Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
46.80% |
307 / 656 |
|
33.33% |
6 / 18 |
CRAP | |
0.00% |
0 / 1 |
SpecialAbuseLog | |
46.80% |
307 / 656 |
|
33.33% |
6 / 18 |
2363.22 | |
0.00% |
0 / 1 |
__construct | |
100.00% |
14 / 14 |
|
100.00% |
1 / 1 |
1 | |||
doesWrites | n/a |
0 / 0 |
n/a |
0 / 0 |
1 | |||||
getGroupName | n/a |
0 / 0 |
n/a |
0 / 0 |
1 | |||||
execute | |
90.00% |
18 / 20 |
|
0.00% |
0 / 1 |
8.06 | |||
getShortDescription | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
loadParameters | |
94.74% |
18 / 19 |
|
0.00% |
0 / 1 |
5.00 | |||
getAllFilterableActions | |
100.00% |
9 / 9 |
|
100.00% |
1 / 1 |
1 | |||
searchForm | |
86.36% |
95 / 110 |
|
0.00% |
0 / 1 |
7.12 | |||
showHideView | |
100.00% |
11 / 11 |
|
100.00% |
1 / 1 |
1 | |||
showList | |
33.11% |
49 / 148 |
|
0.00% |
0 / 1 |
708.17 | |||
getDeleteButton | |
33.33% |
2 / 6 |
|
0.00% |
0 / 1 |
3.19 | |||
getListToggle | |
66.67% |
2 / 3 |
|
0.00% |
0 / 1 |
2.15 | |||
showDetails | |
43.65% |
55 / 126 |
|
0.00% |
0 / 1 |
83.59 | |||
getPrivateDetailsRow | |
100.00% |
17 / 17 |
|
100.00% |
1 / 1 |
3 | |||
buildPrivateDetailsTable | |
0.00% |
0 / 114 |
|
0.00% |
0 / 1 |
20 | |||
showPrivateDetails | |
0.00% |
0 / 31 |
|
0.00% |
0 / 1 |
56 | |||
checkPrivateDetailsAccessReason | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
6 | |||
addPrivateDetailsAccessLogEntry | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
2 | |||
getUserLinks | |
100.00% |
5 / 5 |
|
100.00% |
1 / 1 |
2 | |||
getEntryVisibilityForUser | |
100.00% |
12 / 12 |
|
100.00% |
1 / 1 |
7 |
1 | <?php |
2 | |
3 | namespace MediaWiki\Extension\AbuseFilter\Special; |
4 | |
5 | use DifferenceEngine; |
6 | use InvalidArgumentException; |
7 | use MediaWiki\Cache\LinkBatchFactory; |
8 | use MediaWiki\Extension\AbuseFilter\AbuseFilter; |
9 | use MediaWiki\Extension\AbuseFilter\AbuseFilterPermissionManager; |
10 | use MediaWiki\Extension\AbuseFilter\AbuseFilterServices; |
11 | use MediaWiki\Extension\AbuseFilter\AbuseLoggerFactory; |
12 | use MediaWiki\Extension\AbuseFilter\CentralDBNotAvailableException; |
13 | use MediaWiki\Extension\AbuseFilter\Consequences\ConsequencesRegistry; |
14 | use MediaWiki\Extension\AbuseFilter\Filter\FilterNotFoundException; |
15 | use MediaWiki\Extension\AbuseFilter\Filter\MutableFilter; |
16 | use MediaWiki\Extension\AbuseFilter\FilterLookup; |
17 | use MediaWiki\Extension\AbuseFilter\GlobalNameUtils; |
18 | use MediaWiki\Extension\AbuseFilter\Pager\AbuseLogPager; |
19 | use MediaWiki\Extension\AbuseFilter\SpecsFormatter; |
20 | use MediaWiki\Extension\AbuseFilter\Variables\UnsetVariableException; |
21 | use MediaWiki\Extension\AbuseFilter\Variables\VariableHolder; |
22 | use MediaWiki\Extension\AbuseFilter\Variables\VariablesBlobStore; |
23 | use MediaWiki\Extension\AbuseFilter\Variables\VariablesFormatter; |
24 | use MediaWiki\Extension\AbuseFilter\Variables\VariablesManager; |
25 | use MediaWiki\Extension\AbuseFilter\View\HideAbuseLog; |
26 | use MediaWiki\Html\Html; |
27 | use MediaWiki\Html\ListToggle; |
28 | use MediaWiki\HTMLForm\HTMLForm; |
29 | use MediaWiki\Linker\Linker; |
30 | use MediaWiki\Logging\ManualLogEntry; |
31 | use MediaWiki\MediaWikiServices; |
32 | use MediaWiki\Permissions\Authority; |
33 | use MediaWiki\Permissions\PermissionManager; |
34 | use MediaWiki\Registration\ExtensionRegistry; |
35 | use MediaWiki\Revision\RevisionRecord; |
36 | use MediaWiki\SpecialPage\SpecialPage; |
37 | use MediaWiki\Status\Status; |
38 | use MediaWiki\Title\Title; |
39 | use MediaWiki\User\UserIdentity; |
40 | use MediaWiki\User\UserIdentityLookup; |
41 | use MediaWiki\WikiMap\WikiMap; |
42 | use OOUI\ButtonInputWidget; |
43 | use stdClass; |
44 | use Wikimedia\Rdbms\LBFactory; |
45 | |
46 | class SpecialAbuseLog extends AbuseFilterSpecialPage { |
47 | public const PAGE_NAME = 'AbuseLog'; |
48 | |
49 | /** Visible entry */ |
50 | public const VISIBILITY_VISIBLE = 'visible'; |
51 | /** Explicitly hidden entry */ |
52 | public const VISIBILITY_HIDDEN = 'hidden'; |
53 | /** Visible entry but the associated revision is hidden */ |
54 | public const VISIBILITY_HIDDEN_IMPLICIT = 'implicit'; |
55 | |
56 | /** |
57 | * @var string|null The user whose AbuseLog entries are being searched |
58 | */ |
59 | private $mSearchUser; |
60 | |
61 | /** |
62 | * @var string The start time of the search period |
63 | */ |
64 | private $mSearchPeriodStart; |
65 | |
66 | /** |
67 | * @var string The end time of the search period |
68 | */ |
69 | private $mSearchPeriodEnd; |
70 | |
71 | /** |
72 | * @var string The page of which AbuseLog entries are being searched |
73 | */ |
74 | private $mSearchTitle; |
75 | |
76 | /** |
77 | * @var string The action performed by the user |
78 | */ |
79 | private $mSearchAction; |
80 | |
81 | /** |
82 | * @var string The action taken by AbuseFilter |
83 | */ |
84 | private $mSearchActionTaken; |
85 | |
86 | /** |
87 | * @var string The wiki name where we're performing the search |
88 | */ |
89 | private $mSearchWiki; |
90 | |
91 | /** |
92 | * @var string|null The filter IDs we're looking for. Either a single one, or a pipe-separated list |
93 | */ |
94 | private $mSearchFilter; |
95 | |
96 | /** |
97 | * @var string The visibility of entries we're interested in |
98 | */ |
99 | private $mSearchEntries; |
100 | |
101 | /** |
102 | * @var string The impact of the user action, i.e. if the change has been saved |
103 | */ |
104 | private $mSearchImpact; |
105 | |
106 | /** @var string|null The filter group to search, as defined in $wgAbuseFilterValidGroups */ |
107 | private $mSearchGroup; |
108 | |
109 | private LBFactory $lbFactory; |
110 | private LinkBatchFactory $linkBatchFactory; |
111 | private PermissionManager $permissionManager; |
112 | private UserIdentityLookup $userIdentityLookup; |
113 | private ConsequencesRegistry $consequencesRegistry; |
114 | private VariablesBlobStore $varBlobStore; |
115 | private SpecsFormatter $specsFormatter; |
116 | private VariablesFormatter $variablesFormatter; |
117 | private VariablesManager $varManager; |
118 | private AbuseLoggerFactory $abuseLoggerFactory; |
119 | private FilterLookup $filterLookup; |
120 | |
121 | public function __construct( |
122 | LBFactory $lbFactory, |
123 | LinkBatchFactory $linkBatchFactory, |
124 | PermissionManager $permissionManager, |
125 | UserIdentityLookup $userIdentityLookup, |
126 | AbuseFilterPermissionManager $afPermissionManager, |
127 | ConsequencesRegistry $consequencesRegistry, |
128 | VariablesBlobStore $varBlobStore, |
129 | SpecsFormatter $specsFormatter, |
130 | VariablesFormatter $variablesFormatter, |
131 | VariablesManager $varManager, |
132 | AbuseLoggerFactory $abuseLoggerFactory, |
133 | FilterLookup $filterLookup |
134 | ) { |
135 | parent::__construct( self::PAGE_NAME, 'abusefilter-log', $afPermissionManager ); |
136 | $this->lbFactory = $lbFactory; |
137 | $this->linkBatchFactory = $linkBatchFactory; |
138 | $this->permissionManager = $permissionManager; |
139 | $this->userIdentityLookup = $userIdentityLookup; |
140 | $this->consequencesRegistry = $consequencesRegistry; |
141 | $this->varBlobStore = $varBlobStore; |
142 | $this->specsFormatter = $specsFormatter; |
143 | $this->specsFormatter->setMessageLocalizer( $this ); |
144 | $this->variablesFormatter = $variablesFormatter; |
145 | $this->variablesFormatter->setMessageLocalizer( $this ); |
146 | $this->varManager = $varManager; |
147 | $this->abuseLoggerFactory = $abuseLoggerFactory; |
148 | $this->filterLookup = $filterLookup; |
149 | } |
150 | |
151 | /** |
152 | * @codeCoverageIgnore Merely declarative |
153 | * @inheritDoc |
154 | */ |
155 | public function doesWrites() { |
156 | return true; |
157 | } |
158 | |
159 | /** |
160 | * @codeCoverageIgnore Merely declarative |
161 | * @inheritDoc |
162 | */ |
163 | protected function getGroupName() { |
164 | return 'changes'; |
165 | } |
166 | |
167 | /** |
168 | * Main routine |
169 | * |
170 | * $parameter string is converted into the $args array, which can come in |
171 | * three shapes: |
172 | * |
173 | * An array of size 2: only if the URL is like Special:AbuseLog/private/id |
174 | * where id is the log identifier. In this case, the private details of the |
175 | * log (e.g. IP address) will be shown. |
176 | * |
177 | * An array of size 1: either the URL is like Special:AbuseLog/id where |
178 | * the id is log identifier, in which case the details of the log except for |
179 | * private bits (e.g. IP address) are shown, or Special:AbuseLog/hide for hiding entries, |
180 | * or the URL is incomplete as in Special:AbuseLog/private (without specifying id), |
181 | * in which case a warning is shown to the user |
182 | * |
183 | * An array of size 0 when URL is like Special:AbuseLog or an array of size |
184 | * 1 when the URL is like Special:AbuseFilter/ (i.e. without anything after |
185 | * the slash). Otherwise, the abuse logs are shown as a list, with a search form above the list. |
186 | * |
187 | * @param string|null $parameter URL parameters |
188 | */ |
189 | public function execute( $parameter ) { |
190 | $out = $this->getOutput(); |
191 | |
192 | $this->addNavigationLinks( 'log' ); |
193 | |
194 | $this->setHeaders(); |
195 | $this->addHelpLink( 'Extension:AbuseFilter' ); |
196 | $this->loadParameters(); |
197 | |
198 | $out->disableClientCache(); |
199 | |
200 | $out->addModuleStyles( 'ext.abuseFilter' ); |
201 | |
202 | $this->checkPermissions(); |
203 | |
204 | $args = $parameter !== null ? explode( '/', $parameter ) : []; |
205 | |
206 | if ( count( $args ) === 2 && $args[0] === 'private' ) { |
207 | $this->showPrivateDetails( (int)$args[1] ); |
208 | } elseif ( count( $args ) === 1 && $args[0] !== '' ) { |
209 | if ( $args[0] === 'private' ) { |
210 | $out->addWikiMsg( 'abusefilter-invalid-request-noid' ); |
211 | } elseif ( $args[0] === 'hide' ) { |
212 | $this->showHideView(); |
213 | } else { |
214 | $this->showDetails( $args[0] ); |
215 | } |
216 | } else { |
217 | $this->outputHeader( 'abusefilter-log-summary' ); |
218 | $this->searchForm(); |
219 | $this->showList(); |
220 | } |
221 | } |
222 | |
223 | /** |
224 | * @inheritDoc |
225 | */ |
226 | public function getShortDescription( string $path = '' ): string { |
227 | return $this->msg( 'abusefilter-topnav-log' )->text(); |
228 | } |
229 | |
230 | /** |
231 | * Loads parameters from request |
232 | */ |
233 | public function loadParameters() { |
234 | $request = $this->getRequest(); |
235 | |
236 | $searchUsername = trim( $request->getText( 'wpSearchUser' ) ); |
237 | $userTitle = Title::newFromText( $searchUsername, NS_USER ); |
238 | $this->mSearchUser = $userTitle ? $userTitle->getText() : null; |
239 | if ( $this->getConfig()->get( 'AbuseFilterIsCentral' ) ) { |
240 | $this->mSearchWiki = $request->getText( 'wpSearchWiki' ); |
241 | } |
242 | |
243 | $this->mSearchPeriodStart = $request->getText( 'wpSearchPeriodStart' ); |
244 | $this->mSearchPeriodEnd = $request->getText( 'wpSearchPeriodEnd' ); |
245 | $this->mSearchTitle = $request->getText( 'wpSearchTitle' ); |
246 | |
247 | $this->mSearchFilter = null; |
248 | $this->mSearchGroup = null; |
249 | if ( $this->afPermissionManager->canSeeLogDetails( $this->getAuthority() ) ) { |
250 | $this->mSearchFilter = $request->getText( 'wpSearchFilter' ); |
251 | if ( count( $this->getConfig()->get( 'AbuseFilterValidGroups' ) ) > 1 ) { |
252 | $this->mSearchGroup = $request->getText( 'wpSearchGroup' ); |
253 | } |
254 | } |
255 | |
256 | $this->mSearchAction = $request->getText( 'wpSearchAction' ); |
257 | $this->mSearchActionTaken = $request->getText( 'wpSearchActionTaken' ); |
258 | $this->mSearchEntries = $request->getText( 'wpSearchEntries' ); |
259 | $this->mSearchImpact = $request->getText( 'wpSearchImpact' ); |
260 | } |
261 | |
262 | /** |
263 | * @return string[] |
264 | */ |
265 | private function getAllFilterableActions() { |
266 | return [ |
267 | 'edit', |
268 | 'move', |
269 | 'upload', |
270 | 'stashupload', |
271 | 'delete', |
272 | 'createaccount', |
273 | 'autocreateaccount', |
274 | ]; |
275 | } |
276 | |
277 | /** |
278 | * Builds the search form |
279 | */ |
280 | public function searchForm() { |
281 | $performer = $this->getAuthority(); |
282 | $formDescriptor = [ |
283 | 'SearchUser' => [ |
284 | 'label-message' => 'abusefilter-log-search-user', |
285 | 'type' => 'user', |
286 | 'ipallowed' => true, |
287 | 'default' => $this->mSearchUser, |
288 | ], |
289 | 'SearchPeriodStart' => [ |
290 | 'label-message' => 'abusefilter-test-period-start', |
291 | 'type' => 'datetime', |
292 | 'default' => $this->mSearchPeriodStart |
293 | ], |
294 | 'SearchPeriodEnd' => [ |
295 | 'label-message' => 'abusefilter-test-period-end', |
296 | 'type' => 'datetime', |
297 | 'default' => $this->mSearchPeriodEnd |
298 | ], |
299 | 'SearchTitle' => [ |
300 | 'label-message' => 'abusefilter-log-search-title', |
301 | 'type' => 'title', |
302 | 'interwiki' => false, |
303 | 'default' => $this->mSearchTitle, |
304 | 'required' => false |
305 | ], |
306 | 'SearchImpact' => [ |
307 | 'label-message' => 'abusefilter-log-search-impact', |
308 | 'type' => 'select', |
309 | 'options' => [ |
310 | $this->msg( 'abusefilter-log-search-impact-all' )->text() => 0, |
311 | $this->msg( 'abusefilter-log-search-impact-saved' )->text() => 1, |
312 | $this->msg( 'abusefilter-log-search-impact-not-saved' )->text() => 2, |
313 | ], |
314 | ], |
315 | ]; |
316 | $filterableActions = $this->getAllFilterableActions(); |
317 | $actions = array_combine( $filterableActions, $filterableActions ); |
318 | ksort( $actions ); |
319 | $actions = array_merge( |
320 | [ $this->msg( 'abusefilter-log-search-action-any' )->text() => 'any' ], |
321 | $actions, |
322 | [ $this->msg( 'abusefilter-log-search-action-other' )->text() => 'other' ] |
323 | ); |
324 | $formDescriptor['SearchAction'] = [ |
325 | 'label-message' => 'abusefilter-log-search-action-label', |
326 | 'type' => 'select', |
327 | 'options' => $actions, |
328 | 'default' => 'any', |
329 | ]; |
330 | $options = []; |
331 | foreach ( $this->consequencesRegistry->getAllActionNames() as $action ) { |
332 | $key = $this->specsFormatter->getActionDisplay( $action ); |
333 | $options[$key] = $action; |
334 | } |
335 | ksort( $options ); |
336 | $options = array_merge( |
337 | [ $this->msg( 'abusefilter-log-search-action-taken-any' )->text() => '' ], |
338 | $options, |
339 | [ $this->msg( 'abusefilter-log-noactions-filter' )->text() => 'noactions' ] |
340 | ); |
341 | $formDescriptor['SearchActionTaken'] = [ |
342 | 'label-message' => 'abusefilter-log-search-action-taken-label', |
343 | 'type' => 'select', |
344 | 'options' => $options, |
345 | ]; |
346 | if ( $this->afPermissionManager->canSeeHiddenLogEntries( $performer ) ) { |
347 | $formDescriptor['SearchEntries'] = [ |
348 | 'type' => 'select', |
349 | 'label-message' => 'abusefilter-log-search-entries-label', |
350 | 'options' => [ |
351 | $this->msg( 'abusefilter-log-search-entries-all' )->text() => 0, |
352 | $this->msg( 'abusefilter-log-search-entries-hidden' )->text() => 1, |
353 | $this->msg( 'abusefilter-log-search-entries-visible' )->text() => 2, |
354 | ], |
355 | ]; |
356 | } |
357 | |
358 | if ( $this->afPermissionManager->canSeeLogDetails( $performer ) ) { |
359 | $groups = $this->getConfig()->get( 'AbuseFilterValidGroups' ); |
360 | if ( count( $groups ) > 1 ) { |
361 | $options = array_merge( |
362 | [ $this->msg( 'abusefilter-log-search-group-any' )->text() => 0 ], |
363 | array_combine( $groups, $groups ) |
364 | ); |
365 | $formDescriptor['SearchGroup'] = [ |
366 | 'label-message' => 'abusefilter-log-search-group', |
367 | 'type' => 'select', |
368 | 'options' => $options |
369 | ]; |
370 | } |
371 | $helpmsg = $this->getConfig()->get( 'AbuseFilterIsCentral' ) |
372 | ? $this->msg( 'abusefilter-log-search-filter-help-central' )->escaped() |
373 | : $this->msg( 'abusefilter-log-search-filter-help' ) |
374 | ->params( GlobalNameUtils::GLOBAL_FILTER_PREFIX )->escaped(); |
375 | $formDescriptor['SearchFilter'] = [ |
376 | 'label-message' => 'abusefilter-log-search-filter', |
377 | 'type' => 'text', |
378 | 'default' => $this->mSearchFilter, |
379 | 'help' => $helpmsg |
380 | ]; |
381 | } |
382 | if ( $this->getConfig()->get( 'AbuseFilterIsCentral' ) ) { |
383 | // @todo Add free form input for wiki name. Would be nice to generate |
384 | // a select with unique names in the db at some point. |
385 | $formDescriptor['SearchWiki'] = [ |
386 | 'label-message' => 'abusefilter-log-search-wiki', |
387 | 'type' => 'text', |
388 | 'default' => $this->mSearchWiki, |
389 | ]; |
390 | } |
391 | |
392 | HTMLForm::factory( 'ooui', $formDescriptor, $this->getContext() ) |
393 | ->setWrapperLegendMsg( 'abusefilter-log-search' ) |
394 | ->setSubmitTextMsg( 'abusefilter-log-search-submit' ) |
395 | ->setMethod( 'get' ) |
396 | ->setId( 'abusefilter-log-search' ) |
397 | ->setCollapsibleOptions( true ) |
398 | ->prepareForm() |
399 | ->displayForm( false ); |
400 | } |
401 | |
402 | private function showHideView() { |
403 | $view = new HideAbuseLog( |
404 | $this->lbFactory, |
405 | $this->afPermissionManager, |
406 | $this->getContext(), |
407 | $this->getLinkRenderer(), |
408 | $this->linkBatchFactory, |
409 | $this->permissionManager, |
410 | $this->varBlobStore, |
411 | self::PAGE_NAME |
412 | ); |
413 | $view->show(); |
414 | } |
415 | |
416 | /** |
417 | * Shows the results list |
418 | */ |
419 | public function showList() { |
420 | $out = $this->getOutput(); |
421 | $performer = $this->getAuthority(); |
422 | |
423 | // Generate conditions list. |
424 | $conds = []; |
425 | |
426 | if ( $this->mSearchUser !== null ) { |
427 | $searchedUser = $this->userIdentityLookup->getUserIdentityByName( $this->mSearchUser ); |
428 | |
429 | if ( !$searchedUser ) { |
430 | $conds['afl_user'] = 0; |
431 | $conds['afl_user_text'] = $this->mSearchUser; |
432 | } else { |
433 | $conds['afl_user'] = $searchedUser->getId(); |
434 | $conds['afl_user_text'] = $searchedUser->getName(); |
435 | } |
436 | } |
437 | |
438 | $dbr = $this->lbFactory->getReplicaDatabase(); |
439 | if ( $this->mSearchPeriodStart ) { |
440 | $conds[] = $dbr->expr( 'afl_timestamp', '>=', |
441 | $dbr->timestamp( strtotime( $this->mSearchPeriodStart ) ) ); |
442 | } |
443 | |
444 | if ( $this->mSearchPeriodEnd ) { |
445 | $conds[] = $dbr->expr( 'afl_timestamp', '<=', |
446 | $dbr->timestamp( strtotime( $this->mSearchPeriodEnd ) ) ); |
447 | } |
448 | |
449 | if ( $this->mSearchWiki ) { |
450 | if ( $this->mSearchWiki === WikiMap::getCurrentWikiDbDomain()->getId() ) { |
451 | $conds['afl_wiki'] = null; |
452 | } else { |
453 | $conds['afl_wiki'] = $this->mSearchWiki; |
454 | } |
455 | } |
456 | |
457 | $groupFilters = []; |
458 | if ( $this->mSearchGroup ) { |
459 | $groupFilters = $dbr->newSelectQueryBuilder() |
460 | ->select( 'af_id' ) |
461 | ->from( 'abuse_filter' ) |
462 | ->where( [ 'af_group' => $this->mSearchGroup ] ) |
463 | ->caller( __METHOD__ ) |
464 | ->fetchFieldValues(); |
465 | } |
466 | |
467 | $searchFilters = []; |
468 | if ( $this->mSearchFilter ) { |
469 | $rawFilters = array_map( 'trim', explode( '|', $this->mSearchFilter ) ); |
470 | // Map of [ [ id, global ], ... ] |
471 | $filtersList = []; |
472 | $foundInvalid = false; |
473 | foreach ( $rawFilters as $filter ) { |
474 | try { |
475 | $filtersList[] = GlobalNameUtils::splitGlobalName( $filter ); |
476 | } catch ( InvalidArgumentException $e ) { |
477 | $foundInvalid = true; |
478 | continue; |
479 | } |
480 | } |
481 | |
482 | // If the user cannot see the filter because it's protected or hidden, then |
483 | // don't show logs associated with it. |
484 | $canViewPrivateFilters = $this->afPermissionManager->canViewPrivateFiltersLogs( $performer ); |
485 | $searchedForProtectedWhenLacksPermission = false; |
486 | $searchedForHiddenWhenLacksPermission = false; |
487 | foreach ( $filtersList as $index => $filterData ) { |
488 | try { |
489 | $filter = $this->filterLookup->getFilter( ...$filterData ); |
490 | } catch ( FilterNotFoundException $_ ) { |
491 | unset( $filtersList[$index] ); |
492 | $foundInvalid = true; |
493 | continue; |
494 | } |
495 | |
496 | if ( $filter->isHidden() && !$canViewPrivateFilters ) { |
497 | unset( $filtersList[$index] ); |
498 | $searchedForHiddenWhenLacksPermission = true; |
499 | } |
500 | if ( |
501 | $filter->isProtected() && |
502 | !$this->afPermissionManager->canViewProtectedVariablesInFilter( $performer, $filter )->isGood() |
503 | ) { |
504 | unset( $filtersList[$index] ); |
505 | $searchedForProtectedWhenLacksPermission = true; |
506 | } |
507 | } |
508 | |
509 | if ( $searchedForProtectedWhenLacksPermission ) { |
510 | $out->addWikiMsg( 'abusefilter-log-protected-not-included' ); |
511 | } |
512 | if ( $searchedForHiddenWhenLacksPermission ) { |
513 | $out->addWikiMsg( 'abusefilter-log-private-not-included' ); |
514 | } |
515 | |
516 | if ( $foundInvalid ) { |
517 | $out->addModuleStyles( 'mediawiki.codex.messagebox.styles' ); |
518 | // @todo Tell what the invalid IDs are |
519 | $out->addHTML( |
520 | Html::rawElement( |
521 | 'p', |
522 | [], |
523 | Html::warningBox( $this->msg( 'abusefilter-log-invalid-filter' )->escaped() ) |
524 | ) |
525 | ); |
526 | } |
527 | |
528 | foreach ( $filtersList as $filterData ) { |
529 | $searchFilters[] = GlobalNameUtils::buildGlobalName( ...$filterData ); |
530 | } |
531 | } |
532 | |
533 | $searchIDs = null; |
534 | if ( $this->mSearchGroup && !$this->mSearchFilter ) { |
535 | $searchIDs = $groupFilters; |
536 | } elseif ( !$this->mSearchGroup && $this->mSearchFilter ) { |
537 | $searchIDs = $searchFilters; |
538 | } elseif ( $this->mSearchGroup && $this->mSearchFilter ) { |
539 | $searchIDs = array_intersect( $groupFilters, $searchFilters ); |
540 | } |
541 | |
542 | if ( $searchIDs !== null ) { |
543 | if ( !count( $searchIDs ) ) { |
544 | $out->addWikiMsg( 'abusefilter-log-noresults' ); |
545 | return; |
546 | } |
547 | |
548 | $filterConds = [ 'local' => [], 'global' => [] ]; |
549 | foreach ( $searchIDs as $filter ) { |
550 | [ $filterID, $isGlobal ] = GlobalNameUtils::splitGlobalName( $filter ); |
551 | $key = $isGlobal ? 'global' : 'local'; |
552 | $filterConds[$key][] = $filterID; |
553 | } |
554 | $filterWhere = []; |
555 | if ( $filterConds['local'] ) { |
556 | $filterWhere[] = $dbr->andExpr( [ |
557 | 'afl_global' => 0, |
558 | // @phan-suppress-previous-line PhanTypeMismatchArgument Array is non-empty |
559 | 'afl_filter_id' => $filterConds['local'], |
560 | ] ); |
561 | } |
562 | if ( $filterConds['global'] ) { |
563 | $filterWhere[] = $dbr->andExpr( [ |
564 | 'afl_global' => 1, |
565 | // @phan-suppress-previous-line PhanTypeMismatchArgument Array is non-empty |
566 | 'afl_filter_id' => $filterConds['global'], |
567 | ] ); |
568 | } |
569 | $conds[] = $dbr->orExpr( $filterWhere ); |
570 | } |
571 | |
572 | $searchTitle = Title::newFromText( $this->mSearchTitle ); |
573 | if ( $searchTitle ) { |
574 | $conds['afl_namespace'] = $searchTitle->getNamespace(); |
575 | $conds['afl_title'] = $searchTitle->getDBkey(); |
576 | } |
577 | |
578 | if ( $this->afPermissionManager->canSeeHiddenLogEntries( $performer ) ) { |
579 | if ( $this->mSearchEntries === '1' ) { |
580 | $conds['afl_deleted'] = 1; |
581 | } elseif ( $this->mSearchEntries === '2' ) { |
582 | $conds['afl_deleted'] = 0; |
583 | } |
584 | } |
585 | |
586 | if ( $this->mSearchImpact === '1' ) { |
587 | $conds[] = $dbr->expr( 'afl_rev_id', '!=', null ); |
588 | } elseif ( $this->mSearchImpact === '2' ) { |
589 | $conds[] = $dbr->expr( 'afl_rev_id', '=', null ); |
590 | } |
591 | |
592 | if ( $this->mSearchActionTaken ) { |
593 | if ( in_array( $this->mSearchActionTaken, $this->consequencesRegistry->getAllActionNames() ) ) { |
594 | $conds[] = AbuseFilter::findInSet( $dbr, 'afl_actions', $this->mSearchActionTaken ); |
595 | } elseif ( $this->mSearchActionTaken === 'noactions' ) { |
596 | $conds['afl_actions'] = ''; |
597 | } |
598 | } |
599 | |
600 | if ( $this->mSearchAction ) { |
601 | $filterableActions = $this->getAllFilterableActions(); |
602 | if ( in_array( $this->mSearchAction, $filterableActions ) ) { |
603 | $conds['afl_action'] = $this->mSearchAction; |
604 | } elseif ( $this->mSearchAction === 'other' ) { |
605 | $conds[] = $dbr->expr( 'afl_action', '!=', $filterableActions ); |
606 | } |
607 | } |
608 | |
609 | $pager = new AbuseLogPager( |
610 | $this->getContext(), |
611 | $this->getLinkRenderer(), |
612 | $conds, |
613 | $this->linkBatchFactory, |
614 | $this->permissionManager, |
615 | $this->afPermissionManager, |
616 | $this->varBlobStore, |
617 | $this->getName() |
618 | ); |
619 | $pager->doQuery(); |
620 | $result = $pager->getResult(); |
621 | |
622 | $form = Html::rawElement( |
623 | 'form', |
624 | [ |
625 | 'method' => 'GET', |
626 | 'action' => $this->getPageTitle( 'hide' )->getLocalURL() |
627 | ], |
628 | $this->getDeleteButton() . $this->getListToggle() . |
629 | Html::rawElement( 'ul', [ 'class' => 'plainlinks' ], $pager->getBody() ) . |
630 | $this->getListToggle() . $this->getDeleteButton() |
631 | ); |
632 | |
633 | if ( $result && $result->numRows() !== 0 ) { |
634 | $out->addModuleStyles( 'mediawiki.interface.helpers.styles' ); |
635 | $out->addHTML( $pager->getNavigationBar() . $form . $pager->getNavigationBar() ); |
636 | } else { |
637 | $out->addWikiMsg( 'abusefilter-log-noresults' ); |
638 | } |
639 | } |
640 | |
641 | /** |
642 | * Returns the HTML for a button to hide selected entries |
643 | * |
644 | * @return string|ButtonInputWidget |
645 | */ |
646 | private function getDeleteButton() { |
647 | if ( !$this->afPermissionManager->canHideAbuseLog( $this->getAuthority() ) ) { |
648 | return ''; |
649 | } |
650 | return new ButtonInputWidget( [ |
651 | 'label' => $this->msg( 'abusefilter-log-hide-entries' )->text(), |
652 | 'type' => 'submit' |
653 | ] ); |
654 | } |
655 | |
656 | /** |
657 | * Get the All / Invert / None options provided by |
658 | * ToggleList.php to mass select the checkboxes. |
659 | * |
660 | * @return string |
661 | */ |
662 | private function getListToggle() { |
663 | if ( !$this->afPermissionManager->canHideAbuseLog( $this->getUser() ) ) { |
664 | return ''; |
665 | } |
666 | return ( new ListToggle( $this->getOutput() ) )->getHtml(); |
667 | } |
668 | |
669 | /** |
670 | * @param string|int $id |
671 | * @suppress SecurityCheck-SQLInjection |
672 | */ |
673 | public function showDetails( $id ) { |
674 | $out = $this->getOutput(); |
675 | $performer = $this->getAuthority(); |
676 | |
677 | $pager = new AbuseLogPager( |
678 | $this->getContext(), |
679 | $this->getLinkRenderer(), |
680 | [], |
681 | $this->linkBatchFactory, |
682 | $this->permissionManager, |
683 | $this->afPermissionManager, |
684 | $this->varBlobStore, |
685 | $this->getName() |
686 | ); |
687 | |
688 | [ |
689 | 'tables' => $tables, |
690 | 'fields' => $fields, |
691 | 'join_conds' => $join_conds, |
692 | ] = $pager->getQueryInfo(); |
693 | |
694 | $dbr = $this->lbFactory->getReplicaDatabase(); |
695 | $row = $dbr->newSelectQueryBuilder() |
696 | ->tables( $tables ) |
697 | ->fields( $fields ) |
698 | ->where( [ 'afl_id' => $id ] ) |
699 | ->caller( __METHOD__ ) |
700 | ->joinConds( $join_conds ) |
701 | ->fetchRow(); |
702 | |
703 | if ( !$row ) { |
704 | $out->addWikiMsg( 'abusefilter-log-nonexistent' ); |
705 | return; |
706 | } |
707 | |
708 | $error = null; |
709 | $filterID = $row->afl_filter_id; |
710 | $global = $row->afl_global; |
711 | |
712 | try { |
713 | $filter = $this->filterLookup->getFilter( $filterID, $global ); |
714 | } catch ( CentralDBNotAvailableException $_ ) { |
715 | // Conservatively assume that it's hidden and protected, like in AbuseLogPager::doFormatRow |
716 | $filter = MutableFilter::newDefault(); |
717 | $filter->setHidden( true ); |
718 | $filter->setProtected( true ); |
719 | } |
720 | |
721 | if ( !$this->afPermissionManager->canSeeLogDetailsForFilter( $performer, $filter ) ) { |
722 | $error = 'abusefilter-log-cannot-see-details'; |
723 | } else { |
724 | $visibility = self::getEntryVisibilityForUser( $row, $performer, $this->afPermissionManager ); |
725 | if ( $visibility === self::VISIBILITY_HIDDEN ) { |
726 | $error = 'abusefilter-log-details-hidden'; |
727 | } elseif ( $visibility === self::VISIBILITY_HIDDEN_IMPLICIT ) { |
728 | $error = 'abusefilter-log-details-hidden-implicit'; |
729 | } |
730 | } |
731 | |
732 | if ( $error ) { |
733 | $out->addWikiMsg( $error ); |
734 | return; |
735 | } |
736 | |
737 | // Load data |
738 | $vars = $this->varBlobStore->loadVarDump( $row ); |
739 | $varsArray = $this->varManager->dumpAllVars( $vars, true ); |
740 | |
741 | // Prevent users seeing logs which contain protected variables that the user cannot see. |
742 | if ( $filter->isProtected() ) { |
743 | $permStatus = $this->afPermissionManager->canViewProtectedVariables( $performer, array_keys( $varsArray ) ); |
744 | if ( !$permStatus->isGood() ) { |
745 | if ( $permStatus->getPermission() ) { |
746 | $out->addWikiMsg( $this->msg( |
747 | 'abusefilter-examine-error-protected-due-to-permission', |
748 | $this->msg( "action-{$permStatus->getPermission()}" )->plain() |
749 | ) ); |
750 | return; |
751 | } |
752 | |
753 | // Add any messages in the status after a generic error message. |
754 | $additional = ''; |
755 | foreach ( $permStatus->getMessages() as $message ) { |
756 | $additional .= $this->msg( $message )->parseAsBlock(); |
757 | } |
758 | |
759 | $out->addWikiMsg( $this->msg( 'abusefilter-examine-error-protected' )->rawParams( $additional ) ); |
760 | return; |
761 | } |
762 | } |
763 | |
764 | $output = Html::element( |
765 | 'legend', |
766 | [], |
767 | $this->msg( 'abusefilter-log-details-legend' ) |
768 | ->params( $this->getLanguage()->formatNumNoSeparators( $id ) ) |
769 | ->text() |
770 | ); |
771 | $output .= Html::rawElement( 'p', [], $pager->doFormatRow( $row, false ) ); |
772 | |
773 | // AbuseFilter logs created before T390086 may have protected variables present in the variable dump |
774 | // when the filter itself isn't protected. This is because a different filter matched against the |
775 | // a protected variable which caused the value to be added to the var dump for the public filter |
776 | // match. |
777 | // We shouldn't block access to the details of an otherwise public filter hit so |
778 | // instead only check for access to the protected variables and redact them if the user |
779 | // shouldn't see them. |
780 | $userAuthority = $this->getAuthority(); |
781 | $protectedVariableValuesShown = []; |
782 | foreach ( $this->afPermissionManager->getProtectedVariables() as $protectedVariable ) { |
783 | if ( isset( $varsArray[$protectedVariable] ) ) { |
784 | // Try each variable at a time, as the user may be able to see some but not all of the |
785 | // protected variables. We only want to redact what is necessary to redact. |
786 | $canViewProtectedVariable = $this->afPermissionManager |
787 | ->canViewProtectedVariables( $userAuthority, [ $protectedVariable ] )->isGood(); |
788 | if ( !$canViewProtectedVariable ) { |
789 | $varsArray[$protectedVariable] = ''; |
790 | } else { |
791 | $protectedVariableValuesShown[] = $protectedVariable; |
792 | } |
793 | } |
794 | } |
795 | $vars = VariableHolder::newFromArray( $varsArray ); |
796 | |
797 | if ( $filter->isProtected() ) { |
798 | $logger = $this->abuseLoggerFactory->getProtectedVarsAccessLogger(); |
799 | $logger->logViewProtectedVariableValue( |
800 | $userAuthority->getUser(), |
801 | $varsArray['user_name'] ?? $varsArray['accountname'], |
802 | $protectedVariableValuesShown |
803 | ); |
804 | } |
805 | |
806 | $out->addJsConfigVars( 'wgAbuseFilterVariables', $varsArray ); |
807 | $out->addModuleStyles( 'mediawiki.interface.helpers.styles' ); |
808 | |
809 | // Diff, if available |
810 | if ( $row->afl_action === 'edit' ) { |
811 | // Guard for exception because these variables may be unset in case of data corruption (T264513) |
812 | // No need to lazy-load as these come from a DB dump. |
813 | try { |
814 | $old_wikitext = $vars->getComputedVariable( 'old_wikitext' )->toString(); |
815 | } catch ( UnsetVariableException $_ ) { |
816 | $old_wikitext = ''; |
817 | } |
818 | try { |
819 | $new_wikitext = $vars->getComputedVariable( 'new_wikitext' )->toString(); |
820 | } catch ( UnsetVariableException $_ ) { |
821 | $new_wikitext = ''; |
822 | } |
823 | |
824 | $diffEngine = new DifferenceEngine( $this->getContext() ); |
825 | |
826 | $diffEngine->showDiffStyle(); |
827 | |
828 | $formattedDiff = $diffEngine->addHeader( |
829 | $diffEngine->generateTextDiffBody( $old_wikitext, $new_wikitext ), |
830 | '', '' |
831 | ); |
832 | |
833 | $output .= |
834 | Html::rawElement( |
835 | 'h3', |
836 | [], |
837 | $this->msg( 'abusefilter-log-details-diff' )->parse() |
838 | ); |
839 | |
840 | $output .= $formattedDiff; |
841 | } |
842 | |
843 | $output .= Html::element( 'h3', [], $this->msg( 'abusefilter-log-details-vars' )->text() ); |
844 | |
845 | // Build a table. |
846 | $output .= $this->variablesFormatter->buildVarDumpTable( $vars ); |
847 | |
848 | if ( $this->afPermissionManager->canSeePrivateDetails( $performer ) ) { |
849 | $formDescriptor = [ |
850 | 'Reason' => [ |
851 | 'label-message' => 'abusefilter-view-privatedetails-reason', |
852 | 'type' => 'text', |
853 | 'size' => 45, |
854 | ], |
855 | ]; |
856 | |
857 | $htmlForm = HTMLForm::factory( 'ooui', $formDescriptor, $this->getContext() ); |
858 | $htmlForm->setTitle( $this->getPageTitle( 'private/' . $id ) ) |
859 | ->setWrapperLegendMsg( 'abusefilter-view-privatedetails-legend' ) |
860 | ->setSubmitTextMsg( 'abusefilter-view-privatedetails-submit' ) |
861 | ->prepareForm(); |
862 | |
863 | $output .= $htmlForm->getHTML( false ); |
864 | } |
865 | |
866 | $out->addHTML( Html::rawElement( 'fieldset', [], $output ) ); |
867 | } |
868 | |
869 | /** |
870 | * Helper function to select a row with private details and some more context |
871 | * for an AbuseLog entry. |
872 | * @todo Create a service for this |
873 | * |
874 | * @param Authority $authority The user who's trying to view the row |
875 | * @param int $id The ID of the log entry |
876 | * @return Status A status object with the requested row stored in the value property, |
877 | * or an error and no row. |
878 | */ |
879 | public static function getPrivateDetailsRow( Authority $authority, $id ) { |
880 | $afPermissionManager = AbuseFilterServices::getPermissionManager(); |
881 | $dbr = MediaWikiServices::getInstance()->getConnectionProvider()->getReplicaDatabase(); |
882 | |
883 | $row = $dbr->newSelectQueryBuilder() |
884 | ->select( [ 'afl_id', 'afl_user_text', 'afl_filter_id', 'afl_global', 'afl_timestamp', 'afl_ip' ] ) |
885 | ->from( 'abuse_filter_log' ) |
886 | ->where( [ 'afl_id' => $id ] ) |
887 | ->caller( __METHOD__ ) |
888 | ->fetchRow(); |
889 | |
890 | if ( !$row ) { |
891 | return Status::newFatal( 'abusefilter-log-nonexistent' ); |
892 | } |
893 | |
894 | $filter = AbuseFilterServices::getFilterLookup()->getFilter( $row->afl_filter_id, $row->afl_global ); |
895 | if ( !$afPermissionManager->canSeeLogDetailsForFilter( $authority, $filter ) ) { |
896 | return Status::newFatal( 'abusefilter-log-cannot-see-details' ); |
897 | } |
898 | |
899 | // Because FilterLookup::getFilter gets the data for us, don't duplicate queries and use the data |
900 | // from the ExistingFilter object to populate information about the filter in the $row. |
901 | $row->af_id = (string)$filter->getId(); |
902 | $row->af_public_comments = $filter->getName(); |
903 | $row->af_hidden = $filter->getPrivacyLevel(); |
904 | |
905 | return Status::newGood( $row ); |
906 | } |
907 | |
908 | /** |
909 | * Builds an HTML table with the private details for a given abuseLog entry. |
910 | * |
911 | * @param stdClass $row The row, as returned by self::getPrivateDetailsRow() |
912 | * @return string The HTML output |
913 | */ |
914 | private function buildPrivateDetailsTable( $row ) { |
915 | $output = ''; |
916 | |
917 | // Log ID |
918 | $linkRenderer = $this->getLinkRenderer(); |
919 | $output .= |
920 | Html::rawElement( 'tr', [], |
921 | Html::element( 'td', |
922 | [ 'style' => 'width: 30%;' ], |
923 | $this->msg( 'abusefilter-log-details-id' )->text() |
924 | ) . |
925 | Html::rawElement( 'td', [], $linkRenderer->makeKnownLink( |
926 | $this->getPageTitle( $row->afl_id ), |
927 | $this->getLanguage()->formatNumNoSeparators( $row->afl_id ) |
928 | ) ) |
929 | ); |
930 | |
931 | // Timestamp |
932 | $output .= |
933 | Html::rawElement( 'tr', [], |
934 | Html::element( 'td', |
935 | [ 'style' => 'width: 30%;' ], |
936 | $this->msg( 'abusefilter-edit-builder-vars-timestamp-expanded' )->text() |
937 | ) . |
938 | Html::element( 'td', |
939 | [], |
940 | $this->getLanguage()->userTimeAndDate( $row->afl_timestamp, $this->getUser() ) |
941 | ) |
942 | ); |
943 | |
944 | // User |
945 | $output .= |
946 | Html::rawElement( 'tr', [], |
947 | Html::element( 'td', |
948 | [ 'style' => 'width: 30%;' ], |
949 | $this->msg( 'abusefilter-edit-builder-vars-user-name' )->text() |
950 | ) . |
951 | Html::element( 'td', |
952 | [], |
953 | $row->afl_user_text |
954 | ) |
955 | ); |
956 | |
957 | // Filter ID |
958 | $output .= |
959 | Html::rawElement( 'tr', [], |
960 | Html::element( 'td', |
961 | [ 'style' => 'width: 30%;' ], |
962 | $this->msg( 'abusefilter-list-id' )->text() |
963 | ) . |
964 | Html::rawElement( 'td', [], $linkRenderer->makeKnownLink( |
965 | SpecialPage::getTitleFor( 'AbuseFilter', $row->af_id ), |
966 | $this->getLanguage()->formatNum( $row->af_id ) |
967 | ) ) |
968 | ); |
969 | |
970 | // Filter description |
971 | $output .= |
972 | Html::rawElement( 'tr', [], |
973 | Html::element( 'td', |
974 | [ 'style' => 'width: 30%;' ], |
975 | $this->msg( 'abusefilter-list-public' )->text() |
976 | ) . |
977 | Html::element( 'td', |
978 | [], |
979 | $row->af_public_comments |
980 | ) |
981 | ); |
982 | |
983 | // IP address |
984 | if ( $row->afl_ip !== '' ) { |
985 | if ( ExtensionRegistry::getInstance()->isLoaded( 'CheckUser' ) && |
986 | $this->permissionManager->userHasRight( $this->getUser(), 'checkuser' ) |
987 | ) { |
988 | $CULink = ' · ' . $linkRenderer->makeKnownLink( |
989 | SpecialPage::getTitleFor( |
990 | 'CheckUser', |
991 | $row->afl_ip |
992 | ), |
993 | $this->msg( 'abusefilter-log-details-checkuser' )->text() |
994 | ); |
995 | } else { |
996 | $CULink = ''; |
997 | } |
998 | $output .= |
999 | Html::rawElement( 'tr', [], |
1000 | Html::element( 'td', |
1001 | [ 'style' => 'width: 30%;' ], |
1002 | $this->msg( 'abusefilter-log-details-ip' )->text() |
1003 | ) . |
1004 | Html::rawElement( |
1005 | 'td', |
1006 | [], |
1007 | self::getUserLinks( 0, $row->afl_ip ) . $CULink |
1008 | ) |
1009 | ); |
1010 | } else { |
1011 | $output .= |
1012 | Html::rawElement( 'tr', [], |
1013 | Html::element( 'td', |
1014 | [ 'style' => 'width: 30%;' ], |
1015 | $this->msg( 'abusefilter-log-details-ip' )->text() |
1016 | ) . |
1017 | Html::element( |
1018 | 'td', |
1019 | [], |
