Add SpecialWhatLinksHereQueryHook hook that allow extensions
to modify the query builder to add more conditions based on
the filters added in the SpecialPageBeforeFormDisplay hook.
Bug: T216368
Change-Id: I221d4e0ad671feab6937719d4a2f894ad6154bb1
Implicitly marking parameter $... as nullable is deprecated in php8.4,
the explicit nullable type must be used instead
Created with autofix from Ide15839e98a6229c22584d1c1c88c690982e1d7a
Break one long line in SpecialPage.php
Bug: T376276
Change-Id: I807257b2ba1ab2744ab74d9572c9c3d3ac2a968e
Why:
To facilitate the evaluation of conditions not directly
"known" by the lookup, eg: owned by extensions
What:
- Add ConditionalDefaultOptionsAddCondition hook which
runs before instantiating ConditionalDefaultsLookup allowing
to add conditions for evaluation in the $extraConditions
array.
- Evaluate the configured conditional default against the
extra added conditions after evaluation of "known"
conditions.
Bug: T376918
Change-Id: Ife6f96397eafd61fdb40528aac315ddde1ef2774
Replaces 'copyright' with 'copyright-footer' and 'history_copyright'
with 'copyright-footer-history' (the original still takes precedence
if set). Adds SkinCopyrightFooterMessage hook which works the same
way as SkinCopyrightFooter for the new messages. Allows disabling
the old messages by setting $wgAllowRawHtmlCopyrightMessages = false.
Co-Authored-By: Gergő Tisza <tgr.huwiki@gmail.com>
Bug: T45646
Change-Id: I5fd5607f8d43b6e934c8d4d35097cec430c56043
Why:
* A hook is needed which is called when User::spreadAnyEditBlock
is called, so that extensions which provide alternative blocking
mechanisims (such as the GlobalBlocking extension) can spread
their blocks when local blocks are spread.
What:
* Add SpreadAnyEditBlockHook which is called from User
::spreadAnyEditBlock when it is called except when the user is
not registered.
** The hook is called even if the user is not locally blocked
* The return value of User::spreadAnyEditBlock is modified to
return true if either a local block or alternative blocking
mechanism spread blocks.
* Update UserTest to test this new behaviour.
Bug: T374857
Change-Id: Id302a6362d6177c89da9cdf4e677b3822ecb85f1
The hook OutputPageMakeCategoryLinks was only used by extension
CategoryTree:
https://codesearch.wmcloud.org/search/?q=OutputPageMakeCategoryLinks
CategoryTree switched to the new hook OutputPageRenderCategoryLink.
Depends-On: Ic86f210474cbc0e2dcebf664cf2309a4a4408f60
Change-Id: I8ea56f2d111aeccee158c40b8379383e92154d8a
This allows to change the category link rendering by extension
CategoryTree without missing update of mCategoryData and mCategories
which leads to wgCategories = [] (T372155).
The new hook will be used in extension CategoryTree by
Ic86f210474cbc0e2dcebf664cf2309a4a4408f60.
Bug: T372155
Change-Id: Id82a77a57d1f12233d974ea4c1b093f50c5ab74f
Add a new hook that can be used to prevent authentication just
before AuthManager takes the main action (writing the session
for login, creating the local user account for account creation).
The driving use case is a wiki which supports both a local and
a central (wiki-farm-level) login or signup flow - various
security options (such as 2FA) are needed during local login
but unnecessary during central login (which will have those
security features centrally), so we need to skip much of the
security when the user is taking the central route, and a bug
in how that's done could result in circumvention of security
features during local login. The hook makes it easy to inspect
and potentially interrupt login near the end, when we know for
sure what route it took. (Specifically, we know which primary
provider was used. The hook doesn't expose other details,
such as the list of preauth or secondary provders that were
invoked, because they were not needed for the immediate use
case, but they are easy to add in the future.)
The hook is called after the secondary providers for login
and before them for account creation, since secondaries can
interrupt login but cannot interrupt account creation.
A shortcoming is that since the hook is called after a primary
provider succeeded, it cannot prevent the primary provider from
doing work, ie. it cannot prevent creation of the remote account
during account creation (although it will prevent the creation
of the local account). This is not great but acceptable, since
creating a new account isn't very security-sensitive.
This also means the hook would not be useful during account
linking, as AuthManager does not do anything there, all the work
happens in the primary provider. This is even less great but
few authentication extensions implement account linking.
The hook is not called for authentication happening via
CreatedAccountAuthenticationRequest, which is a weird internal
hack hook handlers should not have to know about.
Also rename a confusingly named variable.
Change-Id: I835b2fe2f43e6e81f23348165cbb9c93832e6583
Allow disabling authentication providers. This allows for
extensions to replace core providers with their own.
This is using the $wgAuthManagerAutoConfig keys instead of
AuthenticationProvider::getUniqueId() as the keys to filter.
This makes it more useful for site administrators, and also
it's probably the better known of the two identifiers so
more intuitive.
No effort is made to prevent the hook from filtering
differently in different steps of the same authentication
process.
Bug: T369180
Change-Id: If5435b54a4fc08f685c04fc10eb44c6d72cd78fa
This hook is no longer used anywhere. It was deprecated in
ded922c21d and all of its users have
migrated to the new MessageCacheFetchOverrides hook.
Bug: T328183
Change-Id: I5f08849b57a33f0853e176a7452b6b3e6d601add
This hook enables extensions such as CentralAuth to preserve and
use query parameters needed for an authentication flow. Since there
is a provider that handles logins in a different wiki (central login
wiki), and movement to a different URL, this hook preserves query
parameters that can be used between these requests.
