dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Revert "selenium: add new message banner test to user spec""
[lhc/web/wiklou.git] / includes / api / ApiQueryUsers.php
1 <?php
2 /**
3 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 /**
24 * Query module to get information about a list of users
25 *
26 * @ingroup API
27 */
28 class ApiQueryUsers extends ApiQueryBase {
29
30 private $tokenFunctions, $prop;
31
32 /**
33 * Properties whose contents does not depend on who is looking at them. If the usprops field
34 * contains anything not listed here, the cache mode will never be public for logged-in users.
35 * @var array
36 */
37 protected static $publicProps = [
38 // everything except 'blockinfo' which might show hidden records if the user
39 // making the request has the appropriate permissions
40 'groups',
41 'groupmemberships',
42 'implicitgroups',
43 'rights',
44 'editcount',
45 'registration',
46 'emailable',
47 'gender',
48 'centralids',
49 'cancreate',
50 ];
51
52 public function __construct( ApiQuery $query, $moduleName ) {
53 parent::__construct( $query, $moduleName, 'us' );
54 }
55
56 /**
57 * Get an array mapping token names to their handler functions.
58 * The prototype for a token function is func($user)
59 * it should return a token or false (permission denied)
60 * @deprecated since 1.24
61 * @return array Array of tokenname => function
62 */
63 protected function getTokenFunctions() {
64 // Don't call the hooks twice
65 if ( isset( $this->tokenFunctions ) ) {
66 return $this->tokenFunctions;
67 }
68
69 // If we're in a mode that breaks the same-origin policy, no tokens can
70 // be obtained
71 if ( $this->lacksSameOriginSecurity() ) {
72 return [];
73 }
74
75 $this->tokenFunctions = [
76 'userrights' => [ 'ApiQueryUsers', 'getUserrightsToken' ],
77 ];
78 Hooks::run( 'APIQueryUsersTokens', [ &$this->tokenFunctions ] );
79
80 return $this->tokenFunctions;
81 }
82
83 /**
84 * @deprecated since 1.24
85 * @param User $user
86 * @return string
87 */
88 public static function getUserrightsToken( $user ) {
89 global $wgUser;
90
91 // Since the permissions check for userrights is non-trivial,
92 // don't bother with it here
93 return $wgUser->getEditToken( $user->getName() );
94 }
95
96 public function execute() {
97 $db = $this->getDB();
98 $commentStore = new CommentStore( 'ipb_reason' );
99
100 $params = $this->extractRequestParams();
101 $this->requireMaxOneParameter( $params, 'userids', 'users' );
102
103 if ( !is_null( $params['prop'] ) ) {
104 $this->prop = array_flip( $params['prop'] );
105 } else {
106 $this->prop = [];
107 }
108 $useNames = !is_null( $params['users'] );
109
110 $users = (array)$params['users'];
111 $userids = (array)$params['userids'];
112
113 $goodNames = $done = [];
114 $result = $this->getResult();
115 // Canonicalize user names
116 foreach ( $users as $u ) {
117 $n = User::getCanonicalName( $u );
118 if ( $n === false || $n === '' ) {
119 $vals = [ 'name' => $u, 'invalid' => true ];
120 $fit = $result->addValue( [ 'query', $this->getModuleName() ],
121 null, $vals );
122 if ( !$fit ) {
123 $this->setContinueEnumParameter( 'users',
124 implode( '|', array_diff( $users, $done ) ) );
125 $goodNames = [];
126 break;
127 }
128 $done[] = $u;
129 } else {
130 $goodNames[] = $n;
131 }
132 }
133
134 if ( $useNames ) {
135 $parameters = &$goodNames;
136 } else {
137 $parameters = &$userids;
138 }
139
140 $result = $this->getResult();
141
142 if ( count( $parameters ) ) {
143 $userQuery = User::getQueryInfo();
144 $this->addTables( $userQuery['tables'] );
145 $this->addFields( $userQuery['fields'] );
146 $this->addJoinConds( $userQuery['joins'] );
147 if ( $useNames ) {
148 $this->addWhereFld( 'user_name', $goodNames );
149 } else {
150 $this->addWhereFld( 'user_id', $userids );
151 }
152
153 $this->showHiddenUsersAddBlockInfo( isset( $this->prop['blockinfo'] ) );
154
155 $data = [];
156 $res = $this->select( __METHOD__ );
157 $this->resetQueryParams();
158
159 // get user groups if needed
160 if ( isset( $this->prop['groups'] ) || isset( $this->prop['rights'] ) ) {
161 $userGroups = [];
162
163 $this->addTables( 'user' );
164 if ( $useNames ) {
165 $this->addWhereFld( 'user_name', $goodNames );
166 } else {
167 $this->addWhereFld( 'user_id', $userids );
168 }
169
170 $this->addTables( 'user_groups' );
171 $this->addJoinConds( [ 'user_groups' => [ 'INNER JOIN', 'ug_user=user_id' ] ] );
172 $this->addFields( [ 'user_name' ] );
173 $this->addFields( UserGroupMembership::selectFields() );
174 $this->addWhere( 'ug_expiry IS NULL OR ug_expiry >= ' .
175 $db->addQuotes( $db->timestamp() ) );
176 $userGroupsRes = $this->select( __METHOD__ );
177
178 foreach ( $userGroupsRes as $row ) {
179 $userGroups[$row->user_name][] = $row;
180 }
181 }
182
183 foreach ( $res as $row ) {
184 // create user object and pass along $userGroups if set
185 // that reduces the number of database queries needed in User dramatically
186 if ( !isset( $userGroups ) ) {
187 $user = User::newFromRow( $row );
188 } else {
189 if ( !isset( $userGroups[$row->user_name] ) || !is_array( $userGroups[$row->user_name] ) ) {
190 $userGroups[$row->user_name] = [];
191 }
192 $user = User::newFromRow( $row, [ 'user_groups' => $userGroups[$row->user_name] ] );
193 }
194 if ( $useNames ) {
195 $key = $user->getName();
196 } else {
197 $key = $user->getId();
198 }
199 $data[$key]['userid'] = $user->getId();
200 $data[$key]['name'] = $user->getName();
201
202 if ( isset( $this->prop['editcount'] ) ) {
203 $data[$key]['editcount'] = $user->getEditCount();
204 }
205
206 if ( isset( $this->prop['registration'] ) ) {
207 $data[$key]['registration'] = wfTimestampOrNull( TS_ISO_8601, $user->getRegistration() );
208 }
209
210 if ( isset( $this->prop['groups'] ) ) {
211 $data[$key]['groups'] = $user->getEffectiveGroups();
212 }
213
214 if ( isset( $this->prop['groupmemberships'] ) ) {
215 $data[$key]['groupmemberships'] = array_map( function ( $ugm ) {
216 return [
217 'group' => $ugm->getGroup(),
218 'expiry' => ApiResult::formatExpiry( $ugm->getExpiry() ),
219 ];
220 }, $user->getGroupMemberships() );
221 }
222
223 if ( isset( $this->prop['implicitgroups'] ) ) {
224 $data[$key]['implicitgroups'] = $user->getAutomaticGroups();
225 }
226
227 if ( isset( $this->prop['rights'] ) ) {
228 $data[$key]['rights'] = $user->getRights();
229 }
230 if ( $row->ipb_deleted ) {
231 $data[$key]['hidden'] = true;
232 }
233 if ( isset( $this->prop['blockinfo'] ) && !is_null( $row->ipb_by_text ) ) {
234 $data[$key]['blockid'] = (int)$row->ipb_id;
235 $data[$key]['blockedby'] = $row->ipb_by_text;
236 $data[$key]['blockedbyid'] = (int)$row->ipb_by;
237 $data[$key]['blockedtimestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
238 $data[$key]['blockreason'] = $commentStore->getComment( $row )->text;
239 $data[$key]['blockexpiry'] = $row->ipb_expiry;
240 }
241
242 if ( isset( $this->prop['emailable'] ) ) {
243 $data[$key]['emailable'] = $user->canReceiveEmail();
244 }
245
246 if ( isset( $this->prop['gender'] ) ) {
247 $gender = $user->getOption( 'gender' );
248 if ( strval( $gender ) === '' ) {
249 $gender = 'unknown';
250 }
251 $data[$key]['gender'] = $gender;
252 }
253
254 if ( isset( $this->prop['centralids'] ) ) {
255 $data[$key] += ApiQueryUserInfo::getCentralUserInfo(
256 $this->getConfig(), $user, $params['attachedwiki']
257 );
258 }
259
260 if ( !is_null( $params['token'] ) ) {
261 $tokenFunctions = $this->getTokenFunctions();
262 foreach ( $params['token'] as $t ) {
263 $val = call_user_func( $tokenFunctions[$t], $user );
264 if ( $val === false ) {
265 $this->addWarning( [ 'apiwarn-tokennotallowed', $t ] );
266 } else {
267 $data[$key][$t . 'token'] = $val;
268 }
269 }
270 }
271 }
272 }
273
274 $context = $this->getContext();
275 // Second pass: add result data to $retval
276 foreach ( $parameters as $u ) {
277 if ( !isset( $data[$u] ) ) {
278 if ( $useNames ) {
279 $data[$u] = [ 'name' => $u ];
280 $urPage = new UserrightsPage;
281 $urPage->setContext( $context );
282
283 $iwUser = $urPage->fetchUser( $u );
284
285 if ( $iwUser instanceof UserRightsProxy ) {
286 $data[$u]['interwiki'] = true;
287
288 if ( !is_null( $params['token'] ) ) {
289 $tokenFunctions = $this->getTokenFunctions();
290
291 foreach ( $params['token'] as $t ) {
292 $val = call_user_func( $tokenFunctions[$t], $iwUser );
293 if ( $val === false ) {
294 $this->addWarning( [ 'apiwarn-tokennotallowed', $t ] );
295 } else {
296 $data[$u][$t . 'token'] = $val;
297 }
298 }
299 }
300 } else {
301 $data[$u]['missing'] = true;
302 if ( isset( $this->prop['cancreate'] ) ) {
303 $status = MediaWiki\Auth\AuthManager::singleton()->canCreateAccount( $u );
304 $data[$u]['cancreate'] = $status->isGood();
305 if ( !$status->isGood() ) {
306 $data[$u]['cancreateerror'] = $this->getErrorFormatter()->arrayFromStatus( $status );
307 }
308 }
309 }
310 } else {
311 $data[$u] = [ 'userid' => $u, 'missing' => true ];
312 }
313
314 } else {
315 if ( isset( $this->prop['groups'] ) && isset( $data[$u]['groups'] ) ) {
316 ApiResult::setArrayType( $data[$u]['groups'], 'array' );
317 ApiResult::setIndexedTagName( $data[$u]['groups'], 'g' );
318 }
319 if ( isset( $this->prop['groupmemberships'] ) && isset( $data[$u]['groupmemberships'] ) ) {
320 ApiResult::setArrayType( $data[$u]['groupmemberships'], 'array' );
321 ApiResult::setIndexedTagName( $data[$u]['groupmemberships'], 'groupmembership' );
322 }
323 if ( isset( $this->prop['implicitgroups'] ) && isset( $data[$u]['implicitgroups'] ) ) {
324 ApiResult::setArrayType( $data[$u]['implicitgroups'], 'array' );
325 ApiResult::setIndexedTagName( $data[$u]['implicitgroups'], 'g' );
326 }
327 if ( isset( $this->prop['rights'] ) && isset( $data[$u]['rights'] ) ) {
328 ApiResult::setArrayType( $data[$u]['rights'], 'array' );
329 ApiResult::setIndexedTagName( $data[$u]['rights'], 'r' );
330 }
331 }
332
333 $fit = $result->addValue( [ 'query', $this->getModuleName() ],
334 null, $data[$u] );
335 if ( !$fit ) {
336 if ( $useNames ) {
337 $this->setContinueEnumParameter( 'users',
338 implode( '|', array_diff( $users, $done ) ) );
339 } else {
340 $this->setContinueEnumParameter( 'userids',
341 implode( '|', array_diff( $userids, $done ) ) );
342 }
343 break;
344 }
345 $done[] = $u;
346 }
347 $result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'user' );
348 }
349
350 public function getCacheMode( $params ) {
351 if ( isset( $params['token'] ) ) {
352 return 'private';
353 } elseif ( array_diff( (array)$params['prop'], static::$publicProps ) ) {
354 return 'anon-public-user-private';
355 } else {
356 return 'public';
357 }
358 }
359
360 public function getAllowedParams() {
361 return [
362 'prop' => [
363 ApiBase::PARAM_ISMULTI => true,
364 ApiBase::PARAM_TYPE => [
365 'blockinfo',
366 'groups',
367 'groupmemberships',
368 'implicitgroups',
369 'rights',
370 'editcount',
371 'registration',
372 'emailable',
373 'gender',
374 'centralids',
375 'cancreate',
376 // When adding a prop, consider whether it should be added
377 // to self::$publicProps
378 ],
379 ApiBase::PARAM_HELP_MSG_PER_VALUE => [],
380 ],
381 'attachedwiki' => null,
382 'users' => [
383 ApiBase::PARAM_ISMULTI => true
384 ],
385 'userids' => [
386 ApiBase::PARAM_ISMULTI => true,
387 ApiBase::PARAM_TYPE => 'integer'
388 ],
389 'token' => [
390 ApiBase::PARAM_DEPRECATED => true,
391 ApiBase::PARAM_TYPE => array_keys( $this->getTokenFunctions() ),
392 ApiBase::PARAM_ISMULTI => true
393 ],
394 ];
395 }
396
397 protected function getExamplesMessages() {
398 return [
399 'action=query&list=users&ususers=Example&usprop=groups|editcount|gender'
400 => 'apihelp-query+users-example-simple',
401 ];
402 }
403
404 public function getHelpUrls() {
405 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Users';
406 }
407 }
Wiklou, le Wiki du Wiklou