/** * @param User $user * @param string $newaddr * @return Status */ private function attemptChange(User $user, $newaddr) { $authManager = AuthManager::singleton(); if ($newaddr != '' && !Sanitizer::validateEmail($newaddr)) { return Status::newFatal('invalidemailaddress'); } if ($newaddr === $user->getEmail()) { return Status::newFatal('changeemail-nochange'); } $oldaddr = $user->getEmail(); $status = $user->setEmailWithConfirmation($newaddr); if (!$status->isGood()) { return $status; } Hooks::run('PrefsEmailAudit', [$user, $oldaddr, $newaddr]); $user->saveSettings(); MediaWiki\Auth\AuthManager::callLegacyAuthPlugin('updateExternalDB', [$user]); return $status; }
public function invalidateSessionsForUser(User $user) { $user->setToken(); $user->saveSettings(); $authUser = \MediaWiki\Auth\AuthManager::callLegacyAuthPlugin('getUserInstance', [&$user]); if ($authUser) { $authUser->resetAuthToken(); } foreach ($this->getProviders() as $provider) { $provider->invalidateSessionsForUser($user); } }
/** * Handle the form submission if everything validated properly * * @param array $formData * @param PreferencesForm $form * @return bool|Status|string */ static function tryFormSubmit($formData, $form) { $user = $form->getModifiedUser(); $hiddenPrefs = $form->getConfig()->get('HiddenPrefs'); $result = true; if (!$user->isAllowedAny('editmyprivateinfo', 'editmyoptions')) { return Status::newFatal('mypreferencesprotected'); } // Filter input foreach (array_keys($formData) as $name) { if (isset(self::$saveFilters[$name])) { $formData[$name] = call_user_func(self::$saveFilters[$name], $formData[$name], $formData); } } // Fortunately, the realname field is MUCH simpler // (not really "private", but still shouldn't be edited without permission) if (!in_array('realname', $hiddenPrefs) && $user->isAllowed('editmyprivateinfo') && array_key_exists('realname', $formData)) { $realName = $formData['realname']; $user->setRealName($realName); } if ($user->isAllowed('editmyoptions')) { foreach (self::$saveBlacklist as $b) { unset($formData[$b]); } # If users have saved a value for a preference which has subsequently been disabled # via $wgHiddenPrefs, we don't want to destroy that setting in case the preference # is subsequently re-enabled foreach ($hiddenPrefs as $pref) { # If the user has not set a non-default value here, the default will be returned # and subsequently discarded $formData[$pref] = $user->getOption($pref, null, true); } // Keep old preferences from interfering due to back-compat code, etc. $user->resetOptions('unused', $form->getContext()); foreach ($formData as $key => $value) { $user->setOption($key, $value); } Hooks::run('PreferencesFormPreSave', [$formData, $form, $user, &$result]); } MediaWiki\Auth\AuthManager::callLegacyAuthPlugin('updateExternalDB', [$user]); $user->saveSettings(); return $result; }
/** * Check if user account is hidden * * @return bool True if hidden, false otherwise */ public function isHidden() { if ($this->mHideName !== null) { return $this->mHideName; } $this->getBlockedStatus(); if (!$this->mHideName) { $authUser = AuthManager::callLegacyAuthPlugin('getUserInstance', [&$this], null); $this->mHideName = $authUser && $authUser->isHidden(); Hooks::run('UserIsHidden', [$this, &$this->mHideName]); } return $this->mHideName; }