Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F7635
createAndPromote.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Size
6 KB
Referenced Files
None
Subscribers
None
createAndPromote.php
View Options
<?php
/**
* Creates an account and grants it rights.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @file
* @ingroup Maintenance
* @author Rob Church <robchur@gmail.com>
* @author Pablo Castellano <pablo@anche.no>
*/
// @codeCoverageIgnoreStart
require_once
__DIR__
.
'/Maintenance.php'
;
// @codeCoverageIgnoreEnd
use
MediaWiki\Auth\AuthManager
;
use
MediaWiki\Deferred\SiteStatsUpdate
;
use
MediaWiki\Password\PasswordError
;
use
MediaWiki\User\User
;
use
MediaWiki\WikiMap\WikiMap
;
/**
* Maintenance script to create an account and grant it rights.
*
* @ingroup Maintenance
*/
class
CreateAndPromote
extends
Maintenance
{
private
const
PERMIT_ROLES
=
[
'sysop'
,
'bureaucrat'
,
'interface-admin'
,
'bot'
];
public
function
__construct
()
{
parent
::
__construct
();
$this
->
addDescription
(
'Create a new user account and/or grant it additional rights'
);
$this
->
addOption
(
'force'
,
'If account exists already, just grant it rights or change password.'
);
foreach
(
self
::
PERMIT_ROLES
as
$role
)
{
$this
->
addOption
(
$role
,
"Add the account to the {$role} group"
);
}
$this
->
addOption
(
'custom-groups'
,
'Comma-separated list of groups to add the user to'
,
false
,
true
);
$this
->
addOption
(
'reason'
,
'Reason for account creation and user rights assignment to log to wiki'
,
false
,
true
);
$this
->
addArg
(
'username'
,
'Username of new user'
);
$this
->
addArg
(
'password'
,
'Password to set'
,
false
);
}
public
function
execute
()
{
$username
=
$this
->
getArg
(
0
);
$password
=
$this
->
getArg
(
1
);
$force
=
$this
->
hasOption
(
'force'
);
$inGroups
=
[];
$services
=
$this
->
getServiceContainer
();
$user
=
$services
->
getUserFactory
()->
newFromName
(
$username
);
if
(
!
is_object
(
$user
)
)
{
$this
->
fatalError
(
'invalid username.'
);
}
$exists
=
(
$user
->
idForName
()
!==
0
);
if
(
$exists
&&
!
$force
)
{
$this
->
fatalError
(
'Account exists. Perhaps you want the --force option?'
);
}
elseif
(
!
$exists
&&
!
$password
)
{
$this
->
error
(
'Argument <password> required!'
);
$this
->
maybeHelp
(
true
);
}
elseif
(
$exists
)
{
$inGroups
=
$services
->
getUserGroupManager
()->
getUserGroups
(
$user
);
}
$groups
=
array_filter
(
self
::
PERMIT_ROLES
,
[
$this
,
'hasOption'
]
);
if
(
$this
->
hasOption
(
'custom-groups'
)
)
{
$allGroups
=
array_fill_keys
(
$services
->
getUserGroupManager
()->
listAllGroups
(),
true
);
$customGroupsText
=
$this
->
getOption
(
'custom-groups'
);
if
(
$customGroupsText
!==
''
)
{
$customGroups
=
explode
(
','
,
$customGroupsText
);
foreach
(
$customGroups
as
$customGroup
)
{
if
(
isset
(
$allGroups
[
$customGroup
]
)
)
{
$groups
[]
=
trim
(
$customGroup
);
}
else
{
$this
->
output
(
"$customGroup is not a valid group, ignoring!
\n
"
);
}
}
}
}
$promotions
=
array_diff
(
$groups
,
$inGroups
);
if
(
$exists
&&
!
$password
&&
count
(
$promotions
)
===
0
)
{
$this
->
output
(
"Account exists and nothing to do.
\n
"
);
return
;
}
elseif
(
count
(
$promotions
)
!==
0
)
{
$dbDomain
=
WikiMap
::
getCurrentWikiDbDomain
()->
getId
();
$promoText
=
"User:{$username} into "
.
implode
(
', '
,
$promotions
)
.
