use MediaWiki\Auth\AuthManager;
use MediaWiki\Auth\TemporaryPasswordAuthenticationRequest;
+use MediaWiki\Permissions\PermissionManager;
use Psr\Log\LoggerAwareInterface;
use Psr\Log\LoggerInterface;
use MediaWiki\Logger\LoggerFactory;
/** @var AuthManager */
protected $authManager;
+ /** @var PermissionManager */
+ private $permissionManager;
+
/** @var LoggerInterface */
protected $logger;
*/
private $permissionCache;
- public function __construct( Config $config, AuthManager $authManager ) {
+ public function __construct(
+ Config $config,
+ AuthManager $authManager,
+ PermissionManager $permissionManager
+ ) {
$this->config = $config;
$this->authManager = $authManager;
+ $this->permissionManager = $permissionManager;
$this->permissionCache = new MapCacheLRU( 1 );
$this->logger = LoggerFactory::getInstance( 'authentication' );
}
/**
* Check if a given user has permission to use this functionality.
* @param User $user
- * @param bool $displayPassword If set, also check whether the user is allowed to reset the
- * password of another user and see the temporary password.
* @since 1.29 Second argument for displayPassword removed.
* @return StatusValue
*/
} elseif ( !$this->config->get( 'EnableEmail' ) ) {
// Maybe email features have been disabled
$status = StatusValue::newFatal( 'passwordreset-emaildisabled' );
- } elseif ( !$user->isAllowed( 'editmyprivateinfo' ) ) {
+ } elseif ( !$this->permissionManager->userHasRight( $user, 'editmyprivateinfo' ) ) {
// Maybe not all users have permission to change private data
$status = StatusValue::newFatal( 'badaccess' );
} elseif ( $this->isBlocked( $user ) ) {