public function __construct($username, $realname = 'Real Name', $email = '*****@*****.**', $groups = array())
{
$this->assertNotReal();
$this->username = $username;
$this->password = '******';
$this->user = User::newFromName($this->username);
$this->user->load();
// In an ideal world we'd have a new wiki (or mock data store) for every single test.
// But for now, we just need to create or update the user with the desired properties.
// we particularly need the new password, since we just generated it randomly.
// In core MediaWiki, there is no functionality to delete users, so this is the best we can do.
if (!$this->user->isLoggedIn()) {
// create the user
$this->user = User::createNew($this->username, array("email" => $email, "real_name" => $realname));
if (!$this->user) {
throw new MWException("Error creating TestUser " . $username);
}
}
// Update the user to use the password and other details
$change = $this->setPassword($this->password) || $this->setEmail($email) || $this->setRealName($realname);
// Adjust groups by adding any missing ones and removing any extras
$currentGroups = $this->user->getGroups();
foreach (array_diff($groups, $currentGroups) as $group) {
$this->user->addGroup($group);
}
foreach (array_diff($currentGroups, $groups) as $group) {
$this->user->removeGroup($group);
}
if ($change) {
$this->user->saveSettings();
}
}
/**
* Insert a block into the block table. Will fail if there is a conflicting
* block (same name and options) already in the database.
*
* @param $dbw DatabaseBase if you have one available
* @return mixed: false on failure, assoc array on success:
* ('id' => block ID, 'autoIds' => array of autoblock IDs)
*/
public function insert($dbw = null)
{
global $wgBlockDisablesLogin;
wfDebug("Block::insert; timestamp {$this->mTimestamp}\n");
if ($dbw === null) {
$dbw = wfGetDB(DB_MASTER);
}
# Don't collide with expired blocks
Block::purgeExpired();
$row = $this->getDatabaseArray();
$row['ipb_id'] = $dbw->nextSequenceValue("ipblocks_ipb_id_seq");
$dbw->insert('ipblocks', $row, __METHOD__, array('IGNORE'));
$affected = $dbw->affectedRows();
$this->mId = $dbw->insertId();
if ($affected) {
if ($wgBlockDisablesLogin && $this->target instanceof User) {
// Change user login token to force them to be logged out.
$this->target->setToken();
$this->target->saveSettings();
}
$auto_ipd_ids = $this->doRetroactiveAutoblock();
return array('id' => $this->mId, 'autoIds' => $auto_ipd_ids);
}
return false;
}
/**
* Given a user object, this method will create a temporary password and save it to the
* user's account. Every time this is called, the reset password throttle is reset, which
* means the method User::isPasswordReminderThrottled will return true for the next
* $wgPasswordReminderResendTime hours
*
* @param User $targetUser
*
* @return String
*
* @throws MWException
*/
public function resetPassword(User $targetUser)
{
$context = RequestContext::getMain();
$currentUser = $context->getUser();
$currentIp = $context->getRequest()->getIP();
wfRunHooks('User::mailPasswordInternal', [$currentUser, $currentIp, $targetUser]);
$tempPass = $targetUser->randomPassword();
$targetUser->setNewpassword($tempPass, $resetThrottle = true);
$targetUser->saveSettings();
return $tempPass;
}
public function __construct($username, $realname = 'Real Name', $email = '*****@*****.**', $groups = [])
{
$this->assertNotReal();
$this->username = $username;
$this->password = '******';
$this->user = User::newFromName($this->username);
$this->user->load();
// In an ideal world we'd have a new wiki (or mock data store) for every single test.
// But for now, we just need to create or update the user with the desired properties.
// we particularly need the new password, since we just generated it randomly.
// In core MediaWiki, there is no functionality to delete users, so this is the best we can do.
if (!$this->user->isLoggedIn()) {
// create the user
$this->user = User::createNew($this->username, ["email" => $email, "real_name" => $realname]);
if (!$this->user) {
throw new MWException("Error creating TestUser " . $username);
}
}
// Update the user to use the password and other details
$this->setPassword($this->password);
$change = $this->setEmail($email) || $this->setRealName($realname);
// Adjust groups by adding any missing ones and removing any extras
$currentGroups = $this->user->getGroups();
foreach (array_diff($groups, $currentGroups) as $group) {
$this->user->addGroup($group);
}
foreach (array_diff($currentGroups, $groups) as $group) {
$this->user->removeGroup($group);
}
if ($change) {
// Disable CAS check before saving. The User object may have been initialized from cached
// information that may be out of whack with the database during testing. If tests were
// perfectly isolated, this would not happen. But if it does happen, let's just ignore the
// inconsistency, and just write the data we want - during testing, we are not worried
// about data loss.
$this->user->mTouched = '';
$this->user->saveSettings();
}
}
/**
* Insert a block into the block table. Will fail if there is a conflicting
* block (same name and options) already in the database.
*
* @param IDatabase $dbw If you have one available
* @return bool|array False on failure, assoc array on success:
* ('id' => block ID, 'autoIds' => array of autoblock IDs)
*/
public function insert($dbw = null)
{
global $wgBlockDisablesLogin;
wfDebug("Block::insert; timestamp {$this->mTimestamp}\n");
if ($dbw === null) {
$dbw = wfGetDB(DB_MASTER);
}
# Periodic purge via commit hooks
if (mt_rand(0, 9) == 0) {
Block::purgeExpired();
}
$row = $this->getDatabaseArray();
$row['ipb_id'] = $dbw->nextSequenceValue("ipblocks_ipb_id_seq");
$dbw->insert('ipblocks', $row, __METHOD__, ['IGNORE']);
$affected = $dbw->affectedRows();
$this->mId = $dbw->insertId();
# Don't collide with expired blocks.
# Do this after trying to insert to avoid locking.
if (!$affected) {
# T96428: The ipb_address index uses a prefix on a field, so
# use a standard SELECT + DELETE to avoid annoying gap locks.
$ids = $dbw->selectFieldValues('ipblocks', 'ipb_id', ['ipb_address' => $row['ipb_address'], 'ipb_user' => $row['ipb_user'], 'ipb_expiry < ' . $dbw->addQuotes($dbw->timestamp())], __METHOD__);
if ($ids) {
$dbw->delete('ipblocks', ['ipb_id' => $ids], __METHOD__);
$dbw->insert('ipblocks', $row, __METHOD__, ['IGNORE']);
$affected = $dbw->affectedRows();
$this->mId = $dbw->insertId();
}
}
if ($affected) {
$auto_ipd_ids = $this->doRetroactiveAutoblock();
if ($wgBlockDisablesLogin && $this->target instanceof User) {
// Change user login token to force them to be logged out.
$this->target->setToken();
$this->target->saveSettings();
}
return ['id' => $this->mId, 'autoIds' => $auto_ipd_ids];
}
return false;
}
/**
* Keeps track of recently used message groups per user.
*/
public static function trackGroup(MessageGroup $group, User $user)
{
if ($user->isAnon()) {
return true;
}
$groups = $user->getOption('translate-recent-groups', '');
if ($groups === '') {
$groups = array();
} else {
$groups = explode('|', $groups);
}
if (isset($groups[0]) && $groups[0] === $group->getId()) {
return true;
}
array_unshift($groups, $group->getId());
$groups = array_unique($groups);
$groups = array_slice($groups, 0, 5);
$user->setOption('translate-recent-groups', implode('|', $groups));
// Promise to persist the data post-send
DeferredUpdates::addCallableUpdate(function () use($user) {
$user->saveSettings();
});
return true;
}
/**
* @param User $user
* @param string $pass
* @param string $newaddr
* @return Status
*/
private function attemptChange(User $user, $pass, $newaddr)
{
global $wgAuth;
if ($newaddr != '' && !Sanitizer::validateEmail($newaddr)) {
return Status::newFatal('invalidemailaddress');
}
$throttleCount = LoginForm::incLoginThrottle($user->getName());
if ($throttleCount === true) {
$lang = $this->getLanguage();
$throttleInfo = $this->getConfig()->get('PasswordAttemptThrottle');
return Status::newFatal('changeemail-throttled', $lang->formatDuration($throttleInfo['seconds']));
}
if ($this->getConfig()->get('RequirePasswordforEmailChange') && !$user->checkTemporaryPassword($pass) && !$user->checkPassword($pass)) {
return Status::newFatal('wrongpassword');
}
if ($throttleCount) {
LoginForm::clearLoginThrottle($user->getName());
}
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation($newaddr);
if (!$status->isGood()) {
return $status;
}
Hooks::run('PrefsEmailAudit', array($user, $oldaddr, $newaddr));
$user->saveSettings();
$wgAuth->updateExternalDB($user);
return $status;
}
/**
* send reconfirmation email to the email address without saving that email address
* @param User $user
* @param string $email
* @return Status object
*/
public function sendReconfirmationEmail(&$user, $email, $type = 'change')
{
$userId = $user->getId();
$userEmail = $user->getEmail();
$user->mId = 0;
$user->mEmail = $email;
$result = $user->sendReConfirmationMail($type);
$user->mId = $userId;
$user->mEmail = $userEmail;
$user->saveSettings();
return $result;
}
/**
* Register the user viewed the watchlist,
* so we know that following chnages should
* result into notification emails is desired.
*
* @since 0.1
*
* @param User $user
*/
protected function registerUserView( User $user ) {
$this->lastViewed = $user->getOption( 'swl_last_view' );
if ( is_null( $this->lastViewed ) ) {
$this->lastViewed = wfTimestampNow();
}
$user->setOption( 'swl_last_view', wfTimestampNow() );
$user->setOption( 'swl_mail_count',0 );
$user->saveSettings();
}
/**
* Confirm the user and set their cookies. This is used when a user already has an
* email registered with Facebook.
* @param User $user
*/
private function confirmUser(User $user)
{
$user->confirmEmail();
wfRunHooks('SignupConfirmEmailComplete', [$user]);
$user->saveSettings();
}
/**
* Updates the user's details according to what was given from the SSO
* library.
* Note that this will be called every time after authenticating
* to the IdP.
*
* @param User $user
* User object from MW
* @param Array $attrs
* Attribute array
*/
private function modifyUserIfNeeded(&$user, $attrs)
{
$username = $user->getName();
$dirty = false;
/*
* Email
*/
if (isset($attrs['email'])) {
$new = $attrs['email'];
$old = $user->getEmail();
if ($new != $old) {
$user->setEmail($new);
$user->confirmEmail();
wfDebugLog('MultiAuthPlugin', __METHOD__ . ': ' . "Updated email for user '{$username}' from '{$old}' to '{$new}'");
$dirty = true;
}
}
/*
* Fullname
*/
if (isset($attrs['fullname'])) {
$new = $attrs['fullname'];
$old = $user->getRealName();
if ($new != $old) {
$user->setRealName($new);
wfDebugLog('MultiAuthPlugin', __METHOD__ . ': ' . "Updated realName for user '{$username}' from '{$old}' to '{$new}'");
$dirty = true;
}
}
if ($dirty) {
$user->saveSettings();
}
}
/**
* Set users' fields from SAML attributes.
* If the user does not exist in the MediaWiki database,
* it is created. wgSamlCreateUser is not respected.
*
* @param User $user the user
* @param string[][] $attr SAML attributes
*/
protected static function updateUser(User $user, $attr)
{
global $wgSamlRealnameAttr;
global $wgSamlUsernameAttr;
global $wgSamlMailAttr;
global $wgContLang;
$changed = false;
if (isset($wgSamlRealnameAttr) && isset($attr[$wgSamlRealnameAttr]) && $attr[$wgSamlRealnameAttr] && $user->getRealName() !== reset($attr[$wgSamlRealnameAttr])) {
$changed = true;
$user->setRealName(reset($attr[$wgSamlRealnameAttr]));
}
if ($attr[$wgSamlMailAttr] && $user->getEmail() !== reset($attr[$wgSamlMailAttr])) {
$changed = true;
$user->setEmail(reset($attr[$wgSamlMailAttr]));
$user->ConfirmEmail();
}
if (!$user->getId()) {
$user->setName($wgContLang->ucfirst(reset($attr[$wgSamlUsernameAttr])));
$user->setPassword(null);
// prevent manual login until reset
$user->addToDatabase();
} elseif ($changed) {
$user->saveSettings();
}
}
/**
* @param User $u
* @param bool $throttle
* @param string $emailTitle Message name of email title
* @param string $emailText Message name of email text
* @return Status
*/
function mailPasswordInternal($u, $throttle = true, $emailTitle = 'passwordremindertitle', $emailText = 'passwordremindertext')
{
global $wgNewPasswordExpiry;
if ($u->getEmail() == '') {
return Status::newFatal('noemail', $u->getName());
}
$ip = $this->getRequest()->getIP();
if (!$ip) {
return Status::newFatal('badipaddress');
}
$currentUser = $this->getUser();
Hooks::run('User::mailPasswordInternal', array(&$currentUser, &$ip, &$u));
$np = $u->randomPassword();
$u->setNewpassword($np, $throttle);
$u->saveSettings();
$userLanguage = $u->getOption('language');
$mainPage = Title::newMainPage();
$mainPageUrl = $mainPage->getCanonicalURL();
$m = $this->msg($emailText, $ip, $u->getName(), $np, '<' . $mainPageUrl . '>', round($wgNewPasswordExpiry / 86400))->inLanguage($userLanguage)->text();
$result = $u->sendMail($this->msg($emailTitle)->inLanguage($userLanguage)->text(), $m);
return $result;
}
protected function showPermissions( $step ) {
global $wgLang, $wgRequest;
$header = new HtmlTag( 'h2' );
$step_message = 'translate-fs-permissions-title';
$header->content( wfMsg( $step_message ) )->style( 'opacity', 0.4 );
if ( $step ) {
$this->out->addHtml( $header );
return $step;
}
if ( $wgRequest->wasPosted() &&
$this->user->matchEditToken( $wgRequest->getVal( 'token' ) ) &&
$wgRequest->getText( 'step' ) === 'permissions' )
{
// This is ridiculous
global $wgCaptchaTriggers;
$captcha = $wgCaptchaTriggers;
$wgCaptchaTriggers = null;
$language = $wgRequest->getVal( 'primary-language' );
$message = $wgRequest->getText( 'message', '...' );
$params = array(
'action' => 'threadaction',
'threadaction' => 'newthread',
'token' => $this->user->editToken(),
'talkpage' => 'Project:Translator',
'subject' => "{{LanguageHeader|$language}}",
'reason' => 'Using Special:FirstSteps',
'text' => $message,
);
$request = new FauxRequest( $params, true, $_SESSION );
$api = new ApiMain( $request, true );
$api->execute();
$result = $api->getResultData();
$wgCaptchaTriggers = $captcha;
$page = $result['threadaction']['thread']['thread-title'];
$this->user->setOption( 'translate-firststeps-request', $page );
$this->user->saveSettings();
}
$page = $this->user->getOption( 'translate-firststeps-request' );
if ( $this->user->isAllowed( 'translate' ) ) {
$header->content( $header->content . wfMsg( 'translate-fs-pagetitle-done' ) );
$this->out->addHtml( $header );
return $step;
} elseif ( $page ) {
$header->content( $header->content . wfMsg( 'translate-fs-pagetitle-pending' ) );
$this->out->addHtml( $header->style( 'opacity', false ) );
