MediaWiki  1.30.0
Public Member Functions | Static Public Member Functions | Private Member Functions | Private Attributes | List of all members
UserPasswordPolicy Class Reference

Check if a user's password complies with any password policies that apply to that user, based on the user's group membership. More...

Public Member Functions

 __construct (array $policies, array $checks)
 
 checkUserPassword (User $user, $password)
 Check if a passwords meets the effective password policy for a User. More...
 
 checkUserPasswordForGroups (User $user, $password, array $groups)
 Check if a passwords meets the effective password policy for a User, using a set of groups they may or may not belong to. More...
 
 getPoliciesForUser (User $user)
 Get the policy for a user, based on their group membership. More...
 

Static Public Member Functions

static getPoliciesForGroups (array $policies, array $userGroups, array $defaultPolicy)
 Utility function to get the effective policy from a list of policies, based on a list of groups. More...
 
static maxOfPolicies (array $p1, array $p2)
 Utility function to get a policy that is the most restrictive of $p1 and $p2. More...
 

Private Member Functions

 checkPolicies (User $user, $password, $policies, $policyCheckFunctions)
 

Private Attributes

array $policies
 
array $policyCheckFunctions
 Mapping of statements to the function that will test the password for compliance. More...
 

Detailed Description

Check if a user's password complies with any password policies that apply to that user, based on the user's group membership.

Since
1.26

Definition at line 28 of file UserPasswordPolicy.php.

Constructor & Destructor Documentation

◆ __construct()

UserPasswordPolicy::__construct ( array  $policies,
array  $checks 
)
Parameters
array$policies
array$checksmapping statement to its checking function. Checking functions are called with the policy value for this user, the user object, and the password to check.

Definition at line 48 of file UserPasswordPolicy.php.

References $policies, and as.

Member Function Documentation

◆ checkPolicies()

UserPasswordPolicy::checkPolicies ( User  $user,
  $password,
  $policies,
  $policyCheckFunctions 
)
private
Parameters
User$user
string$password
array$policies
array$policyCheckFunctions
Returns
Status

Definition at line 114 of file UserPasswordPolicy.php.

References $policies, $policyCheckFunctions, $user, $value, as, and StatusValue\newGood().

Referenced by checkUserPassword(), and checkUserPasswordForGroups().

◆ checkUserPassword()

UserPasswordPolicy::checkUserPassword ( User  $user,
  $password 
)

Check if a passwords meets the effective password policy for a User.

Parameters
User$userwho's policy we are checking
string$passwordthe password to check
Returns
Status error to indicate the password didn't meet the policy, or fatal to indicate the user shouldn't be allowed to login.

Definition at line 73 of file UserPasswordPolicy.php.

References checkPolicies(), and getPoliciesForUser().

◆ checkUserPasswordForGroups()

UserPasswordPolicy::checkUserPasswordForGroups ( User  $user,
  $password,
array  $groups 
)

Check if a passwords meets the effective password policy for a User, using a set of groups they may or may not belong to.

This function does not use the DB, so can be used in the installer.

Parameters
User$userwho's policy we are checking
string$passwordthe password to check
array$groupslist of groups to which we assume the user belongs
Returns
Status error to indicate the password didn't meet the policy, or fatal to indicate the user shouldn't be allowed to login.

Definition at line 93 of file UserPasswordPolicy.php.

References checkPolicies(), and getPoliciesForGroups().

◆ getPoliciesForGroups()

static UserPasswordPolicy::getPoliciesForGroups ( array  $policies,
array  $userGroups,
array  $defaultPolicy 
)
static

Utility function to get the effective policy from a list of policies, based on a list of groups.

Parameters
array$policieslist of policies to consider
array$userGroupsthe groups from which we calculate the effective policy
array$defaultPolicythe default policy to start from
Returns
array effective policy

Definition at line 158 of file UserPasswordPolicy.php.

References $policies, as, and maxOfPolicies().

Referenced by checkUserPasswordForGroups(), getPoliciesForUser(), and UserPasswordPolicyTest\testGetPoliciesForGroups().

◆ getPoliciesForUser()

UserPasswordPolicy::getPoliciesForUser ( User  $user)

Get the policy for a user, based on their group membership.

Public so UI elements can access and inform the user.

Parameters
User$user
Returns
array the effective policy for $user

Definition at line 138 of file UserPasswordPolicy.php.

References $user, getPoliciesForGroups(), and Hooks\run().

Referenced by checkUserPassword().

◆ maxOfPolicies()

static UserPasswordPolicy::maxOfPolicies ( array  $p1,
array  $p2 
)
static

Utility function to get a policy that is the most restrictive of $p1 and $p2.

For simplicity, we setup the policy values so the maximum value is always more restrictive.

Parameters
array$p1
array$p2
Returns
array containing the more restrictive values of $p1 and $p2

Definition at line 181 of file UserPasswordPolicy.php.

References $keys, $ret, and as.

Referenced by getPoliciesForGroups(), and UserPasswordPolicyTest\testMaxOfPolicies().

Member Data Documentation

◆ $policies

array UserPasswordPolicy::$policies
private

Definition at line 33 of file UserPasswordPolicy.php.

Referenced by __construct(), checkPolicies(), and getPoliciesForGroups().

◆ $policyCheckFunctions

array UserPasswordPolicy::$policyCheckFunctions
private

Mapping of statements to the function that will test the password for compliance.

The checking functions take the policy value, the user, and password, and return a Status object indicating compliance.

Definition at line 41 of file UserPasswordPolicy.php.

Referenced by checkPolicies().

The documentation for this class was generated from the following file: