* https://www.mediawiki.org/
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @file
*/
use MediaWiki\HookContainer\HookRunner;
use MediaWiki\Linker\LinkRenderer;
use MediaWiki\MediaWikiServices;
use Wikimedia\Rdbms\IDatabase;
class LogEventsList extends ContextSource {
public const NO_ACTION_LINK = 1;
public const NO_EXTRA_USER_LINKS = 2;
public const USE_CHECKBOXES = 4;
public $flags;
/**
* @var array
* @deprecated since 1.34, no longer used.
*/
protected $mDefaultQuery;
/**
* @var bool
*/
protected $showTagEditUI;
/**
* @var array
*/
protected $allowedActions = null;
/**
* @var LinkRenderer|null
*/
private $linkRenderer;
/** @var HookRunner */
private $hookRunner;
/**
* The first two parameters used to be $skin and $out, but now only a context
* is needed, that's why there's a second unused parameter.
*
* @param IContextSource|Skin $context Context to use; formerly it was
* a Skin object. Use of Skin is deprecated.
* @param LinkRenderer|null $linkRenderer previously unused
* @param int $flags Can be a combination of self::NO_ACTION_LINK,
* self::NO_EXTRA_USER_LINKS or self::USE_CHECKBOXES.
*/
public function __construct( $context, $linkRenderer = null, $flags = 0 ) {
if ( $context instanceof IContextSource ) {
$this->setContext( $context );
} else {
// Old parameters, $context should be a Skin object
$this->setContext( $context->getContext() );
}
$this->flags = $flags;
$this->showTagEditUI = ChangeTags::showTagEditingUI( $this->getUser() );
if ( $linkRenderer instanceof LinkRenderer ) {
$this->linkRenderer = $linkRenderer;
}
$this->hookRunner = Hooks::runner();
}
/**
* @since 1.30
* @return LinkRenderer
*/
protected function getLinkRenderer() {
if ( $this->linkRenderer !== null ) {
return $this->linkRenderer;
} else {
return MediaWikiServices::getInstance()->getLinkRenderer();
}
}
/**
* Show options for the log list
*
* @param array|string $types
* @param string $user
* @param string $page
* @param bool $pattern
* @param int|string $year Use 0 to start with no year preselected.
* @param int|string $month A month in the 1..12 range. Use 0 to start with no month
* preselected.
* @param int|string $day A day in the 1..31 range. Use 0 to start with no month
* preselected.
* @param array|null $filter
* @param string $tagFilter Tag to select by default
* @param string|null $action
*/
public function showOptions( $types = [], $user = '', $page = '', $pattern = false, $year = 0,
$month = 0, $day = 0, $filter = null, $tagFilter = '', $action = null
) {
// For B/C, we take strings, but make sure they are converted...
$types = ( $types === '' ) ? [] : (array)$types;
$formDescriptor = [];
// Basic selectors
$formDescriptor['type'] = $this->getTypeMenuDesc( $types );
$formDescriptor['user'] = $this->getUserInputDesc( $user );
$formDescriptor['page'] = $this->getTitleInputDesc( $page );
// Add extra inputs if any
// This could either be a form descriptor array or a string with raw HTML.
// We need it to work in both cases and show a deprecation warning if it
// is a string. See T199495.
$extraInputsDescriptor = $this->getExtraInputsDesc( $types );
if (
is_array( $extraInputsDescriptor ) &&
!empty( $extraInputsDescriptor )
) {
$formDescriptor[ 'extra' ] = $extraInputsDescriptor;
} elseif (
is_string( $extraInputsDescriptor ) &&
$extraInputsDescriptor !== ''
) {
// We'll add this to the footer of the form later
$extraInputsString = $extraInputsDescriptor;
wfDeprecated( '$input in LogEventsListGetExtraInputs hook', '1.32' );
}
// Title pattern, if allowed
if ( !$this->getConfig()->get( 'MiserMode' ) ) {
$formDescriptor['pattern'] = $this->getTitlePatternDesc( $pattern );
}
// Date menu
$formDescriptor['date'] = [
'type' => 'date',
'label-message' => 'date',
'default' => $year && $month && $day ? sprintf( "%04d-%02d-%02d", $year, $month, $day ) : '',
];
// Tag filter
$formDescriptor['tagfilter'] = [
'type' => 'tagfilter',
'name' => 'tagfilter',
'label-raw' => $this->msg( 'tag-filter' )->parse(),
];
// Filter links
if ( $filter ) {
$formDescriptor['filters'] = $this->getFiltersDesc( $filter );
}
// Action filter
if (
$action !== null &&
$this->allowedActions !== null &&
count( $this->allowedActions ) > 0
) {
$formDescriptor['subtype'] = $this->getActionSelectorDesc( $types, $action );
}
$context = new DerivativeContext( $this->getContext() );
$context->setTitle( SpecialPage::getTitleFor( 'Log' ) ); // Remove subpage
$htmlForm = HTMLForm::factory( 'ooui', $formDescriptor, $context );
$htmlForm
->setSubmitText( $this->msg( 'logeventslist-submit' )->text() )
->setMethod( 'get' )
->setWrapperLegendMsg( 'log' );
// TODO This will should be removed at some point. See T199495.
if ( isset( $extraInputsString ) ) {
$htmlForm->addFooterText( Html::rawElement(
'div',
null,
$extraInputsString
) );
}
$htmlForm->prepareForm()->displayForm( false );
}
/**
* @param array $filter
* @return array Form descriptor
*/
private function getFiltersDesc( $filter ) {
$optionsMsg = [];
$default = [];
foreach ( $filter as $type => $val ) {
$optionsMsg["logeventslist-{$type}-log"] = $type;
if ( $val === false ) {
$default[] = $type;
}
}
return [
'class' => 'HTMLMultiSelectField',
'label-message' => 'logeventslist-more-filters',
'flatlist' => true,
'options-messages' => $optionsMsg,
'default' => $default,
];
}
/**
* @param array $queryTypes
* @return array Form descriptor
*/
private function getTypeMenuDesc( $queryTypes ) {
$queryType = count( $queryTypes ) == 1 ? $queryTypes[0] : '';
$typesByName = []; // Temporary array
// First pass to load the log names
foreach ( LogPage::validTypes() as $type ) {
$page = new LogPage( $type );
$restriction = $page->getRestriction();
if ( MediaWikiServices::getInstance()
->getPermissionManager()
->userHasRight( $this->getUser(), $restriction )
) {
$typesByName[$type] = $page->getName()->text();
}
}
// Second pass to sort by name
asort( $typesByName );
// Always put "All public logs" on top
$public = $typesByName[''];
unset( $typesByName[''] );
$typesByName = [ '' => $public ] + $typesByName;
return [
'class' => 'HTMLSelectField',
'name' => 'type',
'options' => array_flip( $typesByName ),
'default' => $queryType,
];
}
/**
* @param string $user
* @return array Form descriptor
*/
private function getUserInputDesc( $user ) {
return [
'class' => 'HTMLUserTextField',
'label-message' => 'specialloguserlabel',
'name' => 'user',
'default' => $user,
];
}
/**
* @param string $title
* @return array Form descriptor
*/
private function getTitleInputDesc( $title ) {
return [
'class' => 'HTMLTitleTextField',
'label-message' => 'speciallogtitlelabel',
'name' => 'page',
'required' => false
];
}
/**
* @param bool $pattern
* @return array Form descriptor
*/
private function getTitlePatternDesc( $pattern ) {
return [
'type' => 'check',
'label-message' => 'log-title-wildcard',
'name' => 'pattern',
];
}
/**
* @param array $types
* @return array|string Form descriptor or string with HTML
*/
private function getExtraInputsDesc( $types ) {
if ( count( $types ) == 1 ) {
if ( $types[0] == 'suppress' ) {
return [
'type' => 'text',
'label-message' => 'revdelete-offender',
'name' => 'offender',
];
} else {
// Allow extensions to add their own extra inputs
// This could be an array or string. See T199495.
