MediaWiki REL1_28
|
Helper class for the password reset functionality shared by the web UI and the API. More...
Public Member Functions | |
__construct (Config $config, AuthManager $authManager) | |
execute (User $performingUser, $username=null, $email=null, $displayPassword=false) | |
Do a password reset. | |
isAllowed (User $user, $displayPassword=false) | |
Check if a given user has permission to use this functionality. | |
Protected Member Functions | |
getUsersByEmail ( $email) | |
Protected Attributes | |
AuthManager | $authManager |
Config | $config |
Private Attributes | |
HashBagOStuff | $permissionCache |
In-process cache for isAllowed lookups, by username. | |
Helper class for the password reset functionality shared by the web UI and the API.
Requires the TemporaryPasswordPrimaryAuthenticationProvider and the EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent functionality) to be enabled.
Definition at line 33 of file PasswordReset.php.
PasswordReset::__construct | ( | Config | $config, |
AuthManager | $authManager | ||
) |
Definition at line 47 of file PasswordReset.php.
References $authManager, and $config.
PasswordReset::execute | ( | User | $performingUser, |
$username = null , |
|||
$email = null , |
|||
$displayPassword = false |
|||
) |
Do a password reset.
Authorization is the caller's responsibility.
Process the form. At this point we know that the user passes all the criteria in userCanExecute(), and if the data array contains 'Username', etc, then Username resets are allowed.
User | $performingUser | The user that does the password reset |
string | $username | The user whose password is reset |
string | Alternative way to specify the user | |
bool | $displayPassword | Whether to display the password |
LogicException | When the user is not allowed to perform the action |
MWException | On unexpected DB errors |
Definition at line 123 of file PasswordReset.php.
References $req, $status, $user, $username, as, false, User\getId(), User\getName(), User\getRequest(), getUsersByEmail(), isAllowed(), User\pingLimiter(), wfEscapeWikiText(), and wfMessage().
|
protected |
string |
MWException | On unexpected database errors |
Definition at line 238 of file PasswordReset.php.
References $res, as, DB_REPLICA, and wfGetDB().
Referenced by execute().
PasswordReset::isAllowed | ( | User | $user, |
$displayPassword = false |
|||
) |
Check if a given user has permission to use this functionality.
User | $user | |
bool | $displayPassword | If set, also check whether the user is allowed to reset the password of another user and see the temporary password. |
Definition at line 60 of file PasswordReset.php.
References $status, $user, and list.
Referenced by execute().
|
protected |
Definition at line 38 of file PasswordReset.php.
Referenced by __construct().
|
protected |
Definition at line 35 of file PasswordReset.php.
Referenced by __construct().
|
private |
In-process cache for isAllowed lookups, by username.
Contains pairs of StatusValue objects (for false and true value of $displayPassword, respectively).
Definition at line 45 of file PasswordReset.php.