UserGroupsChanged is called in Special:UserRights with seven args
The caller in User.php only has five
Change-Id: I221da323c79bb8da0113533d01b429249d15e7de
AuthPlugin::addUser() is intended to only touch the external database
without creating a local user, which isn't possible under AuthManager
without reproducing too much of AuthManager's account creation methods
(and risking breaking things in even more obscure ways) to be
worthwhile.
As it is, either this will fail because the caller already called
User::addToDatabase() or the caller's subsequent User::addToDatabase()
call will fail because we're creating the local user.
So instead, let's just throw an exception unconditionally instead of
pretending it could work.
Bug: T137843
Change-Id: I8a439ea190c752a7fc49de5617e2c64c314c38f0
AuthManager uses a status which is OK but not good for authentication
data which is discouraged but still accepted for authentication.
Users should not be allowed to change credentials into such invalid state.
This change brings the web logic and the AuthPlugin fallback in sync with
the API which already used the stricter check.
Change-Id: I4ff54fcc901f6fe11f15ed60fc1a3d8753de9f6c
This implements the AuthManager class and its needed interfaces and
subclasses, and integrates them into the backend portion of MediaWiki.
Integration with frontend portions of MediaWiki (e.g. ApiLogin,
Special:Login) is left for a followup.
Bug: T91699
Bug: T71589
Bug: T111299
Co-Authored-By: Gergő Tisza <gtisza@wikimedia.org>
Change-Id: If89d24838e326fe25fe867d02181eebcfbb0e196
