master/php/RollbackAction_8php_source.html

<?php

namespace MediaWiki\Actions;


use MediaWiki\CommentFormatter\CommentFormatter;

use MediaWiki\Config\ConfigException;

use MediaWiki\Content\IContentHandlerFactory;

use MediaWiki\Context\IContextSource;

use MediaWiki\Deferred\DeferredUpdates;

use MediaWiki\Exception\BadRequestError;

use MediaWiki\Exception\ErrorPageError;

use MediaWiki\Exception\ReadOnlyError;

use MediaWiki\Exception\ThrottledError;

use MediaWiki\HTMLForm\HTMLForm;

use MediaWiki\Linker\Linker;

use MediaWiki\MainConfigNames;

use MediaWiki\MediaWikiServices;

use MediaWiki\Message\Message;

use MediaWiki\Page\Article;

use MediaWiki\Page\RollbackPageFactory;

use MediaWiki\Revision\RevisionRecord;

use MediaWiki\User\Options\UserOptionsLookup;

use MediaWiki\Watchlist\WatchlistManager;

use Profiler;


class RollbackAction extends FormAction {


    private IContentHandlerFactory $contentHandlerFactory;

    private RollbackPageFactory $rollbackPageFactory;

    private UserOptionsLookup $userOptionsLookup;

    private WatchlistManager $watchlistManager;

    private CommentFormatter $commentFormatter;


    public function __construct(

        Article $article,

        IContextSource $context,

        IContentHandlerFactory $contentHandlerFactory,

        RollbackPageFactory $rollbackPageFactory,

        UserOptionsLookup $userOptionsLookup,

        WatchlistManager $watchlistManager,

        CommentFormatter $commentFormatter

    ) {

        parent::__construct( $article, $context );

        $this->contentHandlerFactory = $contentHandlerFactory;

        $this->rollbackPageFactory = $rollbackPageFactory;

        $this->userOptionsLookup = $userOptionsLookup;

        $this->watchlistManager = $watchlistManager;

        $this->commentFormatter = $commentFormatter;

    }


    public function getName() {

        return 'rollback';

    }


    public function getRestriction() {

        return 'rollback';

    }


    protected function usesOOUI() {

        return true;

    }


    protected function getDescription() {

        return '';

    }


    public function doesWrites() {

        return true;

    }


    public function onSuccess() {

        return false;

    }


    public function onSubmit( $data ) {

        return false;

    }


    protected function alterForm( HTMLForm $form ) {

        $form->setWrapperLegendMsg( 'confirm-rollback-top' );

        $form->setSubmitTextMsg( 'confirm-rollback-button' );

        $form->setTokenSalt( 'rollback' );


        $from = $this->getRequest()->getVal( 'from' );

        if ( $from === null ) {

            throw new BadRequestError( 'rollbackfailed', 'rollback-missingparam' );

        }

        foreach ( [ 'from', 'bot', 'hidediff', 'summary', 'token' ] as $param ) {

            $val = $this->getRequest()->getVal( $param );

            if ( $val !== null ) {

                $form->addHiddenField( $param, $val );

            }

        }

    }


    public function show() {

        $this->setHeaders();

        // This will throw exceptions if there's a problem

        $this->checkCanExecute( $this->getUser() );


        if ( !$this->userOptionsLookup->getOption( $this->getUser(), 'showrollbackconfirmation' ) ||

            $this->getRequest()->wasPosted()

        ) {

            $this->handleRollbackRequest();

        } else {

            $this->showRollbackConfirmationForm();

        }

    }


    public function handleRollbackRequest() {

        $this->enableTransactionalTimelimit();

        $this->getOutput()->addModuleStyles( 'mediawiki.interface.helpers.styles' );


        $request = $this->getRequest();

        $user = $this->getUser();

        $from = $request->getVal( 'from' );

        $rev = $this->getWikiPage()->getRevisionRecord();

        if ( $from === null ) {

            throw new ErrorPageError( 'rollbackfailed', 'rollback-missingparam' );

        }

        if ( !$rev ) {

            throw new ErrorPageError( 'rollbackfailed', 'rollback-missingrevision' );

        }


        $revUser = $rev->getUser();

        $userText = $revUser ? $revUser->getName() : '';

        if ( $from !== $userText ) {

            throw new ErrorPageError( 'rollbackfailed', 'alreadyrolled', [

                $this->getTitle()->getPrefixedText(),

                wfEscapeWikiText( $from ),

                $userText

            ] );

        }


        if ( !$user->matchEditToken( $request->getVal( 'token' ), 'rollback' ) ) {

            throw new ErrorPageError( 'sessionfailure-title', 'sessionfailure' );

        }


        // The revision has the user suppressed, so the rollback has empty 'from',

        // so the check above would succeed in that case.

        // T307278 - Also check if the user has rights to view suppressed usernames

        if ( !$revUser ) {

            if ( $this->getAuthority()->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {

                $revUser = $rev->getUser( RevisionRecord::RAW );

            } else {

                $userFactory = MediaWikiServices::getInstance()->getUserFactory();

                $revUser = $userFactory->newFromName( $this->context->msg( 'rev-deleted-user' )->plain() );

            }

        }


        $rollbackResult = $this->rollbackPageFactory

            // @phan-suppress-next-line PhanTypeMismatchArgumentNullable use of raw avoids null here

            ->newRollbackPage( $this->getWikiPage(), $this->getAuthority(), $revUser )

            ->setSummary( $request->getText( 'summary' ) )

            ->markAsBot( $request->getBool( 'bot' ) )

            ->rollbackIfAllowed();

        $data = $rollbackResult->getValue();


        if ( $rollbackResult->hasMessage( 'actionthrottledtext' ) ) {

            throw new ThrottledError;

        }


        # NOTE: Permission errors already handled by Action::checkExecute.

        if ( $rollbackResult->hasMessage( 'readonlytext' ) ) {

            throw new ReadOnlyError;

        }


        if ( $rollbackResult->getMessages() ) {

            $this->getOutput()->setPageTitleMsg( $this->msg( 'rollbackfailed' ) );


            foreach ( $rollbackResult->getMessages() as $msg ) {

                $this->getOutput()->addWikiMsg( $msg );

            }


            if (

                ( $rollbackResult->hasMessage( 'alreadyrolled' ) || $rollbackResult->hasMessage( 'cantrollback' ) )

                && isset( $data['current-revision-record'] )

            ) {

                $current = $data['current-revision-record'];


                if ( $current->getComment() != null ) {

                    $this->getOutput()->addWikiMsg(

                        'editcomment',

                        Message::rawParam(

                            $this->commentFormatter

                                ->format( $current->getComment()->text )

                        )

                    );

                }

            }


            return;

        }


        $current = $data['current-revision-record'];

        $target = $data['target-revision-record'];

        $newId = $data['newid'];

        $this->getOutput()->setPageTitleMsg( $this->msg( 'actioncomplete' ) );

        $this->getOutput()->setRobotPolicy( 'noindex,nofollow' );


        $old = Linker::revUserTools( $current );

        $new = Linker::revUserTools( $target );


        $currentUser = $current->getUser( RevisionRecord::FOR_THIS_USER, $user );

        $targetUser = $target->getUser( RevisionRecord::FOR_THIS_USER, $user );

        $this->getOutput()->addHTML(

            $this->msg( 'rollback-success' )

                ->rawParams( $old, $new )

                ->params( $currentUser ? $currentUser->getName() : '' )

                ->params( $targetUser ? $targetUser->getName() : '' )

                ->parseAsBlock()

        );

        // Load the mediawiki.misc-authed-curate module, so that we can fire the JavaScript

        // postEdit hook on a successful rollback.

        $this->getOutput()->addModules( 'mediawiki.misc-authed-curate' );

        // Export a success flag to the frontend, so that the mediawiki.misc-authed-curate

        // ResourceLoader module can use this as an indicator to fire the postEdit hook.

        $this->getOutput()->addJsConfigVars( [

            'wgRollbackSuccess' => true,

            // Don't show an edit confirmation with mw.notify(), the rollback success page

            // is already a visual confirmation.

            'wgPostEditConfirmationDisabled' => true,

        ] );


        if ( $this->userOptionsLookup->getBoolOption( $user, 'watchrollback' ) ) {

            $this->watchlistManager->addWatchIgnoringRights( $user, $this->getTitle() );

        }


        $this->getOutput()->returnToMain( false, $this->getTitle() );


        if ( !$request->getBool( 'hidediff', false ) &&

            !$this->userOptionsLookup->getBoolOption( $this->getUser(), 'norollbackdiff' )

        ) {

            $contentModel = $current->getMainContentModel();

            $contentHandler = $this->contentHandlerFactory->getContentHandler( $contentModel );

            $de = $contentHandler->createDifferenceEngine(

                $this->getContext(),

                $current->getId(),

                $newId,

                0,

                true

            );

            $de->showDiff( '', '' );

        }

    }


    private function enableTransactionalTimelimit() {

        // If Rollbacks are made POST-only, use $this->useTransactionalTimeLimit()

        wfTransactionalTimeLimit();

        if ( !$this->getRequest()->wasPosted() ) {

            $fname = __METHOD__;

            $trxLimits = $this->context->getConfig()->get( MainConfigNames::TrxProfilerLimits );

            $trxProfiler = Profiler::instance()->getTransactionProfiler();

            $trxProfiler->redefineExpectations( $trxLimits['POST'], $fname );

            DeferredUpdates::addCallableUpdate( static function () use ( $trxProfiler, $trxLimits, $fname

            ) {

                $trxProfiler->redefineExpectations( $trxLimits['PostSend-POST'], $fname );

            } );

        }

    }


    private function showRollbackConfirmationForm() {

        $form = $this->getForm();

        if ( $form->show() ) {

            $this->onSuccess();

        }

    }


    protected function getFormFields() {

        return [

            'intro' => [

                'type' => 'info',

                'raw' => true,

                'default' => $this->msg( 'confirm-rollback-bottom' )->parse()

            ]

        ];

    }


}


class_alias( RollbackAction::class, 'RollbackAction' );

wfEscapeWikiText
wfEscapeWikiText( $input)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition GlobalFunctions.php:1096

wfTransactionalTimeLimit
wfTransactionalTimeLimit()
Raise the request time limit to $wgTransactionalTimeLimit.
Definition GlobalFunctions.php:1892

MediaWiki\Actions\Action\getContext
getContext()
Get the IContextSource in use here.
Definition Action.php:132

MediaWiki\Actions\Action\getWikiPage
getWikiPage()
Get a WikiPage object.
Definition Action.php:205

MediaWiki\Actions\Action\$context
IContextSource null $context
IContextSource if specified; otherwise we'll use the Context from the Page.
Definition Action.php:79

MediaWiki\Actions\Action\setHeaders
setHeaders()
Set output headers for noindexing etc.
Definition Action.php:420

MediaWiki\Actions\Action\getUser
getUser()
Shortcut to get the User being used for this instance.
Definition Action.php:166

MediaWiki\Actions\Action\msg
msg( $key,... $params)
Get a Message object with context set Parameters are the same as wfMessage()
Definition Action.php:240

MediaWiki\Actions\Action\checkCanExecute
checkCanExecute(User $user)
Checks if the given user (identified by an object) can perform this action.
Definition Action.php:340

MediaWiki\Actions\Action\getTitle
getTitle()
Shortcut to get the Title object from the page.
Definition Action.php:226

MediaWiki\Actions\Action\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition Action.php:146

MediaWiki\Actions\Action\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition Action.php:156

MediaWiki\Actions\Action\getAuthority
getAuthority()
Shortcut to get the Authority executing this instance.
Definition Action.php:176

MediaWiki\Actions\FormAction
An action which shows a form and does something based on the input from the form.
Definition FormAction.php:35

MediaWiki\Actions\FormAction\getForm
getForm()
Get the HTMLForm to control behavior.
Definition FormAction.php:86

MediaWiki\Actions\RollbackAction
User interface for the rollback action.
Definition RollbackAction.php:51

MediaWiki\Actions\RollbackAction\getRestriction
getRestriction()
Get the permission required to perform this action.
Definition RollbackAction.php:89

MediaWiki\Actions\RollbackAction\onSuccess
onSuccess()
Do something exciting on successful processing of the form.
Definition RollbackAction.php:105

MediaWiki\Actions\RollbackAction\handleRollbackRequest
handleRollbackRequest()
Definition RollbackAction.php:149

MediaWiki\Actions\RollbackAction\__construct
__construct(Article $article, IContextSource $context, IContentHandlerFactory $contentHandlerFactory, RollbackPageFactory $rollbackPageFactory, UserOptionsLookup $userOptionsLookup, WatchlistManager $watchlistManager, CommentFormatter $commentFormatter)
Definition RollbackAction.php:68

MediaWiki\Actions\RollbackAction\usesOOUI
usesOOUI()
Whether the form should use OOUI.
Definition RollbackAction.php:93

MediaWiki\Actions\RollbackAction\doesWrites
doesWrites()
Definition RollbackAction.php:101

MediaWiki\Actions\RollbackAction\show
show()
Definition RollbackAction.php:135

MediaWiki\Actions\RollbackAction\getDescription
getDescription()
Returns the description that goes below the <h1> element.
Definition RollbackAction.php:97

MediaWiki\Actions\RollbackAction\alterForm
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
Definition RollbackAction.php:113

MediaWiki\Actions\RollbackAction\getName
getName()
Return the name of the action this object responds to.
Definition RollbackAction.php:85

MediaWiki\Actions\RollbackAction\getFormFields
getFormFields()
Get an HTMLForm descriptor array.
Definition RollbackAction.php:318

MediaWiki\Actions\RollbackAction\onSubmit
onSubmit( $data)
Process the form on POST submission.
Definition RollbackAction.php:109

MediaWiki\CommentFormatter\CommentFormatter
This is the main service interface for converting single-line comments from various DB comment fields...
Definition CommentFormatter.php:17

MediaWiki\Config\ConfigException
Exceptions for config failures.
Definition ConfigException.php:33

MediaWiki\Deferred\DeferredUpdates
Defer callable updates to run later in the PHP process.
Definition DeferredUpdates.php:99

MediaWiki\Deferred\DeferredUpdates\addCallableUpdate
static addCallableUpdate( $callable, $stage=self::POSTSEND, $dependeeDbws=[])
Add an update to the pending update queue that invokes the specified callback when run.
Definition DeferredUpdates.php:174

MediaWiki\Exception\BadRequestError
An error page that emits an HTTP 400 Bad Request status code.
Definition BadRequestError.php:31

MediaWiki\Exception\ErrorPageError
An error page which can definitely be safely rendered using the OutputPage.
Definition ErrorPageError.php:35

MediaWiki\Exception\ReadOnlyError
Show an error when the wiki is locked/read-only and the user tries to do something that requires writ...
Definition ReadOnlyError.php:33

MediaWiki\Exception\ThrottledError
Show an error when the user hits a rate limit.
Definition ThrottledError.php:30

MediaWiki\HTMLForm\HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition HTMLForm.php:210

MediaWiki\HTMLForm\HTMLForm\setWrapperLegendMsg
setWrapperLegendMsg( $msg)
Prompt the whole form to be wrapped in a "<fieldset>", with this message as its "<legend>" element.
Definition HTMLForm.php:1759

MediaWiki\HTMLForm\HTMLForm\setTokenSalt
setTokenSalt( $salt)
Set the salt for the edit token.
Definition HTMLForm.php:1188

MediaWiki\HTMLForm\HTMLForm\addHiddenField
addHiddenField( $name, $value, array $attribs=[])
Add a hidden field to the output Array values are discarded for security reasons (per WebRequest::get...
Definition HTMLForm.php:1091

MediaWiki\HTMLForm\HTMLForm\setSubmitTextMsg
setSubmitTextMsg( $msg)
Set the text for the submit button to a message.
Definition HTMLForm.php:1550

MediaWiki\Linker\Linker
Some internal bits split of from Skin.php.
Definition Linker.php:62

MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:22

MediaWiki\MainConfigNames\TrxProfilerLimits
const TrxProfilerLimits
Name constant for the TrxProfilerLimits setting, for use with Config::get()
Definition MainConfigNames.php:3304

MediaWiki\MediaWikiServices
Service locator for MediaWiki core services.
Definition MediaWikiServices.php:250

MediaWiki\MediaWikiServices\getInstance
static getInstance()
Returns the global default instance of the top level service locator.
Definition MediaWikiServices.php:338

MediaWiki\Message\Message
The Message class deals with fetching and processing of interface message into a variety of formats.
Definition Message.php:157

MediaWiki\Message\Message\rawParam
static rawParam( $raw)
Definition Message.php:1235

MediaWiki\Page\Article
Legacy class representing an editable page and handling UI for some page actions.
Definition Article.php:76

MediaWiki\Revision\RevisionRecord
Page revision base class.
Definition RevisionRecord.php:49

MediaWiki\User\Options\UserOptionsLookup
Provides access to user options.
Definition UserOptionsLookup.php:31

MediaWiki\Watchlist\WatchlistManager
WatchlistManager service.
Definition WatchlistManager.php:49

Profiler
Profiler base class that defines the interface and some shared functionality.
Definition Profiler.php:37

Profiler\instance
static instance()
Definition Profiler.php:105

MediaWiki\Content\IContentHandlerFactory
Definition IContentHandlerFactory.php:10

MediaWiki\Context\IContextSource
Interface for objects which can provide a MediaWiki context on request.
Definition IContextSource.php:71

MediaWiki\Page\RollbackPageFactory
Service for page rollback actions.
Definition RollbackPageFactory.php:33

MediaWiki\Actions
Definition Action.php:22