summaryrefslogtreecommitdiff
path: root/includes/api/ApiFormatBase.php
blob: d078dc453f19ba92d7594dc2df8f67e26d89dbb2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
<?php
/**
 *
 *
 * Created on Sep 19, 2006
 *
 * Copyright © 2006 Yuri Astrakhan "<Firstname><Lastname>@gmail.com"
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 */

/**
 * This is the abstract base class for API formatters.
 *
 * @ingroup API
 */
abstract class ApiFormatBase extends ApiBase {
	private $mIsHtml, $mFormat, $mUnescapeAmps, $mHelp;
	private $mBuffer, $mDisabled = false;
	protected $mForceDefaultParams = false;

	/**
	 * If $format ends with 'fm', pretty-print the output in HTML.
	 * @param ApiMain $main
	 * @param string $format Format name
	 */
	public function __construct( ApiMain $main, $format ) {
		parent::__construct( $main, $format );

		$this->mIsHtml = ( substr( $format, -2, 2 ) === 'fm' ); // ends with 'fm'
		if ( $this->mIsHtml ) {
			$this->mFormat = substr( $format, 0, -2 ); // remove ending 'fm'
		} else {
			$this->mFormat = $format;
		}
		$this->mFormat = strtoupper( $this->mFormat );
	}

	/**
	 * Overriding class returns the MIME type that should be sent to the client.
	 *
	 * When getIsHtml() returns true, the return value here is used for syntax
	 * highlighting but the client sees text/html.
	 *
	 * @return string
	 */
	abstract public function getMimeType();

	/**
	 * Get the internal format name
	 * @return string
	 */
	public function getFormat() {
		return $this->mFormat;
	}

	/**
	 * Returns true when the HTML pretty-printer should be used.
	 * The default implementation assumes that formats ending with 'fm'
	 * should be formatted in HTML.
	 * @return bool
	 */
	public function getIsHtml() {
		return $this->mIsHtml;
	}

	/**
	 * Disable the formatter.
	 *
	 * This causes calls to initPrinter() and closePrinter() to be ignored.
	 */
	public function disable() {
		$this->mDisabled = true;
	}

	/**
	 * Whether the printer is disabled
	 * @return bool
	 */
	public function isDisabled() {
		return $this->mDisabled;
	}

	/**
	 * Whether this formatter can handle printing API errors.
	 *
	 * If this returns false, then on API errors the default printer will be
	 * instantiated.
	 * @since 1.23
	 * @return bool
	 */
	public function canPrintErrors() {
		return true;
	}

	/**
	 * Ignore request parameters, force a default.
	 *
	 * Used as a fallback if errors are being thrown.
	 * @since 1.26
	 */
	public function forceDefaultParams() {
		$this->mForceDefaultParams = true;
	}

	/**
	 * Overridden to honor $this->forceDefaultParams(), if applicable
	 * @since 1.26
	 */
	protected function getParameterFromSettings( $paramName, $paramSettings, $parseLimit ) {
		if ( !$this->mForceDefaultParams ) {
			return parent::getParameterFromSettings( $paramName, $paramSettings, $parseLimit );
		}

		if ( !is_array( $paramSettings ) ) {
			return $paramSettings;
		} elseif ( isset( $paramSettings[self::PARAM_DFLT] ) ) {
			return $paramSettings[self::PARAM_DFLT];
		} else {
			return null;
		}
	}

	/**
	 * Initialize the printer function and prepare the output headers.
	 * @param bool $unused Always false since 1.25
	 */
	function initPrinter( $unused = false ) {
		if ( $this->mDisabled ) {
			return;
		}

		$mime = $this->getIsHtml() ? 'text/html' : $this->getMimeType();

		// Some printers (ex. Feed) do their own header settings,
		// in which case $mime will be set to null
		if ( $mime === null ) {
			return; // skip any initialization
		}

		$this->getMain()->getRequest()->response()->header( "Content-Type: $mime; charset=utf-8" );

