MediaWiki master
MWRestrictions.php
Go to the documentation of this file.
1<?php
26use Wikimedia\IPSet;
27use Wikimedia\IPUtils;
28
32class MWRestrictions implements Stringable {
33
35 private $ipAddresses = [ '0.0.0.0/0', '::/0' ];
36
38 private $pages = [];
39
41
46 protected function __construct( ?array $restrictions = null ) {
47 $this->validity = StatusValue::newGood();
48 if ( $restrictions !== null ) {
49 $this->loadFromArray( $restrictions );
50 }
51 }
52
56 public static function newDefault() {
57 return new self();
58 }
59
65 public static function newFromArray( array $restrictions ) {
66 return new self( $restrictions );
67 }
68
74 public static function newFromJson( $json ) {
75 $restrictions = FormatJson::decode( $json, true );
76 if ( !is_array( $restrictions ) ) {
77 throw new InvalidArgumentException( 'Invalid restrictions JSON' );
78 }
79 return new self( $restrictions );
80 }
81
82 private function loadFromArray( array $restrictions ) {
83 static $neededKeys = [ 'IPAddresses' ];
84
85 $keys = array_keys( $restrictions );
86 $missingKeys = array_diff( $neededKeys, $keys );
87 if ( $missingKeys ) {
88 throw new InvalidArgumentException(
89 'Array is missing required keys: ' . implode( ', ', $missingKeys )
90 );
91 }
92
93 if ( !is_array( $restrictions['IPAddresses'] ) ) {
94 throw new InvalidArgumentException( 'IPAddresses is not an array' );
95 }
96 foreach ( $restrictions['IPAddresses'] as $ip ) {
97 if ( !IPUtils::isIPAddress( $ip ) ) {
98 $this->validity->fatal( 'restrictionsfield-badip', $ip );
99 }
100 }
101 $this->ipAddresses = $restrictions['IPAddresses'];
102
103 if ( isset( $restrictions['Pages'] ) ) {
104 if ( !is_array( $restrictions['Pages'] ) ) {
105 throw new InvalidArgumentException( 'Pages is not an array of page names' );
106 }
107 foreach ( $restrictions['Pages'] as $page ) {
108 if ( !is_string( $page ) ) {
109 throw new InvalidArgumentException( "Pages contains non-string value: $page" );
110 }
111 }
112 $this->pages = $restrictions['Pages'];
113 }
114 }
115
120 public function toArray() {
121 $arr = [ 'IPAddresses' => $this->ipAddresses ];
122 if ( count( $this->pages ) ) {
123 $arr['Pages'] = $this->pages;
124 }
125 return $arr;
126 }
127
133 public function toJson( $pretty = false ) {
134 return FormatJson::encode( $this->toArray(), $pretty, FormatJson::ALL_OK );
135 }
136
137 public function __toString() {
138 return $this->toJson();
139 }
140
146 public function check( WebRequest $request ) {
147 $ok = [
148 'ip' => $this->checkIP( $request->getIP() ),
149 ];
150 $status = Status::newGood();
151 $status->setResult( $ok === array_filter( $ok ), $ok );
152 return $status;
153 }
154
162 public function userCan( LinkTarget $target ) {
163 if ( !$this->checkPage( $target ) ) {
164 return StatusValue::newFatal( 'session-page-restricted' );
165 }
166 return StatusValue::newGood();
167 }
168
174 public function checkIP( $ip ) {
175 $set = new IPSet( $this->ipAddresses );
176 return $set->match( $ip );
177 }
178
185 private function checkPage( LinkTarget $target ) {
186 if ( count( $this->pages ) === 0 ) {
187 return true;
188 }
189 $pagesNormalized = array_map( static function ( $titleText ) {
190 $title = Title::newFromText( $titleText );
191 return $title ? $title->getPrefixedText() : '';
192 }, $this->pages );
193 return in_array( Title::newFromLinkTarget( $target )->getPrefixedText(), $pagesNormalized, true );
194 }
195}
A class to check request restrictions expressed as a JSON object.
static newFromArray(array $restrictions)
static newFromJson( $json)
toArray()
Return the restrictions as an array.
checkIP( $ip)
Test if an IP address is allowed by the restrictions.
userCan(LinkTarget $target)
Test whether an action on the target is allowed by the restrictions.
check(WebRequest $request)
Test against the passed WebRequest.
StatusValue $validity
__construct(?array $restrictions=null)
toJson( $pretty=false)
Return the restrictions as a JSON string.
JSON formatter wrapper class.
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form,...
getIP()
Work out the IP address based on various globals For trusted proxies, use the XFF client IP (first of...
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition Status.php:54
Represents a title within MediaWiki.
Definition Title.php:78
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Represents the target of a wiki link.