Merge "output: Narrow Title type hint to LinkTarget"
authorjenkins-bot <jenkins-bot@gerrit.wikimedia.org>
Fri, 13 Sep 2019 13:31:24 +0000 (13:31 +0000)
committerGerrit Code Review <gerrit@wikimedia.org>
Fri, 13 Sep 2019 13:31:24 +0000 (13:31 +0000)
244 files changed:
RELEASE-NOTES-1.34
composer.json
docs/hooks.txt
includes/DefaultSettings.php
includes/Revision/RevisionRecord.php
includes/ServiceWiring.php
includes/Setup.php
includes/Storage/DerivedPageDataUpdater.php
includes/StreamFile.php
includes/Title.php
includes/actions/InfoAction.php
includes/api/ApiQueryAllDeletedRevisions.php
includes/api/ApiQueryDeletedRevisions.php
includes/api/ApiQueryStashImageInfo.php
includes/api/ApiResetPassword.php
includes/api/ApiRevisionDelete.php
includes/api/ApiTag.php
includes/api/i18n/ar.json
includes/api/i18n/en.json
includes/api/i18n/fr.json
includes/api/i18n/it.json
includes/api/i18n/ko.json
includes/api/i18n/mk.json
includes/api/i18n/pl.json
includes/api/i18n/pt-br.json
includes/api/i18n/qqq.json
includes/block/BlockManager.php
includes/changetags/ChangeTags.php
includes/deferred/CdnCacheUpdate.php
includes/deferred/HTMLCacheUpdate.php
includes/deferred/LinksUpdate.php
includes/deferred/SearchUpdate.php
includes/export/WikiExporter.php
includes/externalstore/ExternalStoreDB.php
includes/filerepo/file/File.php
includes/libs/filebackend/FSFileBackend.php
includes/libs/filebackend/SwiftFileBackend.php
includes/libs/filebackend/fileophandle/FileBackendStoreOpHandle.php
includes/libs/rdbms/lbfactory/LBFactoryMulti.php
includes/libs/redis/RedisConnectionPool.php
includes/logging/BlockLogFormatter.php
includes/logging/ContentModelLogFormatter.php
includes/logging/DeleteLogFormatter.php
includes/logging/LogEventsList.php
includes/logging/LogFormatter.php
includes/logging/LogPager.php
includes/logging/MergeLogFormatter.php
includes/logging/MoveLogFormatter.php
includes/logging/ProtectLogFormatter.php
includes/mail/EmailNotification.php
includes/mail/UserMailer.php
includes/media/JpegMetadataExtractor.php
includes/page/Article.php
includes/page/ImageHistoryList.php
includes/page/ImagePage.php
includes/page/WikiPage.php
includes/preferences/DefaultPreferencesFactory.php
includes/resourceloader/ResourceLoader.php
includes/resourceloader/ResourceLoaderClientHtml.php
includes/resourceloader/ResourceLoaderLanguageDataModule.php
includes/resourceloader/ResourceLoaderUserDefaultsModule.php
includes/resourceloader/ResourceLoaderUserOptionsModule.php
includes/resourceloader/ResourceLoaderUserTokensModule.php
includes/session/SessionManager.php
includes/session/SessionOverflowException.php [new file with mode: 0644]
includes/skins/SkinTemplate.php
includes/specialpage/LoginSignupSpecialPage.php
includes/specialpage/SpecialPage.php
includes/specialpage/SpecialPageFactory.php
includes/specials/SpecialApiSandbox.php
includes/specials/SpecialAutoblockList.php
includes/specials/SpecialBlock.php
includes/specials/SpecialBlockList.php
includes/specials/SpecialBrokenRedirects.php
includes/specials/SpecialChangeContentModel.php
includes/specials/SpecialChangeEmail.php
includes/specials/SpecialConfirmEmail.php
includes/specials/SpecialContributions.php
includes/specials/SpecialCreateAccount.php
includes/specials/SpecialDoubleRedirects.php
includes/specials/SpecialEditTags.php
includes/specials/SpecialEmailUser.php
includes/specials/SpecialExpandTemplates.php
includes/specials/SpecialExport.php
includes/specials/SpecialImport.php
includes/specials/SpecialLinkSearch.php
includes/specials/SpecialLog.php
includes/specials/SpecialMovepage.php
includes/specials/SpecialPagesWithProp.php
includes/specials/SpecialPasswordReset.php
includes/specials/SpecialPreferences.php
includes/specials/SpecialRecentChanges.php
includes/specials/SpecialRecentChangesLinked.php
includes/specials/SpecialRedirect.php
includes/specials/SpecialRevisionDelete.php
includes/specials/SpecialRunJobs.php
includes/specials/SpecialTags.php
includes/specials/SpecialUnblock.php
includes/specials/SpecialUndelete.php
includes/specials/SpecialUpload.php
includes/specials/SpecialUserrights.php
includes/specials/SpecialWatchlist.php
includes/specials/SpecialWhatLinksHere.php
includes/specials/forms/PreferencesFormOOUI.php
includes/specials/forms/UploadForm.php
includes/specials/pagers/ActiveUsersPager.php
includes/specials/pagers/AllMessagesTablePager.php
includes/specials/pagers/BlockListPager.php
includes/specials/pagers/ContribsPager.php
includes/specials/pagers/DeletedContribsPager.php
includes/specials/pagers/MergeHistoryPager.php
includes/specials/pagers/ProtectedPagesPager.php
includes/specials/pagers/ProtectedTitlesPager.php
includes/specials/pagers/UsersPager.php
includes/upload/UploadBase.php
includes/upload/UploadFromUrl.php
includes/user/LocalIdLookup.php
includes/user/PasswordReset.php
includes/user/User.php
includes/user/UserNamePrefixSearch.php
includes/widget/CheckMatrixWidget.php
includes/widget/ComplexTitleInputWidget.php
includes/widget/NamespaceInputWidget.php
includes/widget/SelectWithInputWidget.php
includes/widget/SizeFilterWidget.php
includes/widget/TagMultiselectWidget.php
jsduck.json
languages/i18n/ar.json
languages/i18n/ban.json
languages/i18n/bg.json
languages/i18n/bn.json
languages/i18n/cs.json
languages/i18n/diq.json
languages/i18n/dty.json
languages/i18n/en.json
languages/i18n/exif/nb.json
languages/i18n/fi.json
languages/i18n/fr.json
languages/i18n/gl.json
languages/i18n/gom-deva.json
languages/i18n/gom-latn.json
languages/i18n/he.json
languages/i18n/io.json
languages/i18n/jv.json
languages/i18n/ka.json
languages/i18n/lv.json
languages/i18n/mk.json
languages/i18n/my.json
languages/i18n/nb.json
languages/i18n/nds-nl.json
languages/i18n/ne.json
languages/i18n/nl.json
languages/i18n/nqo.json
languages/i18n/pl.json
languages/i18n/pt-br.json
languages/i18n/qqq.json
languages/i18n/roa-tara.json
languages/i18n/ru.json
languages/i18n/sh.json
languages/i18n/sl.json
languages/i18n/sv.json
languages/i18n/szl.json
languages/i18n/uk.json
languages/i18n/zgh.json
languages/i18n/zh-hant.json
maintenance/install.php
maintenance/storage/blobs.sql
maintenance/storage/checkStorage.php
maintenance/userOptions.php
resources/Resources.php
resources/lib/foreign-resources.yaml
resources/lib/ooui/History.md
resources/lib/ooui/i18n/fr.json
resources/lib/ooui/i18n/pl.json
resources/lib/ooui/oojs-ui-apex.js
resources/lib/ooui/oojs-ui-core-apex.css
resources/lib/ooui/oojs-ui-core-wikimediaui.css
resources/lib/ooui/oojs-ui-core.js
resources/lib/ooui/oojs-ui-toolbars-apex.css
resources/lib/ooui/oojs-ui-toolbars-wikimediaui.css
resources/lib/ooui/oojs-ui-toolbars.js
resources/lib/ooui/oojs-ui-widgets-apex.css
resources/lib/ooui/oojs-ui-widgets-wikimediaui.css
resources/lib/ooui/oojs-ui-widgets.js
resources/lib/ooui/oojs-ui-wikimediaui.js
resources/lib/ooui/oojs-ui-windows-apex.css
resources/lib/ooui/oojs-ui-windows-wikimediaui.css
resources/lib/ooui/oojs-ui-windows.js
resources/lib/ooui/themes/apex/icons-editing-advanced.json
resources/lib/ooui/themes/apex/icons-user.json
resources/lib/ooui/themes/wikimediaui/icons-editing-advanced.json
resources/lib/ooui/themes/wikimediaui/icons-user.json
resources/lib/ooui/themes/wikimediaui/images/icons/beaker-invert.png [deleted file]
resources/lib/ooui/themes/wikimediaui/images/icons/beaker-invert.svg [deleted file]
resources/lib/ooui/themes/wikimediaui/images/icons/beaker-progressive.png [deleted file]
resources/lib/ooui/themes/wikimediaui/images/icons/beaker-progressive.svg [deleted file]
resources/lib/ooui/themes/wikimediaui/images/icons/beaker.png [deleted file]
resources/lib/ooui/themes/wikimediaui/images/icons/beaker.svg [deleted file]
resources/lib/ooui/themes/wikimediaui/images/icons/labFlask-invert.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/labFlask-invert.svg [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/labFlask-progressive.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/labFlask-progressive.svg [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/labFlask.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/labFlask.svg [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userAvatarOutline-invert.svg
resources/lib/ooui/themes/wikimediaui/images/icons/userAvatarOutline-progressive.svg
resources/lib/ooui/themes/wikimediaui/images/icons/userAvatarOutline.svg
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-ltr-invert.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-ltr-invert.svg [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-ltr-progressive.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-ltr-progressive.svg [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-ltr.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-ltr.svg [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-rtl-invert.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-rtl-invert.svg [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-rtl-progressive.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-rtl-progressive.svg [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-rtl.png [new file with mode: 0644]
resources/lib/ooui/themes/wikimediaui/images/icons/userGroup-rtl.svg [new file with mode: 0644]
resources/src/jquery.color/jquery.color.js [new file with mode: 0644]
resources/src/jquery.color/jquery.colorUtil.js [new file with mode: 0644]
resources/src/jquery/jquery.color.js [deleted file]
resources/src/jquery/jquery.colorUtil.js [deleted file]
resources/src/mediawiki.ForeignApi.core.js
resources/src/mediawiki.htmlform.checker.js
resources/src/mediawiki.legacy/shared.css
resources/src/mediawiki.util/util.js
tests/phpunit/MediaWikiIntegrationTestCase.php
tests/phpunit/data/media/jpeg-xmp-nullchar.jpg [new file with mode: 0644]
tests/phpunit/includes/Revision/RenderedRevisionTest.php
tests/phpunit/includes/api/ApiRevisionDeleteTest.php
tests/phpunit/includes/block/BlockManagerTest.php
tests/phpunit/includes/media/JpegMetadataExtractorTest.php
tests/phpunit/includes/preferences/DefaultPreferencesFactoryTest.php
tests/phpunit/includes/session/SessionManagerTest.php
tests/phpunit/includes/specials/SpecialBlankPageTest.php
tests/phpunit/includes/user/LocalIdLookupTest.php
tests/phpunit/includes/user/PasswordResetTest.php
tests/phpunit/includes/user/UserGroupMembershipTest.php
tests/phpunit/includes/user/UserTest.php
tests/phpunit/maintenance/MWDoxygenFilterTest.php
tests/qunit/QUnitTestResources.php
tests/qunit/suites/resources/mediawiki.api/mediawiki.ForeignApi.test.js
tests/qunit/suites/resources/mediawiki/mediawiki.util.test.js

