summaryrefslogtreecommitdiff
path: root/www/wiki/extensions/AbuseFilter/includes/Views/AbuseFilterViewEdit.php
diff options
context:
space:
mode:
Diffstat (limited to 'www/wiki/extensions/AbuseFilter/includes/Views/AbuseFilterViewEdit.php')
-rw-r--r--www/wiki/extensions/AbuseFilter/includes/Views/AbuseFilterViewEdit.php1252
1 files changed, 1252 insertions, 0 deletions
diff --git a/www/wiki/extensions/AbuseFilter/includes/Views/AbuseFilterViewEdit.php b/www/wiki/extensions/AbuseFilter/includes/Views/AbuseFilterViewEdit.php
new file mode 100644
index 00000000..9f4db06e
--- /dev/null
+++ b/www/wiki/extensions/AbuseFilter/includes/Views/AbuseFilterViewEdit.php
@@ -0,0 +1,1252 @@
+<?php
+
+class AbuseFilterViewEdit extends AbuseFilterView {
+ /**
+ * @param SpecialAbuseFilter $page
+ * @param array $params
+ */
+ function __construct( $page, $params ) {
+ parent::__construct( $page, $params );
+ $this->mFilter = $page->mFilter;
+ $this->mHistoryID = $page->mHistoryID;
+ }
+
+ /**
+ * Check whether a filter is allowed to use a tag
+ *
+ * @param string $tag Tag name
+ * @return Status
+ */
+ protected function isAllowedTag( $tag ) {
+ $tagNameStatus = ChangeTags::isTagNameValid( $tag );
+
+ if ( !$tagNameStatus->isGood() ) {
+ return $tagNameStatus;
+ }
+
+ $finalStatus = Status::newGood();
+
+ $canAddStatus =
+ ChangeTags::canAddTagsAccompanyingChange(
+ [ $tag ]
+ );
+
+ if ( $canAddStatus->isGood() ) {
+ return $finalStatus;
+ }
+
+ $alreadyDefinedTags = [];
+ AbuseFilterHooks::onListDefinedTags( $alreadyDefinedTags );
+
+ if ( in_array( $tag, $alreadyDefinedTags, true ) ) {
+ return $finalStatus;
+ }
+
+ $canCreateTagStatus = ChangeTags::canCreateTag( $tag );
+ if ( $canCreateTagStatus->isGood() ) {
+ return $finalStatus;
+ }
+
+ $finalStatus->fatal( 'abusefilter-edit-bad-tags' );
+ return $finalStatus;
+ }
+
+ function show() {
+ $user = $this->getUser();
+ $out = $this->getOutput();
+ $request = $this->getRequest();
+ $out->setPageTitle( $this->msg( 'abusefilter-edit' ) );
+ $out->addHelpLink( 'Extension:AbuseFilter/Rules format' );
+
+ $filter = $this->mFilter;
+ $history_id = $this->mHistoryID;
+ if ( $this->mHistoryID ) {
+ $dbr = wfGetDB( DB_REPLICA );
+ $row = $dbr->selectRow(
+ 'abuse_filter_history',
+ 'afh_id',
+ [
+ 'afh_filter' => $filter,
+ ],
+ __METHOD__,
+ [ 'ORDER BY' => 'afh_timestamp DESC' ]
+ );
+ // change $history_id to null if it's current version id
+ if ( $row->afh_id === $this->mHistoryID ) {
+ $history_id = null;
+ }
+ }
+
+ // Add default warning messages
+ $this->exposeWarningMessages();
+
+ if ( $filter == 'new' && !$this->canEdit() ) {
+ $out->addWikiMsg( 'abusefilter-edit-notallowed' );
+ return;
+ }
+
+ $editToken = $request->getVal( 'wpEditToken' );
+ $tokenMatches = $user->matchEditToken(
+ $editToken, [ 'abusefilter', $filter ], $request );
+
+ if ( $tokenMatches && $this->canEdit() ) {
+ // Check syntax
+ $syntaxerr = AbuseFilter::checkSyntax( $request->getVal( 'wpFilterRules' ) );
+ if ( $syntaxerr !== true ) {
+ $out->addHTML(
+ $this->buildFilterEditor(
+ $this->msg(
+ 'abusefilter-edit-badsyntax',
+ [ $syntaxerr[0] ]
+ )->parseAsBlock(),
+ $filter, $history_id
+ )
+ );
+ return;
+ }
+ // Check for missing required fields (title and pattern)
+ $missing = [];
+ if ( !$request->getVal( 'wpFilterRules' ) ||
+ trim( $request->getVal( 'wpFilterRules' ) ) === '' ) {
+ $missing[] = $this->msg( 'abusefilter-edit-field-conditions' )->escaped();
+ }
+ if ( !$request->getVal( 'wpFilterDescription' ) ) {
+ $missing[] = $this->msg( 'abusefilter-edit-field-description' )->escaped();
+ }
+ if ( count( $missing ) !== 0 ) {
+ $missing = $this->getLanguage()->commaList( $missing );
+ $out->addHTML(
+ $this->buildFilterEditor(
+ $this->msg(
+ 'abusefilter-edit-missingfields',
+ $missing
+ )->parseAsBlock(),
+ $filter, $history_id
+ )
+ );
+ return;
+ }
+
+ $dbw = wfGetDB( DB_MASTER );
+
+ list( $newRow, $actions ) = $this->loadRequest( $filter );
+
+ $differences = AbuseFilter::compareVersions(
+ [ $newRow, $actions ],
+ [ $newRow->mOriginalRow, $newRow->mOriginalActions ]
+ );
+
+ // Don't allow adding a new global rule, or updating a
+ // rule that is currently global, without permissions.
+ if ( !$this->canEditFilter( $newRow ) || !$this->canEditFilter( $newRow->mOriginalRow ) ) {
+ $out->addWikiMsg( 'abusefilter-edit-notallowed-global' );
+ return;
+ }
+
+ // Don't allow custom messages on global rules
+ if ( $newRow->af_global == 1 &&
+ $request->getVal( 'wpFilterWarnMessage' ) !== 'abusefilter-warning'
+ ) {
+ $out->addWikiMsg( 'abusefilter-edit-notallowed-global-custom-msg' );
+ return;
+ }
+
+ $origActions = $newRow->mOriginalActions;
+ $wasGlobal = (bool)$newRow->mOriginalRow->af_global;
+
+ unset( $newRow->mOriginalRow );
+ unset( $newRow->mOriginalActions );
+
+ // Check for non-changes
+ if ( !count( $differences ) ) {
+ $out->redirect( $this->getTitle()->getLocalURL() );
+ return;
+ }
+
+ // Check for restricted actions
+ global $wgAbuseFilterRestrictions;
+ if ( count( array_intersect_key(
+ array_filter( $wgAbuseFilterRestrictions ),
+ array_merge(
+ array_filter( $actions ),
+ array_filter( $origActions )
+ )
+ ) )
+ && !$user->isAllowed( 'abusefilter-modify-restricted' )
+ ) {
+ $out->addHTML(
+ $this->buildFilterEditor(
+ $this->msg( 'abusefilter-edit-restricted' )->parseAsBlock(),
+ $this->mFilter,
+ $history_id
+ )
+ );
+ return;
+ }
+
+ // If we've activated the 'tag' option, check the arguments for validity.
+ if ( !empty( $actions['tag'] ) ) {
+ foreach ( $actions['tag']['parameters'] as $tag ) {
+ $status = $this->isAllowedTag( $tag );
+
+ if ( !$status->isGood() ) {
+ $out->addHTML(
+ $this->buildFilterEditor(
+ $status->getMessage()->parseAsBlock(),
+ $this->mFilter,
+ $history_id
+ )
+ );
+ return;
+ }
+ }
+ }
+
+ $newRow = get_object_vars( $newRow ); // Convert from object to array
+
+ // Set last modifier.
+ $newRow['af_timestamp'] = $dbw->timestamp( wfTimestampNow() );
+ $newRow['af_user'] = $user->getId();
+ $newRow['af_user_text'] = $user->getName();
+
+ $dbw->startAtomic( __METHOD__ );
+
+ // Insert MAIN row.
+ if ( $filter == 'new' ) {
+ $new_id = $dbw->nextSequenceValue( 'abuse_filter_af_id_seq' );
+ $is_new = true;
+ } else {
+ $new_id = $this->mFilter;
+ $is_new = false;
+ }
+
+ // Reset throttled marker, if we're re-enabling it.
+ $newRow['af_throttled'] = $newRow['af_throttled'] && !$newRow['af_enabled'];
+ $newRow['af_id'] = $new_id; // ID.
+
+ // T67807
+ // integer 1's & 0's might be better understood than booleans
+ $newRow['af_enabled'] = (int)$newRow['af_enabled'];
+ $newRow['af_hidden'] = (int)$newRow['af_hidden'];
+ $newRow['af_throttled'] = (int)$newRow['af_throttled'];
+ $newRow['af_deleted'] = (int)$newRow['af_deleted'];
+ $newRow['af_global'] = (int)$newRow['af_global'];
+
+ $dbw->replace( 'abuse_filter', [ 'af_id' ], $newRow, __METHOD__ );
+
+ if ( $is_new ) {
+ $new_id = $dbw->insertId();
+ }
+
+ // Actions
+ global $wgAbuseFilterActions;
+ $deadActions = [];
+ $actionsRows = [];
+ foreach ( array_filter( $wgAbuseFilterActions ) as $action => $_ ) {
+ // Check if it's set
+ $enabled = isset( $actions[$action] ) && (bool)$actions[$action];
+
+ if ( $enabled ) {
+ $parameters = $actions[$action]['parameters'];
+
+ $thisRow = [
+ 'afa_filter' => $new_id,
+ 'afa_consequence' => $action,
+ 'afa_parameters' => implode( "\n", $parameters )
+ ];
+ $actionsRows[] = $thisRow;
+ } else {
+ $deadActions[] = $action;
+ }
+ }
+
+ // Create a history row
+ $afh_row = [];
+
+ foreach ( AbuseFilter::$history_mappings as $af_col => $afh_col ) {
+ $afh_row[$afh_col] = $newRow[$af_col];
+ }
+
+ // Actions
+ $displayActions = [];
+ foreach ( $actions as $action ) {
+ $displayActions[$action['action']] = $action['parameters'];
+ }
+ $afh_row['afh_actions'] = serialize( $displayActions );
+
+ $afh_row['afh_changed_fields'] = implode( ',', $differences );
+
+ // Flags
+ $flags = [];
+ if ( $newRow['af_hidden'] ) {
+ $flags[] = 'hidden';
+ }
+ if ( $newRow['af_enabled'] ) {
+ $flags[] = 'enabled';
+ }
+ if ( $newRow['af_deleted'] ) {
+ $flags[] = 'deleted';
+ }
+ if ( $newRow['af_global'] ) {
+ $flags[] = 'global';
+ }
+
+ $afh_row['afh_flags'] = implode( ',', $flags );
+
+ $afh_row['afh_filter'] = $new_id;
+ $afh_row['afh_id'] = $dbw->nextSequenceValue( 'abuse_filter_af_id_seq' );
+
+ // Do the update
+ $dbw->insert( 'abuse_filter_history', $afh_row, __METHOD__ );
+ $history_id = $dbw->insertId();
+ if ( $filter != 'new' ) {
+ $dbw->delete(
+ 'abuse_filter_action',
+ [ 'afa_filter' => $filter ],
+ __METHOD__
+ );
+ }
+ $dbw->insert( 'abuse_filter_action', $actionsRows, __METHOD__ );
+
+ $dbw->endAtomic( __METHOD__ );
+
+ // Invalidate cache if this was a global rule
+ if ( $wasGlobal || $newRow['af_global'] ) {
+ $group = 'default';
+ if ( isset( $newRow['af_group'] ) && $newRow['af_group'] != '' ) {
+ $group = $newRow['af_group'];
+ }
+
+ $globalRulesKey = AbuseFilter::getGlobalRulesKey( $group );
+ ObjectCache::getMainWANInstance()->touchCheckKey( $globalRulesKey );
+ }
+
+ // Logging
+ $subtype = $filter === 'new' ? 'create' : 'modify';
+ $logEntry = new ManualLogEntry( 'abusefilter', $subtype );
+ $logEntry->setPerformer( $user );
+ $logEntry->setTarget( $this->getTitle( $new_id ) );
+ $logEntry->setParameters( [
+ 'historyId' => $history_id,
+ 'newId' => $new_id
+ ] );
+ $logid = $logEntry->insert();
+ $logEntry->publish( $logid );
+
+ // Purge the tag list cache so the fetchAllTags hook applies tag changes
+ if ( isset( $actions['tag'] ) ) {
+ AbuseFilterHooks::purgeTagCache();
+ }
+
+ AbuseFilter::resetFilterProfile( $new_id );
+
+ $out->redirect(
+ $this->getTitle()->getLocalURL(
+ [
+ 'result' => 'success',
+ 'changedfilter' => $new_id,
+ 'changeid' => $history_id,
+ ]
+ )
+ );
+ } else {
+ if ( $tokenMatches ) {
+ // lost rights meanwhile
+ $out->addWikiMsg( 'abusefilter-edit-notallowed' );
+ }
+
+ if ( $history_id ) {
+ $out->addWikiMsg(
+ 'abusefilter-edit-oldwarning', $history_id, $filter );
+ }
+
+ $out->addHTML( $this->buildFilterEditor( null, $filter, $history_id ) );
+
+ if ( $history_id ) {
+ $out->addWikiMsg(
+ 'abusefilter-edit-oldwarning', $history_id, $filter );
+ }
+ }
+ }
+
+ /**
+ * Builds the full form for edit filters.
+ * Loads data either from the database or from the HTTP request.
+ * The request takes precedence over the database
+ * @param string $error An error message to show above the filter box.
+ * @param int $filter The filter ID
+ * @param int $history_id The history ID of the filter, if applicable. Otherwise null
+ * @return bool|string False if there is a failure building the editor,
+ * otherwise the HTML text for the editor.
+ */
+ function buildFilterEditor( $error, $filter, $history_id = null ) {
+ if ( $filter === null ) {
+ return false;
+ }
+
+ // Build the edit form
+ $out = $this->getOutput();
+ $lang = $this->getLanguage();
+ $user = $this->getUser();
+
+ // Load from request OR database.
+ list( $row, $actions ) = $this->loadRequest( $filter, $history_id );
+
+ if ( !$row ) {
+ $out->addWikiMsg( 'abusefilter-edit-badfilter' );
+ $out->addHTML( $this->linkRenderer->makeLink( $this->getTitle(),
+ $this->msg( 'abusefilter-return' )->text() ) );
+ return false;
+ }
+
+ $out->addSubtitle( $this->msg(
+ $filter === 'new' ? 'abusefilter-edit-subtitle-new' : 'abusefilter-edit-subtitle',
+ $this->getLanguage()->formatNum( $filter ), $history_id
+ )->parse() );
+
+ // Hide hidden filters.
+ if ( ( ( isset( $row->af_hidden ) && $row->af_hidden ) ||
+ AbuseFilter::filterHidden( $filter ) )
+ && !$this->canViewPrivate() ) {
+ return $this->msg( 'abusefilter-edit-denied' )->escaped();
+ }
+
+ $output = '';
+ if ( $error ) {
+ $out->addHTML( "<span class=\"error\">$error</span>" );
+ }
+
+ // Read-only attribute
+ $readOnlyAttrib = [];
+ $cbReadOnlyAttrib = []; // For checkboxes
+
+ $styleAttrib = [ 'style' => 'width:95%' ];
+
+ if ( !$this->canEditFilter( $row ) ) {
+ $readOnlyAttrib['readonly'] = 'readonly';
+ $cbReadOnlyAttrib['disabled'] = 'disabled';
+ }
+
+ $fields = [];
+
+ $fields['abusefilter-edit-id'] =
+ $this->mFilter == 'new' ?
+ $this->msg( 'abusefilter-edit-new' )->escaped() :
+ $lang->formatNum( $filter );
+ $fields['abusefilter-edit-description'] =
+ Xml::input(
+ 'wpFilterDescription',
+ 45,
+ isset( $row->af_public_comments ) ? $row->af_public_comments : '',
+ array_merge( $readOnlyAttrib, $styleAttrib )
+ );
+
+ global $wgAbuseFilterValidGroups;
+ if ( count( $wgAbuseFilterValidGroups ) > 1 ) {
+ $groupSelector = new XmlSelect(
+ 'wpFilterGroup',
+ 'mw-abusefilter-edit-group-input',
+ 'default'
+ );
+
+ if ( isset( $row->af_group ) && $row->af_group ) {
+ $groupSelector->setDefault( $row->af_group );
+ }
+
+ foreach ( $wgAbuseFilterValidGroups as $group ) {
+ $groupSelector->addOption( AbuseFilter::nameGroup( $group ), $group );
+ }
+
+ if ( !empty( $readOnlyAttrib ) ) {
+ $groupSelector->setAttribute( 'disabled', 'disabled' );
+ }
+
+ $fields['abusefilter-edit-group'] = $groupSelector->getHTML();
+ }
+
+ // Hit count display
+ if ( !empty( $row->af_hit_count ) && $user->isAllowed( 'abusefilter-log-detail' ) ) {
+ $count_display = $this->msg( 'abusefilter-hitcount' )
+ ->numParams( (int)$row->af_hit_count )->text();
+ $hitCount = $this->linkRenderer->makeKnownLink(
+ SpecialPage::getTitleFor( 'AbuseLog' ),
+ $count_display,
+ [],
+ [ 'wpSearchFilter' => $row->af_id ]
+ );
+
+ $fields['abusefilter-edit-hitcount'] = $hitCount;
+ }
+
+ if ( $filter !== 'new' ) {
+ // Statistics
+ global $wgAbuseFilterProfile;
+ $stash = ObjectCache::getMainStashInstance();
+ $matches_count = (int)$stash->get( AbuseFilter::filterMatchesKey( $filter ) );
+ $total = (int)$stash->get( AbuseFilter::filterUsedKey( $row->af_group ) );
+
+ if ( $total > 0 ) {
+ $matches_percent = sprintf( '%.2f', 100 * $matches_count / $total );
+ if ( $wgAbuseFilterProfile ) {
+ list( $timeProfile, $condProfile ) = AbuseFilter::getFilterProfile( $filter );
+ $fields['abusefilter-edit-status-label'] = $this->msg( 'abusefilter-edit-status-profile' )
+ ->numParams( $total, $matches_count, $matches_percent, $timeProfile, $condProfile )
+ ->escaped();
+ } else {
+ $fields['abusefilter-edit-status-label'] = $this->msg( 'abusefilter-edit-status' )
+ ->numParams( $total, $matches_count, $matches_percent )
+ ->parse();
+ }
+ }
+ }
+
+ $fields['abusefilter-edit-rules'] = AbuseFilter::buildEditBox(
+ $row->af_pattern,
+ 'wpFilterRules',
+ true,
+ $this->canEditFilter( $row )
+ );
+ $fields['abusefilter-edit-notes'] = Xml::textarea(
+ 'wpFilterNotes',
+ ( isset( $row->af_comments ) ? $row->af_comments . "\n" : "\n" ),
+ 40, 15,
+ $readOnlyAttrib
+ );
+
+ // Build checkboxes
+ $checkboxes = [ 'hidden', 'enabled', 'deleted' ];
+ $flags = '';
+
+ global $wgAbuseFilterIsCentral;
+ if ( $wgAbuseFilterIsCentral ) {
+ $checkboxes[] = 'global';
+ }
+
+ if ( isset( $row->af_throttled ) && $row->af_throttled ) {
+ global $wgAbuseFilterRestrictions;
+
+ $filterActions = explode( ',', $row->af_actions );
+ $throttledActions = array_intersect_key(
+ array_flip( $filterActions ),
+ array_filter( $wgAbuseFilterRestrictions )
+ );
+
+ if ( $throttledActions ) {
+ $throttledActions = array_map(
+ function ( $filterAction ) {
+ return $this->msg( 'abusefilter-action-' . $filterAction )->text();
+ },
+ array_keys( $throttledActions )
+ );
+
+ $flags .= $out->parse(
+ Html::warningBox(
+ $this->msg( 'abusefilter-edit-throttled-warning' )
+ ->plaintextParams( $lang->commaList( $throttledActions ) )
+ ->escaped()
+ )
+ );
+ }
+ }
+
+ foreach ( $checkboxes as $checkboxId ) {
+ // Messages that can be used here:
+ // * abusefilter-edit-enabled
+ // * abusefilter-edit-deleted
+ // * abusefilter-edit-hidden
+ // * abusefilter-edit-global
+ $message = "abusefilter-edit-$checkboxId";
+ $dbField = "af_$checkboxId";
+ $postVar = 'wpFilter' . ucfirst( $checkboxId );
+
+ if ( $checkboxId == 'global' && !$this->canEditGlobal() ) {
+ $cbReadOnlyAttrib['disabled'] = 'disabled';
+ }
+
+ $checkbox = Xml::checkLabel(
+ $this->msg( $message )->text(),
+ $postVar,
+ $postVar,
+ isset( $row->$dbField ) ? $row->$dbField : false,
+ $cbReadOnlyAttrib
+ );
+ $checkbox = Xml::tags( 'p', null, $checkbox );
+ $flags .= $checkbox;
+ }
+
+ $fields['abusefilter-edit-flags'] = $flags;
+ $tools = '';
+
+ if ( $filter != 'new' ) {
+ if ( $user->isAllowed( 'abusefilter-revert' ) ) {
+ $tools .= Xml::tags(
+ 'p', null,
+ $this->linkRenderer->makeLink(
+ $this->getTitle( "revert/$filter" ),
+ new HtmlArmor( $this->msg( 'abusefilter-edit-revert' )->parse() )
+ )
+ );
+ }
+
+ if ( $this->canEdit() ) {
+ // Test link
+ $tools .= Xml::tags(
+ 'p', null,
+ $this->linkRenderer->makeLink(
+ $this->getTitle( "test/$filter" ),
+ new HtmlArmor( $this->msg( 'abusefilter-edit-test-link' )->parse() )
+ )
+ );
+ }
+ // Last modification details
+ $userLink =
+ Linker::userLink( $row->af_user, $row->af_user_text ) .
+ Linker::userToolLinks( $row->af_user, $row->af_user_text );
+ $userName = $row->af_user_text;
+ $fields['abusefilter-edit-lastmod'] =
+ $this->msg( 'abusefilter-edit-lastmod-text' )
+ ->rawParams(
+ $lang->timeanddate( $row->af_timestamp, true ),
+ $userLink,
+ $lang->date( $row->af_timestamp, true ),
+ $lang->time( $row->af_timestamp, true ),
+ $userName
+ )->parse();
+ $history_display = new HtmlArmor( $this->msg( 'abusefilter-edit-viewhistory' )->parse() );
+ $fields['abusefilter-edit-history'] =
+ $this->linkRenderer->makeKnownLink( $this->getTitle( 'history/' . $filter ), $history_display );
+ }
+
+ // Add export
+ $exportText = FormatJson::encode( [ 'row' => $row, 'actions' => $actions ] );
+ $tools .= Xml::tags( 'a', [ 'href' => '#', 'id' => 'mw-abusefilter-export-link' ],
+ $this->msg( 'abusefilter-edit-export' )->parse() );
+ $tools .= Xml::element( 'textarea',
+ [ 'readonly' => 'readonly', 'id' => 'mw-abusefilter-export' ],
+ $exportText
+ );
+
+ $fields['abusefilter-edit-tools'] = $tools;
+
+ $form = Xml::buildForm( $fields );
+ $form = Xml::fieldset( $this->msg( 'abusefilter-edit-main' )->text(), $form );
+ $form .= Xml::fieldset(
+ $this->msg( 'abusefilter-edit-consequences' )->text(),
+ $this->buildConsequenceEditor( $row, $actions )
+ );
+
+ if ( $this->canEditFilter( $row ) ) {
+ $form .= Xml::submitButton(
+ $this->msg( 'abusefilter-edit-save' )->text(),
+ [ 'accesskey' => 's' ]
+ );
+ $form .= Html::hidden(
+ 'wpEditToken',
+ $user->getEditToken( [ 'abusefilter', $filter ] )
+ );
+ }
+
+ $form = Xml::tags( 'form',
+ [
+ 'action' => $this->getTitle( $filter )->getFullURL(),
+ 'method' => 'post'
+ ],
+ $form
+ );
+
+ $output .= $form;
+
+ return $output;
+ }
+
+ /**
+ * Builds the "actions" editor for a given filter.
+ * @param stdClass $row A row from the abuse_filter table.
+ * @param array $actions Array of rows from the abuse_filter_action table
+ * corresponding to the abuse filter held in $row.
+ * @return HTML text for an action editor.
+ */
+ function buildConsequenceEditor( $row, $actions ) {
+ global $wgAbuseFilterActions;
+
+ $enabledActions = array_filter( $wgAbuseFilterActions );
+
+ $setActions = [];
+ foreach ( $enabledActions as $action => $_ ) {
+ $setActions[$action] = array_key_exists( $action, $actions );
+ }
+
+ $output = '';
+
+ foreach ( $enabledActions as $action => $_ ) {
+ MediaWiki\suppressWarnings();
+ $params = $actions[$action]['parameters'];
+ MediaWiki\restoreWarnings();
+ $output .= $this->buildConsequenceSelector(
+ $action, $setActions[$action], $params, $row );
+ }
+
+ return $output;
+ }
+
+ /**
+ * @param string $action The action to build an editor for
+ * @param bool $set Whether or not the action is activated
+ * @param array $parameters Action parameters
+ * @param stdClass $row abuse_filter row object
+ * @return string
+ */
+ function buildConsequenceSelector( $action, $set, $parameters, $row ) {
+ global $wgAbuseFilterActions, $wgMainCacheType;
+
+ if ( empty( $wgAbuseFilterActions[$action] ) ) {
+ return '';
+ }
+
+ $readOnlyAttrib = [];
+ $cbReadOnlyAttrib = []; // For checkboxes
+
+ if ( !$this->canEditFilter( $row ) ) {
+ $readOnlyAttrib['readonly'] = 'readonly';
+ $cbReadOnlyAttrib['disabled'] = 'disabled';
+ }
+
+ switch ( $action ) {
+ case 'throttle':
+ // Throttling is only available via object caching
+ if ( $wgMainCacheType === CACHE_NONE ) {
+ return '';
+ }
+ $throttleSettings = Xml::checkLabel(
+ $this->msg( 'abusefilter-edit-action-throttle' )->text(),
+ 'wpFilterActionThrottle',
+ "mw-abusefilter-action-checkbox-$action",
+ $set,
+ [ 'class' => 'mw-abusefilter-action-checkbox' ] + $cbReadOnlyAttrib );
+ $throttleFields = [];
+
+ if ( $set ) {
+ array_shift( $parameters );
+ $throttleRate = explode( ',', $parameters[0] );
+ $throttleCount = $throttleRate[0];
+ $throttlePeriod = $throttleRate[1];
+
+ $throttleGroups = implode( "\n", array_slice( $parameters, 1 ) );
+ } else {
+ $throttleCount = 3;
+ $throttlePeriod = 60;
+
+ $throttleGroups = "user\n";
+ }
+
+ $throttleFields['abusefilter-edit-throttle-count'] =
+ Xml::input( 'wpFilterThrottleCount', 20, $throttleCount, $readOnlyAttrib );
+ $throttleFields['abusefilter-edit-throttle-period'] =
+ $this->msg( 'abusefilter-edit-throttle-seconds' )
+ ->rawParams( Xml::input( 'wpFilterThrottlePeriod', 20, $throttlePeriod,
+ $readOnlyAttrib )
+ )->parse();
+ $throttleFields['abusefilter-edit-throttle-groups'] =
+ Xml::textarea( 'wpFilterThrottleGroups', $throttleGroups . "\n",
+ 40, 5, $readOnlyAttrib );
+ $throttleSettings .=
+ Xml::tags(
+ 'div',
+ [ 'id' => 'mw-abusefilter-throttle-parameters' ],
+ Xml::buildForm( $throttleFields )
+ );
+ return $throttleSettings;
+ case 'warn':
+ global $wgAbuseFilterDefaultWarningMessage;
+ $output = '';
+ $checkbox = Xml::checkLabel(
+ $this->msg( 'abusefilter-edit-action-warn' )->text(),
+ 'wpFilterActionWarn',
+ "mw-abusefilter-action-checkbox-$action",
+ $set,
+ [ 'class' => 'mw-abusefilter-action-checkbox' ] + $cbReadOnlyAttrib );
+ $output .= Xml::tags( 'p', null, $checkbox );
+ if ( $set ) {
+ $warnMsg = $parameters[0];
+ } elseif (
+ $row &&
+ isset( $row->af_group ) && $row->af_group &&
+ isset( $wgAbuseFilterDefaultWarningMessage[$row->af_group] )
+ ) {
+ $warnMsg = $wgAbuseFilterDefaultWarningMessage[$row->af_group];
+ } else {
+ $warnMsg = 'abusefilter-warning';
+ }
+
+ $warnFields['abusefilter-edit-warn-message'] =
+ $this->getExistingSelector( $warnMsg, !empty( $readOnlyAttrib ) );
+ $warnFields['abusefilter-edit-warn-other-label'] =
+ Xml::input(
+ 'wpFilterWarnMessageOther',
+ 45,
+ $warnMsg,
+ [ 'id' => 'mw-abusefilter-warn-message-other' ] + $cbReadOnlyAttrib
+ );
+
+ $previewButton = Xml::element(
+ 'input',
+ [
+ 'type' => 'button',
+ 'id' => 'mw-abusefilter-warn-preview-button',
+ 'value' => $this->msg( 'abusefilter-edit-warn-preview' )->text()
+ ]
+ );
+ $editButton = '';
+ if ( $this->getUser()->isAllowed( 'editinterface' ) ) {
+ $editButton .= ' ' . Xml::element(
+ 'input',
+ [
+ 'type' => 'button',
+ 'id' => 'mw-abusefilter-warn-edit-button',
+ 'value' => $this->msg( 'abusefilter-edit-warn-edit' )->text()
+ ]
+ );
+ }
+ $previewHolder = Xml::element(
+ 'div',
+ [ 'id' => 'mw-abusefilter-warn-preview' ], ''
+ );
+ $warnFields['abusefilter-edit-warn-actions'] =
