MediaWiki  master
ApiResetPassword.php
Go to the documentation of this file.
1 <?php
24 
30 class ApiResetPassword extends ApiBase {
31 
33  private $passwordReset;
34 
40  public function __construct(
41  ApiMain $main,
42  $action,
44  ) {
45  parent::__construct( $main, $action );
46 
47  $this->passwordReset = $passwordReset;
48  }
49 
51  private $hasAnyRoutes = null;
52 
57  private function hasAnyRoutes() {
58  if ( $this->hasAnyRoutes === null ) {
59  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
60  $this->hasAnyRoutes = !empty( $resetRoutes['username'] ) || !empty( $resetRoutes['email'] );
61  }
62  return $this->hasAnyRoutes;
63  }
64 
65  protected function getExtendedDescription() {
66  if ( !$this->hasAnyRoutes() ) {
67  return 'apihelp-resetpassword-extended-description-noroutes';
68  }
69  return parent::getExtendedDescription();
70  }
71 
72  public function execute() {
73  if ( !$this->hasAnyRoutes() ) {
74  $this->dieWithError( 'apihelp-resetpassword-description-noroutes', 'moduledisabled' );
75  }
76 
77  $params = $this->extractRequestParams() + [
78  // Make sure the keys exist even if getAllowedParams didn't define them
79  'user' => null,
80  'email' => null,
81  ];
82 
83  $this->requireOnlyOneParameter( $params, 'user', 'email' );
84 
85  $status = $this->passwordReset->isAllowed( $this->getUser() );
86  if ( !$status->isOK() ) {
87  $this->dieStatus( Status::wrap( $status ) );
88  }
89 
90  $status = $this->passwordReset->execute(
91  $this->getUser(), $params['user'], $params['email']
92  );
93  if ( !$status->isOK() ) {
94  $status->value = null;
95  $this->dieStatus( Status::wrap( $status ) );
96  }
97 
98  $result = $this->getResult();
99  $result->addValue( [ 'resetpassword' ], 'status', 'success' );
100  }
101 
102  public function isWriteMode() {
103  return $this->hasAnyRoutes();
104  }
105 
106  public function needsToken() {
107  if ( !$this->hasAnyRoutes() ) {
108  return false;
109  }
110  return 'csrf';
111  }
112 
113  public function getAllowedParams() {
114  if ( !$this->hasAnyRoutes() ) {
115  return [];
116  }
117 
118  $ret = [
119  'user' => [
120  ApiBase::PARAM_TYPE => 'user',
121  UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name' ],
122  ],
123  'email' => [
124  ApiBase::PARAM_TYPE => 'string',
125  ],
126  ];
127 
128  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
129  if ( empty( $resetRoutes['username'] ) ) {
130  unset( $ret['user'] );
131  }
132  if ( empty( $resetRoutes['email'] ) ) {
133  unset( $ret['email'] );
134  }
135 
136  return $ret;
137  }
138 
139  protected function getExamplesMessages() {
140  $ret = [];
141  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
142 
143  if ( !empty( $resetRoutes['username'] ) ) {
144  $ret['action=resetpassword&user=Example&token=123ABC'] = 'apihelp-resetpassword-example-user';
145  }
146  if ( !empty( $resetRoutes['email'] ) ) {
147  $ret['action=resetpassword&user=user@example.com&token=123ABC'] =
148  'apihelp-resetpassword-example-email';
149  }
150 
151  return $ret;
152  }
153 
154  public function getHelpUrls() {
155  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
156  }
157 }
ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:49
ContextSource\getConfig
getConfig()
Definition: ContextSource.php:72
ApiResetPassword
Reset password, with AuthManager.
Definition: ApiResetPassword.php:30
ApiResetPassword\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiResetPassword.php:113
ApiResetPassword\$passwordReset
PasswordReset $passwordReset
Definition: ApiResetPassword.php:33
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:1379
ApiResetPassword\getExtendedDescription
getExtendedDescription()
Return the extended help text message.
Definition: ApiResetPassword.php:65
ApiBase\PARAM_TYPE
const PARAM_TYPE
Definition: ApiBase.php:72
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:571
ContextSource\getUser
getUser()
Definition: ContextSource.php:136
ApiResetPassword\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiResetPassword.php:72
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:55
Wikimedia\ParamValidator\ParamValidator::TypeDef\UserDef
Type definition for user types.
Definition: UserDef.php:26
ApiResetPassword\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiResetPassword.php:139
Status\wrap
static wrap( $sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:62
ApiResetPassword\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiResetPassword.php:154
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:707
ApiResetPassword\__construct
__construct(ApiMain $main, $action, PasswordReset $passwordReset)
Definition: ApiResetPassword.php:40
ApiResetPassword\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition: ApiResetPassword.php:102
ApiBase\requireOnlyOneParameter
requireOnlyOneParameter( $params,... $required)
Die if none or more than one of a certain set of parameters is set and not false.
Definition: ApiBase.php:844
ApiResetPassword\hasAnyRoutes
hasAnyRoutes()
Determine whether any reset routes are available.
Definition: ApiResetPassword.php:57
ApiResetPassword\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition: ApiResetPassword.php:106
ApiResetPassword\$hasAnyRoutes
bool $hasAnyRoutes
Definition: ApiResetPassword.php:51
ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:1442
PasswordReset
Helper class for the password reset functionality shared by the web UI and the API.
Definition: PasswordReset.php:43