Helper class for the password reset functionality shared by the web UI and the API. More...
Public Member Functions | |
| __construct (ServiceOptions $config, LoggerInterface $logger, AuthManager $authManager, HookContainer $hookContainer, ILoadBalancer $loadBalancer, UserFactory $userFactory, UserNameUtils $userNameUtils, UserOptionsLookup $userOptionsLookup) | |
| This class is managed by MediaWikiServices, don't instantiate directly. More... | |
| execute (User $performingUser, $username=null, $email=null) | |
| Do a password reset. More... | |
| isAllowed (User $user) | |
| Check if a given user has permission to use this functionality. More... | |
Public Attributes | |
| const | CONSTRUCTOR_OPTIONS |
Protected Member Functions | |
| getUsersByEmail ( $email) | |
Private Member Functions | |
| computeIsAllowed (User $user) | |
| isBlocked (User $user) | |
| Check whether the user is blocked. More... | |
Private Attributes | |
| AuthManager | $authManager |
| ServiceOptions | $config |
| HookRunner | $hookRunner |
| ILoadBalancer | $loadBalancer |
| MapCacheLRU | $permissionCache |
| In-process cache for isAllowed lookups, by username. More... | |
| UserFactory | $userFactory |
| UserNameUtils | $userNameUtils |
| UserOptionsLookup | $userOptionsLookup |
Detailed Description
Helper class for the password reset functionality shared by the web UI and the API.
Requires the TemporaryPasswordPrimaryAuthenticationProvider and the EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent functionality) to be enabled.
Definition at line 43 of file PasswordReset.php.
Constructor & Destructor Documentation
◆ __construct()
| PasswordReset::__construct | ( | ServiceOptions | $config, |
| LoggerInterface | $logger, | ||
| AuthManager | $authManager, | ||
| HookContainer | $hookContainer, | ||
| ILoadBalancer | $loadBalancer, | ||
| UserFactory | $userFactory, | ||
| UserNameUtils | $userNameUtils, | ||
| UserOptionsLookup | $userOptionsLookup | ||
| ) |
This class is managed by MediaWikiServices, don't instantiate directly.
- Parameters
-
ServiceOptions $config LoggerInterface $logger AuthManager $authManager HookContainer $hookContainer ILoadBalancer $loadBalancer UserFactory $userFactory UserNameUtils $userNameUtils UserOptionsLookup $userOptionsLookup
Definition at line 95 of file PasswordReset.php.
References $authManager, $config, $loadBalancer, $userFactory, $userNameUtils, $userOptionsLookup, and MediaWiki\Config\ServiceOptions\assertRequiredOptions().
Member Function Documentation
◆ computeIsAllowed()
|
private |
- Parameters
-
User $user
- Returns
- StatusValue
Definition at line 139 of file PasswordReset.php.
References User\isAllowed(), isBlocked(), StatusValue\newFatal(), and StatusValue\newGood().
Referenced by isAllowed().
◆ execute()
| PasswordReset::execute | ( | User | $performingUser, |
$username = null, |
|||
$email = null |
|||
| ) |
Do a password reset.
Authorization is the caller's responsibility.
Process the form. At this point we know that the user passes all the criteria in userCanExecute(), and if the data array contains 'Username', etc, then Username resets are allowed.
- Since
- 1.29 Fourth argument for displayPassword removed.
- Parameters
-
User $performingUser The user that does the password reset string | null $username The user whose password is reset string | null $email Alternative way to specify the user
- Returns
- StatusValue
- Exceptions
-
LogicException When the user is not allowed to perform the action MWException On unexpected DB errors
Definition at line 184 of file PasswordReset.php.
References $userOptionsLookup, DeferredUpdates\addUpdate(), User\getId(), User\getName(), User\getRequest(), getUsersByEmail(), isAllowed(), StatusValue\newFatal(), Message\newFromSpecifier(), StatusValue\newGood(), User\pingLimiter(), and Sanitizer\validateEmail().
◆ getUsersByEmail()
|
protected |
- Note
- This is protected to allow configuring in tests. This class is not stable to extend.
- Parameters
-
string $email
- Returns
- User[]
- Exceptions
-
MWException On unexpected database errors
Definition at line 371 of file PasswordReset.php.
References $res, DB_REPLICA, and User\getQueryInfo().
Referenced by execute().
◆ isAllowed()
| PasswordReset::isAllowed | ( | User | $user | ) |
Check if a given user has permission to use this functionality.
- Parameters
-
User $user
- Since
- 1.29 Second argument for displayPassword removed.
- Returns
- StatusValue
Definition at line 126 of file PasswordReset.php.
References computeIsAllowed(), and User\getName().
Referenced by execute().
◆ isBlocked()
|
private |
Check whether the user is blocked.
Ignores certain types of system blocks that are only meant to force users to log in.
- Parameters
-
User $user
- Returns
- bool
- Since
- 1.30
Definition at line 356 of file PasswordReset.php.
References User\getBlock(), and User\getGlobalBlock().
Referenced by computeIsAllowed().
Member Data Documentation
◆ $authManager
|
private |
Definition at line 50 of file PasswordReset.php.
Referenced by __construct().
◆ $config
|
private |
Definition at line 47 of file PasswordReset.php.
Referenced by __construct().
◆ $hookRunner
|
private |
Definition at line 53 of file PasswordReset.php.
◆ $loadBalancer
|
private |
Definition at line 56 of file PasswordReset.php.
Referenced by __construct().
◆ $permissionCache
|
private |
In-process cache for isAllowed lookups, by username.
Contains a StatusValue object
Definition at line 72 of file PasswordReset.php.
◆ $userFactory
|
private |
Definition at line 59 of file PasswordReset.php.
Referenced by __construct().
◆ $userNameUtils
|
private |
Definition at line 62 of file PasswordReset.php.
Referenced by __construct().
◆ $userOptionsLookup
|
private |
Definition at line 65 of file PasswordReset.php.
Referenced by __construct(), and execute().
◆ CONSTRUCTOR_OPTIONS
| const PasswordReset::CONSTRUCTOR_OPTIONS |
- Access: internal
- For use by ServiceWiring
Definition at line 77 of file PasswordReset.php.
The documentation for this class was generated from the following file:
- includes/user/PasswordReset.php
