MediaWiki  1.28.3
SpecialUserrights.php
Go to the documentation of this file.
1 <?php
29 class UserrightsPage extends SpecialPage {
36  protected $mTarget;
37  /*
38  * @var null|User $mFetchedUser The user object of the target username or null.
39  */
40  protected $mFetchedUser = null;
41  protected $isself = false;
42 
43  public function __construct() {
44  parent::__construct( 'Userrights' );
45  }
46 
47  public function doesWrites() {
48  return true;
49  }
50 
51  public function isRestricted() {
52  return true;
53  }
54 
55  public function userCanExecute( User $user ) {
56  return $this->userCanChangeRights( $user, false );
57  }
58 
64  public function userCanChangeRights( $user, $checkIfSelf = true ) {
65  $available = $this->changeableGroups();
66  if ( $user->getId() == 0 ) {
67  return false;
68  }
69 
70  return !empty( $available['add'] )
71  || !empty( $available['remove'] )
72  || ( ( $this->isself || !$checkIfSelf ) &&
73  ( !empty( $available['add-self'] )
74  || !empty( $available['remove-self'] ) ) );
75  }
76 
84  public function execute( $par ) {
85  // If the visitor doesn't have permissions to assign or remove
86  // any groups, it's a bit silly to give them the user search prompt.
87 
88  $user = $this->getUser();
89  $request = $this->getRequest();
90  $out = $this->getOutput();
91 
92  /*
93  * If the user is blocked and they only have "partial" access
94  * (e.g. they don't have the userrights permission), then don't
95  * allow them to use Special:UserRights.
96  */
97  if ( $user->isBlocked() && !$user->isAllowed( 'userrights' ) ) {
98  throw new UserBlockedError( $user->getBlock() );
99  }
100 
101  if ( $par !== null ) {
102  $this->mTarget = $par;
103  } else {
104  $this->mTarget = $request->getVal( 'user' );
105  }
106 
107  if ( is_string( $this->mTarget ) ) {
108  $this->mTarget = trim( $this->mTarget );
109  }
110 
111  $available = $this->changeableGroups();
112 
113  if ( $this->mTarget === null ) {
114  /*
115  * If the user specified no target, and they can only
116  * edit their own groups, automatically set them as the
117  * target.
118  */
119  if ( !count( $available['add'] ) && !count( $available['remove'] ) ) {
120  $this->mTarget = $user->getName();
121  }
122  }
123 
124  if ( $this->mTarget !== null && User::getCanonicalName( $this->mTarget ) === $user->getName() ) {
125  $this->isself = true;
126  }
127 
128  $fetchedStatus = $this->fetchUser( $this->mTarget );
129  if ( $fetchedStatus->isOK() ) {
130  $this->mFetchedUser = $fetchedStatus->value;
131  if ( $this->mFetchedUser instanceof User ) {
132  // Set the 'relevant user' in the skin, so it displays links like Contributions,
133  // User logs, UserRights, etc.
134  $this->getSkin()->setRelevantUser( $this->mFetchedUser );
135  }
136  }
137 
138  if ( !$this->userCanChangeRights( $user, true ) ) {
139  if ( $this->isself && $request->getCheck( 'success' ) ) {
140  // bug 48609: if the user just removed its own rights, this would
141  // leads it in a "permissions error" page. In that case, show a
142  // message that it can't anymore use this page instead of an error
143  $this->setHeaders();
144  $out->wrapWikiMsg( "<div class=\"successbox\">\n$1\n</div>", 'userrights-removed-self' );
145  $out->returnToMain();
146 
147  return;
148  }
149 
150  // @todo FIXME: There may be intermediate groups we can mention.
151  $msg = $user->isAnon() ? 'userrights-nologin' : 'userrights-notallowed';
152  throw new PermissionsError( null, [ [ $msg ] ] );
153  }
154 
155  // show a successbox, if the user rights was saved successfully
156  if ( $request->getCheck( 'success' ) && $this->mFetchedUser !== null ) {
157  $out->addModules( [ 'mediawiki.special.userrights' ] );
158  $out->addModuleStyles( 'mediawiki.notification.convertmessagebox.styles' );
159  $out->addHTML(
160  Html::rawElement(
161  'div',
162  [
163  'class' => 'mw-notify-success successbox',
164  'id' => 'mw-preferences-success',
165  'data-mw-autohide' => 'false',
166  ],
167  Html::element(
168  'p',
169  [],
170  $this->msg( 'savedrights', $this->mFetchedUser->getName() )->text()
171  )
172  )
173  );
174  }
175 
176  $this->checkReadOnly();
177 
178  $this->setHeaders();
179  $this->outputHeader();
180 
181  $out->addModuleStyles( 'mediawiki.special' );
182  $this->addHelpLink( 'Help:Assigning permissions' );
183 
184  // show the general form
185  if ( count( $available['add'] ) || count( $available['remove'] ) ) {
186  $this->switchForm();
187  }
188 
189  if (
190  $request->wasPosted() &&
191  $request->getCheck( 'saveusergroups' ) &&
192  $this->mTarget !== null &&
193  $user->matchEditToken( $request->getVal( 'wpEditToken' ), $this->mTarget )
194  ) {
195  // save settings
196  if ( !$fetchedStatus->isOK() ) {
197  $this->getOutput()->addWikiText( $fetchedStatus->getWikiText() );
198 
199  return;
200  }
201 
202  $targetUser = $this->mFetchedUser;
203  if ( $targetUser instanceof User ) { // UserRightsProxy doesn't have this method (bug 61252)
204  $targetUser->clearInstanceCache(); // bug 38989
205  }
206 
207  if ( $request->getVal( 'conflictcheck-originalgroups' )
208  !== implode( ',', $targetUser->getGroups() )
209  ) {
210  $out->addWikiMsg( 'userrights-conflict' );
211  } else {
212  $this->saveUserGroups(
213  $this->mTarget,
214  $request->getVal( 'user-reason' ),
215  $targetUser
216  );
217 
218  $out->redirect( $this->getSuccessURL() );
219 
220  return;
221  }
222  }
223 
224  // show some more forms
225  if ( $this->mTarget !== null ) {
226  $this->editUserGroupsForm( $this->mTarget );
227  }
228  }
229 
230  function getSuccessURL() {
231  return $this->getPageTitle( $this->mTarget )->getFullURL( [ 'success' => 1 ] );
232  }
233 
243  function saveUserGroups( $username, $reason, $user ) {
244  $allgroups = $this->getAllGroups();
245  $addgroup = [];
246  $removegroup = [];
247 
248  // This could possibly create a highly unlikely race condition if permissions are changed between
249  // when the form is loaded and when the form is saved. Ignoring it for the moment.
250  foreach ( $allgroups as $group ) {
251  // We'll tell it to remove all unchecked groups, and add all checked groups.
252  // Later on, this gets filtered for what can actually be removed
253  if ( $this->getRequest()->getCheck( "wpGroup-$group" ) ) {
254  $addgroup[] = $group;
255  } else {
256  $removegroup[] = $group;
257  }
258  }
259 
260  $this->doSaveUserGroups( $user, $addgroup, $removegroup, $reason );
261  }
262 
272  function doSaveUserGroups( $user, $add, $remove, $reason = '' ) {
273  // Validate input set...
274  $isself = $user->getName() == $this->getUser()->getName();
275  $groups = $user->getGroups();
276  $changeable = $this->changeableGroups();
277  $addable = array_merge( $changeable['add'], $isself ? $changeable['add-self'] : [] );
278  $removable = array_merge( $changeable['remove'], $isself ? $changeable['remove-self'] : [] );
279 
280  $remove = array_unique(
281  array_intersect( (array)$remove, $removable, $groups ) );
282  $add = array_unique( array_diff(
283  array_intersect( (array)$add, $addable ),
284  $groups )
285  );
286 
287  $oldGroups = $user->getGroups();
288  $newGroups = $oldGroups;
289 
290  // Remove then add groups
291  if ( $remove ) {
292  foreach ( $remove as $index => $group ) {
293  if ( !$user->removeGroup( $group ) ) {
294  unset( $remove[$index] );
295  }
296  }
297  $newGroups = array_diff( $newGroups, $remove );
298  }
299  if ( $add ) {
300  foreach ( $add as $index => $group ) {
301  if ( !$user->addGroup( $group ) ) {
302  unset( $add[$index] );
303  }
304  }
305  $newGroups = array_merge( $newGroups, $add );
306  }
307  $newGroups = array_unique( $newGroups );
308 
309  // Ensure that caches are cleared
310  $user->invalidateCache();
311 
312  // update groups in external authentication database
313  Hooks::run( 'UserGroupsChanged', [ $user, $add, $remove, $this->getUser(), $reason ] );
314  MediaWiki\Auth\AuthManager::callLegacyAuthPlugin(
315  'updateExternalDBGroups', [ $user, $add, $remove ]
316  );
317 
318  wfDebug( 'oldGroups: ' . print_r( $oldGroups, true ) . "\n" );
319  wfDebug( 'newGroups: ' . print_r( $newGroups, true ) . "\n" );
320  // Deprecated in favor of UserGroupsChanged hook
321  Hooks::run( 'UserRights', [ &$user, $add, $remove ], '1.26' );
322 
323  if ( $newGroups != $oldGroups ) {
324  $this->addLogEntry( $user, $oldGroups, $newGroups, $reason );
325  }
326 
327  return [ $add, $remove ];
328  }
329 
337  function addLogEntry( $user, $oldGroups, $newGroups, $reason ) {
338  $logEntry = new ManualLogEntry( 'rights', 'rights' );
339  $logEntry->setPerformer( $this->getUser() );
340  $logEntry->setTarget( $user->getUserPage() );
341  $logEntry->setComment( $reason );
342  $logEntry->setParameters( [
343  '4::oldgroups' => $oldGroups,
344  '5::newgroups' => $newGroups,
345  ] );
346  $logid = $logEntry->insert();
347  $logEntry->publish( $logid );
348  }
349 
354  function editUserGroupsForm( $username ) {
355  $status = $this->fetchUser( $username );
356  if ( !$status->isOK() ) {
357  $this->getOutput()->addWikiText( $status->getWikiText() );
358 
359  return;
360  } else {
361  $user = $status->value;
362  }
363 
364  $groups = $user->getGroups();
365 
366  $this->showEditUserGroupsForm( $user, $groups );
367 
368  // This isn't really ideal logging behavior, but let's not hide the
369  // interwiki logs if we're using them as is.
370  $this->showLogFragment( $user, $this->getOutput() );
371  }
372 
381  public function fetchUser( $username ) {
382  $parts = explode( $this->getConfig()->get( 'UserrightsInterwikiDelimiter' ), $username );
383  if ( count( $parts ) < 2 ) {
384  $name = trim( $username );
385  $database = '';
386  } else {
387  list( $name, $database ) = array_map( 'trim', $parts );
388 
389  if ( $database == wfWikiID() ) {
390  $database = '';
391  } else {
392  if ( !$this->getUser()->isAllowed( 'userrights-interwiki' ) ) {
393  return Status::newFatal( 'userrights-no-interwiki' );
394  }
395  if ( !UserRightsProxy::validDatabase( $database ) ) {
396  return Status::newFatal( 'userrights-nodatabase', $database );
397  }
398  }
399  }
400 
401  if ( $name === '' ) {
402  return Status::newFatal( 'nouserspecified' );
403  }
404 
405  if ( $name[0] == '#' ) {
406  // Numeric ID can be specified...
407  // We'll do a lookup for the name internally.
408  $id = intval( substr( $name, 1 ) );
409 
410  if ( $database == '' ) {
411  $name = User::whoIs( $id );
412  } else {
413  $name = UserRightsProxy::whoIs( $database, $id );
414  }
415 
416  if ( !$name ) {
417  return Status::newFatal( 'noname' );
418  }
419  } else {
420  $name = User::getCanonicalName( $name );
421  if ( $name === false ) {
422  // invalid name
423  return Status::newFatal( 'nosuchusershort', $username );
424  }
425  }
426 
427  if ( $database == '' ) {
428  $user = User::newFromName( $name );
429  } else {
430  $user = UserRightsProxy::newFromName( $database, $name );
431  }
432 
433  if ( !$user || $user->isAnon() ) {
434  return Status::newFatal( 'nosuchusershort', $username );
435  }
436 
437  return Status::newGood( $user );
438  }
439 
447  public function makeGroupNameList( $ids ) {
448  if ( empty( $ids ) ) {
449  return $this->msg( 'rightsnone' )->inContentLanguage()->text();
450  } else {
451  return implode( ', ', $ids );
452  }
453  }
454 
458  function switchForm() {
459  $this->getOutput()->addModules( 'mediawiki.userSuggest' );
460 
461  $this->getOutput()->addHTML(
462  Html::openElement(
463  'form',
464  [
465  'method' => 'get',
466  'action' => wfScript(),
467  'name' => 'uluser',
468  'id' => 'mw-userrights-form1'
469  ]
470  ) .
471  Html::hidden( 'title', $this->getPageTitle()->getPrefixedText() ) .
472  Xml::fieldset( $this->msg( 'userrights-lookup-user' )->text() ) .
473  Xml::inputLabel(
474  $this->msg( 'userrights-user-editname' )->text(),
475  'user',
476  'username',
477  30,
478  str_replace( '_', ' ', $this->mTarget ),
479  [
480  'class' => 'mw-autocomplete-user', // used by mediawiki.userSuggest
481  ] + (
482  // Set autofocus on blank input and error input
483  $this->mFetchedUser === null ? [ 'autofocus' => '' ] : []
484  )
485  ) . ' ' .
486  Xml::submitButton(
487  $this->msg(
488  'editusergroup',
489  $this->mFetchedUser === null ? '[]' : $this->mFetchedUser->getName()
490  )->text()
491  ) .
492  Html::closeElement( 'fieldset' ) .
493  Html::closeElement( 'form' ) . "\n"
494  );
495  }
496 
505  protected function splitGroups( $groups ) {
506  list( $addable, $removable, $addself, $removeself ) = array_values( $this->changeableGroups() );
507 
508  $removable = array_intersect(
509  array_merge( $this->isself ? $removeself : [], $removable ),
510  $groups
511  ); // Can't remove groups the user doesn't have
512  $addable = array_diff(
513  array_merge( $this->isself ? $addself : [], $addable ),
514  $groups
515  ); // Can't add groups the user does have
516 
517  return [ $addable, $removable ];
518  }
519 
526  protected function showEditUserGroupsForm( $user, $groups ) {
527  $list = [];
528  $membersList = [];
529  foreach ( $groups as $group ) {
530  $list[] = self::buildGroupLink( $group );
531  $membersList[] = self::buildGroupMemberLink( $group );
532  }
533 
534  $autoList = [];
535  $autoMembersList = [];
536  if ( $user instanceof User ) {
537  foreach ( Autopromote::getAutopromoteGroups( $user ) as $group ) {
538  $autoList[] = self::buildGroupLink( $group );
539  $autoMembersList[] = self::buildGroupMemberLink( $group );
540  }
541  }
542 
543  $language = $this->getLanguage();
544  $displayedList = $this->msg( 'userrights-groupsmember-type' )
545  ->rawParams(
546  $language->listToText( $list ),
547  $language->listToText( $membersList )
548  )->escaped();
549  $displayedAutolist = $this->msg( 'userrights-groupsmember-type' )
550  ->rawParams(
551  $language->listToText( $autoList ),
552  $language->listToText( $autoMembersList )
553  )->escaped();
554 
555  $grouplist = '';
556  $count = count( $list );
557  if ( $count > 0 ) {
558  $grouplist = $this->msg( 'userrights-groupsmember' )
559  ->numParams( $count )
560  ->params( $user->getName() )
561  ->parse();
562  $grouplist = '<p>' . $grouplist . ' ' . $displayedList . "</p>\n";
563  }
564 
565  $count = count( $autoList );
566  if ( $count > 0 ) {
567  $autogrouplistintro = $this->msg( 'userrights-groupsmember-auto' )
568  ->numParams( $count )
569  ->params( $user->getName() )
570  ->parse();
571  $grouplist .= '<p>' . $autogrouplistintro . ' ' . $displayedAutolist . "</p>\n";
572  }
573 
574  $userToolLinks = Linker::userToolLinks(
575  $user->getId(),
576  $user->getName(),
577  false, /* default for redContribsWhenNoEdits */
578  Linker::TOOL_LINKS_EMAIL /* Add "send e-mail" link */
579  );
580 
581  $this->getOutput()->addHTML(
582  Xml::openElement(
583  'form',
584  [
585  'method' => 'post',
586  'action' => $this->getPageTitle()->getLocalURL(),
587  'name' => 'editGroup',
588  'id' => 'mw-userrights-form2'
589  ]
590  ) .
591  Html::hidden( 'user', $this->mTarget ) .
592  Html::hidden( 'wpEditToken', $this->getUser()->getEditToken( $this->mTarget ) ) .
593  Html::hidden(
594  'conflictcheck-originalgroups',
595  implode( ',', $user->getGroups() )
596  ) . // Conflict detection
597  Xml::openElement( 'fieldset' ) .
598  Xml::element(
599  'legend',
600  [],
601  $this->msg( 'userrights-editusergroup', $user->getName() )->text()
602  ) .
603  $this->msg( 'editinguser' )->params( wfEscapeWikiText( $user->getName() ) )
604  ->rawParams( $userToolLinks )->parse() .
605  $this->msg( 'userrights-groups-help', $user->getName() )->parse() .
606  $grouplist .
607  $this->groupCheckboxes( $groups, $user ) .
608  Xml::openElement( 'table', [ 'id' => 'mw-userrights-table-outer' ] ) .
609  "<tr>
610  <td class='mw-label'>" .
611  Xml::label( $this->msg( 'userrights-reason' )->text(), 'wpReason' ) .
612  "</td>
613  <td class='mw-input'>" .
614  Xml::input( 'user-reason', 60, $this->getRequest()->getVal( 'user-reason', false ),
615  [ 'id' => 'wpReason', 'maxlength' => 255 ] ) .
616  "</td>
617  </tr>
618  <tr>
619  <td></td>
620  <td class='mw-submit'>" .
621  Xml::submitButton( $this->msg( 'saveusergroups', $user->getName() )->text(),
622  [ 'name' => 'saveusergroups' ] +
623  Linker::tooltipAndAccesskeyAttribs( 'userrights-set' )
624  ) .
625  "</td>
626  </tr>" .
627  Xml::closeElement( 'table' ) . "\n" .
628  Xml::closeElement( 'fieldset' ) .
629  Xml::closeElement( 'form' ) . "\n"
630  );
631  }
632 
639  private static function buildGroupLink( $group ) {
640  return User::makeGroupLinkHTML( $group, User::getGroupName( $group ) );
641  }
642 
649  private static function buildGroupMemberLink( $group ) {
650  return User::makeGroupLinkHTML( $group, User::getGroupMember( $group ) );
651  }
652 
657  protected static function getAllGroups() {
658  return User::getAllGroups();
659  }
660 
669  private function groupCheckboxes( $usergroups, $user ) {
670  $allgroups = $this->getAllGroups();
671  $ret = '';
672 
673  // Put all column info into an associative array so that extensions can
674  // more easily manage it.
675  $columns = [ 'unchangeable' => [], 'changeable' => [] ];
676 
677  foreach ( $allgroups as $group ) {
678  $set = in_array( $group, $usergroups );
679  // Should the checkbox be disabled?
680  $disabled = !(
681  ( $set && $this->canRemove( $group ) ) ||
682  ( !$set && $this->canAdd( $group ) ) );
683  // Do we need to point out that this action is irreversible?
684  $irreversible = !$disabled && (
685  ( $set && !$this->canAdd( $group ) ) ||
686  ( !$set && !$this->canRemove( $group ) ) );
687 
688  $checkbox = [
689  'set' => $set,
690  'disabled' => $disabled,
691  'irreversible' => $irreversible
692  ];
693 
694  if ( $disabled ) {
695  $columns['unchangeable'][$group] = $checkbox;
696  } else {
697  $columns['changeable'][$group] = $checkbox;
698  }
699  }
700 
701  // Build the HTML table
702  $ret .= Xml::openElement( 'table', [ 'class' => 'mw-userrights-groups' ] ) .
703  "<tr>\n";
704  foreach ( $columns as $name => $column ) {
705  if ( $column === [] ) {
706  continue;
707  }
708  // Messages: userrights-changeable-col, userrights-unchangeable-col
709  $ret .= Xml::element(
710  'th',
711  null,
712  $this->msg( 'userrights-' . $name . '-col', count( $column ) )->text()
713  );
714  }
715 
716  $ret .= "</tr>\n<tr>\n";
717  foreach ( $columns as $column ) {
718  if ( $column === [] ) {
719  continue;
720  }
721  $ret .= "\t<td style='vertical-align:top;'>\n";
722  foreach ( $column as $group => $checkbox ) {
723  $attr = $checkbox['disabled'] ? [ 'disabled' => 'disabled' ] : [];
724 
725  $member = User::getGroupMember( $group, $user->getName() );
726  if ( $checkbox['irreversible'] ) {
727  $text = $this->msg( 'userrights-irreversible-marker', $member )->text();
728  } else {
729  $text = $member;
730  }
731  $checkboxHtml = Xml::checkLabel( $text, "wpGroup-" . $group,
732  "wpGroup-" . $group, $checkbox['set'], $attr );
733  $ret .= "\t\t" . ( $checkbox['disabled']
734  ? Xml::tags( 'span', [ 'class' => 'mw-userrights-disabled' ], $checkboxHtml )
735  : $checkboxHtml
736  ) . "<br />\n";
737  }
738  $ret .= "\t</td>\n";
739  }
740  $ret .= Xml::closeElement( 'tr' ) . Xml::closeElement( 'table' );
741 
742  return $ret;
743  }
744 
749  private function canRemove( $group ) {
750  // $this->changeableGroups()['remove'] doesn't work, of course. Thanks, PHP.
751  $groups = $this->changeableGroups();
752 
753  return in_array(
754  $group,
755  $groups['remove'] ) || ( $this->isself && in_array( $group, $groups['remove-self'] )
756  );
757  }
758 
763  private function canAdd( $group ) {
764  $groups = $this->changeableGroups();
765 
766  return in_array(
767  $group,
768  $groups['add'] ) || ( $this->isself && in_array( $group, $groups['add-self'] )
769  );
770  }
771 
782  function changeableGroups() {
783  return $this->getUser()->changeableGroups();
784  }
785 
792  protected function showLogFragment( $user, $output ) {
793  $rightsLogPage = new LogPage( 'rights' );
794  $output->addHTML( Xml::element( 'h2', null, $rightsLogPage->getName()->text() ) );
795  LogEventsList::showLogExtract( $output, 'rights', $user->getUserPage() );
796  }
797 
806  public function prefixSearchSubpages( $search, $limit, $offset ) {
807  $user = User::newFromName( $search );
808  if ( !$user ) {
809  // No prefix suggestion for invalid user
810  return [];
811  }
812  // Autocomplete subpage as user list - public to allow caching
813  return UserNamePrefixSearch::search( 'public', $search, $limit, $offset );
814  }
815 
816  protected function getGroupName() {
817  return 'users';
818  }
819 }
User\newFromName
static newFromName($name, $validate= 'valid')
Static factory method for creation from username.
Definition: User.php:525
UserrightsPage\showEditUserGroupsForm
showEditUserGroupsForm($user, $groups)
Show the form to edit group memberships.
Definition: SpecialUserrights.php:526
Html\closeElement
static closeElement($element)
Returns "".
Definition: Html.php:305
User\whoIs
static whoIs($id)
Get the username corresponding to a given user ID.
Definition: User.php:708
list
deferred txt A few of the database updates required by various functions here can be deferred until after the result page is displayed to the user For updating the view updating the linked to tables after a etc PHP does not yet have any way to tell the server to actually return and disconnect while still running these but it might have such a feature in the future We handle these by creating a deferred update object and putting those objects on a global list
Definition: deferred.txt:11
UserrightsPage\userCanExecute
userCanExecute(User $user)
Definition: SpecialUserrights.php:55
$out
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition: hooks.txt:806
array
the array() calling protocol came about after MediaWiki 1.4rc1.
wfScript
wfScript($script= 'index')
Get the path to a specified script file, respecting file extensions; this is a wrapper around $wgScri...
Definition: GlobalFunctions.php:3151
Xml\element
static element($element, $attribs=null, $contents= '', $allowShortTag=true)
Format an XML element with given attributes and, optionally, text content.
Definition: Xml.php:39
UserrightsPage\buildGroupLink
static buildGroupLink($group)
Format a link to a group description page.
Definition: SpecialUserrights.php:639
$ret
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition: hooks.txt:1940
UserRightsProxy\whoIs
static whoIs($database, $id, $ignoreInvalidDB=false)
Same as User::whoIs()
Definition: UserRightsProxy.php:75
User\getCanonicalName
static getCanonicalName($name, $validate= 'valid')
Given unvalidated user input, return a canonical username, or false if the username is invalid...
Definition: User.php:1046
StatusValue\newFatal
static newFatal($message)
Factory function for fatal errors.
Definition: StatusValue.php:63
Html\rawElement
static rawElement($element, $attribs=[], $contents= '')
Returns an HTML element in a string.
Definition: Html.php:209
UserRightsProxy\newFromName
static newFromName($database, $name, $ignoreInvalidDB=false)
Factory function; get a remote user entry by name.
Definition: UserRightsProxy.php:104
UserrightsPage\changeableGroups
changeableGroups()
Returns $this->getUser()->changeableGroups()
Definition: SpecialUserrights.php:782
UserrightsPage\fetchUser
fetchUser($username)
Normalize the input username, which may be local or remote, and return a user (or proxy) object for m...
Definition: SpecialUserrights.php:381
Html\hidden
static hidden($name, $value, array $attribs=[])
Convenience function to produce an input element with type=hidden.
Definition: Html.php:758
Xml\input
static input($name, $size=false, $value=false, $attribs=[])
Convenience function to build an HTML text input field.
Definition: Xml.php:275
UserrightsPage\splitGroups
splitGroups($groups)
Go through used and available groups and return the ones that this form will be able to manipulate ba...
Definition: SpecialUserrights.php:505
Xml\inputLabel
static inputLabel($label, $name, $id, $size=false, $value=false, $attribs=[])
Convenience function to build an HTML text input field with a label.
Definition: Xml.php:381
SpecialPage\msg
msg()
Wrapper around wfMessage that sets the current context.
Definition: SpecialPage.php:746
SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition: SpecialPage.php:675
UserrightsPage\userCanChangeRights
userCanChangeRights($user, $checkIfSelf=true)
Definition: SpecialUserrights.php:64
User\makeGroupLinkHTML
static makeGroupLinkHTML($group, $text= '')
Create a link to the group in HTML, if available; else return the group name.
Definition: User.php:4781
Linker\tooltipAndAccesskeyAttribs
static tooltipAndAccesskeyAttribs($name, array $msgParams=[])
Returns the attributes for the tooltip and access key.
Definition: Linker.php:2184
Xml\submitButton
static submitButton($value, $attribs=[])
Convenience function to build an HTML submit button When $wgUseMediaWikiUIEverywhere is true it will ...
Definition: Xml.php:460
SpecialPage\addHelpLink
addHelpLink($to, $overrideBaseUrl=false)
Adds help link with an icon via page indicators.
Definition: SpecialPage.php:785
Xml\label
static label($label, $id, $attribs=[])
Convenience function to build an HTML form label.
Definition: Xml.php:359
wfDebug
wfDebug($text, $dest= 'all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
Definition: GlobalFunctions.php:997
LogEventsList\showLogExtract
static showLogExtract(&$out, $types=[], $page= '', $user= '', $param=[])
Show log extract.
Definition: LogEventsList.php:559
User\getAllGroups
static getAllGroups()
Return the set of defined explicit groups.
Definition: User.php:4717
SpecialPage\outputHeader
outputHeader($summaryMessageKey= '')
Outputs a summary message on top of special pages Per default the message key is the canonical name o...
Definition: SpecialPage.php:583
LogPage
Class to simplify the use of log pages.
Definition: LogPage.php:32
Xml\fieldset
static fieldset($legend=false, $content=false, $attribs=[])
Shortcut for creating fieldsets.
Definition: Xml.php:578
Xml\closeElement
static closeElement($element)
Shortcut to close an XML element.
Definition: Xml.php:118
UserrightsPage\prefixSearchSubpages
prefixSearchSubpages($search, $limit, $offset)
Return an array of subpages beginning with $search that this special page will accept.
Definition: SpecialUserrights.php:806
SpecialPage
Parent class for all special pages.
Definition: SpecialPage.php:36
Html\openElement
static openElement($element, $attribs=[])
Identical to rawElement(), but has no third parameter and omits the end tag (and the self-closing '/'...
Definition: Html.php:247
wfEscapeWikiText
wfEscapeWikiText($text)
Escapes the given text so that it may be output using addWikiText() without any linking, formatting, etc.
Definition: GlobalFunctions.php:1667
UserrightsPage\switchForm
switchForm()
Output a form to allow searching for a user.
Definition: SpecialUserrights.php:458
UserrightsPage\execute
execute($par)
Manage forms to be shown according to posted data.
Definition: SpecialUserrights.php:84
UserRightsProxy\validDatabase
static validDatabase($database)
Confirm the selected database name is a valid local interwiki database name.
Definition: UserRightsProxy.php:62
UserNamePrefixSearch\search
static search($audience, $search, $limit, $offset=0)
Do a prefix search of user names and return a list of matching user names.
Definition: UserNamePrefixSearch.php:39
Xml\openElement
static openElement($element, $attribs=null)
This opens an XML element.
Definition: Xml.php:109
SpecialPage\getSkin
getSkin()
Shortcut to get the skin being used for this instance.
Definition: SpecialPage.php:695
SpecialPage\setHeaders
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes! ...
Definition: SpecialPage.php:484
UserrightsPage\doSaveUserGroups
doSaveUserGroups($user, $add, $remove, $reason= '')
Save user groups changes in the database.
Definition: SpecialUserrights.php:272
UserrightsPage\$mTarget
$mTarget
The target of the local right-adjuster's interest.
Definition: SpecialUserrights.php:36
Autopromote\getAutopromoteGroups
static getAutopromoteGroups(User $user)
Get the groups for the given user based on $wgAutopromote.
Definition: Autopromote.php:35
MediaWiki\Auth\AuthManager\callLegacyAuthPlugin
static callLegacyAuthPlugin($method, array $params, $return=null)
Call a legacy AuthPlugin method, if necessary.
Definition: AuthManager.php:237
StatusValue\newGood
static newGood($value=null)
Factory function for good results.
Definition: StatusValue.php:76
UserrightsPage\buildGroupMemberLink
static buildGroupMemberLink($group)
Format a link to a group member description page.
