dépôts / lhc / web / wiklou.git / blob
? search:


edf70022805b6009a6d01529b6bcdc717909fa56
[lhc/web/wiklou.git] / includes / api / ApiQueryLogEvents.php
1 <?php
2 /**
3 * Copyright © 2006 Yuri Astrakhan "<Firstname><Lastname>@gmail.com"
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 use MediaWiki\MediaWikiServices;
24 use MediaWiki\Storage\NameTableAccessException;
25
26 /**
27 * Query action to List the log events, with optional filtering by various parameters.
28 *
29 * @ingroup API
30 */
31 class ApiQueryLogEvents extends ApiQueryBase {
32
33 private $commentStore;
34
35 public function __construct( ApiQuery $query, $moduleName ) {
36 parent::__construct( $query, $moduleName, 'le' );
37 }
38
39 private $fld_ids = false, $fld_title = false, $fld_type = false,
40 $fld_user = false, $fld_userid = false,
41 $fld_timestamp = false, $fld_comment = false, $fld_parsedcomment = false,
42 $fld_details = false, $fld_tags = false;
43
44 public function execute() {
45 $params = $this->extractRequestParams();
46 $db = $this->getDB();
47 $this->commentStore = CommentStore::getStore();
48 $this->requireMaxOneParameter( $params, 'title', 'prefix', 'namespace' );
49
50 $prop = array_flip( $params['prop'] );
51
52 $this->fld_ids = isset( $prop['ids'] );
53 $this->fld_title = isset( $prop['title'] );
54 $this->fld_type = isset( $prop['type'] );
55 $this->fld_user = isset( $prop['user'] );
56 $this->fld_userid = isset( $prop['userid'] );
57 $this->fld_timestamp = isset( $prop['timestamp'] );
58 $this->fld_comment = isset( $prop['comment'] );
59 $this->fld_parsedcomment = isset( $prop['parsedcomment'] );
60 $this->fld_details = isset( $prop['details'] );
61 $this->fld_tags = isset( $prop['tags'] );
62
63 $hideLogs = LogEventsList::getExcludeClause( $db, 'user', $this->getUser() );
64 if ( $hideLogs !== false ) {
65 $this->addWhere( $hideLogs );
66 }
67
68 $actorMigration = ActorMigration::newMigration();
69 $actorQuery = $actorMigration->getJoin( 'log_user' );
70 $this->addTables( 'logging' );
71 $this->addTables( $actorQuery['tables'] );
72 $this->addTables( [ 'user', 'page' ] );
73 $this->addJoinConds( $actorQuery['joins'] );
74 $this->addJoinConds( [
75 'user' => [ 'LEFT JOIN',
76 'user_id=' . $actorQuery['fields']['log_user'] ],
77 'page' => [ 'LEFT JOIN',
78 [ 'log_namespace=page_namespace',
79 'log_title=page_title' ] ] ] );
80
81 $this->addFields( [
82 'log_id',
83 'log_type',
84 'log_action',
85 'log_timestamp',
86 'log_deleted',
87 ] );
88
89 $this->addFieldsIf( 'page_id', $this->fld_ids );
90 // log_page is the page_id saved at log time, whereas page_id is from a
91 // join at query time. This leads to different results in various
92 // scenarios, e.g. deletion, recreation.
93 $this->addFieldsIf( 'log_page', $this->fld_ids );
94 $this->addFieldsIf( $actorQuery['fields'] + [ 'user_name' ], $this->fld_user );
95 $this->addFieldsIf( $actorQuery['fields'], $this->fld_userid );
96 $this->addFieldsIf(
97 [ 'log_namespace', 'log_title' ],
98 $this->fld_title || $this->fld_parsedcomment
99 );
100 $this->addFieldsIf( 'log_params', $this->fld_details );
101
102 if ( $this->fld_comment || $this->fld_parsedcomment ) {
103 $commentQuery = $this->commentStore->getJoin( 'log_comment' );
104 $this->addTables( $commentQuery['tables'] );
105 $this->addFields( $commentQuery['fields'] );
106 $this->addJoinConds( $commentQuery['joins'] );
107 }
108
109 if ( $this->fld_tags ) {
110 $this->addFields( [ 'ts_tags' => ChangeTags::makeTagSummarySubquery( 'logging' ) ] );
111 }
112
113 if ( !is_null( $params['tag'] ) ) {
114 $this->addTables( 'change_tag' );
115 $this->addJoinConds( [ 'change_tag' => [ 'INNER JOIN',
116 [ 'log_id=ct_log_id' ] ] ] );
117 $changeTagDefStore = MediaWikiServices::getInstance()->getChangeTagDefStore();
118 try {
119 $this->addWhereFld( 'ct_tag_id', $changeTagDefStore->getId( $params['tag'] ) );
120 } catch ( NameTableAccessException $exception ) {
121 // Return nothing.
122 $this->addWhere( '1=0' );
123 }
124 }
125
126 if ( !is_null( $params['action'] ) ) {
127 // Do validation of action param, list of allowed actions can contains wildcards
128 // Allow the param, when the actions is in the list or a wildcard version is listed.
129 $logAction = $params['action'];
130 if ( strpos( $logAction, '/' ) === false ) {
131 // all items in the list have a slash
132 $valid = false;
133 } else {
134 $logActions = array_flip( $this->getAllowedLogActions() );
135 list( $type, $action ) = explode( '/', $logAction, 2 );
136 $valid = isset( $logActions[$logAction] ) || isset( $logActions[$type . '/*'] );
137 }
138
139 if ( !$valid ) {
140 $encParamName = $this->encodeParamName( 'action' );
141 $this->dieWithError(
142 [ 'apierror-unrecognizedvalue', $encParamName, wfEscapeWikiText( $logAction ) ],
143 "unknown_$encParamName"
144 );
145 }
146
147 $this->addWhereFld( 'log_type', $type );
148 $this->addWhereFld( 'log_action', $action );
149 } elseif ( !is_null( $params['type'] ) ) {
150 $this->addWhereFld( 'log_type', $params['type'] );
151 }
152
153 $this->addTimestampWhereRange(
154 'log_timestamp',
155 $params['dir'],
156 $params['start'],
157 $params['end']
158 );
159 // Include in ORDER BY for uniqueness
160 $this->addWhereRange( 'log_id', $params['dir'], null, null );
161
162 if ( !is_null( $params['continue'] ) ) {
163 $cont = explode( '|', $params['continue'] );
164 $this->dieContinueUsageIf( count( $cont ) != 2 );
165 $op = ( $params['dir'] === 'newer' ? '>' : '<' );
166 $continueTimestamp = $db->addQuotes( $db->timestamp( $cont[0] ) );
167 $continueId = (int)$cont[1];
168 $this->dieContinueUsageIf( $continueId != $cont[1] );
169 $this->addWhere( "log_timestamp $op $continueTimestamp OR " .
170 "(log_timestamp = $continueTimestamp AND " .
171 "log_id $op= $continueId)"
172 );
173 }
174
175 $limit = $params['limit'];
176 $this->addOption( 'LIMIT', $limit + 1 );
177
178 $user = $params['user'];
179 if ( !is_null( $user ) ) {
180 // Note the joins in $q are the same as those from ->getJoin() above
181 // so we only need to add 'conds' here.
182 $q = $actorMigration->getWhere(
183 $db, 'log_user', User::newFromName( $params['user'], false )
184 );
185 $this->addWhere( $q['conds'] );
186 }
187
188 $title = $params['title'];
189 if ( !is_null( $title ) ) {
190 $titleObj = Title::newFromText( $title );
191 if ( is_null( $titleObj ) ) {
192 $this->dieWithError( [ 'apierror-invalidtitle', wfEscapeWikiText( $title ) ] );
193 }
194 $this->addWhereFld( 'log_namespace', $titleObj->getNamespace() );
195 $this->addWhereFld( 'log_title', $titleObj->getDBkey() );
196 }
197
198 if ( $params['namespace'] !== null ) {
199 $this->addWhereFld( 'log_namespace', $params['namespace'] );
200 }
201
202 $prefix = $params['prefix'];
203
204 if ( !is_null( $prefix ) ) {
205 if ( $this->getConfig()->get( 'MiserMode' ) ) {
206 $this->dieWithError( 'apierror-prefixsearchdisabled' );
207 }
208
209 $title = Title::newFromText( $prefix );
210 if ( is_null( $title ) ) {
211 $this->dieWithError( [ 'apierror-invalidtitle', wfEscapeWikiText( $prefix ) ] );
212 }
213 $this->addWhereFld( 'log_namespace', $title->getNamespace() );
214 $this->addWhere( 'log_title ' . $db->buildLike( $title->getDBkey(), $db->anyString() ) );
215 }
216
217 // Paranoia: avoid brute force searches (T19342)
218 if ( $params['namespace'] !== null || !is_null( $title ) || !is_null( $user ) ) {
219 if ( !$this->getUser()->isAllowed( 'deletedhistory' ) ) {
220 $titleBits = LogPage::DELETED_ACTION;
221 $userBits = LogPage::DELETED_USER;
222 } elseif ( !$this->getUser()->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
223 $titleBits = LogPage::DELETED_ACTION | LogPage::DELETED_RESTRICTED;
224 $userBits = LogPage::DELETED_USER | LogPage::DELETED_RESTRICTED;
225 } else {
226 $titleBits = 0;
227 $userBits = 0;
228 }
229 if ( ( $params['namespace'] !== null || !is_null( $title ) ) && $titleBits ) {
230 $this->addWhere( $db->bitAnd( 'log_deleted', $titleBits ) . " != $titleBits" );
231 }
232 if ( !is_null( $user ) && $userBits ) {
233 $this->addWhere( $db->bitAnd( 'log_deleted', $userBits ) . " != $userBits" );
234 }
235 }
236
237 $count = 0;
238 $res = $this->select( __METHOD__ );
239 $result = $this->getResult();
240 foreach ( $res as $row ) {
241 if ( ++$count > $limit ) {
242 // We've reached the one extra which shows that there are
243 // additional pages to be had. Stop here...
244 $this->setContinueEnumParameter( 'continue', "$row->log_timestamp|$row->log_id" );
245 break;
246 }
247
248 $vals = $this->extractRowInfo( $row );
249 $fit = $result->addValue( [ 'query', $this->getModuleName() ], null, $vals );
250 if ( !$fit ) {
251 $this->setContinueEnumParameter( 'continue', "$row->log_timestamp|$row->log_id" );
252 break;
253 }
254 }
255 $result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'item' );
256 }
257
258 private function extractRowInfo( $row ) {
259 $logEntry = DatabaseLogEntry::newFromRow( $row );
260 $vals = [
261 ApiResult::META_TYPE => 'assoc',
262 ];
263 $anyHidden = false;
264 $user = $this->getUser();
265
266 if ( $this->fld_ids ) {
267 $vals['logid'] = intval( $row->log_id );
268 }
269
270 if ( $this->fld_title || $this->fld_parsedcomment ) {
271 $title = Title::makeTitle( $row->log_namespace, $row->log_title );
272 }
273
274 if ( $this->fld_title || $this->fld_ids || $this->fld_details && $row->log_params !== '' ) {
275 if ( LogEventsList::isDeleted( $row, LogPage::DELETED_ACTION ) ) {
276 $vals['actionhidden'] = true;
277 $anyHidden = true;
278 }
279 if ( LogEventsList::userCan( $row, LogPage::DELETED_ACTION, $user ) ) {
280 if ( $this->fld_title ) {
281 ApiQueryBase::addTitleInfo( $vals, $title );
282 }
283 if ( $this->fld_ids ) {
284 $vals['pageid'] = intval( $row->page_id );
285 $vals['logpage'] = intval( $row->log_page );
286 }
287 if ( $this->fld_details ) {
288 $vals['params'] = LogFormatter::newFromEntry( $logEntry )->formatParametersForApi();
289 }
290 }
291 }
292
293 if ( $this->fld_type ) {
294 $vals['type'] = $row->log_type;
295 $vals['action'] = $row->log_action;
296 }
297
298 if ( $this->fld_user || $this->fld_userid ) {
299 if ( LogEventsList::isDeleted( $row, LogPage::DELETED_USER ) ) {
300 $vals['userhidden'] = true;
301 $anyHidden = true;
302 }
303 if ( LogEventsList::userCan( $row, LogPage::DELETED_USER, $user ) ) {
304 if ( $this->fld_user ) {
305 $vals['user'] = $row->user_name ?? $row->log_user_text;
306 }
307 if ( $this->fld_userid ) {
308 $vals['userid'] = intval( $row->log_user );
309 }
310
311 if ( !$row->log_user ) {
312 $vals['anon'] = true;
313 }
314 }
315 }
316 if ( $this->fld_timestamp ) {
317 $vals['timestamp'] = wfTimestamp( TS_ISO_8601, $row->log_timestamp );
318 }
319
320 if ( $this->fld_comment || $this->fld_parsedcomment ) {
321 if ( LogEventsList::isDeleted( $row, LogPage::DELETED_COMMENT ) ) {
322 $vals['commenthidden'] = true;
323 $anyHidden = true;
324 }
325 if ( LogEventsList::userCan( $row, LogPage::DELETED_COMMENT, $user ) ) {
326 $comment = $this->commentStore->getComment( 'log_comment', $row )->text;
327 if ( $this->fld_comment ) {
328 $vals['comment'] = $comment;
329 }
330
331 if ( $this->fld_parsedcomment ) {
332 $vals['parsedcomment'] = Linker::formatComment( $comment, $title );
333 }
334 }
335 }
336
337 if ( $this->fld_tags ) {
338 if ( $row->ts_tags ) {
339 $tags = explode( ',', $row->ts_tags );
340 ApiResult::setIndexedTagName( $tags, 'tag' );
341 $vals['tags'] = $tags;
342 } else {
343 $vals['tags'] = [];
344 }
345 }
346
347 if ( $anyHidden && LogEventsList::isDeleted( $row, LogPage::DELETED_RESTRICTED ) ) {
348 $vals['suppressed'] = true;
349 }
350
351 return $vals;
352 }
353
354 /**
355 * @return array
356 */
357 private function getAllowedLogActions() {
358 $config = $this->getConfig();
359 return array_keys( array_merge(
360 $config->get( 'LogActions' ),
361 $config->get( 'LogActionsHandlers' )
362 ) );
363 }
364
365 public function getCacheMode( $params ) {
366 if ( $this->userCanSeeRevDel() ) {
367 return 'private';
368 }
369 if ( !is_null( $params['prop'] ) && in_array( 'parsedcomment', $params['prop'] ) ) {
370 // formatComment() calls wfMessage() among other things
371 return 'anon-public-user-private';
372 } elseif ( LogEventsList::getExcludeClause( $this->getDB(), 'user', $this->getUser() )
373 === LogEventsList::getExcludeClause( $this->getDB(), 'public' )
374 ) { // Output can only contain public data.
375 return 'public';
376 } else {
377 return 'anon-public-user-private';
378 }
379 }
380
381 public function getAllowedParams( $flags = 0 ) {
382 $config = $this->getConfig();
383 if ( $flags & ApiBase::GET_VALUES_FOR_HELP ) {
384 $logActions = $this->getAllowedLogActions();
385 sort( $logActions );
386 } else {
387 $logActions = null;
388 }
389 $ret = [
390 'prop' => [
391 ApiBase::PARAM_ISMULTI => true,
392 ApiBase::PARAM_DFLT => 'ids|title|type|user|timestamp|comment|details',
393 ApiBase::PARAM_TYPE => [
394 'ids',
395 'title',
396 'type',
397 'user',
398 'userid',
399 'timestamp',
400 'comment',
401 'parsedcomment',
402 'details',
403 'tags'
404 ],
405 ApiBase::PARAM_HELP_MSG_PER_VALUE => [],
406 ],
407 'type' => [
408 ApiBase::PARAM_TYPE => LogPage::validTypes(),
409 ],
410 'action' => [
411 // validation on request is done in execute()
412 ApiBase::PARAM_TYPE => $logActions
413 ],
414 'start' => [
415 ApiBase::PARAM_TYPE => 'timestamp'
416 ],
417 'end' => [
418 ApiBase::PARAM_TYPE => 'timestamp'
419 ],
420 'dir' => [
421 ApiBase::PARAM_DFLT => 'older',
422 ApiBase::PARAM_TYPE => [
423 'newer',
424 'older'
425 ],
426 ApiBase::PARAM_HELP_MSG => 'api-help-param-direction',
427 ],
428 'user' => [
429 ApiBase::PARAM_TYPE => 'user',
430 ],
431 'title' => null,
432 'namespace' => [
433 ApiBase::PARAM_TYPE => 'namespace',
434 ApiBase::PARAM_EXTRA_NAMESPACES => [ NS_MEDIA, NS_SPECIAL ],
435 ],
436 'prefix' => [],
437 'tag' => null,
438 'limit' => [
439 ApiBase::PARAM_DFLT => 10,
440 ApiBase::PARAM_TYPE => 'limit',
441 ApiBase::PARAM_MIN => 1,
442 ApiBase::PARAM_MAX => ApiBase::LIMIT_BIG1,
443 ApiBase::PARAM_MAX2 => ApiBase::LIMIT_BIG2
444 ],
445 'continue' => [
446 ApiBase::PARAM_HELP_MSG => 'api-help-param-continue',
447 ],
448 ];
449
450 if ( $config->get( 'MiserMode' ) ) {
451 $ret['prefix'][ApiBase::PARAM_HELP_MSG] = 'api-help-param-disabled-in-miser-mode';
452 }
453
454 return $ret;
455 }
456
457 protected function getExamplesMessages() {
458 return [
459 'action=query&list=logevents'
460 => 'apihelp-query+logevents-example-simple',
461 ];
462 }
463
464 public function getHelpUrls() {
465 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Logevents';
466 }
467 }
Wiklou, le Wiki du Wiklou