MediaWiki master
|
Change user credentials, such as the password. More...
Inherits MediaWiki\SpecialPage\AuthManagerSpecialPage.
Inherited by MediaWiki\Specials\SpecialRemoveCredentials.
Public Member Functions | |||||||||||||
__construct (AuthManager $authManager) | |||||||||||||
doesWrites () | |||||||||||||
Indicates whether POST requests to this special page require write access to the wiki. | |||||||||||||
execute ( $subPage) | |||||||||||||
Default execute method Checks user permissions. | |||||||||||||
handleFormSubmit ( $data) | |||||||||||||
Submit handler callback for HTMLForm. | |||||||||||||
isListed () | |||||||||||||
Whether this special page is listed in Special:SpecialPages. | |||||||||||||
onAuthChangeFormFields (array $requests, array $fieldInfo, array &$formDescriptor, $action) | |||||||||||||
Change the form descriptor that determines how a field will look in the authentication form.Called from fieldInfoToFormDescriptor().
| |||||||||||||
Public Member Functions inherited from MediaWiki\SpecialPage\AuthManagerSpecialPage | |||||||||||||
getRequest () | |||||||||||||
Get the WebRequest being used for this instance. | |||||||||||||
Public Member Functions inherited from MediaWiki\SpecialPage\SpecialPage | |||||||||||||
__construct ( $name='', $restriction='', $listed=true, $function=false, $file='', $includable=false) | |||||||||||||
Default constructor for special pages Derivative classes should call this from their constructor Note that if the user does not have the required level, an error message will be displayed by the default execute() method, without the global function ever being called. | |||||||||||||
addHelpLink ( $to, $overrideBaseUrl=false) | |||||||||||||
Adds help link with an icon via page indicators. | |||||||||||||
checkPermissions () | |||||||||||||
Checks if userCanExecute, and if not throws a PermissionsError. | |||||||||||||
checkReadOnly () | |||||||||||||
If the wiki is currently in readonly mode, throws a ReadOnlyError. | |||||||||||||
getAssociatedNavigationLinks () | |||||||||||||
Return an array of strings representing page titles that are discoverable to end users via UI. | |||||||||||||
getAuthority () | |||||||||||||
Shortcut to get the Authority executing this instance. | |||||||||||||
getConfig () | |||||||||||||
Shortcut to get main config object. | |||||||||||||
getContentLanguage () | |||||||||||||
Shortcut to get content language. | |||||||||||||
getContext () | |||||||||||||
Gets the context this SpecialPage is executed in. | |||||||||||||
getDescription () | |||||||||||||
Returns the name that goes in the \<h1\> in the special page itself, and also the name that will be listed in Special:Specialpages. | |||||||||||||
getFinalGroupName () | |||||||||||||
Get the group that the special page belongs in on Special:SpecialPage Use this method, instead of getGroupName to allow customization of the group name from the wiki side. | |||||||||||||
getFullTitle () | |||||||||||||
Return the full title, including $par. | |||||||||||||
getLanguage () | |||||||||||||
Shortcut to get user's language. | |||||||||||||
getLinkRenderer () | |||||||||||||
getLocalName () | |||||||||||||
Get the localised name of the special page. | |||||||||||||
getName () | |||||||||||||
Get the canonical, unlocalized name of this special page without namespace. | |||||||||||||
getOutput () | |||||||||||||
Get the OutputPage being used for this instance. | |||||||||||||
getPageTitle ( $subpage=false) | |||||||||||||
Get a self-referential title object. | |||||||||||||
getRestriction () | |||||||||||||
Get the permission that a user must have to execute this page. | |||||||||||||
getShortDescription (string $path='') | |||||||||||||
Similar to getDescription, but takes into account subpages and designed for display in tabs. | |||||||||||||
getSkin () | |||||||||||||
Shortcut to get the skin being used for this instance. | |||||||||||||
getUser () | |||||||||||||
Shortcut to get the User executing this instance. | |||||||||||||
including ( $x=null) | |||||||||||||
Whether the special page is being evaluated via transclusion. | |||||||||||||
isCached () | |||||||||||||
Is this page cached? Expensive pages are cached or disabled in miser mode. | |||||||||||||
isExpensive () | |||||||||||||
Is this page expensive (for some definition of expensive)? Expensive pages are disabled or cached in miser mode. | |||||||||||||
isIncludable () | |||||||||||||
Whether it's allowed to transclude the special page via {{Special:Foo/params}}. | |||||||||||||
isRestricted () | |||||||||||||
