41 private $botPassword =
null;
44 private $operation =
null;
47 private $password =
null;
53 private $passwordFactory;
56 private $centralIdLookup;
62 private $grantsLocalization;
78 parent::__construct(
'BotPasswords',
'editmyprivateinfo' );
79 $this->logger = LoggerFactory::getInstance(
'authentication' );
80 $this->passwordFactory = $passwordFactory;
81 $this->centralIdLookup = $centralIdLookup;
83 $this->grantsInfo = $grantsInfo;
84 $this->grantsLocalization = $grantsLocalization;
91 return $this->
getConfig()->get( MainConfigNames::EnableBotPasswords );
107 if (
$par !==
null ) {
111 } elseif ( strlen(
$par ) > BotPassword::APPID_MAXLENGTH ) {
113 'botpasswords',
'botpasswords-bad-appid', [ htmlspecialchars(
$par ) ]
118 parent::execute(
$par );
122 parent::checkExecutePermissions( $user );
124 if ( !$this->
getConfig()->
get( MainConfigNames::EnableBotPasswords ) ) {
125 throw new ErrorPageError(
'botpasswords',
'botpasswords-disabled' );
128 $this->userId = $this->centralIdLookup->centralIdFromLocalUser( $this->
getUser() );
129 if ( !$this->userId ) {
130 throw new ErrorPageError(
'botpasswords',
'botpasswords-no-central-id' );
137 if ( $this->par !==
null ) {
138 $this->botPassword = BotPassword::newFromCentralId( $this->userId, $this->par );
139 if ( !$this->botPassword ) {
140 $this->botPassword = BotPassword::newUnsaved( [
141 'centralId' => $this->userId,
142 'appId' => $this->par,
146 $sep = BotPassword::getSeparator();
149 'label-message' =>
'username',
153 if ( $this->botPassword->isSaved() ) {
154 $fields[
'resetPassword'] = [
156 'label-message' =>
'botpasswords-label-resetpassword',
158 if ( $this->botPassword->isInvalid() ) {
159 $fields[
'resetPassword'][
'default'] =
true;
164 $showGrants = $this->grantsInfo->getValidGrants();
165 $grantLinks = array_map( [ $this->grantsLocalization,
'getGrantsLink' ], $showGrants );
167 $fields[
'grants'] = [
168 'type' =>
'checkmatrix',
169 'label-message' =>
'botpasswords-label-grants',
170 'help-message' =>
'botpasswords-help-grants',
172 $this->
msg(
'botpasswords-label-grants-column' )->escaped() =>
'grant'
174 'rows' => array_combine(
178 'default' => array_map(
179 static function ( $g ) {
182 $this->botPassword->getGrants()
184 'tooltips' => array_combine(
187 static function ( $rights ) use (
$lang ) {
188 return $lang->semicolonList( array_map( [ User::class,
'getRightDescription' ], $rights ) );
190 array_intersect_key( $this->grantsInfo->getRightsByGrant(),
191 array_fill_keys( $showGrants,
true ) )
194 'force-options-on' => array_map(
195 static function ( $g ) {
198 $this->grantsInfo->getHiddenGrants()
202 $fields[
'restrictions'] = [
203 'class' => HTMLRestrictionsField::class,
205 'default' => $this->botPassword->getRestrictions(),
214 [
'bp_app_id',
'bp_password' ],
215 [
'bp_user' => $this->userId ],
218 foreach (
$res as $row ) {
220 $password = $this->passwordFactory->newFromCiphertext( $row->bp_password );
224 $passwordInvalid =
true;
227 $text = $linkRenderer->makeKnownLink(
231 if ( $passwordInvalid ) {
232 $text .= $this->
msg(
'word-separator' )->escaped()
233 . $this->
msg(
'botpasswords-label-needsreset' )->parse();
237 'section' =>
'existing',
245 'section' =>
'createnew',
246 'type' =>
'textwithbutton',
247 'label-message' =>
'botpasswords-label-appid',
248 'buttondefault' => $this->
msg(
'botpasswords-label-create' )->text(),
249 'buttonflags' => [
'progressive',
'primary' ],
251 'size' => BotPassword::APPID_MAXLENGTH,
252 'maxlength' => BotPassword::APPID_MAXLENGTH,
253 'validation-callback' =>
static function ( $v ) {
255 return $v !==
'' && strlen( $v ) <= BotPassword::APPID_MAXLENGTH;
270 $form->
setId(
'mw-botpasswords-form' );
274 if ( $this->par !==
null ) {
275 if ( $this->botPassword->isSaved() ) {
280 'label-message' =>
'botpasswords-label-update',
281 'flags' => [
'primary',
'progressive' ],
286 'label-message' =>
'botpasswords-label-delete',
287 'flags' => [
'destructive' ],
294 'label-message' =>
'botpasswords-label-create',
295 'flags' => [
'primary',
'progressive' ],
302 'label-message' =>
'botpasswords-label-cancel'
308 $op = $this->
getRequest()->getVal(
'op',
'' );
316 $this->operation =
'insert';
317 return $this->save( $data );
320 $this->operation =
'update';
321 return $this->save( $data );
324 $this->operation =
'delete';
