MediaWiki  master
wrapOldPasswords.php
Go to the documentation of this file.
1 <?php
24 require_once __DIR__ . '/Maintenance.php';
25 
27 
36  public function __construct() {
37  parent::__construct();
38  $this->addDescription( 'Wrap all passwords of a certain type in a new layered type' );
39  $this->addOption( 'type',
40  'Password type to wrap passwords in (must inherit LayeredParameterizedPassword)', true, true );
41  $this->addOption( 'verbose', 'Enables verbose output', false, false, 'v' );
42  $this->setBatchSize( 100 );
43  }
44 
45  public function execute() {
46  $passwordFactory = MediaWikiServices::getInstance()->getPasswordFactory();
47 
48  $typeInfo = $passwordFactory->getTypes();
49  $layeredType = $this->getOption( 'type' );
50 
51  // Check that type exists and is a layered type
52  if ( !isset( $typeInfo[$layeredType] ) ) {
53  $this->fatalError( 'Undefined password type' );
54  }
55 
56  $passObj = $passwordFactory->newFromType( $layeredType );
57  if ( !$passObj instanceof LayeredParameterizedPassword ) {
58  $this->fatalError( 'Layered parameterized password type must be used.' );
59  }
60 
61  // Extract the first layer type
62  $typeConfig = $typeInfo[$layeredType];
63  $firstType = $typeConfig['types'][0];
64 
65  // Get a list of password types that are applicable
66  $dbw = $this->getDB( DB_MASTER );
67  $typeCond = 'user_password' . $dbw->buildLike( ":$firstType:", $dbw->anyString() );
68 
69  $minUserId = 0;
70  $lbFactory = MediaWikiServices::getInstance()->getDBLoadBalancerFactory();
71  do {
72  $this->beginTransaction( $dbw, __METHOD__ );
73 
74  $res = $dbw->select( 'user',
75  [ 'user_id', 'user_name', 'user_password' ],
76  [
77  'user_id > ' . $dbw->addQuotes( $minUserId ),
78  $typeCond
79  ],
80  __METHOD__,
81  [
82  'ORDER BY' => 'user_id',
83  'LIMIT' => $this->getBatchSize(),
84  'LOCK IN SHARE MODE',
85  ]
86  );
87 
89  $updateUsers = [];
90  foreach ( $res as $row ) {
91  if ( $this->hasOption( 'verbose' ) ) {
92  $this->output( "Updating password for user {$row->user_name} ({$row->user_id}).\n" );
93  }
94 
95  $user = User::newFromId( $row->user_id );
97  $password = $passwordFactory->newFromCiphertext( $row->user_password );
99  $layeredPassword = $passwordFactory->newFromType( $layeredType );
100  $layeredPassword->partialCrypt( $password );
101 
102  $updateUsers[] = $user;
103  $dbw->update( 'user',
104  [ 'user_password' => $layeredPassword->toString() ],
105  [ 'user_id' => $row->user_id ],
106  __METHOD__
107  );
108 
109  $minUserId = $row->user_id;
110  }
111 
112  $this->commitTransaction( $dbw, __METHOD__ );
113  $lbFactory->waitForReplication();
114 
115  // Clear memcached so old passwords are wiped out
116  foreach ( $updateUsers as $user ) {
117  $user->clearSharedCache( 'refresh' );
118  }
119  } while ( $res->numRows() );
120  }
121 }
122 
124 require_once RUN_MAINTENANCE_IF_MAIN;
commitTransaction(IDatabase $dbw, $fname)
Commit the transcation on a DB handle and wait for replica DBs to catch up.
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
getOption( $name, $default=null)
Get an option, or return the default.
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
Definition: maintenance.txt:39
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency MediaWikiServices
Definition: injection.txt:23
setBatchSize( $s=0)
Set the batch size.
hasOption( $name)
Checks to see if a particular option exists.
require_once RUN_MAINTENANCE_IF_MAIN
Definition: maintenance.txt:50
This password hash type layers one or more parameterized password types on top of each other...
const DB_MASTER
Definition: defines.php:26
$res
Definition: database.txt:21
addDescription( $text)
Set the description text.
getDB( $db, $groups=[], $wiki=false)
Returns a database to be used by current maintenance script.
output( $out, $channel=null)
Throw some output to the user.
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition: distributors.txt:9
Maintenance script to wrap all passwords of a certain type in a specified layered type that wraps aro...
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
static newFromId( $id)
Static factory method for creation from a given user ID.
Definition: User.php:559
you have access to all of the normal MediaWiki so you can get a DB use the etc For full docs on the Maintenance class
Definition: maintenance.txt:52
getBatchSize()
Returns batch size.
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
fatalError( $msg, $exitCode=1)
Output a message and terminate the current script.
return true to allow those checks to and false if checking is done & $user
Definition: hooks.txt:1454
beginTransaction(IDatabase $dbw, $fname)
Begin a transcation on a DB.