dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "EditPage: Don't set 'hookaborted' error if the hook set a better error"
[lhc/web/wiklou.git] / includes / api / ApiQueryDeletedrevs.php
1 <?php
2 /**
3 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 use MediaWiki\MediaWikiServices;
24 use MediaWiki\Storage\NameTableAccessException;
25 use MediaWiki\Storage\RevisionRecord;
26
27 /**
28 * Query module to enumerate all deleted revisions.
29 *
30 * @ingroup API
31 * @deprecated since 1.25
32 */
33 class ApiQueryDeletedrevs extends ApiQueryBase {
34
35 public function __construct( ApiQuery $query, $moduleName ) {
36 parent::__construct( $query, $moduleName, 'dr' );
37 }
38
39 public function execute() {
40 // Before doing anything at all, let's check permissions
41 $this->checkUserRightsAny( 'deletedhistory' );
42
43 $this->addDeprecation( 'apiwarn-deprecation-deletedrevs', 'action=query&list=deletedrevs' );
44
45 $user = $this->getUser();
46 $db = $this->getDB();
47 $commentStore = CommentStore::getStore();
48 $params = $this->extractRequestParams( false );
49 $prop = array_flip( $params['prop'] );
50 $fld_parentid = isset( $prop['parentid'] );
51 $fld_revid = isset( $prop['revid'] );
52 $fld_user = isset( $prop['user'] );
53 $fld_userid = isset( $prop['userid'] );
54 $fld_comment = isset( $prop['comment'] );
55 $fld_parsedcomment = isset( $prop['parsedcomment'] );
56 $fld_minor = isset( $prop['minor'] );
57 $fld_len = isset( $prop['len'] );
58 $fld_sha1 = isset( $prop['sha1'] );
59 $fld_content = isset( $prop['content'] );
60 $fld_token = isset( $prop['token'] );
61 $fld_tags = isset( $prop['tags'] );
62
63 // If we're in a mode that breaks the same-origin policy, no tokens can
64 // be obtained
65 if ( $this->lacksSameOriginSecurity() ) {
66 $fld_token = false;
67 }
68
69 // If user can't undelete, no tokens
70 if ( !$this->getPermissionManager()->userHasRight( $user, 'undelete' ) ) {
71 $fld_token = false;
72 }
73
74 $result = $this->getResult();
75 $pageSet = $this->getPageSet();
76 $titles = $pageSet->getTitles();
77
78 // This module operates in three modes:
79 // 'revs': List deleted revs for certain titles (1)
80 // 'user': List deleted revs by a certain user (2)
81 // 'all': List all deleted revs in NS (3)
82 $mode = 'all';
83 if ( count( $titles ) > 0 ) {
84 $mode = 'revs';
85 } elseif ( !is_null( $params['user'] ) ) {
86 $mode = 'user';
87 }
88
89 if ( $mode == 'revs' || $mode == 'user' ) {
90 // Ignore namespace and unique due to inability to know whether they were purposely set
91 foreach ( [ 'from', 'to', 'prefix', /*'namespace', 'unique'*/ ] as $p ) {
92 if ( !is_null( $params[$p] ) ) {
93 $this->dieWithError( [ 'apierror-deletedrevs-param-not-1-2', $p ], 'badparams' );
94 }
95 }
96 } else {
97 foreach ( [ 'start', 'end' ] as $p ) {
98 if ( !is_null( $params[$p] ) ) {
99 $this->dieWithError( [ 'apierror-deletedrevs-param-not-3', $p ], 'badparams' );
100 }
101 }
102 }
103
104 if ( !is_null( $params['user'] ) && !is_null( $params['excludeuser'] ) ) {
105 $this->dieWithError( 'user and excludeuser cannot be used together', 'badparams' );
106 }
107
108 $revisionStore = MediaWikiServices::getInstance()->getRevisionStore();
109 $arQuery = $revisionStore->getArchiveQueryInfo();
110 $this->addTables( $arQuery['tables'] );
111 $this->addFields( $arQuery['fields'] );
112 $this->addJoinConds( $arQuery['joins'] );
113 $this->addFields( [ 'ar_title', 'ar_namespace' ] );
114
115 if ( $fld_tags ) {
116 $this->addFields( [ 'ts_tags' => ChangeTags::makeTagSummarySubquery( 'archive' ) ] );
117 }
118
119 if ( !is_null( $params['tag'] ) ) {
120 $this->addTables( 'change_tag' );
121 $this->addJoinConds(
122 [ 'change_tag' => [ 'JOIN', [ 'ar_rev_id=ct_rev_id' ] ] ]
123 );
124 $changeTagDefStore = MediaWikiServices::getInstance()->getChangeTagDefStore();
125 try {
126 $this->addWhereFld( 'ct_tag_id', $changeTagDefStore->getId( $params['tag'] ) );
127 } catch ( NameTableAccessException $exception ) {
128 // Return nothing.
129 $this->addWhere( '1=0' );
130 }
131 }
132
133 // This means stricter restrictions
134 if ( $fld_content ) {
135 $this->checkUserRightsAny( [ 'deletedtext', 'undelete' ] );
136 }
137 // Check limits
138 $userMax = $fld_content ? ApiBase::LIMIT_SML1 : ApiBase::LIMIT_BIG1;
139 $botMax = $fld_content ? ApiBase::LIMIT_SML2 : ApiBase::LIMIT_BIG2;
140
141 $limit = $params['limit'];
142
143 if ( $limit == 'max' ) {
144 $limit = $this->getMain()->canApiHighLimits() ? $botMax : $userMax;
145 $this->getResult()->addParsedLimit( $this->getModuleName(), $limit );
146 }
147
148 $this->validateLimit( 'limit', $limit, 1, $userMax, $botMax );
149
150 if ( $fld_token ) {
151 // Undelete tokens are identical for all pages, so we cache one here
152 $token = $user->getEditToken( '', $this->getMain()->getRequest() );
153 }
154
155 $dir = $params['dir'];
156
157 // We need a custom WHERE clause that matches all titles.
158 if ( $mode == 'revs' ) {
159 $lb = new LinkBatch( $titles );
160 $where = $lb->constructSet( 'ar', $db );
161 $this->addWhere( $where );
162 } elseif ( $mode == 'all' ) {
163 $this->addWhereFld( 'ar_namespace', $params['namespace'] );
164
165 $from = $params['from'] === null
166 ? null
167 : $this->titlePartToKey( $params['from'], $params['namespace'] );
168 $to = $params['to'] === null
169 ? null
170 : $this->titlePartToKey( $params['to'], $params['namespace'] );
171 $this->addWhereRange( 'ar_title', $dir, $from, $to );
172
173 if ( isset( $params['prefix'] ) ) {
174 $this->addWhere( 'ar_title' . $db->buildLike(
175 $this->titlePartToKey( $params['prefix'], $params['namespace'] ),
176 $db->anyString() ) );
177 }
178 }
179
180 if ( !is_null( $params['user'] ) ) {
181 // Don't query by user ID here, it might be able to use the ar_usertext_timestamp index.
182 $actorQuery = ActorMigration::newMigration()
183 ->getWhere( $db, 'ar_user', User::newFromName( $params['user'], false ), false );
184 $this->addTables( $actorQuery['tables'] );
185 $this->addJoinConds( $actorQuery['joins'] );
186 $this->addWhere( $actorQuery['conds'] );
187 } elseif ( !is_null( $params['excludeuser'] ) ) {
188 // Here there's no chance of using ar_usertext_timestamp.
189 $actorQuery = ActorMigration::newMigration()
190 ->getWhere( $db, 'ar_user', User::newFromName( $params['excludeuser'], false ) );
191 $this->addTables( $actorQuery['tables'] );
192 $this->addJoinConds( $actorQuery['joins'] );
193 $this->addWhere( 'NOT(' . $actorQuery['conds'] . ')' );
194 }
195
196 if ( !is_null( $params['user'] ) || !is_null( $params['excludeuser'] ) ) {
197 // Paranoia: avoid brute force searches (T19342)
198 // (shouldn't be able to get here without 'deletedhistory', but
199 // check it again just in case)
200 if ( !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) ) {
201 $bitmask = RevisionRecord::DELETED_USER;
202 } elseif ( !$this->getPermissionManager()
203 ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
204 ) {
205 $bitmask = RevisionRecord::DELETED_USER | RevisionRecord::DELETED_RESTRICTED;
206 } else {
207 $bitmask = 0;
208 }
209 if ( $bitmask ) {
210 $this->addWhere( $db->bitAnd( 'ar_deleted', $bitmask ) . " != $bitmask" );
211 }
212 }
213
214 if ( !is_null( $params['continue'] ) ) {
215 $cont = explode( '|', $params['continue'] );
216 $op = ( $dir == 'newer' ? '>' : '<' );
217 if ( $mode == 'all' || $mode == 'revs' ) {
218 $this->dieContinueUsageIf( count( $cont ) != 4 );
219 $ns = (int)$cont[0];
220 $this->dieContinueUsageIf( strval( $ns ) !== $cont[0] );
221 $title = $db->addQuotes( $cont[1] );
222 $ts = $db->addQuotes( $db->timestamp( $cont[2] ) );
223 $ar_id = (int)$cont[3];
224 $this->dieContinueUsageIf( strval( $ar_id ) !== $cont[3] );
225 $this->addWhere( "ar_namespace $op $ns OR " .
226 "(ar_namespace = $ns AND " .
227 "(ar_title $op $title OR " .
228 "(ar_title = $title AND " .
229 "(ar_timestamp $op $ts OR " .
230 "(ar_timestamp = $ts AND " .
231 "ar_id $op= $ar_id)))))" );
232 } else {
233 $this->dieContinueUsageIf( count( $cont ) != 2 );
234 $ts = $db->addQuotes( $db->timestamp( $cont[0] ) );
235 $ar_id = (int)$cont[1];
236 $this->dieContinueUsageIf( strval( $ar_id ) !== $cont[1] );
237 $this->addWhere( "ar_timestamp $op $ts OR " .
238 "(ar_timestamp = $ts AND " .
239 "ar_id $op= $ar_id)" );
240 }
241 }
242
243 $this->addOption( 'LIMIT', $limit + 1 );
244 if ( $mode == 'all' ) {
245 if ( $params['unique'] ) {
246 // @todo Does this work on non-MySQL?
247 $this->addOption( 'GROUP BY', 'ar_title' );
248 } else {
249 $sort = ( $dir == 'newer' ? '' : ' DESC' );
250 $this->addOption( 'ORDER BY', [
251 'ar_title' . $sort,
252 'ar_timestamp' . $sort,
253 'ar_id' . $sort,
254 ] );
255 }
256 } else {
257 if ( $mode == 'revs' ) {
258 // Sort by ns and title in the same order as timestamp for efficiency
259 $this->addWhereRange( 'ar_namespace', $dir, null, null );
260 $this->addWhereRange( 'ar_title', $dir, null, null );
261 }
262 $this->addTimestampWhereRange( 'ar_timestamp', $dir, $params['start'], $params['end'] );
263 // Include in ORDER BY for uniqueness
264 $this->addWhereRange( 'ar_id', $dir, null, null );
265 }
266 $res = $this->select( __METHOD__ );
267 $pageMap = []; // Maps ns&title to (fake) pageid
268 $count = 0;
269 $newPageID = 0;
270 foreach ( $res as $row ) {
271 if ( ++$count > $limit ) {
272 // We've had enough
273 if ( $mode == 'all' || $mode == 'revs' ) {
274 $this->setContinueEnumParameter( 'continue',
275 "$row->ar_namespace|$row->ar_title|$row->ar_timestamp|$row->ar_id"
276 );
277 } else {
278 $this->setContinueEnumParameter( 'continue', "$row->ar_timestamp|$row->ar_id" );
279 }
280 break;
281 }
282
283 $rev = [];
284 $anyHidden = false;
285
286 $rev['timestamp'] = wfTimestamp( TS_ISO_8601, $row->ar_timestamp );
287 if ( $fld_revid ) {
288 $rev['revid'] = (int)$row->ar_rev_id;
289 }
290 if ( $fld_parentid && !is_null( $row->ar_parent_id ) ) {
291 $rev['parentid'] = (int)$row->ar_parent_id;
292 }
293 if ( $fld_user || $fld_userid ) {
294 if ( $row->ar_deleted & RevisionRecord::DELETED_USER ) {
295 $rev['userhidden'] = true;
296 $anyHidden = true;
297 }
298 if ( Revision::userCanBitfield( $row->ar_deleted, RevisionRecord::DELETED_USER, $user ) ) {
299 if ( $fld_user ) {
300 $rev['user'] = $row->ar_user_text;
301 }
302 if ( $fld_userid ) {
303 $rev['userid'] = (int)$row->ar_user;
304 }
305 }
306 }
307
308 if ( $fld_comment || $fld_parsedcomment ) {
309 if ( $row->ar_deleted & RevisionRecord::DELETED_COMMENT ) {
310 $rev['commenthidden'] = true;
311 $anyHidden = true;
312 }
313 if ( Revision::userCanBitfield( $row->ar_deleted, RevisionRecord::DELETED_COMMENT, $user ) ) {
314 $comment = $commentStore->getComment( 'ar_comment', $row )->text;
315 if ( $fld_comment ) {
316 $rev['comment'] = $comment;
317 }
318 if ( $fld_parsedcomment ) {
319 $title = Title::makeTitle( $row->ar_namespace, $row->ar_title );
320 $rev['parsedcomment'] = Linker::formatComment( $comment, $title );
321 }
322 }
323 }
324
325 if ( $fld_minor ) {
326 $rev['minor'] = $row->ar_minor_edit == 1;
327 }
328 if ( $fld_len ) {
329 $rev['len'] = $row->ar_len;
330 }
331 if ( $fld_sha1 ) {
332 if ( $row->ar_deleted & RevisionRecord::DELETED_TEXT ) {
333 $rev['sha1hidden'] = true;
334 $anyHidden = true;
335 }
336 if ( Revision::userCanBitfield( $row->ar_deleted, RevisionRecord::DELETED_TEXT, $user ) ) {
337 if ( $row->ar_sha1 != '' ) {
338 $rev['sha1'] = Wikimedia\base_convert( $row->ar_sha1, 36, 16, 40 );
339 } else {
340 $rev['sha1'] = '';
341 }
342 }
343 }
344 if ( $fld_content ) {
345 if ( $row->ar_deleted & RevisionRecord::DELETED_TEXT ) {
346 $rev['texthidden'] = true;
347 $anyHidden = true;
348 }
349 if ( Revision::userCanBitfield( $row->ar_deleted, RevisionRecord::DELETED_TEXT, $user ) ) {
350 ApiResult::setContentValue( $rev, 'text', Revision::getRevisionText( $row, 'ar_' ) );
351 }
352 }
353
354 if ( $fld_tags ) {
355 if ( $row->ts_tags ) {
356 $tags = explode( ',', $row->ts_tags );
357 ApiResult::setIndexedTagName( $tags, 'tag' );
358 $rev['tags'] = $tags;
359 } else {
360 $rev['tags'] = [];
361 }
362 }
363
364 if ( $anyHidden && ( $row->ar_deleted & RevisionRecord::DELETED_RESTRICTED ) ) {
365 $rev['suppressed'] = true;
366 }
367
368 if ( !isset( $pageMap[$row->ar_namespace][$row->ar_title] ) ) {
369 $pageID = $newPageID++;
370 $pageMap[$row->ar_namespace][$row->ar_title] = $pageID;
371 $a = [ 'revisions' => [ $rev ] ];
372 ApiResult::setIndexedTagName( $a['revisions'], 'rev' );
373 $title = Title::makeTitle( $row->ar_namespace, $row->ar_title );
374 ApiQueryBase::addTitleInfo( $a, $title );
375 if ( $fld_token ) {
376 $a['token'] = $token;
377 }
378 $fit = $result->addValue( [ 'query', $this->getModuleName() ], $pageID, $a );
379 } else {
380 $pageID = $pageMap[$row->ar_namespace][$row->ar_title];
381 $fit = $result->addValue(
382 [ 'query', $this->getModuleName(), $pageID, 'revisions' ],
383 null, $rev );
384 }
385 if ( !$fit ) {
386 if ( $mode == 'all' || $mode == 'revs' ) {
387 $this->setContinueEnumParameter( 'continue',
388 "$row->ar_namespace|$row->ar_title|$row->ar_timestamp|$row->ar_id"
389 );
390 } else {
391 $this->setContinueEnumParameter( 'continue', "$row->ar_timestamp|$row->ar_id" );
392 }
393 break;
394 }
395 }
396 $result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'page' );
397 }
398
399 public function isDeprecated() {
400 return true;
401 }
402
403 public function getAllowedParams() {
404 return [
405 'start' => [
406 ApiBase::PARAM_TYPE => 'timestamp',
407 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'modes', 1, 2 ] ],
408 ],
409 'end' => [
410 ApiBase::PARAM_TYPE => 'timestamp',
411 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'modes', 1, 2 ] ],
412 ],
413 'dir' => [
414 ApiBase::PARAM_TYPE => [
415 'newer',
416 'older'
417 ],
418 ApiBase::PARAM_DFLT => 'older',
419 ApiBase::PARAM_HELP_MSG => 'api-help-param-direction',
420 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'modes', 1, 3 ] ],
421 ],
422 'from' => [
423 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'modes', 3 ] ],
424 ],
425 'to' => [
426 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'modes', 3 ] ],
427 ],
428 'prefix' => [
429 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'modes', 3 ] ],
430 ],
431 'unique' => [
432 ApiBase::PARAM_DFLT => false,
433 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'modes', 3 ] ],
434 ],
435 'namespace' => [
436 ApiBase::PARAM_TYPE => 'namespace',
437 ApiBase::PARAM_DFLT => NS_MAIN,
438 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'modes', 3 ] ],
439 ],
440 'tag' => null,
441 'user' => [
442 ApiBase::PARAM_TYPE => 'user'
443 ],
444 'excludeuser' => [
445 ApiBase::PARAM_TYPE => 'user'
446 ],
447 'prop' => [
448 ApiBase::PARAM_DFLT => 'user|comment',
449 ApiBase::PARAM_TYPE => [
450 'revid',
451 'parentid',
452 'user',
453 'userid',
454 'comment',
455 'parsedcomment',
456 'minor',
457 'len',
458 'sha1',
459 'content',
460 'token',
461 'tags'
462 ],
463 ApiBase::PARAM_ISMULTI => true
464 ],
465 'limit' => [
466 ApiBase::PARAM_DFLT => 10,
467 ApiBase::PARAM_TYPE => 'limit',
468 ApiBase::PARAM_MIN => 1,
469 ApiBase::PARAM_MAX => ApiBase::LIMIT_BIG1,
470 ApiBase::PARAM_MAX2 => ApiBase::LIMIT_BIG2
471 ],
472 'continue' => [
473 ApiBase::PARAM_HELP_MSG => 'api-help-param-continue',
474 ],
475 ];
476 }
477
478 protected function getExamplesMessages() {
479 return [
480 'action=query&list=deletedrevs&titles=Main%20Page|Talk:Main%20Page&' .
481 'drprop=user|comment|content'
482 => 'apihelp-query+deletedrevs-example-mode1',
483 'action=query&list=deletedrevs&druser=Bob&drlimit=50'
484 => 'apihelp-query+deletedrevs-example-mode2',
485 'action=query&list=deletedrevs&drdir=newer&drlimit=50'
486 => 'apihelp-query+deletedrevs-example-mode3-main',
487 'action=query&list=deletedrevs&drdir=newer&drlimit=50&drnamespace=1&drunique='
488 => 'apihelp-query+deletedrevs-example-mode3-talk',
489 ];
490 }
491
492 public function getHelpUrls() {
493 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Deletedrevs';
494 }
495 }
Wiklou, le Wiki du Wiklou