|
||||||
*/
|
*/
|
||||||
public function securitySensitiveOperation( $operation ) {
|
public function securitySensitiveOperation( $operation ) {
|
||||||
$status = AuthManager::singleton()->securitySensitiveOperationStatus( $operation );
|
$status = $this->authManager->securitySensitiveOperationStatus( $operation );
|
||||||
switch ( $status ) {
|
switch ( $status ) {
|
||||||
case AuthManager::SEC_OK:
|
case AuthManager::SEC_OK:
|
||||||
return;
|
return;
|
||||||
|
|
@ -137,8 +144,7 @@ class ApiAuthManagerHelper {
|
||||||
public function loadAuthenticationRequests( $action ) {
|
public function loadAuthenticationRequests( $action ) {
|
||||||
$params = $this->module->extractRequestParams();
|
$params = $this->module->extractRequestParams();
|
||||||
|
|
||||||
$manager = AuthManager::singleton();
|
$reqs = $this->authManager->getAuthenticationRequests( $action, $this->module->getUser() );
|
||||||
$reqs = $manager->getAuthenticationRequests( $action, $this->module->getUser() );
|
|
||||||
|
|
||||||
// Filter requests, if requested to do so
|
// Filter requests, if requested to do so
|
||||||
$wantedRequests = null;
|
$wantedRequests = null;
|
||||||
|
|
|
||||||
|
|
@ -21,6 +21,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\Auth\AuthManager;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Change authentication data with AuthManager
|
* Change authentication data with AuthManager
|
||||||
|
|
@ -38,8 +39,8 @@ class ApiChangeAuthenticationData extends ApiBase {
|
||||||
$this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );
|
$this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );
|
||||||
}
|
}
|
||||||
|
|
||||||
$helper = new ApiAuthManagerHelper( $this );
|
$manager = MediaWikiServices::getInstance()->getAuthManager();
|
||||||
$manager = AuthManager::singleton();
|
$helper = new ApiAuthManagerHelper( $this, $manager );
|
||||||
|
|
||||||
// Check security-sensitive operation status
|
// Check security-sensitive operation status
|
||||||
$helper->securitySensitiveOperation( 'ChangeCredentials' );
|
$helper->securitySensitiveOperation( 'ChangeCredentials' );
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,7 @@
|
||||||
use MediaWiki\Auth\AuthenticationResponse;
|
use MediaWiki\Auth\AuthenticationResponse;
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\Auth\AuthManager;
|
||||||
use MediaWiki\Auth\CreateFromLoginAuthenticationRequest;
|
use MediaWiki\Auth\CreateFromLoginAuthenticationRequest;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Log in to the wiki with AuthManager
|
* Log in to the wiki with AuthManager
|
||||||
|
|
@ -64,8 +65,8 @@ class ApiClientLogin extends ApiBase {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$helper = new ApiAuthManagerHelper( $this );
|
$manager = MediaWikiServices::getInstance()->getAuthManager();
|
||||||
$manager = AuthManager::singleton();
|
$helper = new ApiAuthManagerHelper( $this, $manager );
|
||||||
|
|
||||||
// Make sure it's possible to log in
|
// Make sure it's possible to log in
|
||||||
if ( !$manager->canAuthenticateNow() ) {
|
if ( !$manager->canAuthenticateNow() ) {
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,7 @@
|
||||||
|
|
||||||
use MediaWiki\Auth\AuthenticationResponse;
|
use MediaWiki\Auth\AuthenticationResponse;
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\Auth\AuthManager;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Link an account with AuthManager
|
* Link an account with AuthManager
|
||||||
|
|
@ -67,8 +68,8 @@ class ApiLinkAccount extends ApiBase {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$helper = new ApiAuthManagerHelper( $this );
|
$manager = MediaWikiServices::getInstance()->getAuthManager();
|
||||||
$manager = AuthManager::singleton();
|
$helper = new ApiAuthManagerHelper( $this, $manager );
|
||||||
|
|
||||||
// Check security-sensitive operation status
|
// Check security-sensitive operation status
|
||||||
$helper->securitySensitiveOperation( 'LinkAccounts' );
|
$helper->securitySensitiveOperation( 'LinkAccounts' );
|
||||||
|
|
|
||||||
|
|
@ -25,6 +25,7 @@ use MediaWiki\Auth\AuthenticationRequest;
|
||||||
use MediaWiki\Auth\AuthenticationResponse;
|
use MediaWiki\Auth\AuthenticationResponse;
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\Auth\AuthManager;
|
||||||
use MediaWiki\Logger\LoggerFactory;
|
use MediaWiki\Logger\LoggerFactory;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Unit to authenticate log-in attempts to the current wiki.
|
* Unit to authenticate log-in attempts to the current wiki.
