MediaWiki master
createBotPassword.php
Go to the documentation of this file.
1<?php
27
28// @codeCoverageIgnoreStart
29require_once __DIR__ . '/Maintenance.php';
30// @codeCoverageIgnoreEnd
31
36 private const SHOWGRANTS_COLUMN_WIDTH = 20;
37
38 public function __construct() {
39 parent::__construct();
40 $this->addDescription(
41 'Create a bot password for a user. ' .
42 'See https://www.mediawiki.org/wiki/Manual:Bot_passwords for more information.'
43 );
44
45 $this->addOption( "showgrants",
46 "Prints a description of available grants and exits."
47 );
48 $this->addOption( "appid",
49 "App id for the new bot password.", false, true
50 );
51 $this->addOption( "grants",
52 "CSV list of permissions to grant.", false, true
53 );
54 $this->addArg( "user",
55 "The username to create a bot password for.", false
56 );
57 $this->addArg( "password",
58 "A password will be generated if this is omitted." .
59 " If supplied, it must be exactly 32 characters.", false
60 );
61 }
62
63 public function execute() {
64 if ( $this->hasOption( 'showgrants' ) ) {
65 $this->showGrants();
66 return;
67 }
68
69 $username = $this->getArg( 0 );
70 $password = $this->getArg( 1 );
71 $appId = $this->getOption( 'appid' );
72 $grants = explode( ',', $this->getOption( 'grants', '' ) );
73
74 $errors = [];
75 if ( $username === null ) {
76 $errors[] = "Argument <user> required!";
77 }
78 if ( $appId == null ) {
79 $errors[] = "Param appid required!";
80 }
81 if ( $this->getOption( 'grants' ) === null ) {
82 $errors[] = "Param grants required!";
83 }
84 if ( count( $errors ) > 0 ) {
85 $this->fatalError( implode( "\n", $errors ) );
86 }
87
88 $services = $this->getServiceContainer();
89 $grantsInfo = $services->getGrantsInfo();
90 $invalidGrants = array_diff( $grants, $grantsInfo->getValidGrants() );
91 if ( count( $invalidGrants ) > 0 ) {
92 $this->fatalError(
93 "These grants are invalid: " . implode( ', ', $invalidGrants ) . "\n" .
94 "Use the --showgrants option for a full list of valid grant names."
95 );
96 }
97
98 $passwordFactory = $services->getPasswordFactory();
99
100 $userIdentity = $services->getUserIdentityLookup()->getUserIdentityByName( $username );
101 if ( !$userIdentity || !$userIdentity->isRegistered() ) {
102 $this->fatalError( "Cannot create bot password for non-existent user '$username'." );
103 }
104
105 if ( $password === null ) {
106 $password = BotPassword::generatePassword( $this->getConfig() );
107 } else {
108 $passwordLength = strlen( $password );
109 if ( $passwordLength < BotPassword::PASSWORD_MINLENGTH ) {
110 $message = "Bot passwords must have at least " . BotPassword::PASSWORD_MINLENGTH .
111 " characters. Given password is $passwordLength characters.";
112 $this->fatalError( $message );
113 }
114 }
115
116 $bp = BotPassword::newUnsaved( [
117 'username' => $username,
118 'appId' => $appId,
119 'grants' => $grants
120 ] );
121
122 if ( $bp === null ) {
123 $this->fatalError( "Bot password creation failed." );
124 }
125
126 $passwordInstance = $passwordFactory->newFromPlaintext( $password );
127 $status = $bp->save( 'insert', $passwordInstance );
128
129 if ( $status->isGood() ) {
130 $this->output( "Success.\n" );
131 $this->output( "Log in using username:'{$username}@{$appId}' and password:'{$password}'.\n" );
132 } else {
133 $this->error( "Bot password creation failed. Does this appid already exist for the user perhaps?" );
134 $this->fatalError( $status );
135 }
136 }
137
138 public function showGrants() {
139 $permissions = $this->getServiceContainer()->getGrantsInfo()->getValidGrants();
140 sort( $permissions );
141
142 $this->output( str_pad( 'GRANT', self::SHOWGRANTS_COLUMN_WIDTH ) . " DESCRIPTION\n" );
143 foreach ( $permissions as $permission ) {
144 $this->output(
145 str_pad( $permission, self::SHOWGRANTS_COLUMN_WIDTH ) . " " .
146 User::getRightDescription( $permission ) . "\n"
147 );
148 }
149 }
150}
151
152// @codeCoverageIgnoreStart
153$maintClass = CreateBotPassword::class;
154require_once RUN_MAINTENANCE_IF_MAIN;
155// @codeCoverageIgnoreEnd
__construct()
Default constructor.
execute()
Do the actual work.
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
error( $err, $die=0)
Throw an error to the user.
addArg( $arg, $description, $required=true, $multi=false)
Add some args that are needed.
output( $out, $channel=null)
Throw some output to the user.
hasOption( $name)
Checks to see if a particular option was set.
getServiceContainer()
Returns the main service container.
getArg( $argId=0, $default=null)
Get an argument.
addDescription( $text)
Set the description text.
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
getOption( $name, $default=null)
Get an option, or return the default.
fatalError( $msg, $exitCode=1)
Output a message and terminate the current script.
Utility class for bot passwords.
internal since 1.36
Definition User.php:93