MediaWiki REL1_41
DeleteLocalPasswords.php
Go to the documentation of this file.
1<?php
24use Wikimedia\Rdbms\IDatabase;
25use Wikimedia\Rdbms\IMaintainableDatabase;
26
27require_once __DIR__ . '/../Maintenance.php';
28
43class DeleteLocalPasswords extends Maintenance {
45 protected $user;
46
48 protected $total;
49
50 public function __construct() {
51 parent::__construct();
52 $this->addDescription( "Deletes local password for users." );
53 $this->setBatchSize( 1000 );
54
55 $this->addOption( 'user', 'If specified, only checks the given user', false, true );
56 $this->addOption( 'delete', 'Really delete. To prevent accidents, you must provide this flag.' );
57 $this->addOption( 'prefix', "Instead of deleting, make passwords invalid by prefixing with "
58 . "':null:'. Make sure PasswordConfig has a 'null' entry. This is meant for testing before "
59 . "hard delete." );
60 $this->addOption( 'unprefix', 'Instead of deleting, undo the effect of --prefix.' );
61 }
62
63 protected function initialize() {
64 if (
65 (int)$this->hasOption( 'delete' ) + (int)$this->hasOption( 'prefix' )
66 + (int)$this->hasOption( 'unprefix' ) !== 1
67 ) {
68 $this->fatalError( "Exactly one of the 'delete', 'prefix', 'unprefix' options must be used\n" );
69 }
70 if ( $this->hasOption( 'prefix' ) || $this->hasOption( 'unprefix' ) ) {
71 $passwordHashTypes = $this->getServiceContainer()->getPasswordFactory()->getTypes();
72 if (
73 !isset( $passwordHashTypes['null'] )
74 || $passwordHashTypes['null']['class'] !== InvalidPassword::class
75 ) {
76 $this->fatalError(
77<<<'ERROR'
78'null' password entry missing. To use password prefixing, add
79 $wgPasswordConfig['null'] = [ 'class' => InvalidPassword::class ];
80to your configuration (and remove once the passwords were deleted).
81ERROR
82 );
83 }
84 }
85
86 $user = $this->getOption( 'user', false );
87 if ( $user !== false ) {
88 $userNameUtils = $this->getServiceContainer()->getUserNameUtils();
89 $this->user = $userNameUtils->getCanonical( $user );
90 if ( $this->user === false ) {
91 $this->fatalError( "Invalid user name\n" );
92 }
93 }
94 }
95
96 public function execute() {
97 $this->initialize();
98
99 foreach ( $this->getUserBatches() as $userBatch ) {
100 $this->processUsers( $userBatch, $this->getUserDB() );
101 }
102
103 $this->output( "done. (wrote $this->total rows)\n" );
104 }
105
111 protected function getUserDB() {
112 return $this->getDB( DB_PRIMARY );
113 }
114
115 protected function processUsers( array $userBatch, IDatabase $dbw ) {
116 if ( !$userBatch ) {
117 return;
118 }
119 if ( $this->getOption( 'delete' ) ) {
120 $dbw->update( 'user',
121 [ 'user_password' => PasswordFactory::newInvalidPassword()->toString() ],
122 [ 'user_name' => $userBatch ],
123 __METHOD__
124 );
125 } elseif ( $this->getOption( 'prefix' ) ) {
126 $dbw->update( 'user',
127 [ 'user_password = ' . $dbw->buildConcat( [ $dbw->addQuotes( ':null:' ),
128 'user_password' ] ) ],
129 [
130 'NOT (user_password ' . $dbw->buildLike( ':null:', $dbw->anyString() ) . ')',
131 "user_password != " . $dbw->addQuotes( PasswordFactory::newInvalidPassword()->toString() ),
132 'user_password IS NOT NULL',
133 'user_name' => $userBatch,
134 ],
135 __METHOD__
136 );
137 } elseif ( $this->getOption( 'unprefix' ) ) {
138 $dbw->update( 'user',
139 [ 'user_password = ' . $dbw->buildSubString( 'user_password', strlen( ':null:' ) + 1 ) ],
140 [
141 'user_password ' . $dbw->buildLike( ':null:', $dbw->anyString() ),
142 'user_name' => $userBatch,
143 ],
144 __METHOD__
145 );
146 }
147 $this->total += $dbw->affectedRows();
148 $this->waitForReplication();
149 }
150
160 protected function getUserBatches() {
161 if ( $this->user !== null ) {
162 $this->output( "\t ... querying '$this->user'\n" );
163 yield [ [ $this->user ] ];
164 return;
165 }
166
167 $lastUsername = '';
168 $dbw = $this->getDB( DB_PRIMARY );
169 do {
170 $this->output( "\t ... querying from '$lastUsername'\n" );
171 $users = $dbw->newSelectQueryBuilder()
172 ->select( 'user_name' )
173 ->from( 'user' )
174 ->where( [ 'user_name > ' . $dbw->addQuotes( $lastUsername ) ] )
175 ->orderBy( 'user_name ASC' )
176 ->limit( $this->getBatchSize() )
177 ->caller( __METHOD__ )->fetchFieldValues();
178 if ( $users ) {
179 yield $users;
180 $lastUsername = end( $users );
181 }
182 } while ( count( $users ) === $this->getBatchSize() );
183 }
184}
getDB
getDB()
DeleteLocalPasswords
Delete unused local passwords.