1020 | $this->msg( 'abusefilter-log-ip-not-available' )->text() |
1021 | ) |
1022 | ); |
1023 | } |
1024 | |
1025 | return Html::rawElement( 'fieldset', [], |
1026 | Html::element( 'legend', [], |
1027 | $this->msg( 'abusefilter-log-details-privatedetails' )->text() |
1028 | ) . |
1029 | Html::rawElement( 'table', |
1030 | [ |
1031 | 'class' => 'wikitable mw-abuselog-private', |
1032 | 'style' => 'width: 80%;' |
1033 | ], |
1034 | Html::rawElement( 'thead', [], |
1035 | Html::rawElement( 'tr', [], |
1036 | Html::element( 'th', [], |
1037 | $this->msg( 'abusefilter-log-details-var' )->text() |
1038 | ) . |
1039 | Html::element( 'th', [], |
1040 | $this->msg( 'abusefilter-log-details-val' )->text() |
1041 | ) |
1042 | ) |
1043 | ) . |
1044 | Html::rawElement( 'tbody', [], $output ) |
1045 | ) |
1046 | ); |
1047 | } |
1048 | |
1049 | /** |
1050 | * @param int $id |
1051 | * @return void |
1052 | */ |
1053 | public function showPrivateDetails( $id ) { |
1054 | $out = $this->getOutput(); |
1055 | $user = $this->getUser(); |
1056 | |
1057 | if ( !$this->afPermissionManager->canSeePrivateDetails( $user ) ) { |
1058 | $out->addWikiMsg( 'abusefilter-log-cannot-see-privatedetails' ); |
1059 | |
1060 | return; |
1061 | } |
1062 | $request = $this->getRequest(); |
1063 | |
1064 | // Make sure it is a valid request |
1065 | $token = $request->getVal( 'wpEditToken' ); |
1066 | if ( !$request->wasPosted() || !$user->matchEditToken( $token ) ) { |
1067 | $out->addModuleStyles( 'mediawiki.codex.messagebox.styles' ); |
1068 | $out->addHTML( |
1069 | Html::rawElement( |
1070 | 'p', |
1071 | [], |
1072 | Html::errorBox( $this->msg( 'abusefilter-invalid-request' )->params( $id )->parse() ) |
1073 | ) |
1074 | ); |
1075 | |
1076 | return; |
1077 | } |
1078 | |
1079 | $reason = $request->getText( 'wpReason' ); |
1080 | if ( !self::checkPrivateDetailsAccessReason( $reason ) ) { |
1081 | $out->addWikiMsg( 'abusefilter-noreason' ); |
1082 | $this->showDetails( $id ); |
1083 | return; |
1084 | } |
1085 | |
1086 | $status = self::getPrivateDetailsRow( $user, $id ); |
1087 | if ( !$status->isGood() ) { |
1088 | $out->addWikiMsg( $status->getMessages()[0] ); |
1089 | return; |
1090 | } |
1091 | $row = $status->getValue(); |
1092 | |
1093 | // Log accessing private details |
1094 | if ( $this->getConfig()->get( 'AbuseFilterLogPrivateDetailsAccess' ) ) { |
1095 | self::addPrivateDetailsAccessLogEntry( $id, $reason, $user ); |
1096 | } |
1097 | |
1098 | // Show private details (IP). |
1099 | $table = $this->buildPrivateDetailsTable( $row ); |
1100 | $out->addHTML( $table ); |
1101 | } |
1102 | |
1103 | /** |
1104 | * If specifying a reason for viewing private details of abuse log is required |
1105 | * then it makes sure that a reason is provided. |
1106 | * |
1107 | * @param string $reason |
1108 | * @return bool |
1109 | */ |
1110 | public static function checkPrivateDetailsAccessReason( $reason ) { |
1111 | global $wgAbuseFilterPrivateDetailsForceReason; |
1112 | return ( !$wgAbuseFilterPrivateDetailsForceReason || strlen( $reason ) > 0 ); |
1113 | } |
1114 | |
1115 | /** |
1116 | * @param int $logID int The ID of the AbuseFilter log that was accessed |
1117 | * @param string $reason The reason provided for accessing private details |
1118 | * @param UserIdentity $userIdentity The user who accessed the private details |
1119 | * @return void |
1120 | */ |
1121 | public static function addPrivateDetailsAccessLogEntry( $logID, $reason, UserIdentity $userIdentity ) { |
1122 | $target = self::getTitleFor( self::PAGE_NAME, (string)$logID ); |
1123 | |
1124 | $logEntry = new ManualLogEntry( 'abusefilterprivatedetails', 'access' ); |
1125 | $logEntry->setPerformer( $userIdentity ); |
1126 | $logEntry->setTarget( $target ); |
1127 | $logEntry->setParameters( [ |
1128 | '4::logid' => $logID, |
1129 | ] ); |
1130 | $logEntry->setComment( $reason ); |
1131 | |
1132 | $logEntry->insert(); |
1133 | } |
1134 | |
1135 | /** |
1136 | * @param int $userId |
1137 | * @param string $userName |
1138 | * @return string |
1139 | */ |
1140 | public static function getUserLinks( $userId, $userName ) { |
1141 | static $cache = []; |
1142 | |
1143 | if ( !isset( $cache[$userName][$userId] ) ) { |
1144 | $cache[$userName][$userId] = Linker::userLink( $userId, $userName ) . |
1145 | Linker::userToolLinks( $userId, $userName, true ); |
1146 | } |
1147 | |
1148 | return $cache[$userName][$userId]; |
1149 | } |
1150 | |
1151 | /** |
1152 | * @param stdClass $row |
1153 | * @param Authority $authority |
1154 | * @param AbuseFilterPermissionManager $afPermissionManager |
1155 | * @return string One of the self::VISIBILITY_* constants |
1156 | */ |
1157 | public static function getEntryVisibilityForUser( |
1158 | stdClass $row, |
1159 | Authority $authority, |
1160 | AbuseFilterPermissionManager $afPermissionManager |
1161 | ): string { |
1162 | if ( $row->afl_deleted && !$afPermissionManager->canSeeHiddenLogEntries( $authority ) ) { |
1163 | return self::VISIBILITY_HIDDEN; |
1164 | } |
1165 | if ( !$row->afl_rev_id ) { |
1166 | return self::VISIBILITY_VISIBLE; |
1167 | } |
1168 | $revRec = MediaWikiServices::getInstance() |
1169 | ->getRevisionLookup() |
1170 | ->getRevisionById( (int)$row->afl_rev_id ); |
1171 | if ( !$revRec || $revRec->getVisibility() === 0 ) { |
1172 | return self::VISIBILITY_VISIBLE; |
1173 | } |
1174 | return $revRec->audienceCan( RevisionRecord::SUPPRESSED_ALL, RevisionRecord::FOR_THIS_USER, $authority ) |
1175 | ? self::VISIBILITY_VISIBLE |
1176 | : self::VISIBILITY_HIDDEN_IMPLICIT; |
1177 | } |
1178 | } |