Helper class for the password reset functionality shared by the web UI and the API. More...
Public Member Functions | |
| __construct (Config $config, AuthManager $authManager) | |
| execute (User $performingUser, $username=null, $email=null, $displayPassword=false) | |
| Do a password reset. More... | |
| isAllowed (User $user, $displayPassword=false) | |
| Check if a given user has permission to use this functionality. More... | |
Protected Member Functions | |
| getUsersByEmail ($email) | |
Protected Attributes | |
| AuthManager | $authManager |
| Config | $config |
Private Attributes | |
| HashBagOStuff | $permissionCache |
| In-process cache for isAllowed lookups, by username. More... | |
Detailed Description
Helper class for the password reset functionality shared by the web UI and the API.
Requires the TemporaryPasswordPrimaryAuthenticationProvider and the EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent functionality) to be enabled.
Definition at line 33 of file PasswordReset.php.
Constructor & Destructor Documentation
| PasswordReset::__construct | ( | Config | $config, |
| AuthManager | $authManager | ||
| ) |
Definition at line 47 of file PasswordReset.php.
References $authManager, and $config.
Member Function Documentation
| PasswordReset::execute | ( | User | $performingUser, |
$username = null, |
|||
$email = null, |
|||
$displayPassword = false |
|||
| ) |
Do a password reset.
Authorization is the caller's responsibility.
Process the form. At this point we know that the user passes all the criteria in userCanExecute(), and if the data array contains 'Username', etc, then Username resets are allowed.
- Parameters
-
User $performingUser The user that does the password reset string $username The user whose password is reset string $email Alternative way to specify the user bool $displayPassword Whether to display the password
- Returns
- StatusValue Will contain the passwords as a username => password array if the $displayPassword flag was set
- Exceptions
-
LogicException When the user is not allowed to perform the action MWException On unexpected DB errors
Definition at line 123 of file PasswordReset.php.
References $req, $status, $user, $username, as, false, User\getName(), User\getRequest(), getUsersByEmail(), isAllowed(), StatusValue\newFatal(), User\newFromName(), Message\newFromSpecifier(), StatusValue\newGood(), User\pingLimiter(), Hooks\run(), Sanitizer\validateEmail(), wfEscapeWikiText(), and wfMessage().
|
protected |
- Parameters
-
string $email
- Returns
- User[]
- Exceptions
-
MWException On unexpected database errors
Definition at line 238 of file PasswordReset.php.
References $res, as, DB_REPLICA, User\newFromRow(), User\selectFields(), and wfGetDB().
Referenced by execute().
Check if a given user has permission to use this functionality.
- Parameters
-
User $user bool $displayPassword If set, also check whether the user is allowed to reset the password of another user and see the temporary password.
- Returns
- StatusValue
Definition at line 60 of file PasswordReset.php.
References $status, User\getName(), User\isAllowed(), User\isBlocked(), list, StatusValue\newFatal(), and StatusValue\newGood().
Referenced by execute().
Member Data Documentation
|
protected |
Definition at line 38 of file PasswordReset.php.
Referenced by __construct().
|
protected |
Definition at line 35 of file PasswordReset.php.
Referenced by __construct().
|
private |
In-process cache for isAllowed lookups, by username.
Contains pairs of StatusValue objects (for false and true value of $displayPassword, respectively).
Definition at line 45 of file PasswordReset.php.
The documentation for this class was generated from the following file:
- includes/user/PasswordReset.php
