Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 56 |
|
0.00% |
0 / 12 |
CRAP | |
0.00% |
0 / 1 |
| DisableOATHForUser | |
0.00% |
0 / 56 |
|
0.00% |
0 / 12 |
272 | |
0.00% |
0 / 1 |
| __construct | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
2 | |||
| getGroupName | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| doesWrites | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getLoginSecurityLevel | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| alterForm | |
0.00% |
0 / 4 |
|
0.00% |
0 / 1 |
2 | |||
| getDisplayFormat | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| requiresUnblock | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| checkExecutePermissions | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
| execute | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
| getFormFields | |
0.00% |
0 / 16 |
|
0.00% |
0 / 1 |
2 | |||
| onSubmit | |
0.00% |
0 / 22 |
|
0.00% |
0 / 1 |
30 | |||
| onSuccess | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
| 1 | <?php |
| 2 | |
| 3 | namespace MediaWiki\Extension\OATHAuth\Special; |
| 4 | |
| 5 | use HTMLForm; |
| 6 | use ManualLogEntry; |
| 7 | use MediaWiki\Config\ConfigException; |
| 8 | use MediaWiki\Extension\OATHAuth\OATHUserRepository; |
| 9 | use MediaWiki\Logger\LoggerFactory; |
| 10 | use MediaWiki\SpecialPage\FormSpecialPage; |
| 11 | use MediaWiki\User\User; |
| 12 | use MediaWiki\User\UserFactory; |
| 13 | use Message; |
| 14 | use MWException; |
| 15 | use UserBlockedError; |
| 16 | use UserNotLoggedIn; |
| 17 | |
| 18 | class DisableOATHForUser extends FormSpecialPage { |
| 19 | |
| 20 | private OATHUserRepository $userRepo; |
| 21 | |
| 22 | private UserFactory $userFactory; |
| 23 | |
| 24 | /** |
| 25 | * @param OATHUserRepository $userRepo |
| 26 | * @param UserFactory $userFactory |
| 27 | */ |
| 28 | public function __construct( $userRepo, $userFactory ) { |
| 29 | // messages used: disableoathforuser (display "name" on Special:SpecialPages), |
| 30 | // right-oathauth-disable-for-user, action-oathauth-disable-for-user |
| 31 | parent::__construct( 'DisableOATHForUser', 'oathauth-disable-for-user' ); |
| 32 | |
| 33 | $this->userRepo = $userRepo; |
| 34 | $this->userFactory = $userFactory; |
| 35 | } |
| 36 | |
| 37 | /** |
| 38 | * @inheritDoc |
| 39 | */ |
| 40 | protected function getGroupName() { |
| 41 | return 'users'; |
| 42 | } |
| 43 | |
| 44 | public function doesWrites() { |
| 45 | return true; |
| 46 | } |
| 47 | |
| 48 | /** |
| 49 | * @return string |
| 50 | */ |
| 51 | protected function getLoginSecurityLevel() { |
| 52 | return $this->getName(); |
| 53 | } |
| 54 | |
| 55 | /** |
| 56 | * Set the page title and add JavaScript RL modules |
| 57 | * |
| 58 | * @param HTMLForm $form |
| 59 | */ |
| 60 | public function alterForm( HTMLForm $form ) { |
| 61 | $form->setMessagePrefix( 'oathauth' ); |
| 62 | $form->setWrapperLegendMsg( 'oathauth-disable-for-user' ); |
| 63 | $form->setPreHtml( $this->msg( 'oathauth-disable-intro' )->parse() ); |
| 64 | $form->getOutput()->setPageTitleMsg( $this->msg( 'oathauth-disable-for-user' ) ); |
| 65 | } |
| 66 | |
| 67 | /** |
| 68 | * @return string |
