This adds MediaWiki\Watchlist namespace to the classes of watchlist
directory and adds deprecation notice since 1.43 to the just created
unnamespaced aliases of the classes.
Bug: T353458
Change-Id: I4234f8fe62bb3bde6f5271c7ba31a2420b0f4b90
This patch introduces a namespace declaration for the
MediaWiki\Content to TextContent and establishes a class
alias marked as deprecated since version 1.43.
Bug: T353458
Change-Id: Ic251b1ddfcf6db9c85cb54cddf912aa827d2bc3a
Why:
- We want to make sure that the top-level redirect fires for temporary
accounts which were created in an edit attempt, but did not yet save
an edit
What:
- In EditPage and ApiEditPage, perform the redirect if there is a saved
temp user as part of the current process, or if the user account is a
temporary one and it has no edits. Note that this means the top-level
redirect would be performed if a temp user creates a first edit on a
non-home wiki:
- logged out user makes a failed attempt on wiki A, temp account is
created
- same user makes a successful edit on wiki A, redirect hook fires
- same user visits wiki B and makes a succesful edit, redirect hook
fires
Note:
- We could consider setting a query parameter like
`createdinrequest=1` to signal to TempUserCreatedRedirect
implementations that the temporary account was created in the current
request, and did not exist earlier. But I am not sure if we have a use
case for needing that, so have left it out of this patch.
Bug: T359405
Change-Id: If4b8c561383f993606c0ba565591871195a1f8c2
Instead of globally ignoring this sniff, convert the current violations
(which set the variable so can't be fixed easily yet) to use local phpcs
comments to silence the errors.
Change-Id: I490cbf4915e2705383edb4a2fc5ddc1efd55c960
Why:
* When using the TempUserCreator::create or ::acquireAndStashName to
get temporary account when the chosen username already existed, that
temporary account is treated as if it doesn't exist. This causes
confusing "userexists" errors and also causes the user to be logged
into an already existing temporary account.
* Furthermore, because the user existence check in AuthManager::auto
CreateUser only checks the local wiki, if an existing temporary
account exists globally but not on the local wiki then the code
sign a new user into an existing temporary account.
* This is very bad behaviour, though shouldn't happen unless the
serialMapping configuration uses a SerialMapping class that could
provide duplicates and/or the configuration has been changed to
use a different SerialMapping class.
* There is a need to change the SerialMapping class in use to a
different class, which means that the code will attempt to use
temporary account usernames which already exist.
* As such, the code that is generating the temporary account usernames
based on the SerialMapping and SerialProvider should be aware that
it may produce an already existing temporary account username, even
if the SerialMapping class being used is asserted to never provide
duplicates.
* Therefore, the code that generates temporary account usernames
should always attempt to verify that a automatically generated
temporary account name does not already exist on the wiki.
What:
* Update TempUserCreator::acquireName to check to see if the username
it generates already exists centrally using the CentralIdLookup.
If it does, then the method returns null. Otherwise, the username
that hasn't been used yet is returned.
* Create the private method TempUserCreator::attemptAutoCreate that
attempts an autocreate for a temporary account name, and optionally
logs the account in.
* Update TempUserCreator::create to use ::attemptAutoCreate to
first to check if the account can be created and then again once
the account is created to actually login to that temporary account.
This is done to prevent logins to existing temporary accounts on
the local wiki. The second call to actually perform the login is
necessary as there is no other way to login to a temporary account.
* Update TempUserCreator::acquireAndStashName to respond to the changes
to ::acquireName, such that it returns null if ::acquireName returns
null and also does not modify the session.
* Update EditPage::maybeActivateTempUserCreate to return a Status and
return a good status in all cases except when a temporary account
name could not be acquired.
* Add IEditObject::AS_UNABLE_TO_ACQUIRE_TEMP_ACCOUNT, and use it as
the value of the fatal status returned by EditPage
::internalAttemptSave if a temporary account name could not be
acquired. This will cause the display of a useful error to the
user on edit.
* Update ApiEditPage and ApiAcquireTempUserName to die with an error
if a temporary account username was unable to be acquired.
* Provide tests for the untested ApiAcquireTempUserName.php file
including testing the new behaviour.
