/**
* Contain classes to list log entries
*
- * Copyright © 2004 Brion Vibber <brion@pobox.com>, 2008 Aaron Schulz
+ * Copyright © 2004 Brion Vibber <brion@pobox.com>
* https://www.mediawiki.org/
*
* This program is free software; you can redistribute it and/or modify
/** @var string */
private $action = '';
+ /** @var bool */
+ private $performerRestrictionsEnforced = false;
+
+ /** @var bool */
+ private $actionRestrictionsEnforced = false;
+
/** @var LogEventsList */
public $mLogEventsList;
/**
- * Constructor
- *
* @param LogEventsList $list
* @param string|array $types Log types to show
* @param string $performer The user who made the log entries
return $filters;
}
foreach ( $wgFilterLogTypes as $type => $default ) {
- // Avoid silly filtering
- if ( $type !== 'patrol' || $this->getUser()->useNPPatrol() ) {
- $hide = $this->getRequest()->getInt( "hide_{$type}_log", $default );
- $filters[$type] = $hide;
- if ( $hide ) {
- $this->mConds[] = 'log_type != ' . $this->mDb->addQuotes( $type );
- }
+ $hide = $this->getRequest()->getInt( "hide_{$type}_log", $default );
+
+ $filters[$type] = $hide;
+ if ( $hide ) {
+ $this->mConds[] = 'log_type != ' . $this->mDb->addQuotes( $type );
}
}
} else {
$this->mConds['log_user'] = $userid;
}
- // Paranoia: avoid brute force searches (T19342)
- $user = $this->getUser();
- if ( !$user->isAllowed( 'deletedhistory' ) ) {
- $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_USER ) . ' = 0';
- } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
- $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_USER ) .
- ' != ' . LogPage::SUPPRESSED_USER;
- }
+ $this->enforcePerformerRestrictions();
$this->performer = $name;
}
} else {
$this->mConds['log_title'] = $title->getDBkey();
}
- // Paranoia: avoid brute force searches (T19342)
- $user = $this->getUser();
- if ( !$user->isAllowed( 'deletedhistory' ) ) {
- $this->mConds[] = $db->bitAnd( 'log_deleted', LogPage::DELETED_ACTION ) . ' = 0';
- } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
- $this->mConds[] = $db->bitAnd( 'log_deleted', LogPage::SUPPRESSED_ACTION ) .
- ' != ' . LogPage::SUPPRESSED_ACTION;
- }
+ $this->enforceActionRestrictions();
}
/**
$options = $basic['options'];
$joins = $basic['join_conds'];
- $index = [];
# Add log_search table if there are conditions on it.
# This filters the results to only include log rows that have
# log_search records with the specified ls_field and ls_value values.
if ( array_key_exists( 'ls_field', $this->mConds ) ) {
$tables[] = 'log_search';
- $index['log_search'] = 'ls_field_val';
- $index['logging'] = 'PRIMARY';
+ $options['IGNORE INDEX'] = [ 'log_search' => 'ls_log_id' ];
+ $options['USE INDEX'] = [ 'logging' => 'PRIMARY' ];
if ( !$this->hasEqualsClause( 'ls_field' )
|| !$this->hasEqualsClause( 'ls_value' )
) {
$options[] = 'DISTINCT';
}
}
- if ( count( $index ) ) {
- $options['USE INDEX'] = $index;
- }
# Don't show duplicate rows when using log_search
$joins['log_search'] = [ 'INNER JOIN', 'ls_log_id=log_id' ];
parent::doQuery();
$this->mDb->setBigSelects( 'default' );
}
+
+ /**
+ * Paranoia: avoid brute force searches (T19342)
+ */
+ private function enforceActionRestrictions() {
+ if ( $this->actionRestrictionsEnforced ) {
+ return;
+ }
+ $this->actionRestrictionsEnforced = true;
+ $user = $this->getUser();
+ if ( !$user->isAllowed( 'deletedhistory' ) ) {
+ $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_USER ) . ' = 0';
+ } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
+ $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_USER ) .
+ ' != ' . LogPage::SUPPRESSED_USER;
+ }
+ }
+
+ /**
+ * Paranoia: avoid brute force searches (T19342)
+ */
+ private function enforcePerformerRestrictions() {
+ // Same as enforceActionRestrictions(), except for _USER instead of _ACTION bits.
+ if ( $this->performerRestrictionsEnforced ) {
+ return;
+ }
+ $this->performerRestrictionsEnforced = true;
+ $user = $this->getUser();
+ if ( !$user->isAllowed( 'deletedhistory' ) ) {
+ $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_ACTION ) . ' = 0';
+ } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
+ $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_ACTION ) .
+ ' != ' . LogPage::SUPPRESSED_ACTION;
+ }
+ }
}