X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=includes%2Fuser%2FPasswordReset.php;h=38707dec5b2c588f58d72008fa3ddf8d71c629d4;hp=fd8eb3fac1677b6eeb3794dce65de67d95eb2542;hb=fa0f6f34972c0e0f4aac24a03b3efdfc45f256f6;hpb=72fa557f45ce6640bd13e82c7130ad7934d8c384 diff --git a/includes/user/PasswordReset.php b/includes/user/PasswordReset.php index fd8eb3fac1..38707dec5b 100644 --- a/includes/user/PasswordReset.php +++ b/includes/user/PasswordReset.php @@ -22,6 +22,7 @@ use MediaWiki\Auth\AuthManager; use MediaWiki\Auth\TemporaryPasswordAuthenticationRequest; +use MediaWiki\Permissions\PermissionManager; use Psr\Log\LoggerAwareInterface; use Psr\Log\LoggerInterface; use MediaWiki\Logger\LoggerFactory; @@ -40,6 +41,9 @@ class PasswordReset implements LoggerAwareInterface { /** @var AuthManager */ protected $authManager; + /** @var PermissionManager */ + private $permissionManager; + /** @var LoggerInterface */ protected $logger; @@ -50,9 +54,14 @@ class PasswordReset implements LoggerAwareInterface { */ private $permissionCache; - public function __construct( Config $config, AuthManager $authManager ) { + public function __construct( + Config $config, + AuthManager $authManager, + PermissionManager $permissionManager + ) { $this->config = $config; $this->authManager = $authManager; + $this->permissionManager = $permissionManager; $this->permissionCache = new MapCacheLRU( 1 ); $this->logger = LoggerFactory::getInstance( 'authentication' ); } @@ -93,7 +102,7 @@ class PasswordReset implements LoggerAwareInterface { } elseif ( !$this->config->get( 'EnableEmail' ) ) { // Maybe email features have been disabled $status = StatusValue::newFatal( 'passwordreset-emaildisabled' ); - } elseif ( !$user->isAllowed( 'editmyprivateinfo' ) ) { + } elseif ( !$this->permissionManager->userHasRight( $user, 'editmyprivateinfo' ) ) { // Maybe not all users have permission to change private data $status = StatusValue::newFatal( 'badaccess' ); } elseif ( $this->isBlocked( $user ) ) {