Definition DeleteLocalPasswords.php:43
DeleteLocalPasswords\execute
execute()
Do the actual work.
Definition DeleteLocalPasswords.php:96
DeleteLocalPasswords\__construct
__construct()
Default constructor.
Definition DeleteLocalPasswords.php:50
DeleteLocalPasswords\$user
string null $user
User to run on, or null for all.
Definition DeleteLocalPasswords.php:45
DeleteLocalPasswords\$total
int $total
Number of deleted passwords.
Definition DeleteLocalPasswords.php:48
DeleteLocalPasswords\processUsers
processUsers(array $userBatch, IDatabase $dbw)
Definition DeleteLocalPasswords.php:115
DeleteLocalPasswords\getUserBatches
getUserBatches()
This method iterates through the requested users and returns their names in batches of self::$mBatchS...
Definition DeleteLocalPasswords.php:160
DeleteLocalPasswords\getUserDB
getUserDB()
Get the primary DB handle for the current user batch.
Definition DeleteLocalPasswords.php:111
Maintenance
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
Definition Maintenance.php:66
Maintenance\output
output( $out, $channel=null)
Throw some output to the user.
Definition Maintenance.php:463
Maintenance\waitForReplication
waitForReplication()
Wait for replica DBs to catch up.
Definition Maintenance.php:1113
Maintenance\hasOption
hasOption( $name)
Checks to see if a particular option was set.
Definition Maintenance.php:274
Maintenance\getServiceContainer
getServiceContainer()
Returns the main service container.
Definition Maintenance.php:637
Maintenance\getBatchSize
getBatchSize()
Returns batch size.
Definition Maintenance.php:396
Maintenance\addDescription
addDescription( $text)
Set the description text.
Definition Maintenance.php:325
Maintenance\addOption
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
Definition Maintenance.php:255
Maintenance\getOption
getOption( $name, $default=null)
Get an option, or return the default.
Definition Maintenance.php:289
Maintenance\setBatchSize
setBatchSize( $s=0)
Definition Maintenance.php:403
Maintenance\fatalError
fatalError( $msg, $exitCode=1)
Output a message and terminate the current script.
Definition Maintenance.php:517
$wgPasswordConfig
$wgPasswordConfig
Config variable stub for the PasswordConfig setting, for use by phpdoc and IDEs.
Definition config-vars.php:2606
Wikimedia\Rdbms\Database\DbQuoter\addQuotes
addQuotes( $s)
Escape and quote a raw value string for use in a SQL query.
Wikimedia\Rdbms\IDatabase
Basic database interface for live and lazy-loaded relation database handles.
Definition IDatabase.php:36
Wikimedia\Rdbms\IDatabase\affectedRows
affectedRows()
Get the number of rows affected by the last query method call.
Wikimedia\Rdbms\IDatabase\update
update( $table, $set, $conds, $fname=__METHOD__, $options=[])
Update all rows in a table that match a given condition.
Wikimedia\Rdbms\IMaintainableDatabase
Advanced database interface for IDatabase handles that include maintenance methods.
Definition IMaintainableDatabase.php:34
Wikimedia\Rdbms\Platform\ISQLPlatform\buildSubString
buildSubString( $input, $startPosition, $length=null)
Build a SUBSTRING function.
Wikimedia\Rdbms\Platform\ISQLPlatform\buildLike
buildLike( $param,... $params)
LIKE statement wrapper.
Wikimedia\Rdbms\Platform\ISQLPlatform\anyString
anyString()
Returns a token for buildLike() that denotes a '' to be used in a LIKE query.
Wikimedia\Rdbms\Platform\ISQLPlatform\buildConcat
buildConcat( $stringList)
Build a concatenation list to feed into a SQL query.
DB_PRIMARY
const DB_PRIMARY
Definition defines.php:28