Page MenuHomePhabricator
Create Task
Maniphest T111296

Get rid of FauxRequest support in AuthManager
Closed, ResolvedPublic
Actions

Description

AuthManager (T91699) is forced to do an ugly hack (see the usingGlobalSession() calls here) to support the use case where one temporarily replaces the real session (that corresponds with actual request) with an artificial one, e.g. call RequestContext::importScopedSession() with a FauxRequest and then call User::loadFromSession(). It would be nice to get rid of that.

Details

SubjectRepoBranchLines +/-
Add SessionManagermediawiki/coremaster+9 K -663
Customize query in gerrit

Related Objects
Search...

Event Timeline

Tgr created this task.Sep 3 2015, 1:08 AM
Tgr raised the priority of this task from to Needs Triage.
Tgr updated the task description. (Show Details)
Tgr added projects: Reading-Infrastructure-Team-Old (Don't use), MediaWiki-Core-AuthManager.
Tgr subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 3 2015, 1:08 AM
Tgr added a subtask: T91699: Create AuthManager framework and core classes.Sep 7 2015, 10:47 PM
bd808 moved this task from Backlog to AuthManager Backlog on the MediaWiki-Core-AuthManager board.Sep 9 2015, 4:17 PM
gerritbot subscribed.Oct 12 2015, 4:37 AM

Change 243223 had a related patch set uploaded (by Gergő Tisza):
WIP: Add SessionManager

https://gerrit.wikimedia.org/r/243223

gerritbot added a project: Patch-For-Review.Oct 12 2015, 4:38 AM
gerritbot added a comment.Oct 12 2015, 2:39 PM

Change 243223 had a related patch set uploaded (by Anomie):
WIP: Add SessionManager

https://gerrit.wikimedia.org/r/243223

aaron subscribed.Oct 21 2015, 9:14 PM

Using RequestContext::importScopedSession() to actually import the session is long since deprecated (the main user was for uploads but changed to use the "main stash"). It's really just for the IP/agent/User aspects of the "logical session" but not the actual PHP session. It might be easier to just audit callers and confirm that the session parts can just be removed to avoid the hassle.

aaron added a comment.Oct 21 2015, 9:22 PM

Ugh, UploadFromUrlJob should be rewritten to use the getMainStashInstance() for the temp results and API status checks instead of the sessions (which are reused in the jobs by the runners).

Anomie closed this task as Resolved.Oct 28 2015, 2:29 PM
Anomie claimed this task.
Anomie subscribed.

SessionManager handles this now, the AuthManager rebase I'm working kills this hack.

gerritbot added a comment.Jan 12 2016, 10:05 PM

Change 243223 merged by jenkins-bot:
Add SessionManager

https://gerrit.wikimedia.org/r/243223

Restricted Application added a subscriber: StudiesWorld. · View Herald TranscriptJan 12 2016, 10:05 PM
Tgr added a project: Developer-notice.Jan 12 2016, 10:47 PM
Tgr added a comment.Jan 12 2016, 10:59 PM

There should be a developer notice about SessionManager being deployed next week (unexpected login errors etc), I didn't find a better task to flag for it.

ReleaseTaggerBot added projects: MW-1.27-release (WMF-deploy-2016-01-19_(1.27.0-wmf.11)), MW-1.27-release-notes.Jan 12 2016, 11:00 PM
Anomie closed subtask T91699: Create AuthManager framework and core classes as Resolved.May 25 2016, 6:51 PM
Fjalapeno edited projects, added Product-Infrastructure-Team-Backlog-Deprecated; removed Reading-Infrastructure-Team-Old (Don't use).Jun 7 2017, 2:57 PM
Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:39 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL