MediaWiki REL1_39
RollbackAction.php
Go to the documentation of this file.
1<?php
23use MediaWiki\CommentFormatter\CommentFormatter;
24use MediaWiki\Content\IContentHandlerFactory;
25use MediaWiki\MainConfigNames;
26use MediaWiki\MediaWikiServices;
27use MediaWiki\Page\RollbackPageFactory;
28use MediaWiki\Revision\RevisionRecord;
29use MediaWiki\Revision\SlotRecord;
30use MediaWiki\User\UserOptionsLookup;
31use MediaWiki\Watchlist\WatchlistManager;
32
38class RollbackAction extends FormAction {
39
41 private $contentHandlerFactory;
42
44 private $rollbackPageFactory;
45
47 private $userOptionsLookup;
48
50 private $watchlistManager;
51
53 private $commentFormatter;
54
64 public function __construct(
65 Page $page,
66 ?IContextSource $context,
67 IContentHandlerFactory $contentHandlerFactory,
68 RollbackPageFactory $rollbackPageFactory,
69 UserOptionsLookup $userOptionsLookup,
70 WatchlistManager $watchlistManager,
71 CommentFormatter $commentFormatter
72 ) {
73 parent::__construct( $page, $context );
74 $this->contentHandlerFactory = $contentHandlerFactory;
75 $this->rollbackPageFactory = $rollbackPageFactory;
76 $this->userOptionsLookup = $userOptionsLookup;
77 $this->watchlistManager = $watchlistManager;
78 $this->commentFormatter = $commentFormatter;
79 }
80
81 public function getName() {
82 return 'rollback';
83 }
84
85 public function getRestriction() {
86 return 'rollback';
87 }
88
89 protected function usesOOUI() {
90 return true;
91 }
92
93 protected function getDescription() {
94 return '';
95 }
96
97 public function doesWrites() {
98 return true;
99 }
100
101 public function onSuccess() {
102 return false;
103 }
104
105 public function onSubmit( $data ) {
106 return false;
107 }
108
109 protected function alterForm( HTMLForm $form ) {
110 $form->setWrapperLegendMsg( 'confirm-rollback-top' );
111 $form->setSubmitTextMsg( 'confirm-rollback-button' );
112 $form->setTokenSalt( 'rollback' );
113
114 $from = $this->getRequest()->getVal( 'from' );
115 if ( $from === null ) {
116 throw new BadRequestError( 'rollbackfailed', 'rollback-missingparam' );
117 }
118 foreach ( [ 'from', 'bot', 'hidediff', 'summary', 'token' ] as $param ) {
119 $val = $this->getRequest()->getVal( $param );
120 if ( $val !== null ) {
121 $form->addHiddenField( $param, $val );
122 }
123 }
124 }
125
131 public function show() {
132 $this->setHeaders();
133 // This will throw exceptions if there's a problem
134 $this->checkCanExecute( $this->getUser() );
135
136 if ( !$this->userOptionsLookup->getOption( $this->getUser(), 'showrollbackconfirmation' ) ||
137 $this->getRequest()->wasPosted()
138 ) {
139 $this->handleRollbackRequest();
140 } else {
141 $this->showRollbackConfirmationForm();
142 }
143 }
144
145 public function handleRollbackRequest() {
146 $this->enableTransactionalTimelimit();
147 $this->getOutput()->addModuleStyles( 'mediawiki.interface.helpers.styles' );
148
149 $request = $this->getRequest();
150 $user = $this->getUser();
151 $from = $request->getVal( 'from' );
152 $rev = $this->getWikiPage()->getRevisionRecord();
153 if ( $from === null ) {
154 throw new ErrorPageError( 'rollbackfailed', 'rollback-missingparam' );
155 }
156 if ( !$rev ) {
157 throw new ErrorPageError( 'rollbackfailed', 'rollback-missingrevision' );
158 }
159
160 $revUser = $rev->getUser();
161 $userText = $revUser ? $revUser->getName() : '';
162 if ( $from !== $userText ) {
163 throw new ErrorPageError( 'rollbackfailed', 'alreadyrolled', [
164 $this->getTitle()->getPrefixedText(),
165 wfEscapeWikiText( $from ),
166 $userText
167 ] );
168 }
169
170 if ( !$user->matchEditToken( $request->getVal( 'token' ), 'rollback' ) ) {
171 throw new ErrorPageError( 'sessionfailure-title', 'sessionfailure' );
172 }
173
174 // The revision has the user suppressed, so the rollback has empty 'from',
175 // so the check above would succeed in that case.
176 // T307278 - Also check if the user has rights to view suppressed usernames
177 if ( !$revUser ) {
178 if ( $this->getAuthority()->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
179 $revUser = $rev->getUser( RevisionRecord::RAW );
180 } else {
181 $userFactory = MediaWikiServices::getInstance()->getUserFactory();
182 $revUser = $userFactory->newFromName( $this->context->msg( 'rev-deleted-user' )->plain() );
183 }
184 }
185
186 $rollbackResult = $this->rollbackPageFactory
187 // @phan-suppress-next-line PhanTypeMismatchArgumentNullable use of raw avoids null here
188 ->newRollbackPage( $this->getWikiPage(), $this->getAuthority(), $revUser )
189 ->setSummary( $request->getText( 'summary' ) )
190 ->markAsBot( $request->getBool( 'bot' ) )
191 ->rollbackIfAllowed();
192 $data = $rollbackResult->getValue();
193
194 if ( $rollbackResult->hasMessage( 'actionthrottledtext' ) ) {
195 throw new ThrottledError;
196 }
197
198 if ( $rollbackResult->hasMessage( 'alreadyrolled' ) || $rollbackResult->hasMessage( 'cantrollback' ) ) {
199 $this->getOutput()->setPageTitle( $this->msg( 'rollbackfailed' ) );
200 $errArray = $rollbackResult->getErrors()[0];
201 $this->getOutput()->addWikiMsgArray( $errArray['message'], $errArray['params'] );
202
203 if ( isset( $data['current-revision-record'] ) ) {
205 $current = $data['current-revision-record'];
206
207 if ( $current->getComment() != null ) {
208 $this->getOutput()->addWikiMsg(
209 'editcomment',
210 Message::rawParam(
211 $this->commentFormatter
212 ->format( $current->getComment()->text )
213 )
214 );
215 }
216 }
217
218 return;
219 }
220
221 # NOTE: Permission errors already handled by Action::checkExecute.
222 if ( $rollbackResult->hasMessage( 'readonlytext' ) ) {
223 throw new ReadOnlyError;
224 }
225
226 # XXX: Would be nice if ErrorPageError could take multiple errors, and/or a status object.
227 # Right now, we only show the first error
228 foreach ( $rollbackResult->getErrors() as $error ) {
229 throw new ErrorPageError( 'rollbackfailed', $error['message'], $error['params'] );
230 }
231
233 $current = $data['current-revision-record'];
234 $target = $data['target-revision-record'];
235 $newId = $data['newid'];
236 $this->getOutput()->setPageTitle( $this->msg( 'actioncomplete' ) );
237 $this->getOutput()->setRobotPolicy( 'noindex,nofollow' );
238
239 $old = Linker::revUserTools( $current );
240 $new = Linker::revUserTools( $target );
241
242 $currentUser = $current->getUser( RevisionRecord::FOR_THIS_USER, $user );
243 $targetUser = $target->getUser( RevisionRecord::FOR_THIS_USER, $user );
244 $this->getOutput()->addHTML(
245 $this->msg( 'rollback-success' )
246 ->rawParams( $old, $new )
247 ->params( $currentUser ? $currentUser->getName() : '' )
248 ->params( $targetUser ? $targetUser->getName() : '' )
249 ->parseAsBlock()
250 );
251
252 if ( $this->userOptionsLookup->getBoolOption( $user, 'watchrollback' ) ) {
253 $this->watchlistManager->addWatchIgnoringRights( $user, $this->getTitle() );
254 }
255
256 $this->getOutput()->returnToMain( false, $this->getTitle() );
257
258 if ( !$request->getBool( 'hidediff', false ) &&
259 !$this->userOptionsLookup->getBoolOption( $this->getUser(), 'norollbackdiff' )
260 ) {
261 $contentModel = $current->getSlot( SlotRecord::MAIN, RevisionRecord::RAW )
262 ->getModel();
263 $contentHandler = $this->contentHandlerFactory->getContentHandler( $contentModel );
264 $de = $contentHandler->createDifferenceEngine(
265 $this->getContext(),
266 $current->getId(),
267 $newId,
268 0,
269 true
270 );
271 $de->showDiff( '', '' );
272 }
273 }
274
279 private function enableTransactionalTimelimit() {
280 // If Rollbacks are made POST-only, use $this->useTransactionalTimeLimit()
281 wfTransactionalTimeLimit();
282 if ( !$this->getRequest()->wasPosted() ) {
287 $fname = __METHOD__;
288 $trxLimits = $this->context->getConfig()->get( MainConfigNames::TrxProfilerLimits );
289 $trxProfiler = Profiler::instance()->getTransactionProfiler();
290 $trxProfiler->redefineExpectations( $trxLimits['POST'], $fname );
291 DeferredUpdates::addCallableUpdate( static function () use ( $trxProfiler, $trxLimits, $fname
292 ) {
293 $trxProfiler->redefineExpectations( $trxLimits['PostSend-POST'], $fname );
294 } );
295 }
296 }
297
298 private function showRollbackConfirmationForm() {
299 $form = $this->getForm();
300 if ( $form->show() ) {
301 $this->onSuccess();
302 }
303 }
304
305 protected function getFormFields() {
306 return [
307 'intro' => [
308 'type' => 'info',
309 'raw' => true,
310 'default' => $this->msg( 'confirm-rollback-bottom' )->parse()
311 ]
312 ];
313 }
314}
getUser
getUser()
getAuthority
getAuthority()
wfTransactionalTimeLimit
wfTransactionalTimeLimit()
Raise the request time limit to $wgTransactionalTimeLimit.
Definition GlobalFunctions.php:2064
wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition GlobalFunctions.php:1212
getContext
getContext()
Action\getWikiPage
getWikiPage()
Get a WikiPage object.
Definition Action.php:209
Action\checkCanExecute
checkCanExecute(User $user)
Checks if the given user (identified by an object) can perform this action.
Definition Action.php:353
Action\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition Action.php:160
Action\setHeaders
setHeaders()
Set output headers for noindexing etc.
Definition Action.php:419
Action\msg
msg( $key,... $params)
Get a Message object with context set Parameters are the same as wfMessage()
Definition Action.php:242
Action\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition Action.php:150
BadRequestError
An error page that emits an HTTP 400 Bad Request status code.
Definition BadRequestError.php:29
ErrorPageError
An error page which can definitely be safely rendered using the OutputPage.
Definition ErrorPageError.php:30
FormAction
An action which shows a form and does something based on the input from the form.
Definition FormAction.php:30
FormAction\getForm
getForm()
Get the HTMLForm to control behavior.
Definition FormAction.php:81
HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition HTMLForm.php:150
HTMLForm\setSubmitTextMsg
setSubmitTextMsg( $msg)
Set the text for the submit button to a message.
Definition HTMLForm.php:1612
HTMLForm\setWrapperLegendMsg
setWrapperLegendMsg( $msg)
Prompt the whole form to be wrapped in a "<fieldset>", with this message as its "<legend>" element.
Definition HTMLForm.php:1817
HTMLForm\addHiddenField
addHiddenField( $name, $value, array $attribs=[])
Add a hidden field to the output.
Definition HTMLForm.php:1134
HTMLForm\setTokenSalt
setTokenSalt( $salt)
Set the salt for the edit token.
Definition HTMLForm.php:1223
Linker\revUserTools
static revUserTools(RevisionRecord $revRecord, $isPublic=false, $useParentheses=true)
Generate a user tool link cluster if the current user is allowed to view it.
Definition Linker.php:1371
MediaWiki\CommentFormatter\CommentFormatter
This is the main service interface for converting single-line comments from various DB comment fields...
Definition CommentFormatter.php:16
MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:23
MediaWiki\MediaWikiServices
Service locator for MediaWiki core services.
Definition MediaWikiServices.php:212
MediaWiki\Revision\RevisionRecord
Page revision base class.
Definition RevisionRecord.php:47
MediaWiki\Revision\SlotRecord
Value object representing a content slot associated with a page revision.
Definition SlotRecord.php:40
MediaWiki\User\UserOptionsLookup
Provides access to user options.
Definition UserOptionsLookup.php:29
Message\rawParam
static rawParam( $raw)
Definition Message.php:1134
ReadOnlyError
Show an error when the wiki is locked/read-only and the user tries to do something that requires writ...
Definition ReadOnlyError.php:31
RollbackAction
User interface for the rollback action.
Definition RollbackAction.php:38
RollbackAction\getFormFields
getFormFields()
Get an HTMLForm descriptor array.
Definition RollbackAction.php:305
RollbackAction\getDescription
getDescription()
Returns the description that goes below the <h1> element.
Definition RollbackAction.php:93
RollbackAction\usesOOUI
usesOOUI()
Whether the form should use OOUI.
Definition RollbackAction.php:89
RollbackAction\onSubmit
onSubmit( $data)
Process the form on POST submission.
Definition RollbackAction.php:105
RollbackAction\alterForm
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
Definition RollbackAction.php:109
RollbackAction\getRestriction
getRestriction()
Get the permission required to perform this action.
Definition RollbackAction.php:85
RollbackAction\__construct
__construct(Page $page, ?IContextSource $context, IContentHandlerFactory $contentHandlerFactory, RollbackPageFactory $rollbackPageFactory, UserOptionsLookup $userOptionsLookup, WatchlistManager $watchlistManager, CommentFormatter $commentFormatter)
Definition RollbackAction.php:64
RollbackAction\onSuccess
onSuccess()
Do something exciting on successful processing of the form.
Definition RollbackAction.php:101
RollbackAction\getName
getName()
Return the name of the action this object responds to.
Definition RollbackAction.php:81
ThrottledError
Show an error when the user hits a rate limit.
Definition ThrottledError.php:28
IContextSource
Interface for objects which can provide a MediaWiki context on request.
Definition IContextSource.php:58
MediaWiki\Page\RollbackPageFactory
Service for page rollback actions.
Definition RollbackPageFactory.php:33
Page
Interface for type hinting (accepts WikiPage, Article, ImagePage, CategoryPage)
Definition Page.php:29