MediaWiki  master
ApiResetPassword.php
Go to the documentation of this file.
1 <?php
24 
30 class ApiResetPassword extends ApiBase {
31 
32  private $hasAnyRoutes = null;
33 
38  private function hasAnyRoutes() {
39  if ( $this->hasAnyRoutes === null ) {
40  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
41  $this->hasAnyRoutes = !empty( $resetRoutes['username'] ) || !empty( $resetRoutes['email'] );
42  }
43  return $this->hasAnyRoutes;
44  }
45 
46  protected function getExtendedDescription() {
47  if ( !$this->hasAnyRoutes() ) {
48  return 'apihelp-resetpassword-extended-description-noroutes';
49  }
50  return parent::getExtendedDescription();
51  }
52 
53  public function execute() {
54  if ( !$this->hasAnyRoutes() ) {
55  $this->dieWithError( 'apihelp-resetpassword-description-noroutes', 'moduledisabled' );
56  }
57 
58  $params = $this->extractRequestParams() + [
59  // Make sure the keys exist even if getAllowedParams didn't define them
60  'user' => null,
61  'email' => null,
62  ];
63 
64  $this->requireOnlyOneParameter( $params, 'user', 'email' );
65 
66  $passwordReset = MediaWikiServices::getInstance()->getPasswordReset();
67 
68  $status = $passwordReset->isAllowed( $this->getUser() );
69  if ( !$status->isOK() ) {
70  $this->dieStatus( Status::wrap( $status ) );
71  }
72 
73  $status = $passwordReset->execute(
74  $this->getUser(), $params['user'], $params['email']
75  );
76  if ( !$status->isOK() ) {
77  $status->value = null;
78  $this->dieStatus( Status::wrap( $status ) );
79  }
80 
81  $result = $this->getResult();
82  $result->addValue( [ 'resetpassword' ], 'status', 'success' );
83  }
84 
85  public function isWriteMode() {
86  return $this->hasAnyRoutes();
87  }
88 
89  public function needsToken() {
90  if ( !$this->hasAnyRoutes() ) {
91  return false;
92  }
93  return 'csrf';
94  }
95 
96  public function getAllowedParams() {
97  if ( !$this->hasAnyRoutes() ) {
98  return [];
99  }
100 
101  $ret = [
102  'user' => [
103  ApiBase::PARAM_TYPE => 'user',
104  ],
105  'email' => [
106  ApiBase::PARAM_TYPE => 'string',
107  ],
108  ];
109 
110  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
111  if ( empty( $resetRoutes['username'] ) ) {
112  unset( $ret['user'] );
113  }
114  if ( empty( $resetRoutes['email'] ) ) {
115  unset( $ret['email'] );
116  }
117 
118  return $ret;
119  }
120 
121  protected function getExamplesMessages() {
122  $ret = [];
123  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
124 
125  if ( !empty( $resetRoutes['username'] ) ) {
126  $ret['action=resetpassword&user=Example&token=123ABC'] = 'apihelp-resetpassword-example-user';
127  }
128  if ( !empty( $resetRoutes['email'] ) ) {
129  $ret['action=resetpassword&user=user@example.com&token=123ABC'] =
130  'apihelp-resetpassword-example-email';
131  }
132 
133  return $ret;
134  }
135 
136  public function getHelpUrls() {
137  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
138  }
139 }
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below...
Definition: ApiBase.php:94
getResult()
Get the result object.
Definition: ApiBase.php:640
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:2078
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:2006
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user...
Definition: ApiBase.php:761
requireOnlyOneParameter( $params,... $required)
Die if none or more than one of a certain set of parameters is set and not false. ...
Definition: ApiBase.php:893
hasAnyRoutes()
Determine whether any reset routes are available.
static wrap( $sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:58
This abstract class implements many basic API functions, and is the base of all API classes...
Definition: ApiBase.php:42
Reset password, with AuthManager.