| 69 | */ |
| 70 | protected function getDisplayFormat() { |
| 71 | return 'ooui'; |
| 72 | } |
| 73 | |
| 74 | /** |
| 75 | * @return bool |
| 76 | */ |
| 77 | public function requiresUnblock() { |
| 78 | return false; |
| 79 | } |
| 80 | |
| 81 | /** |
| 82 | * @param User $user |
| 83 | * @throws UserBlockedError |
| 84 | * @throws UserNotLoggedIn |
| 85 | */ |
| 86 | protected function checkExecutePermissions( User $user ) { |
| 87 | parent::checkExecutePermissions( $user ); |
| 88 | |
| 89 | $this->requireLogin(); |
| 90 | } |
| 91 | |
| 92 | /** |
| 93 | * @param string $par |
| 94 | */ |
| 95 | public function execute( $par ) { |
| 96 | $this->getOutput()->disallowUserJs(); |
| 97 | parent::execute( $par ); |
| 98 | } |
| 99 | |
| 100 | /** |
| 101 | * @return array[] |
| 102 | */ |
| 103 | protected function getFormFields() { |
| 104 | return [ |
| 105 | 'user' => [ |
| 106 | 'type' => 'user', |
| 107 | 'default' => '', |
| 108 | 'label-message' => 'oathauth-enteruser', |
| 109 | 'name' => 'user', |
| 110 | 'required' => true, |
| 111 | ], |
| 112 | 'reason' => [ |
| 113 | 'type' => 'text', |
| 114 | 'default' => '', |
| 115 | 'label-message' => 'oathauth-enterdisablereason', |
| 116 | 'name' => 'reason', |
| 117 | 'required' => true, |
| 118 | ], |
| 119 | ]; |
| 120 | } |
| 121 | |
| 122 | /** |
| 123 | * @param array $formData |
| 124 | * @return array|bool |
| 125 | * @throws ConfigException |
| 126 | * @throws MWException |
| 127 | */ |
| 128 | public function onSubmit( array $formData ) { |
| 129 | $user = $this->userFactory->newFromName( $formData['user'] ); |
| 130 | if ( !$user || ( $user->getId() === 0 ) ) { |
| 131 | return [ 'oathauth-user-not-found' ]; |
| 132 | } |
| 133 | |
| 134 | $oathUser = $this->userRepo->findByUser( $user ); |
| 135 | |
| 136 | if ( !$oathUser->isTwoFactorAuthEnabled() ) { |
| 137 | return [ 'oathauth-user-not-does-not-have-oath-enabled' ]; |
| 138 | } |
| 139 | |
| 140 | if ( $this->getUser()->pingLimiter( 'disableoath', 0 ) ) { |
| 141 | // Arbitrary duration given here |
| 142 | return [ 'oathauth-throttled', Message::durationParam( 60 ) ]; |
| 143 | } |
| 144 | |
| 145 | $this->userRepo->removeAll( $oathUser, $this->getRequest()->getIP(), false ); |
| 146 | |
| 147 | // messages used: logentry-oath-disable-other, log-action-oath-disable-other |
| 148 | $logEntry = new ManualLogEntry( 'oath', 'disable-other' ); |
| 149 | $logEntry->setPerformer( $this->getUser() ); |
| 150 | $logEntry->setTarget( $user->getUserPage() ); |
| 151 | $logEntry->setComment( $formData['reason'] ); |
| 152 | $logEntry->insert(); |
| 153 | |
| 154 | LoggerFactory::getInstance( 'authentication' )->info( |
| 155 | 'OATHAuth disabled for {usertarget} by {user} from {clientip}', [ |
| 156 | 'user' => $this->getUser()->getName(), |
| 157 | 'usertarget' => $formData['user'], |
| 158 | 'clientip' => $this->getRequest()->getIP(), |
| 159 | ] |
| 160 | ); |
| 161 | |
| 162 | return true; |
| 163 | } |
| 164 | |
| 165 | public function onSuccess() { |
| 166 | $this->getOutput()->addWikiMsg( 'oathauth-disabledoath' ); |
| 167 | $this->getOutput()->returnToMain(); |
| 168 | } |
| 169 | |
| 170 | } |