325 $bp = BotPassword::newFromCentralId( $this->userId, $this->par );
329 "Bot password {op} for {user}@{app_id}",
331 'app_id' => $this->par,
333 'centralId' => $this->userId,
339 return Status::newGood();
349 private function save( array $data ) {
350 $bp = BotPassword::newUnsaved( [
351 'centralId' => $this->userId,
352 'appId' => $this->par,
353 'restrictions' => $data[
'restrictions'],
354 'grants' => array_merge(
355 $this->grantsInfo->getHiddenGrants(),
358 preg_replace(
'/^grant-/',
'', $data[
'grants'] )
362 if ( $bp ===
null ) {
364 return Status::newFatal(
"botpasswords-{$this->operation}-failed", $this->par );
367 if ( $this->operation ===
'insert' || !empty( $data[
'resetPassword'] ) ) {
369 $password = $this->passwordFactory->newFromPlaintext( $this->password );
374 $res = $bp->save( $this->operation, $password );
379 'Bot password {op} for {user}@{app_id} ' . (
$success ?
'succeeded' :
'failed' ),
381 'op' => $this->operation,
383 'app_id' => $this->par,
384 'centralId' => $this->userId,
385 'restrictions' => $data[
'restrictions'],
386 'grants' => $bp->getGrants(),
398 $username = $this->
getUser()->getName();
399 switch ( $this->operation ) {
401 $out->setPageTitle( $this->
msg(
'botpasswords-created-title' )->text() );
402 $out->addWikiMsg(
'botpasswords-created-body', $this->par, $username );
406 $out->setPageTitle( $this->
msg(
'botpasswords-updated-title' )->text() );
407 $out->addWikiMsg(
'botpasswords-updated-body', $this->par, $username );
411 $out->setPageTitle( $this->
msg(
'botpasswords-deleted-title' )->text() );
412 $out->addWikiMsg(
'botpasswords-deleted-body', $this->par, $username );
413 $this->password =
null;
417 if ( $this->password !==
null ) {
418 $sep = BotPassword::getSeparator();
420 'botpasswords-newpassword',
421 htmlspecialchars( $username . $sep . $this->par ),
422 htmlspecialchars( $this->password ),
423 htmlspecialchars( $username ),
424 htmlspecialchars( $this->par . $sep . $this->password )
426 $this->password =
null;
Utility class for bot passwords.
static generatePassword( $config)
Returns a (raw, unhashed) random password string.
The CentralIdLookup service allows for connecting local users with cluster-wide IDs.
An error page which can definitely be safely rendered using the OutputPage.
Special page which uses an HTMLForm to handle processing.
string null $par
The sub-page of the special page.
Represents an invalid password hash.
A class containing constants representing the names of configuration variables.
Show an error when any operation involving passwords fails to run.
Factory class for creating and checking Password objects.
Let users manage bot passwords.
onSuccess()
Do something exciting on successful processing of the form, most likely to show a confirmation messag...
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
execute( $par)
Main execution point.
__construct(PasswordFactory $passwordFactory, AuthManager $authManager, CentralIdLookup $centralIdLookup, GrantsInfo $grantsInfo, GrantsLocalization $grantsLocalization)
getFormFields()
Get an HTMLForm descriptor array.
onSubmit(array $data)
Process the form on submission.
checkExecutePermissions(User $user)
Called from execute() to check if the given user can perform this action.
getDisplayFormat()
Get display format for the form.
getLoginSecurityLevel()
Tells if the special page does something security-sensitive and needs extra defense against a stolen ...
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
getName()
Get the name of this Special Page.
getOutput()
Get the OutputPage being used for this instance.
getUser()
Shortcut to get the User executing this instance.
requireNamedUser( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin')
If the user is not logged in or is a temporary user, throws UserNotLoggedIn.
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
getConfig()
Shortcut to get main config object.
getRequest()
Get the WebRequest being used for this instance.
setAuthManager(AuthManager $authManager)
Set the injected AuthManager from the special page constructor.
getPageTitle( $subpage=false)
Get a self-referential title object.
getLanguage()
Shortcut to get user's language.
addHelpLink( $to, $overrideBaseUrl=false)
Adds help link with an icon via page indicators.
if(!isset( $args[0])) $lang