MediaWiki  master
ApiResetPassword.php
Go to the documentation of this file.
1 <?php
25 
31 class ApiResetPassword extends ApiBase {
32 
33  private $hasAnyRoutes = null;
34 
39  private function hasAnyRoutes() {
40  if ( $this->hasAnyRoutes === null ) {
41  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
42  $this->hasAnyRoutes = !empty( $resetRoutes['username'] ) || !empty( $resetRoutes['email'] );
43  }
44  return $this->hasAnyRoutes;
45  }
46 
47  protected function getExtendedDescription() {
48  if ( !$this->hasAnyRoutes() ) {
49  return 'apihelp-resetpassword-extended-description-noroutes';
50  }
51  return parent::getExtendedDescription();
52  }
53 
54  public function execute() {
55  if ( !$this->hasAnyRoutes() ) {
56  $this->dieWithError( 'apihelp-resetpassword-description-noroutes', 'moduledisabled' );
57  }
58 
59  $params = $this->extractRequestParams() + [
60  // Make sure the keys exist even if getAllowedParams didn't define them
61  'user' => null,
62  'email' => null,
63  ];
64 
65  $this->requireOnlyOneParameter( $params, 'user', 'email' );
66 
67  $passwordReset = MediaWikiServices::getInstance()->getPasswordReset();
68 
69  $status = $passwordReset->isAllowed( $this->getUser() );
70  if ( !$status->isOK() ) {
71  $this->dieStatus( Status::wrap( $status ) );
72  }
73 
74  $status = $passwordReset->execute(
75  $this->getUser(), $params['user'], $params['email']
76  );
77  if ( !$status->isOK() ) {
78  $status->value = null;
79  $this->dieStatus( Status::wrap( $status ) );
80  }
81 
82  $result = $this->getResult();
83  $result->addValue( [ 'resetpassword' ], 'status', 'success' );
84  }
85 
86  public function isWriteMode() {
87  return $this->hasAnyRoutes();
88  }
89 
90  public function needsToken() {
91  if ( !$this->hasAnyRoutes() ) {
92  return false;
93  }
94  return 'csrf';
95  }
96 
97  public function getAllowedParams() {
98  if ( !$this->hasAnyRoutes() ) {
99  return [];
100  }
101 
102  $ret = [
103  'user' => [
104  ApiBase::PARAM_TYPE => 'user',
105  UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name' ],
106  ],
107  'email' => [
108  ApiBase::PARAM_TYPE => 'string',
109  ],
110  ];
111 
112  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
113  if ( empty( $resetRoutes['username'] ) ) {
114  unset( $ret['user'] );
115  }
116  if ( empty( $resetRoutes['email'] ) ) {
117  unset( $ret['email'] );
118  }
119 
120  return $ret;
121  }
122 
123  protected function getExamplesMessages() {
124  $ret = [];
125  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
126 
127  if ( !empty( $resetRoutes['username'] ) ) {
128  $ret['action=resetpassword&user=Example&token=123ABC'] = 'apihelp-resetpassword-example-user';
129  }
130  if ( !empty( $resetRoutes['email'] ) ) {
131  $ret['action=resetpassword&user=user@example.com&token=123ABC'] =
132  'apihelp-resetpassword-example-email';
133  }
134 
135  return $ret;
136  }
137 
138  public function getHelpUrls() {
139  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
140  }
141 }
ContextSource\getConfig
getConfig()
Definition: ContextSource.php:67
ApiResetPassword
Reset password, with AuthManager.
Definition: ApiResetPassword.php:31
ApiResetPassword\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiResetPassword.php:97
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition: MediaWikiServices.php:155
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:1382
ApiResetPassword\getExtendedDescription
getExtendedDescription()
Return the extended help text message.
Definition: ApiResetPassword.php:47
ApiBase\PARAM_TYPE
const PARAM_TYPE
(boolean) Inverse of IntegerDef::PARAM_IGNORE_RANGE
Definition: ApiBase.php:71
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:565
ContextSource\getUser
getUser()
Stable to override.
Definition: ContextSource.php:131
ApiResetPassword\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiResetPassword.php:54
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:52
Wikimedia\ParamValidator\ParamValidator::TypeDef\UserDef
Type definition for user types.
Definition: UserDef.php:25
ApiResetPassword\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiResetPassword.php:123
Status\wrap
static wrap( $sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:62
ApiResetPassword\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiResetPassword.php:138
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:717
ApiResetPassword\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition: ApiResetPassword.php:86
ApiBase\requireOnlyOneParameter
requireOnlyOneParameter( $params,... $required)
Die if none or more than one of a certain set of parameters is set and not false.
Definition: ApiBase.php:854
ApiResetPassword\hasAnyRoutes
hasAnyRoutes()
Determine whether any reset routes are available.
Definition: ApiResetPassword.php:39
ApiResetPassword\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition: ApiResetPassword.php:90
ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:1440
ApiResetPassword\$hasAnyRoutes
$hasAnyRoutes
Definition: ApiResetPassword.php:33