X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=includes%2Fuser%2FPasswordReset.php;h=38707dec5b2c588f58d72008fa3ddf8d71c629d4;hp=aada3192e38da37db64e1ee6c05e3931c8cb07d5;hb=7b4eafda0d986180d20f37f2489b70e8eca00df4;hpb=07746007177c008e4351f9e55a56536fecca6f0f diff --git a/includes/user/PasswordReset.php b/includes/user/PasswordReset.php index aada3192e3..38707dec5b 100644 --- a/includes/user/PasswordReset.php +++ b/includes/user/PasswordReset.php @@ -22,6 +22,7 @@ use MediaWiki\Auth\AuthManager; use MediaWiki\Auth\TemporaryPasswordAuthenticationRequest; +use MediaWiki\Permissions\PermissionManager; use Psr\Log\LoggerAwareInterface; use Psr\Log\LoggerInterface; use MediaWiki\Logger\LoggerFactory; @@ -40,6 +41,9 @@ class PasswordReset implements LoggerAwareInterface { /** @var AuthManager */ protected $authManager; + /** @var PermissionManager */ + private $permissionManager; + /** @var LoggerInterface */ protected $logger; @@ -50,9 +54,14 @@ class PasswordReset implements LoggerAwareInterface { */ private $permissionCache; - public function __construct( Config $config, AuthManager $authManager ) { + public function __construct( + Config $config, + AuthManager $authManager, + PermissionManager $permissionManager + ) { $this->config = $config; $this->authManager = $authManager; + $this->permissionManager = $permissionManager; $this->permissionCache = new MapCacheLRU( 1 ); $this->logger = LoggerFactory::getInstance( 'authentication' ); } @@ -70,8 +79,6 @@ class PasswordReset implements LoggerAwareInterface { /** * Check if a given user has permission to use this functionality. * @param User $user - * @param bool $displayPassword If set, also check whether the user is allowed to reset the - * password of another user and see the temporary password. * @since 1.29 Second argument for displayPassword removed. * @return StatusValue */ @@ -95,7 +102,7 @@ class PasswordReset implements LoggerAwareInterface { } elseif ( !$this->config->get( 'EnableEmail' ) ) { // Maybe email features have been disabled $status = StatusValue::newFatal( 'passwordreset-emaildisabled' ); - } elseif ( !$user->isAllowed( 'editmyprivateinfo' ) ) { + } elseif ( !$this->permissionManager->userHasRight( $user, 'editmyprivateinfo' ) ) { // Maybe not all users have permission to change private data $status = StatusValue::newFatal( 'badaccess' ); } elseif ( $this->isBlocked( $user ) ) {