foreach ( $checks as $statement => $check ) {
if ( !is_callable( $check ) ) {
throw new InvalidArgumentException(
- 'Policy check functions must be callable'
+ "Policy check functions must be callable. '$statement' isn't callable."
);
}
$this->policyCheckFunctions[$statement] = $check;
* Check if a passwords meets the effective password policy for a User.
* @param User $user who's policy we are checking
* @param string $password the password to check
- * @param string $purpose one of 'login', 'create', 'reset'
* @return Status error to indicate the password didn't meet the policy, or fatal to
* indicate the user shouldn't be allowed to login.
*/
- public function checkUserPassword( User $user, $password, $purpose = 'login' ) {
- $effectivePolicy = $this->getPoliciesForUser( $user, $purpose );
+ public function checkUserPassword( User $user, $password ) {
+ $effectivePolicy = $this->getPoliciesForUser( $user );
return $this->checkPolicies(
$user,
$password,
);
}
+ /**
+ * @param User $user
+ * @param string $password
+ * @param array $policies
+ * @param array $policyCheckFunctions
+ * @return Status
+ */
private function checkPolicies( User $user, $password, $policies, $policyCheckFunctions ) {
$status = Status::newGood();
foreach ( $policies as $policy => $value ) {
if ( !isset( $policyCheckFunctions[$policy] ) ) {
- throw new DomainException( 'Invalid password policy config' );
+ throw new DomainException( "Invalid password policy config. No check defined for '$policy'." );
}
$status->merge(
call_user_func(
* Get the policy for a user, based on their group membership. Public so
* UI elements can access and inform the user.
* @param User $user
- * @param string $purpose one of 'login', 'create', 'reset'
* @return array the effective policy for $user
*/
- public function getPoliciesForUser( User $user, $purpose = 'login' ) {
- $effectivePolicy = $this->policies['default'];
- if ( $purpose !== 'create' ) {
- $effectivePolicy = self::getPoliciesForGroups(
- $this->policies,
- $user->getEffectiveGroups(),
- $this->policies['default']
- );
- }
+ public function getPoliciesForUser( User $user ) {
+ $effectivePolicy = self::getPoliciesForGroups(
+ $this->policies,
+ $user->getEffectiveGroups(),
+ $this->policies['default']
+ );
- Hooks::run( 'PasswordPoliciesForUser', array( $user, &$effectivePolicy, $purpose ) );
+ Hooks::run( 'PasswordPoliciesForUser', [ $user, &$effectivePolicy ] );
return $effectivePolicy;
}
* @return array containing the more restrictive values of $p1 and $p2
*/
public static function maxOfPolicies( array $p1, array $p2 ) {
- $ret = array();
+ $ret = [];
$keys = array_merge( array_keys( $p1 ), array_keys( $p2 ) );
foreach ( $keys as $key ) {
if ( !isset( $p1[$key] ) ) {