private function save(array $data)
{
$bp = BotPassword::newUnsaved(['centralId' => $this->userId, 'appId' => $this->par, 'restrictions' => MWRestrictions::newFromJson($data['restrictions']), 'grants' => array_merge(MWGrants::getHiddenGrants(), preg_replace('/^grant-/', '', $data['grants']))]);
if ($this->operation === 'insert' || !empty($data['resetPassword'])) {
$this->password = PasswordFactory::generateRandomPasswordString(max(32, $this->getConfig()->get('MinimalPasswordLength')));
$passwordFactory = new PasswordFactory();
$passwordFactory->init(RequestContext::getMain()->getConfig());
$password = $passwordFactory->newFromPlaintext($this->password);
} else {
$password = null;
}
if ($bp->save($this->operation, $password)) {
return Status::newGood();
} else {
// Messages: botpasswords-insert-failed, botpasswords-update-failed
return Status::newFatal("botpasswords-{$this->operation}-failed", $this->par);
}
}
/**
* @covers MWGrants::getHiddenGrants
*/
public function testGetHiddenGrants()
{
$this->assertSame(['hidden1', 'hidden2'], MWGrants::getHiddenGrants());
}
public function refreshSessionInfo(SessionInfo $info, WebRequest $request, &$metadata)
{
$missingKeys = array_diff(['centralId', 'appId', 'token'], array_keys($metadata));
if ($missingKeys) {
$this->logger->info('Session "{session}": Missing metadata: {missing}', ['session' => $info, 'missing' => implode(', ', $missingKeys)]);
return false;
}
$bp = BotPassword::newFromCentralId($metadata['centralId'], $metadata['appId']);
if (!$bp) {
$this->logger->info('Session "{session}": No BotPassword for {centralId} {appId}', ['session' => $info, 'centralId' => $metadata['centralId'], 'appId' => $metadata['appId']]);
return false;
}
if (!hash_equals($metadata['token'], $bp->getToken())) {
$this->logger->info('Session "{session}": BotPassword token check failed', ['session' => $info, 'centralId' => $metadata['centralId'], 'appId' => $metadata['appId']]);
return false;
}
$status = $bp->getRestrictions()->check($request);
if (!$status->isOK()) {
$this->logger->info('Session "{session}": Restrictions check failed', ['session' => $info, 'restrictions' => $status->getValue(), 'centralId' => $metadata['centralId'], 'appId' => $metadata['appId']]);
return false;
}
// Update saved rights
$metadata['rights'] = \MWGrants::getGrantRights($bp->getGrants());
return true;
}
public function refreshSessionInfo(SessionInfo $info, WebRequest $request, &$metadata)
{
$missingKeys = array_diff(array('centralId', 'appId', 'token'), array_keys($metadata));
if ($missingKeys) {
$this->logger->info("Session {$info}: Missing metadata: " . join(', ', $missingKeys));
return false;
}
$bp = BotPassword::newFromCentralId($metadata['centralId'], $metadata['appId']);
if (!$bp) {
$this->logger->info("Session {$info}: No BotPassword for {$metadata['centralId']} {$metadata['appId']}");
return false;
}
if (!hash_equals($metadata['token'], $bp->getToken())) {
$this->logger->info("Session {$info}: BotPassword token check failed");
return false;
}
$status = $bp->getRestrictions()->check($request);
if (!$status->isOk()) {
$this->logger->info("Session {$info}: Restrictions check failed", $status->getValue());
return false;
}
// Update saved rights
$metadata['rights'] = \MWGrants::getGrantRights($bp->getGrants());
return true;
}
