MediaWiki  master
ApiResetPassword.php
Go to the documentation of this file.
1 <?php
24 
30 class ApiResetPassword extends ApiBase {
31 
32  private $hasAnyRoutes = null;
33 
38  private function hasAnyRoutes() {
39  if ( $this->hasAnyRoutes === null ) {
40  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
41  $this->hasAnyRoutes = !empty( $resetRoutes['username'] ) || !empty( $resetRoutes['email'] );
42  }
43  return $this->hasAnyRoutes;
44  }
45 
46  protected function getExtendedDescription() {
47  if ( !$this->hasAnyRoutes() ) {
48  return 'apihelp-resetpassword-extended-description-noroutes';
49  }
50  return parent::getExtendedDescription();
51  }
52 
53  public function execute() {
54  if ( !$this->hasAnyRoutes() ) {
55  $this->dieWithError( 'apihelp-resetpassword-description-noroutes', 'moduledisabled' );
56  }
57 
58  $params = $this->extractRequestParams() + [
59  // Make sure the keys exist even if getAllowedParams didn't define them
60  'user' => null,
61  'email' => null,
62  ];
63 
64  $this->requireOnlyOneParameter( $params, 'user', 'email' );
65 
66  $passwordReset = MediaWikiServices::getInstance()->getPasswordReset();
67 
68  $status = $passwordReset->isAllowed( $this->getUser() );
69  if ( !$status->isOK() ) {
70  $this->dieStatus( Status::wrap( $status ) );
71  }
72 
73  $status = $passwordReset->execute(
74  $this->getUser(), $params['user'], $params['email']
75  );
76  if ( !$status->isOK() ) {
77  $status->value = null;
78  $this->dieStatus( Status::wrap( $status ) );
79  }
80 
81  $result = $this->getResult();
82  $result->addValue( [ 'resetpassword' ], 'status', 'success' );
83  }
84 
85  public function isWriteMode() {
86  return $this->hasAnyRoutes();
87  }
88 
89  public function needsToken() {
90  if ( !$this->hasAnyRoutes() ) {
91  return false;
92  }
93  return 'csrf';
94  }
95 
96  public function getAllowedParams() {
97  if ( !$this->hasAnyRoutes() ) {
98  return [];
99  }
100 
101  $ret = [
102  'user' => [
103  ApiBase::PARAM_TYPE => 'user',
104  ],
105  'email' => [
106  ApiBase::PARAM_TYPE => 'string',
107  ],
108  ];
109 
110  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
111  if ( empty( $resetRoutes['username'] ) ) {
112  unset( $ret['user'] );
113  }
114  if ( empty( $resetRoutes['email'] ) ) {
115  unset( $ret['email'] );
116  }
117 
118  return $ret;
119  }
120 
121  protected function getExamplesMessages() {
122  $ret = [];
123  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
124 
125  if ( !empty( $resetRoutes['username'] ) ) {
126  $ret['action=resetpassword&user=Example&token=123ABC'] = 'apihelp-resetpassword-example-user';
127  }
128  if ( !empty( $resetRoutes['email'] ) ) {
129  $ret['action=resetpassword&user=user@example.com&token=123ABC'] =
130  'apihelp-resetpassword-example-email';
131  }
132 
133  return $ret;
134  }
135 
136  public function getHelpUrls() {
137  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
138  }
139 }
ContextSource\getConfig
getConfig()
Definition: ContextSource.php:63
ApiResetPassword
Reset password, with AuthManager.
Definition: ApiResetPassword.php:30
ApiResetPassword\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiResetPassword.php:96
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition: MediaWikiServices.php:130
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:2015
ApiResetPassword\getExtendedDescription
getExtendedDescription()
Return the extended help text message.
Definition: ApiResetPassword.php:46
ApiBase\PARAM_TYPE
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below.
Definition: ApiBase.php:95
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:644
ContextSource\getUser
getUser()
Definition: ContextSource.php:120
ApiResetPassword\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiResetPassword.php:53
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:43
ApiResetPassword\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiResetPassword.php:121
Status\wrap
static wrap( $sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:58
ApiResetPassword\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiResetPassword.php:136
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:765
ApiResetPassword\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition: ApiResetPassword.php:85
ApiBase\requireOnlyOneParameter
requireOnlyOneParameter( $params,... $required)
Die if none or more than one of a certain set of parameters is set and not false.
Definition: ApiBase.php:898
ApiResetPassword\hasAnyRoutes
hasAnyRoutes()
Determine whether any reset routes are available.
Definition: ApiResetPassword.php:38
ApiResetPassword\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition: ApiResetPassword.php:89
ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:2087
ApiResetPassword\$hasAnyRoutes
$hasAnyRoutes
Definition: ApiResetPassword.php:32