dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Warn if stateful ParserOutput transforms are used"
[lhc/web/wiklou.git] / includes / context / RequestContext.php
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
17 *
18 * @since 1.18
19 *
20 * @author Alexandre Emsenhuber
21 * @author Daniel Friesen
22 * @file
23 */
24
25 use MediaWiki\Logger\LoggerFactory;
26 use MediaWiki\MediaWikiServices;
27 use Wikimedia\ScopedCallback;
28
29 /**
30 * Group all the pieces relevant to the context of a request into one instance
31 */
32 class RequestContext implements IContextSource, MutableContext {
33 /**
34 * @var WebRequest
35 */
36 private $request;
37
38 /**
39 * @var Title
40 */
41 private $title;
42
43 /**
44 * @var WikiPage
45 */
46 private $wikipage;
47
48 /**
49 * @var OutputPage
50 */
51 private $output;
52
53 /**
54 * @var User
55 */
56 private $user;
57
58 /**
59 * @var Language
60 */
61 private $lang;
62
63 /**
64 * @var Skin
65 */
66 private $skin;
67
68 /**
69 * @var Timing
70 */
71 private $timing;
72
73 /**
74 * @var Config
75 */
76 private $config;
77
78 /**
79 * @var RequestContext
80 */
81 private static $instance = null;
82
83 /**
84 * @param Config $config
85 */
86 public function setConfig( Config $config ) {
87 $this->config = $config;
88 }
89
90 /**
91 * @return Config
92 */
93 public function getConfig() {
94 if ( $this->config === null ) {
95 // @todo In the future, we could move this to WebStart.php so
96 // the Config object is ready for when initialization happens
97 $this->config = MediaWikiServices::getInstance()->getMainConfig();
98 }
99
100 return $this->config;
101 }
102
103 /**
104 * @param WebRequest $request
105 */
106 public function setRequest( WebRequest $request ) {
107 $this->request = $request;
108 }
109
110 /**
111 * @return WebRequest
112 */
113 public function getRequest() {
114 if ( $this->request === null ) {
115 global $wgCommandLineMode;
116 // create the WebRequest object on the fly
117 if ( $wgCommandLineMode ) {
118 $this->request = new FauxRequest( [] );
119 } else {
120 $this->request = new WebRequest();
121 }
122 }
123
124 return $this->request;
125 }
126
127 /**
128 * @deprecated since 1.27 use a StatsdDataFactory from MediaWikiServices (preferably injected)
129 *
130 * @return IBufferingStatsdDataFactory
131 */
132 public function getStats() {
133 return MediaWikiServices::getInstance()->getStatsdDataFactory();
134 }
135
136 /**
137 * @return Timing
138 */
139 public function getTiming() {
140 if ( $this->timing === null ) {
141 $this->timing = new Timing( [
142 'logger' => LoggerFactory::getInstance( 'Timing' )
143 ] );
144 }
145 return $this->timing;
146 }
147
148 /**
149 * @param Title|null $title
150 */
151 public function setTitle( Title $title = null ) {
152 $this->title = $title;
153 // Erase the WikiPage so a new one with the new title gets created.
154 $this->wikipage = null;
155 }
156
157 /**
158 * @return Title|null
159 */
160 public function getTitle() {
161 if ( $this->title === null ) {
162 global $wgTitle; # fallback to $wg till we can improve this
163 $this->title = $wgTitle;
164 wfDebugLog(
165 'GlobalTitleFail',
166 __METHOD__ . ' called by ' . wfGetAllCallers( 5 ) . ' with no title set.'
167 );
168 }
169
170 return $this->title;
171 }
172
173 /**
174 * Check, if a Title object is set
175 *
176 * @since 1.25
177 * @return bool
178 */
179 public function hasTitle() {
180 return $this->title !== null;
181 }
182
183 /**
184 * Check whether a WikiPage object can be get with getWikiPage().
185 * Callers should expect that an exception is thrown from getWikiPage()
186 * if this method returns false.
187 *
188 * @since 1.19
189 * @return bool
190 */
191 public function canUseWikiPage() {
192 if ( $this->wikipage ) {
193 // If there's a WikiPage object set, we can for sure get it
194 return true;
195 }
196 // Only pages with legitimate titles can have WikiPages.
197 // That usually means pages in non-virtual namespaces.
198 $title = $this->getTitle();
199 return $title ? $title->canExist() : false;
200 }
201
202 /**
203 * @since 1.19
204 * @param WikiPage $wikiPage
205 */
206 public function setWikiPage( WikiPage $wikiPage ) {
207 $pageTitle = $wikiPage->getTitle();
208 if ( !$this->hasTitle() || !$pageTitle->equals( $this->getTitle() ) ) {
209 $this->setTitle( $pageTitle );
210 }
211 // Defer this to the end since setTitle sets it to null.
212 $this->wikipage = $wikiPage;
213 }
214
215 /**
216 * Get the WikiPage object.
217 * May throw an exception if there's no Title object set or the Title object
218 * belongs to a special namespace that doesn't have WikiPage, so use first
219 * canUseWikiPage() to check whether this method can be called safely.
220 *
221 * @since 1.19
222 * @throws MWException
223 * @return WikiPage
224 */
225 public function getWikiPage() {
226 if ( $this->wikipage === null ) {
227 $title = $this->getTitle();
228 if ( $title === null ) {
229 throw new MWException( __METHOD__ . ' called without Title object set' );
230 }
231 $this->wikipage = WikiPage::factory( $title );
232 }
233
234 return $this->wikipage;
235 }
236
237 /**
238 * @param OutputPage $output
239 */
240 public function setOutput( OutputPage $output ) {
241 $this->output = $output;
242 }
243
244 /**
245 * @return OutputPage
246 */
247 public function getOutput() {
248 if ( $this->output === null ) {
249 $this->output = new OutputPage( $this );
250 }
251
252 return $this->output;
253 }
254
255 /**
256 * @param User $user
257 */
258 public function setUser( User $user ) {
259 $this->user = $user;
260 }
261
262 /**
263 * @return User
264 */
265 public function getUser() {
266 if ( $this->user === null ) {
267 $this->user = User::newFromSession( $this->getRequest() );
268 }
269
270 return $this->user;
271 }
272
273 /**
274 * Accepts a language code and ensures it's sane. Outputs a cleaned up language
275 * code and replaces with $wgLanguageCode if not sane.
276 * @param string $code Language code
277 * @return string
278 */
279 public static function sanitizeLangCode( $code ) {
280 global $wgLanguageCode;
281
282 // BCP 47 - letter case MUST NOT carry meaning
283 $code = strtolower( $code );
284
285 # Validate $code
286 if ( !$code || !Language::isValidCode( $code ) || $code === 'qqq' ) {
287 $code = $wgLanguageCode;
288 }
289
290 return $code;
291 }
292
293 /**
294 * @param Language|string $language Language instance or language code
295 * @throws MWException
296 * @since 1.19
297 */
298 public function setLanguage( $language ) {
299 if ( $language instanceof Language ) {
300 $this->lang = $language;
301 } elseif ( is_string( $language ) ) {
302 $language = self::sanitizeLangCode( $language );
303 $obj = Language::factory( $language );
304 $this->lang = $obj;
305 } else {
306 throw new MWException( __METHOD__ . " was passed an invalid type of data." );
307 }
308 }
309
310 /**
311 * Get the Language object.
312 * Initialization of user or request objects can depend on this.
313 * @return Language
314 * @throws Exception
315 * @since 1.19
316 */
317 public function getLanguage() {
318 if ( isset( $this->recursion ) ) {
319 trigger_error( "Recursion detected in " . __METHOD__, E_USER_WARNING );
320 $e = new Exception;
321 wfDebugLog( 'recursion-guard', "Recursion detected:\n" . $e->getTraceAsString() );
322
323 $code = $this->getConfig()->get( 'LanguageCode' ) ?: 'en';
324 $this->lang = Language::factory( $code );
325 } elseif ( $this->lang === null ) {
326 $this->recursion = true;
327
328 global $wgContLang;
329
330 try {
331 $request = $this->getRequest();
332 $user = $this->getUser();
333
334 $code = $request->getVal( 'uselang', 'user' );
335 if ( $code === 'user' ) {
336 $code = $user->getOption( 'language' );
337 }
338 $code = self::sanitizeLangCode( $code );
339
340 Hooks::run( 'UserGetLanguageObject', [ $user, &$code, $this ] );
341
342 if ( $code === $this->getConfig()->get( 'LanguageCode' ) ) {
343 $this->lang = $wgContLang;
344 } else {
345 $obj = Language::factory( $code );
346 $this->lang = $obj;
347 }
348
349 unset( $this->recursion );
350 }
351 catch ( Exception $ex ) {
352 unset( $this->recursion );
353 throw $ex;
354 }
355 }
356
357 return $this->lang;
358 }
359
360 /**
361 * @param Skin $skin
362 */
363 public function setSkin( Skin $skin ) {
364 $this->skin = clone $skin;
365 $this->skin->setContext( $this );
366 }
367
368 /**
369 * @return Skin
370 */
371 public function getSkin() {
372 if ( $this->skin === null ) {
373 $skin = null;
374 Hooks::run( 'RequestContextCreateSkin', [ $this, &$skin ] );
375 $factory = SkinFactory::getDefaultInstance();
376
377 // If the hook worked try to set a skin from it
378 if ( $skin instanceof Skin ) {
379 $this->skin = $skin;
380 } elseif ( is_string( $skin ) ) {
381 // Normalize the key, just in case the hook did something weird.
382 $normalized = Skin::normalizeKey( $skin );
383 $this->skin = $factory->makeSkin( $normalized );
384 }
385
386 // If this is still null (the hook didn't run or didn't work)
387 // then go through the normal processing to load a skin
388 if ( $this->skin === null ) {
389 if ( !in_array( 'skin', $this->getConfig()->get( 'HiddenPrefs' ) ) ) {
390 # get the user skin
391 $userSkin = $this->getUser()->getOption( 'skin' );
392 $userSkin = $this->getRequest()->getVal( 'useskin', $userSkin );
393 } else {
394 # if we're not allowing users to override, then use the default
395 $userSkin = $this->getConfig()->get( 'DefaultSkin' );
396 }
397
398 // Normalize the key in case the user is passing gibberish
399 // or has old preferences (T71566).
400 $normalized = Skin::normalizeKey( $userSkin );
401
402 // Skin::normalizeKey will also validate it, so
403 // this won't throw an exception
404 $this->skin = $factory->makeSkin( $normalized );
405 }
406
407 // After all that set a context on whatever skin got created
408 $this->skin->setContext( $this );
409 }
410
411 return $this->skin;
412 }
413
414 /**
415 * Get a Message object with context set
416 * Parameters are the same as wfMessage()
417 *
418 * @param string|string[]|MessageSpecifier $key Message key, or array of keys,
419 * or a MessageSpecifier.
420 * @param mixed $args,...
421 * @return Message
422 */
423 public function msg( $key ) {
424 $args = func_get_args();
425
426 return call_user_func_array( 'wfMessage', $args )->setContext( $this );
427 }
428
429 /**
430 * Get the RequestContext object associated with the main request
431 *
432 * @return RequestContext
433 */
434 public static function getMain() {
435 if ( self::$instance === null ) {
436 self::$instance = new self;
437 }
438
439 return self::$instance;
440 }
441
442 /**
443 * Get the RequestContext object associated with the main request
444 * and gives a warning to the log, to find places, where a context maybe is missing.
445 *
446 * @param string $func
447 * @return RequestContext
448 * @since 1.24
449 */
450 public static function getMainAndWarn( $func = __METHOD__ ) {
451 wfDebug( $func . ' called without context. ' .
452 "Using RequestContext::getMain() for sanity\n" );
453
454 return self::getMain();
455 }
456
457 /**
458 * Resets singleton returned by getMain(). Should be called only from unit tests.
459 */
460 public static function resetMain() {
461 if ( !( defined( 'MW_PHPUNIT_TEST' ) || defined( 'MW_PARSER_TEST' ) ) ) {
462 throw new MWException( __METHOD__ . '() should be called only from unit tests!' );
463 }
464 self::$instance = null;
465 }
466
467 /**
468 * Export the resolved user IP, HTTP headers, user ID, and session ID.
469 * The result will be reasonably sized to allow for serialization.
470 *
471 * @return array
472 * @since 1.21
473 */
474 public function exportSession() {
475 $session = MediaWiki\Session\SessionManager::getGlobalSession();
476 return [
477 'ip' => $this->getRequest()->getIP(),
478 'headers' => $this->getRequest()->getAllHeaders(),
479 'sessionId' => $session->isPersistent() ? $session->getId() : '',
480 'userId' => $this->getUser()->getId()
481 ];
482 }
483
484 /**
485 * Import an client IP address, HTTP headers, user ID, and session ID
486 *
487 * This sets the current session, $wgUser, and $wgRequest from $params.
488 * Once the return value falls out of scope, the old context is restored.
489 * This method should only be called in contexts where there is no session
490 * ID or end user receiving the response (CLI or HTTP job runners). This
491 * is partly enforced, and is done so to avoid leaking cookies if certain
492 * error conditions arise.
493 *
494 * This is useful when background scripts inherit context when acting on
495 * behalf of a user. In general the 'sessionId' parameter should be set
496 * to an empty string unless session importing is *truly* needed. This
497 * feature is somewhat deprecated.
498 *
499 * @note suhosin.session.encrypt may interfere with this method.
500 *
501 * @param array $params Result of RequestContext::exportSession()
502 * @return ScopedCallback
503 * @throws MWException
504 * @since 1.21
505 */
506 public static function importScopedSession( array $params ) {
507 if ( strlen( $params['sessionId'] ) &&
508 MediaWiki\Session\SessionManager::getGlobalSession()->isPersistent()
509 ) {
510 // Sanity check to avoid sending random cookies for the wrong users.
511 // This method should only called by CLI scripts or by HTTP job runners.
512 throw new MWException( "Sessions can only be imported when none is active." );
513 } elseif ( !IP::isValid( $params['ip'] ) ) {
514 throw new MWException( "Invalid client IP address '{$params['ip']}'." );
515 }
516
517 if ( $params['userId'] ) { // logged-in user
518 $user = User::newFromId( $params['userId'] );
519 $user->load();
520 if ( !$user->getId() ) {
521 throw new MWException( "No user with ID '{$params['userId']}'." );
522 }
523 } else { // anon user
524 $user = User::newFromName( $params['ip'], false );
525 }
526
527 $importSessionFunc = function ( User $user, array $params ) {
528 global $wgRequest, $wgUser;
529
530 $context = RequestContext::getMain();
531
532 // Commit and close any current session
533 if ( MediaWiki\Session\PHPSessionHandler::isEnabled() ) {
534 session_write_close(); // persist
535 session_id( '' ); // detach
536 $_SESSION = []; // clear in-memory array
537 }
538
539 // Get new session, if applicable
540 $session = null;
541 if ( strlen( $params['sessionId'] ) ) { // don't make a new random ID
542 $manager = MediaWiki\Session\SessionManager::singleton();
543 $session = $manager->getSessionById( $params['sessionId'], true )
544 ?: $manager->getEmptySession();
545 }
546
547 // Remove any user IP or agent information, and attach the request
548 // with the new session.
549 $context->setRequest( new FauxRequest( [], false, $session ) );
550 $wgRequest = $context->getRequest(); // b/c
551
552 // Now that all private information is detached from the user, it should
553 // be safe to load the new user. If errors occur or an exception is thrown
554 // and caught (leaving the main context in a mixed state), there is no risk
555 // of the User object being attached to the wrong IP, headers, or session.
556 $context->setUser( $user );
557 $wgUser = $context->getUser(); // b/c
558 if ( $session && MediaWiki\Session\PHPSessionHandler::isEnabled() ) {
559 session_id( $session->getId() );
560 MediaWiki\quietCall( 'session_start' );
561 }
562 $request = new FauxRequest( [], false, $session );
563 $request->setIP( $params['ip'] );
564 foreach ( $params['headers'] as $name => $value ) {
565 $request->setHeader( $name, $value );
566 }
567 // Set the current context to use the new WebRequest
568 $context->setRequest( $request );
569 $wgRequest = $context->getRequest(); // b/c
570 };
571
572 // Stash the old session and load in the new one
573 $oUser = self::getMain()->getUser();
574 $oParams = self::getMain()->exportSession();
575 $oRequest = self::getMain()->getRequest();
576 $importSessionFunc( $user, $params );
577
578 // Set callback to save and close the new session and reload the old one
579 return new ScopedCallback(
580 function () use ( $importSessionFunc, $oUser, $oParams, $oRequest ) {
581 global $wgRequest;
582 $importSessionFunc( $oUser, $oParams );
583 // Restore the exact previous Request object (instead of leaving FauxRequest)
584 RequestContext::getMain()->setRequest( $oRequest );
585 $wgRequest = RequestContext::getMain()->getRequest(); // b/c
586 }
587 );
588 }
589
590 /**
591 * Create a new extraneous context. The context is filled with information
592 * external to the current session.
593 * - Title is specified by argument
594 * - Request is a FauxRequest, or a FauxRequest can be specified by argument
595 * - User is an anonymous user, for separation IPv4 localhost is used
596 * - Language will be based on the anonymous user and request, may be content
597 * language or a uselang param in the fauxrequest data may change the lang
598 * - Skin will be based on the anonymous user, should be the wiki's default skin
599 *
600 * @param Title $title Title to use for the extraneous request
601 * @param WebRequest|array $request A WebRequest or data to use for a FauxRequest
602 * @return RequestContext
603 */
604 public static function newExtraneousContext( Title $title, $request = [] ) {
605 $context = new self;
606 $context->setTitle( $title );
607 if ( $request instanceof WebRequest ) {
608 $context->setRequest( $request );
609 } else {
610 $context->setRequest( new FauxRequest( $request ) );
611 }
612 $context->user = User::newFromName( '127.0.0.1', false );
613
614 return $context;
615 }
616 }
Wiklou, le Wiki du Wiklou