X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=includes%2Fspecials%2FSpecialBotPasswords.php;h=2d3a0ccbb5ab5affef4638366a6c7d9eb5945bd4;hp=f76c318e26390576f2f0afdf551a068369a0fe80;hb=23b7f3bbd553183a21d785bae175249efad5ee5d;hpb=12ff4dec05ff8bb1a1910bf6745155b93e1912b5 diff --git a/includes/specials/SpecialBotPasswords.php b/includes/specials/SpecialBotPasswords.php index f76c318e26..2d3a0ccbb5 100644 --- a/includes/specials/SpecialBotPasswords.php +++ b/includes/specials/SpecialBotPasswords.php @@ -21,6 +21,8 @@ * @ingroup SpecialPage */ +use MediaWiki\Logger\LoggerFactory; + /** * Let users manage bot passwords * @@ -40,8 +42,12 @@ class SpecialBotPasswords extends FormSpecialPage { /** @var string New password set, for communication between onSubmit() and onSuccess() */ private $password = null; + /** @var Psr\Log\LoggerInterface */ + private $logger = null; + public function __construct() { parent::__construct( 'BotPasswords', 'editmyprivateinfo' ); + $this->logger = LoggerFactory::getInstance( 'authentication' ); } /** @@ -51,6 +57,10 @@ class SpecialBotPasswords extends FormSpecialPage { return $this->getConfig()->get( 'EnableBotPasswords' ); } + protected function getLoginSecurityLevel() { + return $this->getName(); + } + /** * Main execution point * @param string|null $par @@ -107,6 +117,9 @@ class SpecialBotPasswords extends FormSpecialPage { 'type' => 'check', 'label-message' => 'botpasswords-label-resetpassword', ]; + if ( $this->botPassword->isInvalid() ) { + $fields['resetPassword']['default'] = true; + } } $lang = $this->getLanguage(); @@ -153,22 +166,39 @@ class SpecialBotPasswords extends FormSpecialPage { } else { $linkRenderer = $this->getLinkRenderer(); + $passwordFactory = new PasswordFactory(); + $passwordFactory->init( $this->getConfig() ); + $dbr = BotPassword::getDB( DB_REPLICA ); $res = $dbr->select( 'bot_passwords', - [ 'bp_app_id' ], + [ 'bp_app_id', 'bp_password' ], [ 'bp_user' => $this->userId ], __METHOD__ ); foreach ( $res as $row ) { + try { + $password = $passwordFactory->newFromCiphertext( $row->bp_password ); + $passwordInvalid = $password instanceof InvalidPassword; + unset( $password ); + } catch ( PasswordError $ex ) { + $passwordInvalid = true; + } + + $text = $linkRenderer->makeKnownLink( + $this->getPageTitle( $row->bp_app_id ), + $row->bp_app_id + ); + if ( $passwordInvalid ) { + $text .= $this->msg( 'word-separator' )->escaped() + . $this->msg( 'botpasswords-label-needsreset' )->parse(); + } + $fields[] = [ 'section' => 'existing', 'type' => 'info', 'raw' => true, - 'default' => $linkRenderer->makeKnownLink( - $this->getPageTitle( $row->bp_app_id ), - $row->bp_app_id - ), + 'default' => $text, ]; } @@ -257,6 +287,16 @@ class SpecialBotPasswords extends FormSpecialPage { $bp = BotPassword::newFromCentralId( $this->userId, $this->par ); if ( $bp ) { $bp->delete(); + $this->logger->info( + "Bot password {op} for {user}@{app_id}", + [ + 'app_id' => $this->par, + 'user' => $this->getUser()->getName(), + 'centralId' => $this->userId, + 'op' => 'delete', + 'client_ip' => $this->getRequest()->getIP() + ] + ); } return Status::newGood(); @@ -289,6 +329,18 @@ class SpecialBotPasswords extends FormSpecialPage { } if ( $bp->save( $this->operation, $password ) ) { + $this->logger->info( + "Bot password {op} for {user}@{app_id}", + [ + 'op' => $this->operation, + 'user' => $this->getUser()->getName(), + 'app_id' => $this->par, + 'centralId' => $this->userId, + 'restrictions' => $data['restrictions'], + 'grants' => $bp->getGrants(), + 'client_ip' => $this->getRequest()->getIP() + ] + ); return Status::newGood(); } else { // Messages: botpasswords-insert-failed, botpasswords-update-failed