|
||||||
|
|
@ -148,7 +149,7 @@ class ApiLogin extends ApiBase {
|
||||||
|
|
||||||
if ( $authRes === false ) {
|
if ( $authRes === false ) {
|
||||||
// Simplified AuthManager login, for backwards compatibility
|
// Simplified AuthManager login, for backwards compatibility
|
||||||
$manager = AuthManager::singleton();
|
$manager = MediaWikiServices::getInstance()->getAuthManager();
|
||||||
$reqs = AuthenticationRequest::loadRequestsFromSubmission(
|
$reqs = AuthenticationRequest::loadRequestsFromSubmission(
|
||||||
$manager->getAuthenticationRequests( AuthManager::ACTION_LOGIN, $this->getUser() ),
|
$manager->getAuthenticationRequests( AuthManager::ACTION_LOGIN, $this->getUser() ),
|
||||||
[
|
[
|
||||||
|
|
@ -158,7 +159,7 @@ class ApiLogin extends ApiBase {
|
||||||
'rememberMe' => true,
|
'rememberMe' => true,
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
$res = AuthManager::singleton()->beginAuthentication( $reqs, 'null:' );
|
$res = $manager->beginAuthentication( $reqs, 'null:' );
|
||||||
switch ( $res->status ) {
|
switch ( $res->status ) {
|
||||||
case AuthenticationResponse::PASS:
|
case AuthenticationResponse::PASS:
|
||||||
if ( $this->getConfig()->get( 'EnableBotPasswords' ) ) {
|
if ( $this->getConfig()->get( 'EnableBotPasswords' ) ) {
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\Auth\AuthManager;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A query action to return meta information about AuthManager state.
|
* A query action to return meta information about AuthManager state.
|
||||||
|
|
@ -36,9 +37,8 @@ class ApiQueryAuthManagerInfo extends ApiQueryBase {
|
||||||
|
|
||||||
public function execute() {
|
public function execute() {
|
||||||
$params = $this->extractRequestParams();
|
$params = $this->extractRequestParams();
|
||||||
$helper = new ApiAuthManagerHelper( $this );
|
$manager = MediaWikiServices::getInstance()->getAuthManager();
|
||||||
|
$helper = new ApiAuthManagerHelper( $this, $manager );
|
||||||
$manager = AuthManager::singleton();
|
|
||||||
$ret = [
|
$ret = [
|
||||||
'canauthenticatenow' => $manager->canAuthenticateNow(),
|
'canauthenticatenow' => $manager->canAuthenticateNow(),
|
||||||
'cancreateaccounts' => $manager->canCreateAccounts(),
|
'cancreateaccounts' => $manager->canCreateAccounts(),
|
||||||
|
|
|
||||||
|
|
@ -21,6 +21,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
use MediaWiki\Block\DatabaseBlock;
|
use MediaWiki\Block\DatabaseBlock;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Query module to get information about a list of users
|
* Query module to get information about a list of users
|
||||||
|
|
@ -297,7 +298,8 @@ class ApiQueryUsers extends ApiQueryBase {
|
||||||
} else {
|
} else {
|
||||||
$data[$u]['missing'] = true;
|
$data[$u]['missing'] = true;
|
||||||
if ( isset( $this->prop['cancreate'] ) ) {
|
if ( isset( $this->prop['cancreate'] ) ) {
|
||||||
$status = MediaWiki\Auth\AuthManager::singleton()->canCreateAccount( $u );
|
$status = MediaWikiServices::getInstance()->getAuthManager()
|
||||||
|
->canCreateAccount( $u );
|
||||||
$data[$u]['cancreate'] = $status->isGood();
|
$data[$u]['cancreate'] = $status->isGood();
|
||||||
if ( !$status->isGood() ) {
|
if ( !$status->isGood() ) {
|
||||||
$data[$u]['cancreateerror'] = $this->getErrorFormatter()->arrayFromStatus( $status );
|
$data[$u]['cancreateerror'] = $this->getErrorFormatter()->arrayFromStatus( $status );
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,7 @@
|
||||||
|
|
||||||
use MediaWiki\Auth\AuthenticationRequest;
|
use MediaWiki\Auth\AuthenticationRequest;
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\Auth\AuthManager;
|
||||||
|
use MediaWiki\MediaWikiServices;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Remove authentication data from AuthManager
|
* Remove authentication data from AuthManager
|
||||||
|
|
@ -50,10 +51,11 @@ class ApiRemoveAuthenticationData extends ApiBase {
|
||||||
}
|
}
|
||||||
|
|
||||||
$params = $this->extractRequestParams();
|
$params = $this->extractRequestParams();
|
||||||
$manager = AuthManager::singleton();
|
$manager = MediaWikiServices::getInstance()->getAuthManager();
|
||||||
|
|
||||||
// Check security-sensitive operation status
|
// Check security-sensitive operation status
|
||||||
ApiAuthManagerHelper::newForModule( $this )->securitySensitiveOperation( $this->operation );
|
ApiAuthManagerHelper::newForModule( $this, $manager )
|
||||||
|
->securitySensitiveOperation( $this->operation );
|
||||||
|
|
||||||
// Fetch the request. No need to load from the request, so don't use
|
// Fetch the request. No need to load from the request, so don't use
|
||||||
// ApiAuthManagerHelper's method.
|
// ApiAuthManagerHelper's method.
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
use MediaWiki\Auth\AuthManager;
|
use MediaWiki\MediaWikiServices;
|
||||||
use MediaWiki\ParamValidator\TypeDef\UserDef;
|
use MediaWiki\ParamValidator\TypeDef\UserDef;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -24,7 +24,9 @@ class ApiValidatePassword extends ApiBase {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( !$user->isAnon() || AuthManager::singleton()->userExists( $user->getName() ) ) {
|
if ( !$user->isAnon() ||
|
||||||
|
MediaWikiServices::getInstance()->getAuthManager()->userExists( $user->getName() )
|
||||||
|
) {
|
||||||
$this->dieWithError( 'userexists' );
|
$this->dieWithError( 'userexists' );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue