From 411c7c2f321aa0149fd49164dcac77e2cbb45925 Mon Sep 17 00:00:00 2001
From: Fomafix <fomafix@googlemail.com>
Date: Fri, 1 Nov 2024 19:16:00 +0000
Subject: [PATCH] Use SettingsBuilder::overrideConfigValue to overwrite a
 config value

Also use MainConfigNames.

Change-Id: I39f166a92f5fd51b88de9069440797c79e2baa05
---
 includes/Hooks.php | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/includes/Hooks.php b/includes/Hooks.php
index c620fb31..d044895c 100644
--- a/includes/Hooks.php
+++ b/includes/Hooks.php
@@ -17,9 +17,11 @@ use MediaWiki\Hook\EditFilterHook;
 use MediaWiki\Hook\MovePageCheckPermissionsHook;
 use MediaWiki\Hook\TitleGetEditNoticesHook;
 use MediaWiki\Html\Html;
+use MediaWiki\MainConfigNames;
 use MediaWiki\Permissions\GrantsInfo;
 use MediaWiki\Permissions\Hook\GetUserPermissionsErrorsExpensiveHook;
 use MediaWiki\Revision\RevisionRecord;
+use MediaWiki\Settings\SettingsBuilder;
 use MediaWiki\Status\Status;
 use MediaWiki\Storage\EditResult;
 use MediaWiki\Storage\Hook\PageSaveCompleteHook;
@@ -43,13 +45,14 @@ class Hooks implements
 	PageSaveCompleteHook
 {
 
-	public static function onRegistration() {
-		global $wgGrantRiskGroups;
+	public static function onRegistration( array $extInfo, SettingsBuilder $settings ) {
+		$grantRiskGroups = $settings->getConfig()->get( MainConfigNames::GrantRiskGroups );
 		// Make sure the risk rating is at least 'security'. TitleBlacklist adds the
 		// tboverride-account right to the createaccount grant, which makes it possible
 		// to use it for social engineering attacks with restricted usernames.
-		if ( $wgGrantRiskGroups['createaccount'] !== GrantsInfo::RISK_INTERNAL ) {
-			$wgGrantRiskGroups['createaccount'] = GrantsInfo::RISK_SECURITY;
+		if ( $grantRiskGroups['createaccount'] !== GrantsInfo::RISK_INTERNAL ) {
+			$grantRiskGroups['createaccount'] = GrantsInfo::RISK_SECURITY;
+			$settings->overrideConfigValue( MainConfigNames::GrantRiskGroups, $grantRiskGroups );
 		}
 	}