Robert Vogel has uploaded a new change for review. https://gerrit.wikimedia.org/r/150150
Change subject: [RFC] User init & user rights overrides in BSF ...................................................................... [RFC] User init & user rights overrides in BSF I tried to clean up legacy code that caused an issue at a customer setup but then stumbled upon some strange logic. There are two implementations for an implicit user_id/user_token authentication. Both seem to be at the wrong place (hook). Please help me to figure out whether this code is still needed/operational and if we can safely remove it. Change-Id: I05af7c851d1143e352d2b66871598880854b6f9c --- M includes/CoreHooks.php 1 file changed, 11 insertions(+), 17 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/BlueSpiceFoundation refs/changes/50/150150/1 diff --git a/includes/CoreHooks.php b/includes/CoreHooks.php index da7f66d..841a123 100755 --- a/includes/CoreHooks.php +++ b/includes/CoreHooks.php @@ -1,8 +1,6 @@ <?php class BsCoreHooks { - protected static $bUserFetchRights = false; - protected static $loggedInByHash = false; public static function onSetupAfterCache() { @@ -314,7 +312,7 @@ */ public static function LinkEnd( $skin, $target, $options, &$html, &$attribs, &$ret ) { //We add the original title to a link. This may be the same content as - //"title" attribute, but it doesn't have to. I.e. in rea links + //"title" attribute, but it doesn't have to. I.e. in red links $attribs['data-bs-title'] = $target->getPrefixedText(); if( $target->getNamespace() == NS_USER && $target->isSubpage() === false ) { @@ -336,32 +334,30 @@ } /** + * Enables login by userid/token instead of username/password. This is + * usefull to implicit authentication when calles by non-webbrowser clients, + * e.g. RSS readers * @param User $oUser * @param array $aRights - * @return boolean + * @return boolean Always true */ public static function onUserGetRights( $oUser, &$aRights ) { wfProfileIn('BS::' . __METHOD__); - if ( $oUser->isAnon() ) { - $oRequest = RequestContext::getMain()->getRequest(); + if ( !$oUser->isAnon() ) { + $oRequest = $oUser->getRequest(); $iUserId = $oRequest->getVal( 'u', '' ); $sUserHash = $oRequest->getVal( 'h', '' ); if ( !empty( $iUserId ) && !empty( $sUserHash ) ) { - self::$loggedInByHash = true; $_user = User::newFromName( $iUserId ); if ( $_user !== false && $sUserHash == $_user->getToken() ) { $oUser = $_user; + self::$loggedInByHash = true; } } } - if ( self::$bUserFetchRights == false ) { - $aRights = User::getGroupPermissions( $oUser->getEffectiveGroups( true ) ); - # The flag is deactivated to prevent some bugs with the loading of the actual users rights. - # $this->bUserFetchRights = true; - } wfProfileOut('BS::' . __METHOD__); return true; } @@ -378,27 +374,25 @@ public static function onUserCan( &$title, &$user, $action, &$result ) { wfProfileIn('BS::' . __METHOD__); if ( !self::$loggedInByHash ) { - wfProfileIn('--BS::' . __METHOD__ . 'if !$this->loggedInByHash'); - $oRequest = RequestContext::getMain()->getRequest(); + $oRequest = $user->getRequest(); $iUserId = $oRequest->getVal( 'u', '' ); $sUserHash = $oRequest->getVal( 'h', '' ); if ( empty( $iUserId ) || empty( $sUserHash ) ) { - wfProfileOut('--BS::' . __METHOD__ . 'if !self::$loggedInByHash'); + wfProfileOut('BS::' . __METHOD__); return true; } $user->mGroups = array(); $user->getEffectiveGroups( true ); if ( $iUserId && $sUserHash ) { - self::$loggedInByHash = true; $_user = User::newFromName( $iUserId ); if ( $_user !== false && $sUserHash == $_user->getToken() ) { $result = $_user->isAllowed( 'read' ); $user = $_user; + self::$loggedInByHash = true; } } - wfProfileOut('--BS::' . __METHOD__ . 'if !self::$loggedInByHash'); } if ( $action == 'read' ) { -- To view, visit https://gerrit.wikimedia.org/r/150150 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I05af7c851d1143e352d2b66871598880854b6f9c Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/BlueSpiceFoundation Gerrit-Branch: master Gerrit-Owner: Robert Vogel <vo...@hallowelt.biz> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits