MediaWiki REL1_33
DeleteLocalPasswords.php
Go to the documentation of this file.
1<?php
24use MediaWiki\MediaWikiServices;
25use Wikimedia\Rdbms\IDatabase;
26use Wikimedia\Rdbms\IMaintainableDatabase;
27
28require_once __DIR__ . '/../Maintenance.php';
29
44class DeleteLocalPasswords extends Maintenance {
46 protected $user;
47
49 protected $total;
50
51 public function __construct() {
52 parent::__construct();
53 $this->mDescription = "Deletes local password for users.";
54 $this->setBatchSize( 1000 );
55
56 $this->addOption( 'user', 'If specified, only checks the given user', false, true );
57 $this->addOption( 'delete', 'Really delete. To prevent accidents, you must provide this flag.' );
58 $this->addOption( 'prefix', "Instead of deleting, make passwords invalid by prefixing with "
59 . "':null:'. Make sure PasswordConfig has a 'null' entry. This is meant for testing before "
60 . "hard delete." );
61 $this->addOption( 'unprefix', 'Instead of deleting, undo the effect of --prefix.' );
62 }
63
64 protected function initialize() {
65 if (
66 $this->hasOption( 'delete' ) + $this->hasOption( 'prefix' )
67 + $this->hasOption( 'unprefix' ) !== 1
68 ) {
69 $this->fatalError( "Exactly one of the 'delete', 'prefix', 'unprefix' options must be used\n" );
70 }
71 if ( $this->hasOption( 'prefix' ) || $this->hasOption( 'unprefix' ) ) {
72 $passwordHashTypes = MediaWikiServices::getInstance()->getPasswordFactory()->getTypes();
73 if (
74 !isset( $passwordHashTypes['null'] )
75 || $passwordHashTypes['null']['class'] !== InvalidPassword::class
76 ) {
77 $this->fatalError(
78<<<'ERROR'
79'null' password entry missing. To use password prefixing, add
80 $wgPasswordConfig['null'] = [ 'class' => InvalidPassword::class ];
81to your configuration (and remove once the passwords were deleted).
82ERROR
83 );
84 }
85 }
86
87 $user = $this->getOption( 'user', false );
88 if ( $user !== false ) {
89 $this->user = User::getCanonicalName( $user );
90 if ( $this->user === false ) {
91 $this->fatalError( "Invalid user name\n" );
92 }
93 }
94 }
95
96 public function execute() {
97 $this->initialize();
98
99 foreach ( $this->getUserBatches() as $userBatch ) {
100 $this->processUsers( $userBatch, $this->getUserDB() );
101 }
102
103 $this->output( "done. (wrote $this->total rows)\n" );
104 }
105
111 protected function getUserDB() {
112 return $this->getDB( DB_MASTER );
113 }
114
115 protected function processUsers( array $userBatch, IDatabase $dbw ) {
116 if ( !$userBatch ) {
117 return;
118 }
119 if ( $this->getOption( 'delete' ) ) {
120 $dbw->update( 'user',
121 [ 'user_password' => PasswordFactory::newInvalidPassword()->toString() ],
122 [ 'user_name' => $userBatch ],
123 __METHOD__
124 );
125 } elseif ( $this->getOption( 'prefix' ) ) {
126 $dbw->update( 'user',
127 [ 'user_password = ' . $dbw->buildConcat( [ $dbw->addQuotes( ':null:' ),
128 'user_password' ] ) ],
129 [
130 'NOT (user_password ' . $dbw->buildLike( ':null:', $dbw->anyString() ) . ')',
131 "user_password != " . $dbw->addQuotes( PasswordFactory::newInvalidPassword()->toString() ),
132 'user_password IS NOT NULL',
133 'user_name' => $userBatch,
134 ],
135 __METHOD__
136 );
137 } elseif ( $this->getOption( 'unprefix' ) ) {
138 $dbw->update( 'user',
139 [ 'user_password = ' . $dbw->buildSubString( 'user_password', strlen( ':null:' ) + 1 ) ],
140 [
141 'user_password ' . $dbw->buildLike( ':null:', $dbw->anyString() ),
142 'user_name' => $userBatch,
143 ],
144 __METHOD__
145 );
146 }
147 $this->total += $dbw->affectedRows();
148 MediaWikiServices::getInstance()->getDBLoadBalancerFactory()->waitForReplication();
149 }
150
160 protected function getUserBatches() {
161 if ( !is_null( $this->user ) ) {
162 $this->output( "\t ... querying '$this->user'\n" );
163 yield [ [ $this->user ] ];
164 return;
165 }
166
167 $lastUsername = '';
168 $dbw = $this->getDB( DB_MASTER );
169 do {
170 $this->output( "\t ... querying from '$lastUsername'\n" );
171 $users = $dbw->selectFieldValues(
172 'user',
173 'user_name',
174 [
175 'user_name > ' . $dbw->addQuotes( $lastUsername ),
176 ],
177 __METHOD__,
178 [
179 'LIMIT' => $this->getBatchSize(),
180 'ORDER BY' => 'user_name ASC',
181 ]
182 );
183 if ( $users ) {
184 yield $users;
185 $lastUsername = end( $users );
186 }
187 } while ( count( $users ) === $this->getBatchSize() );
188 }
189}
and
and(b) You must cause any modified files to carry prominent notices stating that You changed the files
use
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
Definition APACHE-LICENSE-2.0.txt:10
$wgPasswordConfig
$wgPasswordConfig
Configuration for built-in password types.
