diff options
Diffstat (limited to 'includes/ProtectionForm.php')
| -rw-r--r-- | includes/ProtectionForm.php | 313 |
1 files changed, 147 insertions, 166 deletions
diff --git a/includes/ProtectionForm.php b/includes/ProtectionForm.php index f10317a9..7bad8b57 100644 --- a/includes/ProtectionForm.php +++ b/includes/ProtectionForm.php @@ -3,7 +3,7 @@ * Page protection * * Copyright © 2005 Brion Vibber <brion@pobox.com> - * http://www.mediawiki.org/ + * https://www.mediawiki.org/ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -27,46 +27,51 @@ * Handles the page protection UI and backend */ class ProtectionForm { - /** A map of action to restriction level, from request or default */ - var $mRestrictions = array(); + /** @var array A map of action to restriction level, from request or default */ + protected $mRestrictions = array(); - /** The custom/additional protection reason */ - var $mReason = ''; + /** @var string The custom/additional protection reason */ + protected $mReason = ''; - /** The reason selected from the list, blank for other/additional */ - var $mReasonSelection = ''; + /** @var string The reason selected from the list, blank for other/additional */ + protected $mReasonSelection = ''; - /** True if the restrictions are cascading, from request or existing protection */ - var $mCascade = false; + /** @var bool True if the restrictions are cascading, from request or existing protection */ + protected $mCascade = false; - /** Map of action to "other" expiry time. Used in preference to mExpirySelection. */ - var $mExpiry = array(); + /** @var array Map of action to "other" expiry time. Used in preference to mExpirySelection. */ + protected $mExpiry = array(); /** - * Map of action to value selected in expiry drop-down list. + * @var array Map of action to value selected in expiry drop-down list. * Will be set to 'othertime' whenever mExpiry is set. */ - var $mExpirySelection = array(); + protected $mExpirySelection = array(); - /** Permissions errors for the protect action */ - var $mPermErrors = array(); + /** @var array Permissions errors for the protect action */ + protected $mPermErrors = array(); - /** Types (i.e. actions) for which levels can be selected */ - var $mApplicableTypes = array(); + /** @var array Types (i.e. actions) for which levels can be selected */ + protected $mApplicableTypes = array(); - /** Map of action to the expiry time of the existing protection */ - var $mExistingExpiry = array(); + /** @var array Map of action to the expiry time of the existing protection */ + protected $mExistingExpiry = array(); - function __construct( Page $article ) { - global $wgUser; + /** @var IContextSource */ + private $mContext; + + function __construct( Article $article ) { // Set instance variables. $this->mArticle = $article; $this->mTitle = $article->getTitle(); $this->mApplicableTypes = $this->mTitle->getRestrictionTypes(); + $this->mContext = $article->getContext(); // Check if the form should be disabled. // If it is, the form will be available in read-only to show levels. - $this->mPermErrors = $this->mTitle->getUserPermissionsErrors( 'protect', $wgUser ); + $this->mPermErrors = $this->mTitle->getUserPermissionsErrors( + 'protect', $this->mContext->getUser() + ); if ( wfReadOnly() ) { $this->mPermErrors[] = array( 'readonlytext', wfReadOnlyReason() ); } @@ -82,14 +87,15 @@ class ProtectionForm { * Loads the current state of protection into the object. */ function loadData() { - global $wgRequest, $wgUser; - global $wgRestrictionLevels; - + $levels = MWNamespace::getRestrictionLevels( + $this->mTitle->getNamespace(), $this->mContext->getUser() + ); $this->mCascade = $this->mTitle->areRestrictionsCascading(); - $this->mReason = $wgRequest->getText( 'mwProtect-reason' ); - $this->mReasonSelection = $wgRequest->getText( 'wpProtectReasonSelection' ); - $this->mCascade = $wgRequest->getBool( 'mwProtect-cascade', $this->mCascade ); + $request = $this->mContext->getRequest(); + $this->mReason = $request->getText( 'mwProtect-reason' ); + $this->mReasonSelection = $request->getText( 'wpProtectReasonSelection' ); + $this->mCascade = $request->getBool( 'mwProtect-cascade', $this->mCascade ); foreach ( $this->mApplicableTypes as $action ) { // @todo FIXME: This form currently requires individual selections, @@ -106,8 +112,8 @@ class ProtectionForm { } $this->mExistingExpiry[$action] = $existingExpiry; - $requestExpiry = $wgRequest->getText( "mwProtect-expiry-$action" ); - $requestExpirySelection = $wgRequest->getVal( "wpProtectExpirySelection-$action" ); + $requestExpiry = $request->getText( "mwProtect-expiry-$action" ); + $requestExpirySelection = $request->getVal( "wpProtectExpirySelection-$action" ); if ( $requestExpiry ) { // Custom expiry takes precedence @@ -117,36 +123,19 @@ class ProtectionForm { // Expiry selected from list $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = $requestExpirySelection; - } elseif ( $existingExpiry == 'infinity' ) { - // Existing expiry is infinite, use "infinite" in drop-down - $this->mExpiry[$action] = ''; - $this->mExpirySelection[$action] = 'infinite'; } elseif ( $existingExpiry ) { // Use existing expiry in its own list item $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = $existingExpiry; } else { + // Catches 'infinity' - Existing expiry is infinite, use "infinite" in drop-down // Final default: infinite $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = 'infinite'; } - $val = $wgRequest->getVal( "mwProtect-level-$action" ); - if ( isset( $val ) && in_array( $val, $wgRestrictionLevels ) ) { - // Prevent users from setting levels that they cannot later unset - if ( $val == 'sysop' ) { - // Special case, rewrite sysop to editprotected - if ( !$wgUser->isAllowed( 'editprotected' ) ) { - continue; - } - } elseif ( $val == 'autoconfirmed' ) { - // Special case, rewrite autoconfirmed to editsemiprotected - if ( !$wgUser->isAllowed( 'editsemiprotected' ) ) { - continue; - } - } elseif ( !$wgUser->isAllowed( $val ) ) { - continue; - } + $val = $request->getVal( "mwProtect-level-$action" ); + if ( isset( $val ) && in_array( $val, $levels ) ) { $this->mRestrictions[$action] = $val; } } @@ -155,7 +144,7 @@ class ProtectionForm { /** * Get the expiry time for a given action, by combining the relevant inputs. * - * @param $action string + * @param string $action * * @return string 14-char timestamp or "infinity", or false if the input was invalid */ @@ -187,16 +176,14 @@ class ProtectionForm { * Main entry point for action=protect and action=unprotect */ function execute() { - global $wgRequest, $wgOut; - - if ( $this->mTitle->getNamespace() == NS_MEDIAWIKI ) { + if ( MWNamespace::getRestrictionLevels( $this->mTitle->getNamespace() ) === array( '' ) ) { throw new ErrorPageError( 'protect-badnamespace-title', 'protect-badnamespace-text' ); } - if ( $wgRequest->wasPosted() ) { + if ( $this->mContext->getRequest()->wasPosted() ) { if ( $this->save() ) { $q = $this->mArticle->isRedirect() ? 'redirect=no' : ''; - $wgOut->redirect( $this->mTitle->getFullURL( $q ) ); + $this->mContext->getOutput()->redirect( $this->mTitle->getFullURL( $q ) ); } } else { $this->show(); @@ -206,28 +193,30 @@ class ProtectionForm { /** * Show the input form with optional error message * - * @param string $err error message or null if there's no error + * @param string $err Error message or null if there's no error */ function show( $err = null ) { - global $wgOut; - - $wgOut->setRobotPolicy( 'noindex,nofollow' ); - $wgOut->addBacklinkSubtitle( $this->mTitle ); + $out = $this->mContext->getOutput(); + $out->setRobotPolicy( 'noindex,nofollow' ); + $out->addBacklinkSubtitle( $this->mTitle ); if ( is_array( $err ) ) { - $wgOut->wrapWikiMsg( "<p class='error'>\n$1\n</p>\n", $err ); + $out->wrapWikiMsg( "<p class='error'>\n$1\n</p>\n", $err ); } elseif ( is_string( $err ) ) { - $wgOut->addHTML( "<p class='error'>{$err}</p>\n" ); + $out->addHTML( "<p class='error'>{$err}</p>\n" ); } if ( $this->mTitle->getRestrictionTypes() === array() ) { // No restriction types available for the current title // this might happen if an extension alters the available types - $wgOut->setPageTitle( wfMessage( 'protect-norestrictiontypes-title', $this->mTitle->getPrefixedText() ) ); - $wgOut->addWikiText( wfMessage( 'protect-norestrictiontypes-text' )->text() ); + $out->setPageTitle( wfMessage( + 'protect-norestrictiontypes-title', + $this->mTitle->getPrefixedText() + ) ); + $out->addWikiText( wfMessage( 'protect-norestrictiontypes-text' )->text() ); // Show the log in case protection was possible once - $this->showLogExtract( $wgOut ); + $this->showLogExtract( $out ); // return as there isn't anything else we can do return; } @@ -240,40 +229,48 @@ class ProtectionForm { $titles .= '* [[:' . $title->getPrefixedText() . "]]\n"; } - $wgOut->wrapWikiMsg( "<div id=\"mw-protect-cascadeon\">\n$1\n" . $titles . "</div>", array( 'protect-cascadeon', count( $cascadeSources ) ) ); + /** @todo FIXME: i18n issue, should use formatted number. */ + $out->wrapWikiMsg( + "<div id=\"mw-protect-cascadeon\">\n$1\n" . $titles . "</div>", + array( 'protect-cascadeon', count( $cascadeSources ) ) + ); } # Show an appropriate message if the user isn't allowed or able to change # the protection settings at this time if ( $this->disabled ) { - $wgOut->setPageTitle( wfMessage( 'protect-title-notallowed', $this->mTitle->getPrefixedText() ) ); - $wgOut->addWikiText( $wgOut->formatPermissionsErrorMessage( $this->mPermErrors, 'protect' ) ); + $out->setPageTitle( + wfMessage( 'protect-title-notallowed', + $this->mTitle->getPrefixedText() ) + ); + $out->addWikiText( $out->formatPermissionsErrorMessage( $this->mPermErrors, 'protect' ) ); } else { - $wgOut->setPageTitle( wfMessage( 'protect-title', $this->mTitle->getPrefixedText() ) ); - $wgOut->addWikiMsg( 'protect-text', + $out->setPageTitle( wfMessage( 'protect-title', $this->mTitle->getPrefixedText() ) ); + $out->addWikiMsg( 'protect-text', wfEscapeWikiText( $this->mTitle->getPrefixedText() ) ); } - $wgOut->addHTML( $this->buildForm() ); - $this->showLogExtract( $wgOut ); + $out->addHTML( $this->buildForm() ); + $this->showLogExtract( $out ); } /** * Save submitted protection form * - * @return Boolean: success + * @return bool Success */ function save() { - global $wgRequest, $wgUser, $wgOut; - # Permission check! if ( $this->disabled ) { $this->show(); return false; } - $token = $wgRequest->getVal( 'wpEditToken' ); - if ( !$wgUser->matchEditToken( $token, array( 'protect', $this->mTitle->getPrefixedDBkey() ) ) ) { + $request = $this->mContext->getRequest(); + $user = $this->mContext->getUser(); + $out = $this->mContext->getOutput(); + $token = $request->getVal( 'wpEditToken' ); + if ( !$user->matchEditToken( $token, array( 'protect', $this->mTitle->getPrefixedDBkey() ) ) ) { $this->show( array( 'sessionfailure' ) ); return false; } @@ -302,12 +299,18 @@ class ProtectionForm { } } - $this->mCascade = $wgRequest->getBool( 'mwProtect-cascade' ); + $this->mCascade = $request->getBool( 'mwProtect-cascade' ); - $status = $this->mArticle->doUpdateRestrictions( $this->mRestrictions, $expiry, $this->mCascade, $reasonstr, $wgUser ); + $status = $this->mArticle->doUpdateRestrictions( + $this->mRestrictions, + $expiry, + $this->mCascade, + $reasonstr, + $user + ); if ( !$status->isOK() ) { - $this->show( $wgOut->parseInline( $status->getWikiText() ) ); + $this->show( $out->parseInline( $status->getWikiText() ) ); return false; } @@ -328,7 +331,7 @@ class ProtectionForm { return false; } - WatchAction::doWatchOrUnwatch( $wgRequest->getCheck( 'mwProtectWatch' ), $this->mTitle, $wgUser ); + WatchAction::doWatchOrUnwatch( $request->getCheck( 'mwProtectWatch' ), $this->mTitle, $user ); return true; } @@ -336,26 +339,20 @@ class ProtectionForm { /** * Build the input form * - * @return String: HTML form + * @return string HTML form */ function buildForm() { - global $wgUser, $wgLang, $wgOut; - - $mProtectreasonother = Xml::label( - wfMessage( 'protectcomment' )->text(), - 'wpProtectReasonSelection' - ); - $mProtectreason = Xml::label( - wfMessage( 'protect-otherreason' )->text(), - 'mwProtect-reason' - ); - + $user = $this->mContext->getUser(); + $output = $this->mContext->getOutput(); + $lang = $this->mContext->getLanguage(); + $cascadingRestrictionLevels = $this->mContext->getConfig()->get( 'CascadingRestrictionLevels' ); $out = ''; if ( !$this->disabled ) { - $wgOut->addModules( 'mediawiki.legacy.protect' ); + $output->addModules( 'mediawiki.legacy.protect' ); + $output->addJsConfigVars( 'wgCascadeableLevels', $cascadingRestrictionLevels ); $out .= Xml::openElement( 'form', array( 'method' => 'post', 'action' => $this->mTitle->getLocalURL( 'action=protect' ), - 'id' => 'mw-Protect-Form', 'onsubmit' => 'ProtectionForm.enableUnchainedInputs(true)' ) ); + 'id' => 'mw-Protect-Form' ) ); } $out .= Xml::openElement( 'fieldset' ) . @@ -363,6 +360,9 @@ class ProtectionForm { Xml::openElement( 'table', array( 'id' => 'mwProtectSet' ) ) . Xml::openElement( 'tbody' ); + $scExpiryOptions = wfMessage( 'protect-expiry-options' )->inContentLanguage()->text(); + $showProtectOptions = $scExpiryOptions !== '-' && !$this->disabled; + // Not all languages have V_x <-> N_x relation foreach ( $this->mRestrictions as $action => $selected ) { // Messages: @@ -374,15 +374,6 @@ class ProtectionForm { Xml::openElement( 'table', array( 'id' => "mw-protect-table-$action" ) ) . "<tr><td>" . $this->buildSelector( $action, $selected ) . "</td></tr><tr><td>"; - $reasonDropDown = Xml::listDropDown( 'wpProtectReasonSelection', - wfMessage( 'protect-dropdown' )->inContentLanguage()->text(), - wfMessage( 'protect-otherreason-op' )->inContentLanguage()->text(), - $this->mReasonSelection, - 'mwProtect-reason', 4 ); - $scExpiryOptions = wfMessage( 'protect-expiry-options' )->inContentLanguage()->text(); - - $showProtectOptions = $scExpiryOptions !== '-' && !$this->disabled; - $mProtectexpiry = Xml::label( wfMessage( 'protectexpiry' )->text(), "mwProtectExpirySelection-$action" @@ -393,13 +384,18 @@ class ProtectionForm { ); $expiryFormOptions = ''; - if ( $this->mExistingExpiry[$action] && $this->mExistingExpiry[$action] != 'infinity' ) { - $timestamp = $wgLang->timeanddate( $this->mExistingExpiry[$action], true ); - $d = $wgLang->date( $this->mExistingExpiry[$action], true ); - $t = $wgLang->time( $this->mExistingExpiry[$action], true ); + if ( $this->mExistingExpiry[$action] ) { + if ( $this->mExistingExpiry[$action] == 'infinity' ) { + $existingExpiryMessage = wfMessage( 'protect-existing-expiry-infinity' ); + } else { + $timestamp = $lang->timeanddate( $this->mExistingExpiry[$action], true ); + $d = $lang->date( $this->mExistingExpiry[$action], true ); + $t = $lang->time( $this->mExistingExpiry[$action], true ); + $existingExpiryMessage = wfMessage( 'protect-existing-expiry', $timestamp, $d, $t ); + } $expiryFormOptions .= Xml::option( - wfMessage( 'protect-existing-expiry', $timestamp, $d, $t )->text(), + $existingExpiryMessage->text(), 'existing', $this->mExpirySelection[$action] == 'existing' ) . "\n"; @@ -417,7 +413,11 @@ class ProtectionForm { } $show = htmlspecialchars( $show ); $value = htmlspecialchars( $value ); - $expiryFormOptions .= Xml::option( $show, $value, $this->mExpirySelection[$action] === $value ) . "\n"; + $expiryFormOptions .= Xml::option( + $show, + $value, + $this->mExpirySelection[$action] === $value + ) . "\n"; } # Add expiry dropdown if ( $showProtectOptions && !$this->disabled ) { @@ -431,16 +431,13 @@ class ProtectionForm { array( 'id' => "mwProtectExpirySelection-$action", 'name' => "wpProtectExpirySelection-$action", - 'onchange' => "ProtectionForm.updateExpiryList(this)", 'tabindex' => '2' ) + $this->disabledAttrib, $expiryFormOptions ) . "</td> </tr></table>"; } # Add custom expiry field - $attribs = array( 'id' => "mwProtect-$action-expires", - 'onkeyup' => 'ProtectionForm.updateExpiry(this)', - 'onchange' => 'ProtectionForm.updateExpiry(this)' ) + $this->disabledAttrib; + $attribs = array( 'id' => "mwProtect-$action-expires" ) + $this->disabledAttrib; $out .= "<table><tr> <td class='mw-label'>" . $mProtectother . @@ -479,6 +476,22 @@ class ProtectionForm { # Add manual and custom reason field/selects as well as submit if ( !$this->disabled ) { + $mProtectreasonother = Xml::label( + wfMessage( 'protectcomment' )->text(), + 'wpProtectReasonSelection' + ); + + $mProtectreason = Xml::label( + wfMessage( 'protect-otherreason' )->text(), + 'mwProtect-reason' + ); + + $reasonDropDown = Xml::listDropDown( 'wpProtectReasonSelection', + wfMessage( 'protect-dropdown' )->inContentLanguage()->text(), + wfMessage( 'protect-otherreason-op' )->inContentLanguage()->text(), + $this->mReasonSelection, + 'mwProtect-reason', 4 ); + $out .= Xml::openElement( 'table', array( 'id' => 'mw-protect-table3' ) ) . Xml::openElement( 'tbody' ); $out .= " @@ -503,14 +516,14 @@ class ProtectionForm { "</td> </tr>"; # Disallow watching is user is not logged in - if ( $wgUser->isLoggedIn() ) { + if ( $user->isLoggedIn() ) { $out .= " <tr> <td></td> <td class='mw-input'>" . Xml::checkLabel( wfMessage( 'watchthis' )->text(), 'mwProtectWatch', 'mwProtectWatch', - $wgUser->isWatched( $this->mTitle ) || $wgUser->getOption( 'watchdefault' ) ) . + $user->isWatched( $this->mTitle ) || $user->getOption( 'watchdefault' ) ) . "</td> </tr>"; } @@ -528,7 +541,7 @@ class ProtectionForm { } $out .= Xml::closeElement( 'fieldset' ); - if ( $wgUser->isAllowed( 'editinterface' ) ) { + if ( $user->isAllowed( 'editinterface' ) ) { $title = Title::makeTitle( NS_MEDIAWIKI, 'Protect-dropdown' ); $link = Linker::link( $title, @@ -540,9 +553,11 @@ class ProtectionForm { } if ( !$this->disabled ) { - $out .= Html::hidden( 'wpEditToken', $wgUser->getEditToken( array( 'protect', $this->mTitle->getPrefixedDBkey() ) ) ); + $out .= Html::hidden( + 'wpEditToken', + $user->getEditToken( array( 'protect', $this->mTitle->getPrefixedDBkey() ) ) + ); $out .= Xml::closeElement( 'form' ); - $wgOut->addScript( $this->buildCleanupScript() ); } return $out; @@ -551,41 +566,23 @@ class ProtectionForm { /** * Build protection level selector * - * @param string $action action to protect - * @param string $selected current protection level - * @return String: HTML fragment + * @param string $action Action to protect + * @param string $selected Current protection level + * @return string HTML fragment */ function buildSelector( $action, $selected ) { - global $wgRestrictionLevels, $wgUser; - - $levels = array(); - foreach ( $wgRestrictionLevels as $key ) { - //don't let them choose levels above their own (aka so they can still unprotect and edit the page). but only when the form isn't disabled - if ( $key == 'sysop' ) { - //special case, rewrite sysop to editprotected - if ( !$wgUser->isAllowed( 'editprotected' ) && !$this->disabled ) { - continue; - } - } elseif ( $key == 'autoconfirmed' ) { - //special case, rewrite autoconfirmed to editsemiprotected - if ( !$wgUser->isAllowed( 'editsemiprotected' ) && !$this->disabled ) { - continue; - } - } else { - if ( !$wgUser->isAllowed( $key ) && !$this->disabled ) { - continue; - } - } - $levels[] = $key; - } + // If the form is disabled, display all relevant levels. Otherwise, + // just show the ones this user can use. + $levels = MWNamespace::getRestrictionLevels( $this->mTitle->getNamespace(), + $this->disabled ? null : $this->mContext->getUser() + ); $id = 'mwProtect-level-' . $action; $attribs = array( 'id' => $id, 'name' => $id, 'size' => count( $levels ), - 'onchange' => 'ProtectionForm.updateLevels(this)', - ) + $this->disabledAttrib; + ) + $this->disabledAttrib; $out = Xml::openElement( 'select', $attribs ); foreach ( $levels as $key ) { @@ -598,8 +595,8 @@ class ProtectionForm { /** * Prepare the label for a protection selector option * - * @param string $permission permission required - * @return String + * @param string $permission Permission required + * @return string */ private function getOptionLabel( $permission ) { if ( $permission == '' ) { @@ -614,26 +611,10 @@ class ProtectionForm { } } - function buildCleanupScript() { - global $wgCascadingRestrictionLevels, $wgOut; - - $cascadeableLevels = $wgCascadingRestrictionLevels; - $options = array( - 'tableId' => 'mwProtectSet', - 'labelText' => wfMessage( 'protect-unchain-permissions' )->plain(), - 'numTypes' => count( $this->mApplicableTypes ), - 'existingMatch' => count( array_unique( $this->mExistingExpiry ) ) === 1, - ); - - $wgOut->addJsConfigVars( 'wgCascadeableLevels', $cascadeableLevels ); - $script = Xml::encodeJsCall( 'ProtectionForm.init', array( $options ) ); - return Html::inlineScript( ResourceLoader::makeLoaderConditionalScript( $script ) ); - } - /** * Show protection long extracts for this page * - * @param $out OutputPage + * @param OutputPage $out * @access private */ function showLogExtract( &$out ) { |