Bug: T363483
Bug: T362713
Change-Id: I86e629b07e6e4a0f1d1a4c78a6c77d41b4d68e18
This patch introduces a namespace declaration for the
MediaWiki\Content to JsonContent and establishes a class
alias marked as deprecated since version 1.43.
Bug: T353458
Change-Id: I44abb1ab5bd1fabf9886dc1457e241d7cae068bc
Add SpecialPrefixIndexGetFormFiltersHook hook that allow extensions
to add custom filters on Special:PrefixIndex and another hook
SpecialPrefixIndexQuery that allows you to modify the query builder
to add more conditions based on the filters selected.
Bug: T299308
Change-Id: Iabc672086547d0b19f01cc95892633c2668821ef
* Switch out raw Exceptions, mostly for InvalidArgumentExceptions.
* Fake exceptions triggered to give Monolog a backtrace are for
some reason "traditionally" RuntimeExceptions, instead, so we
continue to use that pattern in remaining locations.
* Just entirely give up on PostgresResultWrapper's resource vs. object mess.
* Drop now-unneeded false positive hits.
Change-Id: Id183ab60994cd9c6dc80401d4ce4de0ddf2b3da0
A LogicException is very generic and doesn't mean much. An
InvalidArgumentException is also a LogicException, but more
specific: A method was called (for whatever reason – bad code,
bad user input – we don't know) with an invalid, unsupported
argument. This is exactly what's going on in these cases.
BadMethodCallException does have a confusing name and is often
misused because of this. It's documented as "thrown if a callback
refers to an undefined method or if some arguments are missing".
That's something else and not what's going on in these cases.
Change-Id: Id446227f578ba701e22acd5e530ffb795e76c147
The hook is no longer called, so the deprecation warning of the
HookContainer (as mention in DeprecatedHooks) cannot work as expected.
Change-Id: Idb586e9c2d8ba87411acc137537db6d6c75485a7
This moves the core part of wfGetPrivilegedGroups() out of Wikimedia
config and makes it possible to move functionality built on it into
core.
Bug: T208477
Change-Id: I6536ef2909caeed047447e8b6a25831d6f00d827
Extensions may implement hooks defined by other extensions.
When the other extension is not present, the base class or interface of
the hook handler may also not be present. In that case, we should still
allow the handler to be registered. This is harmless, since the hook
will never fire if the extension that defines it is not loaded.
Bug: T339834
Change-Id: Id975370dececcb09ae5d00e6f68da57dc22fb267
"BadMethodCallException" sounds like it would fit, but it does
have a very different meaning, described as "exception thrown if
a callback refers to an undefined method or if some arguments are
missing". This is not what's going on here. These are methods that
should only be called from unit tests.
This appears to be a common mistake, often copy-pasted.
Change-Id: Ib39e28f596a883481d5f526460a5c871c75f5313
Until now, calling register() would initialize all previously defined
handlers for the given hook to be instantiated. That makes registration
simple and consistent, but forces instantiation of handler objects much
earlier than before.
Since some extensions use the register() method to conditionally
registere hook handlers, this may lead to service objects being created
early during request handling, even when the hook in question will not
be called at all.
NOTE: For performance reasons, register() will not normalize the given
handler immediately. This means that errors occurring diring
normalization will be silently ignored later, when run() is called.
NOTE: If the hook is deprecated, the hook handler may in some cases
still be normalized, in order to determine the description to use
in the deprecation message.
Bug: T341102
Bug: T340113
Bug: T339834
Change-Id: Ic2b741bcac5540c7cee6dc61de239b9ae1e4b7ca
This hook interface was soft deprecated in 3d40c43b1f
and is no longer used anywhere. Let's hard deprecate it.
Change-Id: Ic15978f0d798c6b7e0dcd616ad876ffddd1446ea
This fixes a bug in getHandlerDescriptions() that causes the description
of a handler to be returned twice after the handlers for a given hook
were initialized, so the handler would be present both in $this->hooks
as well as in the HookRegistry.
Change-Id: Iac913d96f0f2cdfc72f1f5f006af83691d79d4fe
There should be no need to call hook handlers directly,
this should only be done by HookContainer.
Change-Id: I8fa46c2eb6a40ad98e564c31dcfb103825608426
This reduces the acceptable forms for hook handlers to three things:
* a callable (in the form of a string, an array, or a closure)
* an object, which is expected to have a public "on" method that
matches the hook name.
* an array containing an object spec in the "handler" key, for use
with ExtensionRegistry.
All other forms will trigger a deprecation warning.
Bug: T339167
Depends-On: I980f2d45e6bb8c6a04058e68c758f71bbcf709de
Depends-On: Ieae405f70caa01d84602583cc214b0ee3fadc796
Depends-On: If15df4b598c02ed9bda5eea0ae89a16ebbf4f2e2
Depends-On: Id70276fa1e1821bd400dc0ae5cea722a21d524d5
Change-Id: I83bc81d1b3033c38b9313884a9c70a187fdde227
- Rename methods to follow the more standard convention used for
commands.
- Update doc comments.
- Add new hooks with final method names and parameter types, to replace
the old messy hooks.
- Deprecate the remaining old hooks.
Bug: T265541
Change-Id: I609709a70fb58ce00b9f179ee4de2f6ac5e0a1cf
This parameter was unused outside core, and the functionality
was intended for testing. Removing it simplifies the code quite a bit.
Note that the $replace parameter remains functional in
MediaWikiIntegrationTestCase::setTemporaryHook.
Change-Id: Ib5b4f379fbb74d54c600040a4c90f8354f4c1c61
