3 * A central user id lookup service
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
24 * The CentralIdLookup service allows for connecting local users with
29 abstract class CentralIdLookup
implements IDBAccessObject
{
30 // Audience options for accessors
31 const AUDIENCE_PUBLIC
= 1;
32 const AUDIENCE_RAW
= 2;
34 /** @var CentralIdLookup[][] */
35 private static $instances = [];
41 * Fetch a CentralIdLookup
42 * @param string|null $providerId Provider ID from $wgCentralIdLookupProviders
43 * @return CentralIdLookup|null
45 public static function factory( $providerId = null ) {
46 global $wgCentralIdLookupProviders, $wgCentralIdLookupProvider;
48 if ( $providerId === null ) {
49 $providerId = $wgCentralIdLookupProvider;
52 if ( !array_key_exists( $providerId, self
::$instances ) ) {
53 self
::$instances[$providerId] = null;
55 if ( isset( $wgCentralIdLookupProviders[$providerId] ) ) {
56 $provider = ObjectFactory
::getObjectFromSpec( $wgCentralIdLookupProviders[$providerId] );
57 if ( $provider instanceof CentralIdLookup
) {
58 $provider->providerId
= $providerId;
59 self
::$instances[$providerId] = $provider;
64 return self
::$instances[$providerId];
68 * Reset internal cache for unit testing
70 public static function resetCache() {
71 if ( !defined( 'MW_PHPUNIT_TEST' ) ) {
72 throw new MWException( __METHOD__
. ' may only be called from unit tests!' );
74 self
::$instances = [];
77 final public function getProviderId() {
78 return $this->providerId
;
82 * Check that the "audience" parameter is valid
83 * @param int|User $audience One of the audience constants, or a specific user
84 * @return User|null User to check against, or null if no checks are needed
85 * @throws InvalidArgumentException
87 protected function checkAudience( $audience ) {
88 if ( $audience instanceof User
) {
91 if ( $audience === self
::AUDIENCE_PUBLIC
) {
94 if ( $audience === self
::AUDIENCE_RAW
) {
97 throw new InvalidArgumentException( 'Invalid audience' );
101 * Check that a User is attached on the specified wiki.
103 * If unattached local accounts don't exist in your extension, this comes
104 * down to a check whether the central account exists at all and that
105 * $wikiId is using the same central database.
108 * @param string|null $wikiId Wiki to check attachment status. If null, check the current wiki.
111 abstract public function isAttached( User
$user, $wikiId = null );
114 * Given central user IDs, return the (local) user names
115 * @note There's no requirement that the user names actually exist locally,
116 * or if they do that they're actually attached to the central account.
117 * @param array $idToName Array with keys being central user IDs
118 * @param int|User $audience One of the audience constants, or a specific user
119 * @param int $flags IDBAccessObject read flags
120 * @return array Copy of $idToName with values set to user names (or
121 * empty-string if the user exists but $audience lacks the rights needed
122 * to see it). IDs not corresponding to a user are unchanged.
124 abstract public function lookupCentralIds(
125 array $idToName, $audience = self
::AUDIENCE_PUBLIC
, $flags = self
::READ_NORMAL
129 * Given (local) user names, return the central IDs
130 * @note There's no requirement that the user names actually exist locally,
131 * or if they do that they're actually attached to the central account.
132 * @param array $nameToId Array with keys being canonicalized user names
133 * @param int|User $audience One of the audience constants, or a specific user
134 * @param int $flags IDBAccessObject read flags
135 * @return array Copy of $nameToId with values set to central IDs.
136 * Names not corresponding to a user (or $audience lacks the rights needed
137 * to see it) are unchanged.
139 abstract public function lookupUserNames(
140 array $nameToId, $audience = self
::AUDIENCE_PUBLIC
, $flags = self
::READ_NORMAL
144 * Given a central user ID, return the (local) user name
145 * @note There's no requirement that the user name actually exists locally,
146 * or if it does that it's actually attached to the central account.
147 * @param int $id Central user ID
148 * @param int|User $audience One of the audience constants, or a specific user
149 * @param int $flags IDBAccessObject read flags
150 * @return string|null User name, or empty string if $audience lacks the
151 * rights needed to see it, or null if $id doesn't correspond to a user
153 public function nameFromCentralId(
154 $id, $audience = self
::AUDIENCE_PUBLIC
, $flags = self
::READ_NORMAL
156 $idToName = $this->lookupCentralIds( [ $id => null ], $audience, $flags );
157 return $idToName[$id];
161 * Given a (local) user name, return the central ID
162 * @note There's no requirement that the user name actually exists locally,
163 * or if it does that it's actually attached to the central account.
164 * @param string $name Canonicalized user name
165 * @param int|User $audience One of the audience constants, or a specific user
166 * @param int $flags IDBAccessObject read flags
167 * @return int User ID; 0 if the name does not correspond to a user or
168 * $audience lacks the rights needed to see it.
170 public function centralIdFromName(
171 $name, $audience = self
::AUDIENCE_PUBLIC
, $flags = self
::READ_NORMAL
173 $nameToId = $this->lookupUserNames( [ $name => 0 ], $audience, $flags );
174 return $nameToId[$name];
178 * Given a central user ID, return a local User object
179 * @note Unlike nameFromCentralId(), this does guarantee that the local
180 * user exists and is attached to the central account.
181 * @param int $id Central user ID
182 * @param int|User $audience One of the audience constants, or a specific user
183 * @param int $flags IDBAccessObject read flags
184 * @return User|null Local user, or null if: $id doesn't correspond to a
185 * user, $audience lacks the rights needed to see the user, the user
186 * doesn't exist locally, or the user isn't locally attached.
188 public function localUserFromCentralId(
189 $id, $audience = self
::AUDIENCE_PUBLIC
, $flags = self
::READ_NORMAL
191 $name = $this->nameFromCentralId( $id, $audience, $flags );
192 if ( $name !== null && $name !== '' ) {
193 $user = User
::newFromName( $name );
194 if ( $user && $user->getId() && $this->isAttached( $user ) ) {
202 * Given a local User object, return the central ID
203 * @note Unlike centralIdFromName(), this does guarantee that the local
204 * user is attached to the central account.
205 * @param User $user Local user
206 * @param int|User $audience One of the audience constants, or a specific user
207 * @param int $flags IDBAccessObject read flags
208 * @return int User ID; 0 if the local user does not correspond to a
209 * central user, $audience lacks the rights needed to see it, or the
210 * central user isn't locally attached.
212 public function centralIdFromLocalUser(
213 User
$user, $audience = self
::AUDIENCE_PUBLIC
, $flags = self
::READ_NORMAL
215 return $this->isAttached( $user )
216 ?
$this->centralIdFromName( $user->getName(), $audience, $flags )