index 2cebf99..07f52d0 100644 (file)
@@ -162,8 +162,8 @@ $wgPasswordPolicy['policies']['default']['PasswordNotInLargeBlacklist'] = false;
 === Action API changes in 1.34 ===
 * The 'recenteditcount' response property from action=query list=allusers,
   deprecated in 1.25, has been removed.
-* (T60993) action=query list=filearchive no longer requires the 'deletedhistory'
-  user right.
+* (T60993) action=query list=filearchive, list=alldeletedrevisions and
+  prop=deletedrevisions no longer require the 'deletedhistory' user right.
 
 === Action API internal changes in 1.34 ===
 * The exception thrown in ApiModuleManager::getModule has been changed
@@ -302,6 +302,7 @@ because of Phabricator reports.
   Use the mediawiki.String module instead.
 * mw.language.specialCharacters, deprecated in 1.33, has been removed.
   Use require( 'mediawiki.language.specialCharacters' ) instead.
+* The jquery.colorUtil module was removed. Use jquery.color instead.
 * EditPage::submit(), deprecated in 1.29, has been removed. Use $this->edit()
   directly.
 * HTMLForm::getErrors(), deprecated in 1.28, has been removed. Use
@@ -560,6 +561,9 @@ because of Phabricator reports.
   be used instead.
 * The UserIsHidden hook is deprecated. Use GetUserBlock instead, and add a
   system block that hides the user.
+* The GetBlockedStatus hook is deprecated. Use GetUserBlock instead, to add or
+  remove a block.
+* $wgContentHandlerUseDB is deprecated and should always be true.
 
 === Other changes in 1.34 ===
 * …
index c1f9037..5785873 100644 (file)
@@ -28,7 +28,7 @@
                "ext-xml": "*",
                "guzzlehttp/guzzle": "6.3.3",
                "liuggio/statsd-php-client": "1.0.18",
-               "oojs/oojs-ui": "0.34.0",
+               "oojs/oojs-ui": "0.34.1",
                "pear/mail": "1.4.1",
                "pear/mail_mime": "1.10.2",
                "pear/net_smtp": "1.8.1",
index 43234c6..43bfd8d 100644 (file)
@@ -1585,7 +1585,8 @@ entitled to be in.
 $user: user to promote.
 &$promote: groups that will be added.
 
-'GetBlockedStatus': after loading blocking status of an user from the database
+'GetBlockedStatus': DEPRECATED since 1.34 - use GetUserBlock instead. After
+loading blocking status of a user from the database
 &$user: user (object) being checked
 
 'GetCacheVaryCookies': Get cookies that should vary cache options.
index c9bed29..47fd073 100644 (file)
@@ -8619,6 +8619,7 @@ $wgContentHandlerTextFallback = 'ignore';
  * handling is less robust and less flexible.
  *
  * @since 1.21
+ * @deprecated since 1.34, and should always be set true.
  */
 $wgContentHandlerUseDB = true;
 
index ff9ac57..759180a 100644 (file)
@@ -531,8 +531,6 @@ abstract class RevisionRecord {
                                $text = $title->getPrefixedText();
                                wfDebug( "Checking for $permissionlist on $text due to $field match on $bitfield\n" );
 
-                               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
-
                                foreach ( $permissions as $perm ) {
                                        if ( $permissionManager->userCan( $perm, $user, $title ) ) {
                                                return true;
index 0b0aaf5..689a98e 100644 (file)
@@ -107,13 +107,10 @@ return [
        },
 
        'BlockManager' => function ( MediaWikiServices $services ) : BlockManager {
-               $context = RequestContext::getMain();
                return new BlockManager(
                        new ServiceOptions(
                                BlockManager::$constructorOptions, $services->getMainConfig()
                        ),
-                       $context->getUser(),
-                       $context->getRequest(),
                        $services->getPermissionManager()
                );
        },
@@ -545,7 +542,8 @@ return [
                        $services->getContentLanguage(),
                        AuthManager::singleton(),
                        $services->getLinkRendererFactory()->create(),
-                       $services->getNamespaceInfo()
+                       $services->getNamespaceInfo(),
+                       $services->getPermissionManager()
                );
                $factory->setLogger( LoggerFactory::getInstance( 'preferences' ) );
 
index 39f0c81..518531a 100644 (file)
@@ -808,22 +808,17 @@ if ( !defined( 'MW_NO_SESSION' ) && !$wgCommandLineMode ) {
        // Initialize the session
        try {
                $session = MediaWiki\Session\SessionManager::getGlobalSession();
-       } catch ( OverflowException $ex ) {
-               if ( isset( $ex->sessionInfos ) && count( $ex->sessionInfos ) >= 2 ) {
-                       // The exception is because the request had multiple possible
-                       // sessions tied for top priority. Report this to the user.
-                       $list = [];
-                       foreach ( $ex->sessionInfos as $info ) {
-                               $list[] = $info->getProvider()->describe( $wgContLang );
-                       }
-                       $list = $wgContLang->listToText( $list );
-                       throw new HttpError( 400,
-                               Message::newFromKey( 'sessionmanager-tie', $list )->inLanguage( $wgContLang )->plain()
-                       );
+       } catch ( MediaWiki\Session\SessionOverflowException $ex ) {
+               // The exception is because the request had multiple possible
+               // sessions tied for top priority. Report this to the user.
+               $list = [];
+               foreach ( $ex->getSessionInfos() as $info ) {
+                       $list[] = $info->getProvider()->describe( $wgContLang );
                }
-
-               // Not the one we want, rethrow
-               throw $ex;
+               $list = $wgContLang->listToText( $list );
+               throw new HttpError( 400,
+                       Message::newFromKey( 'sessionmanager-tie', $list )->inLanguage( $wgContLang )->plain()
+               );
        }
 
        if ( $session->isPersistent() ) {
index 4903cf0..b2c003a 100644 (file)
@@ -1531,7 +1531,9 @@ class DerivedPageDataUpdater implements IDBAccessObject, LoggerAwareInterface {
                if ( $this->options['changed']
                        && $title->getNamespace() == NS_USER_TALK
                        && $shortTitle != $legacyUser->getTitleKey()
-                       && !( $this->revision->isMinor() && $legacyUser->isAllowed( 'nominornewtalk' ) )
+                       && !( $this->revision->isMinor() && MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $legacyUser, 'nominornewtalk' ) )
                ) {
                        $recipient = User::newFromName( $shortTitle, false );
                        if ( !$recipient ) {
index 2ad42e5..2afd651 100644 (file)
  */
 class StreamFile {
        // Do not send any HTTP headers unless requested by caller (e.g. body only)
+       /** @deprecated since 1.34 */
        const STREAM_HEADLESS = HTTPFileStreamer::STREAM_HEADLESS;
        // Do not try to tear down any PHP output buffers
+       /** @deprecated since 1.34 */
        const STREAM_ALLOW_OB = HTTPFileStreamer::STREAM_ALLOW_OB;
 
        /**
@@ -105,7 +107,6 @@ class StreamFile {
                                case 'png':
                                        return 'image/png';
                                case 'jpg':
-                                       return 'image/jpeg';
                                case 'jpeg':
                                        return 'image/jpeg';
                        }
index 1e93c44..bdff7a7 100644 (file)
@@ -1059,7 +1059,7 @@ class Title implements LinkTarget, IDBAccessObject {
                        $this->lazyFillContentModel( $this->loadFieldFromDB( 'page_content_model', $flags ) );
                } elseif (
                        ( !$this->mContentModel || $flags & self::GAID_FOR_UPDATE ) &&
-                       $this->getArticleId( $flags )
+                       $this->getArticleID( $flags )
                ) {
                        $linkCache = MediaWikiServices::getInstance()->getLinkCache();
                        $linkCache->addLinkObj( $this ); # in case we already had an article ID
@@ -4270,12 +4270,21 @@ class Title implements LinkTarget, IDBAccessObject {
         * on the number of links. Typically called on create and delete.
         */
        public function touchLinks() {
-               DeferredUpdates::addUpdate( new HTMLCacheUpdate( $this, 'pagelinks', 'page-touch' ) );
+               $jobs = [];
+               $jobs[] = HTMLCacheUpdateJob::newForBacklinks(
+                       $this,
+                       'pagelinks',
+                       [ 'causeAction' => 'page-touch' ]
+               );
                if ( $this->mNamespace == NS_CATEGORY ) {
-                       DeferredUpdates::addUpdate(
-                               new HTMLCacheUpdate( $this, 'categorylinks', 'category-touch' )
+                       $jobs[] = HTMLCacheUpdateJob::newForBacklinks(
+                               $this,
+                               'categorylinks',
+                               [ 'causeAction' => 'category-touch' ]
                        );
                }
+
+               JobQueueGroup::singleton()->lazyPush( $jobs );
        }
 
        /**
index 207721e..9a8949f 100644 (file)
@@ -280,11 +280,10 @@ class InfoAction extends FormlessAction {
                // Language in which the page content is (supposed to be) written
                $pageLang = $title->getPageLanguage()->getCode();
 
-               $permissionManager = $services->getPermissionManager();
-
                $pageLangHtml = $pageLang . ' - ' .
                        Language::fetchLanguageName( $pageLang, $lang->getCode() );
                // Link to Special:PageLanguage with pre-filled page title if user has permissions
+               $permissionManager = $services->getPermissionManager();
                if ( $config->get( 'PageLanguageUseDB' )
                        && $permissionManager->userCan( 'pagelang', $user, $title )
                ) {
@@ -344,8 +343,7 @@ class InfoAction extends FormlessAction {
                ];
 
                $unwatchedPageThreshold = $config->get( 'UnwatchedPageThreshold' );
-               if (
-                       $services->getPermissionManager()->userHasRight( $user, 'unwatchedpages' ) ||
+               if ( $permissionManager->userHasRight( $user, 'unwatchedpages' ) ||
                        ( $unwatchedPageThreshold !== false &&
                                $pageCounts['watchers'] >= $unwatchedPageThreshold )
                ) {
@@ -360,7 +358,7 @@ class InfoAction extends FormlessAction {
                        ) {
                                $minToDisclose = $config->get( 'UnwatchedPageSecret' );
                                if ( $pageCounts['visitingWatchers'] > $minToDisclose ||
-                                       $services->getPermissionManager()->userHasRight( $user, 'unwatchedpages' ) ) {
+                                       $permissionManager->userHasRight( $user, 'unwatchedpages' ) ) {
                                        $pageInfo['header-basic'][] = [
                                                $this->msg( 'pageinfo-visiting-watchers' ),
                                                $lang->formatNum( $pageCounts['visitingWatchers'] )
index 7d6d342..2a49984 100644 (file)
@@ -43,9 +43,6 @@ class ApiQueryAllDeletedRevisions extends ApiQueryRevisionsBase {
         * @return void
         */
        protected function run( ApiPageSet $resultPageSet = null ) {
-               // Before doing anything at all, let's check permissions
-               $this->checkUserRightsAny( 'deletedhistory' );
-
                $user = $this->getUser();
                $db = $this->getDB();
                $params = $this->extractRequestParams( false );
@@ -144,8 +141,15 @@ class ApiQueryAllDeletedRevisions extends ApiQueryRevisionsBase {
                }
 
                // This means stricter restrictions
-               if ( $this->fetchContent ) {
-                       $this->checkUserRightsAny( [ 'deletedtext', 'undelete' ] );
+               if ( ( $this->fld_comment || $this->fld_parsedcomment ) &&
+                       !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' )
+               ) {
+                       $this->dieWithError( 'apierror-cantview-deleted-comment', 'permissiondenied' );
+               }
+               if ( $this->fetchContent &&
+                       !$this->getPermissionManager()->userHasAnyRight( $user, 'deletedtext', 'undelete' )
+               ) {
+                       $this->dieWithError( 'apierror-cantview-deleted-revision-content', 'permissiondenied' );
                }
 
                $miser_ns = null;
@@ -235,8 +239,6 @@ class ApiQueryAllDeletedRevisions extends ApiQueryRevisionsBase {
 
                if ( !is_null( $params['user'] ) || !is_null( $params['excludeuser'] ) ) {
                        // Paranoia: avoid brute force searches (T19342)
-                       // (shouldn't be able to get here without 'deletedhistory', but
-                       // check it again just in case)
                        if ( !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) ) {
                                $bitmask = RevisionRecord::DELETED_USER;
                        } elseif ( !$this->getPermissionManager()
index fc88499..12fd20a 100644 (file)
@@ -40,8 +40,6 @@ class ApiQueryDeletedRevisions extends ApiQueryRevisionsBase {
 
        protected function run( ApiPageSet $resultPageSet = null ) {
                $user = $this->getUser();
-               // Before doing anything at all, let's check permissions
-               $this->checkUserRightsAny( 'deletedhistory' );
 
                $pageSet = $this->getPageSet();
                $pageMap = $pageSet->getGoodAndMissingTitlesByNamespace();
@@ -95,8 +93,15 @@ class ApiQueryDeletedRevisions extends ApiQueryRevisionsBase {
                }
 
                // This means stricter restrictions
-               if ( $this->fetchContent ) {
-                       $this->checkUserRightsAny( [ 'deletedtext', 'undelete' ] );
+               if ( ( $this->fld_comment || $this->fld_parsedcomment ) &&
+                       !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' )
+               ) {
+                       $this->dieWithError( 'apierror-cantview-deleted-comment', 'permissiondenied' );
+               }
+               if ( $this->fetchContent &&
+                       !$this->getPermissionManager()->userHasAnyRight( $user, 'deletedtext', 'undelete' )
+               ) {
+                       $this->dieWithError( 'apierror-cantview-deleted-revision-content', 'permissiondenied' );
                }
 
                $dir = $params['dir'];
@@ -130,8 +135,6 @@ class ApiQueryDeletedRevisions extends ApiQueryRevisionsBase {
 
                if ( !is_null( $params['user'] ) || !is_null( $params['excludeuser'] ) ) {
                        // Paranoia: avoid brute force searches (T19342)
-                       // (shouldn't be able to get here without 'deletedhistory', but
-                       // check it again just in case)
                        if ( !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) ) {
                                $bitmask = RevisionRecord::DELETED_USER;
                        } elseif ( !$this->getPermissionManager()
index 1924ca0..c84de8c 100644 (file)
@@ -70,11 +70,37 @@ class ApiQueryStashImageInfo extends ApiQueryImageInfo {
                }
        }
 
-       private $propertyFilter = [
+       private static $propertyFilter = [
                'user', 'userid', 'comment', 'parsedcomment',
                'mediatype', 'archivename', 'uploadwarning',
        ];
 
+       /**
+        * Returns all possible parameters to siiprop
+        *
+        * @param array|null $filter List of properties to filter out
+        * @return array
+        */
+       public static function getPropertyNames( $filter = null ) {
+               if ( $filter === null ) {
+                       $filter = self::$propertyFilter;
+               }
+               return parent::getPropertyNames( $filter );
+       }
+
+       /**
+        * Returns messages for all possible parameters to siiprop
+        *
+        * @param array|null $filter List of properties to filter out
+        * @return array
+        */
+       public static function getPropertyMessages( $filter = null ) {
+               if ( $filter === null ) {
+                       $filter = self::$propertyFilter;
+               }
+               return parent::getPropertyMessages( $filter );
+       }
+
        public function getAllowedParams() {
                return [
                        'filekey' => [
@@ -87,9 +113,9 @@ class ApiQueryStashImageInfo extends ApiQueryImageInfo {
                        'prop' => [
                                ApiBase::PARAM_ISMULTI => true,
                                ApiBase::PARAM_DFLT => 'timestamp|url',
-                               ApiBase::PARAM_TYPE => self::getPropertyNames( $this->propertyFilter ),
+                               ApiBase::PARAM_TYPE => self::getPropertyNames(),
                                ApiBase::PARAM_HELP_MSG => 'apihelp-query+imageinfo-param-prop',
-                               ApiBase::PARAM_HELP_MSG_PER_VALUE => self::getPropertyMessages( $this->propertyFilter )
+                               ApiBase::PARAM_HELP_MSG_PER_VALUE => self::getPropertyMessages()
                        ],
                        'urlwidth' => [
                                ApiBase::PARAM_TYPE => 'integer',
index 7783826..6b1c217 100644 (file)
@@ -21,6 +21,7 @@
  */
 
 use MediaWiki\Auth\AuthManager;
+use MediaWiki\MediaWikiServices;
 
 /**
  * Reset password, with AuthManager
@@ -63,7 +64,11 @@ class ApiResetPassword extends ApiBase {
 
                $this->requireOnlyOneParameter( $params, 'user', 'email' );
 
-               $passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
+               $passwordReset = new PasswordReset(
+                       $this->getConfig(),
+                       AuthManager::singleton(),
+                       MediaWikiServices::getInstance()->getPermissionManager()
+               );
 
                $status = $passwordReset->isAllowed( $this->getUser() );
                if ( !$status->isOK() ) {
index 1ee91c2..60b24f0 100644 (file)
@@ -38,12 +38,6 @@ class ApiRevisionDelete extends ApiBase {
                $user = $this->getUser();
                $this->checkUserRightsAny( RevisionDeleter::getRestriction( $params['type'] ) );
 
-               // @TODO Use PermissionManager::isBlockedFrom() instead.
-               $block = $user->getBlock();
-               if ( $block ) {
-                       $this->dieBlocked( $block );
-               }
-
                if ( !$params['ids'] ) {
                        $this->dieWithError( [ 'apierror-paramempty', 'ids' ], 'paramempty_ids' );
                }
@@ -97,6 +91,10 @@ class ApiRevisionDelete extends ApiBase {
                        $this->dieWithError( [ 'apierror-revdel-needtarget' ], 'needtarget' );
                }
 
+               if ( $this->getPermissionManager()->isBlockedFrom( $user, $targetObj ) ) {
+                       $this->dieBlocked( $user->getBlock() );
+               }
+
                $list = RevisionDeleter::createList(
                        $params['type'], $this->getContext(), $targetObj, $params['ids']
                );
index aff0183..bb6c580 100644 (file)
@@ -20,7 +20,6 @@
  */
 
 use MediaWiki\MediaWikiServices;
-use MediaWiki\Revision\RevisionStore;
 
 /**
  * @ingroup API
@@ -28,7 +27,9 @@ use MediaWiki\Revision\RevisionStore;
  */
 class ApiTag extends ApiBase {
 
-       /** @var RevisionStore */
+       use ApiBlockInfoTrait;
+
+       /** @var \MediaWiki\Revision\RevisionStore */
        private $revisionStore;
 
        public function execute() {
@@ -40,9 +41,9 @@ class ApiTag extends ApiBase {
                // make sure the user is allowed
                $this->checkUserRightsAny( 'changetags' );
 
-               // @TODO Use PermissionManager::isBlockedFrom() instead.
+               // Fail early if the user is sitewide blocked.
                $block = $user->getBlock();
-               if ( $block ) {
+               if ( $block && $block->isSitewide() ) {
                        $this->dieBlocked( $block );
                }
 
@@ -85,6 +86,7 @@ class ApiTag extends ApiBase {
        }
 
        protected function processIndividual( $type, $params, $id ) {
+               $user = $this->getUser();
                $idResult = [ $type => $id ];
 
                // validate the ID
@@ -92,9 +94,30 @@ class ApiTag extends ApiBase {
                switch ( $type ) {
                        case 'rcid':
                                $valid = RecentChange::newFromId( $id );
+                               if ( $valid && $this->getPermissionManager()->isBlockedFrom( $user, $valid->getTitle() ) ) {
+                                       $idResult['status'] = 'error';
+                                       $idResult += $this->getErrorFormatter()->formatMessage( ApiMessage::create(
+                                               'apierror-blocked',
+                                               'blocked',
+                                               [ 'blockinfo' => $this->getBlockDetails( $user->getBlock() ) ]
+                                       ) );
+                                       return $idResult;
+                               }
                                break;
                        case 'revid':
                                $valid = $this->revisionStore->getRevisionById( $id );
+                               if (
+                                       $valid &&
+                                       $this->getPermissionManager()->isBlockedFrom( $user, $valid->getPageAsLinkTarget() )
+                               ) {
+                                       $idResult['status'] = 'error';
+                                       $idResult += $this->getErrorFormatter()->formatMessage( ApiMessage::create(
+                                                       'apierror-blocked',
+                                                       'blocked',
+                                                       [ 'blockinfo' => $this->getBlockDetails( $user->getBlock() ) ]
+                                       ) );
+                                       return $idResult;
+                               }
                                break;
                        case 'logid':
                                $valid = self::validateLogId( $id );
index 09d9c46..58d2dee 100644 (file)
        "apierror-cantoverwrite-sharedfile": "الملف الهدف موجود في مستودع مشترك وليست لديك صلاحية لتجاوزه.",
        "apierror-cantsend": "لم تقم بتسجيل الدخول أو ليس لديك عنوان بريد إلكتروني مؤكد أو غير مسموح لك بإرسال بريد إلكتروني إلى مستخدمين آخرين; لذلك لا يمكنك إرسال بريد إلكتروني.",
        "apierror-cantundelete": "تعذر الاسترجاع: قد لا تكون المراجعات المطلوبة موجودة، أو ربما تم الاسترجاع بالفعل.",
-       "apierror-cantview-deleted-description": "ليست لديك صلايبة لعرض أوصاف الملفات المحذوفة.",
-       "apierror-cantview-deleted-metadata": "ليست لديك صلايبة لعرض البيانات الوصفية للملفات المحذوفة.",
+       "apierror-cantview-deleted-comment": "ليست لديك صلاحية لعرض التعليقات المحذوفة.",
+       "apierror-cantview-deleted-description": "ليست لديك صلاحية لعرض أوصاف الملفات المحذوفة.",
+       "apierror-cantview-deleted-metadata": "ليست لديك صلاحية لعرض البيانات الوصفية للملفات المحذوفة.",
+       "apierror-cantview-deleted-revision-content": "ليست لديك صلاحية لعرض محتوى المراجعات المحذوفة.",
        "apierror-changeauth-norequest": "فشل في إنشاء طلب التغيير.",
        "apierror-chunk-too-small": "الحد الأدنى لحجم القطعة هو $1 {{PLURAL:$1|بايت}} للقطع غير النهائية.",
        "apierror-cidrtoobroad": "لا يُقبَل مدى $1 CIDR أكبر من /$2.",
index 35e45f1..cc5e872 100644 (file)
        "apierror-cantoverwrite-sharedfile": "The target file exists on a shared repository and you do not have permission to override it.",
        "apierror-cantsend": "You are not logged in, you do not have a confirmed email address, or you are not allowed to send email to other users, so you cannot send email.",
        "apierror-cantundelete": "Couldn't undelete: the requested revisions may not exist, or may have been undeleted already.",
+       "apierror-cantview-deleted-comment": "You don't have permission to view deleted comments.",
        "apierror-cantview-deleted-description": "You don't have permission to view descriptions of deleted files.",
        "apierror-cantview-deleted-metadata": "You don't have permission to view metadata of deleted files.",
+       "apierror-cantview-deleted-revision-content": "You don't have permission to view content of deleted revisions.",
        "apierror-changeauth-norequest": "Failed to create change request.",
        "apierror-chunk-too-small": "Minimum chunk size is $1 {{PLURAL:$1|byte|bytes}} for non-final chunks.",
        "apierror-cidrtoobroad": "$1 CIDR ranges broader than /$2 are not accepted.",
index 7c5d2b5..5ce00f5 100644 (file)
                        "Lucas Werkmeister (WMDE)"
                ]
        },
-       "apihelp-main-extended-description": "<div class=\"hlist plainlinks api-main-links\">\n* [[mw:Special:MyLanguage/API:Main_page|Documentation]]\n* [[mw:Special:MyLanguage/API:FAQ|FAQ]]\n* [https://lists.wikimedia.org/mailman/listinfo/mediawiki-api Liste de diffusion]\n* [https://lists.wikimedia.org/mailman/listinfo/mediawiki-api-announce Annonces de l’API]\n* [https://phabricator.wikimedia.org/maniphest/query/GebfyV4uCaLd/#R Bogues et demandes]\n</div>\n<strong>État :</strong> L’API MediaWiki est une interface stable et mature qui est supportée et améliorée de façon active. Bien que nous essayions de l’éviter, nous pouvons avoir parfois besoin de faire des modifications impactantes ; inscrivez-vous à [https://lists.wikimedia.org/pipermail/mediawiki-api-announce/ la liste de diffusion mediawiki-api-announce] pour être informé des mises à jour.\n\n<strong>Requêtes erronées :</strong> Si des requêtes erronées sont envoyées à l’API, un entête HTTP sera renvoyé avec la clé « MediaWiki-API-Error ». La valeur de cet entête et le code d’erreur renvoyé prendront la même valeur. Pour plus d’information, voyez [[mw:Special:MyLanguage/API:Errors_and_warnings|API:Errors and warnings]].\n\n<p class=\"mw-apisandbox-link\"><strong>Test :</strong> Pour faciliter le test des requêtes à l’API, voyez [[Special:ApiSandbox]].</p>",
+       "apihelp-main-extended-description": "<div class=\"hlist plainlinks api-main-links\">\n* [[mw:Special:MyLanguage/API:Main_page|Documentation]]\n* [[mw:Special:MyLanguage/API:FAQ|FAQ]]\n* [https://lists.wikimedia.org/mailman/listinfo/mediawiki-api Liste de diffusion]\n* [https://lists.wikimedia.org/mailman/listinfo/mediawiki-api-announce Annonces de l’API]\n* [https://phabricator.wikimedia.org/maniphest/query/GebfyV4uCaLd/#R Bogues et demandes]\n</div>\n<strong>État :</strong> l’API de MediaWiki est une interface stable et mature qui est supportée et améliorée de façon active. Bien que nous essayions de l’éviter, nous pouvons avoir parfois besoin de faire des modifications impactantes ; inscrivez-vous à [https://lists.wikimedia.org/pipermail/mediawiki-api-announce/ la liste de diffusion ''mediawiki-api-announce''] pour être informé des mises à jour.\n\n<strong>Requêtes erronées :</strong> si des requêtes erronées sont envoyées à l’API, un entête HTTP sera renvoyé avec la clé « MediaWiki-API-Error ». La valeur de cet entête et le code d’erreur renvoyé prendront la même valeur. Pour plus d’information, voyez [[mw:Special:MyLanguage/API:Errors_and_warnings|API:Errors and warnings]].\n\n<p class=\"mw-apisandbox-link\"><strong>Test :</strong> Pour faciliter le test des requêtes à l’API, voyez [[Special:ApiSandbox]].</p>",
        "apihelp-main-param-action": "Quelle action effectuer.",
        "apihelp-main-param-format": "Le format de sortie.",
-       "apihelp-main-param-maxlag": "La latence maximale peut être utilisée quand MediaWiki est installé sur un cluster de base de données répliqué. Pour éviter des actions provoquant un supplément de latence de réplication de site, ce paramètre peut faire attendre le client jusqu’à ce que la latence de réplication soit inférieure à une valeur spécifiée. En cas de latence excessive, le code d’erreur <samp>maxlag</samp> est renvoyé avec un message tel que <samp>Attente de $host : $lag secondes de délai</samp>.<br />Voyez [[mw:Special:MyLanguage/Manual:Maxlag_parameter|Manuel: paramètre Maxlag]] pour plus d’information.",
+       "apihelp-main-param-maxlag": "La latence maximale peut être utilisée quand MediaWiki est installé sur une grappe de réplication de base de données. Pour éviter des actions provoquant un supplément de latence de réplication de site, ce paramètre peut faire attendre le client jusqu’à ce que la latence de réplication soit inférieure à une valeur spécifiée. En cas de latence excessive, le code d’erreur <samp>maxlag</samp> est renvoyé avec un message tel que <samp>Attente de $host : $lag secondes de délai</samp>.<br />Voyez [[mw:Special:MyLanguage/Manual:Maxlag_parameter|Manuel : paramètre Maxlag]] pour plus d’informations.",
        "apihelp-main-param-smaxage": "Fixer l’entête HTTP de contrôle de cache <code>s-maxage</code> à ce nombre de secondes. Les erreurs ne sont jamais mises en cache.",
        "apihelp-main-param-maxage": "Fixer l’entête HTTP de contrôle de cache <code>max-age</code> à ce nombre de secondes. Les erreurs ne sont jamais mises en cache.",
-       "apihelp-main-param-assert": "Vérifier si l’utilisateur est connecté si la valeur est <kbd>user</kbd>, ou s’il a le droit d’un utilisateur robot si la valeur est <kbd>bot</kbd>.",
+       "apihelp-main-param-assert": "Vérifier que l’utilisateur est connecté lorsque la valeur est <kbd>user</kbd> ou qu’il a le droit d’un utilisateur robot lorsque la valeur est <kbd>bot</kbd>.",
        "apihelp-main-param-assertuser": "Vérifier que l’utilisateur actuel est l’utilisateur nommé.",
        "apihelp-main-param-requestid": "Toute valeur fournie ici sera incluse dans la réponse. Peut être utilisé pour distinguer des demandes.",
        "apihelp-main-param-servedby": "Inclure le nom d’hôte qui a renvoyé la requête dans les résultats.",
        "apierror-cantoverwrite-sharedfile": "Le fichier cible existe dans un dépôt partagé et vous n’avez pas le droit de l’écraser.",
        "apierror-cantsend": "Vous n’êtes pas connecté, vous n’avez pas d’adresse de courriel confirmée, ou vous n’êtes pas autorisé à envoyer des courriels aux autres utilisateurs, donc vous ne pouvez envoyer de courriel.",
        "apierror-cantundelete": "Impossible d’annuler : les révisions demandées peuvent ne plus exister, ou avoir déjà été annulées.",
+       "apierror-cantview-deleted-comment": "Vous n’avez pas la permission de visualiser les commentaires supprimés.",
        "apierror-cantview-deleted-description": "Vous n’avez pas le droit d’afficher les descriptions des fichiers supprimés.",
        "apierror-cantview-deleted-metadata": "Vous n’avez pas le droit d’afficher les métadonnées des fichiers supprimés.",
+       "apierror-cantview-deleted-revision-content": "Vous n’avez pas la permission de visualiser le contenu des révisions supprimées.",
        "apierror-changeauth-norequest": "Échec à la création de la requête de modification.",
        "apierror-chunk-too-small": "La taille minimale d’un segment est de $1 {{PLURAL:$1|octet|octets}} pour les segments hors le dernier.",
        "apierror-cidrtoobroad": "Les plages CIDR $1 plus large que /$2 ne sont pas acceptées.",
index e29c34a..9d5d349 100644 (file)
        "api-help-authmanagerhelper-continue": "Questa richiesta è una continuazione dopo una precedente risposta <samp>UI</samp> o <samp>REDIRECT</samp>. È necessario fornirlo, oppure fornire <var>$1returnurl</var>.",
        "api-help-authmanagerhelper-additional-params": "Questo modulo accetta parametri aggiuntivi a seconda delle richieste di autenticazione disponibili. Utilizza <kbd>[[Special:ApiHelp/query+authmanagerinfo|action=query&meta=authmanagerinfo]]</kbd> con <kbd>amirequestsfor=$1</kbd> (o una precedente risposta da questo modulo, se applicabile) per determinare le richieste disponibili e i campi usati da queste.",
        "apierror-bad-badfilecontexttitle": "Titolo non valido nel parametro <var>$1badfilecontexttitle</var>.",
+       "apierror-cantview-deleted-description": "Non si dispone dei permessi necessari per vedere le descrizioni dei file cancellati.",
+       "apierror-cantview-deleted-metadata": "Non si dispone dei permessi necessari per vedere i metadati dei file cancellati.",
+       "apierror-cantview-deleted-revision-content": "Non si dispone dei permessi necessari per vedere il contenuto delle versioni cancellate.",
        "apierror-compare-notext": "Il parametro <var>$1</var> non può essere usato senza <var>$2</var>.",
        "apierror-invalidoldimage": "Il parametro <var>oldimage</var> ha un formato non valido.",
        "apierror-invaliduserid": "L'ID utente <var>$1</var> non è valido.",
index c029636..6124066 100644 (file)
        "apierror-cantimport-upload": "업로드된 페이지를 가져올 권한이 없습니다.",
        "apierror-cantimport": "페이지를 가져올 권한이 없습니다.",
        "apierror-cantsend": "로그인하지 않았거나 인증된 이메일 주소가 없거나 다른 사용자로 이메일을 보낼 권한이 없기 때문에 이메일을 보낼 수 없습니다.",
+       "apierror-cantview-deleted-description": "삭제된 파일의 설명을 볼 권한이 없습니다.",
+       "apierror-cantview-deleted-metadata": "삭제된 파일의 메타데이터를 볼 권한이 없습니다.",
        "apierror-compare-maintextrequired": "<var>$1slots</var>에 <kbd>main</kbd>이 포함되어 있다면 <var>$1text-main</var> 변수는 필수입니다. (메인 슬롯을 삭제할 수 없습니다)",
        "apierror-compare-notext": "<var>$1</var> 변수는 <var>$2</var> 없이 사용할 수 없습니다.",
        "apierror-emptynewsection": "비어있는 새 문단을 만들 수 없습니다.",
index 59553e9..59eb62c 100644 (file)
        "apierror-cantchangecontentmodel": "Немате дозвола за менување содржинскиот модел на страница.",
        "apierror-cantimport-upload": "Немате дозвола да увезувате подигнати страници.",
        "apierror-cantimport": "Немате дозвола за увезуваање страници.",
+       "apierror-cantview-deleted-comment": "Немате дозвола за прегледување на избришаните коментари.",
+       "apierror-cantview-deleted-description": "Немате дозвола за прегледување описи на избришаните податотеки.",
+       "apierror-cantview-deleted-metadata": "Немате дозвола за прегледување метаподатоци на избришаните податотеки.",
+       "apierror-cantview-deleted-revision-content": "Немате дозвола за прегледување содржина на избришаните преработки.",
        "apierror-copyuploadbaddomain": "Подигањето преку URL не е дозволено од овој домен.",
        "apierror-copyuploadbadurl": "Подигањето не е дозволено од оваа URL-адреса.",
        "apierror-emptynewsection": "Создавањето на нови празни поднаслови не е дозволено.",
index d8ff539..65a0913 100644 (file)
        "apierror-cantimport": "Nie masz uprawnień do importowania stron.",
        "apierror-cantsend": "Nie jesteś zalogowany, nie masz potwierdzonego adresu e-mail, albo nie masz prawa wysyłać e-maili do innych użytkowników, więc nie możesz wysłać wiadomości e-mail.",
        "apierror-cantundelete": "Nie można przywrócić: dana wersja nie istnieje albo została już przywrócona.",
+       "apierror-cantview-deleted-comment": "Nie masz uprawnień do podglądu usuniętych komentarzy.",
        "apierror-cantview-deleted-description": "Nie masz uprawnień do podglądu opisów usuniętych plików.",
        "apierror-cantview-deleted-metadata": "Nie masz uprawnień do podglądu metadanych usuniętych plików.",
+       "apierror-cantview-deleted-revision-content": "Nie masz uprawnień do podglądu treści usuniętych wersji.",
        "apierror-exceptioncaught": "[$1] Stwierdzono wyjątek: $2",
        "apierror-filedoesnotexist": "Plik nie istnieje.",
        "apierror-import-unknownerror": "Nieznany błąd podczas importowania: $1.",
index 6e2c1f1..77f927d 100644 (file)
        "apierror-cantoverwrite-sharedfile": "O arquivo de destino existe em um repositório compartilhado e você não tem permissão para substituí-lo.",
        "apierror-cantsend": "Você não está logado, não possui um endereço de e-mail confirmado ou não tem permissão para enviar e-mails para outros usuários, por isso não pode enviar e-mails.",
        "apierror-cantundelete": "Não foi possível recuperar arquivos: as revisões solicitadas podem não existir ou talvez já tenham sido eliminadas.",
+       "apierror-cantview-deleted-comment": "Você não tem permissão para visualizar comentários excluídos.",
+       "apierror-cantview-deleted-description": "Você não tem permissão para visualizar descrições de arquivos excluídos.",
+       "apierror-cantview-deleted-metadata": "Você não tem permissão para visualizar os metadados dos arquivos excluídos.",
+       "apierror-cantview-deleted-revision-content": "Você não tem permissão para visualizar o conteúdo das revisões excluídas.",
        "apierror-changeauth-norequest": "Falha ao criar pedido de mudança.",
        "apierror-chunk-too-small": "O tamanho mínimo do bloco é $1 {{PLURAL:$1|byte|bytes}} para os pedaços não finais.",
        "apierror-cidrtoobroad": "Os intervalos CIDR $1 maiores que /$2 não são aceitos.",
index e796d25..b648443 100644 (file)
        "apierror-cantoverwrite-sharedfile": "{{doc-apierror}}",
        "apierror-cantsend": "{{doc-apierror}}",
        "apierror-cantundelete": "{{doc-apierror}}",
+       "apierror-cantview-deleted-comment": "{{doc-apierror}}",
        "apierror-cantview-deleted-description": "{{doc-apierror}}",
        "apierror-cantview-deleted-metadata": "{{doc-apierror}}",
+       "apierror-cantview-deleted-revision-content": "{{doc-apierror}}",
        "apierror-changeauth-norequest": "{{doc-apierror}}",
        "apierror-chunk-too-small": "{{doc-apierror}}\n\nParameters:\n* $1 - Minimum size in bytes.",
        "apierror-cidrtoobroad": "{{doc-apierror}}\n\nParameters:\n* $1 - \"IPv4\" or \"IPv6\"\n* $2 - Minimum CIDR mask length.",
index e27ebac..2e20529 100644 (file)
@@ -41,16 +41,6 @@ use Wikimedia\IPSet;
  * @since 1.34 Refactored from User and Block.
  */
 class BlockManager {
-       // TODO: This should be UserIdentity instead of User
-       /** @var User */
-       private $currentUser;
-
-       /** @var WebRequest */
-       private $currentRequest;
-
-       /** @var PermissionManager */
-       private $permissionManager;
-
        /**
         * TODO Make this a const when HHVM support is dropped (T192166)
         *
@@ -71,20 +61,14 @@ class BlockManager {
 
        /**
         * @param ServiceOptions $options
-        * @param User $currentUser
-        * @param WebRequest $currentRequest
         * @param PermissionManager $permissionManager
         */
        public function __construct(
                ServiceOptions $options,
-               User $currentUser,
-               WebRequest $currentRequest,
                PermissionManager $permissionManager
        ) {
                $options->assertRequiredOptions( self::$constructorOptions );
                $this->options = $options;
-               $this->currentUser = $currentUser;
-               $this->currentRequest = $currentRequest;
                $this->permissionManager = $permissionManager;
        }
 
@@ -93,51 +77,116 @@ class BlockManager {
         * return a composite block that combines the strictest features of the applicable
         * blocks.
         *
-        * TODO: $user should be UserIdentity instead of User
+        * Different blocks may be sought, depending on the user and their permissions. The
+        * user may be:
+        * (1) The global user (and can be affected by IP blocks). The global request object
+        * is needed for checking the IP address, the XFF header and the cookies.
+        * (2) The global user (and exempt from IP blocks). The global request object is
+        * needed for checking the cookies.
+        * (3) Another user (not the global user). No request object is available or needed;
+        * just look for a block against the user account.
+        *
+        * Cases #1 and #2 check whether the global user is blocked in practice; the block
+        * may due to their user account being blocked or to an IP address block or cookie
+        * block (or multiple of these). Case #3 simply checks whether a user's account is
+        * blocked, and does not determine whether the person using that account is affected
+        * in practice by any IP address or cookie blocks.
         *
         * @internal This should only be called by User::getBlockedStatus
         * @param User $user
+        * @param WebRequest|null $request The global request object if the user is the
+        *  global user (cases #1 and #2), otherwise null (case #3). The IP address and
+        *  information from the request header are needed to find some types of blocks.
         * @param bool $fromReplica Whether to check the replica DB first.
         *  To improve performance, non-critical checks are done against replica DBs.
         *  Check when actually saving should be done against master.
         * @return AbstractBlock|null The most relevant block, or null if there is no block.
         */
-       public function getUserBlock( User $user, $fromReplica ) {
-               $isAnon = $user->getId() === 0;
+       public function getUserBlock( User $user, $request, $fromReplica ) {
                $fromMaster = !$fromReplica;
+               $ip = null;
 
-               // TODO: If $user is the current user, we should use the current request. Otherwise,
-               // we should not look for XFF or cookie blocks.
-               $request = $user->getRequest();
+               // If this is the global user, they may be affected by IP blocks (case #1),
+               // or they may be exempt (case #2). If affected, look for additional blocks
+               // against the IP address.
+               $checkIpBlocks = $request &&
+                       !$this->permissionManager->userHasRight( $user, 'ipblock-exempt' );
 
-               # We only need to worry about passing the IP address to the block generator if the
-               # user is not immune to autoblocks/hardblocks, and they are the current user so we
-               # know which IP address they're actually coming from
-               $ip = null;
-               $sessionUser = $this->currentUser;
-               // the session user is set up towards the end of Setup.php. Until then,
-               // assume it's a logged-out user.
-               $globalUserName = $sessionUser->isSafeToLoad()
-                       ? $sessionUser->getName()
-                       : IP::sanitizeIP( $this->currentRequest->getIP() );
-               if ( $user->getName() === $globalUserName &&
-                        !$this->permissionManager->userHasRight( $user, 'ipblock-exempt' ) ) {
-                       $ip = $this->currentRequest->getIP();
+               if ( $request && $checkIpBlocks ) {
+
+                       // Case #1: checking the global user, including IP blocks
+                       $ip = $request->getIP();
+                       // TODO: remove dependency on DatabaseBlock (T221075)
+                       $blocks = DatabaseBlock::newListFromTarget( $user, $ip, $fromMaster );
+                       $this->getAdditionalIpBlocks( $blocks, $request, !$user->isRegistered(), $fromMaster );
+                       $this->getCookieBlock( $blocks, $user, $request );
+
+               } elseif ( $request ) {
+
+                       // Case #2: checking the global user, but they are exempt from IP blocks
+                       // TODO: remove dependency on DatabaseBlock (T221075)
+                       $blocks = DatabaseBlock::newListFromTarget( $user, null, $fromMaster );
+                       $this->getCookieBlock( $blocks, $user, $request );
+
+               } else {
+
+                       // Case #3: checking whether a user's account is blocked
+                       // TODO: remove dependency on DatabaseBlock (T221075)
+                       $blocks = DatabaseBlock::newListFromTarget( $user, null, $fromMaster );
+
+               }
+
+               // Filter out any duplicated blocks, e.g. from the cookie
+               $blocks = $this->getUniqueBlocks( $blocks );
+
+               $block = null;
+               if ( count( $blocks ) > 0 ) {
+                       if ( count( $blocks ) === 1 ) {
+                               $block = $blocks[ 0 ];
+                       } else {
+                               $block = new CompositeBlock( [
+                                       'address' => $ip,
+                                       'byText' => 'MediaWiki default',
+                                       'reason' => wfMessage( 'blockedtext-composite-reason' )->plain(),
+                                       'originalBlocks' => $blocks,
+                               ] );
+                       }
                }
 
-               // User/IP blocking
-               // After this, $blocks is an array of blocks or an empty array
-               // TODO: remove dependency on DatabaseBlock
-               $blocks = DatabaseBlock::newListFromTarget( $user, $ip, $fromMaster );
+               Hooks::run( 'GetUserBlock', [ clone $user, $ip, &$block ] );
+
+               return $block;
+       }
 
-               // Cookie blocking
+       /**
+        * Get the cookie block, if there is one.
+        *
+        * @param AbstractBlock[] &$blocks
+        * @param UserIdentity $user
+        * @param WebRequest $request
+        * @return void
+        */
+       private function getCookieBlock( &$blocks, UserIdentity $user, WebRequest $request ) {
                $cookieBlock = $this->getBlockFromCookieValue( $user, $request );
-               if ( $cookieBlock instanceof AbstractBlock ) {
+               if ( $cookieBlock instanceof DatabaseBlock ) {
                        $blocks[] = $cookieBlock;
                }
+       }
+
+       /**
+        * Check for any additional blocks against the IP address or any IPs in the XFF header.
+        *
+        * @param AbstractBlock[] &$blocks Blocks found so far
+        * @param WebRequest $request
+        * @param bool $isAnon The user is logged out
+        * @param bool $fromMaster
+        * @return void
+        */
+       private function getAdditionalIpBlocks( &$blocks, WebRequest $request, $isAnon, $fromMaster ) {
+               $ip = $request->getIP();
 
                // Proxy blocking
-               if ( $ip !== null && !in_array( $ip, $this->options->get( 'ProxyWhitelist' ) ) ) {
+               if ( !in_array( $ip, $this->options->get( 'ProxyWhitelist' ) ) ) {
                        // Local list
                        if ( $this->isLocallyBlockedProxy( $ip ) ) {
                                $blocks[] = new SystemBlock( [
@@ -156,24 +205,8 @@ class BlockManager {
                        }
                }
 
-               // (T25343) Apply IP blocks to the contents of XFF headers, if enabled
-               if ( $this->options->get( 'ApplyIpBlocksToXff' )
-                       && $ip !== null
-                       && !in_array( $ip, $this->options->get( 'ProxyWhitelist' ) )
-               ) {
-                       $xff = $request->getHeader( 'X-Forwarded-For' );
-                       $xff = array_map( 'trim', explode( ',', $xff ) );
-                       $xff = array_diff( $xff, [ $ip ] );
-                       // TODO: remove dependency on DatabaseBlock
-                       $xffblocks = DatabaseBlock::getBlocksForIPList( $xff, $isAnon, $fromMaster );
-                       $blocks = array_merge( $blocks, $xffblocks );
-               }
-
                // Soft blocking
-               if ( $ip !== null
-                       && $isAnon
-                       && IP::isInRanges( $ip, $this->options->get( 'SoftBlockRanges' ) )
-               ) {
+               if ( $isAnon && IP::isInRanges( $ip, $this->options->get( 'SoftBlockRanges' ) ) ) {
                        $blocks[] = new SystemBlock( [
                                'address' => $ip,
                                'byText' => 'MediaWiki default',
@@ -183,26 +216,17 @@ class BlockManager {
                        ] );
                }
 