$this->out->addWikiMsg( 'translate-fs-permissions-pending', $page );
return $step_message;
}
$this->out->addHtml( $header->style( 'opacity', false ) );
$this->out->addWikiMsg( 'translate-fs-permissions-help' );
$output = Html::openElement( 'form', array( 'method' => 'post' ) );
$output .= Html::hidden( 'step', 'permissions' );
$output .= Html::hidden( 'token', $this->user->editToken() );
$output .= Html::hidden( 'title', $this->getTitle() );
$name = $id = 'primary-language';
$selector = new XmlSelect();
$selector->addOptions( $this->languages( $wgLang->getCode() ) );
$selector->setAttribute( 'id', $id );
$selector->setAttribute( 'name', $name );
$selector->setDefault( $wgLang->getCode() );
$text = wfMessage( 'translate-fs-permissions-planguage' )->text();
$output .= Xml::label( $text, $id ) . " " . $selector->getHtml() . '<br />';
$output .= Html::element( 'textarea', array( 'rows' => 5, 'name' => 'message' ), '' );
$output .= Xml::submitButton( wfMsg( 'translate-fs-permissions-submit' ) );
$output .= Html::closeElement( 'form' );
$this->out->addHtml( $output );
return $step_message;
}
/**
* Adds the User object to the shared database
*
* @param User $User
* @param String $password
* @param String $email
* @param String $realname
*
* @return bool success
*/
protected function addToDatabase(User &$User, $password, $email, $realname)
{
wfProfileIn(__METHOD__);
global $wgExternalSharedDB;
$dbw = wfGetDB(DB_MASTER, [], $wgExternalSharedDB);
try {
$userId = null;
$result = null;
if (is_null($result)) {
$dbw->insert('`user`', ['user_id' => null, 'user_name' => $User->mName, 'user_real_name' => $realname, 'user_password' => $User->mPassword, 'user_newpassword' => '', 'user_email' => $email, 'user_touched' => '', 'user_token' => '', 'user_options' => '', 'user_registration' => $dbw->timestamp($User->mRegistration), 'user_editcount' => 0, 'user_birthdate' => $User->mBirthDate], __METHOD__);
$userId = $dbw->insertId();
} else {
if (!$result) {
throw new ExternalUserException();
}
}
$User->mId = $userId;
$User->setToken();
$User->saveSettings();
$dbw->commit(__METHOD__);
wfRunHooks('ExternalUserAddUserToDatabaseComplete', [&$User]);
\Wikia\Logger\WikiaLogger::instance()->info('HELIOS_REGISTRATION_INSERTS', ['exception' => new Exception(), 'userid' => $User->mId, 'username' => $User->mName]);
// Clear instance cache other than user table data, which is already accurate
$User->clearInstanceCache();
$ret = true;
} catch (DBQueryError $e) {
\Wikia\Logger\WikiaLogger::instance()->info(__METHOD__, ['exception' => $e, 'username' => $User->mName]);
$dbw->rollback(__METHOD__);
$ret = false;
} catch (ExternalUserException $e) {
\Wikia\Logger\WikiaLogger::instance()->info(__METHOD__, ['exception' => $e, 'username' => $User->mName]);
$dbw->rollback(__METHOD__);
$ret = false;
}
wfProfileOut(__METHOD__);
return $ret;
}
/**
* Sets the 'autowatched-already' option to 1
* @param \User $oUser A user's object
*/
private function setFlag(\User $oUser)
{
global $wgAutoFollowFlag;
$oUser->setGlobalFlag($wgAutoFollowFlag, 1);
$oUser->saveSettings();
}
/**
* Clears a user's UserImage setting
* @param User $oUser
*/
public static function unsetUserImage($oUser)
{
if ($oUser->getOption('MW::UserImage')) {
$oUser->setOption('MW::UserImage', null);
$oUser->saveSettings();
}
return;
}
/**
* When a user logs in, optionally fill in preferences and such.
* For instance, you might pull the email address or real name from the
* external user database.
*
* The User object is passed by reference so it can be modified; don't
* forget the & on your function declaration.
