search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "Import: Handle uploads with sha1 starting with 0 properly"
[mediawiki.git] / includes / api / ApiCreateAccount.php
blob1368bda1fc3d23e8985105c8fb90067df8f82a5f
1 <?php
2 /**
3 * Created on August 7, 2012
4 *
5 * Copyright © 2012 Tyler Romeo <tylerromeo@gmail.com>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 * http://www.gnu.org/copyleft/gpl.html
21 *
22 * @file
23 */
24 use MediaWiki\Logger\LoggerFactory;
25
26 /**
27 * Unit to authenticate account registration attempts to the current wiki.
28 *
29 * @ingroup API
30 */
31 class ApiCreateAccount extends ApiBase {
32 public function execute() {
33 // If we're in a mode that breaks the same-origin policy, no tokens can
34 // be obtained
35 if ( $this->lacksSameOriginSecurity() ) {
36 $this->dieUsage(
37 'Cannot create account when the same-origin policy is not applied', 'aborted'
38 );
39 }
40
41 // $loginForm->addNewaccountInternal will throw exceptions
42 // if wiki is read only (already handled by api), user is blocked or does not have rights.
43 // Use userCan in order to hit GlobalBlock checks (according to Special:userlogin)
44 $loginTitle = SpecialPage::getTitleFor( 'Userlogin' );
45 if ( !$loginTitle->userCan( 'createaccount', $this->getUser() ) ) {
46 $this->dieUsage(
47 'You do not have the right to create a new account',
48 'permdenied-createaccount'
49 );
50 }
51 if ( $this->getUser()->isBlockedFromCreateAccount() ) {
52 $this->dieUsage(
53 'You cannot create a new account because you are blocked',
54 'blocked',
55 0,
56 array( 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $this->getUser()->getBlock() ) )
57 );
58 }
59
60 $params = $this->extractRequestParams();
61
62 // Init session if necessary
63 if ( session_id() == '' ) {
64 wfSetupSession();
65 }
66
67 if ( $params['mailpassword'] && !$params['email'] ) {
68 $this->dieUsageMsg( 'noemail' );
69 }
70
71 if ( $params['language'] && !Language::isSupportedLanguage( $params['language'] ) ) {
72 $this->dieUsage( 'Invalid language parameter', 'langinvalid' );
73 }
74
75 $context = new DerivativeContext( $this->getContext() );
76 $context->setRequest( new DerivativeRequest(
77 $this->getContext()->getRequest(),
78 array(
79 'type' => 'signup',
80 'uselang' => $params['language'],
81 'wpName' => $params['name'],
82 'wpPassword' => $params['password'],
83 'wpRetype' => $params['password'],
84 'wpDomain' => $params['domain'],
85 'wpEmail' => $params['email'],
86 'wpRealName' => $params['realname'],
87 'wpCreateaccountToken' => $params['token'],
88 'wpCreateaccount' => $params['mailpassword'] ? null : '1',
89 'wpCreateaccountMail' => $params['mailpassword'] ? '1' : null
90 )
91 ) );
92
93 $loginForm = new LoginForm();
94 $loginForm->setContext( $context );
95 Hooks::run( 'AddNewAccountApiForm', array( $this, $loginForm ) );
96 $loginForm->load();
97
98 $status = $loginForm->addNewAccountInternal();
99 LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt via API', array(
100 'event' => 'accountcreation',
101 'status' => $status,
102 ) );
103 $result = array();
104 if ( $status->isGood() ) {
105 // Success!
106 $user = $status->getValue();
107
108 if ( $params['language'] ) {
109 $user->setOption( 'language', $params['language'] );
110 }
111
112 if ( $params['mailpassword'] ) {
113 // If mailpassword was set, disable the password and send an email.
