Code Coverage for /workspace/src/includes/specials/SpecialPasswordReset.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 66	0.00% covered (danger)	0.00%	0 / 12	CRAP	0.00% covered (danger)	0.00%	0 / 1
SpecialPasswordReset	0.00% covered (danger)	0.00%	0 / 65	0.00% covered (danger)	0.00%	0 / 12	930	0.00% covered (danger)	0.00%	0 / 1
__construct	0.00% covered (danger)	0.00%	0 / 2	0.00% covered (danger)	0.00%	0 / 1	2
doesWrites	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2
userCanExecute	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2
checkExecutePermissions	0.00% covered (danger)	0.00%	0 / 4	0.00% covered (danger)	0.00%	0 / 1	6
execute	0.00% covered (danger)	0.00%	0 / 3	0.00% covered (danger)	0.00%	0 / 1	2
getFormFields	0.00% covered (danger)	0.00%	0 / 16	0.00% covered (danger)	0.00%	0 / 1	42
getDisplayFormat	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2
alterForm	0.00% covered (danger)	0.00%	0 / 11	0.00% covered (danger)	0.00%	0 / 1	42
onSubmit	0.00% covered (danger)	0.00%	0 / 8	0.00% covered (danger)	0.00%	0 / 1	12
onSuccess	0.00% covered (danger)	0.00%	0 / 14	0.00% covered (danger)	0.00%	0 / 1	30
isListed	0.00% covered (danger)	0.00%	0 / 3	0.00% covered (danger)	0.00%	0 / 1	6
getGroupName	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2

1	<?php
2	/**
3	* Implements Special:PasswordReset
4	*
5	* This program is free software; you can redistribute it and/or modify
6	* it under the terms of the GNU General Public License as published by
7	* the Free Software Foundation; either version 2 of the License, or
8	* (at your option) any later version.
9	*
10	* This program is distributed in the hope that it will be useful,
11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13	* GNU General Public License for more details.
14	*
15	* You should have received a copy of the GNU General Public License along
16	* with this program; if not, write to the Free Software Foundation, Inc.,
17	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18	* http://www.gnu.org/copyleft/gpl.html
19	*
20	* @file
21	* @ingroup SpecialPage
22	*/
23
24	namespace MediaWiki\Specials;
25
26	use ErrorPageError;
27	use MediaWiki\HTMLForm\HTMLForm;
28	use MediaWiki\MainConfigNames;
29	use MediaWiki\SpecialPage\FormSpecialPage;
30	use MediaWiki\Status\Status;
31	use MediaWiki\User\PasswordReset;
32	use MediaWiki\User\User;
33	use ThrottledError;
34
35	/**
36	* Special page for requesting a password reset email.
37	*
38	* Requires the TemporaryPasswordPrimaryAuthenticationProvider and the
39	* EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent
40	* functionality) to be enabled.
41	*
42	* @ingroup SpecialPage
43	*/
44	class SpecialPasswordReset extends FormSpecialPage {
45	/** @var PasswordReset */
46	private $passwordReset;
47
48	/**
49	* @var Status
50	*/
51	private $result;
52
53	/**
54	* @var string Identifies which password reset field was specified by the user.
55	*/
56	private $method;
57
58	/**
59	* @param PasswordReset $passwordReset
60	*/
61	public function __construct( PasswordReset $passwordReset ) {
62	parent::__construct( 'PasswordReset', 'editmyprivateinfo' );
63
64	$this->passwordReset = $passwordReset;
65	}
66
67	public function doesWrites() {
68	return true;
69	}
70
71	public function userCanExecute( User $user ) {
72	return $this->passwordReset->isAllowed( $user )->isGood();
73	}
74
75	public function checkExecutePermissions( User $user ) {
76	$status = Status::wrap( $this->passwordReset->isAllowed( $user ) );
77	if ( !$status->isGood() ) {
78	throw new ErrorPageError( 'internalerror', $status->getMessage() );
79	}
80
81	parent::checkExecutePermissions( $user );
82	}
83
84	/**
85	* @param string\|null $par
86	*/
87	public function execute( $par ) {
88	$out = $this->getOutput();
89	$out->disallowUserJs();
90	parent::execute( $par );
91	}
92
93	protected function getFormFields() {
94	$resetRoutes = $this->getConfig()->get( MainConfigNames::PasswordResetRoutes );
95	$a = [];
96	if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
97	$a['Username'] = [
98	'type' => 'text',
99	'default' => $this->getRequest()->getSession()->suggestLoginUsername(),
100	'label-message' => 'passwordreset-username',
101	];
102
103	if ( $this->getUser()->isRegistered() ) {
104	$a['Username']['default'] = $this->getUser()->getName();
105	}
106	}
107
108	if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
109	$a['Email'] = [
110	'type' => 'email',
111	'label-message' => 'passwordreset-email',
112	];
113	}
114
115	return $a;
116	}
117
118	protected function getDisplayFormat() {
119	return 'ooui';
120	}
121
122	public function alterForm( HTMLForm $form ) {
123	$resetRoutes = $this->getConfig()->get( MainConfigNames::PasswordResetRoutes );
124
125	$form->setSubmitDestructive();
126
127	$form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
128
129	$i = 0;
130	if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
131	$i++;
132	}
133	if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
134	$i++;
135	}
136
137	$message = ( $i > 1 ) ? 'passwordreset-text-many' : 'passwordreset-text-one';
138
139	$form->setHeaderHtml( $this->msg( $message, $i )->parseAsBlock() );
140	$form->setSubmitTextMsg( 'mailmypassword' );
141	}
142
143	/**
144	* Process the form. At this point we know that the user passes all the criteria in
145	* userCanExecute(), and if the data array contains 'Username', etc, then Username
146	* resets are allowed.
147	* @param array $data
148	* @return Status
149	*/
150	public function onSubmit( array $data ) {
151	$username = $data['Username'] ?? null;
152	$email = $data['Email'] ?? null;
153
154	$this->method = $username ? 'username' : 'email';
155	$this->result = Status::wrap(
156	$this->passwordReset->execute( $this->getUser(), $username, $email ) );
157
158	if ( $this->result->hasMessage( 'actionthrottledtext' ) ) {
159	throw new ThrottledError;
160	}
161
162	return $this->result;
163	}
164
165	/**
166	* Show a message on the successful processing of the form.
167	* This doesn't necessarily mean a reset email was sent.
168	*/
169	public function onSuccess() {
170	$output = $this->getOutput();
171
172	// Information messages.
173	$output->addWikiMsg( 'passwordreset-success' );
174	$output->addWikiMsg( 'passwordreset-success-details-generic',
175	$this->getConfig()->get( MainConfigNames::PasswordReminderResendTime ) );
176
177	// Confirmation of what the user has just submitted.
178	$info = "\n";
179	$postVals = $this->getRequest()->getPostValues();
180	if ( isset( $postVals['wpUsername'] ) && $postVals['wpUsername'] !== '' ) {
181	$info .= "* " . $this->msg( 'passwordreset-username' ) . ' '
182	. wfEscapeWikiText( $postVals['wpUsername'] ) . "\n";
183	}
184	if ( isset( $postVals['wpEmail'] ) && $postVals['wpEmail'] !== '' ) {
185	$info .= "* " . $this->msg( 'passwordreset-email' ) . ' '
186	. wfEscapeWikiText( $postVals['wpEmail'] ) . "\n";
187	}
188	$output->addWikiMsg( 'passwordreset-success-info', $info );
189
190	// Link to main page.
191	$output->returnToMain();
192	}
193
194	/**
195	* Hide the password reset page if resets are disabled.
196	* @return bool
197	*/
198	public function isListed() {
199	if ( !$this->passwordReset->isEnabled()->isGood() ) {
200	return false;
201	}
202
203	return parent::isListed();
204	}
205
206	protected function getGroupName() {
207	return 'login';
208	}
209	}
210
211	/**
212	* Retain the old class name for backwards compatibility.
213	* @deprecated since 1.41
214	*/
215	class_alias( SpecialPasswordReset::class, 'SpecialPasswordReset' );