/**
* Check if a given user has permission to use this functionality.
* @param User $user
- * @param bool $displayPassword If set, also check whether the user is allowed to reset the
- * password of another user and see the temporary password.
* @since 1.29 Second argument for displayPassword removed.
* @return StatusValue
*/
$resetRoutes = $this->config->get( 'PasswordResetRoutes' );
$status = StatusValue::newGood();
- if ( !is_array( $resetRoutes ) ||
- !in_array( true, array_values( $resetRoutes ), true )
- ) {
+ if ( !is_array( $resetRoutes ) || !in_array( true, $resetRoutes, true ) ) {
// Maybe password resets are disabled, or there are no allowable routes
$status = StatusValue::newFatal( 'passwordreset-disabled' );
} elseif (
if ( !$block ) {
return false;
}
- $type = $block->getSystemBlockType();
- if ( in_array( $type, [ null, 'global-block' ], true ) ) {
- // Normal block. Maybe it was meant for someone else and the user just needs to log in;
- // or maybe it was issued specifically to prevent some IP from messing with password
- // reset? Go out on a limb and use the registration allowed flag to decide.
- return $block->isCreateAccountBlocked();
- } elseif ( $type === 'proxy' ) {
- // we disallow actions through proxy even if the user is logged in
- // so it makes sense to disallow password resets as well
- return true;
- } elseif ( in_array( $type, [ 'dnsbl', 'wgSoftBlockRanges' ], true ) ) {
- // these are just meant to force login so let's not prevent that
- return false;
- } else {
- // some extension - we'll have to guess
- return true;
- }
+ return $block->appliesToPasswordReset();
}
/**