dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SECURITY: rate-limit and prevent blocked users from changing email
[lhc/web/wiklou.git]
/
includes
/
specials
/
SpecialChangeEmail.php
diff --git
a/includes/specials/SpecialChangeEmail.php
b/includes/specials/SpecialChangeEmail.php
index
4f97ba2
..
956ff77
100644
(file)
--- a/
includes/specials/SpecialChangeEmail.php
+++ b/
includes/specials/SpecialChangeEmail.php
@@
-22,6
+22,7
@@
*/
use MediaWiki\Auth\AuthManager;
*/
use MediaWiki\Auth\AuthManager;
+use MediaWiki\Logger\LoggerFactory;
/**
* Let users change their email address.
/**
* Let users change their email address.
@@
-54,14
+55,16
@@
class SpecialChangeEmail extends FormSpecialPage {
* @param string $par
*/
function execute( $par ) {
* @param string $par
*/
function execute( $par ) {
- $this->checkLoginSecurityLevel();
-
$out = $this->getOutput();
$out->disallowUserJs();
parent::execute( $par );
}
$out = $this->getOutput();
$out->disallowUserJs();
parent::execute( $par );
}
+ protected function getLoginSecurityLevel() {
+ return $this->getName();
+ }
+
protected function checkExecutePermissions( User $user ) {
if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
protected function checkExecutePermissions( User $user ) {
if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
@@
-75,6
+78,10
@@
class SpecialChangeEmail extends FormSpecialPage {
throw new PermissionsError( 'viewmyprivateinfo' );
}
throw new PermissionsError( 'viewmyprivateinfo' );
}
+ if ( $user->isBlockedFromEmailuser() ) {
+ throw new UserBlockedError( $user->getBlock() );
+ }
+
parent::checkExecutePermissions( $user );
}
parent::checkExecutePermissions( $user );
}
@@
-159,16
+166,29
@@
class SpecialChangeEmail extends FormSpecialPage {
return Status::newFatal( 'changeemail-nochange' );
}
return Status::newFatal( 'changeemail-nochange' );
}
+ // To prevent spam, rate limit adding a new address, but do
+ // not rate limit removing an address.
+ if ( $newaddr !== '' && $user->pingLimiter( 'changeemail' ) ) {
+ return Status::newFatal( 'actionthrottledtext' );
+ }
+
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation( $newaddr );
if ( !$status->isGood() ) {
return $status;
}
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation( $newaddr );
if ( !$status->isGood() ) {
return $status;
}
+ LoggerFactory::getInstance( 'authentication' )->info(
+ 'Changing email address for {user} from {oldemail} to {newemail}', [
+ 'user' => $user->getName(),
+ 'oldemail' => $oldaddr,
+ 'newemail' => $newaddr,
+ ]
+ );
+
Hooks::run( 'PrefsEmailAudit', [ $user, $oldaddr, $newaddr ] );
$user->saveSettings();
Hooks::run( 'PrefsEmailAudit', [ $user, $oldaddr, $newaddr ] );
$user->saveSettings();
- MediaWiki\Auth\AuthManager::callLegacyAuthPlugin( 'updateExternalDB', [ $user ] );
return $status;
}
return $status;
}