Why:
* Maintenance scripts in core have bolierplate code that is
added before and after the class to allow directly running
the maintenance script.
* Running the maintenance script directly has been deprecated
since 1.40, so this boilerplate code is only to support a now
deprecated method of running maintenance scripts.
* This code cannot also be marked as covered, due to PHPUnit
not recognising code coverage for files.
* Therefore, it is best to ignore this boilerplate code in code
coverage reports as it cannot be marked as covered and also
is for deprecated code.
What:
* Wrap the boilerplate code (requiring Maintenance.php and then
later defining the maintenance script class and running if the
maintenance script was called directly) with @codeCoverageIgnore
comments.
* Some files use a different boilerplate code, however, these
should also be marked as ignored for coverage for the same
reason that coverage is not properly reported for files.
Bug: T371167
Change-Id: I32f5c6362dfb354149a48ce9c28da9a7fc494f7c
Why:
* The blockUsers.php maintenance script can set the performer's
username as the username provided via the --performer option.
* The username is validated by the script, but the validation broke
in c106f679b0. This was because both:
** The check for whether the username was invalid changed to only
looking for 'null' values returned by User::newSystemUser /
User::newFromName.
** The User::newFromName method returns false on an invalid username.
* Replacing the deprecated User::newFromName with the call to
UserFactory::newFromName fixes this issue, as the replacement
method returns null on an invalid username.
** This also allows replacement of a deprecated method, which is
preferrable to changing the 'null' check to be a falsey check.
What:
* Replace the call to User::newFromName with UserFactory
::newFromName to fix this issue.
* Add a test to verify that this fix worked.
Bug: T371167
Change-Id: Ie181c16a1dda559a81b8ae4d53cd8f69b1af9b75
Maintenance class provides a method for getting a fresh reference
of the MW services container instance. Let's make use of these in
maintenance scripts now that we have it.
NOTE: There are still some static methods like in refreshLinks.php
that makes use of services that we can't use this method for now.
Change-Id: Idba744057577896fc97c9ecf4724db27542bf01c
Why:
* A soft block against an IP address does not block logged-in
users, but it should block temporary users, otherwise anonymous
users can circumvent it by creating a temporary account.
What:
* Return a block for a temporary user if a soft block is found
against their IP address, from DatabaseBlock::newLoad
* Return soft blocks for temporary users in
BlockManager::getXffBlocks
* Update documentation to make clear that soft blocks apply to
temporary users, including where they are referred to as
anon-only blocks
Bug: T343714
Change-Id: I5a2928eb3370bd47544b164b08014ef62297ce36
The variables are set conditional later, but all condition branches set
it or the variable is not used outside that scope
Change-Id: Ic9612915db507028ad4733a061d3ce9be3babfb6
The user 'Maintenance script' is often used to perform various
automated tasks. Providing it everywhere as a string literal is
error-prone, and errors can be somewhat disruptive (e.g. with
User::newSystemUser with steal=true it can erase the credentials
of a legitimate account). Provide a constant instead.
Also replace existing uses for consistency.
Change-Id: I685a5bfe56bbf1a47f35072f7f7c8be320ee27db
As all these flags are all true by default, create inverted
command line flags to selectively set them to false.
Change-Id: I19affd2d0c35799b537c987739a01fdbc2c35a13
hasOption always returns true after getOption has been called
(T275619), so just use the result of getOption instead, which
will be a string or false.
Bug: T275627
Change-Id: I23b9a5258cc8ef3532eb18c5fa974c2989937c80
Following 23c3c70d7f, soft deprecate the static methods on
DatabaseBlock that have been moved to DatabaseBlockStore:
* ::insert
* ::delete
* ::update
* ::purgeExpired
Update calls to the deprecated methods from core.
Change-Id: I1272eb978594fd4f386bda12cbc24131ad7d882f
BlockUsers needs to know if there is a block stored in the database
against a particular user account. This is answered by
DatabaseBlock::newFromTarget.
Prior to this, the script called User::getBlock, which can return
SystemBlocks and CompositeBlocks too. These are not stored in the
database, so are irrelevant and would cause an error on attempting to
update them.
It also meant parameter types for BlockIpCompleteHook needed to be
changed to AbstractBlock in a302833fc3.
This changes them back to DatabaseBlock.
Change-Id: Iec90d4938e76d76ac1f5b1d1e9ffb736a58d5c53
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
* Add a --reblock flag to allow updating existing blocks
* Call the BlockIpComplete hook after blocking
Change-Id: I2daa142e7034c43b01d3e9b8b0304584656b2dae
If the username isn't valid, $performer is just false and not the
invalid name. For the other prints, use $performerName directly instead
of relying on User::__toString.
Change-Id: I22ad6f98a14a69ea13aa794b45869dd2eb747dee
