SearchInputWidget is similar to a TitleInputWidget, but doesn't has
a visible loading indication, doesn't highlight the first result and
uses the opensearch api endpoint for suggestions, instead of
prefixsearch.
Extra points:
* Improve documentation of mw.widgets.TitleInputWidget's configuration
option validateTitle
Bug: T118443
Change-Id: I8b8098041fe2971389fa908d007d2e77255829ec
This breaks out the toggle checkbox code into a separate class in
includes/ListToggle.php
Bug: T92230
Change-Id: I8d1aefb83008053e63d59abf8b8915b93e15fcc2
This removes static logic from WatchedItem into a
class that we can slowly fill with watchlist database
and storage things.
This also removes the dual namespace handling in
the new implementation.
Change-Id: Ia67ab1d200ac393c65013b2091e61acefcb3defb
AutoLoaderTest didn't know about traits.
generateLocalAutoload found a missing Trait from the autoloader and
a class map ordering issue.
Change-Id: I34bf2698ad838b6a977c9bf39f6e416330ff0e5d
Add the data values and types to the exception raised when mismatched
session data is processed. This is done by passing the old and new
values on via a new MetadataMergeException class. The attached data is
added to the debug logging context info when caught.
Change-Id: If8a7174399289bc284ca1b36052ba515c8857c50
SessionManager cannot work in the installer since it depends on
ObjectCache which is just an EmptyBagOStuff and so doesn't store
anything. So, introduce a custom SessionProvider which pretends to
persist sessions but actually doesn't.
Bug: T126177
Change-Id: I13d8aa1453c519df7c19ca2f1fb052c99ade043c
* New class ApiMergeHistory handles action=mergehistory
* Merge History functionality moved from SpecialMergeHistory to
MergeHistory
* SpecialMergeHistory now uses MergeHistory for actual merging
* Unit tests and i18n messages for above
Bug: T69742
Change-Id: Ic5078307dae78a2b3687e34a5d0a584988d483a1
By default it still uses PrefixSearch and supports PrefixSearchBackend
but it can be deprecated and phased out and SearchEngine extensions used
instead.
New APIs:
- SearchEngine
public function defaultPrefixSearch( $search );
public function completionSearch( $search );
public function completionSearchWithVariants( $search );
Search engines should override:
protected function completionSearchBackend( $search );
Bug: T121430
Change-Id: Ie78649591dff94d21b72fad8e4e5eab010a461df
Ie161e0f was done in a hurry, and so didn't do things in the best ways.
This introduces a new "CachedBagOStuff" that transparently handles all
the logic that had been copy-pasted all over in Ie161e0f.
The differences between CachedBagOStuff and MultiWriteBagOStuff are:
* CachedBagOStuff supports only one "backend".
* There's a flag for writes to only go to the in-memory cache.
* The in-memory cache is always updated.
* Locks go to the backend cache (with MultiWriteBagOStuff, it would wind
up going to the HashBagOStuff used for the in-memory cache).
Change-Id: Iea494729bd2e8c6c5ab8facf4c241232e31e8215
The plan here is to take it out of 1.27.0-wmf.12 and put it back in
1.27.0-wmf.13.
Since BotPasswords depends on SessionManager, that's getting temporarily
removed too.
This reverts the following commits:
* 6acd424e0d SessionManager: Notify AuthPlugin before calling hooks
* 4d1ad32d8a Close a loophole in CookieSessionProvider
* fcdd643a46 SessionManager: Don't save non-persisted sessions to backend storage
* 058aec4c76 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php
* b5c0c03bb7 SessionManager: Save user name to metadata even if the user doesn't exist locally
* 13f2f09a19 SECURITY: Fix User::setToken() call on User::newSystemUser
* 305bc75b27 SessionManager: Don't generate user tokens when checking the tokens
* 7c4bd85d21 RequestContext::exportSession() should only export persisted session IDs
* 296ccfd4a9 SessionManager: Save 'persisted' flag in session metadata
* 94ba53f677 Move CSRF token handling into MediaWiki\Session\Session
* 46a565d6b0 Avoid false "added in both Session and $_SESSION" when value is null
* c00d0b5d94 Log backtrace for "User::loadFromSession called before the end of Setup.php"
* 4eeff5b559 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure'
* 7491b52f70 Call session_cache_limiter() before starting a session
* 2c34aeea72 SessionManager: Abstract forceHTTPS cookie setting
* 9aa53627a5 Ignore auth cookies with value 'deleted'
* 43f904b51a SessionManager: Kill getPersistedSessionId()
* 50c5256352 SessionManager: Add SessionBackend::setProviderMetadata()
* f640d40315 SessionManager: Notify AuthPlugin when auto-creating accounts
* 70b05d1ac1 Add checks of $wgEnableBotPasswords in more places
* bfed32eb78 Do not raise a PHP warning when session write fails
* 722a7331ad Only check LoggedOut timestamp on the user loaded from session
* 4f5057b84b SessionManager: Change behavior of getSessionById()
* 66e82e614e Fix typo in [[MediaWiki:Botpasswords-editexisting/en]]
* f9fd9516d9 Add "bot passwords"
* d7716f1df0 Add missing argument for wfDebugLog
* a73c5b7395 Add SessionManager
Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
The test in I3a426b92892f4c00cab33a13f6a717751120367c would prevent
the need of this commit :P
Follow up: I2b875326a0eb1e6d1f4bc758b8ac97b8f9324c4e
Change-Id: Id5efc5a5b43a1795c133f64025ea04f3e2d159cb
Move ZhConversion.php and Names.php to languages/data and make them both
expose their data as static class variables instead of in the local
scope. This means that the autoloader can be used to load the data,
which is efficient and secure. This also makes additional request-local
caching of the arrays unnecessary.
Change-Id: Iafb96ac4165d0965fcb9a69f1d0a91139ea9790c
To be used by things that do not care if they are
passed a Title or TitleValue so long as it has a
dbkey, namespace, possible fragment and text
Example uses include:
LinkBatch::addObj
MediaWikiPageLinkRenderer methods
MediaWikiTitleCodec methods
PageLinkRenderer methods
TitleFormatter methods
Change-Id: I2aa1a82129bb01155924a8e6a403c7a47391432f
User keeps most of its token-related methods because anon edit tokens
are special. Login and createaccount tokens are completely moved.
Change-Id: I524218fab7e2d78fd24482ad364428e98dc48bdf
Someone maybe added it by hand :) It will add some noise to
other changes, where autoload.php is genereted with
maintenance/generateLocalAutoload.php
Change-Id: If064fcc1fe87165df72eaf368117e62a51b24e95
None of this works and it's been long begging for a mercy kill.
All it does is waste contributor time on updating deprecations
in the dead code. I imagine we wouldn't reuse much of this
code if we're ever going to reimplement it.
Bug: T119336
Change-Id: Ibd26a4bea621857aac77823017e9be9b7dc52cca
Imported RandomRootPage extension as SpecialRandomrootpage, including
its aliases and localization messages.
Bug: T109809
Change-Id: I7252ae9f4a8f1822b023cc4f0d3a732af48d84d3
Bot passwords are something like OAuth-lite, or Google's application
passwords: the bot can use API action=login to log in with the special
username and password, and will then be allowed to use the API with a
restricted set of rights.
This is intended to provide an easy migration path for legacy bots and
for bots on wikis without OAuth, since AuthManager is going to greatly
complicate non-interactive authentication. If OAuth is available, an
owner-only consumer would be a better choice.
Bug: T121113
Change-Id: Iaa4015e00edbfbfaedcc8b2d27a2d3fd25009159
Depends-On: I7e15331efb162275c4116bcae61f19d6b884cbe3
This also adds code to User to allow SessionProviders to apply the grant
restrictions without needing to hook UserGetRights.
Change-Id: Ida2b686157aab7c8240d6a7a5a5046374ef86d52
SessionManager is a general-purpose session management framework, rather
than the cookie-based sessions that PHP wants to provide us.
While fallback is provided for using $_SESSION and other PHP session
management functions, they should be avoided in favor of using
SessionManager directly.
For proof-of-concept extensions, see OAuth change Ib40b221 and
CentralAuth change I27ccabdb.
Bug: T111296
Change-Id: Ic1ffea74f3ccc8f93c8a23b795ecab6f06abca72
Only works for the currently logged-in user (I'm not sure how that works
with bots, if OAuth will do that correctly or whatever) but will help us
do some neat stuff with tools that use the stash - including resuming
uploads.
Bug: T85561
Change-Id: I215ac6936185563f4c7b42a4bced65e4b096fd15
importTextFiles.php can be used to import pages from text files
containing wikitext.
Also, added $userObj to WikiRevision so that it can accept a User
object instead of just a username.
This is a GCI task.
Change-Id: I20eaf2005bdd3d041f55d8c0b108f001c064d638
Into a new MediaWikiPageNameNormalizer.
The code has been copied over almost 1:1, I only
left the phpunit test special handling in MediaWiki site.
Change-Id: I008cadd29a2aa1f21098339b895c35a100959b04
Use the Maintenance class's new $orderedOptions and support for
passing options multiple times. This allows for option "chaining".
The BackupDumper and TextPassDumper class now extend Maintenance, but
should continue to function as before. The public function processArgs()
has been removed and replaced by processOptions(), which takes no
parameters. It is unlikely that users of these classes were calling
processArgs.
Inheritors of these classes that overrode processOption() will now need to
override processOptions() and use Maintenance::getOption() and friends.
The maintenance/backupTextPass.inc file has been deleted. Users should
include maintenance/dumpTextPass.php instead.
Bug: T122587
Change-Id: I2473ee119c185d1b2b00ac4b1e70ee8a6cafe4a3
The autocomplete search allows special pages to define the list of
subpages to be excepted. Use user names on the following special pages,
because these special pages can be called with a user name as subpage.
Special:Block
Special:Contributions
Special:DeletedContributions
Special:Emailuser
Special:Listfiles
Special:Unblock
Special:Userrights
This makes it easier to navigate to this special pages with a prefilled
user name field.
Hidden user names are always not shown, because the suggestion is cached
between priviliged user and non-priviliged user.
Change-Id: I7db575bf66caaa5136489ed99f1655673b55adaf