$input = ''; // Deprecated
$formDescriptor = [];
$this->hookRunner->onLogEventsListGetExtraInputs( $types[0], $this, $input, $formDescriptor );
return empty( $formDescriptor ) ? $input : $formDescriptor;
}
}
return [];
}
/**
* Drop down menu for selection of actions that can be used to filter the log
* @param array $types
* @param string $action
* @return array Form descriptor
*/
private function getActionSelectorDesc( $types, $action ) {
$actionOptions = [];
$actionOptions[ 'log-action-filter-all' ] = '';
foreach ( $this->allowedActions as $value ) {
$msgKey = 'log-action-filter-' . $types[0] . '-' . $value;
$actionOptions[ $msgKey ] = $value;
}
return [
'class' => 'HTMLSelectField',
'name' => 'subtype',
'options-messages' => $actionOptions,
'default' => $action,
'label' => $this->msg( 'log-action-filter-' . $types[0] )->text(),
];
}
/**
* Sets the action types allowed for log filtering
* To one action type may correspond several log_actions
* @param array $actions
* @since 1.27
*/
public function setAllowedActions( $actions ) {
$this->allowedActions = $actions;
}
/**
* @return string
*/
public function beginLogEventsList() {
return "\n";
}
/**
* @return string
*/
public function endLogEventsList() {
return "
\n";
}
/**
* @param stdClass $row A single row from the result set
* @return string Formatted HTML list item
*/
public function logLine( $row ) {
$entry = DatabaseLogEntry::newFromRow( $row );
$formatter = LogFormatter::newFromEntry( $entry );
$formatter->setContext( $this->getContext() );
$formatter->setLinkRenderer( $this->getLinkRenderer() );
$formatter->setShowUserToolLinks( !( $this->flags & self::NO_EXTRA_USER_LINKS ) );
$time = htmlspecialchars( $this->getLanguage()->userTimeAndDate(
$entry->getTimestamp(), $this->getUser() ) );
$action = $formatter->getActionText();
if ( $this->flags & self::NO_ACTION_LINK ) {
$revert = '';
} else {
$revert = $formatter->getActionLinks();
if ( $revert != '' ) {
$revert = '' . $revert . '';
}
}
$comment = $formatter->getComment();
// Some user can hide log items and have review links
$del = $this->getShowHideLinks( $row );
// Any tags...
list( $tagDisplay, $newClasses ) = ChangeTags::formatSummaryRow(
$row->ts_tags,
'logevent',
$this->getContext()
);
$classes = array_merge(
[ 'mw-logline-' . $entry->getType() ],
$newClasses
);
$attribs = [
'data-mw-logid' => $entry->getId(),
'data-mw-logaction' => $entry->getFullType(),
];
$ret = "$del $time $action $comment $revert $tagDisplay";
// Let extensions add data
$this->hookRunner->onLogEventsListLineEnding( $this, $ret, $entry, $classes, $attribs );
$attribs = array_filter( $attribs,
[ Sanitizer::class, 'isReservedDataAttribute' ],
ARRAY_FILTER_USE_KEY
);
$attribs['class'] = implode( ' ', $classes );
return Html::rawElement( 'li', $attribs, $ret ) . "\n";
}
/**
* @param stdClass $row
* @return string
*/
private function getShowHideLinks( $row ) {
// We don't want to see the links and
if ( $this->flags == self::NO_ACTION_LINK ) {
return '';
}
$user = $this->getUser();
// If change tag editing is available to this user, return the checkbox
if ( $this->flags & self::USE_CHECKBOXES && $this->showTagEditUI ) {
return Xml::check(
'showhiderevisions',
false,
[ 'name' => 'ids[' . $row->log_id . ']' ]
);
}
// no one can hide items from the suppress log.
if ( $row->log_type == 'suppress' ) {
return '';
}
$del = '';
$permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
// Don't show useless checkbox to people who cannot hide log entries
if ( $permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
$canHide = $permissionManager->userHasRight( $user, 'deletelogentry' );
$canViewSuppressedOnly = $permissionManager->userHasRight( $user, 'viewsuppressed' ) &&
!$permissionManager->userHasRight( $user, 'suppressrevision' );
$entryIsSuppressed = self::isDeleted( $row, LogPage::DELETED_RESTRICTED );
$canViewThisSuppressedEntry = $canViewSuppressedOnly && $entryIsSuppressed;
if ( $row->log_deleted || $canHide ) {
// Show checkboxes instead of links.
if ( $canHide && $this->flags & self::USE_CHECKBOXES && !$canViewThisSuppressedEntry ) {
// If event was hidden from sysops
if ( !self::userCan( $row, LogPage::DELETED_RESTRICTED, $user ) ) {
$del = Xml::check( 'deleterevisions', false, [ 'disabled' => 'disabled' ] );
} else {
$del = Xml::check(
'showhiderevisions',
false,
[ 'name' => 'ids[' . $row->log_id . ']' ]
);
}
} else {
// If event was hidden from sysops
if ( !self::userCan( $row, LogPage::DELETED_RESTRICTED, $user ) ) {
$del = Linker::revDeleteLinkDisabled( $canHide );
} else {
$query = [
'target' => SpecialPage::getTitleFor( 'Log', $row->log_type )->getPrefixedDBkey(),
'type' => 'logging',
'ids' => $row->log_id,
];
$del = Linker::revDeleteLink(
$query,
$entryIsSuppressed,
$canHide && !$canViewThisSuppressedEntry
);
}
}
}
}
return $del;
}
/**
* @param stdClass $row
* @param string|array $type
* @param string|array $action
* @param string $right (deprecated since 1.35)
* @return bool
*/
public static function typeAction( $row, $type, $action, $right = '' ) {
if ( $right !== '' ) {
wfDeprecated( __METHOD__ . ' with a right specified', '1.35' );
}
$match = is_array( $type ) ?
in_array( $row->log_type, $type ) : $row->log_type == $type;
if ( $match ) {
$match = is_array( $action ) ?
in_array( $row->log_action, $action ) : $row->log_action == $action;
if ( $match && $right ) {
global $wgUser;
$match = MediaWikiServices::getInstance()
->getPermissionManager()
->userHasRight( $wgUser, $right );
}
}
return $match;
}
/**
* Determine if the current user is allowed to view a particular
* field of this log row, if it's marked as deleted and/or restricted log type.
*
* @param stdClass $row
* @param int $field
* @param User|null $user User to check, or null to use $wgUser (deprecated since 1.35)
* @return bool
*/
public static function userCan( $row, $field, User $user = null ) {
if ( !$user ) {
wfDeprecated( __METHOD__ . ' without passing a $user parameter', '1.35' );
global $wgUser;
$user = $wgUser;
}
return self::userCanBitfield( $row->log_deleted, $field, $user ) &&
self::userCanViewLogType( $row->log_type, $user );
}
/**
* Determine if the current user is allowed to view a particular
* field of this log row, if it's marked as deleted.
*
* @param int $bitfield Current field
* @param int $field
* @param User|null $user User to check, or null to use $wgUser (deprecated since 1.35)
* @return bool
*/
public static function userCanBitfield( $bitfield, $field, User $user = null ) {
if ( $bitfield & $field ) {
if ( $user === null ) {
wfDeprecated( __METHOD__ . ' without passing a $user parameter', '1.35' );
global $wgUser;
$user = $wgUser;
}
if ( $bitfield & LogPage::DELETED_RESTRICTED ) {
$permissions = [ 'suppressrevision', 'viewsuppressed' ];
} else {
$permissions = [ 'deletedhistory' ];
}
$permissionlist = implode( ', ', $permissions );
wfDebug( "Checking for $permissionlist due to $field match on $bitfield" );
return MediaWikiServices::getInstance()
->getPermissionManager()
->userHasAnyRight( $user, ...$permissions );
}
return true;
}
/**
* Determine if the current user is allowed to view a particular
* field of this log row, if it's marked as restricted log type.
*
* @param stdClass $type
* @param User|null $user User to check, or null to use $wgUser (deprecated since 1.35)
* @return bool
*/
public static function userCanViewLogType( $type, User $user = null ) {
if ( $user === null ) {
wfDeprecated( __METHOD__ . ' without passing a $user parameter', '1.35' );
global $wgUser;
$user = $wgUser;
}
$logRestrictions = MediaWikiServices::getInstance()->getMainConfig()->get( 'LogRestrictions' );
if ( isset( $logRestrictions[$type] ) && !MediaWikiServices::getInstance()
->getPermissionManager()
->userHasRight( $user, $logRestrictions[$type] )
) {
return false;
}
return true;
}
/**
* @param stdClass $row
* @param int $field One of DELETED_* bitfield constants
* @return bool
*/
public static function isDeleted( $row, $field ) {
return ( $row->log_deleted & $field ) == $field;
}
/**
* Show log extract. Either with text and a box (set $msgKey) or without (don't set $msgKey)
*
* @param OutputPage|string &$out
* @param string|array $types Log types to show
* @param string|Title $page The page title to show log entries for
* @param string $user The user who made the log entries
* @param array $param Associative Array with the following additional options:
* - lim Integer Limit of items to show, default is 50
* - conds Array Extra conditions for the query
* (e.g. 'log_action != ' . $dbr->addQuotes( 'revision' ))
* - showIfEmpty boolean Set to false if you don't want any output in case the loglist is empty
* if set to true (default), "No matching items in log" is displayed if loglist is empty
* - msgKey Array If you want a nice box with a message, set this to the key of the message.
* First element is the message key, additional optional elements are parameters for the key
* that are processed with wfMessage
* - offset Set to overwrite offset parameter in WebRequest
* set to '' to unset offset
* - wrap String Wrap the message in html (usually something like "$1
").
* - flags Integer display flags (NO_ACTION_LINK,NO_EXTRA_USER_LINKS)
* - useRequestParams boolean Set true to use Pager-related parameters in the WebRequest
* - useMaster boolean Use master DB
* - extraUrlParams array|bool Additional url parameters for "full log" link (if it is shown)
* @return int Number of total log items (not limited by $lim)
*/
public static function showLogExtract(
&$out, $types = [], $page = '', $user = '', $param = []
) {
$defaultParameters = [
'lim' => 25,
'conds' => [],
'showIfEmpty' => true,
'msgKey' => [ '' ],
'wrap' => "$1",
'flags' => 0,
'useRequestParams' => false,
'useMaster' => false,
'extraUrlParams' => false,
];
# The + operator appends elements of remaining keys from the right
# handed array to the left handed, whereas duplicated keys are NOT overwritten.
$param += $defaultParameters;
# Convert $param array to individual variables
$lim = $param['lim'];
$conds = $param['conds'];
$showIfEmpty = $param['showIfEmpty'];
$msgKey = $param['msgKey'];
$wrap = $param['wrap'];
$flags = $param['flags'];
$extraUrlParams = $param['extraUrlParams'];
$useRequestParams = $param['useRequestParams'];
// @phan-suppress-next-line PhanRedundantCondition
if ( !is_array( $msgKey ) ) {
$msgKey = [ $msgKey ];
}
if ( $out instanceof OutputPage ) {
$context = $out->getContext();
} else {
$context = RequestContext::getMain();
}
// FIXME: Figure out how to inject this
$linkRenderer = MediaWikiServices::getInstance()->getLinkRenderer();
# Insert list of top 50 (or top $lim) items
$loglist = new LogEventsList( $context, $linkRenderer, $flags );
$pager = new LogPager( $loglist, $types, $user, $page, '', $conds );
if ( !$useRequestParams ) {
# Reset vars that may have been taken from the request
$pager->mLimit = 50;
$pager->mDefaultLimit = 50;
$pager->mOffset = "";
$pager->mIsBackwards = false;
}
if ( $param['useMaster'] ) {
$pager->mDb = wfGetDB( DB_MASTER );
}
if ( isset( $param['offset'] ) ) { # Tell pager to ignore WebRequest offset
$pager->setOffset( $param['offset'] );
}
// @phan-suppress-next-line PhanSuspiciousValueComparison
if ( $lim > 0 ) {
$pager->mLimit = $lim;
}
// Fetch the log rows and build the HTML if needed
$logBody = $pager->getBody();
$numRows = $pager->getNumRows();
$s = '';
if ( $logBody ) {
if ( $msgKey[0] ) {
$dir = $context->getLanguage()->getDir();
$lang = $context->getLanguage()->getHtmlCode();
$s = Xml::openElement( 'div', [
'class' => "warningbox mw-warning-with-logexcerpt mw-content-$dir",
'dir' => $dir,
'lang' => $lang,
] );
// @phan-suppress-next-line PhanSuspiciousValueComparison
if ( count( $msgKey ) == 1 ) {
$s .= $context->msg( $msgKey[0] )->parseAsBlock();
} else { // Process additional arguments
$args = $msgKey;
array_shift( $args );
$s .= $context->msg( $msgKey[0], $args )->parseAsBlock();
}
}
$s .= $loglist->beginLogEventsList() .
$logBody .
$loglist->endLogEventsList();
// add styles for change tags
$context->getOutput()->addModuleStyles( 'mediawiki.interface.helpers.styles' );
} elseif ( $showIfEmpty ) {
$s = Html::rawElement( 'div', [ 'class' => 'mw-warning-logempty' ],
$context->msg( 'logempty' )->parse() );
}
if ( $numRows > $pager->mLimit ) { # Show "Full log" link
$urlParam = [];
if ( $page instanceof Title ) {
$urlParam['page'] = $page->getPrefixedDBkey();
} elseif ( $page != '' ) {
$urlParam['page'] = $page;
}
if ( $user != '' ) {
$urlParam['user'] = $user;
}
if ( !is_array( $types ) ) { # Make it an array, if it isn't
$types = [ $types ];
}
# If there is exactly one log type, we can link to Special:Log?type=foo
if ( count( $types ) == 1 ) {
$urlParam['type'] = $types[0];
}
// @phan-suppress-next-line PhanSuspiciousValueComparison
if ( $extraUrlParams !== false ) {
$urlParam = array_merge( $urlParam, $extraUrlParams );
}
$s .= $linkRenderer->makeKnownLink(
SpecialPage::getTitleFor( 'Log' ),
$context->msg( 'log-fulllog' )->text(),
[],
$urlParam
);
}
if ( $logBody && $msgKey[0] ) {
$s .= '';
}
// @phan-suppress-next-line PhanSuspiciousValueComparison
if ( $wrap != '' ) { // Wrap message in html
$s = str_replace( '$1', $s, $wrap );
}
/* hook can return false, if we don't want the message to be emitted (Wikia BugId:7093) */
if ( Hooks::runner()->onLogEventsListShowLogExtract( $s, $types, $page, $user, $param ) ) {
// $out can be either an OutputPage object or a String-by-reference
if ( $out instanceof OutputPage ) {
$out->addHTML( $s );
} else {
$out = $s;
}
}
return $numRows;
}
/**
* SQL clause to skip forbidden log types for this user
*
* @param IDatabase $db
* @param string $audience Public/user
* @param User|null $user User to check, or null to use $wgUser (deprecated since 1.35)
* @return string|bool String on success, false on failure.
*/
public static function getExcludeClause( $db, $audience = 'public', User $user = null ) {
global $wgLogRestrictions;
if ( $audience != 'public' && $user === null ) {
wfDeprecated(
__METHOD__ .
' using a non-public audience without passing a $user parameter',
'1.35'
);
global $wgUser;
$user = $wgUser;
}
// Reset the array, clears extra "where" clauses when $par is used
$hiddenLogs = [];
// Don't show private logs to unprivileged users
foreach ( $wgLogRestrictions as $logType => $right ) {
if ( $audience == 'public' || !MediaWikiServices::getInstance()
->getPermissionManager()
->userHasRight( $user, $right )
) {
$hiddenLogs[] = $logType;
}
}
if ( count( $hiddenLogs ) == 1 ) {
return 'log_type != ' . $db->addQuotes( $hiddenLogs[0] );
} elseif ( $hiddenLogs ) {
return 'log_type NOT IN (' . $db->makeList( $hiddenLogs ) . ')';
}
return false;
}
}