From 2f4b431d868149399aca16d36eaccd95bf4ab41e Mon Sep 17 00:00:00 2001
From: Ryan Lane <rlane@wikimedia.org>
Date: Wed, 8 Aug 2012 17:42:25 -0700
Subject: [PATCH] Allow/disallow saving of local passwords

Allows AuthPlugin to determine if MediaWiki should store passwords in the local database.

Change-Id: Ia32b7d5d61d0ab0652a7c1b9df771b82e9f6bed1
---
 includes/AuthPlugin.php |    9 +++++++++
 includes/User.php       |    5 +++++
 2 files changed, 14 insertions(+), 0 deletions(-)

diff --git a/includes/AuthPlugin.php b/includes/AuthPlugin.php
index c7fcf93..2e42439 100644
--- a/includes/AuthPlugin.php
+++ b/includes/AuthPlugin.php
@@ -177,6 +177,15 @@ class AuthPlugin {
 	}
 
 	/**
+	 * Should MediaWiki store passwords in its local database?
+	 *
+	 * @return bool
+	 */
+	public function allowSetLocalPassword() {
+		return true;
+	}
+
+	/**
 	 * Set the given password in the authentication database.
 	 * As a special case, the password may be set to null to request
 	 * locking the password to an unusable value, with the expectation
diff --git a/includes/User.php b/includes/User.php
index aef49fc..f29d18f 100644
--- a/includes/User.php
+++ b/includes/User.php
@@ -2871,11 +2871,16 @@ class User {
 	 * @todo Only rarely do all these fields need to be set!
 	 */
 	public function saveSettings() {
+		global $wgAuth;
+
 		$this->load();
 		if ( wfReadOnly() ) { return; }
 		if ( 0 == $this->mId ) { return; }
 
 		$this->mTouched = self::newTouchedTimestamp();
+		if ( !$wgAuth->allowSetLocalPassword() ) {
+			$this->mPassword = '';
+		}
 
 		$dbw = wfGetDB( DB_MASTER );
 		$dbw->update( 'user',
-- 
1.7.7.5 (Apple Git-26)