Can be overridden by subclasses with more complicated permissions schemes. | |||||||||||||
maxIncludeCacheTime () | |||||||||||||
How long to cache page when it is being included. | |||||||||||||
msg ( $key,... $params) | |||||||||||||
Wrapper around wfMessage that sets the current context. | |||||||||||||
prefixSearchSubpages ( $search, $limit, $offset) | |||||||||||||
Return an array of subpages beginning with $search that this special page will accept. | |||||||||||||
requireLogin ( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin') | |||||||||||||
If the user is not logged in, throws UserNotLoggedIn error. | |||||||||||||
requireNamedUser ( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin', bool $alwaysRedirectToLoginPage=false) | |||||||||||||
If the user is not logged in or is a temporary user, throws UserNotLoggedIn. | |||||||||||||
run ( $subPage) | |||||||||||||
Entry point. | |||||||||||||
setContentLanguage (Language $contentLanguage) | |||||||||||||
Set content language. | |||||||||||||
setContext ( $context) | |||||||||||||
Sets the context this SpecialPage is executed in. | |||||||||||||
setHookContainer (HookContainer $hookContainer) | |||||||||||||
setLinkRenderer (LinkRenderer $linkRenderer) | |||||||||||||
setSpecialPageFactory (SpecialPageFactory $specialPageFactory) | |||||||||||||
userCanExecute (User $user) | |||||||||||||
Checks if the given user (identified by an object) can execute this special page (as defined by $mRestriction). | |||||||||||||
Protected Member Functions | |
getAuthForm (array $requests, $action) | |
getAuthFormDescriptor ( $requests, $action) | |
Generates a HTMLForm descriptor array from a set of authentication requests. | |
getDefaultAction ( $subPage) | |
Get the default action for this special page if none is given via URL/POST data. | |
getGroupName () | |
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-group-*' for valid names This method defaults to group 'other'. | |
getRequestBlacklist () | |
Allows blacklisting certain request types. | |
getReturnUrl () | |
loadAuth ( $subPage, $authAction=null, $reset=false) | |
Load or initialize $authAction, $authRequests and $subPage. | |
needsSubmitButton (array $requests) | |
Returns true if the form built from the given AuthenticationRequests needs a submit button. | |
showSubpageList ( $error=null) | |
success () | |
Protected Member Functions inherited from MediaWiki\SpecialPage\AuthManagerSpecialPage | |
addTabIndex (&$formDescriptor) | |
Adds a sequential tabindex starting from 1 to all form elements. | |
beforeExecute ( $subPage) | |
displayForm ( $status) | |
Display the form. | |
fieldInfoToFormDescriptor (array $requests, array $fieldInfo, $action) | |
Turns a field info array into a form descriptor. | |
getContinueAction ( $action) | |
Gets the _CONTINUE version of an action. | |
getLoginSecurityLevel () | |
getPreservedParams ( $options=[]) | |
Returns URL query parameters which should be preserved between authentication requests. | |
getToken () | |
Returns the CSRF token. | |
getTokenName () | |
Returns the name of the CSRF token (under which it should be found in the POST or GET data). | |
handleReauthBeforeExecute ( $subPage) | |
Handle redirection when the user needs to (re)authenticate. | |
handleReturnBeforeExecute ( $subPage) | |
Handle redirection from the /return subpage. | |
hasOwnSubmitButton (AuthenticationRequest $req) | |
Checks whether the given AuthenticationRequest has its own submit button. | |
isActionAllowed ( $action) | |
Checks whether AuthManager is ready to perform the action. | |
isContinued () | |
Returns true if this is not the first step of the authentication. | |
messageKey ( $defaultKey) | |
Return custom message key. | |
performAuthenticationStep ( $action, array $requests) | |
setRequest (array $data, $wasPosted=null) | |
Override the POST data, GET data from the real request is preserved. | |
trySubmit () | |
Attempts to do an authentication step with the submitted data. | |
Protected Member Functions inherited from MediaWiki\SpecialPage\SpecialPage | |
addFeedLinks ( $params) | |
Adds RSS/atom links. | |
afterExecute ( $subPage) | |
Gets called after. | |
authorizeAction (?string $action=null) | |
Utility function for authorizing an action to be performed by the special page. | |
buildPrevNextNavigation ( $offset, $limit, array $query=[], $atend=false, $subpage=false) | |
Generate (prev x| next x) (20|50|100...) type links for paging. | |
checkLoginSecurityLevel ( $level=null) | |
Verifies that the user meets the security level, possibly reauthenticating them in the process. | |
displayRestrictionError () | |
Output an error message telling the user what access level they have to have. | |
getAuthManager () | |
getCacheTTL () | |
getHookContainer () | |
getHookRunner () | |
getRobotPolicy () | |
Return the robot policy. | |
getSpecialPageFactory () | |
getSubpagesForPrefixSearch () | |
Return an array of subpages that this special page will accept for prefix searches. | |
outputHeader ( $summaryMessageKey='') | |
Outputs a summary message on top of special pages By default the message key is the canonical name of the special page May be overridden, i.e. | |
prefixSearchString ( $search, $limit, $offset, SearchEngineFactory $searchEngineFactory=null) | |
Perform a regular substring search for prefixSearchSubpages. | |
setAuthManager (AuthManager $authManager) | |
Set the injected AuthManager from the special page constructor. | |
setHeaders () | |
Sets headers - this should be called from the execute() method of all derived classes! | |
setReauthPostData (array $data) | |
Record preserved POST data after a reauthentication. | |
useTransactionalTimeLimit () | |
Call wfTransactionalTimeLimit() if this request was POSTed. | |
Static Protected Attributes | |
static | $allowedActions = [ AuthManager::ACTION_CHANGE ] |
static bool | $loadUserData = true |
Change action needs user data; remove action does not. | |
static string | $messagePrefix = 'changecredentials' |
Static Protected Attributes inherited from MediaWiki\SpecialPage\AuthManagerSpecialPage | |
static string[] | $allowedActions |
The list of actions this special page deals with. | |
static array | $messages = [] |
Customized messages. | |
Additional Inherited Members | |
Static Public Member Functions inherited from MediaWiki\SpecialPage\SpecialPage | |
static | getSafeTitleFor ( $name, $subpage=false) |
Get a localised Title object for a page name with a possibly unvalidated subpage. | |
static | getTitleFor ( $name, $subpage=false, $fragment='') |
Get a localised Title object for a specified special page name If you don't need a full Title object, consider using TitleValue through getTitleValueFor() below. | |
static | getTitleValueFor ( $name, $subpage=false, $fragment='') |
Get a localised TitleValue object for a specified special page name. | |
static | newSearchPage (User $user) |
Get the users preferred search page. | |
Static Protected Member Functions inherited from MediaWiki\SpecialPage\AuthManagerSpecialPage | |
static | getField (array $array, $fieldName, $default=null) |
Get an array value, or a default if it does not exist. | |
static | mapFieldInfoTypeToFormDescriptorType ( $type) |
Maps AuthenticationRequest::getFieldInfo() types to HTMLForm types. | |
static | mapSingleFieldInfo ( $singleFieldInfo, $fieldName) |
Maps an authentication field configuration for a single field (as returned by AuthenticationRequest::getFieldInfo()) to a HTMLForm field descriptor. | |
static | mergeDefaultFormDescriptor (array $fieldInfo, array $formDescriptor, array $defaultFormDescriptor) |
Apply defaults to a form descriptor, without creating non-existent fields. | |
static | sortFormDescriptorFields (array &$formDescriptor) |
Sort the fields of a form descriptor by their 'weight' property. | |
Static Protected Member Functions inherited from MediaWiki\SpecialPage\SpecialPage | |
static | prefixSearchArray ( $search, $limit, array $subpages, $offset) |
Helper function for implementations of prefixSearchSubpages() that filter the values in memory (as opposed to making a query). | |
Protected Attributes inherited from MediaWiki\SpecialPage\AuthManagerSpecialPage | |
string | $authAction |
one of the AuthManager::ACTION_* constants. | |
AuthenticationRequest[] | $authRequests |
bool | $isReturn |
True if the current request is a result of returning from a redirect flow. | |
WebRequest null | $savedRequest |
If set, will be used instead of the real request. | |
string | $subPage |
Subpage of the special page. | |
Protected Attributes inherited from MediaWiki\SpecialPage\SpecialPage | |
IContextSource | $mContext |
Current request context. | |
bool | $mIncludable |
Whether the special page can be included in an article. | |
bool | $mIncluding |
Whether or not this special page is being included from an article. | |
string | $mName |
The canonical name of this special page Also used as the message key for the default. | |
string | $mRestriction |
Minimum user level required to access this page, or "" for anyone. | |
Change user credentials, such as the password.