Definition DefaultSettings.php:4730
DeleteLocalPasswords
Delete unused local passwords.
Definition DeleteLocalPasswords.php:44
DeleteLocalPasswords\execute
execute()
Do the actual work.
Definition DeleteLocalPasswords.php:96
DeleteLocalPasswords\__construct
__construct()
Default constructor.
Definition DeleteLocalPasswords.php:51
DeleteLocalPasswords\$user
string null $user
User to run on, or null for all.
Definition DeleteLocalPasswords.php:46
DeleteLocalPasswords\$total
int $total
Number of deleted passwords.
Definition DeleteLocalPasswords.php:49
DeleteLocalPasswords\processUsers
processUsers(array $userBatch, IDatabase $dbw)
Definition DeleteLocalPasswords.php:115
DeleteLocalPasswords\getUserBatches
getUserBatches()
This method iterates through the requested users and returns their names in batches of self::$mBatchS...
Definition DeleteLocalPasswords.php:160
DeleteLocalPasswords\getUserDB
getUserDB()
Get the master DB handle for the current user batch.
Definition DeleteLocalPasswords.php:111
Maintenance
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
Definition maintenance.txt:39
Maintenance\output
output( $out, $channel=null)
Throw some output to the user.
Definition Maintenance.php:434
Maintenance\getDB
getDB( $db, $groups=[], $wiki=false)
Returns a database to be used by current maintenance script.
Definition Maintenance.php:1373
Maintenance\hasOption
hasOption( $name)
Checks to see if a particular option exists.
Definition Maintenance.php:269
Maintenance\getBatchSize
getBatchSize()
Returns batch size.
Definition Maintenance.php:367
Maintenance\addOption
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
Definition Maintenance.php:248
Maintenance\getOption
getOption( $name, $default=null)
Get an option, or return the default.
Definition Maintenance.php:283
Maintenance\setBatchSize
setBatchSize( $s=0)
Set the batch size.
Definition Maintenance.php:375
Maintenance\fatalError
fatalError( $msg, $exitCode=1)
Output a message and terminate the current script.
Definition Maintenance.php:485
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition MediaWikiServices.php:103
User\getCanonicalName
static getCanonicalName( $name, $validate='valid')
Given unvalidated user input, return a canonical username, or false if the username is invalid.
Definition User.php:1244
as
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition distributors.txt:22
user
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such and we might be restricted by PHP settings such as safe mode or open_basedir We cannot assume that the software even has read access anywhere useful Many shared hosts run all users web applications under the same user
Wikitext formatted, in the key only.
Definition distributors.txt:25
add
An extension or a local will often add custom code to the function with or without a global variable For someone wanting email notification when an article is shown may add
Definition hooks.txt:56
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition injection.txt:37
Wikimedia\Rdbms\IDatabase
Basic database interface for live and lazy-loaded relation database handles.
Definition IDatabase.php:38
Wikimedia\Rdbms\IDatabase\buildSubString
buildSubString( $input, $startPosition, $length=null)
Build a SUBSTRING function.
Wikimedia\Rdbms\IDatabase\affectedRows
affectedRows()
Get the number of rows affected by the last write query.
Wikimedia\Rdbms\IDatabase\buildLike
buildLike()
LIKE statement wrapper, receives a variable-length argument list with parts of pattern to match conta...
Wikimedia\Rdbms\IDatabase\buildConcat
buildConcat( $stringList)
Build a concatenation list to feed into a SQL query.
Wikimedia\Rdbms\IDatabase\anyString
anyString()
Returns a token for buildLike() that denotes a '' to be used in a LIKE query.
Wikimedia\Rdbms\IDatabase\addQuotes
addQuotes( $s)
Adds quotes and backslashes.
Wikimedia\Rdbms\IDatabase\update
update( $table, $values, $conds, $fname=__METHOD__, $options=[])
UPDATE wrapper.
Wikimedia\Rdbms\IMaintainableDatabase
Advanced database interface for IDatabase handles that include maintenance methods.
Definition IMaintainableDatabase.php:38
array
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("192.168.0.1:11211", 2))
DB_MASTER
const DB_MASTER
Definition defines.php:26
were
skin txt MediaWiki includes four core it has been set as the default in MediaWiki since the replacing Monobook it had been the default skin since before being replaced by Vector largely rewritten in while keeping its appearance Several legacy skins were removed in the as the burden of supporting them became too heavy to bear Those were
Definition skin.txt:25