This is inconsistent with the access pattern of other constants in
MediaWiki. it's also confusing (e.g. it's unclear to a newcomer why
UserFactory is implementing IDBAccessObject) and it's prone to clashes
(e.g. BagOStuff class has a clashing constant).
It has been already announced: https://w.wiki/9DAX
Bug: T354194
Change-Id: Ic2357634b8385d65b55db2b557191419b06c40e0
Why:
Temporary accounts (introduced as part of IP Masking)
are supposed to expire 1 year after their registration.
Automatic account expiration can be done via a maintenance
script, which would be periodically executed via cron / systemd.
Make it possible for extensions to provide their own logic
for generating a list of temporary accounts to invalidate.
This is used in CentralAuth to base registration timestamp
on the global registration timestamp.
The default behavior is "temporary accounts do not expire",
given the feature requires a maintenance script to run
periodically, which will not be the case on third party
instances.
What:
* Add `expireAfterDays` to $wgAutoCreateTempUser, controlling
how many days temporary accounts have.
* Add UserSelectQueryBuilder::whereRegisteredTimestamp(),
filtering accounts based on user_registration.
* Add ExpireTemporaryAccounts maintenance script, which is
@stable to extend.
Bug: T344695
Change-Id: If17bf84ee6620c8eb784b7d835682ad5e7afdfcc
Currently, we have two services: ReadOnlyMode and
ConfiguredReadOnlyMode. The former takes the latter and can easily
support every functionality of CRO. I added methods to support that
functionality (the current class is quite small so it's not adding a lot
more to a monster class) and basically fully deprecate the service
itself to improve developer experience.
It is only called in two extensions in production with straightforward
fix so I directly went with hard-deprecation.
Bug: T343917
Depends-On: Icec0ad3f30c471b428efe80dfb9129f55a351194
Change-Id: I421fd5c8fee7af41c059419c2bbc85b8dccc04ed
And namespace it to MediaWiki\Config
This should be eventually deprecated and removed but this has been
blocking the reorg for long enough.
Bug: T321882
Change-Id: I7a1a073495469623f6f77e6f74b23b7b4c18033a
That would remove the need for passing around LB.
ReadOnlyMode code needs a lot of clean up. In follow up patches, I want
to inject WAN and possibly APCu to this and remove that from LB itself
to decouple LB/LBF from BagOStuff.
In even later patches, I want LB/LBF to set the ReadOnly in the service
instead and reverse the coupling.
Bug: T343917
Change-Id: Ibe7f80292d911fc8953e59f74264c499ab1700d0
This moves the core part of wfGetPrivilegedGroups() out of Wikimedia
config and makes it possible to move functionality built on it into
core.
Bug: T208477
Change-Id: I6536ef2909caeed047447e8b6a25831d6f00d827
There are several user groups-related hooks that can interfere with this
test. For instance, if AbuseFilter is installed, some tests will fail
because AF hooks call some methods on a no-op User mock. This class is
already making sure that the needed hooks it wants to test are set, so
there's no need to run any other hooks.
Change-Id: Iff184b5de1b150fd8043af13f16f8e1c870eb3fe
* PageEditStash and UserGroupManager: remove the isRegistered
check, which isn't necessary since UserEditTracker will just
return null for users not in the `user` table. Instead handle
a possible null return value.
* LogFormatter: keep the check, to avoid instantiating the
UserEditTracker if not necessary, but check getId instead of
isRegistered, since the check is really for whether the user
is in the `user` table, regardless of their registered status
(e.g. they may be a temporary user).
Change-Id: I62faf9d042a9297bcd662f7908d73d8469b26c98
Assert the wiki id of the identity passed to the manager to avoid mixing
up database changes which does not belong to the user id given to the
manager
This removes comments added by first step a3f3e3c
This reintroduce b565ab8
Bug: T337590
Depends-On: Ic449aa0d6b874ac5a2b8bf652c2637188aa0edb6
Depends-On: I2dffe8b633cff182866803ce5cb693f31364f178
Change-Id: Icd2d4efdb84ae085402c9ca59ced7e14be511aa0
When we first deploy temporary account autocreation, we want temporary
users to resemble anon users more than registered users, for minimal
community impact.
If we add them to the 'user' group, then they will automatically get
whatever rights a wiki currently assigns to registered users. If we
don't, they will only get rights that are currently given to everyone
(same as anons).
Therefore stop adding them to the 'user' group, and instead add them
to a new 'temp' group, in case site admins want to give them extra
rights.
Bug: T340457
Depends-On: I6333fa2289f3142d1b5cedf2cc910ced3ba5019e
Change-Id: Idb46252fe6533ab0a5410bdb3093043cb359c206
* Add MediaWikiIntegrationTestCase::newSelectQueryBuilder(), which
creates a subclass of SelectQueryBuilder with assert methods.
* Migrate most callers of assertSelect() to this new query builder
interface.
Bug: T311866
Change-Id: I7392b37988067020d5f684276320dae0a474631a
Autopromotion was disabled for temporary users in
d6a3b6cfa8. In that commit,
PermissionManager::getUserImplicitGroups, no longer checks autopromote
groups for temporary users, so PermissionManager::getUserPermissions
no longer finds autopromote groups for temporary users.
In this commit, UserGroupManager::getUserAutopromoteGroups no longer
finds autopromote groups for temporary users.
Bug: T340462
Change-Id: I189391bd9a41718648d198b83736d837c76ead52
For interwiki userright changes a UserRightsProxy instance is passed to
UserGroupManager. UserRightsProxy does not implement a check for wikiId
in getId().
Without the check for the wikiId and the extra argument to getId() it is
not possible to pass non-local instances of UserIdentityValue to
UserGroupManager.
Bug: T255309
Change-Id: Ice67ff4337165c0f022267186c88332e0e574869
Just methods where adding "static" to the declaration was enough, I
didn't do anything with providers that used $this.
Initially by search and replace. There were many mistakes which I
found mostly by running the PHPStorm inspection which searches for
$this usage in a static method. Later I used the PHPStorm "make static"
action which avoids the more obvious mistakes.
Bug: T332865
Change-Id: I47ed6692945607dfa5c139d42edbd934fa4f3a36
* Allow EditPage to create a user on page save. This has to be enabled
in config and then activated by the UI/API caller.
* Add an autocreate source for temporary users.
* Allow editing by anonymous users via automatic account creation when
$wgGroupPermisions['*']['edit'] = false. On an edit GET request, use
an unsaved placeholder user to stand in for post-create permissions.
* On preview or aborted save, the username to be created is stashed in a
session and restored on subsequent requests.
* On a (likely) successful page save, create the account.
* Put regular non-temporary users in a "named" group so that they can be
given additional permissions.
* Use a different "~~~" signature for temporary users
* Show account creation warnings on edit and preview.
Change-Id: I67b23abf73cc371280bfb2b6c43b3ce0e077bfe5
UserGroupManagerFactory takes care of getting the
correct JobQueueGroup for the domain.
Bug: T287808
Change-Id: I548f0c52b298bfcae386ca1a427521c81dc802fe
Code that needs to store an actor ID in the database to
represent a UserIdentity, or needs to construct a UserIdentity based on
an actor ID loaded from the database, should use the ActorNormalization
service.
Note: The getActorId() method is removed from the UserIdentity interface,
but all concrete classes continue to support it for now.
UsererIdentityValue::getActorId() is hard deprecated and should
be removed in 1.37. It always returns 0.
User::getActorId() is not deprecated at this point.
Bug: T274179
Depends-On: Id2b3ddf6a2a7cdf90f8936a69148d2cce6fde237
Change-Id: I9925906d11e47efaec3c1f48d5cb3f9896a982c1
My personal best practice is to not document @params when there
is a @dataProvider. I mean, these test…() functions are not
meant to be called from anywhere. They do not really need
documentation. @param tags don't do much but duplicate what the
@dataProvider does. This is error-prone, as demonstrated by the
examples in this patch.
This patch also removes @throws tags from tests. A test…() can
never throw an exception. Otherwise the test would fail.
Most of these are found by the not yet released I10559d8.
Change-Id: I3782bca43f875687cd2be972144a7ab6b298454e
In order to break up cyclic dependency between UserGroupManager
and PermissionManager, introduce a lightweight service for checking
group permissions.
Bug: T254537
Depends-On: I99ab3a69c41b3ec6721f9504ad6c77d3122df591
Change-Id: I1acd55c07d07b4a0d43fd838e11374b6d9be98d9
