MediaWiki  master
PasswordReset Class Reference

Helper class for the password reset functionality shared by the web UI and the API. More...

Inheritance diagram for PasswordReset:
Collaboration diagram for PasswordReset:

Public Member Functions

 __construct ( $config, AuthManager $authManager, PermissionManager $permissionManager, ILoadBalancer $loadBalancer=null, LoggerInterface $logger=null, HookContainer $hookContainer=null)
 This class is managed by MediaWikiServices, don't instantiate directly. More...
 
 execute (User $performingUser, $username=null, $email=null)
 Do a password reset. More...
 
 isAllowed (User $user)
 Check if a given user has permission to use this functionality. More...
 

Public Attributes

const CONSTRUCTOR_OPTIONS
 

Protected Member Functions

 getUsersByEmail ( $email)
 
 isBlocked (User $user)
 Check whether the user is blocked. More...
 
 lookupUser ( $username)
 User object creation helper for testability. More...
 

Protected Attributes

AuthManager $authManager
 
ServiceOptions Config $config
 
ILoadBalancer $loadBalancer
 
PermissionManager $permissionManager
 

Private Attributes

HookContainer $hookContainer
 
HookRunner $hookRunner
 
MapCacheLRU $permissionCache
 In-process cache for isAllowed lookups, by username. More...
 

Detailed Description

Helper class for the password reset functionality shared by the web UI and the API.

Requires the TemporaryPasswordPrimaryAuthenticationProvider and the EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent functionality) to be enabled.

Definition at line 43 of file PasswordReset.php.

Constructor & Destructor Documentation

◆ __construct()

PasswordReset::__construct (   $config,
AuthManager  $authManager,
PermissionManager  $permissionManager,
ILoadBalancer  $loadBalancer = null,
LoggerInterface  $logger = null,
HookContainer  $hookContainer = null 
)

This class is managed by MediaWikiServices, don't instantiate directly.

Parameters
ServiceOptions | Config$config
AuthManager$authManager
PermissionManager$permissionManager
ILoadBalancer | null$loadBalancer
LoggerInterface | null$logger
HookContainer | null$hookContainer

Definition at line 87 of file PasswordReset.php.

References $authManager, $config, $hookContainer, $loadBalancer, $permissionManager, and wfDeprecatedMsg().

Member Function Documentation

◆ execute()

PasswordReset::execute ( User  $performingUser,
  $username = null,
  $email = null 
)

Do a password reset.

Authorization is the caller's responsibility.

Process the form. At this point we know that the user passes all the criteria in userCanExecute(), and if the data array contains 'Username', etc, then Username resets are allowed.

Since
1.29 Fourth argument for displayPassword removed.
Parameters
User$performingUserThe user that does the password reset
string | null$usernameThe user whose password is reset
string | null$emailAlternative way to specify the user
Returns
StatusValue
Exceptions
LogicExceptionWhen the user is not allowed to perform the action
MWExceptionOn unexpected DB errors

Definition at line 179 of file PasswordReset.php.

References DeferredUpdates\addUpdate(), User\getCanonicalName(), User\getId(), User\getName(), User\getRequest(), getUsersByEmail(), isAllowed(), lookupUser(), StatusValue\newFatal(), Message\newFromSpecifier(), StatusValue\newGood(), User\pingLimiter(), DeferredUpdates\POSTSEND, and Sanitizer\validateEmail().

◆ getUsersByEmail()

PasswordReset::getUsersByEmail (   $email)
protected
Parameters
string$email
Returns
User[]
Exceptions
MWExceptionOn unexpected database errors

Definition at line 360 of file PasswordReset.php.

References $res, DB_REPLICA, User\getQueryInfo(), and User\newFromRow().

Referenced by execute().

◆ isAllowed()

PasswordReset::isAllowed ( User  $user)

Check if a given user has permission to use this functionality.

Parameters
User$user
Since
1.29 Second argument for displayPassword removed.
Returns
StatusValue

Definition at line 128 of file PasswordReset.php.

References User\getName(), isBlocked(), StatusValue\newFatal(), and StatusValue\newGood().

Referenced by execute().

◆ isBlocked()

PasswordReset::isBlocked ( User  $user)
protected

Check whether the user is blocked.

Ignores certain types of system blocks that are only meant to force users to log in.

Parameters
User$user
Returns
bool
Since
1.30

Definition at line 347 of file PasswordReset.php.

References User\getBlock(), and User\getGlobalBlock().

Referenced by isAllowed().

◆ lookupUser()

PasswordReset::lookupUser (   $username)
protected

User object creation helper for testability.

Parameters
string$username
Returns
User|false

Definition at line 390 of file PasswordReset.php.

References User\newFromName().

Referenced by execute().

Member Data Documentation

◆ $authManager

AuthManager PasswordReset::$authManager
protected

Definition at line 50 of file PasswordReset.php.

Referenced by __construct().

◆ $config

ServiceOptions Config PasswordReset::$config
protected

Definition at line 47 of file PasswordReset.php.

Referenced by __construct().

◆ $hookContainer

HookContainer PasswordReset::$hookContainer
private

Definition at line 59 of file PasswordReset.php.

Referenced by __construct().

◆ $hookRunner

HookRunner PasswordReset::$hookRunner
private

Definition at line 62 of file PasswordReset.php.

◆ $loadBalancer

ILoadBalancer PasswordReset::$loadBalancer
protected

Definition at line 56 of file PasswordReset.php.

Referenced by __construct().

◆ $permissionCache

MapCacheLRU PasswordReset::$permissionCache
private

In-process cache for isAllowed lookups, by username.

Contains a StatusValue object

Definition at line 69 of file PasswordReset.php.

◆ $permissionManager

PermissionManager PasswordReset::$permissionManager
protected

Definition at line 53 of file PasswordReset.php.

Referenced by __construct().

◆ CONSTRUCTOR_OPTIONS

const PasswordReset::CONSTRUCTOR_OPTIONS
Initial value:
= [
'AllowRequiringEmailForResets',
'EnableEmail',
'PasswordResetRoutes',
]

Definition at line 71 of file PasswordReset.php.


The documentation for this class was generated from the following file: