MediaWiki  master
createBotPassword.php
Go to the documentation of this file.
1 <?php
25 require_once __DIR__ . '/Maintenance.php';
26 
28 
33  private const SHOWGRANTS_COLUMN_WIDTH = 20;
34 
35  public function __construct() {
36  parent::__construct();
37  $this->addDescription(
38  'Create a bot password for a user. ' .
39  'See https://www.mediawiki.org/wiki/Manual:Bot_passwords for more information.'
40  );
41 
42  $this->addOption( "showgrants",
43  "Prints a description of available grants and exits."
44  );
45  $this->addOption( "appid",
46  "App id for the new bot password.", false, true
47  );
48  $this->addOption( "grants",
49  "CSV list of permissions to grant.", false, true
50  );
51  $this->addArg( "user",
52  "The username to create a bot password for.", false
53  );
54  $this->addArg( "password",
55  "A password will be generated if this is omitted." .
56  " If supplied, it must be exactly 32 characters.", false
57  );
58  }
59 
60  public function execute() {
61  if ( $this->hasOption( 'showgrants' ) ) {
62  $this->showGrants();
63  return;
64  }
65 
66  $username = $this->getArg( 0 );
67  $password = $this->getArg( 1 );
68  $appId = $this->getOption( 'appid' );
69  $grants = explode( ',', $this->getOption( 'grants' ) );
70 
71  $errors = [];
72  if ( $username === null ) {
73  $errors[] = "Argument <user> required!";
74  }
75  if ( $appId == null ) {
76  $errors[] = "Param appid required!";
77  }
78  if ( $this->getOption( 'grants' ) === null ) {
79  $errors[] = "Param grants required!";
80  }
81  if ( count( $errors ) > 0 ) {
82  $this->fatalError( implode( "\n", $errors ) );
83  }
84 
85  $services = MediaWikiServices::getInstance();
86  $grantsInfo = $services->getGrantsInfo();
87  $invalidGrants = array_diff( $grants, $grantsInfo->getValidGrants() );
88  if ( count( $invalidGrants ) > 0 ) {
89  $this->fatalError(
90  "These grants are invalid: " . implode( ', ', $invalidGrants ) . "\n" .
91  "Use the --showgrants option for a full list of valid grant names."
92  );
93  }
94 
95  $passwordFactory = $services->getPasswordFactory();
96 
97  $userId = User::idFromName( $username );
98  if ( $userId === null ) {
99  $this->fatalError( "Cannot create bot password for non-existent user '$username'." );
100  }
101 
102  if ( $password === null ) {
103  $password = BotPassword::generatePassword( $this->getConfig() );
104  } else {
105  $passwordLength = strlen( $password );
106  if ( $passwordLength < BotPassword::PASSWORD_MINLENGTH ) {
107  $message = "Bot passwords must have at least " . BotPassword::PASSWORD_MINLENGTH .
108  " characters. Given password is $passwordLength characters.";
109  $this->fatalError( $message );
110  }
111  }
112 
113  $bp = BotPassword::newUnsaved( [
114  'username' => $username,
115  'appId' => $appId,
116  'grants' => $grants
117  ] );
118 
119  if ( $bp === null ) {
120  $this->fatalError( "Bot password creation failed." );
121  }
122 
123  $passwordInstance = $passwordFactory->newFromPlaintext( $password );
124  $status = $bp->save( 'insert', $passwordInstance );
125 
126  if ( $status->isGood() ) {
127  $this->output( "Success.\n" );
128  $this->output( "Log in using username:'{$username}@{$appId}' and password:'{$password}'.\n" );
129  } else {
130  $this->fatalError(
131  "Bot password creation failed. Does this appid already exist for the user perhaps?\n\nErrors:\n" .
132  print_r( $status->getErrors(), true )
133  );
134  }
135  }
136 
137  public function showGrants() {
138  $permissions = MediaWikiServices::getInstance()->getGrantsInfo()->getValidGrants();
139  sort( $permissions );
140 
141  $this->output( str_pad( 'GRANT', self::SHOWGRANTS_COLUMN_WIDTH ) . " DESCRIPTION\n" );
142  foreach ( $permissions as $permission ) {
143  $this->output(
144  str_pad( $permission, self::SHOWGRANTS_COLUMN_WIDTH ) . " " .
145  User::getRightDescription( $permission ) . "\n"
146  );
147  }
148  }
149 }
150 
151 $maintClass = CreateBotPassword::class;
152 require_once RUN_MAINTENANCE_IF_MAIN;
static generatePassword( $config)
Returns a (raw, unhashed) random password string.
const PASSWORD_MINLENGTH
Minimum length for a bot password.
Definition: BotPassword.php:41
static newUnsaved(array $data, $flags=self::READ_NORMAL)
Create an unsaved BotPassword.
__construct()
Default constructor.
execute()
Do the actual work.
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
Definition: Maintenance.php:66
addArg( $arg, $description, $required=true)
Add some args that are needed.
output( $out, $channel=null)
Throw some output to the user.
hasOption( $name)
Checks to see if a particular option was set.
getArg( $argId=0, $default=null)
Get an argument.
addDescription( $text)
Set the description text.
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
getOption( $name, $default=null)
Get an option, or return the default.
fatalError( $msg, $exitCode=1)
Output a message and terminate the current script.
Service locator for MediaWiki core services.
static getRightDescription( $right)
Get the description of a given right.
Definition: User.php:3369
static idFromName( $name, $flags=self::READ_NORMAL)
Get database id given a user name.
Definition: User.php:934