114 $user->setPassword( null );
115 $status->merge( $loginForm->mailPasswordInternal(
116 $user,
117 false,
118 'createaccount-title',
119 'createaccount-text'
120 ) );
121 } elseif ( $this->getConfig()->get( 'EmailAuthentication' ) &&
122 Sanitizer::validateEmail( $user->getEmail() )
123 ) {
124 // Send out an email authentication message if needed
125 $status->merge( $user->sendConfirmationMail() );
126 }
127
128 // Save settings (including confirmation token)
129 $user->saveSettings();
130
131 Hooks::run( 'AddNewAccount', array( $user, $params['mailpassword'] ) );
132
133 if ( $params['mailpassword'] ) {
134 $logAction = 'byemail';
135 } elseif ( $this->getUser()->isLoggedIn() ) {
136 $logAction = 'create2';
137 } else {
138 $logAction = 'create';
139 }
140 $user->addNewUserLogEntry( $logAction, (string)$params['reason'] );
141
142 // Add username, id, and token to result.
143 $result['username'] = $user->getName();
144 $result['userid'] = $user->getId();
145 $result['token'] = $user->getToken();
146 }
147
148 $apiResult = $this->getResult();
149
150 if ( $status->hasMessage( 'sessionfailure' ) || $status->hasMessage( 'nocookiesfornew' ) ) {
151 // Token was incorrect, so add it to result, but don't throw an exception
152 // since not having the correct token is part of the normal
153 // flow of events.
154 $result['token'] = LoginForm::getCreateaccountToken();
155 $result['result'] = 'NeedToken';
156 } elseif ( !$status->isOK() ) {
157 // There was an error. Die now.
158 $this->dieStatus( $status );
159 } elseif ( !$status->isGood() ) {
160 // Status is not good, but OK. This means warnings.
161 $result['result'] = 'Warning';
162
163 // Add any warnings to the result
164 $warnings = $status->getErrorsByType( 'warning' );
165 if ( $warnings ) {
166 foreach ( $warnings as &$warning ) {
167 ApiResult::setIndexedTagName( $warning['params'], 'param' );
168 }
169 ApiResult::setIndexedTagName( $warnings, 'warning' );
170 $result['warnings'] = $warnings;
171 }
172 } else {
173 // Everything was fine.
174 $result['result'] = 'Success';
175 }
176
177 // Give extensions a chance to modify the API result data
178 Hooks::run( 'AddNewAccountApiResult', array( $this, $loginForm, &$result ) );
179
180 $apiResult->addValue( null, 'createaccount', $result );
181 }
182
183 public function mustBePosted() {
184 return true;
185 }
186
187 public function isReadMode() {
188 return false;
189 }
190
191 public function isWriteMode() {
192 return true;
193 }
194
195 public function getAllowedParams() {
196 return array(
197 'name' => array(
198 ApiBase::PARAM_TYPE => 'user',
199 ApiBase::PARAM_REQUIRED => true
200 ),
201 'password' => array(
202 ApiBase::PARAM_TYPE => 'password',
203 ),
204 'domain' => null,
205 'token' => null,
206 'email' => array(
207 ApiBase::PARAM_TYPE => 'string',
208 ApiBase::PARAM_REQUIRED => $this->getConfig()->get( 'EmailConfirmToEdit' ),
209 ),
210 'realname' => null,
211 'mailpassword' => array(
212 ApiBase::PARAM_TYPE => 'boolean',
213 ApiBase::PARAM_DFLT => false
214 ),
215 'reason' => null,
216 'language' => null
217 );
218 }
219
220 protected function getExamplesMessages() {
221 return array(
222 'action=createaccount&name=testuser&password=test123'
223 => 'apihelp-createaccount-example-pass',
224 'action=createaccount&name=testmailuser&mailpassword=true&reason=MyReason'
225 => 'apihelp-createaccount-example-mail',
226 );
227 }
228
229 public function getHelpUrls() {
230 return 'https://www.mediawiki.org/wiki/API:Account_creation';
231 }
232 }
MediaWiki Core