REL1_40/php/TranslateSandbox_8php_source.html

<?php

use MediaWiki\Auth\AuthenticationRequest;

use MediaWiki\Auth\AuthenticationResponse;

use MediaWiki\Auth\AuthManager;

use MediaWiki\Extension\Translate\SystemUsers\TranslateUserManager;

use MediaWiki\Extension\Translate\TranslatorSandbox\TranslationStashActionApi;

use MediaWiki\Extension\Translate\Utilities\Utilities;

use MediaWiki\MediaWikiServices;

use Wikimedia\ScopedCallback;


class TranslateSandbox {


    public static function addUser( $name, $email, $password ) {

        $user = User::newFromName( $name, 'creatable' );


        if ( !$user ) {

            throw new MWException( 'Invalid user name' );

        }


        $data = [

            'username' => $user->getName(),

            'password' => $password,

            'retype' => $password,

            'email' => $email,

            'realname' => '',

        ];


        $services = MediaWikiServices::getInstance();


        $permissionManager = $services->getPermissionManager();

        $creator = TranslateUserManager::getUser();

        $guard = $permissionManager->addTemporaryUserRights( $creator, 'createaccount' );


        $authManager = $services->getAuthManager();

        $reqs = $authManager->getAuthenticationRequests( AuthManager::ACTION_CREATE );

        $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );

        $res = $authManager->beginAccountCreation( $creator, $reqs, 'null:' );


        ScopedCallback::consume( $guard );


        switch ( $res->status ) {

            case AuthenticationResponse::PASS:

                break;

            case AuthenticationResponse::FAIL:

                // Unless things are misconfigured, this will handle errors such as username taken,

                // invalid user name or too short password. The WebAPI is prechecking these to

                // provide nicer error messages.

                $reason = $res->message->inLanguage( 'en' )->useDatabase( false )->text();

                throw new MWException( "Account creation failed: $reason" );

            default:

                // A provider requested further user input. Abort but clean up first if it was a

                // secondary provider (in which case the user was created).

                if ( $user->getId() ) {

                    self::deleteUser( $user, 'force' );

                }


                throw new MWException(

                    'AuthManager does not support such simplified account creation'

                );

        }


        // group-translate-sandboxed group-translate-sandboxed-member

        $services->getUserGroupManager()->addUserToGroup( $user, 'translate-sandboxed' );


        return $user;

    }


    public static function deleteUser( User $user, $force = '' ) {

        $uid = $user->getId();

        $actorId = $user->getActorId();


        if ( $force !== 'force' && !self::isSandboxed( $user ) ) {

            throw new MWException( 'Not a sandboxed user' );

        }


        // Delete from database

        $dbw = wfGetDB( DB_PRIMARY );

        $dbw->delete( 'user', [ 'user_id' => $uid ], __METHOD__ );

        $dbw->delete( 'user_groups', [ 'ug_user' => $uid ], __METHOD__ );

        $dbw->delete( 'user_properties', [ 'up_user' => $uid ], __METHOD__ );


        MediaWikiServices::getInstance()->getActorStore()->deleteActor( $user, $dbw );


        // Assume no joins are needed for logging or recentchanges

        $dbw->delete( 'logging', [ 'log_actor' => $actorId ], __METHOD__ );

        $dbw->delete( 'recentchanges', [ 'rc_actor' => $actorId ], __METHOD__ );


        // Update the site stats

        $statsUpdate = SiteStatsUpdate::factory( [ 'users' => -1 ] );

        $statsUpdate->doUpdate();


        // If someone tries to access still object still, they will get anon user

        // data.

        $user->clearInstanceCache( 'defaults' );


        // Nobody should access the user by id anymore, but in case they do, purge

        // the cache so they wont get stale data

        $user->invalidateCache();

    }


    public static function getUsers() {

        $dbw = Utilities::getSafeReadDB();

        $userQuery = User::getQueryInfo();

        $tables = array_merge( $userQuery['tables'], [ 'user_groups' ] );

        $fields = $userQuery['fields'];

        $conds = [

            'ug_group' => 'translate-sandboxed',

        ];

        $joins = [

            'user_groups' => [ 'JOIN', 'ug_user = user_id' ],

        ] + $userQuery['joins'];


        $res = $dbw->select( $tables, $fields, $conds, __METHOD__, [], $joins );


        return UserArray::newFromResult( $res );

    }


    public static function promoteUser( User $user ) {

        global $wgTranslateSandboxPromotedGroup;


        if ( !self::isSandboxed( $user ) ) {

            throw new MWException( 'Not a sandboxed user' );

        }


        $services = MediaWikiServices::getInstance();


        $userGroupManager = $services->getUserGroupManager();

        $userGroupManager->removeUserFromGroup( $user, 'translate-sandboxed' );


        if ( $wgTranslateSandboxPromotedGroup ) {

            $userGroupManager->addUserToGroup( $user, $wgTranslateSandboxPromotedGroup );

        }


        $userOptionsManager = $services->getUserOptionsManager();

        $userOptionsManager->setOption( $user, 'translate-sandbox-reminders', '' );

        $userOptionsManager->saveOptions( $user );

    }


    public static function sendEmail( User $sender, User $target, $type ) {

        global $wgEmergencyContact;


        $userOptionsLookup = MediaWikiServices::getInstance()->getUserOptionsLookup();

        $targetLang = $userOptionsLookup->getOption( $target, 'language' );


        switch ( $type ) {

            case 'reminder':

                if ( !self::isSandboxed( $target ) ) {

                    throw new MWException( 'Not a sandboxed user' );

                }


                $subjectMsg = 'tsb-reminder-title-generic';

