X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fapi%2FApiMain.php;h=4068a50bb68191594369a3e54951c07999250219;hb=8a4b15aaf97172b9b07c9cab3091607d6997487c;hp=9e008304904cd05bcba341b3157176ea4a57b421;hpb=b171822dce3fb662ca96e8fd4be48581c4cd2533;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php
index 9e00830490..4068a50bb6 100644
--- a/includes/api/ApiMain.php
+++ b/includes/api/ApiMain.php
@@ -26,6 +26,8 @@
  */
 
 use MediaWiki\Logger\LoggerFactory;
+use MediaWiki\MediaWikiServices;
+use Wikimedia\Timestamp\TimestampException;
 
 /**
  * This is the main API class, used for both external and internal processing.
@@ -159,6 +161,7 @@ class ApiMain extends ApiBase {
 	private $mCacheMode = 'private';
 	private $mCacheControl = [];
 	private $mParamsUsed = [];
+	private $mParamsSensitive = [];
 
 	/** @var bool|null Cached return value from self::lacksSameOriginSecurity() */
 	private $lacksSameOriginSecurity = null;
@@ -543,7 +546,7 @@ class ApiMain extends ApiBase {
 			$runTime = microtime( true ) - $t;
 			$this->logRequest( $runTime );
 			if ( $this->mModule->isWriteMode() && $this->getRequest()->wasPosted() ) {
-				$this->getStats()->timing(
+				MediaWikiServices::getInstance()->getStatsdDataFactory()->timing(
 					'api.' . $this->mModule->getModuleName() . '.executeTiming', 1000 * $runTime
 				);
 			}
@@ -574,7 +577,7 @@ class ApiMain extends ApiBase {
 	 * @param Exception $e
 	 */
 	protected function handleException( Exception $e ) {
-		// Bug 63145: Rollback any open database transactions
+		// T65145: Rollback any open database transactions
 		if ( !( $e instanceof ApiUsageException || $e instanceof UsageException ) ) {
 			// UsageExceptions are intentional, so don't rollback if that's the case
 			try {
@@ -1227,6 +1230,35 @@ class ApiMain extends ApiBase {
 		return $module;
 	}
 
+	/**
+	 * @return array
+	 */
+	private function getMaxLag() {
+		$dbLag = MediaWikiServices::getInstance()->getDBLoadBalancer()->getMaxLag();
+		$lagInfo = [
+			'host' => $dbLag[0],
+			'lag' => $dbLag[1],
+			'type' => 'db'
+		];
+
+		$jobQueueLagFactor = $this->getConfig()->get( 'JobQueueIncludeInMaxLagFactor' );
+		if ( $jobQueueLagFactor ) {
+			// Turn total number of jobs into seconds by using the configured value
+			$totalJobs = array_sum( JobQueueGroup::singleton()->getQueueSizes() );
+			$jobQueueLag = $totalJobs / (float)$jobQueueLagFactor;
+			if ( $jobQueueLag > $lagInfo['lag'] ) {
+				$lagInfo = [
+					'host' => wfHostname(), // XXX: Is there a better value that could be used?
+					'lag' => $jobQueueLag,
+					'type' => 'jobqueue',
+					'jobs' => $totalJobs,
+				];
+			}
+		}
+
+		return $lagInfo;
+	}
+
 	/**
 	 * Check the max lag if necessary
 	 * @param ApiBase $module Api module being used
@@ -1236,18 +1268,22 @@ class ApiMain extends ApiBase {
 	protected function checkMaxLag( $module, $params ) {
 		if ( $module->shouldCheckMaxlag() && isset( $params['maxlag'] ) ) {
 			$maxLag = $params['maxlag'];
-			list( $host, $lag ) = wfGetLB()->getMaxLag();
-			if ( $lag > $maxLag ) {
+			$lagInfo = $this->getMaxLag();
+			if ( $lagInfo['lag'] > $maxLag ) {
 				$response = $this->getRequest()->response();
 
 				$response->header( 'Retry-After: ' . max( intval( $maxLag ), 5 ) );
-				$response->header( 'X-Database-Lag: ' . intval( $lag ) );
+				$response->header( 'X-Database-Lag: ' . intval( $lagInfo['lag'] ) );
 
 				if ( $this->getConfig()->get( 'ShowHostnames' ) ) {
-					$this->dieWithError( [ 'apierror-maxlag', $lag, $host ] );
+					$this->dieWithError(
+						[ 'apierror-maxlag', $lagInfo['lag'], $lagInfo['host'] ],
+						'maxlag',
+						$lagInfo
+					);
 				}
 
-				$this->dieWithError( [ 'apierror-maxlag-generic', $lag ], 'maxlag' );
+				$this->dieWithError( [ 'apierror-maxlag-generic', $lagInfo['lag'] ], 'maxlag', $lagInfo );
 			}
 		}
 
@@ -1600,13 +1636,17 @@ class ApiMain extends ApiBase {
 			" {$logCtx['ip']} " .
 			"T={$logCtx['timeSpentBackend']}ms";
 
+		$sensitive = array_flip( $this->getSensitiveParams() );
 		foreach ( $this->getParamsUsed() as $name ) {
 			$value = $request->getVal( $name );
 			if ( $value === null ) {
 				continue;
 			}
 
-			if ( strlen( $value ) > 256 ) {
+			if ( isset( $sensitive[$name] ) ) {
+				$value = '[redacted]';
+				$encValue = '[redacted]';
+			} elseif ( strlen( $value ) > 256 ) {
 				$value = substr( $value, 0, 256 );
 				$encValue = $this->encodeRequestLogValue( $value ) . '[...]';
 			} else {
@@ -1656,6 +1696,24 @@ class ApiMain extends ApiBase {
 		$this->mParamsUsed += array_fill_keys( (array)$params, true );
 	}
 
+	/**
+	 * Get the request parameters that should be considered sensitive
+	 * @since 1.29
+	 * @return array
+	 */
+	protected function getSensitiveParams() {
+		return array_keys( $this->mParamsSensitive );
+	}
+
+	/**
+	 * Mark parameters as sensitive
+	 * @since 1.29
+	 * @param string|string[] $params
+	 */
+	public function markParamsSensitive( $params ) {
+		$this->mParamsSensitive += array_fill_keys( (array)$params, true );
+	}
+
 	/**
 	 * Get a request value, and register the fact that it was used, for logging.
 	 * @param string $name
@@ -1668,7 +1726,7 @@ class ApiMain extends ApiBase {
 		$ret = $this->getRequest()->getVal( $name );
 		if ( $ret === null ) {
 			if ( $this->getRequest()->getArray( $name ) !== null ) {
-				// See bug 10262 for why we don't just implode( '|', ... ) the
+				// See T12262 for why we don't just implode( '|', ... ) the
 				// array.
 				$this->addWarning( [ 'apiwarn-unsupportedarray', $name ] );
 			}