MediaWiki master
MediaWiki\Password\UserPasswordPolicy Class Reference

Check if a user's password complies with any password policies that apply to that user, based on the user's group membership. More...

Public Member Functions

 __construct (array $policies, array $checks)
 
 checkUserPassword (UserIdentity $user, $password)
 Check if a password meets the effective password policy for a User.
 
 checkUserPasswordForGroups (UserIdentity $user, $password, array $groups)
 Check if a password meets the effective password policy for a User, using a set of groups they may or may not belong to.
 
 getPoliciesForUser (UserIdentity $user)
 Get the policy for a user, based on their group membership.
 

Static Public Member Functions

static getPoliciesForGroups (array $policies, array $userGroups, array $defaultPolicy)
 Utility function to get the effective policy from a list of policies, based on a list of groups.
 
static maxOfPolicies (array $p1, array $p2)
 Utility function to get a policy that is the most restrictive of $p1 and $p2.
 

Detailed Description

Check if a user's password complies with any password policies that apply to that user, based on the user's group membership.

Since
1.26

Definition at line 38 of file UserPasswordPolicy.php.

Constructor & Destructor Documentation

◆ __construct()

MediaWiki\Password\UserPasswordPolicy::__construct ( array $policies,
array $checks )
Parameters
array[]$policiesList of policies per user group
callable[]$checksmapping statement to its checking function. Checking functions are called with the policy value for this user, the user object, and the password to check.

Definition at line 58 of file UserPasswordPolicy.php.

Member Function Documentation

◆ checkUserPassword()

MediaWiki\Password\UserPasswordPolicy::checkUserPassword ( UserIdentity $user,
$password )

Check if a password meets the effective password policy for a User.

Parameters
UserIdentity$userwhose policy we are checking
string$passwordthe password to check
Returns
Status error to indicate the password didn't meet the policy, or fatal to indicate the user shouldn't be allowed to login. The status value will be an array, potentially with the following keys:
  • forceChange: do not allow the user to login without changing the password if invalid.
  • suggestChangeOnLogin: prompt for a password change on login if the password is invalid.

Definition at line 86 of file UserPasswordPolicy.php.

References MediaWiki\Password\UserPasswordPolicy\getPoliciesForUser().

◆ checkUserPasswordForGroups()

MediaWiki\Password\UserPasswordPolicy::checkUserPasswordForGroups ( UserIdentity $user,
$password,
array $groups )

Check if a password meets the effective password policy for a User, using a set of groups they may or may not belong to.

This function does not use the DB, so can be used in the installer.

Parameters
UserIdentity$userwhose policy we are checking
string$passwordthe password to check
string[]$groupslist of groups to which we assume the user belongs
Returns
Status error to indicate the password didn't meet the policy, or fatal to indicate the user shouldn't be allowed to login. The status value will be an array, potentially with the following keys:
  • forceChange: do not allow the user to login without changing the password if invalid.
  • suggestChangeOnLogin: prompt for a password change on login if the password is invalid.

Definition at line 109 of file UserPasswordPolicy.php.

References MediaWiki\Password\UserPasswordPolicy\getPoliciesForGroups().

◆ getPoliciesForGroups()

static MediaWiki\Password\UserPasswordPolicy::getPoliciesForGroups ( array $policies,
array $userGroups,
array $defaultPolicy )
static

Utility function to get the effective policy from a list of policies, based on a list of groups.

Parameters
array[]$policiesList of policies per user group
string[]$userGroupsthe groups from which we calculate the effective policy
array$defaultPolicythe default policy to start from
Returns
array effective policy

Definition at line 210 of file UserPasswordPolicy.php.

References MediaWiki\Password\UserPasswordPolicy\maxOfPolicies().

Referenced by MediaWiki\Password\UserPasswordPolicy\checkUserPasswordForGroups(), and MediaWiki\Password\UserPasswordPolicy\getPoliciesForUser().

◆ getPoliciesForUser()

MediaWiki\Password\UserPasswordPolicy::getPoliciesForUser ( UserIdentity $user)

Get the policy for a user, based on their group membership.

Public so UI elements can access and inform the user.

Parameters
UserIdentity$user
Returns
array the effective policy for $user

Definition at line 186 of file UserPasswordPolicy.php.

References MediaWiki\MediaWikiServices\getInstance(), and MediaWiki\Password\UserPasswordPolicy\getPoliciesForGroups().

Referenced by MediaWiki\Password\UserPasswordPolicy\checkUserPassword().

◆ maxOfPolicies()

static MediaWiki\Password\UserPasswordPolicy::maxOfPolicies ( array $p1,
array $p2 )
static

Utility function to get a policy that is the most restrictive of $p1 and $p2.

For simplicity, we setup the policy values so the maximum value is always more restrictive. It is also used recursively to merge settings within the same policy.

Parameters
array$p1
array$p2
Returns
array containing the more restrictive values of $p1 and $p2

Definition at line 234 of file UserPasswordPolicy.php.

References MediaWiki\Password\UserPasswordPolicy\maxOfPolicies().

Referenced by MediaWiki\Password\UserPasswordPolicy\getPoliciesForGroups(), and MediaWiki\Password\UserPasswordPolicy\maxOfPolicies().


The documentation for this class was generated from the following file: