For example:
* assertStatusGood = ok without any errors or warnings
* assertStatusWarning = ok, but not good, i.e. there is a warning
Change-Id: I4b3ec7a3c5b028c0505e1371c297a9c47e448b42
This class is used heavily basically everywhere, moving it to Utils
wouldn't make much sense. Also with this change, we can move
StatusValue to MediaWiki\Status as well.
Bug: T321882
Depends-On: I5f89ecf27ce1471a74f31c6018806461781213c3
Change-Id: I04c1dcf5129df437589149f0f3e284974d7c98fa
Just methods where adding "static" to the declaration was enough, I
didn't do anything with providers that used $this.
Initially by search and replace. There were many mistakes which I
found mostly by running the PHPStorm inspection which searches for
$this usage in a static method. Later I used the PHPStorm "make static"
action which avoids the more obvious mistakes.
Bug: T332865
Change-Id: I47ed6692945607dfa5c139d42edbd934fa4f3a36
This ensures that assertions work in a uniform way,
and provides meaningful messages in cause of failure.
Change-Id: Ic01715b9a55444d3df6b5d4097e78cb8ac082b3e
This doesn't yet completely eliminate the dependency
on user, because the individual password policy check
functions are still documented to receive User.
Password policy check functions can be defined by
extensions, and configured via $wgPasswordPolicy,
so we still need to unwrap user identity to a User
before passing into the actual check. But, this removes
User from the PassworkPolicyCheck interface.
Change-Id: If813b9b0ebbeb89bc61331c9da8efb86e591bfb9
Remove ::testPasswordPolicyDescriptionsExist(), should
be redundant to PasswordPolicyStructureTest::testCheckMessage
Use mock User objects instead of real ones, only
->getName() is needed
Change-Id: I362cfcfdbbc53cef54e72bce9bab0d24829472d7
The name change happened some time ago, and I think its
about time to start using the name name!
(Done with a find and replace)
My personal motivation for doing this is that I have started
trying out vscode as an IDE for mediawiki development, and
right now it doesn't appear to handle php aliases very well
or at all.
Change-Id: I412235d91ae26e4c1c6a62e0dbb7e7cf3c5ed4a6
Similar to checkPasswordCannotMatchUsername, MediaWiki should ensure
that users are unable to accidentally create or edit their username
to include their password as a substring of said username.
Bug: T241845
Change-Id: I437e91a5b83a792c5ad31e291915491bbb382dfa
This was fixed in PHPUnit 6.5.14, thanks to @epdenouden for fixing it and
seeing it get backported. We now explicitly require ^6.5.14 in composer.json
for PHPUnit.
This reverts commit 9c5174669e.
Change-Id: I15e5a99657a74bf94af636d5a44ea74df0a324f8
It's causing quite a bit of WMF log spam because it's still used in wmf-config
Partial revert of I4c90e361b7538efeb0c5efa7ca61aed2e468591c
Change-Id: I7d1282e4260e7a42bee35b81d77470eb40dea818
PHP 7.2.21 and 7.3.8 changed the default settings for PASSWORD_ARGON2I.
Load the default settings at runtime so the test can work.
Bug: T230487
Change-Id: I55a0f1af160c822113c9f86f8f8cce558da61736
This changeset resumes work on T89432 and related tickets
by porting an initial set of tests to the new unit test suite
separated out in I69b92db3e70093570e05cc0a64c7780a278b321a.
The tests were only ported if they worked immediately without
requiring any changes other than changing the test case class
to MediaWikiUnitTestCase and moving the test to the new suite.
If a test failed for any reason (even trivial misconfiguration),
it was NOT ported.
With this change, the unit tests suite now consits of a total
of 455 tests. As before, you can run these tests via the following
command:
$ composer phpunit:unit
Bug: T84948
Bug: T89432
Bug: T87781
Change-Id: Ibb8175981092d7f41864e641cc3c118af70a5c76
This changeset lays down the basic groundwork required to implement
T89432 and related tickets and is based on exploration done
at the Prague Hackathon. The goal is to identify tests in MediaWiki core
that can be run without having to install & configure MediaWiki and its dependencies,
and provide a way to execute these tests via the standard phpunit entry point,
allowing for faster development and integration with existing tooling like IDEs.
This changeset creates a new subdirectory under phpunit/ and organizes it
into a separate test suite. The environment for this suite is set up
via a PHPUnit bootstrap file without a custom entry point. For B/C, this
directory is also registered in suite.xml, to ensure that existing CI jobs
still pick up tests in the new suite.
For initial testing, a single test class, PasswordFactoryTest, was moved
to this new suite.
You can run the new suite using the follwoing command:
$ vendor/bin/phpunit -d memory_limit=512M -c tests/phpunit/unit-tests.xml
Bug: T84948
Bug: T89432
Bug: T87781
Change-Id: I69b92db3e70093570e05cc0a64c7780a278b321a
This changeset implements T89432 and related tickets and is based on exploration
done at the Prague Hackathon. The goal is to identify tests in MediaWiki core
that can be run without having to install & configure MediaWiki and its dependencies,
and provide a way to execute these tests via the standard phpunit entry point,
allowing for faster development and integration with existing tooling like IDEs.
The initial set of tests that met these criteria were identified using the work Amir did in
I88822667693d9e00ac3d4639c87bc24e5083e5e8. These tests were then moved into a new subdirectory
under phpunit/ and organized into a separate test suite. The environment for this suite
is set up via a PHPUnit bootstrap file without a custom entry point.
You can execute these tests by running:
$ vendor/bin/phpunit -d memory_limit=512M -c tests/phpunit/unit-tests.xml
Bug: T89432
Bug: T87781
Bug: T84948
Change-Id: Iad01033a0548afd4d2a6f2c1ef6fcc9debf72c0d
This was the only comment I could find that uses two curly brackets
for some reason. There are a few more with one curly bracket.
Change-Id: Iaed631916064e6be4895edd4c7a3d7de491e16c2
Password policy checks that fail and have `suggestChangeOnLogin` set to true will
prompt for a password change on login.
Below are some rules that apply to this setting in different scenarios:
- If only one policy fails and has `suggestChangeOnLogin = false`, a password change will
not be requested
- If more than one policy fails and one or more have `suggestChangeOnLogin` set to true`,
a password change will be requested
- If `forceChange` is present in any of the failing policies, `suggestChangeOnLogin` value
will be ignored and password change will be enforced
- if $wgInvalidPasswordReset is set to false `suggestChangeOnLogin` is ignored
IMPORTANT**
Before this patch, suggesting a password change was the default behavior (depending on
$wgInvalidPasswordReset), which means that the necessary changes to $wgPasswordPolicy
need to be in place before this patch is merged and gets to production.
Bug: T211621
Change-Id: I7a4a0a06273fa4e8bd0da3dac54cf5a1b78bb3fd
So far, everything we had was vulnerable to newest advances in
GPU cracking and timing side-channel attacks. Argon2 was designed
specifically to address these problems.
Unfortunately, PHP support is lagging, with some builds missing
Argon2id or even Argon2i.
Change-Id: Ifdf648f5d8a734a663e630286724a6d0a87c7510
So far, our key derivation code assumed that it has control over
the salt used by the derivation routines, however I want to add Argon2
support and it doesn't work this way: password_hash() generates the
salt itself, and the only way to verify a password is by using
password_verify(). Current way the things are done doesn't support it
because it relies on the result of password hashing with parameters we
provide to be deterministic.
Therefore, I'm deprecating Password::equals(), as well as whole concept
of comparing Password objects - it's used only in tests anyway. It's
getting replaced with verify() that only accepts password strings.
Uses of old function are fixed with exception of a few calls in tests
that will be addressed in my Argon2 patch.
Change-Id: I2b2be9a422ee0f773490eac316ad81505c3f8571
Adds a way to set an array of options for a password policy. Currently
there is one option, 'forceChange', which forces the user to change
their password (if it fails the given check) before logging in.
Bug: T118774
Change-Id: I28c31fc4eae08c3ac44eff3a05f5e785ce4b9e01
It's misleading because even with this option the Hash extension is
still required due to usage of hash_hmac(), it's just to allow this
class to work on pre-5.5 PHP that had hash_hmac() but not hash_pbkdf().
Since we require 7.0, this option doesn't do anything anymore.
Change-Id: Ib60ab9377b44d78b7147c6139b07dc5467da007c
Instead of having basically every caller do:
$pf = new PasswordFactory();
$pf->init( RequestContext::getMain()->getConfig() );
Just create a single PasswordFactory via MediaWikiServices and pass that
around. Things that want to use their own config can still pass settings
via the new constructor.
This will eventually let us remove the init() function, removing the
only hard dependency upon MediaWiki, to make it easier to librarize
(T89742).
Change-Id: I0fc7520dc023b11a7fa66083eff7b88ebfe49c7b
Similar to other non-php files used by various classes/libs.
This leaves the serialized/ empty (apart from dotfiles), and as
such the directory was removed.
Change-Id: I538ffe0828843220ac4e161cf2e119deb9bd7ac0
Storing the user name or IP in every row in large tables like revision
and logging takes up space and makes operations on these tables slower.
This patch begins the process of moving those into one "actor" table
which other tables can reference with a single integer field.
A subsequent patch will remove the old columns.
Bug: T167246
Depends-On: I9293fd6e0f958d87e52965de925046f1bb8f8a50
Change-Id: I8d825eb02c69cc66d90bd41325133fd3f99f0226
