master/php/TranslateSandbox_8php_source.html

<?php

declare( strict_types = 1 );


namespace MediaWiki\Extension\Translate\TranslatorSandbox;


use InvalidArgumentException;

use JobQueueGroup;

use MailAddress;

use MediaWiki\Auth\AuthenticationRequest;

use MediaWiki\Auth\AuthenticationResponse;

use MediaWiki\Auth\AuthManager;

use MediaWiki\Config\ServiceOptions;

use MediaWiki\Extension\Translate\HookRunner;

use MediaWiki\Extension\Translate\SystemUsers\TranslateUserManager;

use MediaWiki\Extension\Translate\Utilities\Utilities;

use MediaWiki\MediaWikiServices;

use MediaWiki\Permissions\PermissionManager;

use MediaWiki\SpecialPage\SpecialPage;

use MediaWiki\User\ActorStore;

use MediaWiki\User\User;

use MediaWiki\User\UserArray;

use MediaWiki\User\UserFactory;

use MediaWiki\User\UserGroupManager;

use MediaWiki\User\UserOptionsManager;

use RuntimeException;

use SiteStatsUpdate;

use UnexpectedValueException;

use Wikimedia\Rdbms\ILoadBalancer;

use Wikimedia\ScopedCallback;


class TranslateSandbox {

    public const CONSTRUCTOR_OPTIONS = [

        'EmergencyContact',

        'TranslateSandboxPromotedGroup',

    ];


    private UserFactory $userFactory;

    private ILoadBalancer $loadBalancer;

    private PermissionManager $permissionManager;

    private AuthManager $authManager;

    private UserGroupManager $userGroupManager;

    private ActorStore $actorStore;

    private UserOptionsManager $userOptionsManager;

    private JobQueueGroup $jobQueueGroup;

    private HookRunner $hookRunner;

    private ServiceOptions $options;


    public function __construct(

        UserFactory $userFactory,

        ILoadBalancer $loadBalancer,

        PermissionManager $permissionManager,

        AuthManager $authManager,

        UserGroupManager $userGroupManager,

        ActorStore $actorStore,

        UserOptionsManager $userOptionsManager,

        JobQueueGroup $jobQueueGroup,

        HookRunner $hookRunner,

        ServiceOptions $options

    ) {

        $this->userFactory = $userFactory;

        $this->loadBalancer = $loadBalancer;

        $this->permissionManager = $permissionManager;

        $this->authManager = $authManager;

        $this->userGroupManager = $userGroupManager;

        $this->actorStore = $actorStore;

        $this->userOptionsManager = $userOptionsManager;

        $this->jobQueueGroup = $jobQueueGroup;

        $this->hookRunner = $hookRunner;

        $options->assertRequiredOptions( self::CONSTRUCTOR_OPTIONS );

        $this->options = $options;

    }


    public const USER_CREATION_FAILURE = 56739;


    public function addUser( string $name, string $email, string $password ): User {

        $user = $this->userFactory->newFromName( $name, UserFactory::RIGOR_CREATABLE );


        if ( !$user ) {

            throw new InvalidArgumentException( 'Invalid user name' );

        }


        $data = [

            'username' => $user->getName(),

            'password' => $password,

            'retype' => $password,

            'email' => $email,

            'realname' => '',

        ];


        $creator = TranslateUserManager::getUser();

        $guard = $this->permissionManager->addTemporaryUserRights( $creator, 'createaccount' );


        $reqs = $this->authManager->getAuthenticationRequests( AuthManager::ACTION_CREATE );

        $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );

        $res = $this->authManager->beginAccountCreation( $creator, $reqs, 'null:' );


        ScopedCallback::consume( $guard );


        switch ( $res->status ) {

            case AuthenticationResponse::PASS:

                break;

            case AuthenticationResponse::FAIL:

                // Unless things are misconfigured, this will handle errors such as username taken,

                // invalid user name or too short password. The WebAPI is prechecking these to

                // provide nicer error messages.

                $reason = $res->message->inLanguage( 'en' )->useDatabase( false )->text();

                throw new RuntimeException(

                    "Account creation failed: $reason",

                    self::USER_CREATION_FAILURE

                );

            default:

                // A provider requested further user input. Abort but clean up first if it was a

                // secondary provider (in which case the user was created).

                if ( $user->getId() ) {

                    $this->deleteUser( $user, 'force' );

                }


                throw new RuntimeException(

                    'AuthManager does not support such simplified account creation'

                );

        }


        // group-translate-sandboxed group-translate-sandboxed-member

        $this->userGroupManager->addUserToGroup( $user, 'translate-sandboxed' );


        return $user;

    }


    public function deleteUser( User $user, string $force = '' ): void {

        $uid = $user->getId();

        $actorId = $user->getActorId();


        if ( $force !== 'force' && !self::isSandboxed( $user ) ) {

            throw new UserNotSandboxedException();

        }


        // Delete from database

        $dbw = $this->loadBalancer->getConnection( DB_PRIMARY );

        $dbw->delete( 'user', [ 'user_id' => $uid ], __METHOD__ );

        $dbw->delete( 'user_groups', [ 'ug_user' => $uid ], __METHOD__ );

        $dbw->delete( 'user_properties', [ 'up_user' => $uid ], __METHOD__ );


        $this->actorStore->deleteActor( $user, $dbw );


        // Assume no joins are needed for logging or recentchanges

        $dbw->delete( 'logging', [ 'log_actor' => $actorId ], __METHOD__ );

        $dbw->delete( 'recentchanges', [ 'rc_actor' => $actorId ], __METHOD__ );


        // Update the site stats

        $statsUpdate = SiteStatsUpdate::factory( [ 'users' => -1 ] );

        $statsUpdate->doUpdate();


        // If someone tries to access still object still, they will get anon user

        // data.

        $user->clearInstanceCache( 'defaults' );


        // Nobody should access the user by id anymore, but in case they do, purge

        // the cache so they wont get stale data

        $user->invalidateCache();

    }


    public function getUsers(): UserArray {

        $dbr = Utilities::getSafeReadDB();

        $query = User::newQueryBuilder( $dbr );


        $res = $query->join( 'user_groups', null, 'ug_user = user_id' )

            ->where( [ 'ug_group' => 'translate-sandboxed' ] )

            ->caller( __METHOD__ )

            ->fetchResultSet();


        return UserArray::newFromResult( $res );

    }


    public function promoteUser( User $user ): void {

        $translateSandboxPromotedGroup = $this->options->get( 'TranslateSandboxPromotedGroup' );


        if ( !self::isSandboxed( $user ) ) {

            throw new UserNotSandboxedException();

        }


        $this->userGroupManager->removeUserFromGroup( $user, 'translate-sandboxed' );

        if ( $translateSandboxPromotedGroup ) {

            $this->userGroupManager->addUserToGroup( $user, $translateSandboxPromotedGroup );

        }


        $this->userOptionsManager->setOption( $user, 'translate-sandbox-reminders', null );

        $this->userOptionsManager->saveOptions( $user );


        $this->hookRunner->onTranslate_TranslatorSandbox_UserPromoted( $user );

    }


    public function sendEmail( User $sender, User $target, string $type ): void {

        $emergencyContact = $this->options->get( 'EmergencyContact' );


        $targetLang = $this->userOptionsManager->getOption( $target, 'language' );


        switch ( $type ) {

            case 'reminder':

                if ( !self::isSandboxed( $target ) ) {

                    throw new UserNotSandboxedException();

                }


                $subjectMsg = 'tsb-reminder-title-generic';

                $bodyMsg = 'tsb-reminder-content-generic';

                $targetSpecialPage = 'TranslationStash';


                break;

            case 'promotion':

                $subjectMsg = 'tsb-email-promoted-subject';

                $bodyMsg = 'tsb-email-promoted-body';

                $targetSpecialPage = 'Translate';


                break;

            case 'rejection':

                $subjectMsg = 'tsb-email-rejected-subject';

                $bodyMsg = 'tsb-email-rejected-body';

                $targetSpecialPage = 'TwnMainPage';


                break;

            default:

                throw new UnexpectedValueException( "'$type' is an invalid type of translate sandbox email" );

        }


        $subject = wfMessage( $subjectMsg )->inLanguage( $targetLang )->text();

        $body = wfMessage(

            $bodyMsg,

            $target->getName(),

            SpecialPage::getTitleFor( $targetSpecialPage )->getCanonicalURL(),

            $sender->getName()

        )->inLanguage( $targetLang )->text();


        $params = [

            'user' => $target->getId(),

            'to' => MailAddress::newFromUser( $target ),

            'from' => new MailAddress( $emergencyContact ),

            'replyto' => new MailAddress( $emergencyContact ),

            'subj' => $subject,

            'body' => $body,

            'emailType' => $type,

        ];


        $reminders = $this->userOptionsManager->getOption( $target, 'translate-sandbox-reminders' );

        $reminders = $reminders ? explode( '|', $reminders ) : [];

        $reminders[] = wfTimestamp();


        $this->userOptionsManager->setOption( $target, 'translate-sandbox-reminders', implode( '|', $reminders ) );

        $this->userOptionsManager->saveOptions( $target );


        $this->jobQueueGroup->push( TranslateSandboxEmailJob::newJob( $params ) );

    }


    public static function isSandboxed( User $user ): bool {

        $userGroupManager = MediaWikiServices::getInstance()->getUserGroupManager();

        return in_array( 'translate-sandboxed', $userGroupManager->getUserGroups( $user ), true );

    }


}


MediaWiki\Extension\Translate\HookRunner
Hook runner for the Translate extension.
Definition HookRunner.php:56

MediaWiki\Extension\Translate\SystemUsers\TranslateUserManager
Definition TranslateUserManager.php:15

MediaWiki\Extension\Translate\TranslatorSandbox\TranslateSandbox
Utility class for the sandbox feature of Translate.
Definition TranslateSandbox.php:38

MediaWiki\Extension\Translate\TranslatorSandbox\TranslateSandbox\USER_CREATION_FAILURE
const USER_CREATION_FAILURE
Custom exception code used when user creation fails in order to differentiate between other exception...
Definition TranslateSandbox.php:84

MediaWiki\Extension\Translate\TranslatorSandbox\TranslateSandbox\deleteUser
deleteUser(User $user, string $force='')
Deletes a sandboxed user without doing much validation.
Definition TranslateSandbox.php:148

MediaWiki\Extension\Translate\TranslatorSandbox\TranslateSandbox\promoteUser
promoteUser(User $user)
Removes the user from the sandbox.
Definition TranslateSandbox.php:198

MediaWiki\Extension\Translate\TranslatorSandbox\TranslateSandbox\sendEmail
sendEmail(User $sender, User $target, string $type)
Sends a reminder to the user.
Definition TranslateSandbox.php:223

MediaWiki\Extension\Translate\TranslatorSandbox\TranslateSandbox\isSandboxed
static isSandboxed(User $user)
Shortcut for checking if given user is in the sandbox.
Definition TranslateSandbox.php:284

MediaWiki\Extension\Translate\TranslatorSandbox\TranslateSandbox\getUsers
getUsers()
Get all sandboxed users.
Definition TranslateSandbox.php:182

MediaWiki\Extension\Translate\TranslatorSandbox\TranslateSandbox\addUser
addUser(string $name, string $email, string $password)
Adds a new user without doing much validation.
Definition TranslateSandbox.php:87

MediaWiki\Extension\Translate\TranslatorSandbox\UserNotSandboxedException
Definition UserNotSandboxedException.php:8

MediaWiki\Extension\Translate\Utilities\Utilities
Essentially random collection of helper functions, similar to GlobalFunctions.php.
Definition Utilities.php:31