/** * @dataProvider provideMaxOfPolicies * @covers UserPasswordPolicy::maxOfPolicies */ public function testMaxOfPolicies($p1, $p2, $max, $msg) { $this->assertArrayEquals($max, UserPasswordPolicy::maxOfPolicies($p1, $p2), $msg); }
/** * Check if this is a valid password for this user * * Create a Status object based on the password's validity. * The Status should be set to fatal if the user should not * be allowed to log in, and should have any errors that * would block changing the password. * * If the return value of this is not OK, the password * should not be checked. If the return value is not Good, * the password can be checked, but the user should not be * able to set their password to this. * * @param string $password Desired password * @param string $purpose one of 'login', 'create', 'reset' * @return Status * @since 1.23 */ public function checkPasswordValidity($password, $purpose = 'login') { global $wgPasswordPolicy; $upp = new UserPasswordPolicy($wgPasswordPolicy['policies'], $wgPasswordPolicy['checks']); $status = Status::newGood(); $result = false; //init $result to false for the internal checks if (!Hooks::run('isValidPassword', array($password, &$result, $this))) { $status->error($result); return $status; } if ($result === false) { $status->merge($upp->checkUserPassword($this, $password, $purpose)); return $status; } elseif ($result === true) { return $status; } else { $status->error($result); return $status; //the isValidPassword hook set a string $result and returned true } }
/** * @return bool */ public function submit() { global $wgPasswordPolicy; $retVal = true; $this->parent->setVarsFromRequest(['wgSitename', '_NamespaceType', '_AdminName', '_AdminPassword', '_AdminPasswordConfirm', '_AdminEmail', '_Subscribe', '_SkipOptional', 'wgMetaNamespace']); // Validate site name if (strval($this->getVar('wgSitename')) === '') { $this->parent->showError('config-site-name-blank'); $retVal = false; } // Fetch namespace $nsType = $this->getVar('_NamespaceType'); if ($nsType == 'site-name') { $name = $this->getVar('wgSitename'); // Sanitize for namespace // This algorithm should match the JS one in WebInstallerOutput.php $name = preg_replace('/[\\[\\]\\{\\}|#<>%+? ]/', '_', $name); $name = str_replace('&', '&', $name); $name = preg_replace('/__+/', '_', $name); $name = ucfirst(trim($name, '_')); } elseif ($nsType == 'generic') { $name = wfMessage('config-ns-generic')->text(); } else { // other $name = $this->getVar('wgMetaNamespace'); } // Validate namespace if (strpos($name, ':') !== false) { $good = false; } else { // Title-style validation $title = Title::newFromText($name); if (!$title) { $good = $nsType == 'site-name'; } else { $name = $title->getDBkey(); $good = true; } } if (!$good) { $this->parent->showError('config-ns-invalid', $name); $retVal = false; } // Make sure it won't conflict with any existing namespaces global $wgContLang; $nsIndex = $wgContLang->getNsIndex($name); if ($nsIndex !== false && $nsIndex !== NS_PROJECT) { $this->parent->showError('config-ns-conflict', $name); $retVal = false; } $this->setVar('wgMetaNamespace', $name); // Validate username for creation $name = $this->getVar('_AdminName'); if (strval($name) === '') { $this->parent->showError('config-admin-name-blank'); $cname = $name; $retVal = false; } else { $cname = User::getCanonicalName($name, 'creatable'); if ($cname === false) { $this->parent->showError('config-admin-name-invalid', $name); $retVal = false; } else { $this->setVar('_AdminName', $cname); } } // Validate password $msg = false; $pwd = $this->getVar('_AdminPassword'); $user = User::newFromName($cname); if ($user) { $upp = new UserPasswordPolicy($wgPasswordPolicy['policies'], $wgPasswordPolicy['checks']); $status = $upp->checkUserPasswordForGroups($user, $pwd, ['bureaucrat', 'sysop']); $valid = $status->isGood() ? true : $status->getMessage(); } else { $valid = 'config-admin-name-invalid'; } if (strval($pwd) === '') { // Provide a more specific and helpful message if password field is left blank $msg = 'config-admin-password-blank'; } elseif ($pwd !== $this->getVar('_AdminPasswordConfirm')) { $msg = 'config-admin-password-mismatch'; } elseif ($valid !== true) { $msg = $valid; } if ($msg !== false) { call_user_func([$this->parent, 'showError'], $msg); $this->setVar('_AdminPassword', ''); $this->setVar('_AdminPasswordConfirm', ''); $retVal = false; } // Validate e-mail if provided $email = $this->getVar('_AdminEmail'); if ($email && !Sanitizer::validateEmail($email)) { $this->parent->showError('config-admin-error-bademail'); $retVal = false; } // If they asked to subscribe to mediawiki-announce but didn't give // an e-mail, show an error. Bug 29332 if (!$email && $this->getVar('_Subscribe')) { $this->parent->showError('config-subscribe-noemail'); $retVal = false; } return $retVal; }