Helper class for the password reset functionality shared by the web UI and the API. More...

Inheritance diagram for PasswordReset:

Collaboration diagram for PasswordReset:

[legend]

Public Member Functions
	__construct ( $config, AuthManager $authManager, PermissionManager $permissionManager, ILoadBalancer $loadBalancer=null, LoggerInterface $logger=null)
	This class is managed by MediaWikiServices, don't instantiate directly.

	execute (User $performingUser, $username=null, $email=null)
	Do a password reset.

	isAllowed (User $user)
	Check if a given user has permission to use this functionality.

Public Attributes
const	CONSTRUCTOR_OPTIONS

Protected Member Functions
	getUsersByEmail ( $email)

	isBlocked (User $user)
	Check whether the user is blocked.

	lookupUser ( $username)
	User object creation helper for testability.

Protected Attributes
AuthManager	$authManager

ServiceOptions Config	$config

ILoadBalancer	$loadBalancer

PermissionManager	$permissionManager

Private Attributes
MapCacheLRU	$permissionCache
	In-process cache for isAllowed lookups, by username.

Detailed Description

Helper class for the password reset functionality shared by the web UI and the API.

Requires the TemporaryPasswordPrimaryAuthenticationProvider and the EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent functionality) to be enabled.

Definition at line 41 of file PasswordReset.php.

Constructor & Destructor Documentation

◆ __construct()

PasswordReset::__construct	(		$config,
		AuthManager	$authManager,
		PermissionManager	$permissionManager,
		ILoadBalancer	$loadBalancer = `null`,
		LoggerInterface	$logger = `null`
	)

This class is managed by MediaWikiServices, don't instantiate directly.

Parameters

ServiceOptions \| Config	$config
AuthManager	$authManager
PermissionManager	$permissionManager
ILoadBalancer \| null	$loadBalancer
LoggerInterface \| null	$logger

Definition at line 78 of file PasswordReset.php.

References wfDeprecated().

Member Function Documentation

◆ execute()

PasswordReset::execute	(	User	$performingUser,
			$username = `null`,
			$email = `null`
	)

Do a password reset.

Authorization is the caller's responsibility.

Process the form. At this point we know that the user passes all the criteria in userCanExecute(), and if the data array contains 'Username', etc, then Username resets are allowed.

Since: 1.29 Fourth argument for displayPassword removed.

Parameters

User	$performingUser	The user that does the password reset
string \| null	$username	The user whose password is reset
string \| null	$email	Alternative way to specify the user

Returns: StatusValue

Exceptions

LogicException	When the user is not allowed to perform the action
MWException	On unexpected DB errors

Definition at line 161 of file PasswordReset.php.

References User\getCanonicalName(), User\getId(), User\getName(), User\getRequest(), getUsersByEmail(), isAllowed(), lookupUser(), Message\newFromSpecifier(), and User\pingLimiter().

◆ getUsersByEmail()

PasswordReset::getUsersByEmail ( $email )

protected

Parameters

string $email

Returns: User[]

Exceptions

MWException On unexpected database errors

Definition at line 348 of file PasswordReset.php.

References $res, DB_REPLICA, User\getQueryInfo(), and User\newFromRow().

Referenced by execute().

◆ isAllowed()

PasswordReset::isAllowed ( User $user )

Check if a given user has permission to use this functionality.

Parameters

User $user

Since: 1.29 Second argument for displayPassword removed.

Returns: StatusValue

Definition at line 110 of file PasswordReset.php.

References User\getName(), and isBlocked().

Referenced by execute().

◆ isBlocked()

PasswordReset::isBlocked ( User $user )

protected

Check whether the user is blocked.

Ignores certain types of system blocks that are only meant to force users to log in.

Parameters

User $user

Returns: bool

Since: 1.30

Definition at line 335 of file PasswordReset.php.

References User\getBlock(), and User\getGlobalBlock().

Referenced by isAllowed().

◆ lookupUser()

PasswordReset::lookupUser ( $username )

protected

User object creation helper for testability.

Parameters

string $username

Returns: User|false

Definition at line 378 of file PasswordReset.php.

References User\newFromName().

Referenced by execute().

Member Data Documentation

◆ $authManager

AuthManager PasswordReset::$authManager

protected

Definition at line 48 of file PasswordReset.php.

◆ $config

ServiceOptions Config PasswordReset::$config

protected

Definition at line 45 of file PasswordReset.php.

◆ $loadBalancer

ILoadBalancer PasswordReset::$loadBalancer

protected

Definition at line 54 of file PasswordReset.php.

◆ $permissionCache

MapCacheLRU PasswordReset::$permissionCache

private

In-process cache for isAllowed lookups, by username.

Contains a StatusValue object

Definition at line 61 of file PasswordReset.php.

◆ $permissionManager

PermissionManager PasswordReset::$permissionManager

protected

Definition at line 51 of file PasswordReset.php.

◆ CONSTRUCTOR_OPTIONS

const PasswordReset::CONSTRUCTOR_OPTIONS

Initial value:

= [
        'AllowRequiringEmailForResets',
        'EnableEmail',
        'PasswordResetRoutes',
    ]

Definition at line 63 of file PasswordReset.php.

The documentation for this class was generated from the following file:

includes/user/PasswordReset.php

Public Member Functions

Public Attributes

Protected Member Functions

Protected Attributes

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ execute()

◆ getUsersByEmail()

◆ isAllowed()

◆ isBlocked()

◆ lookupUser()

Member Data Documentation

◆ $authManager

◆ $config

◆ $loadBalancer

◆ $permissionCache

◆ $permissionManager

◆ CONSTRUCTOR_OPTIONS