-               // Filter out any duplicated blocks, e.g. from the cookie
-               $blocks = $this->getUniqueBlocks( $blocks );
-
-               $block = null;
-               if ( count( $blocks ) > 0 ) {
-                       if ( count( $blocks ) === 1 ) {
-                               $block = $blocks[ 0 ];
-                       } else {
-                               $block = new CompositeBlock( [
-                                       'address' => $ip,
-                                       'byText' => 'MediaWiki default',
-                                       'reason' => wfMessage( 'blockedtext-composite-reason' )->plain(),
-                                       'originalBlocks' => $blocks,
-                               ] );
-                       }
+               // (T25343) Apply IP blocks to the contents of XFF headers, if enabled
+               if ( $this->options->get( 'ApplyIpBlocksToXff' )
+                       && !in_array( $ip, $this->options->get( 'ProxyWhitelist' ) )
+               ) {
+                       $xff = $request->getHeader( 'X-Forwarded-For' );
+                       $xff = array_map( 'trim', explode( ',', $xff ) );
+                       $xff = array_diff( $xff, [ $ip ] );
+                       // TODO: remove dependency on DatabaseBlock (T221075)
+                       $xffblocks = DatabaseBlock::getBlocksForIPList( $xff, $isAnon, $fromMaster );
+                       $blocks = array_merge( $blocks, $xffblocks );
                }
-
-               Hooks::run( 'GetUserBlock', [ clone $user, $ip, &$block ] );
-
-               return $block;
        }
 
        /**
@@ -255,7 +279,7 @@ class BlockManager {
 
                $blockCookieId = $this->getIdFromCookieValue( $cookieValue );
                if ( !is_null( $blockCookieId ) ) {
-                       // TODO: remove dependency on DatabaseBlock
+                       // TODO: remove dependency on DatabaseBlock (T221075)
                        $block = DatabaseBlock::newFromID( $blockCookieId );
                        if (
                                $block instanceof DatabaseBlock &&
index 9ee000d..ba6cb2c 100644 (file)
@@ -524,9 +524,7 @@ class ChangeTags {
                                        ->userHasRight( $user, 'applychangetags' )
                        ) {
                                return Status::newFatal( 'tags-apply-no-permission' );
-                       } elseif ( $user->getBlock() ) {
-                               // @TODO Ensure that the block does not apply to the `applychangetags`
-                               //       right.
+                       } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
                                return Status::newFatal( 'tags-apply-blocked', $user->getName() );
                        }
                }
@@ -601,9 +599,7 @@ class ChangeTags {
                                        ->userHasRight( $user, 'changetags' )
                        ) {
                                return Status::newFatal( 'tags-update-no-permission' );
-                       } elseif ( $user->getBlock() ) {
-                               // @TODO Ensure that the block does not apply to the `changetags`
-                               //       right.
+                       } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
                                return Status::newFatal( 'tags-update-blocked', $user->getName() );
                        }
                }
@@ -1023,9 +1019,7 @@ class ChangeTags {
                                        ->userHasRight( $user, 'managechangetags' )
                        ) {
                                return Status::newFatal( 'tags-manage-no-permission' );
-                       } elseif ( $user->getBlock() ) {
-                               // @TODO Ensure that the block does not apply to the `managechangetags`
-                               //       right.
+                       } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
                                return Status::newFatal( 'tags-manage-blocked', $user->getName() );
                        }
                }
@@ -1099,9 +1093,7 @@ class ChangeTags {
                                        ->userHasRight( $user, 'managechangetags' )
                        ) {
                                return Status::newFatal( 'tags-manage-no-permission' );
-                       } elseif ( $user->getBlock() ) {
-                               // @TODO Ensure that the block does not apply to the `managechangetags`
-                               //       right.
+                       } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
                                return Status::newFatal( 'tags-manage-blocked', $user->getName() );
                        }
                }
@@ -1200,9 +1192,7 @@ class ChangeTags {
                                        ->userHasRight( $user, 'managechangetags' )
                        ) {
                                return Status::newFatal( 'tags-manage-no-permission' );
-                       } elseif ( $user->getBlock() ) {
-                               // @TODO Ensure that the block does not apply to the `managechangetags`
-                               //       right.
+                       } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
                                return Status::newFatal( 'tags-manage-blocked', $user->getName() );
                        }
                }
@@ -1322,9 +1312,7 @@ class ChangeTags {
                                        ->userHasRight( $user, 'deletechangetags' )
                        ) {
                                return Status::newFatal( 'tags-delete-no-permission' );
-                       } elseif ( $user->getBlock() ) {
-                               // @TODO Ensure that the block does not apply to the `deletechangetags`
-                               //       right.
+                       } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
                                return Status::newFatal( 'tags-manage-blocked', $user->getName() );
                        }
                }
index ddffaa3..7044748 100644 (file)
@@ -24,12 +24,12 @@ use Wikimedia\Assert\Assert;
 use MediaWiki\MediaWikiServices;
 
 /**
- * Handles purging appropriate CDN URLs given a title (or titles)
+ * Handles purging the appropriate CDN objects given a list of URLs or Title instances
  * @ingroup Cache
  */
 class CdnCacheUpdate implements DeferrableUpdate, MergeableUpdate {
        /** @var string[] Collection of URLs to purge */
-       protected $urls = [];
+       private $urls = [];
 
        /**
         * @param string[] $urlArr Collection of URLs to purge
@@ -99,10 +99,9 @@ class CdnCacheUpdate implements DeferrableUpdate, MergeableUpdate {
                wfDebugLog( 'squid', __METHOD__ . ': ' . implode( ' ', $urlArr ) );
 
                // Reliably broadcast the purge to all edge nodes
-               $relayer = MediaWikiServices::getInstance()->getEventRelayerGroup()
-                                       ->getRelayer( 'cdn-url-purges' );
                $ts = microtime( true );
-               $relayer->notifyMulti(
+               $relayerGroup = MediaWikiServices::getInstance()->getEventRelayerGroup();
+               $relayerGroup->getRelayer( 'cdn-url-purges' )->notifyMulti(
                        'cdn-url-purges',
                        array_map(
                                function ( $url ) use ( $ts ) {
index 29846bf..9e45241 100644 (file)
  */
 
 /**
- * Class to invalidate the HTML cache of all the pages linking to a given title.
+ * Class to invalidate the HTML/file cache of all the pages linking to a given title
  *
  * @ingroup Cache
  */
 class HTMLCacheUpdate extends DataUpdate {
        /** @var Title */
-       public $mTitle;
-
+       private $title;
        /** @var string */
-       public $mTable;
+       private $table;
 
        /**
         * @param Title $titleTo
@@ -42,16 +41,16 @@ class HTMLCacheUpdate extends DataUpdate {
        function __construct(
                Title $titleTo, $table, $causeAction = 'unknown', $causeAgent = 'unknown'
        ) {
-               $this->mTitle = $titleTo;
-               $this->mTable = $table;
+               $this->title = $titleTo;
+               $this->table = $table;
                $this->causeAction = $causeAction;
                $this->causeAgent = $causeAgent;
        }
 
        public function doUpdate() {
                $job = HTMLCacheUpdateJob::newForBacklinks(
-                       $this->mTitle,
-                       $this->mTable,
+                       $this->title,
+                       $this->table,
                        [ 'causeAction' => $this->getCauseAction(), 'causeAgent' => $this->getCauseAgent() ]
                );
 
index 8345ee6..c4e8341 100644 (file)
@@ -1066,6 +1066,7 @@ class LinksUpdate extends DataUpdate {
        private function invalidateProperties( $changed ) {
                global $wgPagePropLinkInvalidations;
 
+               $jobs = [];
                foreach ( $changed as $name => $value ) {
                        if ( isset( $wgPagePropLinkInvalidations[$name] ) ) {
                                $inv = $wgPagePropLinkInvalidations[$name];
@@ -1073,12 +1074,16 @@ class LinksUpdate extends DataUpdate {
                                        $inv = [ $inv ];
                                }
                                foreach ( $inv as $table ) {
-                                       DeferredUpdates::addUpdate(
-                                               new HTMLCacheUpdate( $this->mTitle, $table, 'page-props' )
+                                       $jobs[] = HTMLCacheUpdateJob::newForBacklinks(
+                                               $this->mTitle,
+                                               $table,
+                                               [ 'causeAction' => 'page-props' ]
                                        );
                                }
                        }
                }
+
+               JobQueueGroup::singleton()->lazyPush( $jobs );
        }
 
