Use SettingsBuilder::overrideConfigValue to overwrite a config value

Also use MainConfigNames.

Change-Id: I39f166a92f5fd51b88de9069440797c79e2baa05
This commit is contained in:
Fomafix 2024-11-01 19:16:00 +00:00
parent a69e185922
commit 411c7c2f32

View file

@ -17,9 +17,11 @@ use MediaWiki\Hook\EditFilterHook;
use MediaWiki\Hook\MovePageCheckPermissionsHook;
use MediaWiki\Hook\TitleGetEditNoticesHook;
use MediaWiki\Html\Html;
use MediaWiki\MainConfigNames;
use MediaWiki\Permissions\GrantsInfo;
use MediaWiki\Permissions\Hook\GetUserPermissionsErrorsExpensiveHook;
use MediaWiki\Revision\RevisionRecord;
use MediaWiki\Settings\SettingsBuilder;
use MediaWiki\Status\Status;
use MediaWiki\Storage\EditResult;
use MediaWiki\Storage\Hook\PageSaveCompleteHook;
@ -43,13 +45,14 @@ class Hooks implements
PageSaveCompleteHook
{
public static function onRegistration() {
global $wgGrantRiskGroups;
public static function onRegistration( array $extInfo, SettingsBuilder $settings ) {
$grantRiskGroups = $settings->getConfig()->get( MainConfigNames::GrantRiskGroups );
// Make sure the risk rating is at least 'security'. TitleBlacklist adds the
// tboverride-account right to the createaccount grant, which makes it possible
// to use it for social engineering attacks with restricted usernames.
if ( $wgGrantRiskGroups['createaccount'] !== GrantsInfo::RISK_INTERNAL ) {
$wgGrantRiskGroups['createaccount'] = GrantsInfo::RISK_SECURITY;
if ( $grantRiskGroups['createaccount'] !== GrantsInfo::RISK_INTERNAL ) {
$grantRiskGroups['createaccount'] = GrantsInfo::RISK_SECURITY;
$settings->overrideConfigValue( MainConfigNames::GrantRiskGroups, $grantRiskGroups );
}
}