This is also powers most of the SpecialRemoveCredentials subclass.
Definition at line 27 of file SpecialChangeCredentials.php.
MediaWiki\Specials\SpecialChangeCredentials::__construct | ( | AuthManager | $authManager | ) |
AuthManager | $authManager |
Reimplemented in MediaWiki\Specials\SpecialRemoveCredentials.
Definition at line 40 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\SpecialPage\setAuthManager().
MediaWiki\Specials\SpecialChangeCredentials::doesWrites | ( | ) |
Indicates whether POST requests to this special page require write access to the wiki.
Subclasses must override this method to return true if any of the operations that they perform on POST requests are not "safe" per RFC 7231 section 4.2.1. A subclass's operation is "safe" if it is essentially read-only, i.e. the client does not request nor expect any state change that would be observable in the responses to future requests.
Implementations of this method must always return the same value, regardless of the parameters passed to the constructor or system state.
When handling GET/HEAD requests, subclasses should only perform "safe" operations. Note that some subclasses might only perform "safe" operations even for POST requests, particularly in the case where large input parameters are required.
Reimplemented from MediaWiki\SpecialPage\SpecialPage.
Definition at line 54 of file SpecialChangeCredentials.php.
MediaWiki\Specials\SpecialChangeCredentials::execute | ( | $subPage | ) |
Default execute method Checks user permissions.
This must be overridden by subclasses; it will be made abstract in a future version
string | null | $subPage |
Reimplemented from MediaWiki\SpecialPage\SpecialPage.
Definition at line 62 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\$subPage, MediaWiki\SpecialPage\AuthManagerSpecialPage\displayForm(), MediaWiki\SpecialPage\SpecialPage\getOutput(), MediaWiki\SpecialPage\SpecialPage\getPageTitle(), MediaWiki\Specials\SpecialChangeCredentials\loadAuth(), MediaWiki\SpecialPage\SpecialPage\msg(), MediaWiki\SpecialPage\SpecialPage\outputHeader(), MediaWiki\SpecialPage\SpecialPage\setHeaders(), MediaWiki\Specials\SpecialChangeCredentials\showSubpageList(), MediaWiki\Specials\SpecialChangeCredentials\success(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\trySubmit().
|
protected |
AuthenticationRequest[] | $requests | |
string | $action | AuthManager action name (one of the AuthManager::ACTION_* constants) |
Reimplemented from MediaWiki\SpecialPage\AuthManagerSpecialPage.
Definition at line 181 of file SpecialChangeCredentials.php.
References MediaWiki\Html\element(), MediaWiki\Specials\SpecialChangeCredentials\getReturnUrl(), and MediaWiki\SpecialPage\SpecialPage\msg().
|
protected |
Generates a HTMLForm descriptor array from a set of authentication requests.
AuthenticationRequest[] | $requests | |
string | $action | AuthManager action name (one of the AuthManager::ACTION_* constants) |
Reimplemented from MediaWiki\SpecialPage\AuthManagerSpecialPage.
Definition at line 154 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\SpecialPage\getOutput().
|
protected |
Get the default action for this special page if none is given via URL/POST data.
Subclasses should override this (or override loadAuth() so this is never called).
string | $subPage | Subpage of the special page. |
Reimplemented from MediaWiki\SpecialPage\AuthManagerSpecialPage.
Reimplemented in MediaWiki\Specials\SpecialRemoveCredentials.
Definition at line 58 of file SpecialChangeCredentials.php.
|
protected |
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-group-*' for valid names This method defaults to group 'other'.
Reimplemented from MediaWiki\SpecialPage\SpecialPage.
Definition at line 45 of file SpecialChangeCredentials.php.
|
protected |
Allows blacklisting certain request types.
Reimplemented from MediaWiki\SpecialPage\AuthManagerSpecialPage.
Reimplemented in MediaWiki\Specials\SpecialRemoveCredentials.
Definition at line 294 of file SpecialChangeCredentials.php.
References MediaWiki\MainConfigNames\ChangeCredentialsBlacklist, and MediaWiki\SpecialPage\SpecialPage\getConfig().
|
protected |
Definition at line 282 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest().
Referenced by MediaWiki\Specials\SpecialChangeCredentials\getAuthForm(), and MediaWiki\Specials\SpecialChangeCredentials\success().
MediaWiki\Specials\SpecialChangeCredentials::handleFormSubmit | ( | $data | ) |
Submit handler callback for HTMLForm.
array | $data | Submitted data |
Reimplemented from MediaWiki\SpecialPage\AuthManagerSpecialPage.
Definition at line 208 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\$authRequests, and MediaWiki\SpecialPage\AuthManagerSpecialPage\performAuthenticationStep().
MediaWiki\Specials\SpecialChangeCredentials::isListed | ( | ) |
Whether this special page is listed in Special:SpecialPages.
Reimplemented from MediaWiki\SpecialPage\SpecialPage.
Definition at line 49 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\$authRequests, and MediaWiki\Specials\SpecialChangeCredentials\loadAuth().
|
protected |
Load or initialize $authAction, $authRequests and $subPage.
Subclasses should call this from execute() or otherwise ensure the variables are initialized.
string | $subPage | Subpage of the special page. |
string | null | $authAction | Override auth action specified in request (this is useful when the form needs to be changed from <action> to <action>_CONTINUE after a successful authentication step) |
bool | $reset | Regenerate the requests even if a cached version is available |
Reimplemented from MediaWiki\SpecialPage\AuthManagerSpecialPage.
Definition at line 103 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\$authAction, and MediaWiki\SpecialPage\AuthManagerSpecialPage\$subPage.
Referenced by MediaWiki\Specials\SpecialChangeCredentials\execute(), and MediaWiki\Specials\SpecialChangeCredentials\isListed().
|
protected |
Returns true if the form built from the given AuthenticationRequests needs a submit button.
Providers using redirect flow (e.g. Google login) need their own submit buttons; if using one of those custom buttons is the only way to proceed, there is no point in displaying the default button which won't do anything useful.
AuthenticationRequest[] | $requests | An array of AuthenticationRequests from which the form will be built |
Reimplemented from MediaWiki\SpecialPage\AuthManagerSpecialPage.
Definition at line 202 of file SpecialChangeCredentials.php.
MediaWiki\Specials\SpecialChangeCredentials::onAuthChangeFormFields | ( | array | $requests, |
array | $fieldInfo, | ||
array & | $formDescriptor, | ||
$action ) |
Change the form descriptor that determines how a field will look in the authentication form.Called from fieldInfoToFormDescriptor().
AuthenticationRequest[] | $requests | |
array | $fieldInfo | Field information array (union of all AuthenticationRequest::getFieldInfo() responses). |
array | &$formDescriptor | HTMLForm descriptor. The special key 'weight' can be set to change the order of the fields. |
string | $action | Authentication type (one of the AuthManager::ACTION_* constants) |
Reimplemented from MediaWiki\SpecialPage\AuthManagerSpecialPage.
Definition at line 120 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\mergeDefaultFormDescriptor().
|
protected |
Message | null | $error |
Definition at line 224 of file SpecialChangeCredentials.php.
References MediaWiki\Auth\AuthenticationRequest\describeCredentials(), MediaWiki\Html\element(), MediaWiki\SpecialPage\SpecialPage\getLinkRenderer(), and MediaWiki\SpecialPage\SpecialPage\getOutput().
Referenced by MediaWiki\Specials\SpecialChangeCredentials\execute().
|
protected |
Definition at line 255 of file SpecialChangeCredentials.php.
References MediaWiki\SpecialPage\SpecialPage\getOutput(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest(), MediaWiki\Specials\SpecialChangeCredentials\getReturnUrl(), and MediaWiki\SpecialPage\SpecialPage\getUser().
Referenced by MediaWiki\Specials\SpecialChangeCredentials\execute().
|
staticprotected |
Definition at line 29 of file SpecialChangeCredentials.php.
|
staticprotected |
Change action needs user data; remove action does not.
Definition at line 35 of file SpecialChangeCredentials.php.
|
staticprotected |
Definition at line 32 of file SpecialChangeCredentials.php.