*
* @param User $user
* @public
*/
function updateUser(&$user)
{
if ($this->debug) {
echo 'updateUser';
}
$username = addslashes($user->getName());
$find_user_query = "SELECT\n\t\t\tuser_id,\n\t\t\tuser_accesslevel, user_email, \n\t\t\tuser_name_short, user_name\n\t\t\tFROM users WHERE lower(user_name_short)=lower('{$username}')";
$find_result = mysql_query($find_user_query, $this->database);
// make sure that there is only one person with the username
if (mysql_num_rows($find_result) == 1) {
$userinfo = mysql_fetch_assoc($find_result);
mysql_free_result($find_result);
$user->setEmail($userinfo['user_email']);
$user->confirmEmail();
$user->setRealName($userinfo['user_name']);
// Accessrights
if ($userinfo['user_accesslevel'] > 2) {
$user->addGroup('sysop');
}
$user->saveSettings();
return true;
}
return false;
}
private function onAuthenticateUserDataResetPass(User $u)
{
// The e-mailed temporary password should not be used for actu-
// al logins; that's a very sloppy habit, and insecure if an
// attacker has a few seconds to click "search" on someone's o-
// pen mail reader.
//
// Allow it to be used only to reset the password a single time
// to a new value, which won't be in the user's e-mail ar-
// chives.
//
// For backwards compatibility, we'll still recognize it at the
// login form to minimize surprises for people who have been
// logging in with a temporary password for some time.
//
// As a side-effect, we can authenticate the user's e-mail ad-
// dress if it's not already done, since the temporary password
// was sent via e-mail.
if (!$u->isEmailConfirmed()) {
$u->confirmEmail();
$u->saveSettings();
}
}
/**
* Removes not confirmed option from user's properties
*
* @param User $user
* @return bool
*/
public static function removeNotConfirmedFlag(User &$user)
{
$user->setGlobalFlag(UserLoginSpecialController::NOT_CONFIRMED_SIGNUP_OPTION_NAME, null);
$user->setGlobalFlag(UserLoginSpecialController::SIGNED_UP_ON_WIKI_OPTION_NAME, null);
$user->saveSettings();
$user->saveToCache();
wfRunHooks('SignupConfirmEmailComplete', array($user));
return true;
}
/**
* @param User $user
* @param string $newaddr
* @return Status
*/
private function attemptChange(User $user, $newaddr)
{
$authManager = AuthManager::singleton();
if ($newaddr != '' && !Sanitizer::validateEmail($newaddr)) {
return Status::newFatal('invalidemailaddress');
}
if ($newaddr === $user->getEmail()) {
return Status::newFatal('changeemail-nochange');
}
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation($newaddr);
if (!$status->isGood()) {
return $status;
}
Hooks::run('PrefsEmailAudit', [$user, $oldaddr, $newaddr]);
$user->saveSettings();
MediaWiki\Auth\AuthManager::callLegacyAuthPlugin('updateExternalDB', [$user]);
return $status;
}
/**
* @param $user User
* @param $pass string
* @param $newaddr string
* @return bool|string true or string on success, false on failure
*/
protected function attemptChange(User $user, $pass, $newaddr)
{
if ($newaddr != '' && !Sanitizer::validateEmail($newaddr)) {
$this->error('invalidemailaddress');
return false;
}
$throttleCount = LoginForm::incLoginThrottle($user->getName());
if ($throttleCount === true) {
$this->error('login-throttled');
return false;
}
global $wgRequirePasswordforEmailChange;
if ($wgRequirePasswordforEmailChange && !$user->checkTemporaryPassword($pass) && !$user->checkPassword($pass)) {
$this->error('wrongpassword');
return false;
}
if ($throttleCount) {
LoginForm::clearLoginThrottle($user->getName());
}
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation($newaddr);
if (!$status->isGood()) {
$this->getOutput()->addHTML('<p class="error">' . $this->getOutput()->parseInline($status->getWikiText('mailerror')) . '</p>');
return false;
}
wfRunHooks('PrefsEmailAudit', array($user, $oldaddr, $newaddr));
$user->saveSettings();
return $status->value;
}
/**
* save settings for temp user - update username, passwordm email for temp user before saving
* @param User object $user
*/
public function saveSettingsTempUserToUser(User &$user)
{
if ($user->mId == 0) {
$user->mId = $this->getId();
}
$user->mName = self::getDefaultName($user->mId);
$user->mPassword = self::DefaultPassword;
$user->mEmail = self::DefaultEmail;
$user->saveSettings();
}
