/** * Format the rows (generated by SpecialRecentchanges or SpecialRecentchangeslinked) * as an RSS/Atom feed. */ public function execute() { $config = $this->getConfig(); $this->params = $this->extractRequestParams(); if (!$config->get('Feed')) { $this->dieUsage('Syndication feeds are not available', 'feed-unavailable'); } $feedClasses = $config->get('FeedClasses'); if (!isset($feedClasses[$this->params['feedformat']])) { $this->dieUsage('Invalid subscription feed type', 'feed-invalid'); } $this->getMain()->setCacheMode('public'); if (!$this->getMain()->getParameter('smaxage')) { // bug 63249: This page gets hit a lot, cache at least 15 seconds. $this->getMain()->setCacheMaxAge(15); } $feedFormat = $this->params['feedformat']; $specialClass = $this->params['target'] !== null ? 'SpecialRecentchangeslinked' : 'SpecialRecentchanges'; $formatter = $this->getFeedObject($feedFormat, $specialClass); // Parameters are passed via the request in the context… :( $context = new DerivativeContext($this); $context->setRequest(new DerivativeRequest($this->getRequest(), $this->params, $this->getRequest()->wasPosted())); // The row-getting functionality should be factored out of ChangesListSpecialPage too… $rc = new $specialClass(); $rc->setContext($context); $rows = $rc->getRows(); $feedItems = $rows ? ChangesFeed::buildItems($rows) : array(); ApiFormatFeedWrapper::setResult($this->getResult(), $formatter, $feedItems); }
private static function getManager($continue, $allModules, $generatedModules) { $context = new DerivativeContext(RequestContext::getMain()); $context->setRequest(new FauxRequest(array('continue' => $continue))); $main = new ApiMain($context); return new ApiContinuationManager($main, $allModules, $generatedModules); }
/** * @dataProvider provideValidate */ public function testForm($text, $value) { $form = HTMLForm::factory('ooui', ['restrictions' => ['class' => HTMLRestrictionsField::class]]); $request = new FauxRequest(['wprestrictions' => $text], true); $context = new DerivativeContext(RequestContext::getMain()); $context->setRequest($request); $form->setContext($context); $form->setTitle(Title::newFromText('Main Page'))->setSubmitCallback(function () { return true; })->prepareForm(); $status = $form->trySubmit(); if ($status instanceof StatusValue) { $this->assertEquals($value !== false, $status->isGood()); } elseif ($value === false) { $this->assertNotSame(true, $status); } else { $this->assertSame(true, $status); } if ($value !== false) { $restrictions = $form->mFieldData['restrictions']; $this->assertInstanceOf(MWRestrictions::class, $restrictions); $this->assertEquals($value, $restrictions->toArray()['IPAddresses']); } // sanity $form->getHTML($status); }
private function getContext($requestedAction = null) { $request = new FauxRequest(array('action' => $requestedAction)); $context = new DerivativeContext(RequestContext::getMain()); $context->setRequest($request); $context->setWikiPage($this->getPage()); return $context; }
/** * Returns a DerivativeContext with the request variables in place * * @param $request WebRequest request object including parameters and session * @param $user User or null * @return DerivativeContext */ public function newTestContext(WebRequest $request, User $user = null) { $context = new DerivativeContext($this); $context->setRequest($request); if ($user !== null) { $context->setUser($user); } return $context; }
/** * @param string $url * @param array $cookies * @return MobileContext */ private function makeContext($url = '/', $cookies = array()) { $context = new DerivativeContext(RequestContext::getMain()); $context->setRequest(new MFFauxRequest($url, $cookies)); $context->setOutput(new OutputPage($context)); $instance = unserialize('O:13:"MobileContext":0:{}'); $instance->setContext($context); return $instance; }
/** * @param WebRequest|null $request * @param Language|string|null $language * @param User|null $user * * @return DerivativeContext */ private function newContext(WebRequest $request = null, $language = null, User $user = null) { $context = new DerivativeContext(RequestContext::getMain()); $context->setRequest($request ?: new FauxRequest()); if ($language !== null) { $context->setLanguage($language); } if ($user !== null) { $context->setUser($user); } $this->setEditTokenFromUser($context); return $context; }
/** * @param string $url * @param array $cookies * @return MobileContext */ private function makeContext($url = '/', $cookies = array()) { $query = array(); if ($url) { $params = wfParseUrl(wfExpandUrl($url)); if (isset($params['query'])) { $query = wfCgiToArray($params['query']); } } $request = new FauxRequest($query); $request->setRequestURL($url); $request->setCookies($cookies, ''); $context = new DerivativeContext(RequestContext::getMain()); $context->setRequest($request); $context->setOutput(new OutputPage($context)); $instance = unserialize('O:13:"MobileContext":0:{}'); $instance->setContext($context); return $instance; }
/** * @dataProvider provideGetParameterFromSettings * @param string|null $input * @param array $paramSettings * @param mixed $expected * @param string[] $warnings */ public function testGetParameterFromSettings($input, $paramSettings, $expected, $warnings) { $mock = new MockApi(); $wrapper = TestingAccessWrapper::newFromObject($mock); $context = new DerivativeContext($mock); $context->setRequest(new FauxRequest($input !== null ? ['foo' => $input] : [])); $wrapper->mMainModule = new ApiMain($context); if ($expected instanceof UsageException) { try { $wrapper->getParameterFromSettings('foo', $paramSettings, true); } catch (UsageException $ex) { $this->assertEquals($expected, $ex); } } else { $result = $wrapper->getParameterFromSettings('foo', $paramSettings, true); $this->assertSame($expected, $result); $this->assertSame($warnings, $mock->warnings); } }
/** * Creates a new set of object for the actual test context, including a new * outputpage and skintemplate. * * @param string $mode The mode for the test cases (desktop, mobile) * @return array Array of objects, including MobileContext (context), * SkinTemplate (sk) and OutputPage (out) */ protected function getContextSetup($mode, $mfXAnalyticsItems) { // Create a new MobileContext object for this test MobileContext::setInstance(null); // create a new instance of MobileContext $context = MobileContext::singleton(); // create a DerivativeContext to use in MobileContext later $mainContext = new DerivativeContext(RequestContext::getMain()); // create a new, empty OutputPage $out = new OutputPage($context); // create a new, empty SkinTemplate $sk = new SkinTemplate(); // create a new Title (main page) $title = Title::newMainPage(); // create a FauxRequest to use instead of a WebRequest object (FauxRequest forces // the creation of a FauxResponse, which allows to investigate sent header values) $request = new FauxRequest(); // set the new request object to the context $mainContext->setRequest($request); // set the main page title to the context $mainContext->setTitle($title); // set the context to the SkinTemplate $sk->setContext($mainContext); // set the OutputPage to the context $mainContext->setOutput($out); // set the DerivativeContext as a base to MobileContext $context->setContext($mainContext); // set the mode to MobileContext $context->setUseFormat($mode); // if there are any XAnalytics items, add them foreach ($mfXAnalyticsItems as $key => $val) { $context->addAnalyticsLogItem($key, $val); } // set the newly created MobileContext object as the current instance to use MobileContext::setInstance($context); // return the stuff return array('out' => $out, 'sk' => $sk, 'context' => $context); }
/** * @param AuthenticationRequest[] $requests * @param string $action AuthManager action name (one of the AuthManager::ACTION_* constants) * @return HTMLForm */ protected function getAuthForm(array $requests, $action) { $formDescriptor = $this->getAuthFormDescriptor($requests, $action); $context = $this->getContext(); if ($context->getRequest() !== $this->getRequest()) { // We have overridden the request, need to make sure the form uses that too. $context = new DerivativeContext($this->getContext()); $context->setRequest($this->getRequest()); } $form = HTMLForm::factory('ooui', $formDescriptor, $context); $form->setAction($this->getFullTitle()->getFullURL($this->getPreservedParams())); $form->addHiddenField($this->getTokenName(), $this->getToken()->toString()); $form->addHiddenField('authAction', $this->authAction); $form->suppressDefaultSubmit(!$this->needsSubmitButton($formDescriptor)); return $form; }
/** * Generates a form from the given request. * @param AuthenticationRequest[] $requests * @param string $action AuthManager action name * @param string|Message $msg * @param string $msgType * @return HTMLForm */ protected function getAuthForm(array $requests, $action, $msg = '', $msgType = 'error') { global $wgSecureLogin, $wgLoginLanguageSelector; // FIXME merge this with parent if (isset($this->authForm)) { return $this->authForm; } $usingHTTPS = $this->getRequest()->getProtocol() === 'https'; // get basic form description from the auth logic $fieldInfo = AuthenticationRequest::mergeFieldInfo($requests); $fakeTemplate = $this->getFakeTemplate($msg, $msgType); $this->fakeTemplate = $fakeTemplate; // FIXME there should be a saner way to pass this to the hook // this will call onAuthChangeFormFields() $formDescriptor = static::fieldInfoToFormDescriptor($requests, $fieldInfo, $this->authAction); $this->postProcessFormDescriptor($formDescriptor, $requests); $context = $this->getContext(); if ($context->getRequest() !== $this->getRequest()) { // We have overridden the request, need to make sure the form uses that too. $context = new DerivativeContext($this->getContext()); $context->setRequest($this->getRequest()); } $form = HTMLForm::factory('vform', $formDescriptor, $context); $form->addHiddenField('authAction', $this->authAction); if ($wgLoginLanguageSelector) { $form->addHiddenField('uselang', $this->mLanguage); } $form->addHiddenField('force', $this->securityLevel); $form->addHiddenField($this->getTokenName(), $this->getToken()->toString()); if ($wgSecureLogin) { // If using HTTPS coming from HTTP, then the 'fromhttp' parameter must be preserved if (!$this->isSignup()) { $form->addHiddenField('wpForceHttps', (int) $this->mStickHTTPS); $form->addHiddenField('wpFromhttp', $usingHTTPS); } } // set properties of the form itself $form->setAction($this->getPageTitle()->getLocalURL($this->getReturnToQueryStringFragment())); $form->setName('userlogin' . ($this->isSignup() ? '2' : '')); if ($this->isSignup()) { $form->setId('userlogin2'); } $form->suppressDefaultSubmit(); $this->authForm = $form; return $form; }
/** * @param $title Title * @param $summary string * @param $context IContextSource * @todo rework this to use a generic CollaborationList editor function once it exists */ public static function postMemberList(Title $title, $summary, IContextSource $context) { $username = $context->getUser()->getName(); $collabList = self::makeMemberList($username, $context->msg('collaborationkit-hub-members-description')); // Ensure that a valid context is provided to the API in unit tests $der = new DerivativeContext($context); $request = new DerivativeRequest($context->getRequest(), ['action' => 'edit', 'title' => $title->getFullText(), 'contentmodel' => 'CollaborationListContent', 'contentformat' => 'application/json', 'text' => $collabList->serialize(), 'summary' => $summary, 'token' => $context->getUser()->getEditToken()], true); $der->setRequest($request); try { $api = new ApiMain($der, true); $api->execute(); } catch (UsageException $e) { return Status::newFatal($context->msg('collaborationkit-hub-edit-apierror', $e->getCodeString())); } return Status::newGood(); }
/** * Executes the log-in attempt using the parameters passed. If * the log-in succeeds, it attaches a cookie to the session * and outputs the user id, username, and session token. If a * log-in fails, as the result of a bad password, a nonexistent * user, or any other reason, the host is cached with an expiry * and no log-in attempts will be accepted until that expiry * is reached. The expiry is $this->mLoginThrottle. */ public function execute() { // If we're in a mode that breaks the same-origin policy, no tokens can // be obtained if ($this->lacksSameOriginSecurity()) { $this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied')); return; } $params = $this->extractRequestParams(); $result = array(); // Init session if necessary if (session_id() == '') { wfSetupSession(); } $context = new DerivativeContext($this->getContext()); $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => ''))); $loginForm = new LoginForm(); $loginForm->setContext($context); $authRes = $loginForm->authenticateUserData(); switch ($authRes) { case LoginForm::SUCCESS: $user = $context->getUser(); $this->getContext()->setUser($user); $user->setCookies($this->getRequest(), null, true); ApiQueryInfo::resetTokenCache(); // Run hooks. // @todo FIXME: Split back and frontend from this hook. // @todo FIXME: This hook should be placed in the backend $injected_html = ''; Hooks::run('UserLoginComplete', array(&$user, &$injected_html)); $result['result'] = 'Success'; $result['lguserid'] = intval($user->getId()); $result['lgusername'] = $user->getName(); $result['lgtoken'] = $user->getToken(); $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix'); $result['sessionid'] = session_id(); break; case LoginForm::NEED_TOKEN: $result['result'] = 'NeedToken'; $result['token'] = $loginForm->getLoginToken(); $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix'); $result['sessionid'] = session_id(); break; case LoginForm::WRONG_TOKEN: $result['result'] = 'WrongToken'; break; case LoginForm::NO_NAME: $result['result'] = 'NoName'; break; case LoginForm::ILLEGAL: $result['result'] = 'Illegal'; break; case LoginForm::WRONG_PLUGIN_PASS: $result['result'] = 'WrongPluginPass'; break; case LoginForm::NOT_EXISTS: $result['result'] = 'NotExists'; break; // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin: // The e-mailed temporary password should not be used for actual logins. // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin: // The e-mailed temporary password should not be used for actual logins. case LoginForm::RESET_PASS: case LoginForm::WRONG_PASS: $result['result'] = 'WrongPass'; break; case LoginForm::EMPTY_PASS: $result['result'] = 'EmptyPass'; break; case LoginForm::CREATE_BLOCKED: $result['result'] = 'CreateBlocked'; $result['details'] = 'Your IP address is blocked from account creation'; $block = $context->getUser()->getBlock(); if ($block) { $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block)); } break; case LoginForm::THROTTLED: $result['result'] = 'Throttled'; $throttle = $this->getConfig()->get('PasswordAttemptThrottle'); $result['wait'] = intval($throttle['seconds']); break; case LoginForm::USER_BLOCKED: $result['result'] = 'Blocked'; $block = User::newFromName($params['name'])->getBlock(); if ($block) { $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block)); } break; case LoginForm::ABORTED: $result['result'] = 'Aborted'; $result['reason'] = $loginForm->mAbortLoginErrorMsg; break; default: ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}"); } $this->getResult()->addValue(null, 'login', $result); LoggerFactory::getInstance('authmanager')->info('Login attempt', array('event' => 'login', 'successful' => $authRes === LoginForm::SUCCESS, 'status' => LoginForm::$statusCodes[$authRes])); }
function __construct(Page $page, $request = false) { wfDeprecated(__CLASS__, '1.19'); parent::__construct($page); if ($request !== false) { $context = new DerivativeContext($this->getContext()); $context->setRequest($request); $this->context = $context; } }
/** * @param $data array * @return Status */ public function onSubmit(array $data) { $title = Title::newFromText($data['title']); if (!$title) { return Status::newFatal('collaborationkit-createhub-invalidtitle'); } elseif ($title->exists()) { // TODO: Add an option to import it to itself as target if the page already exists, archiving the existing page to a subpage (T136475) return Status::newFatal('collaborationkit-createhub-exists'); } elseif (!$title->userCan('edit') || !$title->userCan('create') || !$title->userCan('editcontentmodel')) { return Status::newFatal('collaborationhkit-createhub-nopermission'); } /* Comment this out until it's actually implemented (T135408) // ACTUAL STUFF HERE if ( $data['content_source'] !== 'new' ) { // Importing from wikitext $source = Title::newFromText( $data['source'] ); if ( !$source ) { return Status::newFatal( 'collaborationkit-createhub-invalidsource' ); } if ( $data['content_source'] === 'clone' ) { // Copy another hub // Just copy some of the bits... // TODO prefill the actual content } elseif ( $data['content_source'] === 'import' ) { // Do some magic based on the source: // If wikiproject x project: get module list, recreate modules // If regular page: pull headers // TODO prefill the actual content } // Render preview? } else { // ...? } */ $title = Title::newFromText($data['title']); if (!$title) { return Status::newFatal('collaborationkit-createhub-invalidtitle'); } $result = CollaborationHubContentHandler::edit($title, $data['display_name'], $data['icon'], $data['colour'], $data['introduction'], '', [], $this->msg('collaborationkit-createhub-editsummary')->inContentLanguage()->plain(), $this->getContext()); if (!$result->isGood()) { return $result; } $memberListTitle = Title::newFromText($data['title'] . '/' . $this->msg('collaborationkit-hub-pagetitle-members')); if (!$memberListTitle) { return Status::newFatal('collaborationkit-createhub-invalidtitle'); } $memberResult = CollaborationListContentHandler::postMemberList($memberListTitle, $this->msg('collaborationkit-createhub-editsummary')->inContentLanguage()->plain(), $this->getContext()); if (!$memberResult->isGood()) { return $memberResult; } $announcementsTitle = Title::newFromText($data['title'] . '/' . $this->msg('collaborationkit-hub-pagetitle-announcements')->inContentLanguage()->plain()); if (!$announcementsTitle) { return Status::newFatal('collaborationkit-createhub-invalidtitle'); } // Ensure that a valid context is provided to the API in unit tests $context = $this->getContext(); $der = new DerivativeContext($context); $request = new DerivativeRequest($context->getRequest(), ['action' => 'edit', 'title' => $announcementsTitle->getFullText(), 'text' => "* " . $context->msg('collaborationkit-hub-announcements-initial')->inContentLanguage()->plain() . " ~~~~~", 'summary' => $context->msg('collaborationkit-createhub-editsummary')->inContentLanguage()->plain(), 'token' => $context->getUser()->getEditToken()], true); $der->setRequest($request); try { $api = new ApiMain($der, true); $api->execute(); } catch (UsageException $e) { return Status::newFatal($context->msg('collaborationkit-hub-edit-apierror', $e->getCodeString())); } // Once all the pages we want to create are created, we send them to the first one $this->getOutput()->redirect($title->getFullUrl()); return Status::newGood(); }
private function executeQuery($request) { $this->mContext->setRequest(new FauxRequest($request, true, $this->mSession)); $this->mTested->execute(); return $this->mTested->getResult()->getData(); }
/** * Returns a DerivativeContext with the request variables in place * * @param $params Array key-value API params * @param $session Array session data * @param $user User or null * @return DerivativeContext */ public function newTestContext($params, $session, $user = null) { $context = new DerivativeContext($this); $context->setRequest(new FauxRequest($params, true, $session)); if ($user !== null) { $context->setUser($user); } return $context; }
public function execute() { // If we're in a mode that breaks the same-origin policy, no tokens can // be obtained if ($this->lacksSameOriginSecurity()) { $this->dieUsage('Cannot create account when the same-origin policy is not applied', 'aborted'); } // $loginForm->addNewaccountInternal will throw exceptions // if wiki is read only (already handled by api), user is blocked or does not have rights. // Use userCan in order to hit GlobalBlock checks (according to Special:userlogin) $loginTitle = SpecialPage::getTitleFor('Userlogin'); if (!$loginTitle->userCan('createaccount', $this->getUser())) { $this->dieUsage('You do not have the right to create a new account', 'permdenied-createaccount'); } if ($this->getUser()->isBlockedFromCreateAccount()) { $this->dieUsage('You cannot create a new account because you are blocked', 'blocked', 0, array('blockinfo' => ApiQueryUserInfo::getBlockInfo($this->getUser()->getBlock()))); } $params = $this->extractRequestParams(); // Init session if necessary if (session_id() == '') { wfSetupSession(); } if ($params['mailpassword'] && !$params['email']) { $this->dieUsageMsg('noemail'); } if ($params['language'] && !Language::isSupportedLanguage($params['language'])) { $this->dieUsage('Invalid language parameter', 'langinvalid'); } $context = new DerivativeContext($this->getContext()); $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('type' => 'signup', 'uselang' => $params['language'], 'wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpRetype' => $params['password'], 'wpDomain' => $params['domain'], 'wpEmail' => $params['email'], 'wpRealName' => $params['realname'], 'wpCreateaccountToken' => $params['token'], 'wpCreateaccount' => $params['mailpassword'] ? null : '1', 'wpCreateaccountMail' => $params['mailpassword'] ? '1' : null))); $loginForm = new LoginForm(); $loginForm->setContext($context); Hooks::run('AddNewAccountApiForm', array($this, $loginForm)); $loginForm->load(); $status = $loginForm->addNewaccountInternal(); $result = array(); if ($status->isGood()) { // Success! $user = $status->getValue(); if ($params['language']) { $user->setOption('language', $params['language']); } if ($params['mailpassword']) { // If mailpassword was set, disable the password and send an email. $user->setPassword(null); $status->merge($loginForm->mailPasswordInternal($user, false, 'createaccount-title', 'createaccount-text')); } elseif ($this->getConfig()->get('EmailAuthentication') && Sanitizer::validateEmail($user->getEmail())) { // Send out an email authentication message if needed $status->merge($user->sendConfirmationMail()); } // Save settings (including confirmation token) $user->saveSettings(); Hooks::run('AddNewAccount', array($user, $params['mailpassword'])); if ($params['mailpassword']) { $logAction = 'byemail'; } elseif ($this->getUser()->isLoggedIn()) { $logAction = 'create2'; } else { $logAction = 'create'; } $user->addNewUserLogEntry($logAction, (string) $params['reason']); // Add username, id, and token to result. $result['username'] = $user->getName(); $result['userid'] = $user->getId(); $result['token'] = $user->getToken(); } $apiResult = $this->getResult(); if ($status->hasMessage('sessionfailure') || $status->hasMessage('nocookiesfornew')) { // Token was incorrect, so add it to result, but don't throw an exception // since not having the correct token is part of the normal // flow of events. $result['token'] = LoginForm::getCreateaccountToken(); $result['result'] = 'NeedToken'; } elseif (!$status->isOK()) { // There was an error. Die now. $this->dieStatus($status); } elseif (!$status->isGood()) { // Status is not good, but OK. This means warnings. $result['result'] = 'Warning'; // Add any warnings to the result $warnings = $status->getErrorsByType('warning'); if ($warnings) { foreach ($warnings as &$warning) { ApiResult::setIndexedTagName($warning['params'], 'param'); } ApiResult::setIndexedTagName($warnings, 'warning'); $result['warnings'] = $warnings; } } else { // Everything was fine. $result['result'] = 'Success'; } // Give extensions a chance to modify the API result data Hooks::run('AddNewAccountApiResult', array($this, $loginForm, &$result)); $apiResult->addValue(null, 'createaccount', $result); }
/** * Executes the log-in attempt using the parameters passed. If * the log-in succeeds, it attaches a cookie to the session * and outputs the user id, username, and session token. If a * log-in fails, as the result of a bad password, a nonexistent * user, or any other reason, the host is cached with an expiry * and no log-in attempts will be accepted until that expiry * is reached. The expiry is $this->mLoginThrottle. */ public function execute() { // If we're in a mode that breaks the same-origin policy, no tokens can // be obtained if ($this->lacksSameOriginSecurity()) { $this->getResult()->addValue(null, 'login', ['result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied']); return; } $params = $this->extractRequestParams(); $result = []; // Make sure session is persisted $session = MediaWiki\Session\SessionManager::getGlobalSession(); $session->persist(); // Make sure it's possible to log in if (!$session->canSetUser()) { $this->getResult()->addValue(null, 'login', ['result' => 'Aborted', 'reason' => 'Cannot log in when using ' . $session->getProvider()->describe(Language::factory('en'))]); return; } $authRes = false; $context = new DerivativeContext($this->getContext()); $loginType = 'N/A'; // Check login token $token = $session->getToken('', 'login'); if ($token->wasNew() || !$params['token']) { $authRes = 'NeedToken'; } elseif (!$token->match($params['token'])) { $authRes = 'WrongToken'; } // Try bot passwords if ($authRes === false && $this->getConfig()->get('EnableBotPasswords') && strpos($params['name'], BotPassword::getSeparator()) !== false) { $status = BotPassword::login($params['name'], $params['password'], $this->getRequest()); if ($status->isOK()) { $session = $status->getValue(); $authRes = 'Success'; $loginType = 'BotPassword'; } else { $authRes = 'Failed'; $message = $status->getMessage(); LoggerFactory::getInstance('authmanager')->info('BotPassword login failed: ' . $status->getWikiText(false, false, 'en')); } } if ($authRes === false) { if ($this->getConfig()->get('DisableAuthManager')) { // Non-AuthManager login $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), ['wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => ''])); $loginForm = new LoginForm(); $loginForm->setContext($context); $authRes = $loginForm->authenticateUserData(); $loginType = 'LoginForm'; switch ($authRes) { case LoginForm::SUCCESS: $authRes = 'Success'; break; case LoginForm::NEED_TOKEN: $authRes = 'NeedToken'; break; } } else { // Simplified AuthManager login, for backwards compatibility $manager = AuthManager::singleton(); $reqs = AuthenticationRequest::loadRequestsFromSubmission($manager->getAuthenticationRequests(AuthManager::ACTION_LOGIN, $this->getUser()), ['username' => $params['name'], 'password' => $params['password'], 'domain' => $params['domain'], 'rememberMe' => true]); $res = AuthManager::singleton()->beginAuthentication($reqs, 'null:'); switch ($res->status) { case AuthenticationResponse::PASS: if ($this->getConfig()->get('EnableBotPasswords')) { $warn = 'Main-account login via action=login is deprecated and may stop working ' . 'without warning.'; $warn .= ' To continue login with action=login, see [[Special:BotPasswords]].'; $warn .= ' To safely continue using main-account login, see action=clientlogin.'; } else { $warn = 'Login via action=login is deprecated and may stop working without warning.'; $warn .= ' To safely log in, see action=clientlogin.'; } $this->setWarning($warn); $authRes = 'Success'; $loginType = 'AuthManager'; break; case AuthenticationResponse::FAIL: // Hope it's not a PreAuthenticationProvider that failed... $authRes = 'Failed'; $message = $res->message; \MediaWiki\Logger\LoggerFactory::getInstance('authentication')->info(__METHOD__ . ': Authentication failed: ' . $message->plain()); break; default: $authRes = 'Aborted'; break; } } } $result['result'] = $authRes; switch ($authRes) { case 'Success': if ($this->getConfig()->get('DisableAuthManager')) { $user = $context->getUser(); $this->getContext()->setUser($user); $user->setCookies($this->getRequest(), null, true); } else { $user = $session->getUser(); } ApiQueryInfo::resetTokenCache(); // Deprecated hook $injected_html = ''; Hooks::run('UserLoginComplete', [&$user, &$injected_html]); $result['lguserid'] = intval($user->getId()); $result['lgusername'] = $user->getName(); // @todo: These are deprecated, and should be removed at some // point (1.28 at the earliest, and see T121527). They were ok // when the core cookie-based login was the only thing, but // CentralAuth broke that a while back and // SessionManager/AuthManager *really* break it. $result['lgtoken'] = $user->getToken(); $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix'); $result['sessionid'] = $session->getId(); break; case 'NeedToken': $result['token'] = $token->toString(); $this->setWarning('Fetching a token via action=login is deprecated. ' . 'Use action=query&meta=tokens&type=login instead.'); $this->logFeatureUsage('action=login&!lgtoken'); // @todo: See above about deprecation $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix'); $result['sessionid'] = $session->getId(); break; case 'WrongToken': break; case 'Failed': $result['reason'] = $message->useDatabase('false')->inLanguage('en')->text(); break; case 'Aborted': $result['reason'] = 'Authentication requires user interaction, ' . 'which is not supported by action=login.'; if ($this->getConfig()->get('EnableBotPasswords')) { $result['reason'] .= ' To be able to login with action=login, see [[Special:BotPasswords]].'; $result['reason'] .= ' To continue using main-account login, see action=clientlogin.'; } else { $result['reason'] .= ' To log in, see action=clientlogin.'; } break; // Results from LoginForm for when $wgDisableAuthManager is true // Results from LoginForm for when $wgDisableAuthManager is true case LoginForm::WRONG_TOKEN: $result['result'] = 'WrongToken'; break; case LoginForm::NO_NAME: $result['result'] = 'NoName'; break; case LoginForm::ILLEGAL: $result['result'] = 'Illegal'; break; case LoginForm::WRONG_PLUGIN_PASS: $result['result'] = 'WrongPluginPass'; break; case LoginForm::NOT_EXISTS: $result['result'] = 'NotExists'; break; // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin: // The e-mailed temporary password should not be used for actual logins. // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin: // The e-mailed temporary password should not be used for actual logins. case LoginForm::RESET_PASS: case LoginForm::WRONG_PASS: $result['result'] = 'WrongPass'; break; case LoginForm::EMPTY_PASS: $result['result'] = 'EmptyPass'; break; case LoginForm::CREATE_BLOCKED: $result['result'] = 'CreateBlocked'; $result['details'] = 'Your IP address is blocked from account creation'; $block = $context->getUser()->getBlock(); if ($block) { $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block)); } break; case LoginForm::THROTTLED: $result['result'] = 'Throttled'; $result['wait'] = intval($loginForm->mThrottleWait); break; case LoginForm::USER_BLOCKED: $result['result'] = 'Blocked'; $block = User::newFromName($params['name'])->getBlock(); if ($block) { $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block)); } break; case LoginForm::ABORTED: $result['result'] = 'Aborted'; $result['reason'] = $loginForm->mAbortLoginErrorMsg; break; default: ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}"); } $this->getResult()->addValue(null, 'login', $result); if ($loginType === 'LoginForm' && isset(LoginForm::$statusCodes[$authRes])) { $authRes = LoginForm::$statusCodes[$authRes]; } LoggerFactory::getInstance('authmanager')->info('Login attempt', ['event' => 'login', 'successful' => $authRes === 'Success', 'loginType' => $loginType, 'status' => $authRes]); }
/** * Parse a 'continue' parameter and return status information. * * This must be balanced by a call to endContinuation(). * * @since 1.24 * @deprecated since 1.25, use ApiContinuationManager instead * @param string|null $continue * @param ApiBase[] $allModules * @param array $generatedModules * @return array */ public function beginContinuation($continue, array $allModules = array(), array $generatedModules = array()) { wfDeprecated(__METHOD__, '1.25'); if ($this->mainForContinuation->getContinuationManager()) { throw new UnexpectedValueException(__METHOD__ . ': Continuation already in progress from ' . $this->mainForContinuation->getContinuationManager()->getSource()); } // Ugh. If $continue doesn't match that in the request, temporarily // replace the request when creating the ApiContinuationManager. if ($continue === null) { $continue = ''; } if ($this->mainForContinuation->getVal('continue', '') !== $continue) { $oldCtx = $this->mainForContinuation->getContext(); $newCtx = new DerivativeContext($oldCtx); $newCtx->setRequest(new DerivativeRequest($oldCtx->getRequest(), array('continue' => $continue) + $oldCtx->getRequest()->getValues(), $oldCtx->getRequest()->wasPosted())); $this->mainForContinuation->setContext($newCtx); $reset = new ScopedCallback(array($this->mainForContinuation, 'setContext'), array($oldCtx)); } $manager = new ApiContinuationManager($this->mainForContinuation, $allModules, $generatedModules); $reset = null; $this->mainForContinuation->setContinuationManager($manager); return array($manager->isGeneratorDone(), $manager->getRunModules()); }
/** * Executes the log-in attempt using the parameters passed. If * the log-in succeeds, it attaches a cookie to the session * and outputs the user id, username, and session token. If a * log-in fails, as the result of a bad password, a nonexistent * user, or any other reason, the host is cached with an expiry * and no log-in attempts will be accepted until that expiry * is reached. The expiry is $this->mLoginThrottle. */ public function execute() { // If we're in a mode that breaks the same-origin policy, no tokens can // be obtained if ($this->lacksSameOriginSecurity()) { $this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied')); return; } $params = $this->extractRequestParams(); $result = array(); // Make sure session is persisted $session = MediaWiki\Session\SessionManager::getGlobalSession(); $session->persist(); // Make sure it's possible to log in if (!$session->canSetUser()) { $this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when using ' . $session->getProvider()->describe(Language::factory('en')))); return; } $authRes = false; $context = new DerivativeContext($this->getContext()); $loginType = 'N/A'; // Check login token $token = LoginForm::getLoginToken(); if (!$token) { LoginForm::setLoginToken(); $authRes = LoginForm::NEED_TOKEN; } elseif (!$params['token']) { $authRes = LoginForm::NEED_TOKEN; } elseif ($token !== $params['token']) { $authRes = LoginForm::WRONG_TOKEN; } // Try bot passwords if ($authRes === false && $this->getConfig()->get('EnableBotPasswords') && strpos($params['name'], BotPassword::getSeparator()) !