X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=includes%2Fapi%2FApiQueryFilearchive.php;h=c84f45791889986b36d91b3a6005218546445956;hp=8e464d01950b97c73d32ee8a413409cd602e904a;hb=a1ef77b2d80830fbcb617a83961d78cff9d6e384;hpb=b6fecdf6feeb785a8d72c8467e25bcd30261baa5 diff --git a/includes/api/ApiQueryFilearchive.php b/includes/api/ApiQueryFilearchive.php index 8e464d0195..c84f457918 100644 --- a/includes/api/ApiQueryFilearchive.php +++ b/includes/api/ApiQueryFilearchive.php @@ -38,9 +38,6 @@ class ApiQueryFilearchive extends ApiQueryBase { } public function execute() { - // Before doing anything at all, let's check permissions - $this->checkUserRightsAny( 'deletedhistory' ); - $user = $this->getUser(); $db = $this->getDB(); $commentStore = CommentStore::getStore(); @@ -60,6 +57,17 @@ class ApiQueryFilearchive extends ApiQueryBase { $fld_bitdepth = isset( $prop['bitdepth'] ); $fld_archivename = isset( $prop['archivename'] ); + if ( $fld_description && + !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) + ) { + $this->dieWithError( 'apierror-cantview-deleted-description', 'permissiondenied' ); + } + if ( $fld_metadata && + !$this->getPermissionManager()->userHasAnyRight( $user, 'deletedtext', 'undelete' ) + ) { + $this->dieWithError( 'apierror-cantview-deleted-metadata', 'permissiondenied' ); + } + $fileQuery = ArchivedFile::getQueryInfo(); $this->addTables( $fileQuery['tables'] ); $this->addFields( $fileQuery['fields'] ); @@ -110,21 +118,22 @@ class ApiQueryFilearchive extends ApiQueryBase { } if ( $sha1 ) { $this->addWhereFld( 'fa_sha1', $sha1 ); + // Paranoia: avoid brute force searches (T19342) + if ( !$this->getPermissionManager()->userHasRight( $user, 'deletedtext' ) ) { + $bitmask = File::DELETED_FILE; + } elseif ( !$this->getPermissionManager() + ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) + ) { + $bitmask = File::DELETED_FILE | File::DELETED_RESTRICTED; + } else { + $bitmask = 0; + } + if ( $bitmask ) { + $this->addWhere( $this->getDB()->bitAnd( 'fa_deleted', $bitmask ) . " != $bitmask" ); + } } } - // Exclude files this user can't view. - if ( !$user->isAllowed( 'deletedtext' ) ) { - $bitmask = File::DELETED_FILE; - } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) { - $bitmask = File::DELETED_FILE | File::DELETED_RESTRICTED; - } else { - $bitmask = 0; - } - if ( $bitmask ) { - $this->addWhere( $this->getDB()->bitAnd( 'fa_deleted', $bitmask ) . " != $bitmask" ); - } - $limit = $params['limit']; $this->addOption( 'LIMIT', $limit + 1 ); $sort = ( $params['dir'] == 'descending' ? ' DESC' : '' ); @@ -148,6 +157,8 @@ class ApiQueryFilearchive extends ApiQueryBase { break; } + $canViewFile = RevisionRecord::userCanBitfield( $row->fa_deleted, File::DELETED_FILE, $user ); + $file = []; $file['id'] = (int)$row->fa_id; $file['name'] = $row->fa_name; @@ -169,13 +180,13 @@ class ApiQueryFilearchive extends ApiQueryBase { $file['userid'] = (int)$row->fa_user; $file['user'] = $row->fa_user_text; } - if ( $fld_sha1 ) { + if ( $fld_sha1 && $canViewFile ) { $file['sha1'] = Wikimedia\base_convert( $row->fa_sha1, 36, 16, 40 ); } if ( $fld_timestamp ) { $file['timestamp'] = wfTimestamp( TS_ISO_8601, $row->fa_timestamp ); } - if ( $fld_size || $fld_dimensions ) { + if ( ( $fld_size || $fld_dimensions ) && $canViewFile ) { $file['size'] = $row->fa_size; $pageCount = ArchivedFile::newFromRow( $row )->pageCount(); @@ -186,18 +197,18 @@ class ApiQueryFilearchive extends ApiQueryBase { $file['height'] = $row->fa_height; $file['width'] = $row->fa_width; } - if ( $fld_mediatype ) { + if ( $fld_mediatype && $canViewFile ) { $file['mediatype'] = $row->fa_media_type; } - if ( $fld_metadata ) { + if ( $fld_metadata && $canViewFile ) { $file['metadata'] = $row->fa_metadata ? ApiQueryImageInfo::processMetaData( unserialize( $row->fa_metadata ), $result ) : null; } - if ( $fld_bitdepth ) { + if ( $fld_bitdepth && $canViewFile ) { $file['bitdepth'] = $row->fa_bits; } - if ( $fld_mime ) { + if ( $fld_mime && $canViewFile ) { $file['mime'] = "$row->fa_major_mime/$row->fa_minor_mime"; } if ( $fld_archivename && !is_null( $row->fa_archive_name ) ) {