dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Paranoia, escape image alignment parameters before outputting."
[lhc/web/wiklou.git] / includes / specials / SpecialListgrouprights.php
1 <?php
2 /**
3 * Implements Special:Listgrouprights
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 use MediaWiki\MediaWikiServices;
25
26 /**
27 * This special page lists all defined user groups and the associated rights.
28 * See also @ref $wgGroupPermissions.
29 *
30 * @ingroup SpecialPage
31 * @author Petr Kadlec <mormegil@centrum.cz>
32 */
33 class SpecialListGroupRights extends SpecialPage {
34 public function __construct() {
35 parent::__construct( 'Listgrouprights' );
36 }
37
38 /**
39 * Show the special page
40 * @param string|null $par
41 */
42 public function execute( $par ) {
43 $this->setHeaders();
44 $this->outputHeader();
45
46 $out = $this->getOutput();
47 $out->addModuleStyles( 'mediawiki.special' );
48
49 $out->wrapWikiMsg( "<div class=\"mw-listgrouprights-key\">\n$1\n</div>", 'listgrouprights-key' );
50
51 $out->addHTML(
52 Xml::openElement( 'table', [ 'class' => 'wikitable mw-listgrouprights-table' ] ) .
53 '<tr>' .
54 Xml::element( 'th', null, $this->msg( 'listgrouprights-group' )->text() ) .
55 Xml::element( 'th', null, $this->msg( 'listgrouprights-rights' )->text() ) .
56 '</tr>'
57 );
58
59 $config = $this->getConfig();
60 $groupPermissions = $config->get( 'GroupPermissions' );
61 $revokePermissions = $config->get( 'RevokePermissions' );
62 $addGroups = $config->get( 'AddGroups' );
63 $removeGroups = $config->get( 'RemoveGroups' );
64 $groupsAddToSelf = $config->get( 'GroupsAddToSelf' );
65 $groupsRemoveFromSelf = $config->get( 'GroupsRemoveFromSelf' );
66 $allGroups = array_unique( array_merge(
67 array_keys( $groupPermissions ),
68 array_keys( $revokePermissions ),
69 array_keys( $addGroups ),
70 array_keys( $removeGroups ),
71 array_keys( $groupsAddToSelf ),
72 array_keys( $groupsRemoveFromSelf )
73 ) );
74 asort( $allGroups );
75
76 $linkRenderer = $this->getLinkRenderer();
77
78 foreach ( $allGroups as $group ) {
79 $permissions = $groupPermissions[$group] ?? [];
80 $groupname = ( $group == '*' ) // Replace * with a more descriptive groupname
81 ? 'all'
82 : $group;
83
84 $groupnameLocalized = UserGroupMembership::getGroupName( $groupname );
85
86 $grouppageLocalizedTitle = UserGroupMembership::getGroupPage( $groupname )
87 ?: Title::newFromText( MWNamespace::getCanonicalName( NS_PROJECT ) . ':' . $groupname );
88
89 if ( $group == '*' || !$grouppageLocalizedTitle ) {
90 // Do not make a link for the generic * group or group with invalid group page
91 $grouppage = htmlspecialchars( $groupnameLocalized );
92 } else {
93 $grouppage = $linkRenderer->makeLink(
94 $grouppageLocalizedTitle,
95 $groupnameLocalized
96 );
97 }
98
99 if ( $group === 'user' ) {
100 // Link to Special:listusers for implicit group 'user'
101 $grouplink = '<br />' . $linkRenderer->makeKnownLink(
102 SpecialPage::getTitleFor( 'Listusers' ),
103 $this->msg( 'listgrouprights-members' )->text()
104 );
105 } elseif ( !in_array( $group, $config->get( 'ImplicitGroups' ) ) ) {
106 $grouplink = '<br />' . $linkRenderer->makeKnownLink(
107 SpecialPage::getTitleFor( 'Listusers' ),
108 $this->msg( 'listgrouprights-members' )->text(),
109 [],
110 [ 'group' => $group ]
111 );
112 } else {
113 // No link to Special:listusers for other implicit groups as they are unlistable
114 $grouplink = '';
115 }
116
117 $revoke = $revokePermissions[$group] ?? [];
118 $addgroups = $addGroups[$group] ?? [];
119 $removegroups = $removeGroups[$group] ?? [];
120 $addgroupsSelf = $groupsAddToSelf[$group] ?? [];
121 $removegroupsSelf = $groupsRemoveFromSelf[$group] ?? [];
122
123 $id = $group == '*' ? false : Sanitizer::escapeIdForAttribute( $group );
124 $out->addHTML( Html::rawElement( 'tr', [ 'id' => $id ], "
125 <td>$grouppage$grouplink</td>
126 <td>" .
127 $this->formatPermissions( $permissions, $revoke, $addgroups, $removegroups,
128 $addgroupsSelf, $removegroupsSelf ) .
129 '</td>
130 '
131 ) );
132 }
133 $out->addHTML( Xml::closeElement( 'table' ) );
134 $this->outputNamespaceProtectionInfo();
135 }
136
137 private function outputNamespaceProtectionInfo() {
138 $out = $this->getOutput();
139 $namespaceProtection = $this->getConfig()->get( 'NamespaceProtection' );
140
141 if ( count( $namespaceProtection ) == 0 ) {
142 return;
143 }
144
145 $header = $this->msg( 'listgrouprights-namespaceprotection-header' )->text();
146 $out->addHTML(
147 Html::rawElement( 'h2', [], Html::element( 'span', [
148 'class' => 'mw-headline',
149 'id' => substr( Parser::guessSectionNameFromStrippedText( $header ), 1 )
150 ], $header ) ) .
151 Xml::openElement( 'table', [ 'class' => 'wikitable' ] ) .
152 Html::element(
153 'th',
154 [],
155 $this->msg( 'listgrouprights-namespaceprotection-namespace' )->text()
156 ) .
157 Html::element(
158 'th',
159 [],
160 $this->msg( 'listgrouprights-namespaceprotection-restrictedto' )->text()
161 )
162 );
163 $linkRenderer = $this->getLinkRenderer();
164 ksort( $namespaceProtection );
165 $validNamespaces = MWNamespace::getValidNamespaces();
166 $contLang = MediaWikiServices::getInstance()->getContentLanguage();
167 foreach ( $namespaceProtection as $namespace => $rights ) {
168 if ( !in_array( $namespace, $validNamespaces ) ) {
169 continue;
170 }
171
172 if ( $namespace == NS_MAIN ) {
173 $namespaceText = $this->msg( 'blanknamespace' )->text();
174 } else {
175 $namespaceText = $contLang->convertNamespace( $namespace );
176 }
177
178 $out->addHTML(
179 Xml::openElement( 'tr' ) .
180 Html::rawElement(
181 'td',
182 [],
183 $linkRenderer->makeLink(
184 SpecialPage::getTitleFor( 'Allpages' ),
185 $namespaceText,
186 [],
187 [ 'namespace' => $namespace ]
188 )
189 ) .
190 Xml::openElement( 'td' ) . Xml::openElement( 'ul' )
191 );
192
193 if ( !is_array( $rights ) ) {
194 $rights = [ $rights ];
195 }
196
197 foreach ( $rights as $right ) {
198 $out->addHTML(
199 Html::rawElement( 'li', [], $this->msg(
200 'listgrouprights-right-display',
201 User::getRightDescription( $right ),
202 Html::element(
203 'span',
204 [ 'class' => 'mw-listgrouprights-right-name' ],
205 $right
206 )
207 )->parse() )
208 );
209 }
210
211 $out->addHTML(
212 Xml::closeElement( 'ul' ) .
213 Xml::closeElement( 'td' ) .
214 Xml::closeElement( 'tr' )
215 );
216 }
217 $out->addHTML( Xml::closeElement( 'table' ) );
218 }
219
220 /**
221 * Create a user-readable list of permissions from the given array.
222 *
223 * @param array $permissions Array of permission => bool (from $wgGroupPermissions items)
224 * @param array $revoke Array of permission => bool (from $wgRevokePermissions items)
225 * @param array $add Array of groups this group is allowed to add or true
226 * @param array $remove Array of groups this group is allowed to remove or true
227 * @param array $addSelf Array of groups this group is allowed to add to self or true
228 * @param array $removeSelf Array of group this group is allowed to remove from self or true
229 * @return string HTML list of all granted permissions
230 */
231 private function formatPermissions( $permissions, $revoke, $add, $remove, $addSelf, $removeSelf ) {
232 $r = [];
233 foreach ( $permissions as $permission => $granted ) {
234 // show as granted only if it isn't revoked to prevent duplicate display of permissions
235 if ( $granted && ( !isset( $revoke[$permission] ) || !$revoke[$permission] ) ) {
236 $r[] = $this->msg( 'listgrouprights-right-display',
237 User::getRightDescription( $permission ),
238 '<span class="mw-listgrouprights-right-name">' . $permission . '</span>'
239 )->parse();
240 }
241 }
242 foreach ( $revoke as $permission => $revoked ) {
243 if ( $revoked ) {
244 $r[] = $this->msg( 'listgrouprights-right-revoked',
245 User::getRightDescription( $permission ),
246 '<span class="mw-listgrouprights-right-name">' . $permission . '</span>'
247 )->parse();
248 }
249 }
250
251 sort( $r );
252
253 $lang = $this->getLanguage();
254 $allGroups = User::getAllGroups();
255
256 $changeGroups = [
257 'addgroup' => $add,
258 'removegroup' => $remove,
259 'addgroup-self' => $addSelf,
260 'removegroup-self' => $removeSelf
261 ];
262
263 foreach ( $changeGroups as $messageKey => $changeGroup ) {
264 if ( $changeGroup === true ) {
265 // For grep: listgrouprights-addgroup-all, listgrouprights-removegroup-all,
266 // listgrouprights-addgroup-self-all, listgrouprights-removegroup-self-all
267 $r[] = $this->msg( 'listgrouprights-' . $messageKey . '-all' )->escaped();
268 } elseif ( is_array( $changeGroup ) ) {
269 $changeGroup = array_intersect( array_values( array_unique( $changeGroup ) ), $allGroups );
270 if ( count( $changeGroup ) ) {
271 $groupLinks = [];
272 foreach ( $changeGroup as $group ) {
273 $groupLinks[] = UserGroupMembership::getLink( $group, $this->getContext(), 'wiki' );
274 }
275 // For grep: listgrouprights-addgroup, listgrouprights-removegroup,
276 // listgrouprights-addgroup-self, listgrouprights-removegroup-self
277 $r[] = $this->msg( 'listgrouprights-' . $messageKey,
278 $lang->listToText( $groupLinks ), count( $changeGroup ) )->parse();
279 }
280 }
281 }
282
283 if ( empty( $r ) ) {
284 return '';
285 } else {
286 return '<ul><li>' . implode( "</li>\n<li>", $r ) . '</li></ul>';
287 }
288 }
289
290 protected function getGroupName() {
291 return 'users';
292 }
293 }
Wiklou, le Wiki du Wiklou