Page MenuHomePhabricator

Get rid of FauxRequest support in AuthManager
Closed, ResolvedPublic

Description

AuthManager (T91699) is forced to do an ugly hack (see the usingGlobalSession() calls here) to support the use case where one temporarily replaces the real session (that corresponds with actual request) with an artificial one, e.g. call RequestContext::importScopedSession() with a FauxRequest and then call User::loadFromSession(). It would be nice to get rid of that.

Event Timeline

Tgr created this task.Sep 3 2015, 1:08 AM
Tgr raised the priority of this task from to Needs Triage.
Tgr updated the task description. (Show Details)
Tgr added a subscriber: Tgr.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 3 2015, 1:08 AM

Change 243223 had a related patch set uploaded (by Gergő Tisza):
WIP: Add SessionManager

https://gerrit.wikimedia.org/r/243223

Change 243223 had a related patch set uploaded (by Anomie):
WIP: Add SessionManager

https://gerrit.wikimedia.org/r/243223

aaron added a subscriber: aaron.Oct 21 2015, 9:14 PM

Using RequestContext::importScopedSession() to actually import the session is long since deprecated (the main user was for uploads but changed to use the "main stash"). It's really just for the IP/agent/User aspects of the "logical session" but not the actual PHP session. It might be easier to just audit callers and confirm that the session parts can just be removed to avoid the hassle.

aaron added a comment.Oct 21 2015, 9:22 PM

Ugh, UploadFromUrlJob should be rewritten to use the getMainStashInstance() for the temp results and API status checks instead of the sessions (which are reused in the jobs by the runners).

Anomie closed this task as Resolved.Oct 28 2015, 2:29 PM
Anomie claimed this task.
Anomie added a subscriber: Anomie.

SessionManager handles this now, the AuthManager rebase I'm working kills this hack.

Change 243223 merged by jenkins-bot:
Add SessionManager

https://gerrit.wikimedia.org/r/243223

Restricted Application added a subscriber: StudiesWorld. · View Herald TranscriptJan 12 2016, 10:05 PM
Tgr added a comment.Jan 12 2016, 10:59 PM

There should be a developer notice about SessionManager being deployed next week (unexpected login errors etc), I didn't find a better task to flag for it.