summaryrefslogtreecommitdiff
path: root/includes/api/ApiQueryDeletedrevs.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/api/ApiQueryDeletedrevs.php')
-rw-r--r--includes/api/ApiQueryDeletedrevs.php275
1 files changed, 197 insertions, 78 deletions
diff --git a/includes/api/ApiQueryDeletedrevs.php b/includes/api/ApiQueryDeletedrevs.php
index 82733133..9042696b 100644
--- a/includes/api/ApiQueryDeletedrevs.php
+++ b/includes/api/ApiQueryDeletedrevs.php
@@ -31,7 +31,7 @@
*/
class ApiQueryDeletedrevs extends ApiQueryBase {
- public function __construct( $query, $moduleName ) {
+ public function __construct( ApiQuery $query, $moduleName ) {
parent::__construct( $query, $moduleName, 'dr' );
}
@@ -39,7 +39,10 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
$user = $this->getUser();
// Before doing anything at all, let's check permissions
if ( !$user->isAllowed( 'deletedhistory' ) ) {
- $this->dieUsage( 'You don\'t have permission to view deleted revision information', 'permissiondenied' );
+ $this->dieUsage(
+ 'You don\'t have permission to view deleted revision information',
+ 'permissiondenied'
+ );
}
$db = $this->getDB();
@@ -56,12 +59,25 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
$fld_sha1 = isset( $prop['sha1'] );
$fld_content = isset( $prop['content'] );
$fld_token = isset( $prop['token'] );
+ $fld_tags = isset( $prop['tags'] );
+
+ if ( isset( $prop['token'] ) ) {
+ $p = $this->getModulePrefix();
+ $this->setWarning(
+ "{$p}prop=token has been deprecated. Please use action=query&meta=tokens instead."
+ );
+ }
// If we're in JSON callback mode, no tokens can be obtained
if ( !is_null( $this->getMain()->getRequest()->getVal( 'callback' ) ) ) {
$fld_token = false;
}
+ // If user can't undelete, no tokens
+ if ( !$user->isAllowed( 'undelete' ) ) {
+ $fld_token = false;
+ }
+
$result = $this->getResult();
$pageSet = $this->getPageSet();
$titles = $pageSet->getTitles();
@@ -97,8 +113,7 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
}
$this->addTables( 'archive' );
- $this->addWhere( 'ar_deleted = 0' );
- $this->addFields( array( 'ar_title', 'ar_namespace', 'ar_timestamp' ) );
+ $this->addFields( array( 'ar_title', 'ar_namespace', 'ar_timestamp', 'ar_deleted', 'ar_id' ) );
$this->addFieldsIf( 'ar_parent_id', $fld_parentid );
$this->addFieldsIf( 'ar_rev_id', $fld_revid );
@@ -109,14 +124,41 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
$this->addFieldsIf( 'ar_len', $fld_len );
$this->addFieldsIf( 'ar_sha1', $fld_sha1 );
+ if ( $fld_tags ) {
+ $this->addTables( 'tag_summary' );
+ $this->addJoinConds(
+ array( 'tag_summary' => array( 'LEFT JOIN', array( 'ar_rev_id=ts_rev_id' ) ) )
+ );
+ $this->addFields( 'ts_tags' );
+ }
+
+ if ( !is_null( $params['tag'] ) ) {
+ $this->addTables( 'change_tag' );
+ $this->addJoinConds(
+ array( 'change_tag' => array( 'INNER JOIN', array( 'ar_rev_id=ct_rev_id' ) ) )
+ );
+ $this->addWhereFld( 'ct_tag', $params['tag'] );
+ }
+
if ( $fld_content ) {
+ // Modern MediaWiki has the content for deleted revs in the 'text'
+ // table using fields old_text and old_flags. But revisions deleted
+ // pre-1.5 store the content in the 'archive' table directly using
+ // fields ar_text and ar_flags, and no corresponding 'text' row. So
+ // we have to LEFT JOIN and fetch all four fields, plus ar_text_id
+ // to be able to tell the difference.
$this->addTables( 'text' );
- $this->addFields( array( 'ar_text', 'ar_text_id', 'old_text', 'old_flags' ) );
- $this->addWhere( 'ar_text_id = old_id' );
+ $this->addJoinConds(
+ array( 'text' => array( 'LEFT JOIN', array( 'ar_text_id=old_id' ) ) )
+ );
+ $this->addFields( array( 'ar_text', 'ar_flags', 'ar_text_id', 'old_text', 'old_flags' ) );
// This also means stricter restrictions
- if ( !$user->isAllowed( 'undelete' ) ) {
- $this->dieUsage( 'You don\'t have permission to view deleted revision content', 'permissiondenied' );
+ if ( !$user->isAllowedAny( 'undelete', 'deletedtext' ) ) {
+ $this->dieUsage(
+ 'You don\'t have permission to view deleted revision content',
+ 'permissiondenied'
+ );
}
}
// Check limits
@@ -147,12 +189,18 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
} elseif ( $mode == 'all' ) {
$this->addWhereFld( 'ar_namespace', $params['namespace'] );
- $from = is_null( $params['from'] ) ? null : $this->titleToKey( $params['from'] );
- $to = is_null( $params['to'] ) ? null : $this->titleToKey( $params['to'] );
+ $from = $params['from'] === null
+ ? null
+ : $this->titlePartToKey( $params['from'], $params['namespace'] );
+ $to = $params['to'] === null
+ ? null
+ : $this->titlePartToKey( $params['to'], $params['namespace'] );
$this->addWhereRange( 'ar_title', $dir, $from, $to );
if ( isset( $params['prefix'] ) ) {
- $this->addWhere( 'ar_title' . $db->buildLike( $this->titlePartToKey( $params['prefix'] ), $db->anyString() ) );
+ $this->addWhere( 'ar_title' . $db->buildLike(
+ $this->titlePartToKey( $params['prefix'], $params['namespace'] ),
+ $db->anyString() ) );
}
}
@@ -163,32 +211,67 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
$db->addQuotes( $params['excludeuser'] ) );
}
- if ( !is_null( $params['continue'] ) && ( $mode == 'all' || $mode == 'revs' ) ) {
+ if ( !is_null( $params['user'] ) || !is_null( $params['excludeuser'] ) ) {
+ // Paranoia: avoid brute force searches (bug 17342)
+ // (shouldn't be able to get here without 'deletedhistory', but
+ // check it again just in case)
+ if ( !$user->isAllowed( 'deletedhistory' ) ) {
+ $bitmask = Revision::DELETED_USER;
+ } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
+ $bitmask = Revision::DELETED_USER | Revision::DELETED_RESTRICTED;
+ } else {
+ $bitmask = 0;
+ }
+ if ( $bitmask ) {
+ $this->addWhere( $db->bitAnd( 'ar_deleted', $bitmask ) . " != $bitmask" );
+ }
+ }
+
+ if ( !is_null( $params['continue'] ) ) {
$cont = explode( '|', $params['continue'] );
- $this->dieContinueUsageIf( count( $cont ) != 3 );
- $ns = intval( $cont[0] );
- $this->dieContinueUsageIf( strval( $ns ) !== $cont[0] );
- $title = $db->addQuotes( $cont[1] );
- $ts = $db->addQuotes( $db->timestamp( $cont[2] ) );
$op = ( $dir == 'newer' ? '>' : '<' );
- $this->addWhere( "ar_namespace $op $ns OR " .
+ if ( $mode == 'all' || $mode == 'revs' ) {
+ $this->dieContinueUsageIf( count( $cont ) != 4 );
+ $ns = intval( $cont[0] );
+ $this->dieContinueUsageIf( strval( $ns ) !== $cont[0] );
+ $title = $db->addQuotes( $cont[1] );
+ $ts = $db->addQuotes( $db->timestamp( $cont[2] ) );
+ $ar_id = (int)$cont[3];
+ $this->dieContinueUsageIf( strval( $ar_id ) !== $cont[3] );
+ $this->addWhere( "ar_namespace $op $ns OR " .
"(ar_namespace = $ns AND " .
"(ar_title $op $title OR " .
"(ar_title = $title AND " .
- "ar_timestamp $op= $ts)))" );
+ "(ar_timestamp $op $ts OR " .
+ "(ar_timestamp = $ts AND " .
+ "ar_id $op= $ar_id)))))" );
+ } else {
+ $this->dieContinueUsageIf( count( $cont ) != 2 );
+ $ts = $db->addQuotes( $db->timestamp( $cont[0] ) );
+ $ar_id = (int)$cont[1];
+ $this->dieContinueUsageIf( strval( $ar_id ) !== $cont[1] );
+ $this->addWhere( "ar_timestamp $op $ts OR " .
+ "(ar_timestamp = $ts AND " .
+ "ar_id $op= $ar_id)" );
+ }
}
$this->addOption( 'LIMIT', $limit + 1 );
- $this->addOption( 'USE INDEX', array( 'archive' => ( $mode == 'user' ? 'usertext_timestamp' : 'name_title_timestamp' ) ) );
+ $this->addOption(
+ 'USE INDEX',
+ array( 'archive' => ( $mode == 'user' ? 'usertext_timestamp' : 'name_title_timestamp' ) )
+ );
if ( $mode == 'all' ) {
if ( $params['unique'] ) {
+ // @todo Does this work on non-MySQL?
$this->addOption( 'GROUP BY', 'ar_title' );
} else {
$sort = ( $dir == 'newer' ? '' : ' DESC' );
$this->addOption( 'ORDER BY', array(
'ar_title' . $sort,
- 'ar_timestamp' . $sort
- ));
+ 'ar_timestamp' . $sort,
+ 'ar_id' . $sort,
+ ) );
}
} else {
if ( $mode == 'revs' ) {
@@ -197,6 +280,8 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
$this->addWhereRange( 'ar_title', $dir, null, null );
}
$this->addTimestampWhereRange( 'ar_timestamp', $dir, $params['start'], $params['end'] );
+ // Include in ORDER BY for uniqueness
+ $this->addWhereRange( 'ar_id', $dir, null, null );
}
$res = $this->select( __METHOD__ );
$pageMap = array(); // Maps ns&title to (fake) pageid
@@ -206,15 +291,18 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
if ( ++$count > $limit ) {
// We've had enough
if ( $mode == 'all' || $mode == 'revs' ) {
- $this->setContinueEnumParameter( 'continue', intval( $row->ar_namespace ) . '|' .
- $row->ar_title . '|' . $row->ar_timestamp );
+ $this->setContinueEnumParameter( 'continue',
+ "$row->ar_namespace|$row->ar_title|$row->ar_timestamp|$row->ar_id"
+ );
} else {
- $this->setContinueEnumParameter( 'start', wfTimestamp( TS_ISO_8601, $row->ar_timestamp ) );
+ $this->setContinueEnumParameter( 'continue', "$row->ar_timestamp|$row->ar_id" );
}
break;
}
$rev = array();
+ $anyHidden = false;
+
$rev['timestamp'] = wfTimestamp( TS_ISO_8601, $row->ar_timestamp );
if ( $fld_revid ) {
$rev['revid'] = intval( $row->ar_rev_id );
@@ -222,21 +310,37 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
if ( $fld_parentid && !is_null( $row->ar_parent_id ) ) {
$rev['parentid'] = intval( $row->ar_parent_id );
}
- if ( $fld_user ) {
- $rev['user'] = $row->ar_user_text;
- }
- if ( $fld_userid ) {
- $rev['userid'] = $row->ar_user;
- }
- if ( $fld_comment ) {
- $rev['comment'] = $row->ar_comment;
+ if ( $fld_user || $fld_userid ) {
+ if ( $row->ar_deleted & Revision::DELETED_USER ) {
+ $rev['userhidden'] = '';
+ $anyHidden = true;
+ }
+ if ( Revision::userCanBitfield( $row->ar_deleted, Revision::DELETED_USER, $user ) ) {
+ if ( $fld_user ) {
+ $rev['user'] = $row->ar_user_text;
+ }
+ if ( $fld_userid ) {
+ $rev['userid'] = $row->ar_user;
+ }
+ }
}
- $title = Title::makeTitle( $row->ar_namespace, $row->ar_title );
-
- if ( $fld_parsedcomment ) {
- $rev['parsedcomment'] = Linker::formatComment( $row->ar_comment, $title );
+ if ( $fld_comment || $fld_parsedcomment ) {
+ if ( $row->ar_deleted & Revision::DELETED_COMMENT ) {
+ $rev['commenthidden'] = '';
+ $anyHidden = true;
+ }
+ if ( Revision::userCanBitfield( $row->ar_deleted, Revision::DELETED_COMMENT, $user ) ) {
+ if ( $fld_comment ) {
+ $rev['comment'] = $row->ar_comment;
+ }
+ if ( $fld_parsedcomment ) {
+ $title = Title::makeTitle( $row->ar_namespace, $row->ar_title );
+ $rev['parsedcomment'] = Linker::formatComment( $row->ar_comment, $title );
+ }
+ }
}
+
if ( $fld_minor && $row->ar_minor_edit == 1 ) {
$rev['minor'] = '';
}
@@ -244,14 +348,45 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
$rev['len'] = $row->ar_len;
}
if ( $fld_sha1 ) {
- if ( $row->ar_sha1 != '' ) {
- $rev['sha1'] = wfBaseConvert( $row->ar_sha1, 36, 16, 40 );
- } else {
- $rev['sha1'] = '';
+ if ( $row->ar_deleted & Revision::DELETED_TEXT ) {
+ $rev['sha1hidden'] = '';
+ $anyHidden = true;
+ }
+ if ( Revision::userCanBitfield( $row->ar_deleted, Revision::DELETED_TEXT, $user ) ) {
+ if ( $row->ar_sha1 != '' ) {
+ $rev['sha1'] = wfBaseConvert( $row->ar_sha1, 36, 16, 40 );
+ } else {
+ $rev['sha1'] = '';
+ }
}
}
if ( $fld_content ) {
- ApiResult::setContent( $rev, Revision::getRevisionText( $row ) );
+ if ( $row->ar_deleted & Revision::DELETED_TEXT ) {
+ $rev['texthidden'] = '';
+ $anyHidden = true;
+ }
+ if ( Revision::userCanBitfield( $row->ar_deleted, Revision::DELETED_TEXT, $user ) ) {
+ if ( isset( $row->ar_text ) && !$row->ar_text_id ) {
+ // Pre-1.5 ar_text row (if condition from Revision::newFromArchiveRow)
+ ApiResult::setContent( $rev, Revision::getRevisionText( $row, 'ar_' ) );
+ } else {
+ ApiResult::setContent( $rev, Revision::getRevisionText( $row ) );
+ }
+ }
+ }
+
+ if ( $fld_tags ) {
+ if ( $row->ts_tags ) {
+ $tags = explode( ',', $row->ts_tags );
+ $this->getResult()->setIndexedTagName( $tags, 'tag' );
+ $rev['tags'] = $tags;
+ } else {
+ $rev['tags'] = array();
+ }
+ }
+
+ if ( $anyHidden && ( $row->ar_deleted & Revision::DELETED_RESTRICTED ) ) {
+ $rev['suppressed'] = '';
}
if ( !isset( $pageMap[$row->ar_namespace][$row->ar_title] ) ) {
@@ -259,6 +394,7 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
$pageMap[$row->ar_namespace][$row->ar_title] = $pageID;
$a['revisions'] = array( $rev );
$result->setIndexedTagName( $a['revisions'], 'rev' );
+ $title = Title::makeTitle( $row->ar_namespace, $row->ar_title );
ApiQueryBase::addTitleInfo( $a, $title );
if ( $fld_token ) {
$a['token'] = $token;
@@ -272,10 +408,11 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
}
if ( !$fit ) {
if ( $mode == 'all' || $mode == 'revs' ) {
- $this->setContinueEnumParameter( 'continue', intval( $row->ar_namespace ) . '|' .
- $row->ar_title . '|' . $row->ar_timestamp );
+ $this->setContinueEnumParameter( 'continue',
+ "$row->ar_namespace|$row->ar_title|$row->ar_timestamp|$row->ar_id"
+ );
} else {
- $this->setContinueEnumParameter( 'start', wfTimestamp( TS_ISO_8601, $row->ar_timestamp ) );
+ $this->setContinueEnumParameter( 'continue', "$row->ar_timestamp|$row->ar_id" );
}
break;
}
@@ -303,6 +440,7 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
'prefix' => null,
'continue' => null,
'unique' => false,
+ 'tag' => null,
'user' => array(
ApiBase::PARAM_TYPE => 'user'
),
@@ -333,7 +471,8 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
'len',
'sha1',
'content',
- 'token'
+ 'token',
+ 'tags'
),
ApiBase::PARAM_ISMULTI => true
),
@@ -361,57 +500,37 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
' len - Adds the length (bytes) of the revision',
' sha1 - Adds the SHA-1 (base 16) of the revision',
' content - Adds the content of the revision',
- ' token - Gives the edit token',
+ ' token - DEPRECATED! Gives the edit token',
+ ' tags - Tags for the revision',
),
'namespace' => 'Only list pages in this namespace (3)',
'user' => 'Only list revisions by this user',
'excludeuser' => 'Don\'t list revisions by this user',
- 'continue' => 'When more results are available, use this to continue (1, 3)',
+ 'continue' => 'When more results are available, use this to continue',
'unique' => 'List only one revision for each page (3)',
- );
- }
-
- public function getResultProperties() {
- return array(
- '' => array(
- 'ns' => 'namespace',
- 'title' => 'string'
- ),
- 'token' => array(
- 'token' => 'string'
- )
+ 'tag' => 'Only list revisions tagged with this tag',
);
}
public function getDescription() {
$p = $this->getModulePrefix();
+
return array(
'List deleted revisions.',
'Operates in three modes:',
- ' 1) List deleted revisions for the given title(s), sorted by timestamp',
- ' 2) List deleted contributions for the given user, sorted by timestamp (no titles specified)',
- " 3) List all deleted revisions in the given namespace, sorted by title and timestamp (no titles specified, {$p}user not set)",
+ ' 1) List deleted revisions for the given title(s), sorted by timestamp.',
+ ' 2) List deleted contributions for the given user, sorted by timestamp (no titles specified).',
+ ' 3) List all deleted revisions in the given namespace, sorted by title and timestamp',
+ " (no titles specified, {$p}user not set).",
'Certain parameters only apply to some modes and are ignored in others.',
- 'For instance, a parameter marked (1) only applies to mode 1 and is ignored in modes 2 and 3',
+ 'For instance, a parameter marked (1) only applies to mode 1 and is ignored in modes 2 and 3.',
);
}
- public function getPossibleErrors() {
- return array_merge( parent::getPossibleErrors(), array(
- array( 'code' => 'permissiondenied', 'info' => 'You don\'t have permission to view deleted revision information' ),
- array( 'code' => 'badparams', 'info' => 'user and excludeuser cannot be used together' ),
- array( 'code' => 'permissiondenied', 'info' => 'You don\'t have permission to view deleted revision content' ),
- array( 'code' => 'badparams', 'info' => "The 'from' parameter cannot be used in modes 1 or 2" ),
- array( 'code' => 'badparams', 'info' => "The 'to' parameter cannot be used in modes 1 or 2" ),
- array( 'code' => 'badparams', 'info' => "The 'prefix' parameter cannot be used in modes 1 or 2" ),
- array( 'code' => 'badparams', 'info' => "The 'start' parameter cannot be used in mode 3" ),
- array( 'code' => 'badparams', 'info' => "The 'end' parameter cannot be used in mode 3" ),
- ) );
- }
-
public function getExamples() {
return array(
- 'api.php?action=query&list=deletedrevs&titles=Main%20Page|Talk:Main%20Page&drprop=user|comment|content'
+ 'api.php?action=query&list=deletedrevs&titles=Main%20Page|Talk:Main%20Page&' .
+ 'drprop=user|comment|content'
=> 'List the last deleted revisions of Main Page and Talk:Main Page, with content (mode 1)',
'api.php?action=query&list=deletedrevs&druser=Bob&drlimit=50'
=> 'List the last 50 deleted contributions by Bob (mode 2)',