                $bodyMsg = 'tsb-reminder-content-generic';

                $targetSpecialPage = 'TranslationStash';


                break;

            case 'promotion':

                $subjectMsg = 'tsb-email-promoted-subject';

                $bodyMsg = 'tsb-email-promoted-body';

                $targetSpecialPage = 'Translate';


                break;

            case 'rejection':

                $subjectMsg = 'tsb-email-rejected-subject';

                $bodyMsg = 'tsb-email-rejected-body';

                $targetSpecialPage = 'TwnMainPage';


                break;

            default:

                throw new MWException( "'$type' is an invalid type of translate sandbox email" );

        }


        $subject = wfMessage( $subjectMsg )->inLanguage( $targetLang )->text();

        $body = wfMessage(

            $bodyMsg,

            $target->getName(),

            SpecialPage::getTitleFor( $targetSpecialPage )->getCanonicalURL(),

            $sender->getName()

        )->inLanguage( $targetLang )->text();


        $params = [

            'user' => $target->getId(),

            'to' => MailAddress::newFromUser( $target ),

            'from' => new MailAddress( $wgEmergencyContact ),

            'replyto' => new MailAddress( $wgEmergencyContact ),

            'subj' => $subject,

            'body' => $body,

            'emailType' => $type,

        ];


        $services = MediaWikiServices::getInstance();

        $userOptionsManager = $services->getUserOptionsManager();


        $reminders = $userOptionsManager->getOption( $target, 'translate-sandbox-reminders' );

        $reminders = $reminders ? explode( '|', $reminders ) : [];

        $reminders[] = wfTimestamp();


        $userOptionsManager->setOption( $target, 'translate-sandbox-reminders', implode( '|', $reminders ) );

        $userOptionsManager->saveOptions( $target );


        $services->getJobQueueGroup()->push( TranslateSandboxEmailJob::newJob( $params ) );

    }


    public static function isSandboxed( User $user ) {

        $userGroupManager = MediaWikiServices::getInstance()->getUserGroupManager();

        return in_array( 'translate-sandboxed', $userGroupManager->getUserGroups( $user ), true );

    }


    public static function enforcePermissions( User $user, array &$rights ): bool {

        global $wgTranslateUseSandbox;


        if ( !$wgTranslateUseSandbox ) {

            return true;

        }


        if ( !self::isSandboxed( $user ) ) {

            return true;

        }


        // right-translate-sandboxaction action-translate-sandboxaction

        $rights = [

            'editmyoptions',

            'editmyprivateinfo',

            'read',

            'readapi',

            'translate-sandboxaction',

            'viewmyprivateinfo',

            'writeapi',

        ];


        // Do not let other hooks add more actions

        return false;

    }


    public static function onGetPreferences( $user, &$preferences ) {

        $preferences['translate-sandbox'] = $preferences['translate-sandbox-reminders'] =

            [ 'type' => 'api' ];


        return true;

    }


    public static function onApiCheckCanExecute( ApiBase $module, User $user, &$message ) {

        $inclusionList = [

            // Obviously this is needed to get out of the sandbox

            TranslationStashActionApi::class,

            // Used by UniversalLanguageSelector for example

            'ApiOptions'

        ];


        if ( self::isSandboxed( $user ) ) {

            $class = get_class( $module );

            if ( $module->isWriteMode() && !in_array( $class, $inclusionList, true ) ) {

                $message = ApiMessage::create( 'apierror-writeapidenied' );

                return false;

            }

        }


        return true;

    }


}


MediaWiki\Extension\Translate\SystemUsers\TranslateUserManager
Definition TranslateUserManager.php:15

MediaWiki\Extension\Translate\TranslatorSandbox\TranslationStashActionApi
WebAPI module for storing translations for users who are in a sandbox.
Definition TranslationStashActionApi.php:24

MediaWiki\Extension\Translate\Utilities\Utilities
Essentially random collection of helper functions, similar to GlobalFunctions.php.
Definition Utilities.php:30

TranslateSandboxEmailJob\newJob
static newJob(array $params)
Definition TranslateSandboxEmailJob.php:11

TranslateSandbox
Utility class for the sandbox feature of Translate.
Definition TranslateSandbox.php:23

TranslateSandbox\sendEmail
static sendEmail(User $sender, User $target, $type)
Sends a reminder to the user.
Definition TranslateSandbox.php:183

TranslateSandbox\addUser
static addUser( $name, $email, $password)
Adds a new user without doing much validation.
Definition TranslateSandbox.php:33

TranslateSandbox\enforcePermissions
static enforcePermissions(User $user, array &$rights)
Hook: UserGetRights.
Definition TranslateSandbox.php:264

TranslateSandbox\promoteUser
static promoteUser(User $user)
Removes the user from the sandbox.
Definition TranslateSandbox.php:154

TranslateSandbox\deleteUser
static deleteUser(User $user, $force='')
Deletes a sandboxed user without doing much validation.
Definition TranslateSandbox.php:95

TranslateSandbox\isSandboxed
static isSandboxed(User $user)
Shortcut for checking if given user is in the sandbox.
Definition TranslateSandbox.php:253

TranslateSandbox\onApiCheckCanExecute
static onApiCheckCanExecute(ApiBase $module, User $user, &$message)
Inclusion listing for certain API modules.
Definition TranslateSandbox.php:306

TranslateSandbox\onGetPreferences
static onGetPreferences( $user, &$preferences)
Hook: onGetPreferences.
Definition TranslateSandbox.php:291

TranslateSandbox\getUsers
static getUsers()
Get all sandboxed users.
Definition TranslateSandbox.php:132