MediaWiki  master
ApiValidatePassword.php
Go to the documentation of this file.
1 <?php
2 
8 
13 
15  private $authManager;
16 
18  private $userFactory;
19 
26  public function __construct(
27  ApiMain $mainModule,
28  string $moduleName,
29  AuthManager $authManager,
30  UserFactory $userFactory
31  ) {
32  parent::__construct( $mainModule, $moduleName );
33  $this->authManager = $authManager;
34  $this->userFactory = $userFactory;
35  }
36 
37  public function execute() {
38  $params = $this->extractRequestParams();
39 
40  $this->requirePostedParameters( [ 'password' ] );
41 
42  if ( $params['user'] !== null ) {
43  $user = $this->userFactory->newFromName(
44  $params['user'],
45  UserRigorOptions::RIGOR_CREATABLE
46  );
47  if ( !$user ) {
48  $encParamName = $this->encodeParamName( 'user' );
49  $this->dieWithError(
50  [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $params['user'] ) ],
51  "baduser_{$encParamName}"
52  );
53  }
54 
55  if ( $user->isRegistered() || $this->authManager->userExists( $user->getName() ) ) {
56  $this->dieWithError( 'userexists' );
57  }
58 
59  $user->setEmail( (string)$params['email'] );
60  $user->setRealName( (string)$params['realname'] );
61  } else {
62  $user = $this->getUser();
63  }
64 
65  $r = [];
66  $validity = $user->checkPasswordValidity( $params['password'] );
67  $r['validity'] = $validity->isGood() ? 'Good' : ( $validity->isOK() ? 'Change' : 'Invalid' );
68  $messages = array_merge(
69  $this->getErrorFormatter()->arrayFromStatus( $validity, 'error' ),
70  $this->getErrorFormatter()->arrayFromStatus( $validity, 'warning' )
71  );
72  if ( $messages ) {
73  $r['validitymessages'] = $messages;
74  }
75 
76  $this->getHookRunner()->onApiValidatePassword( $this, $r );
77 
78  $this->getResult()->addValue( null, $this->getModuleName(), $r );
79  }
80 
81  public function mustBePosted() {
82  return true;
83  }
84 
85  public function getAllowedParams() {
86  return [
87  'password' => [
88  ParamValidator::PARAM_TYPE => 'password',
89  ParamValidator::PARAM_REQUIRED => true
90  ],
91  'user' => [
92  ParamValidator::PARAM_TYPE => 'user',
93  UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'id' ],
94  ],
95  'email' => null,
96  'realname' => null,
97  ];
98  }
99 
100  protected function getExamplesMessages() {
101  return [
102  'action=validatepassword&password=foobar'
103  => 'apihelp-validatepassword-example-1',
104  'action=validatepassword&password=querty&user=Example'
105  => 'apihelp-validatepassword-example-2',
106  ];
107  }
108 
109  public function getHelpUrls() {
110  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Validatepassword';
111  }
112 }
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:58
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition: ApiBase.php:1459
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition: ApiBase.php:750
getErrorFormatter()
Definition: ApiBase.php:647
requirePostedParameters( $params, $prefix='prefix')
Die if any of the specified parameters were found in the query part of the URL rather than the post b...
Definition: ApiBase.php:997
getResult()
Get the result object.
Definition: ApiBase.php:636
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:772
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:505
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition: ApiBase.php:718
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:56
getExamplesMessages()
Returns usage examples for this module.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
mustBePosted()
Indicates whether this module must be called with a POST request.
__construct(ApiMain $mainModule, string $moduleName, AuthManager $authManager, UserFactory $userFactory)
getHelpUrls()
Return links to more detailed help pages about the module.
This serves as the entry point to the authentication system.
Creates User objects.
Definition: UserFactory.php:38
Service for formatting and validating API parameters.
Shared interface for rigor levels when dealing with User methods.
return true
Definition: router.php:90