includes/api/ApiResetPassword.php

   1 <?php
   2 /**
   3  * Copyright © 2016 Wikimedia Foundation and contributors
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  */
  22
  23 use MediaWiki\Auth\AuthManager;
  24 use MediaWiki\MediaWikiServices;
  25
  26 /**
  27  * Reset password, with AuthManager
  28  *
  29  * @ingroup API
  30  */
  31 class ApiResetPassword extends ApiBase {
  32
  33         private $hasAnyRoutes = null;
  34
  35         /**
  36          * Determine whether any reset routes are available.
  37          * @return bool
  38          */
  39         private function hasAnyRoutes() {
  40                 if ( $this->hasAnyRoutes === null ) {
  41                         $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
  42                         $this->hasAnyRoutes = !empty( $resetRoutes['username'] ) || !empty( $resetRoutes['email'] );
  43                 }
  44                 return $this->hasAnyRoutes;
  45         }
  46
  47         protected function getExtendedDescription() {
  48                 if ( !$this->hasAnyRoutes() ) {
  49                         return 'apihelp-resetpassword-extended-description-noroutes';
  50                 }
  51                 return parent::getExtendedDescription();
  52         }
  53
  54         public function execute() {
  55                 if ( !$this->hasAnyRoutes() ) {
  56                         $this->dieWithError( 'apihelp-resetpassword-description-noroutes', 'moduledisabled' );
  57                 }
  58
  59                 $params = $this->extractRequestParams() + [
  60                         // Make sure the keys exist even if getAllowedParams didn't define them
  61                         'user' => null,
  62                         'email' => null,
  63                 ];
  64
  65                 $this->requireOnlyOneParameter( $params, 'user', 'email' );
  66
  67                 $passwordReset = new PasswordReset(
  68                         $this->getConfig(),
  69                         AuthManager::singleton(),
  70                         MediaWikiServices::getInstance()->getPermissionManager()
  71                 );
  72
  73                 $status = $passwordReset->isAllowed( $this->getUser() );
  74                 if ( !$status->isOK() ) {
  75                         $this->dieStatus( Status::wrap( $status ) );
  76                 }
  77
  78                 $status = $passwordReset->execute(
  79                         $this->getUser(), $params['user'], $params['email']
  80                 );
  81                 if ( !$status->isOK() ) {
  82                         $status->value = null;
  83                         $this->dieStatus( Status::wrap( $status ) );
  84                 }
  85
  86                 $result = $this->getResult();
  87                 $result->addValue( [ 'resetpassword' ], 'status', 'success' );
  88         }
  89
  90         public function isWriteMode() {
  91                 return $this->hasAnyRoutes();
  92         }
  93
  94         public function needsToken() {
  95                 if ( !$this->hasAnyRoutes() ) {
  96                         return false;
  97                 }
  98                 return 'csrf';
  99         }
 100
 101         public function getAllowedParams() {
 102                 if ( !$this->hasAnyRoutes() ) {
 103                         return [];
 104                 }
 105
 106                 $ret = [
 107                         'user' => [
 108                                 ApiBase::PARAM_TYPE => 'user',
 109                         ],
 110                         'email' => [
 111                                 ApiBase::PARAM_TYPE => 'string',
 112                         ],
 113                 ];
 114
 115                 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
 116                 if ( empty( $resetRoutes['username'] ) ) {
 117                         unset( $ret['user'] );
 118                 }
 119                 if ( empty( $resetRoutes['email'] ) ) {
 120                         unset( $ret['email'] );
 121                 }
 122
 123                 return $ret;
 124         }
 125
 126         protected function getExamplesMessages() {
 127                 $ret = [];
 128                 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
 129
 130                 if ( !empty( $resetRoutes['username'] ) ) {
 131                         $ret['action=resetpassword&user=Example&token=123ABC'] = 'apihelp-resetpassword-example-user';
 132                 }
 133                 if ( !empty( $resetRoutes['email'] ) ) {
 134                         $ret['action=resetpassword&user=user@example.com&token=123ABC'] =
 135                                 'apihelp-resetpassword-example-email';
 136                 }
 137
 138                 return $ret;
 139         }
 140
 141         public function getHelpUrls() {
 142                 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
 143         }
 144 }