		//Set X-Frame-Options API results (bug 39180)
		$apiFrameOptions = $this->getConfig()->get( 'ApiFrameOptions' );
		if ( $apiFrameOptions ) {
			$this->getMain()->getRequest()->response()->header( "X-Frame-Options: $apiFrameOptions" );
		}
	}

	/**
	 * Finish printing and output buffered data.
	 */
	public function closePrinter() {
		if ( $this->mDisabled ) {
			return;
		}

		$mime = $this->getMimeType();
		if ( $this->getIsHtml() && $mime !== null ) {
			$format = $this->getFormat();
			$result = $this->getBuffer();

			$context = new DerivativeContext( $this->getMain() );
			$context->setSkin( SkinFactory::getDefaultInstance()->makeSkin( 'apioutput' ) );
			$context->setTitle( SpecialPage::getTitleFor( 'ApiHelp' ) );
			$out = new OutputPage( $context );
			$context->setOutput( $out );

			$out->addModules( 'mediawiki.apipretty' );
			$out->setPageTitle( $context->msg( 'api-format-title' ) );

			$header = $context->msg( 'api-format-prettyprint-header' )
				->params( $format, strtolower( $format ) )
				->parseAsBlock();
			$out->addHTML(
				Html::rawElement( 'div', array( 'class' => 'api-pretty-header' ),
					ApiHelp::fixHelpLinks( $header )
				)
			);

			if ( Hooks::run( 'ApiFormatHighlight', array( $context, $result, $mime, $format ) ) ) {
				$out->addHTML(
					Html::element( 'pre', array( 'class' => 'api-pretty-content' ), $result )
				);
			}

			// API handles its own clickjacking protection.
			// Note, that $wgBreakFrames will still override $wgApiFrameOptions for format mode.
			$out->allowClickJacking();
			$out->output();
		} else {
			// For non-HTML output, clear all errors that might have been
			// displayed if display_errors=On
			ob_clean();

			echo $this->getBuffer();
		}
	}

	/**
	 * Append text to the output buffer.
	 * @param string $text
	 */
	public function printText( $text ) {
		$this->mBuffer .= $text;
	}

	/**
	 * Get the contents of the buffer.
	 * @return string
	 */
	public function getBuffer() {
		return $this->mBuffer;
	}

	protected function getExamplesMessages() {
		return array(
			'action=query&meta=siteinfo&siprop=namespaces&format=' . $this->getModuleName()
				=> array( 'apihelp-format-example-generic', $this->getFormat() )
		);
	}

	public function getHelpUrls() {
		return 'https://www.mediawiki.org/wiki/API:Data_formats';
	}

	/**
	 * To avoid code duplication with the deprecation of dbg, dump, txt, wddx,
	 * and yaml, this method is added to do the necessary work. It should be
	 * removed when those deprecated formats are removed.
	 */
	protected function markDeprecated() {
		$fm = $this->getIsHtml() ? 'fm' : '';
		$name = $this->getModuleName();
		$this->logFeatureUsage( "format=$name" );
		$this->setWarning( "format=$name has been deprecated. Please use format=json$fm instead." );
	}

	/************************************************************************//**
	 * @name   Deprecated
	 * @{
	 */

	/**
	 * Specify whether or not sequences like &amp;quot; should be unescaped
	 * to &quot; . This should only be set to true for the help message
	 * when rendered in the default (xmlfm) format. This is a temporary
	 * special-case fix that should be removed once the help has been
	 * reworked to use a fully HTML interface.
	 *
	 * @deprecated since 1.25
	 * @param bool $b Whether or not ampersands should be escaped.
	 */
	public function setUnescapeAmps( $b ) {
		wfDeprecated( __METHOD__, '1.25' );
		$this->mUnescapeAmps = $b;
	}

	/**
	 * Whether this formatter can format the help message in a nice way.
	 * By default, this returns the same as getIsHtml().
	 * When action=help is set explicitly, the help will always be shown
	 * @deprecated since 1.25
	 * @return bool
	 */
	public function getWantsHelp() {
		wfDeprecated( __METHOD__, '1.25' );
		return $this->getIsHtml();
	}

