MediaWiki master
MWRestrictions.php
Go to the documentation of this file.
1<?php
8namespace MediaWiki\Utils;
9
10use InvalidArgumentException;
11use MediaWiki\Json\FormatJson;
12use MediaWiki\Linker\LinkTarget;
13use MediaWiki\Request\WebRequest;
14use MediaWiki\Status\Status;
15use MediaWiki\Title\Title;
16use StatusValue;
17use Stringable;
18use Wikimedia\IPSet;
19use Wikimedia\IPUtils;
20
24class MWRestrictions implements Stringable {
25
27 private $ipAddresses = [ '0.0.0.0/0', '::/0' ];
28
30 private $pages = [];
31
32 public StatusValue $validity;
33
38 protected function __construct( ?array $restrictions = null ) {
39 $this->validity = StatusValue::newGood();
40 if ( $restrictions !== null ) {
41 $this->loadFromArray( $restrictions );
42 }
43 }
44
48 public static function newDefault() {
49 return new self();
50 }
51
57 public static function newFromArray( array $restrictions ) {
58 return new self( $restrictions );
59 }
60
66 public static function newFromJson( $json ) {
67 $restrictions = FormatJson::decode( $json, true );
68 if ( !is_array( $restrictions ) ) {
69 throw new InvalidArgumentException( 'Invalid restrictions JSON' );
70 }
71 return new self( $restrictions );
72 }
73
74 private function loadFromArray( array $restrictions ) {
75 static $neededKeys = [ 'IPAddresses' ];
76
77 $keys = array_keys( $restrictions );
78 $missingKeys = array_diff( $neededKeys, $keys );
79 if ( $missingKeys ) {
80 throw new InvalidArgumentException(
81 'Array is missing required keys: ' . implode( ', ', $missingKeys )
82 );
83 }
84
85 if ( !is_array( $restrictions['IPAddresses'] ) ) {
86 throw new InvalidArgumentException( 'IPAddresses is not an array' );
87 }
88 foreach ( $restrictions['IPAddresses'] as $ip ) {
89 if ( !IPUtils::isIPAddress( $ip ) ) {
90 $this->validity->fatal( 'restrictionsfield-badip', $ip );
91 }
92 }
93 $this->ipAddresses = $restrictions['IPAddresses'];
94
95 if ( isset( $restrictions['Pages'] ) ) {
96 if ( !is_array( $restrictions['Pages'] ) ) {
97 throw new InvalidArgumentException( 'Pages is not an array of page names' );
98 }
99 foreach ( $restrictions['Pages'] as $page ) {
100 if ( !is_string( $page ) ) {
101 throw new InvalidArgumentException( "Pages contains non-string value: $page" );
102 }
103 }
104 $this->pages = $restrictions['Pages'];
105 }
106 }
107
112 public function toArray() {
113 $arr = [ 'IPAddresses' => $this->ipAddresses ];
114 if ( count( $this->pages ) ) {
115 $arr['Pages'] = $this->pages;
116 }
117 return $arr;
118 }
119
125 public function toJson( $pretty = false ) {
126 return FormatJson::encode( $this->toArray(), $pretty, FormatJson::ALL_OK );
127 }
128
129 public function __toString() {
130 return $this->toJson();
131 }
132
138 public function check( WebRequest $request ) {
139 $ok = [
140 'ip' => $this->checkIP( $request->getIP() ),
141 ];
142 $status = Status::newGood();
143 $status->setResult( $ok === array_filter( $ok ), $ok );
144 return $status;
145 }
146
154 public function userCan( LinkTarget $target ) {
155 if ( !$this->checkPage( $target ) ) {
156 return StatusValue::newFatal( 'session-page-restricted' );
157 }
158 return StatusValue::newGood();
159 }
160
166 public function checkIP( $ip ) {
167 $set = new IPSet( $this->ipAddresses );
168 return $set->match( $ip );
169 }
170
177 private function checkPage( LinkTarget $target ) {
178 if ( count( $this->pages ) === 0 ) {
179 return true;
180 }
181 $pagesNormalized = array_map( static function ( $titleText ) {
182 $title = Title::newFromText( $titleText );
183 return $title ? $title->getPrefixedText() : '';
184 }, $this->pages );
185 return in_array( Title::newFromLinkTarget( $target )->getPrefixedText(), $pagesNormalized, true );
186 }
187}
188
190class_alias( MWRestrictions::class, 'MWRestrictions' );
MediaWiki\Json\FormatJson
JSON formatter wrapper class.
Definition FormatJson.php:17
MediaWiki\Request\WebRequest
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form,...
Definition WebRequest.php:40
MediaWiki\Request\WebRequest\getIP
getIP()
Work out the IP address based on various globals For trusted proxies, use the XFF client IP (first of...
Definition WebRequest.php:1297
MediaWiki\Status\Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition Status.php:44
MediaWiki\Title\Title
Represents a title within MediaWiki.
Definition Title.php:69
MediaWiki\Utils\MWRestrictions
A class to check request restrictions expressed as a JSON object.
Definition MWRestrictions.php:24
MediaWiki\Utils\MWRestrictions\toJson
toJson( $pretty=false)
Return the restrictions as a JSON string.
Definition MWRestrictions.php:125
MediaWiki\Utils\MWRestrictions\__construct
__construct(?array $restrictions=null)
Definition MWRestrictions.php:38
MediaWiki\Utils\MWRestrictions\toArray
toArray()
Return the restrictions as an array.
Definition MWRestrictions.php:112
MediaWiki\Utils\MWRestrictions\check
check(WebRequest $request)
Test against the passed WebRequest.
Definition MWRestrictions.php:138
MediaWiki\Utils\MWRestrictions\userCan
userCan(LinkTarget $target)
Test whether an action on the target is allowed by the restrictions.
Definition MWRestrictions.php:154
MediaWiki\Utils\MWRestrictions\newFromArray
static newFromArray(array $restrictions)
Definition MWRestrictions.php:57
MediaWiki\Utils\MWRestrictions\checkIP
checkIP( $ip)
Test if an IP address is allowed by the restrictions.
Definition MWRestrictions.php:166
StatusValue
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition StatusValue.php:41
MediaWiki\Linker\LinkTarget
Represents the target of a wiki link.
Definition LinkTarget.php:19
MediaWiki\Utils
Copyright (C) 2017 Kunal Mehta legoktm@debian.org
Definition BatchRowIterator.php:3