+ Xml::tags( 'p', null, $previewButton . $editButton ) . "\n$previewHolder";
+ $output .=
+ Xml::tags(
+ 'div',
+ [ 'id' => 'mw-abusefilter-warn-parameters' ],
+ Xml::buildForm( $warnFields )
+ );
+ return $output;
+ case 'tag':
+ if ( $set ) {
+ $tags = $parameters;
+ } else {
+ $tags = [];
+ }
+ $output = '';
+
+ $checkbox = Xml::checkLabel(
+ $this->msg( 'abusefilter-edit-action-tag' )->text(),
+ 'wpFilterActionTag',
+ "mw-abusefilter-action-checkbox-$action",
+ $set,
+ [ 'class' => 'mw-abusefilter-action-checkbox' ] + $cbReadOnlyAttrib
+ );
+ $output .= Xml::tags( 'p', null, $checkbox );
+
+ $tagFields['abusefilter-edit-tag-tag'] =
+ Xml::textarea( 'wpFilterTags', implode( "\n", $tags ), 40, 5, $readOnlyAttrib );
+ $output .=
+ Xml::tags( 'div',
+ [ 'id' => 'mw-abusefilter-tag-parameters' ],
+ Xml::buildForm( $tagFields )
+ );
+ return $output;
+ case 'block':
+ global $wgBlockAllowsUTEdit, $wgAbuseFilterBlockDuration,
+ $wgAbuseFilterAnonBlockDuration;
+
+ if ( $set && count( $parameters ) === 3 ) {
+ // Both blocktalk and custom block durations available
+ $blockTalk = $parameters[0];
+ $defaultAnonDuration = $parameters[1];
+ $defaultUserDuration = $parameters[2];
+ } else {
+ if ( $set && count( $parameters ) === 1 ) {
+ // Only blocktalk available
+ $blockTalk = $parameters[0];
+ }
+ if ( $wgAbuseFilterAnonBlockDuration ) {
+ $defaultAnonDuration = $wgAbuseFilterAnonBlockDuration;
+ } else {
+ $defaultAnonDuration = $wgAbuseFilterBlockDuration;
+ }
+ $defaultUserDuration = $wgAbuseFilterBlockDuration;
+ }
+ $suggestedBlocks = SpecialBlock::getSuggestedDurations();
+ $suggestedBlocks = self::normalizeBlocks( $suggestedBlocks );
+
+ $output = '';
+ $checkbox = Xml::checkLabel(
+ $this->msg( 'abusefilter-edit-action-block' )->text(),
+ 'wpFilterActionBlock',
+ "mw-abusefilter-action-checkbox-block",
+ $set,
+ [ 'class' => 'mw-abusefilter-action-checkbox' ] + $cbReadOnlyAttrib );
+ $output .= Xml::tags( 'p', null, $checkbox );
+ if ( $wgBlockAllowsUTEdit === true ) {
+ $talkCheckbox =
+ Xml::checkLabel(
+ $this->msg( 'abusefilter-edit-action-blocktalk' )->text(),
+ 'wpFilterBlockTalk',
+ 'mw-abusefilter-action-checkbox-blocktalk',
+ isset( $blockTalk ) && $blockTalk == 'blocktalk',
+ [ 'class' => 'mw-abusefilter-action-checkbox' ] + $cbReadOnlyAttrib
+ );
+ }
+
+ $anonDuration = new XmlSelect(
+ 'wpBlockAnonDuration',
+ false,
+ 'default'
+ );
+ $anonDuration->addOptions( $suggestedBlocks );
+
+ $userDuration = new XmlSelect(
+ 'wpBlockUserDuration',
+ false,
+ 'default'
+ );
+ $userDuration->addOptions( $suggestedBlocks );
+
+ // Set defaults
+ $anonDuration->setDefault( $defaultAnonDuration );
+ $userDuration->setDefault( $defaultUserDuration );
+
+ if ( !$this->canEditFilter( $row ) ) {
+ $anonDuration->setAttribute( 'disabled', 'disabled' );
+ $userDuration->setAttribute( 'disabled', 'disabled' );
+ }
+
+ if ( $wgBlockAllowsUTEdit === true ) {
+ $durations['abusefilter-edit-block-options'] = $talkCheckbox;
+ }
+ $durations['abusefilter-edit-block-anon-durations'] = $anonDuration->getHTML();
+ $durations['abusefilter-edit-block-user-durations'] = $userDuration->getHTML();
+
+ $rawOutput = Xml::buildForm( $durations );
+
+ $output .= Xml::tags(
+ 'div',
+ [ 'id' => 'mw-abusefilter-block-parameters' ],
+ $rawOutput
+ );
+
+ return $output;
+
+ default:
+ // Give grep a chance to find the usages:
+ // abusefilter-edit-action-warn, abusefilter-edit-action-disallow
+ // abusefilter-edit-action-blockautopromote
+ // abusefilter-edit-action-degroup, abusefilter-edit-action-throttle
+ // abusefilter-edit-action-rangeblock, abusefilter-edit-action-tag
+ $message = 'abusefilter-edit-action-' . $action;
+ $form_field = 'wpFilterAction' . ucfirst( $action );
+ $status = $set;
+
+ $thisAction = Xml::checkLabel(
+ $this->msg( $message )->text(),
+ $form_field,
+ "mw-abusefilter-action-checkbox-$action",
+ $status,
+ [ 'class' => 'mw-abusefilter-action-checkbox' ] + $cbReadOnlyAttrib
+ );
+ $thisAction = Xml::tags( 'p', null, $thisAction );
+ return $thisAction;
+ }
+ }
+
+ /**
+ * @param string $warnMsg
+ * @param bool $readOnly
+ * @return string
+ */
+ function getExistingSelector( $warnMsg, $readOnly = false ) {
+ $existingSelector = new XmlSelect(
+ 'wpFilterWarnMessage',
+ 'mw-abusefilter-warn-message-existing',
+ $warnMsg == 'abusefilter-warning' ? 'abusefilter-warning' : 'other'
+ );
+
+ $existingSelector->addOption( 'abusefilter-warning' );
+
+ if ( $readOnly ) {
+ $existingSelector->setAttribute( 'disabled', 'disabled' );
+ } else {
+ // Find other messages.
+ $dbr = wfGetDB( DB_REPLICA );
+ $res = $dbr->select(
+ 'page',
+ [ 'page_title' ],
+ [
+ 'page_namespace' => 8,
+ 'page_title LIKE ' . $dbr->addQuotes( 'Abusefilter-warning%' )
+ ],
+ __METHOD__
+ );
+
+ $lang = $this->getLanguage();
+ foreach ( $res as $row ) {
+ if ( $lang->lcfirst( $row->page_title ) == $lang->lcfirst( $warnMsg ) ) {
+ $existingSelector->setDefault( $lang->lcfirst( $warnMsg ) );
+ }
+
+ if ( $row->page_title != 'Abusefilter-warning' ) {
+ $existingSelector->addOption( $lang->lcfirst( $row->page_title ) );
+ }
+ }
+ }
+
+ $existingSelector->addOption( $this->msg( 'abusefilter-edit-warn-other' )->text(), 'other' );
+
+ return $existingSelector->getHTML();
+ }
+
+ /**
+ * @ToDo: Maybe we should also check if global values belong to $durations
+ * and determine the right point to add them if missing.
+ *
+ * @param array $durations
+ * @return array
+ */
+ protected static function normalizeBlocks( $durations ) {
+ global $wgAbuseFilterBlockDuration, $wgAbuseFilterAnonBlockDuration;
+ // We need to have same values since it may happen that ipblocklist
+ // and one (or both) of the global variables use different wording
+ // for the same duration. In such case, when setting the default of
+ // the dropdowns it would fail.
+ foreach ( $durations as &$duration ) {
+ $currentDuration = SpecialBlock::parseExpiryInput( $duration );
+ $anonDuration = SpecialBlock::parseExpiryInput( $wgAbuseFilterAnonBlockDuration );
+ $userDuration = SpecialBlock::parseExpiryInput( $wgAbuseFilterBlockDuration );
+
+ if ( $duration !== $wgAbuseFilterBlockDuration &&
+ $currentDuration === $userDuration ) {
+ $duration = $wgAbuseFilterBlockDuration;
+
+ } elseif ( $duration !== $wgAbuseFilterAnonBlockDuration &&
+ $currentDuration === $anonDuration ) {
+ $duration = $wgAbuseFilterAnonBlockDuration;
+ }
+ }
+
+ return $durations;
+ }
+
+ /**
+ * Loads filter data from the database by ID.
+ * @param int $id The filter's ID number
+ * @return array|null Either an associative array representing the filter,
+ * or NULL if the filter does not exist.
+ */
+ function loadFilterData( $id ) {
+ if ( $id == 'new' ) {
+ $obj = new stdClass;
+ $obj->af_pattern = '';
+ $obj->af_enabled = 1;
+ $obj->af_hidden = 0;
+ $obj->af_global = 0;
+ $obj->af_throttled = 0;
+ return [ $obj, [] ];
+ }
+
+ // Load from master to avoid unintended reversions where there's replication lag.
+ $dbr = $this->getRequest()->wasPosted()
+ ? wfGetDB( DB_MASTER )
+ : wfGetDB( DB_REPLICA );
+
+ // Load certain fields only. This prevents a condition seen on Wikimedia where
+ // a schema change adding a new field caused that extra field to be selected.
+ // Since the selected row may be inserted back into the database, this will cause
+ // an SQL error if, say, one server has the updated schema but another does not.
+ $loadFields = [
+ 'af_id',
+ 'af_pattern',
+ 'af_user',
+ 'af_user_text',
+ 'af_timestamp',
+ 'af_enabled',
+ 'af_comments',
+ 'af_public_comments',
+ 'af_hidden',
+ 'af_hit_count',
+ 'af_throttled',
+ 'af_deleted',
+ 'af_actions',
+ 'af_global',
+ 'af_group',
+ ];
+
+ // Load the main row
+ $row = $dbr->selectRow( 'abuse_filter', $loadFields, [ 'af_id' => $id ], __METHOD__ );
+
+ if ( !isset( $row ) || !isset( $row->af_id ) || !$row->af_id ) {
+ return null;
+ }
+
+ // Load the actions
+ $actions = [];
+ $res = $dbr->select( 'abuse_filter_action',
+ '*',
+ [ 'afa_filter' => $id ],
+ __METHOD__
+ );
+
+ foreach ( $res as $actionRow ) {
+ $thisAction = [];
+ $thisAction['action'] = $actionRow->afa_consequence;
+ $thisAction['parameters'] = array_filter( explode( "\n", $actionRow->afa_parameters ) );
+
+ $actions[$actionRow->afa_consequence] = $thisAction;
+ }
+
+ return [ $row, $actions ];
+ }
+
+ /**
+ * Load filter data to show in the edit view.
+ * Either from the HTTP request or from the filter/history_id given.
+ * The HTTP request always takes precedence.
+ * Includes caching.
+ * @param int $filter The filter ID being requested.
+ * @param int $history_id If any, the history ID being requested.
+ * @return Array with filter data if available, otherwise null.
+ * The first element contains the abuse_filter database row,
+ * the second element is an array of related abuse_filter_action rows.
+ */
+ function loadRequest( $filter, $history_id = null ) {
+ static $row = null;
+ static $actions = null;
+ $request = $this->getRequest();
+
+ if ( !is_null( $actions ) && !is_null( $row ) ) {
+ return [ $row, $actions ];
+ } elseif ( $request->wasPosted() ) {
+ # Nothing, we do it all later
+ } elseif ( $history_id ) {
+ return $this->loadHistoryItem( $history_id );
+ } else {
+ return $this->loadFilterData( $filter );
+ }
+
+ // We need some details like last editor
+ list( $row, $origActions ) = $this->loadFilterData( $filter );
+
+ $row->mOriginalRow = clone $row;
+ $row->mOriginalActions = $origActions;
+
+ // Check for importing
+ $import = $request->getVal( 'wpImportText' );
+ if ( $import ) {
+ $data = FormatJson::decode( $import );
+
+ $importRow = $data->row;
+ $actions = wfObjectToArray( $data->actions );
+
+ $copy = [
+ 'af_public_comments',
+ 'af_pattern',
+ 'af_comments',
+ 'af_deleted',
+ 'af_enabled',
+ 'af_hidden',
+ ];
+
+ foreach ( $copy as $name ) {
+ $row->$name = $importRow->$name;
+ }
+ } else {
+ $textLoads = [
+ 'af_public_comments' => 'wpFilterDescription',
+ 'af_pattern' => 'wpFilterRules',
+ 'af_comments' => 'wpFilterNotes',
+ ];
+
+ foreach ( $textLoads as $col => $field ) {
+ $row->$col = trim( $request->getVal( $field ) );
+ }
+
+ $row->af_group = $request->getVal( 'wpFilterGroup', 'default' );
+
+ $row->af_deleted = $request->getBool( 'wpFilterDeleted' );
+ $row->af_enabled = $request->getBool( 'wpFilterEnabled' ) && !$row->af_deleted;
+ $row->af_hidden = $request->getBool( 'wpFilterHidden' );
+ global $wgAbuseFilterIsCentral;
+ $row->af_global = $request->getBool( 'wpFilterGlobal' ) && $wgAbuseFilterIsCentral;
+
+ // Actions
+ global $wgAbuseFilterActions;
+ $actions = [];
+ foreach ( array_filter( $wgAbuseFilterActions ) as $action => $_ ) {
+ // Check if it's set
+ $enabled = $request->getBool( 'wpFilterAction' . ucfirst( $action ) );
+
+ if ( $enabled ) {
+ $parameters = [];
+
+ if ( $action == 'throttle' ) {
+ // We need to load the parameters
+ $throttleCount = $request->getIntOrNull( 'wpFilterThrottleCount' );
+ $throttlePeriod = $request->getIntOrNull( 'wpFilterThrottlePeriod' );
+ $throttleGroups = explode( "\n",
+ trim( $request->getText( 'wpFilterThrottleGroups' ) ) );
+
+ $parameters[0] = $this->mFilter; // For now, anyway
+ $parameters[1] = "$throttleCount,$throttlePeriod";
+ $parameters = array_merge( $parameters, $throttleGroups );
+ } elseif ( $action == 'warn' ) {
+ $specMsg = $request->getVal( 'wpFilterWarnMessage' );
+
+ if ( $specMsg == 'other' ) {
+ $specMsg = $request->getVal( 'wpFilterWarnMessageOther' );
+ }
+
+ $parameters[0] = $specMsg;
+ } elseif ( $action == 'block' ) {
+ $parameters[0] = $request->getCheck( 'wpFilterBlockTalk' ) ?
+ 'blocktalk' : 'noTalkBlockSet';
+ $parameters[1] = $request->getVal( 'wpBlockAnonDuration' );
+ $parameters[2] = $request->getVal( 'wpBlockUserDuration' );
+ } elseif ( $action == 'tag' ) {
+ $parameters = explode( "\n", trim( $request->getText( 'wpFilterTags' ) ) );
+ }
+
+ $thisAction = [ 'action' => $action, 'parameters' => $parameters ];
+ $actions[$action] = $thisAction;
+ }
+ }
+ }
+
+ $row->af_actions = implode( ',', array_keys( array_filter( $actions ) ) );
+
+ return [ $row, $actions ];
+ }
+
+ /**
+ * Loads historical data in a form that the editor can understand.
+ * @param int $id History ID
+ * @return array|bool False if the history ID is not valid, otherwise array in the usual format:
+ * First element contains the abuse_filter row (as it was).
+ * Second element contains an array of abuse_filter_action rows.
+ */
+ function loadHistoryItem( $id ) {
+ $dbr = wfGetDB( DB_REPLICA );
+
+ // Load the row.
+ $row = $dbr->selectRow( 'abuse_filter_history',
+ '*',
+ [ 'afh_id' => $id ],
+ __METHOD__
+ );
+
+ if ( !$row ) {
+ return false;
+ }
+
+ return AbuseFilter::translateFromHistory( $row );
+ }
+
+ /**
+ * @return null
+ */
+ protected function exposeWarningMessages() {
+ global $wgOut, $wgAbuseFilterDefaultWarningMessage;
+ $wgOut->addJsConfigVars(
+ 'wgAbuseFilterDefaultWarningMessage',
+ $wgAbuseFilterDefaultWarningMessage
+ );
+ }
+}
generated by cgit v1.2.1 (git 2.18.0) at 2024-04-23 11:43:33 +0000