63 private $centralIdLookup;
76 $this->options = $options;
77 $this->centralIdLookup = $centralIdLookup;
78 $this->lbFactory = $lbFactory;
89 $loadBalancer = $this->lbFactory->getExternalLB(
93 $loadBalancer = $this->lbFactory->getMainLB(
97 return $loadBalancer->getConnectionRef(
114 int $flags = self::READ_NORMAL
120 $centralId = $this->centralIdLookup->centralIdFromLocalUser(
125 return $centralId ? $this->getByCentralId( $centralId, $appId, $flags ) : null;
138 int $flags = self::READ_NORMAL
144 list( $index, $options ) = DBAccessObjectUtils::getDBOptions( $flags );
145 $db = $this->getDatabase( $index );
146 $row = $db->selectRow(
148 [
'bp_user',
'bp_app_id',
'bp_token',
'bp_restrictions',
'bp_grants' ],
149 [
'bp_user' => $centralId,
'bp_app_id' => $appId ],
153 return $row ?
new BotPassword( $row,
true, $flags ) : null;
170 int $flags = self::READ_NORMAL
172 if ( isset( $data[
'user'] ) && ( !$data[
'user'] instanceof
UserIdentity ) ) {
178 'bp_app_id' => trim( $data[
'appId'] ??
'' ),
179 'bp_token' =>
'**unsaved**',
180 'bp_restrictions' => $data[
'restrictions'] ?? MWRestrictions::newDefault(),
181 'bp_grants' => $data[
'grants'] ?? [],
185 $row->bp_app_id ===
'' ||
186 strlen( $row->bp_app_id ) > BotPassword::APPID_MAXLENGTH ||
188 !is_array( $row->bp_grants )
193 $row->bp_restrictions = $row->bp_restrictions->toJson();
194 $row->bp_grants = FormatJson::encode( $row->bp_grants );
196 if ( isset( $data[
'user'] ) ) {
198 $row->bp_user = $this->centralIdLookup->centralIdFromLocalUser(
200 CentralIdLookup::AUDIENCE_RAW,
203 } elseif ( isset( $data[
'username'] ) ) {
204 $row->bp_user = $this->centralIdLookup->centralIdFromName(
206 CentralIdLookup::AUDIENCE_RAW,
209 } elseif ( isset( $data[
'centralId'] ) ) {
210 $row->bp_user = $data[
'centralId'];
212 if ( !$row->bp_user ) {
232 $res = $this->validateBotPassword( $botPassword );
233 if ( !
$res->isGood() ) {
237 if ( $password ===
null ) {
238 $password = PasswordFactory::newInvalidPassword();
242 'bp_app_id' => $botPassword->
getAppId(),
245 'bp_grants' => FormatJson::encode( $botPassword->
getGrants() ),
246 'bp_password' => $password->toString(),
257 $ok = (bool)$dbw->affectedRows();
259 $token = $dbw->selectField(
264 'bp_app_id' => $botPassword->
getAppId(),
268 return StatusValue::newGood( $token );
270 return StatusValue::newFatal(
'botpasswords-insert-failed', $botPassword->
getAppId() );
286 $res = $this->validateBotPassword( $botPassword );
287 if ( !
$res->isGood() ) {
293 'bp_app_id' => $botPassword->
getAppId(),
298 'bp_grants' => FormatJson::encode( $botPassword->
getGrants() ),
300 if ( $password !==
null ) {
301 $fields[
'bp_password'] = $password->toString();
312 $ok = (bool)$dbw->affectedRows();
314 $token = $dbw->selectField(
320 return StatusValue::newGood( $token );
322 return StatusValue::newFatal(
'botpasswords-update-failed', $botPassword->
getAppId() );
336 if ( strlen( $restrictions ) > BotPassword::RESTRICTIONS_MAXLENGTH ) {
337 $res->fatal(
'botpasswords-toolong-restrictions' );
341 if ( strlen( $grants ) > BotPassword::GRANTS_MAXLENGTH ) {
342 $res->fatal(
'botpasswords-toolong-grants' );
360 'bp_app_id' => $botPassword->
getAppId(),
365 return (
bool)$dbw->affectedRows();
378 $centralId = $this->centralIdLookup->centralIdFromName(
380 CentralIdLookup::AUDIENCE_RAW,
381 CentralIdLookup::READ_LATEST
390 [
'bp_password' => PasswordFactory::newInvalidPassword()->toString() ],
391 [
'bp_user' => $centralId ],
394 return (
bool)$dbw->affectedRows();
407 $centralId = $this->centralIdLookup->centralIdFromName(
409 CentralIdLookup::AUDIENCE_RAW,
410 CentralIdLookup::READ_LATEST
419 [
'bp_user' => $centralId ],
422 return (
bool)$dbw->affectedRows();
if(!defined('MW_SETUP_CALLBACK'))
The persistent session ID (if any) loaded at startup.
Utility class for bot passwords.
getUserCentralId()
Get the central user ID.
The CentralIdLookup service allows for connecting local users with cluster-wide IDs.
Helper class for DAO classes.
A class to check request restrictions expressed as a JSON object.
A class containing constants representing the names of configuration variables.
const BotPasswordsDatabase
Name constant for the BotPasswordsDatabase setting, for use with Config::get()
const EnableBotPasswords
Name constant for the EnableBotPasswords setting, for use with Config::get()
const BotPasswordsCluster
Name constant for the BotPasswordsCluster setting, for use with Config::get()
Factory class for creating and checking Password objects.
Represents a password hash for use in authentication.
Generic operation result class Has warning/error list, boolean status and arbitrary value.
const TOKEN_LENGTH
Number of characters required for the user_token field.
Interface for database access objects.