Page MenuHomePhabricator

Update BlueSpiceFoundation and BlueSpiceExtensions for AuthManager
Open, LowPublic

Description

The following items should be looked at:

  • Adding users via User::addToDatabase() and User::setPassword() is probably not going to reliably work anymore in all cases, and in particular the latter function is now deprecated. Ideally users will be created through the standard Special:CreateAccount page instead of trying to do your own thing. Discussion on T111486 may be relevant.
  • Deletion of users is a tricky business when other extensions might still have record of the user and might even try to auto-create them if they're missing. If you really need this sort of thing, you'll need to make sure every other extension that tracks users implements your 'BSUserManagerAfterDeleteUser' hook.
  • Users for extension-performed logged actions, such as page edits or category renames, may now be managed using User::newSystemUser() which is more reliable than old methods of creating a user and (not) trying to prevent human login to it.

The relevant code appears to be in:

  • ./BlueSpiceFoundation/maintenance/BSImportUsers.php
  • ./BlueSpiceFoundation/maintenance/RenameCategories.php
  • ./BlueSpiceFoundation/maintenance/massedit.php
  • ./BlueSpiceExtensions/UserManager/UserManager.class.php