== false) { $status = BotPassword::login($params['name'], $params['password'], $this->getRequest()); if ($status->isOk()) { $session = $status->getValue(); $authRes = LoginForm::SUCCESS; $loginType = 'BotPassword'; } else { LoggerFactory::getInstance('authmanager')->info('BotPassword login failed: ' . $status->getWikiText()); } } // Normal login if ($authRes === false) { $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => ''))); $loginForm = new LoginForm(); $loginForm->setContext($context); $authRes = $loginForm->authenticateUserData(); $loginType = 'LoginForm'; } switch ($authRes) { case LoginForm::SUCCESS: $user = $context->getUser(); $this->getContext()->setUser($user); $user->setCookies($this->getRequest(), null, true); ApiQueryInfo::resetTokenCache(); // Run hooks. // @todo FIXME: Split back and frontend from this hook. // @todo FIXME: This hook should be placed in the backend $injected_html = ''; Hooks::run('UserLoginComplete', array(&$user, &$injected_html)); $result['result'] = 'Success'; $result['lguserid'] = intval($user->getId()); $result['lgusername'] = $user->getName(); // @todo: These are deprecated, and should be removed at some // point (1.28 at the earliest, and see T121527). They were ok // when the core cookie-based login was the only thing, but // CentralAuth broke that a while back and // SessionManager/AuthManager are *really* going to break it. $result['lgtoken'] = $user->getToken(); $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix'); $result['sessionid'] = $session->getId(); break; case LoginForm::NEED_TOKEN: $result['result'] = 'NeedToken'; $result['token'] = LoginForm::getLoginToken(); // @todo: See above about deprecation $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix'); $result['sessionid'] = $session->getId(); break; case LoginForm::WRONG_TOKEN: $result['result'] = 'WrongToken'; break; case LoginForm::NO_NAME: $result['result'] = 'NoName'; break; case LoginForm::ILLEGAL: $result['result'] = 'Illegal'; break; case LoginForm::WRONG_PLUGIN_PASS: $result['result'] = 'WrongPluginPass'; break; case LoginForm::NOT_EXISTS: $result['result'] = 'NotExists'; break; // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin: // The e-mailed temporary password should not be used for actual logins. // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin: // The e-mailed temporary password should not be used for actual logins. case LoginForm::RESET_PASS: case LoginForm::WRONG_PASS: $result['result'] = 'WrongPass'; break; case LoginForm::EMPTY_PASS: $result['result'] = 'EmptyPass'; break; case LoginForm::CREATE_BLOCKED: $result['result'] = 'CreateBlocked'; $result['details'] = 'Your IP address is blocked from account creation'; $block = $context->getUser()->getBlock(); if ($block) { $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block)); } break; case LoginForm::THROTTLED: $result['result'] = 'Throttled'; $throttle = $this->getConfig()->get('PasswordAttemptThrottle'); $result['wait'] = intval($throttle['seconds']); break; case LoginForm::USER_BLOCKED: $result['result'] = 'Blocked'; $block = User::newFromName($params['name'])->getBlock(); if ($block) { $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block)); } break; case LoginForm::ABORTED: $result['result'] = 'Aborted'; $result['reason'] = $loginForm->mAbortLoginErrorMsg; break; default: ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}"); } $this->getResult()->addValue(null, 'login', $result); LoggerFactory::getInstance('authmanager')->info('Login attempt', array('event' => 'login', 'successful' => $authRes === LoginForm::SUCCESS, 'loginType' => $loginType, 'status' => LoginForm::$statusCodes[$authRes])); }
public function execute() { // $loginForm->addNewaccountInternal will throw exceptions // if wiki is read only (already handled by api), user is blocked or does not have rights. // Use userCan in order to hit GlobalBlock checks (according to Special:userlogin) $loginTitle = SpecialPage::getTitleFor('Userlogin'); if (!$loginTitle->userCan('createaccount', $this->getUser())) { $this->dieUsage('You do not have the right to create a new account', 'permdenied-createaccount'); } if ($this->getUser()->isBlockedFromCreateAccount()) { $this->dieUsage('You cannot create a new account because you are blocked', 'blocked'); } $params = $this->extractRequestParams(); $result = array(); // Init session if necessary if (session_id() == '') { wfSetupSession(); } if ($params['mailpassword'] && !$params['email']) { $this->dieUsageMsg('noemail'); } $context = new DerivativeContext($this->getContext()); $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('type' => 'signup', 'uselang' => $params['language'], 'wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpRetype' => $params['password'], 'wpDomain' => $params['domain'], 'wpEmail' => $params['email'], 'wpRealName' => $params['realname'], 'wpCreateaccountToken' => $params['token'], 'wpCreateaccount' => $params['mailpassword'] ? null : '1', 'wpCreateaccountMail' => $params['mailpassword'] ? '1' : null))); $loginForm = new LoginForm(); $loginForm->setContext($context); $loginForm->load(); $status = $loginForm->addNewaccountInternal(); $result = array(); if ($status->isGood()) { // Success! $user = $status->getValue(); // If we showed up language selection links, and one was in use, be // smart (and sensible) and save that language as the user's preference global $wgLoginLanguageSelector, $wgEmailAuthentication; if ($wgLoginLanguageSelector && $params['language']) { $user->setOption('language', $params['language']); } if ($params['mailpassword']) { // If mailpassword was set, disable the password and send an email. $user->setPassword(null); $status->merge($loginForm->mailPasswordInternal($user, false, 'createaccount-title', 'createaccount-text')); } elseif ($wgEmailAuthentication && Sanitizer::validateEmail($user->getEmail())) { // Send out an email authentication message if needed $status->merge($user->sendConfirmationMail()); } // Save settings (including confirmation token) $user->saveSettings(); wfRunHooks('AddNewAccount', array($user, $params['mailpassword'])); if ($params['mailpassword']) { $logAction = 'byemail'; } elseif ($this->getUser()->isLoggedIn()) { $logAction = 'create2'; } else { $logAction = 'create'; } $user->addNewUserLogEntry($logAction, (string) $params['reason']); // Add username, id, and token to result. $result['username'] = $user->getName(); $result['userid'] = $user->getId(); $result['token'] = $user->getToken(); } $apiResult = $this->getResult(); if ($status->hasMessage('sessionfailure') || $status->hasMessage('nocookiesfornew')) { // Token was incorrect, so add it to result, but don't throw an exception // since not having the correct token is part of the normal // flow of events. $result['token'] = LoginForm::getCreateaccountToken(); $result['result'] = 'needtoken'; } elseif (!$status->isOK()) { // There was an error. Die now. // Cannot use dieUsageMsg() directly because extensions // might return custom error messages. $errors = $status->getErrorsArray(); if ($errors[0] instanceof Message) { $code = 'aborted'; $desc = $errors[0]; } else { $code = array_shift($errors[0]); $desc = wfMessage($code, $errors[0]); } $this->dieUsage($desc, $code); } elseif (!$status->isGood()) { // Status is not good, but OK. This means warnings. $result['result'] = 'warning'; // Add any warnings to the result $warnings = $status->getErrorsByType('warning'); if ($warnings) { foreach ($warnings as &$warning) { $apiResult->setIndexedTagName($warning['params'], 'param'); } $apiResult->setIndexedTagName($warnings, 'warning'); $result['warnings'] = $warnings; } } else { // Everything was fine. $result['result'] = 'success'; } $apiResult->addValue(null, 'createaccount', $result); }
/** * Generates a form from the given request. * @param AuthenticationRequest[] $requests * @param string $action AuthManager action name * @param string|Message $msg * @param string $msgType * @return HTMLForm */ protected function getAuthForm(array $requests, $action, $msg = '', $msgType = 'error') { global $wgSecureLogin, $wgLoginLanguageSelector; // FIXME merge this with parent if (isset($this->authForm)) { return $this->authForm; } $usingHTTPS = $this->getRequest()->getProtocol() === 'https'; // get basic form description from the auth logic $fieldInfo = AuthenticationRequest::mergeFieldInfo($requests); $fakeTemplate = $this->getFakeTemplate($msg, $msgType); $this->fakeTemplate = $fakeTemplate; // FIXME there should be a saner way to pass this to the hook // this will call onAuthChangeFormFields() $formDescriptor = static::fieldInfoToFormDescriptor($requests, $fieldInfo, $this->authAction); $this->postProcessFormDescriptor($formDescriptor); $context = $this->getContext(); if ($context->getRequest() !== $this->getRequest()) { // We have overridden the request, need to make sure the form uses that too. $context = new DerivativeContext($this->getContext()); $context->setRequest($this->getRequest()); } $form = HTMLForm::factory('vform', $formDescriptor, $context); $form->addHiddenField('authAction', $this->authAction); if ($wgLoginLanguageSelector) { $form->addHiddenField('uselang', $this->mLanguage); } $form->addHiddenField('force', $this->securityLevel); $form->addHiddenField($this->getTokenName(), $this->getToken()->toString()); if ($wgSecureLogin) { // If using HTTPS coming from HTTP, then the 'fromhttp' parameter must be preserved if (!$this->isSignup()) { $form->addHiddenField('wpForceHttps', (int) $this->mStickHTTPS); $form->addHiddenField('wpFromhttp', $usingHTTPS); } } // set properties of the form itself $form->setAction($this->getPageTitle()->getLocalURL($this->getReturnToQueryStringFragment())); $form->setName('userlogin' . ($this->isSignup() ? '2' : '')); if ($this->isSignup()) { $form->setId('userlogin2'); } // add pre/post text // header used by ConfirmEdit, CondfirmAccount, Persona, WikimediaIncubator, SemanticSignup // should be above the error message but HTMLForm doesn't support that $form->addHeaderText($fakeTemplate->html('header')); // FIXME the old form used this for error/warning messages which does not play well with // HTMLForm (maybe it could with a subclass?); for now only display it for signups // (where the JS username validation needs it) and alway empty if ($this->isSignup()) { // used by the mediawiki.special.userlogin.signup.js module $statusAreaAttribs = ['id' => 'mw-createacct-status-area']; // $statusAreaAttribs += $msg ? [ 'class' => "{$msgType}box" ] : [ 'style' => 'display: none;' ]; $form->addHeaderText(Html::element('div', $statusAreaAttribs)); } // header used by MobileFrontend $form->addHeaderText($fakeTemplate->html('formheader')); // blank signup footer for site customization if ($this->isSignup() && $this->showExtraInformation()) { // Use signupend-https for HTTPS requests if it's not blank, signupend otherwise $signupendMsg = $this->msg('signupend'); $signupendHttpsMsg = $this->msg('signupend-https'); if (!$signupendMsg->isDisabled()) { $signupendText = $usingHTTPS && !$signupendHttpsMsg->isBlank() ? $signupendHttpsMsg->parse() : $signupendMsg->parse(); $form->addPostText(Html::rawElement('div', ['id' => 'signupend'], $signupendText)); } } // warning header for non-standard workflows (e.g. security reauthentication) if (!$this->isSignup() && $this->getUser()->isLoggedIn()) { $reauthMessage = $this->securityLevel ? 'userlogin-reauth' : 'userlogin-loggedin'; $form->addHeaderText(Html::rawElement('div', ['class' => 'warningbox'], $this->msg($reauthMessage)->params($this->getUser()->getName())->parse())); } if (!$this->isSignup() && $this->showExtraInformation()) { $passwordReset = new PasswordReset($this->getConfig(), AuthManager::singleton()); if ($passwordReset->isAllowed($this->getUser())) { $form->addFooterText(Html::rawElement('div', ['class' => 'mw-ui-vform-field mw-form-related-link-container'], Linker::link(SpecialPage::getTitleFor('PasswordReset'), $this->msg('userlogin-resetpassword-link')->escaped()))); } // Don't show a "create account" link if the user can't. if ($this->showCreateAccountLink()) { // link to the other action $linkTitle = $this->getTitleFor($this->isSignup() ? 'Userlogin' : 'CreateAccount'); $linkq = $this->getReturnToQueryStringFragment(); // Pass any language selection on to the mode switch link if ($wgLoginLanguageSelector && $this->mLanguage) { $linkq .= '&uselang=' . $this->mLanguage; } $createOrLoginHref = $linkTitle->getLocalURL($linkq); if ($this->getUser()->isLoggedIn()) { $createOrLoginHtml = Html::rawElement('div', ['class' => 'mw-ui-vform-field'], Html::element('a', ['id' => 'mw-createaccount-join', 'href' => $createOrLoginHref, 'tabindex' => 100], $this->msg('userlogin-createanother')->escaped())); } else { $createOrLoginHtml = Html::rawElement('div', ['id' => 'mw-createaccount-cta', 'class' => 'mw-ui-vform-field'], $this->msg('userlogin-noaccount')->escaped() . Html::element('a', ['id' => 'mw-createaccount-join', 'href' => $createOrLoginHref, 'class' => 'mw-ui-button', 'tabindex' => 100], $this->msg('userlogin-joinproject')->escaped())); } $form->addFooterText($createOrLoginHtml); } } $form->suppressDefaultSubmit(); $this->authForm = $form; return $form; }
/** * Edit a Collaboration Hub via the edit API * @param $title Title * @param $displayName string * @param $icon string * @param $colour string * @param $introduction string * @param $footer string * @param $content array * @param $summary string Message key for edit summary * @param $context IContextSource The calling context * @return Status */ public static function edit(Title $title, $displayName, $image, $colour, $introduction, $footer, $content, $summary, IContextSource $context) { $contentBlock = ['display_name' => $displayName, 'introduction' => $introduction, 'footer' => $footer, 'image' => $image, 'colour' => $colour, 'content' => $content]; // TODO Do content $jsonText = FormatJson::encode($contentBlock); if ($jsonText === null) { return Status::newFatal('collaborationkit-hub-edit-tojsonerror'); } // Ensure that a valid context is provided to the API in unit tests $der = new DerivativeContext($context); $request = new DerivativeRequest($context->getRequest(), ['action' => 'edit', 'title' => $title->getFullText(), 'contentmodel' => 'CollaborationHubContent', 'text' => $jsonText, 'summary' => $summary, 'token' => $context->getUser()->getEditToken()], true); $der->setRequest($request); try { $api = new ApiMain($der, true); $api->execute(); } catch (UsageException $e) { return Status::newFatal($context->msg('collaborationkit-hub-edit-apierror', $e->getCodeString())); } return Status::newGood(); }
/** * @param array $data * @return Status */ public function onSubmit(array $data) { $collaborationHub = $data['collaborationhub']; $featureName = $data['featurename']; $titleText = $collaborationHub . '/' . $featureName; $title = Title::newFromText($titleText); if (!$title) { return Status::newFatal('collaborationkit-createhubfeature-invalidtitle'); } elseif ($title->exists()) { return Status::newFatal('collaborationkit-createhubfeature-exists'); } elseif (!$title->userCan('edit') || !$title->userCan('create') || !$title->userCan('editcontentmodel')) { return Status::newFatal('collaborationkit-createhubfeature-nopermission'); } // Update hub with link to new feature $newFeature = ['title' => $titleText, 'display_title' => $featureName]; if ($data['icon']) { $newFeature['image'] = $data['icon']; } $hubTitleObject = Title::newFromText($collaborationHub); if (!$hubTitleObject->exists()) { return Status::newFatal('collaborationkit-createhubfeature-hubdoesnotexist'); } if ($hubTitleObject->getContentModel() != "CollaborationHubContent") { return Status::newFatal('collaborationkit-createhubfeature-hubisnotahub'); } $hubWikiPageObject = WikiPage::factory($hubTitleObject); $hubRawContent = $hubWikiPageObject->getContent(); $hubContent = json_decode($hubRawContent->serialize(), true); // Don't actually update the hub if the hub includes the feature. $found = false; foreach ($hubContent['content'] as $c) { if ($c['title'] === $titleText) { $found = true; break; } } if (!$found) { $hubContent['content'][] = $newFeature; $newHubRawContent = json_encode($hubContent); $editHubSummary = $this->msg('collaborationkit-createhubfeature-hubeditsummary', $featureName)->plain(); $context = $this->getContext(); $der = new DerivativeContext($context); $request = new DerivativeRequest($context->getRequest(), ['action' => 'edit', 'title' => $hubTitleObject->getFullText(), 'contentmodel' => 'CollaborationHubContent', 'text' => $newHubRawContent, 'summary' => $editHubSummary, 'token' => $context->getUser()->getEditToken()], true); $der->setRequest($request); try { $api = new ApiMain($der, true); $api->execute(); } catch (UsageException $e) { return Status::newFatal($context->msg('collaborationkit-hub-edit-apierror', $e->getCodeString())); } } // Create feature $contentModel = $data['contenttype']; if ($contentModel != 'wikitext' && $contentModel != 'CollaborationListContent') { return Status::newFatal('collaborationkit-createhubfeature-invalidcontenttype'); } if ($contentModel == 'wikitext') { $contentFormat = 'text/x-wiki'; } elseif ($contentModel == 'CollaborationListContent') { $contentFormat = 'application/json'; } else { return Status::newFatal('collaborationkit-createhubfeature-invalidcontenttype'); } $initialContent = ''; // Create empty page by default; exception is if there needs to be something such as JSON. if ($contentModel == 'CollaborationListContent') { // FIXME why are we redefining this here? Can't we reuse something from collaborationlistcontenthandler, which already has default content? $initialContent = '{ "columns": [ { "items":[], "options":{}, "description":"" } ] }'; } $summary = $this->msg('collaborationkit-createhubfeature-editsummary')->plain(); $context = $this->getContext(); $der = new DerivativeContext($context); $request = new DerivativeRequest($context->getRequest(), ['action' => 'edit', 'title' => $title->getFullText(), 'contentmodel' => $contentModel, 'contentformat' => $contentFormat, 'text' => $initialContent, 'summary' => $summary, 'token' => $context->getUser()->getEditToken()], true); $der->setRequest($request); try { $api = new ApiMain($der, true); $api->execute(); } catch (UsageException $e) { return Status::newFatal($context->msg('collaborationkit-hub-edit-apierror', $e->getCodeString())); } // Once all the pages we want to create are created, we send them to the first one $this->getOutput()->redirect($title->getFullUrl()); return Status::newGood(); }
/** * Executes the log-in attempt using the parameters passed. If * the log-in succeeeds, it attaches a cookie to the session * and outputs the user id, username, and session token. If a * log-in fails, as the result of a bad password, a nonexistent * user, or any other reason, the host is cached with an expiry * and no log-in attempts will be accepted until that expiry * is reached. The expiry is $this->mLoginThrottle. */ public function execute() { $params = $this->extractRequestParams(); $result = array(); // Init session if necessary if (session_id() == '') { wfSetupSession(); } $context = new DerivativeContext($this->getContext()); $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => ''))); $loginForm = new LoginForm(); $loginForm->setContext($context); global $wgCookiePrefix, $wgPasswordAttemptThrottle; $authRes = $loginForm->authenticateUserData(); switch ($authRes) { case LoginForm::SUCCESS: $user = $context->getUser(); $this->getContext()->setUser($user); $user->setOption('rememberpassword', 1); $user->setCookies($this->getRequest()); ApiQueryInfo::resetTokenCache(); // Run hooks. // @todo FIXME: Split back and frontend from this hook. // @todo FIXME: This hook should be placed in the backend $injected_html = ''; wfRunHooks('UserLoginComplete', array(&$user, &$injected_html)); $result['result'] = 'Success'; $result['lguserid'] = intval($user->getId()); $result['lgusername'] = $user->getName(); $result['lgtoken'] = $user->getToken(); $result['cookieprefix'] = $wgCookiePrefix; $result['sessionid'] = session_id(); break; case LoginForm::NEED_TOKEN: $result['result'] = 'NeedToken'; $result['token'] = $loginForm->getLoginToken(); $result['cookieprefix'] = $wgCookiePrefix; $result['sessionid'] = session_id(); break; case LoginForm::WRONG_TOKEN: $result['result'] = 'WrongToken'; break; case LoginForm::NO_NAME: $result['result'] = 'NoName'; break; case LoginForm::ILLEGAL: $result['result'] = 'Illegal'; break; case LoginForm::WRONG_PLUGIN_PASS: $result['result'] = 'WrongPluginPass'; break; case LoginForm::NOT_EXISTS: $result['result'] = 'NotExists'; break; case LoginForm::RESET_PASS: // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;" // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;" case LoginForm::WRONG_PASS: $result['result'] = 'WrongPass'; break; case LoginForm::EMPTY_PASS: $result['result'] = 'EmptyPass'; break; case LoginForm::CREATE_BLOCKED: $result['result'] = 'CreateBlocked'; $result['details'] = 'Your IP address is blocked from account creation'; break; case LoginForm::THROTTLED: $result['result'] = 'Throttled'; $result['wait'] = intval($wgPasswordAttemptThrottle['seconds']); break; case LoginForm::USER_BLOCKED: $result['result'] = 'Blocked'; break; case LoginForm::ABORTED: $result['result'] = 'Aborted'; $result['reason'] = $loginForm->mAbortLoginErrorMsg; break; default: ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}"); } $this->getResult()->addValue(null, 'login', $result); }
public function testGetActionName_whenCanNotUseWikiPage_defaultsToView() { $request = new FauxRequest(array('action' => 'edit')); $context = new DerivativeContext(RequestContext::getMain()); $context->setRequest($request); $actionName = Action::getActionName($context); $this->assertEquals('view', $actionName); }