MediaWiki  master
createBotPassword.php
Go to the documentation of this file.
1 <?php
25 require_once __DIR__ . '/Maintenance.php';
26 
31  private const SHOWGRANTS_COLUMN_WIDTH = 20;
32 
33  public function __construct() {
34  parent::__construct();
35  $this->addDescription(
36  'Create a bot password for a user. ' .
37  'See https://www.mediawiki.org/wiki/Manual:Bot_passwords for more information.'
38  );
39 
40  $this->addOption( "showgrants",
41  "Prints a description of available grants and exits."
42  );
43  $this->addOption( "appid",
44  "App id for the new bot password.", false, true
45  );
46  $this->addOption( "grants",
47  "CSV list of permissions to grant.", false, true
48  );
49  $this->addArg( "user",
50  "The username to create a bot password for.", false
51  );
52  $this->addArg( "password",
53  "A password will be generated if this is omitted." .
54  " If supplied, it must be exactly 32 characters.", false
55  );
56  }
57 
58  public function execute() {
59  if ( $this->hasOption( 'showgrants' ) ) {
60  $this->showGrants();
61  return;
62  }
63 
64  $username = $this->getArg( 0 );
65  $password = $this->getArg( 1 );
66  $appId = $this->getOption( 'appid' );
67  $grants = explode( ',', $this->getOption( 'grants' ) );
68 
69  $errors = [];
70  if ( $username === null ) {
71  $errors[] = "Argument <user> required!";
72  }
73  if ( $appId == null ) {
74  $errors[] = "Param appid required!";
75  }
76  if ( $this->getOption( 'grants' ) === null ) {
77  $errors[] = "Param grants required!";
78  }
79  if ( count( $errors ) > 0 ) {
80  $this->fatalError( implode( "\n", $errors ) );
81  }
82 
83  $invalidGrants = array_diff( $grants, MWGrants::getValidGrants() );
84  if ( count( $invalidGrants ) > 0 ) {
85  $this->fatalError(
86  "These grants are invalid: " . implode( ', ', $invalidGrants ) . "\n" .
87  "Use the --showgrants option for a full list of valid grant names."
88  );
89  }
90 
91  $passwordFactory = MediaWiki\MediaWikiServices::getInstance()->getPasswordFactory();
92 
93  $userId = User::idFromName( $username );
94  if ( $userId === null ) {
95  $this->fatalError( "Cannot create bot password for non-existent user '$username'." );
96  }
97 
98  if ( $password === null ) {
99  $password = BotPassword::generatePassword( $this->getConfig() );
100  } else {
101  $passwordLength = strlen( $password );
102  if ( $passwordLength < BotPassword::PASSWORD_MINLENGTH ) {
103  $message = "Bot passwords must have at least " . BotPassword::PASSWORD_MINLENGTH .
104  " characters. Given password is $passwordLength characters.";
105  $this->fatalError( $message );
106  }
107  }
108 
109  $bp = BotPassword::newUnsaved( [
110  'username' => $username,
111  'appId' => $appId,
112  'grants' => $grants
113  ] );
114 
115  if ( $bp === null ) {
116  $this->fatalError( "Bot password creation failed." );
117  }
118 
119  $passwordInstance = $passwordFactory->newFromPlaintext( $password );
120  $status = $bp->save( 'insert', $passwordInstance );
121 
122  if ( $status->isGood() ) {
123  $this->output( "Success.\n" );
124  $this->output( "Log in using username:'${username}@${appId}' and password:'${password}'.\n" );
125  } else {
126  $this->fatalError(
127  "Bot password creation failed. Does this appid already exist for the user perhaps?\n\nErrors:\n" .
128  print_r( $status->getErrors(), true )
129  );
130  }
131  }
132 
133  public function showGrants() {
134  $permissions = MWGrants::getValidGrants();
135  sort( $permissions );
136 
137  $this->output( str_pad( 'GRANT', self::SHOWGRANTS_COLUMN_WIDTH ) . " DESCRIPTION\n" );
138  foreach ( $permissions as $permission ) {
139  $this->output(
140  str_pad( $permission, self::SHOWGRANTS_COLUMN_WIDTH ) . " " .
141  User::getRightDescription( $permission ) . "\n"
142  );
143  }
144  }
145 }
146 
147 $maintClass = CreateBotPassword::class;
148 require_once RUN_MAINTENANCE_IF_MAIN;
CreateBotPassword\showGrants
showGrants()
Definition: createBotPassword.php:133
$maintClass
$maintClass
Definition: createBotPassword.php:147
Maintenance\fatalError
fatalError( $msg, $exitCode=1)
Output a message and terminate the current script.
Definition: Maintenance.php:489
Maintenance\addDescription
addDescription( $text)
Set the description text.
Definition: Maintenance.php:329
BotPassword\generatePassword
static generatePassword( $config)
Returns a (raw, unhashed) random password string.
Definition: BotPassword.php:364
Maintenance
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
Definition: Maintenance.php:59
CreateBotPassword\SHOWGRANTS_COLUMN_WIDTH
const SHOWGRANTS_COLUMN_WIDTH
Width of initial column of –showgrants output.
Definition: createBotPassword.php:31
CreateBotPassword
Definition: createBotPassword.php:27
MediaWiki\MediaWikiServices\getInstance
static getInstance()
Returns the global default instance of the top level service locator.
Definition: MediaWikiServices.php:261
Maintenance\getConfig
getConfig()
Definition: Maintenance.php:598
BotPassword\newUnsaved
static newUnsaved(array $data, $flags=self::READ_NORMAL)
Create an unsaved BotPassword.
Definition: BotPassword.php:142
Maintenance\addOption
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
Definition: Maintenance.php:249
BotPassword\PASSWORD_MINLENGTH
const PASSWORD_MINLENGTH
Minimum length for a bot password.
Definition: BotPassword.php:40
MWGrants\getValidGrants
static getValidGrants()
List all known grants.
Definition: MWGrants.php:35
Maintenance\getOption
getOption( $name, $default=null)
Get an option, or return the default.
Definition: Maintenance.php:286
User\getRightDescription
static getRightDescription( $right)
Get the description of a given right.
Definition: User.php:4093
User\idFromName
static idFromName( $name, $flags=self::READ_NORMAL)
Get database id given a user name.
Definition: User.php:937
CreateBotPassword\execute
execute()
Do the actual work.
Definition: createBotPassword.php:58
Maintenance\addArg
addArg( $arg, $description, $required=true)
Add some args that are needed.
Definition: Maintenance.php:300
CreateBotPassword\__construct
__construct()
Default constructor.
Definition: createBotPassword.php:33
Maintenance\output
output( $out, $channel=null)
Throw some output to the user.
Definition: Maintenance.php:435
Maintenance\hasOption
hasOption( $name)
Checks to see if a particular option was set.
Definition: Maintenance.php:271
Maintenance\getArg
getArg( $argId=0, $default=null)
Get an argument.
Definition: Maintenance.php:353