Definition: SpecialUserrights.php:649
Hooks\run
static run($event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
Definition: Hooks.php:131
text
design txt This is a brief overview of the new design More thorough and up to date information is available on the documentation wiki at etc Handles the details of getting and saving to the user table of the and dealing with sessions and cookies OutputPage Encapsulates the entire HTML page that will be sent in response to any server request It is used by calling its functions to add text
Definition: design.txt:12
wfWikiID
wfWikiID()
Get an ASCII string identifying this wiki This is used as a prefix in memcached keys.
Definition: GlobalFunctions.php:3024
UserBlockedError
Show an error when the user tries to do something whilst blocked.
Definition: UserBlockedError.php:27
as
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition: distributors.txt:9
$user
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account $user
Definition: hooks.txt:246
User\getGroupName
static getGroupName($group)
Get the localized descriptive name for a group, if it exists.
Definition: User.php:4694
$output
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context the output can only depend on parameters provided to this hook not on global state indicating whether full HTML should be generated If generation of HTML may be but other information should still be present in the ParserOutput object & $output
Definition: hooks.txt:1050
UserrightsPage\groupCheckboxes
groupCheckboxes($usergroups, $user)
Adds a table with checkboxes where you can select what groups to add/remove.
Definition: SpecialUserrights.php:669
UserrightsPage\getAllGroups
static getAllGroups()
Returns an array of all groups that may be edited.
Definition: SpecialUserrights.php:657
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
$username
this hook is for auditing only or null if authentication failed before getting that far $username
Definition: hooks.txt:806
Xml\tags
static tags($element, $attribs=null, $contents)
Same as Xml::element(), but does not escape contents.
Definition: Xml.php:131
User\getGroupMember
static getGroupMember($group, $username= '#')
Get the localized descriptive name for a member of a group, if it exists.
Definition: User.php:4706
UserrightsPage\editUserGroupsForm
editUserGroupsForm($username)
Edit user groups membership.
Definition: SpecialUserrights.php:354
ManualLogEntry
Class for creating log entries manually, to inject them into the database.
Definition: LogEntry.php:394
$request
error also a ContextSource you ll probably need to make sure the header is varied on $request
Definition: hooks.txt:2577
SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition: SpecialPage.php:685
SpecialPage\getConfig
getConfig()
Shortcut to get main config object.
Definition: SpecialPage.php:714
UserrightsPage\addLogEntry
addLogEntry($user, $oldGroups, $newGroups, $reason)
Add a rights log entry for an action.
Definition: SpecialUserrights.php:337
PermissionsError
Show an error when a user tries to do something they do not have the necessary permissions for...
Definition: PermissionsError.php:28
Linker\userToolLinks
static userToolLinks($userId, $userText, $redContribsWhenNoEdits=false, $flags=0, $edits=null)
Generate standard user tool links (talk, contributions, block link, etc.)
Definition: Linker.php:1017
SpecialPage\getLanguage
getLanguage()
Shortcut to get user's language.
Definition: SpecialPage.php:705
UserrightsPage\saveUserGroups
saveUserGroups($username, $reason, $user)
Save user groups changes in the database.
Definition: SpecialUserrights.php:243
$limit
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context the output can only depend on parameters provided to this hook not on global state indicating whether full HTML should be generated If generation of HTML may be but other information should still be present in the ParserOutput object to manipulate or replace but no entry for that model exists in $wgContentHandlers if desired whether it is OK to use $contentModel on $title Handler functions that modify $ok should generally return false to prevent further hooks from further modifying $ok inclusive $limit
Definition: hooks.txt:1050
$status
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
Definition: hooks.txt:1050
UserrightsPage
Special page to allow managing user group membership.
Definition: SpecialUserrights.php:29
$count
$count
Definition: importImages.php:141
Xml\checkLabel
static checkLabel($label, $name, $id, $checked=false, $attribs=[])
Convenience function to build an HTML checkbox with a label.
Definition: Xml.php:420
SpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition: SpecialPage.php:665
UserrightsPage\showLogFragment
showLogFragment($user, $output)
Show a rights log fragment for the specified user.
Definition: SpecialUserrights.php:792
SpecialPage\checkReadOnly
checkReadOnly()
If the wiki is currently in readonly mode, throws a ReadOnlyError.
Definition: SpecialPage.php:319
Html\element
static element($element, $attribs=[], $contents= '')
Identical to rawElement(), but HTML-escapes $contents (like Xml::element()).
Definition: Html.php:229
Linker\TOOL_LINKS_EMAIL
const TOOL_LINKS_EMAIL
Definition: Linker.php:39
SpecialPage\getPageTitle
getPageTitle($subpage=false)
Get a self-referential title object.
Definition: SpecialPage.php:628
$name
Allows to change the fields on the form that will be generated $name
Definition: hooks.txt:304