"...
\n
"
;
if
(
$exists
)
{
$this
->
output
(
"$dbDomain: Promoting $promoText"
);
}
else
{
$this
->
output
(
"$dbDomain: Creating and promoting $promoText"
);
}
}
if
(
!
$exists
)
{
// Verify the password meets the password requirements before creating.
// This check is repeated below to account for differences between
// the password policy for regular users and for users in certain groups.
if
(
$password
)
{
$status
=
$user
->
checkPasswordValidity
(
$password
);
if
(
!
$status
->
isGood
()
)
{
$this
->
fatalError
(
$status
);
}
}
// Create the user via AuthManager as there may be various side
// effects that are performed by the configured AuthManager chain.
$status
=
$this
->
getServiceContainer
()->
getAuthManager
()->
autoCreateUser
(
$user
,
AuthManager
::
AUTOCREATE_SOURCE_MAINT
,
false
);
if
(
!
$status
->
isGood
()
)
{
$this
->
fatalError
(
$status
);
}
}
if
(
$promotions
)
{
// Add groups before changing password, as the password policy for certain groups has
// stricter requirements.
$userGroupManager
=
$services
->
getUserGroupManager
();
$userGroupManager
->
addUserToMultipleGroups
(
$user
,
$promotions
);
$reason
=
$this
->
getOption
(
'reason'
)
?:
''
;
$this
->
addLogEntry
(
$user
,
$inGroups
,
array_merge
(
$inGroups
,
$promotions
),
$reason
);
}
if
(
$password
)
{
# Try to set the password
try
{
$status
=
$user
->
changeAuthenticationData
(
[
'username'
=>
$user
->
getName
(),
'password'
=>
$password
,
'retype'
=>
$password
,
]
);
if
(
!
$status
->
isGood
()
)
{
throw
new
PasswordError
(
$status
->
getMessage
(
false
,
false
,
'en'
)->
text
()
);
}
if
(
$exists
)
{
$this
->
output
(
"Password set.
\n
"
);
$user
->
saveSettings
();
}
}
catch
(
PasswordError
$pwe
)
{
$this
->
fatalError
(
'Setting the password failed: '
.
$pwe
->
getMessage
()
);
}
}
if
(
!
$exists
)
{
# Increment site_stats.ss_users
$ssu
=
SiteStatsUpdate
::
factory
(
[
'users'
=>
1
]
);
$ssu
->
doUpdate
();
}
$this
->
output
(
"done.
\n
"
);
}
/**
* Add a rights log entry for an action.
*
* @param User $user
* @param array $oldGroups
* @param array $newGroups
* @param string $reason
*/
private
function
addLogEntry
(
$user
,
array
$oldGroups
,
array
$newGroups
,
string
$reason
)
{
$logEntry
=
new
ManualLogEntry
(
'rights'
,
'rights'
);
$logEntry
->
setPerformer
(
User
::
newSystemUser
(
User
::
MAINTENANCE_SCRIPT_USER
,
[
'steal'
=>
true
]
)
);
$logEntry
->
setTarget
(
$user
->
getUserPage
()
);
$logEntry
->
setComment
(
$reason
);
$logEntry
->
setParameters
(
[
'4::oldgroups'
=>
$oldGroups
,
'5::newgroups'
=>
$newGroups
]
);
$logid
=
$logEntry
->
insert
();
$logEntry
->
publish
(
$logid
);
}
}
// @codeCoverageIgnoreStart
$maintClass
=
CreateAndPromote
::
class
;
require_once
RUN_MAINTENANCE_IF_MAIN
;
// @codeCoverageIgnoreEnd
File Metadata
Details
Attached
Mime Type
text/x-php
Expires
Wed, Sep 10, 10:24 (12 h, 4 m)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
73/3a/4132d9769361c56ccdc4a955e1b3
Default Alt Text
createAndPromote.php (6 KB)
Attached To
Mode
rMWPROD MediaWiki Production
Attached
Detach File
Event Timeline
Log In to Comment