/**
* @dataProvider provideMaxOfPolicies
* @covers UserPasswordPolicy::maxOfPolicies
*/
public function testMaxOfPolicies($p1, $p2, $max, $msg)
{
$this->assertArrayEquals($max, UserPasswordPolicy::maxOfPolicies($p1, $p2), $msg);
}
/**
* Check if this is a valid password for this user
*
* Create a Status object based on the password's validity.
* The Status should be set to fatal if the user should not
* be allowed to log in, and should have any errors that
* would block changing the password.
*
* If the return value of this is not OK, the password
* should not be checked. If the return value is not Good,
* the password can be checked, but the user should not be
* able to set their password to this.
*
* @param string $password Desired password
* @param string $purpose one of 'login', 'create', 'reset'
* @return Status
* @since 1.23
*/
public function checkPasswordValidity($password, $purpose = 'login')
{
global $wgPasswordPolicy;
$upp = new UserPasswordPolicy($wgPasswordPolicy['policies'], $wgPasswordPolicy['checks']);
$status = Status::newGood();
$result = false;
//init $result to false for the internal checks
if (!Hooks::run('isValidPassword', array($password, &$result, $this))) {
$status->error($result);
return $status;
}
if ($result === false) {
$status->merge($upp->checkUserPassword($this, $password, $purpose));
return $status;
} elseif ($result === true) {
return $status;
} else {
$status->error($result);
return $status;
//the isValidPassword hook set a string $result and returned true
}
}
/**
* @return bool
*/
public function submit()
{
global $wgPasswordPolicy;
$retVal = true;
$this->parent->setVarsFromRequest(['wgSitename', '_NamespaceType', '_AdminName', '_AdminPassword', '_AdminPasswordConfirm', '_AdminEmail', '_Subscribe', '_SkipOptional', 'wgMetaNamespace']);
// Validate site name
if (strval($this->getVar('wgSitename')) === '') {
$this->parent->showError('config-site-name-blank');
$retVal = false;
}
// Fetch namespace
$nsType = $this->getVar('_NamespaceType');
if ($nsType == 'site-name') {
$name = $this->getVar('wgSitename');
// Sanitize for namespace
// This algorithm should match the JS one in WebInstallerOutput.php
$name = preg_replace('/[\\[\\]\\{\\}|#<>%+? ]/', '_', $name);
$name = str_replace('&', '&', $name);
$name = preg_replace('/__+/', '_', $name);
$name = ucfirst(trim($name, '_'));
} elseif ($nsType == 'generic') {
$name = wfMessage('config-ns-generic')->text();
} else {
// other
$name = $this->getVar('wgMetaNamespace');
}
// Validate namespace
if (strpos($name, ':') !== false) {
$good = false;
} else {
// Title-style validation
$title = Title::newFromText($name);
if (!$title) {
$good = $nsType == 'site-name';
} else {
$name = $title->getDBkey();
$good = true;
}
}
if (!$good) {
$this->parent->showError('config-ns-invalid', $name);
$retVal = false;
}
// Make sure it won't conflict with any existing namespaces
global $wgContLang;
$nsIndex = $wgContLang->getNsIndex($name);
if ($nsIndex !== false && $nsIndex !== NS_PROJECT) {
$this->parent->showError('config-ns-conflict', $name);
$retVal = false;
}
$this->setVar('wgMetaNamespace', $name);
// Validate username for creation
$name = $this->getVar('_AdminName');
if (strval($name) === '') {
$this->parent->showError('config-admin-name-blank');
$cname = $name;
$retVal = false;
} else {
$cname = User::getCanonicalName($name, 'creatable');
if ($cname === false) {
$this->parent->showError('config-admin-name-invalid', $name);
$retVal = false;
} else {
$this->setVar('_AdminName', $cname);
}
}
// Validate password
$msg = false;
$pwd = $this->getVar('_AdminPassword');
$user = User::newFromName($cname);
if ($user) {
$upp = new UserPasswordPolicy($wgPasswordPolicy['policies'], $wgPasswordPolicy['checks']);
$status = $upp->checkUserPasswordForGroups($user, $pwd, ['bureaucrat', 'sysop']);
$valid = $status->isGood() ? true : $status->getMessage();
} else {
$valid = 'config-admin-name-invalid';
}
if (strval($pwd) === '') {
// Provide a more specific and helpful message if password field is left blank
$msg = 'config-admin-password-blank';
} elseif ($pwd !== $this->getVar('_AdminPasswordConfirm')) {
$msg = 'config-admin-password-mismatch';
} elseif ($valid !== true) {
$msg = $valid;
}
if ($msg !== false) {
call_user_func([$this->parent, 'showError'], $msg);
$this->setVar('_AdminPassword', '');
$this->setVar('_AdminPasswordConfirm', '');
$retVal = false;
}
// Validate e-mail if provided
$email = $this->getVar('_AdminEmail');
if ($email && !Sanitizer::validateEmail($email)) {
$this->parent->showError('config-admin-error-bademail');
$retVal = false;
}
// If they asked to subscribe to mediawiki-announce but didn't give
// an e-mail, show an error. Bug 29332
if (!$email && $this->getVar('_Subscribe')) {
$this->parent->showError('config-subscribe-noemail');
$retVal = false;
}
return $retVal;
}
