This mostly reverts commit 28ad29ea0f.
Checking the validity of the provided email doesn't reveal any
information about any users, and it could help catch genuine mistakes,
e.g. if someone inputs the username in the email field.
Previously if an invalid email was provided, we showed a success
message that is an obvious lie (saying we sent an email to something
that isn't an email address).
Change-Id: Idec437b29b22e5b1e5aaff3846632fbc413a3dcb
I believe this makes the code less brittle, and also makes it a bit
more obvious what these strings are meant to represent.
Change-Id: Ia39b5c80af4b495931d0a68fd091b783645dd709
Changes to the use statements done automatically via script
Addition of missing use statements and changes to docs done manually
Change-Id: Ib326ae1e5c8409a98398c721e8b8ce42c73bd012
Follow-up to I9822eb1553870b876d0b8a927e4e86c27d83bd52,
I missed the Static class in that patch.
Bug: T352284
Change-Id: I42653491c19dde5de99e0661770e2c81df5d7e84
There are a couple of user options related classes already,
and the T321527 work on dynamic defaults is going to add
even more. Let's move them into a separate namespace
to make core a bit more organized.
Old name is kept as an alias for compatibility purposes.
Bug: T321527
Bug: T352284
Change-Id: I9822eb1553870b876d0b8a927e4e86c27d83bd52
This class is used heavily basically everywhere, moving it to Utils
wouldn't make much sense. Also with this change, we can move
StatusValue to MediaWiki\Status as well.
Bug: T321882
Depends-On: I5f89ecf27ce1471a74f31c6018806461781213c3
Change-Id: I04c1dcf5129df437589149f0f3e284974d7c98fa
Make it extend SpecialPageTestBase and simplify it accordingly, removing
a lot of things that are no longer needed. I'm not even sure if this
test still serves a purpose, but at least it should be easier to
maintain now. This also fixes a test failure when
UniversalLanguageSelector is enabled due to a ULS hook error.
This approach still needs a hack for overriding UserOptionsManager,
because it's used in a lot of places with lots of expectations and
global state, and the mock would need to be much more complex for that.
Also:
- Remove unchecked exceptions from doc comments.
- Fix indentation of a conditional where the second line of the
condition was indented the same as the body, which made it hard to
read.
- Add some return typehints to various methods. These make it easier to
write tests because if a method is return-typehinted, PHPUnit will
mock the return value automatically, instead of returning null and
leaving it up to the developer to provide a mock explicitly.
- Add string typehint to Skin::normalizeKey. The value is already
assumed to be a string, and passing null to strtolower emits a
deprecation notice in PHP 8.1.
Change-Id: I80723b886b2b5a5d75cbb73571e1b19ea4a09af5
Just methods where adding "static" to the declaration was enough, I
didn't do anything with providers that used $this.
Initially by search and replace. There were many mistakes which I
found mostly by running the PHPStorm inspection which searches for
$this usage in a static method. Later I used the PHPStorm "make static"
action which avoids the more obvious mistakes.
Bug: T332865
Change-Id: I47ed6692945607dfa5c139d42edbd934fa4f3a36
createMock() does the same, but is much easier to read.
A small difference is that some of the replacements made in this
patch didn't use disableOriginalConstructor() before. In case this
was relevant we should see the respective test fail. If not we can
save some CPU cycles and skip these constructors.
Change-Id: Ib98fb06e0fe753b7a53cb087a47e1159515a8ad5
This ensures that assertions work in a uniform way,
and provides meaningful messages in cause of failure.
Change-Id: Ic01715b9a55444d3df6b5d4097e78cb8ac082b3e
Allows us to reduce direct mocking in individual tests, or relying
on MediaWikiServices, by having a reusable service instead that
can be used in unit tests.
Make use of it in a few places.
This dummy service is also less coupled to individual tests;
in the rest handler tests, replacing mocks that report that
only a specific string is an ip address with the actual implementation
that accepts other ip address, and in BlockUtilsTest use
an actually invalid user name instead of making the mock
UserNameUtils complain about a perfectly valid name.
Change-Id: Iaa3195002ac4ae7e0c9c58ed57c80c02762d4070
Remove unneeded clearing of hooks:
we create the instance of PasswordReset
with an injected hook container with no hooks.
(User::mailPasswordInternal is also run from
TemporaryPasswordPrimaryAuthenticationProvider
but that code path is never executed).
