MediaWiki  master
PasswordReset Class Reference

Helper class for the password reset functionality shared by the web UI and the API. More...

Inheritance diagram for PasswordReset:
Collaboration diagram for PasswordReset:

Public Member Functions

 __construct (Config $config, AuthManager $authManager)
 
 execute (User $performingUser, $username=null, $email=null)
 Do a password reset. More...
 
 isAllowed (User $user)
 Check if a given user has permission to use this functionality. More...
 
 setLogger (LoggerInterface $logger)
 Set the logger instance to use. More...
 

Protected Member Functions

 getUsersByEmail ( $email)
 
 isBlocked (User $user)
 Check whether the user is blocked. More...
 

Protected Attributes

AuthManager $authManager
 
Config $config
 
LoggerInterface $logger
 

Private Attributes

MapCacheLRU $permissionCache
 In-process cache for isAllowed lookups, by username. More...
 

Detailed Description

Helper class for the password reset functionality shared by the web UI and the API.

Requires the TemporaryPasswordPrimaryAuthenticationProvider and the EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent functionality) to be enabled.

Definition at line 36 of file PasswordReset.php.

Constructor & Destructor Documentation

◆ __construct()

PasswordReset::__construct ( Config  $config,
AuthManager  $authManager 
)

Definition at line 53 of file PasswordReset.php.

References $authManager, and $config.

Member Function Documentation

◆ execute()

PasswordReset::execute ( User  $performingUser,
  $username = null,
  $email = null 
)

Do a password reset.

Authorization is the caller's responsibility.

Process the form. At this point we know that the user passes all the criteria in userCanExecute(), and if the data array contains 'Username', etc, then Username resets are allowed.

Since
1.29 Fourth argument for displayPassword removed.
Parameters
User$performingUserThe user that does the password reset
string | null$usernameThe user whose password is reset
string | null$emailAlternative way to specify the user
Returns
StatusValue Will contain the passwords as a username => password array if the $displayPassword flag was set
Exceptions
LogicExceptionWhen the user is not allowed to perform the action
MWExceptionOn unexpected DB errors

Definition at line 130 of file PasswordReset.php.

References $data, $req, $user, $username, as, false, User\getId(), User\getName(), User\getRequest(), getUsersByEmail(), isAllowed(), StatusValue\newFatal(), User\newFromName(), Message\newFromSpecifier(), StatusValue\newGood(), null, User\pingLimiter(), Hooks\run(), Sanitizer\validateEmail(), wfEscapeWikiText(), and wfMessage().

◆ getUsersByEmail()

PasswordReset::getUsersByEmail (   $email)
protected
Parameters
string$email
Returns
User[]
Exceptions
MWExceptionOn unexpected database errors

Definition at line 274 of file PasswordReset.php.

References $res, as, DB_REPLICA, User\getQueryInfo(), User\newFromRow(), and wfGetDB().

Referenced by execute().

◆ isAllowed()

PasswordReset::isAllowed ( User  $user)

Check if a given user has permission to use this functionality.

Parameters
User$user
bool$displayPasswordIf set, also check whether the user is allowed to reset the password of another user and see the temporary password.
Since
1.29 Second argument for displayPassword removed.
Returns
StatusValue

Definition at line 78 of file PasswordReset.php.

References User\getName(), User\isAllowed(), isBlocked(), StatusValue\newFatal(), and StatusValue\newGood().

Referenced by execute().

◆ isBlocked()

PasswordReset::isBlocked ( User  $user)
protected

Check whether the user is blocked.

Ignores certain types of system blocks that are only meant to force users to log in.

Parameters
User$user
Returns
bool
Since
1.30

Definition at line 261 of file PasswordReset.php.

References User\getBlock(), and User\getGlobalBlock().

Referenced by isAllowed().

◆ setLogger()

PasswordReset::setLogger ( LoggerInterface  $logger)

Set the logger instance to use.

Parameters
LoggerInterface$logger
Since
1.29

Definition at line 66 of file PasswordReset.php.

References $logger.

Member Data Documentation

◆ $authManager

AuthManager PasswordReset::$authManager
protected

Definition at line 41 of file PasswordReset.php.

Referenced by __construct().

◆ $config

Config PasswordReset::$config
protected

Definition at line 38 of file PasswordReset.php.

Referenced by __construct().

◆ $logger

LoggerInterface PasswordReset::$logger
protected

Definition at line 44 of file PasswordReset.php.

Referenced by setLogger().

◆ $permissionCache

MapCacheLRU PasswordReset::$permissionCache
private

In-process cache for isAllowed lookups, by username.

Contains a StatusValue object

Definition at line 51 of file PasswordReset.php.


The documentation for this class was generated from the following file: