mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-09-23 10:18:22 +00:00
Update for AuthManager
Bug: T110448 Bug: T135360 Change-Id: I61e4327ef3c7a31b19feef727de7d683f69e260b
This commit is contained in:
Gergő Tisza
parent
e71808f4c4
commit
8c937957c0
|
|
@ -866,9 +866,10 @@ class AbuseFilter {
|
|||
* @param $vars AbuseFilterVariableHolder
|
||||
* @param $title Title
|
||||
* @param string $group The filter's group (as defined in $wgAbuseFilterValidGroups)
|
||||
* @param User $user The user performing the action; defaults to $wgUser
|
||||
* @return Status
|
||||
*/
|
||||
public static function filterAction( $vars, $title, $group = 'default' ) {
|
||||
public static function filterAction( $vars, $title, $group = 'default', $user = null ) {
|
||||
global $wgUser, $wgTitle, $wgRequest;
|
||||
|
||||
$context = RequestContext::getMain();
|
||||
|
|
@ -879,6 +880,10 @@ class AbuseFilter {
|
|||
$wgTitle = SpecialPage::getTitleFor( 'AbuseFilter' );
|
||||
}
|
||||
|
||||
if ( !$user ) {
|
||||
$user = $wgUser;
|
||||
}
|
||||
|
||||
// Add vars from extensions
|
||||
Hooks::run( 'AbuseFilter-filterAction', array( &$vars, $title ) );
|
||||
|
||||
|
|
@ -906,7 +911,7 @@ class AbuseFilter {
|
|||
|
||||
// If $wgUser isn't safe to load (e.g. a failure during
|
||||
// AbortAutoAccount), create a dummy anonymous user instead.
|
||||
$user = $wgUser->isSafeToLoad() ? $wgUser : new User;
|
||||
$user = $user->isSafeToLoad() ? $user : new User;
|
||||
|
||||
// Create a template
|
||||
$log_template = array(
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
<?php
|
||||
|
||||
use MediaWiki\Auth\AuthManager;
|
||||
|
||||
class AbuseFilterHooks {
|
||||
public static $successful_action_vars = false;
|
||||
/** @var WikiPage|Article|bool */
|
||||
|
|
@ -7,6 +9,21 @@ class AbuseFilterHooks {
|
|||
// So far, all of the error message out-params for these hooks accept HTML.
|
||||
// Hooray!
|
||||
|
||||
public static function onRegistration() {
|
||||
global $wgDisableAuthManager, $wgAuthManagerAutoConfig;
|
||||
|
||||
if ( class_exists( AuthManager::class ) && !$wgDisableAuthManager ) {
|
||||
$wgAuthManagerAutoConfig['preauth'][AbuseFilterPreAuthenticationProvider::class] = [
|
||||
'class' => AbuseFilterPreAuthenticationProvider::class,
|
||||
'sort' => 5, // run after normal preauth providers to keep the log cleaner
|
||||
];
|
||||
} else {
|
||||
Hooks::register( 'AbortNewAccount', 'AbuseFilterHooks::onAbortNewAccount' );
|
||||
Hooks::register( 'AbortAutoAccount', 'AbuseFilterHooks::onAbortAutoAccount' );
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Entry point for the APIEditBeforeSave hook.
|
||||
*
|
||||
|
|
@ -373,6 +390,7 @@ class AbuseFilterHooks {
|
|||
* @param $message
|
||||
* @param $autocreate bool Indicates whether the account is created automatically.
|
||||
* @return bool
|
||||
* @deprecated AbuseFilterPreAuthenticationProvider will take over this functionality
|
||||
*/
|
||||
private static function checkNewAccount( $user, &$message, $autocreate ) {
|
||||
if ( $user->getName() == wfMessage( 'abusefilter-blocker' )->inContentLanguage()->text() ) {
|
||||
|
|
@ -405,6 +423,7 @@ class AbuseFilterHooks {
|
|||
* @param $user User
|
||||
* @param $message
|
||||
* @return bool
|
||||
* @deprecated AbuseFilterPreAuthenticationProvider will take over this functionality
|
||||
*/
|
||||
public static function onAbortNewAccount( $user, &$message ) {
|
||||
return self::checkNewAccount( $user, $message, false );
|
||||
|
|
@ -414,6 +433,7 @@ class AbuseFilterHooks {
|
|||
* @param $user User
|
||||
* @param $message
|
||||
* @return bool
|
||||
* @deprecated AbuseFilterPreAuthenticationProvider will take over this functionality
|
||||
*/
|
||||
public static function onAbortAutoAccount( $user, &$message ) {
|
||||
// FIXME: ERROR MESSAGE IS SHOWN IN A WEIRD WAY, BEACUSE $message
|
||||
|
|
|
|||
45
AbuseFilterPreAuthenticationProvider.php
Normal file
45
AbuseFilterPreAuthenticationProvider.php
Normal file
|
|
@ -0,0 +1,45 @@
|
|||
<?php
|
||||
|
||||
use MediaWiki\Auth\AbstractPreAuthenticationProvider;
|
||||
|
||||
class AbuseFilterPreAuthenticationProvider extends AbstractPreAuthenticationProvider {
|
||||
public function testForAccountCreation( $user, $creator, array $reqs ) {
|
||||
return $this->testUser( $user, $creator, false );
|
||||
}
|
||||
|
||||
public function testUserForCreation( $user, $autocreate ) {
|
||||
// if this is not an autocreation, testForAccountCreation already handled it
|
||||
if ( $autocreate ) {
|
||||
return $this->testUser( $user, $user, true );
|
||||
}
|
||||
return StatusValue::newGood();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param User $user The user being created or autocreated
|
||||
* @param User $creator The user who caused $user to be created (or $user itself on autocreation)
|
||||
* @param bool $autocreate Is this an autocreation?
|
||||
* @return StatusValue
|
||||
*/
|
||||
protected function testUser( $user, $creator, $autocreate ) {
|
||||
if ( $user->getName() == wfMessage( 'abusefilter-blocker' )->inContentLanguage()->text() ) {
|
||||
return StatusValue::newFatal( 'abusefilter-accountreserved' );
|
||||
}
|
||||
|
||||
$vars = new AbuseFilterVariableHolder;
|
||||
|
||||
// generateUserVars records $creator->getName() which would be the IP for unregistered users
|
||||
if ( $creator->isLoggedIn() ) {
|
||||
$vars->addHolders( AbuseFilter::generateUserVars( $creator ) );
|
||||
}
|
||||
|
||||
$vars->setVar( 'ACTION', $autocreate ? 'autocreateaccount' : 'createaccount' );
|
||||
$vars->setVar( 'ACCOUNTNAME', $user->getName() );
|
||||
|
||||
// pass creator in explicitly to prevent recording the current user on autocreation - T135360
|
||||
$status = AbuseFilter::filterAction( $vars, SpecialPage::getTitleFor( 'Userlogin' ),
|
||||
'default', $creator );
|
||||
|
||||
return $status->getStatusValue();
|
||||
}
|
||||
}
|
||||
|
|
@ -74,6 +74,7 @@
|
|||
"AbuseFilterParser": "AbuseFilter.parser.php",
|
||||
"AbuseFilterTokenizer": "AbuseFilterTokenizer.php",
|
||||
"AbuseFilterHooks": "AbuseFilter.hooks.php",
|
||||
"AbuseFilterPreAuthenticationProvider": "AbuseFilterPreAuthenticationProvider.php",
|
||||
"SpecialAbuseLog": "special/SpecialAbuseLog.php",
|
||||
"AbuseLogPager": "special/SpecialAbuseLog.php",
|
||||
"SpecialAbuseFilter": "special/SpecialAbuseFilter.php",
|
||||
|
|
@ -165,13 +166,12 @@
|
|||
"localBasePath": "modules",
|
||||
"remoteExtPath": "AbuseFilter/modules"
|
||||
},
|
||||
"callback": "AbuseFilterHooks::onRegistration",
|
||||
"Hooks": {
|
||||
"EditFilterMergedContent": "AbuseFilterHooks::onEditFilterMergedContent",
|
||||
"GetAutoPromoteGroups": "AbuseFilterHooks::onGetAutoPromoteGroups",
|
||||
"AbortMove": "AbuseFilterHooks::onAbortMove",
|
||||
"MovePageCheckPermissions": "AbuseFilterHooks::onMovePageCheckPermissions",
|
||||
"AbortNewAccount": "AbuseFilterHooks::onAbortNewAccount",
|
||||
"AbortAutoAccount": "AbuseFilterHooks::onAbortAutoAccount",
|
||||
"ArticleDelete": "AbuseFilterHooks::onArticleDelete",
|
||||
"RecentChange_save": "AbuseFilterHooks::onRecentChangeSave",
|
||||
"ListDefinedTags": "AbuseFilterHooks::onListDefinedTags",
|
||||
|
|
|
|||
Loading…
Reference in a new issue