	/**
	 * Sets whether the pretty-printer should format *bold*
	 * @deprecated since 1.25
	 * @param bool $help
	 */
	public function setHelp( $help = true ) {
		wfDeprecated( __METHOD__, '1.25' );
		$this->mHelp = $help;
	}

	/**
	 * Pretty-print various elements in HTML format, such as xml tags and
	 * URLs. This method also escapes characters like <
	 * @deprecated since 1.25
	 * @param string $text
	 * @return string
	 */
	protected function formatHTML( $text ) {
		wfDeprecated( __METHOD__, '1.25' );

		// Escape everything first for full coverage
		$text = htmlspecialchars( $text );

		if ( $this->mFormat === 'XML' || $this->mFormat === 'WDDX' ) {
			// encode all comments or tags as safe blue strings
			$text = str_replace( '&lt;', '<span style="color:blue;">&lt;', $text );
			$text = str_replace( '&gt;', '&gt;</span>', $text );
		}

		// identify requests to api.php
		$text = preg_replace( '#^(\s*)(api\.php\?[^ <\n\t]+)$#m', '\1<a href="\2">\2</a>', $text );
		if ( $this->mHelp ) {
			// make lines inside * bold
			$text = preg_replace( '#^(\s*)(\*[^<>\n]+\*)(\s*)$#m', '$1<b>$2</b>$3', $text );
		}

		// Armor links (bug 61362)
		$masked = array();
		$text = preg_replace_callback( '#<a .*?</a>#', function ( $matches ) use ( &$masked ) {
			$sha = sha1( $matches[0] );
			$masked[$sha] = $matches[0];
			return "<$sha>";
		}, $text );

		// identify URLs
		$protos = wfUrlProtocolsWithoutProtRel();
		// This regex hacks around bug 13218 (&quot; included in the URL)
		$text = preg_replace(
			"#(((?i)$protos).*?)(&quot;)?([ \\'\"<>\n]|&lt;|&gt;|&quot;)#",
			'<a href="\\1">\\1</a>\\3\\4',
			$text
		);

		// Unarmor links
		$text = preg_replace_callback( '#<([0-9a-f]{40})>#', function ( $matches ) use ( &$masked ) {
			$sha = $matches[1];
			return isset( $masked[$sha] ) ? $masked[$sha] : $matches[0];
		}, $text );

		/**
		 * Temporary fix for bad links in help messages. As a special case,
		 * XML-escaped metachars are de-escaped one level in the help message
		 * for legibility. Should be removed once we have completed a fully-HTML
		 * version of the help message.
		 */
		if ( $this->mUnescapeAmps ) {
			$text = preg_replace( '/&amp;(amp|quot|lt|gt);/', '&\1;', $text );
		}

		return $text;
	}

	/**
	 * @see ApiBase::getDescription
	 * @deprecated since 1.25
	 */
	public function getDescription() {
		return $this->getIsHtml() ? ' (pretty-print in HTML)' : '';
	}

	/**
	 * Set the flag to buffer the result instead of printing it.
	 * @deprecated since 1.25, output is always buffered
	 * @param bool $value
	 */
	public function setBufferResult( $value ) {
	}

	/**
	 * Formerly indicated whether the formatter needed metadata from ApiResult.
	 *
	 * ApiResult previously (indirectly) used this to decide whether to add
	 * metadata or to ignore calls to metadata-setting methods, which
	 * unfortunately made several methods that should have been static have to
	 * be dynamic instead. Now ApiResult always stores metadata and formatters
	 * are required to ignore it or filter it out.
	 *
	 * @deprecated since 1.25
	 * @return bool
	 */
	public function getNeedsRawData() {
		return false;
	}

	/**@}*/
}

/**
 * For really cool vim folding this needs to be at the end:
 * vim: foldmarker=@{,@} foldmethod=marker
 */