dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "registration: Only allow one extension to set a specific config setting"
[lhc/web/wiklou.git] / includes / context / RequestContext.php
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
17 *
18 * @since 1.18
19 *
20 * @author Alexandre Emsenhuber
21 * @author Daniel Friesen
22 * @file
23 */
24
25 use MediaWiki\Logger\LoggerFactory;
26 use MediaWiki\MediaWikiServices;
27 use Wikimedia\ScopedCallback;
28
29 /**
30 * Group all the pieces relevant to the context of a request into one instance
31 */
32 class RequestContext implements IContextSource, MutableContext {
33 /**
34 * @var WebRequest
35 */
36 private $request;
37
38 /**
39 * @var Title
40 */
41 private $title;
42
43 /**
44 * @var WikiPage
45 */
46 private $wikipage;
47
48 /**
49 * @var OutputPage
50 */
51 private $output;
52
53 /**
54 * @var User
55 */
56 private $user;
57
58 /**
59 * @var Language
60 */
61 private $lang;
62
63 /**
64 * @var Skin
65 */
66 private $skin;
67
68 /**
69 * @var Timing
70 */
71 private $timing;
72
73 /**
74 * @var Config
75 */
76 private $config;
77
78 /**
79 * @var RequestContext
80 */
81 private static $instance = null;
82
83 /**
84 * Set the Config object
85 *
86 * @param Config $c
87 */
88 public function setConfig( Config $c ) {
89 $this->config = $c;
90 }
91
92 /**
93 * Get the Config object
94 *
95 * @return Config
96 */
97 public function getConfig() {
98 if ( $this->config === null ) {
99 // @todo In the future, we could move this to WebStart.php so
100 // the Config object is ready for when initialization happens
101 $this->config = MediaWikiServices::getInstance()->getMainConfig();
102 }
103
104 return $this->config;
105 }
106
107 /**
108 * Set the WebRequest object
109 *
110 * @param WebRequest $r
111 */
112 public function setRequest( WebRequest $r ) {
113 $this->request = $r;
114 }
115
116 /**
117 * Get the WebRequest object
118 *
119 * @return WebRequest
120 */
121 public function getRequest() {
122 if ( $this->request === null ) {
123 global $wgCommandLineMode;
124 // create the WebRequest object on the fly
125 if ( $wgCommandLineMode ) {
126 $this->request = new FauxRequest( [] );
127 } else {
128 $this->request = new WebRequest();
129 }
130 }
131
132 return $this->request;
133 }
134
135 /**
136 * Get the Stats object
137 *
138 * @deprecated since 1.27 use a StatsdDataFactory from MediaWikiServices (preferably injected)
139 *
140 * @return IBufferingStatsdDataFactory
141 */
142 public function getStats() {
143 return MediaWikiServices::getInstance()->getStatsdDataFactory();
144 }
145
146 /**
147 * Get the timing object
148 *
149 * @return Timing
150 */
151 public function getTiming() {
152 if ( $this->timing === null ) {
153 $this->timing = new Timing( [
154 'logger' => LoggerFactory::getInstance( 'Timing' )
155 ] );
156 }
157 return $this->timing;
158 }
159
160 /**
161 * Set the Title object
162 *
163 * @param Title|null $title
164 */
165 public function setTitle( Title $title = null ) {
166 $this->title = $title;
167 // Erase the WikiPage so a new one with the new title gets created.
168 $this->wikipage = null;
169 }
170
171 /**
172 * Get the Title object
173 *
174 * @return Title|null
175 */
176 public function getTitle() {
177 if ( $this->title === null ) {
178 global $wgTitle; # fallback to $wg till we can improve this
179 $this->title = $wgTitle;
180 wfDebugLog(
181 'GlobalTitleFail',
182 __METHOD__ . ' called by ' . wfGetAllCallers( 5 ) . ' with no title set.'
183 );
184 }
185
186 return $this->title;
187 }
188
189 /**
190 * Check, if a Title object is set
191 *
192 * @since 1.25
193 * @return bool
194 */
195 public function hasTitle() {
196 return $this->title !== null;
197 }
198
199 /**
200 * Check whether a WikiPage object can be get with getWikiPage().
201 * Callers should expect that an exception is thrown from getWikiPage()
202 * if this method returns false.
203 *
204 * @since 1.19
205 * @return bool
206 */
207 public function canUseWikiPage() {
208 if ( $this->wikipage ) {
209 // If there's a WikiPage object set, we can for sure get it
210 return true;
211 }
212 // Only pages with legitimate titles can have WikiPages.
213 // That usually means pages in non-virtual namespaces.
214 $title = $this->getTitle();
215 return $title ? $title->canExist() : false;
216 }
217
218 /**
219 * Set the WikiPage object
220 *
221 * @since 1.19
222 * @param WikiPage $p
223 */
224 public function setWikiPage( WikiPage $p ) {
225 $pageTitle = $p->getTitle();
226 if ( !$this->hasTitle() || !$pageTitle->equals( $this->getTitle() ) ) {
227 $this->setTitle( $pageTitle );
228 }
229 // Defer this to the end since setTitle sets it to null.
230 $this->wikipage = $p;
231 }
232
233 /**
234 * Get the WikiPage object.
235 * May throw an exception if there's no Title object set or the Title object
236 * belongs to a special namespace that doesn't have WikiPage, so use first
237 * canUseWikiPage() to check whether this method can be called safely.
238 *
239 * @since 1.19
240 * @throws MWException
241 * @return WikiPage
242 */
243 public function getWikiPage() {
244 if ( $this->wikipage === null ) {
245 $title = $this->getTitle();
246 if ( $title === null ) {
247 throw new MWException( __METHOD__ . ' called without Title object set' );
248 }
249 $this->wikipage = WikiPage::factory( $title );
250 }
251
252 return $this->wikipage;
253 }
254
255 /**
256 * @param OutputPage $o
257 */
258 public function setOutput( OutputPage $o ) {
259 $this->output = $o;
260 }
261
262 /**
263 * Get the OutputPage object
264 *
265 * @return OutputPage
266 */
267 public function getOutput() {
268 if ( $this->output === null ) {
269 $this->output = new OutputPage( $this );
270 }
271
272 return $this->output;
273 }
274
275 /**
276 * Set the User object
277 *
278 * @param User $u
279 */
280 public function setUser( User $u ) {
281 $this->user = $u;
282 }
283
284 /**
285 * Get the User object
286 *
287 * @return User
288 */
289 public function getUser() {
290 if ( $this->user === null ) {
291 $this->user = User::newFromSession( $this->getRequest() );
292 }
293
294 return $this->user;
295 }
296
297 /**
298 * Accepts a language code and ensures it's sane. Outputs a cleaned up language
299 * code and replaces with $wgLanguageCode if not sane.
300 * @param string $code Language code
301 * @return string
302 */
303 public static function sanitizeLangCode( $code ) {
304 global $wgLanguageCode;
305
306 // BCP 47 - letter case MUST NOT carry meaning
307 $code = strtolower( $code );
308
309 # Validate $code
310 if ( !$code || !Language::isValidCode( $code ) || $code === 'qqq' ) {
311 wfDebug( "Invalid user language code\n" );
312 $code = $wgLanguageCode;
313 }
314
315 return $code;
316 }
317
318 /**
319 * Set the Language object
320 *
321 * @param Language|string $l Language instance or language code
322 * @throws MWException
323 * @since 1.19
324 */
325 public function setLanguage( $l ) {
326 if ( $l instanceof Language ) {
327 $this->lang = $l;
328 } elseif ( is_string( $l ) ) {
329 $l = self::sanitizeLangCode( $l );
330 $obj = Language::factory( $l );
331 $this->lang = $obj;
332 } else {
333 throw new MWException( __METHOD__ . " was passed an invalid type of data." );
334 }
335 }
336
337 /**
338 * Get the Language object.
339 * Initialization of user or request objects can depend on this.
340 * @return Language
341 * @throws Exception
342 * @since 1.19
343 */
344 public function getLanguage() {
345 if ( isset( $this->recursion ) ) {
346 trigger_error( "Recursion detected in " . __METHOD__, E_USER_WARNING );
347 $e = new Exception;
348 wfDebugLog( 'recursion-guard', "Recursion detected:\n" . $e->getTraceAsString() );
349
350 $code = $this->getConfig()->get( 'LanguageCode' ) ?: 'en';
351 $this->lang = Language::factory( $code );
352 } elseif ( $this->lang === null ) {
353 $this->recursion = true;
354
355 global $wgContLang;
356
357 try {
358 $request = $this->getRequest();
359 $user = $this->getUser();
360
361 $code = $request->getVal( 'uselang', 'user' );
362 if ( $code === 'user' ) {
363 $code = $user->getOption( 'language' );
364 }
365 $code = self::sanitizeLangCode( $code );
366
367 Hooks::run( 'UserGetLanguageObject', [ $user, &$code, $this ] );
368
369 if ( $code === $this->getConfig()->get( 'LanguageCode' ) ) {
370 $this->lang = $wgContLang;
371 } else {
372 $obj = Language::factory( $code );
373 $this->lang = $obj;
374 }
375
376 unset( $this->recursion );
377 }
378 catch ( Exception $ex ) {
379 unset( $this->recursion );
380 throw $ex;
381 }
382 }
383
384 return $this->lang;
385 }
386
387 /**
388 * Set the Skin object
389 *
390 * @param Skin $s
391 */
392 public function setSkin( Skin $s ) {
393 $this->skin = clone $s;
394 $this->skin->setContext( $this );
395 }
396
397 /**
398 * Get the Skin object
399 *
400 * @return Skin
401 */
402 public function getSkin() {
403 if ( $this->skin === null ) {
404 $skin = null;
405 Hooks::run( 'RequestContextCreateSkin', [ $this, &$skin ] );
406 $factory = SkinFactory::getDefaultInstance();
407
408 // If the hook worked try to set a skin from it
409 if ( $skin instanceof Skin ) {
410 $this->skin = $skin;
411 } elseif ( is_string( $skin ) ) {
412 // Normalize the key, just in case the hook did something weird.
413 $normalized = Skin::normalizeKey( $skin );
414 $this->skin = $factory->makeSkin( $normalized );
415 }
416
417 // If this is still null (the hook didn't run or didn't work)
418 // then go through the normal processing to load a skin
419 if ( $this->skin === null ) {
420 if ( !in_array( 'skin', $this->getConfig()->get( 'HiddenPrefs' ) ) ) {
421 # get the user skin
422 $userSkin = $this->getUser()->getOption( 'skin' );
423 $userSkin = $this->getRequest()->getVal( 'useskin', $userSkin );
424 } else {
425 # if we're not allowing users to override, then use the default
426 $userSkin = $this->getConfig()->get( 'DefaultSkin' );
427 }
428
429 // Normalize the key in case the user is passing gibberish
430 // or has old preferences (T71566).
431 $normalized = Skin::normalizeKey( $userSkin );
432
433 // Skin::normalizeKey will also validate it, so
434 // this won't throw an exception
435 $this->skin = $factory->makeSkin( $normalized );
436 }
437
438 // After all that set a context on whatever skin got created
439 $this->skin->setContext( $this );
440 }
441
442 return $this->skin;
443 }
444
445 /** Helpful methods **/
446
447 /**
448 * Get a Message object with context set
449 * Parameters are the same as wfMessage()
450 *
451 * @param string|string[]|MessageSpecifier $key Message key, or array of keys,
452 * or a MessageSpecifier.
453 * @param mixed $args,...
454 * @return Message
455 */
456 public function msg( $key ) {
457 $args = func_get_args();
458
459 return call_user_func_array( 'wfMessage', $args )->setContext( $this );
460 }
461
462 /** Static methods **/
463
464 /**
465 * Get the RequestContext object associated with the main request
466 *
467 * @return RequestContext
468 */
469 public static function getMain() {
470 if ( self::$instance === null ) {
471 self::$instance = new self;
472 }
473
474 return self::$instance;
475 }
476
477 /**
478 * Get the RequestContext object associated with the main request
479 * and gives a warning to the log, to find places, where a context maybe is missing.
480 *
481 * @param string $func
482 * @return RequestContext
483 * @since 1.24
484 */
485 public static function getMainAndWarn( $func = __METHOD__ ) {
486 wfDebug( $func . ' called without context. ' .
487 "Using RequestContext::getMain() for sanity\n" );
488
489 return self::getMain();
490 }
491
492 /**
493 * Resets singleton returned by getMain(). Should be called only from unit tests.
494 */
495 public static function resetMain() {
496 if ( !( defined( 'MW_PHPUNIT_TEST' ) || defined( 'MW_PARSER_TEST' ) ) ) {
497 throw new MWException( __METHOD__ . '() should be called only from unit tests!' );
498 }
499 self::$instance = null;
500 }
501
502 /**
503 * Export the resolved user IP, HTTP headers, user ID, and session ID.
504 * The result will be reasonably sized to allow for serialization.
505 *
506 * @return array
507 * @since 1.21
508 */
509 public function exportSession() {
510 $session = MediaWiki\Session\SessionManager::getGlobalSession();
511 return [
512 'ip' => $this->getRequest()->getIP(),
513 'headers' => $this->getRequest()->getAllHeaders(),
514 'sessionId' => $session->isPersistent() ? $session->getId() : '',
515 'userId' => $this->getUser()->getId()
516 ];
517 }
518
519 /**
520 * Import an client IP address, HTTP headers, user ID, and session ID
521 *
522 * This sets the current session, $wgUser, and $wgRequest from $params.
523 * Once the return value falls out of scope, the old context is restored.
524 * This method should only be called in contexts where there is no session
525 * ID or end user receiving the response (CLI or HTTP job runners). This
526 * is partly enforced, and is done so to avoid leaking cookies if certain
527 * error conditions arise.
528 *
529 * This is useful when background scripts inherit context when acting on
530 * behalf of a user. In general the 'sessionId' parameter should be set
531 * to an empty string unless session importing is *truly* needed. This
532 * feature is somewhat deprecated.
533 *
534 * @note suhosin.session.encrypt may interfere with this method.
535 *
536 * @param array $params Result of RequestContext::exportSession()
537 * @return ScopedCallback
538 * @throws MWException
539 * @since 1.21
540 */
541 public static function importScopedSession( array $params ) {
542 if ( strlen( $params['sessionId'] ) &&
543 MediaWiki\Session\SessionManager::getGlobalSession()->isPersistent()
544 ) {
545 // Sanity check to avoid sending random cookies for the wrong users.
546 // This method should only called by CLI scripts or by HTTP job runners.
547 throw new MWException( "Sessions can only be imported when none is active." );
548 } elseif ( !IP::isValid( $params['ip'] ) ) {
549 throw new MWException( "Invalid client IP address '{$params['ip']}'." );
550 }
551
552 if ( $params['userId'] ) { // logged-in user
553 $user = User::newFromId( $params['userId'] );
554 $user->load();
555 if ( !$user->getId() ) {
556 throw new MWException( "No user with ID '{$params['userId']}'." );
557 }
558 } else { // anon user
559 $user = User::newFromName( $params['ip'], false );
560 }
561
562 $importSessionFunc = function ( User $user, array $params ) {
563 global $wgRequest, $wgUser;
564
565 $context = RequestContext::getMain();
566
567 // Commit and close any current session
568 if ( MediaWiki\Session\PHPSessionHandler::isEnabled() ) {
569 session_write_close(); // persist
570 session_id( '' ); // detach
571 $_SESSION = []; // clear in-memory array
572 }
573
574 // Get new session, if applicable
575 $session = null;
576 if ( strlen( $params['sessionId'] ) ) { // don't make a new random ID
577 $manager = MediaWiki\Session\SessionManager::singleton();
578 $session = $manager->getSessionById( $params['sessionId'], true )
579 ?: $manager->getEmptySession();
580 }
581
582 // Remove any user IP or agent information, and attach the request
583 // with the new session.
584 $context->setRequest( new FauxRequest( [], false, $session ) );
585 $wgRequest = $context->getRequest(); // b/c
586
587 // Now that all private information is detached from the user, it should
588 // be safe to load the new user. If errors occur or an exception is thrown
589 // and caught (leaving the main context in a mixed state), there is no risk
590 // of the User object being attached to the wrong IP, headers, or session.
591 $context->setUser( $user );
592 $wgUser = $context->getUser(); // b/c
593 if ( $session && MediaWiki\Session\PHPSessionHandler::isEnabled() ) {
594 session_id( $session->getId() );
595 MediaWiki\quietCall( 'session_start' );
596 }
597 $request = new FauxRequest( [], false, $session );
598 $request->setIP( $params['ip'] );
599 foreach ( $params['headers'] as $name => $value ) {
600 $request->setHeader( $name, $value );
601 }
602 // Set the current context to use the new WebRequest
603 $context->setRequest( $request );
604 $wgRequest = $context->getRequest(); // b/c
605 };
606
607 // Stash the old session and load in the new one
608 $oUser = self::getMain()->getUser();
609 $oParams = self::getMain()->exportSession();
610 $oRequest = self::getMain()->getRequest();
611 $importSessionFunc( $user, $params );
612
613 // Set callback to save and close the new session and reload the old one
614 return new ScopedCallback(
615 function () use ( $importSessionFunc, $oUser, $oParams, $oRequest ) {
616 global $wgRequest;
617 $importSessionFunc( $oUser, $oParams );
618 // Restore the exact previous Request object (instead of leaving FauxRequest)
619 RequestContext::getMain()->setRequest( $oRequest );
620 $wgRequest = RequestContext::getMain()->getRequest(); // b/c
621 }
622 );
623 }
624
625 /**
626 * Create a new extraneous context. The context is filled with information
627 * external to the current session.
628 * - Title is specified by argument
629 * - Request is a FauxRequest, or a FauxRequest can be specified by argument
630 * - User is an anonymous user, for separation IPv4 localhost is used
631 * - Language will be based on the anonymous user and request, may be content
632 * language or a uselang param in the fauxrequest data may change the lang
633 * - Skin will be based on the anonymous user, should be the wiki's default skin
634 *
635 * @param Title $title Title to use for the extraneous request
636 * @param WebRequest|array $request A WebRequest or data to use for a FauxRequest
637 * @return RequestContext
638 */
639 public static function newExtraneousContext( Title $title, $request = [] ) {
640 $context = new self;
641 $context->setTitle( $title );
642 if ( $request instanceof WebRequest ) {
643 $context->setRequest( $request );
644 } else {
645 $context->setRequest( new FauxRequest( $request ) );
646 }
647 $context->user = User::newFromName( '127.0.0.1', false );
648
649 return $context;
650 }
651 }
Wiklou, le Wiki du Wiklou