Use a StaticUserOptionsLookup instead of a mock.
Use mocks instead of retrieving from MediaWikiServices
were possible.
Reduce duplication in ::makeUsers() by adding a helper
function to create a registered user with a valid email.
Change-Id: I9d771322ee5cdc78fb9378964f367549938cca04
It is not entirely meaningless. It might be an indicator that
the number of calls to a method is intentionally unlimited.
This is similar to e.g. an @inheritDoc PHPDoc comment that
marks a method as being "intentionally undocumented".
However, what's the meaning of being "intentionally
unconstrained"? Let's just not have any constraint then.
I feel all these ->expects( $this->any() ) bloat the test
code so much that it's never worth it.
Change-Id: I9925e7706bd03e1666f6eb0b284cb42b0dd3be23
Ended up using
grep -Prl '\->setMethods\(' . | xargs sed -r -i 's/setMethods\(/onlyMethods\(/g'
special-casing setMethods( null ) -> onlyMethods( [] )
and then manual fix of failing test (from PS2 onwards).
Bug: T278010
Change-Id: I012dca7ae774bb430c1c44d50991ba0b633353f1
Currently both email and real name are documented as
non-nullable, but it seems there's code that breaks
this contract. Try stricter type checks.
Depends-On: Ie8fa1e7881e1b016dccdc9097a1763a07cc140b9
Depends-On: Id3bf35fe56c459597ed6a602bdf6ca4860271f6e
Change-Id: I2f4b7b3500a2b25f7d5cf25147f65ad412d61955
* Convert everything that is protected to be private,
since the class is not stable to extend
* Remove PasswordReset::$hookContainer, unneeded
Additionally, add missing UserFactory::newFromRow,
for now just a wrapper for User::newFromRow
Bug: T253432
Change-Id: I1de57a08605ff6e0d2be8e276b7fcb08934fb5da
The name change happened some time ago, and I think its
about time to start using the name name!
(Done with a find and replace)
My personal motivation for doing this is that I have started
trying out vscode as an IDE for mediawiki development, and
right now it doesn't appear to handle php aliases very well
or at all.
Change-Id: I412235d91ae26e4c1c6a62e0dbb7e7cf3c5ed4a6
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
Followup patch for: b64b0f5. Show general message when an invalid email
is submitted.
Bug: T249730
Change-Id: I98a35af26930f3d66308065e271e9617fdbf5076
Hide the `requireemail` status from the resetting user when
requesting a password reset without supplying an email address.
Bug: T238961
Change-Id: Iee07564aac78d013ecc52192b536e92cb1ed4e8b
For all successfully submitted (i.e. valid input) password reset
requests, display the same information. This removes the
distinction between email and username resets, and only shows the
user what they've already submitted.
Bug: T238961
Change-Id: Ic17acecf1e44401f7607cdaf90dcee1a26b8405f
Going directly to 8 is too much pain.
Depends-On: Iafcea151389663d79e70ad6ab3741ce8b2e25cac
Bug: T192167
Change-Id: I77ea560f4a5344bd1c356ecc3e7857968ad829b8
Add functionality that does not send password reset email to user accounts that turned on preference
that requires both username and email to be submitted in the PasswordReset form when only email is
provided.
Bug: T234401
Change-Id: I9bddc7073b8bcb52c4287b3d6c7343be29b717f2
Create a CompositeBlock class which extends AbstractBlock and
adds the property $originalBlocks. This is for situations where
more than one block applies to a user/IP, and avoids the need
to choose just one of these blocks to enforce.
Behaviour of the resulting block is determined by combining the
strictest parameters of the original blocks.
Also add DatabaseBlock::newListFromTarget, which is similar to
DatabaseBlock::newFromTarget, but returns all relevant blocks,
rather than choosing the most specific one.
For tracking a CompositeBlock with a cookie, examine the
original blocks and only track the first trackable block that
is found.
Bug: T206163
Change-Id: I088401105ac8ceb2c6117c6d2fcdb277c754d882
Keep Block as a deprecated class alias for DatabaseBlock.
Update calls to the Block constructor and Block static
methods from external classes.
Also update documentation in several places that refer to
blocks as Blocks.
Bug: T222737
Change-Id: I6d96b63ca0a84bee19486471e0a16a53a79d768a