* Add and update tests for TempUserCreator.php
Bug: T353390
Change-Id: Id3a316ea0eba544d51d4ffcdfb03e35f4b3c54cc
There are a couple of user options related classes already,
and the T321527 work on dynamic defaults is going to add
even more. Let's move them into a separate namespace
to make core a bit more organized.
Old name is kept as an alias for compatibility purposes.
Bug: T321527
Bug: T352284
Change-Id: I9822eb1553870b876d0b8a927e4e86c27d83bd52
This allows extensions and hooks to pass around additional data
about the operation result arbitrarily to supplement value and errors.
When two StatusValue instances are to be merged, it's responsibility
of the caller to ensure either only one has this extra data or none,
but never both (since the type is unrestricted). If necessary, the
caller should merge them before invoking StatusValue::merge.
Bug: T326479
Change-Id: Ibe3f1f8b81bcfcb18551d3ca4cda464e4bdbcbce
Refactor EditPage's logic for getting a redirect URL into a trait
that can be shared between classes that exteend ApiBase.
Bug: T349223
Change-Id: I7cafa0bfc17a75d44e1d83b9561b4b2778b5f132
Mostly used find-and-replace:
Find:
/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?)[\s\*]+/\s*(private|protected|public) (\$[a-z]\w+;\n)((?=\s*/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?))\n|)
Replace with:
\3 \1 \4
Followed by some manual review to make sure I'm not changing too much,
omitting some changes that looked too complicated and anything that
caused test failures, and some whitespace fixes.
Change-Id: I6ec7587607df4f1a4f448a096c3e44c4e5270b70
Also moving TemplatesOnThisPageFormatter to the same namesapce as it's
only used by EditPage
Bug: T321882
Change-Id: Ibefc44eb64aedb430148b109090584c3e35794ab
This patch only adds and removes suppressions, which must be done in the
same patch as the version bump.
Bug: T298571
Change-Id: I4044d4d9ce82b3dae7ba0af85bf04f22cb1dd347
Otherwise permission checks are directed to the old title which makes it
possibly to bypass protection via redirects.
Bug: T309028
Change-Id: I157df365439b09416639e6ea2beefc01b60e6264
This covers all occurrences of /onfig->.*get( '/ in includes/.
Undoubtedly there are still plenty more to go.
Change-Id: I33196c4153437778496f40436bcde399638ac361
The param is set to min => 0, no extra check needed
Not given parameter are null, but null == 0 is true as well
Found by phan (T259172)
Bug: T259172
Change-Id: I2e4ab82b90370eb9e0f49ce37d680ef4aaddead9
Make phan stricter about array keys
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T304887
Depends-On: I3105a5fd4826f8667b5232834defc5ec93be32a1
Depends-On: Ie9610a6e83731468311edb3ed17f80fc509de385
Change-Id: I701f12ab94478c3b8e7fd82110ade74a8e6b04ef
Make phan stricter about null types by setting null_casts_as_any_type to
false (the default in mediawiki-phan-config)
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T242536
Bug: T301991
Change-Id: I0f295382b96fb3be8037a01c10487d9d591e7e01
The concept of a redirect chain didn't really work for a value of
max redirect > 1. In the ideal world, we just want to have a source
which points to target (source -> target) discarding the concept of
a redirect chain completely.
Having something like: source -> target -> target1 -> target2 doesn't
really work well with the current database design.
NOTE: Support for $wgMaxRedirect will be removed soon hence
deprecation without interfaces for replacement.
Bug: T290639
Change-Id: I469de6f85e405e8ddbe7abaa5b99b77cb9cf415d
Allow specifying the title used for rendering error messages in
ApiErrorFormatter.
Then, specify one in ApiEditPage (and a few similar modules that deal
with single pages) once we've figured out which page is being edited.
Bug: T247661
Change-Id: Ic3d70efc23744ef6e90abc445f3babebf45c4697
Old PHP versions are fine doing a `switch` with anything, even
if the types don't match. This changed. More recent PHP versions
start to bring up notices and such when a `switch` accidentially
compares e.g. an object with an int.
Bug: T255177
Bug: T258790
Change-Id: Ib415bd2fb394b95b02737b6df50e4e1fbbc440d3