        /**
index a508746..84f6fc0 100644 (file)
@@ -50,7 +50,7 @@ class SearchUpdate implements DeferrableUpdate {
         */
        public function __construct( $id, $title, $c = null ) {
                if ( is_string( $title ) ) {
-                       wfDeprecated( __METHOD__ . " with a string for the title", 1.34 );
+                       wfDeprecated( __METHOD__ . " with a string for the title", '1.34' );
                        $this->title = Title::newFromText( $title );
                        if ( $this->title === null ) {
                                throw new InvalidArgumentException( "Cannot construct the title: $title" );
@@ -62,10 +62,10 @@ class SearchUpdate implements DeferrableUpdate {
                $this->id = $id;
                // is_string() check is back-compat for ApprovedRevs
                if ( is_string( $c ) ) {
-                       wfDeprecated( __METHOD__ . " with a string for the content", 1.34 );
+                       wfDeprecated( __METHOD__ . " with a string for the content", '1.34' );
                        $c = new TextContent( $c );
                } elseif ( is_bool( $c ) ) {
-                       wfDeprecated( __METHOD__ . " with a boolean for the content", 1.34 );
+                       wfDeprecated( __METHOD__ . " with a boolean for the content", '1.34' );
                        $c = null;
                }
                $this->content = $c;
index ec0b344..c1b3595 100644 (file)
@@ -30,6 +30,7 @@
 use MediaWiki\MediaWikiServices as MediaWikiServicesAlias;
 use MediaWiki\Storage\RevisionRecord;
 use Wikimedia\Rdbms\IResultWrapper;
+use Wikimedia\Rdbms\IDatabase;
 
 /**
  * @ingroup SpecialPage Dump
@@ -67,7 +68,7 @@ class WikiExporter {
        /** @var XmlDumpWriter */
        private $writer;
 
-       /** @var Database */
+       /** @var IDatabase */
        protected $db;
 
        /** @var array|int */
@@ -86,7 +87,7 @@ class WikiExporter {
        }
 
        /**
-        * @param Database $db
+        * @param IDatabase $db
         * @param int|array $history One of WikiExporter::FULL, WikiExporter::CURRENT,
         *   WikiExporter::RANGE or WikiExporter::STABLE, or an associative array:
         *   - offset: non-inclusive offset at which to start the query
@@ -303,29 +304,36 @@ class WikiExporter {
                if ( $cond ) {
                        $where[] = $cond;
                }
-               # Get logging table name for logging.* clause
-               $logging = $this->db->tableName( 'logging' );
-
                $result = null; // Assuring $result is not undefined, if exception occurs early
 
                $commentQuery = CommentStore::getStore()->getJoin( 'log_comment' );
                $actorQuery = ActorMigration::newMigration()->getJoin( 'log_user' );
 
+               $tables = array_merge(
+                       [ 'logging' ], $commentQuery['tables'], $actorQuery['tables'], [ 'user' ]
+               );
+               $fields = [
+                       'log_id', 'log_type', 'log_action', 'log_timestamp', 'log_namespace',
+                       'log_title', 'log_params', 'log_deleted', 'user_name'
+               ] + $commentQuery['fields'] + $actorQuery['fields'];
+               $options = [
+                       'ORDER BY' => 'log_id',
+                       'USE INDEX' => [ 'logging' => 'PRIMARY' ],
+                       'LIMIT' => self::BATCH_SIZE,
+               ];
+               $joins = [
+                       'user' => [ 'JOIN', 'user_id = ' . $actorQuery['fields']['log_user'] ]
+               ] + $commentQuery['joins'] + $actorQuery['joins'];
+
                $lastLogId = 0;
                while ( true ) {
                        $result = $this->db->select(
-                               array_merge( [ 'logging' ], $commentQuery['tables'], $actorQuery['tables'], [ 'user' ] ),
-                               [ "{$logging}.*", 'user_name' ] + $commentQuery['fields'] + $actorQuery['fields'],
+                               $tables,
+                               $fields,
                                array_merge( $where, [ 'log_id > ' . intval( $lastLogId ) ] ),
                                __METHOD__,
-                               [
-                                       'ORDER BY' => 'log_id',
-                                       'USE INDEX' => [ 'logging' => 'PRIMARY' ],
-                                       'LIMIT' => self::BATCH_SIZE,
-                               ],
-                               [
-                                       'user' => [ 'JOIN', 'user_id = ' . $actorQuery['fields']['log_user'] ]
-                               ] + $commentQuery['joins'] + $actorQuery['joins']
+                               $options,
+                               $joins
                        );
 
                        if ( !$result->numRows() ) {
index 4db351b..264eabc 100644 (file)
@@ -26,6 +26,7 @@ use Wikimedia\Rdbms\IDatabase;
 use Wikimedia\Rdbms\DBConnRef;
 use Wikimedia\Rdbms\MaintainableDBConnRef;
 use Wikimedia\Rdbms\DatabaseDomain;
+use Wikimedia\Rdbms\DBUnexpectedError;
 
 /**
  * DB accessible external objects.
@@ -113,7 +114,11 @@ class ExternalStoreDB extends ExternalStoreMedium {
         */
        public function store( $location, $data ) {
                $dbw = $this->getMaster( $location );
-               $dbw->insert( $this->getTable( $dbw ), [ 'blob_text' => $data ], __METHOD__ );
+               $dbw->insert(
+                       $this->getTable( $dbw, $location ),
+                       [ 'blob_text' => $data ],
+                       __METHOD__
+               );
                $id = $dbw->insertId();
                if ( !$id ) {
                        throw new MWException( __METHOD__ . ': no insert ID' );
@@ -149,10 +154,11 @@ class ExternalStoreDB extends ExternalStoreMedium {
        /**
         * Get a replica DB connection for the specified cluster
         *
+        * @since 1.34
         * @param string $cluster Cluster name
         * @return DBConnRef
         */
-       public function getSlave( $cluster ) {
+       public function getReplica( $cluster ) {
                $lb = $this->getLoadBalancer( $cluster );
 
                return $lb->getConnectionRef(
@@ -163,6 +169,17 @@ class ExternalStoreDB extends ExternalStoreMedium {
                );
        }
 
+       /**
+        * Get a replica DB connection for the specified cluster
+        *
+        * @param string $cluster Cluster name
+        * @return DBConnRef
+        * @deprecated since 1.34
+        */
+       public function getSlave( $cluster ) {
+               return $this->getReplica( $cluster );
+       }
+
        /**
         * Get a master database connection for the specified cluster
         *
@@ -211,15 +228,55 @@ class ExternalStoreDB extends ExternalStoreMedium {
         * Get the 'blobs' table name for this database
         *
         * @param IDatabase $db
+        * @param string|null $cluster Cluster name
         * @return string Table name ('blobs' by default)
         */
-       public function getTable( $db ) {
-               $table = $db->getLBInfo( 'blobs table' );
-               if ( is_null( $table ) ) {
-                       $table = 'blobs';
+       public function getTable( $db, $cluster = null ) {
+               if ( $cluster !== null ) {
+                       $lb = $this->getLoadBalancer( $cluster );
+                       $info = $lb->getServerInfo( $lb->getWriterIndex() );
+                       if ( isset( $info['blobs table'] ) ) {
+                               return $info['blobs table'];
+                       }
                }
 
-               return $table;
+               return $db->getLBInfo( 'blobs table' ) ?? 'blobs'; // b/c
+       }
+
+       /**
+        * Create the appropriate blobs table on this cluster
+        *
+        * @see getTable()
+        * @since 1.34
+        * @param string $cluster
+        */
+       public function initializeTable( $cluster ) {
+               global $IP;
+
+               static $supportedTypes = [ 'mysql', 'sqlite' ];
+
+               $dbw = $this->getMaster( $cluster );
+               if ( !in_array( $dbw->getType(), $supportedTypes, true ) ) {
+                       throw new DBUnexpectedError( $dbw, "RDBMS type '{$dbw->getType()}' not supported." );
+               }
+
+               $sqlFilePath = "$IP/maintenance/storage/blobs.sql";
+               $sql = file_get_contents( $sqlFilePath );
+               if ( $sql === false ) {
+                       throw new RuntimeException( "Failed to read '$sqlFilePath'." );
+               }
+
+               $rawTable = $this->getTable( $dbw, $cluster ); // e.g. "blobs_cluster23"
+               $encTable = $dbw->tableName( $rawTable );
+               $dbw->query(
+                       str_replace(
+                               [ '/*$wgDBprefix*/blobs', '/*_*/blobs' ],
+                               [ $encTable, $encTable ],
+                               $sql
+                       ),
+                       __METHOD__,
+                       $dbw::QUERY_IGNORE_DBO_TRX
+               );
        }
 
        /**
@@ -251,15 +308,23 @@ class ExternalStoreDB extends ExternalStoreMedium {
 
                $this->logger->debug( "ExternalStoreDB::fetchBlob cache miss on $cacheID" );
 
-               $dbr = $this->getSlave( $cluster );
-               $ret = $dbr->selectField( $this->getTable( $dbr ),
-                       'blob_text', [ 'blob_id' => $id ], __METHOD__ );
+               $dbr = $this->getReplica( $cluster );
+               $ret = $dbr->selectField(
+                       $this->getTable( $dbr, $cluster ),
+                       'blob_text',
+                       [ 'blob_id' => $id ],
+                       __METHOD__
+               );
                if ( $ret === false ) {
                        $this->logger->info( "ExternalStoreDB::fetchBlob master fallback on $cacheID" );
                        // Try the master
                        $dbw = $this->getMaster( $cluster );
-                       $ret = $dbw->selectField( $this->getTable( $dbw ),
-                               'blob_text', [ 'blob_id' => $id ], __METHOD__ );
+                       $ret = $dbw->selectField(
+                               $this->getTable( $dbw, $cluster ),
+                               'blob_text',
+                               [ 'blob_id' => $id ],
+                               __METHOD__
+                       );
                        if ( $ret === false ) {
                                $this->logger->error( "ExternalStoreDB::fetchBlob master failed to find $cacheID" );
                        }
@@ -283,9 +348,9 @@ class ExternalStoreDB extends ExternalStoreMedium {
         *   Unlocated ids are not represented
         */
        private function batchFetchBlobs( $cluster, array $ids ) {
-               $dbr = $this->getSlave( $cluster );
+               $dbr = $this->getReplica( $cluster );
                $res = $dbr->select(
-                       $this->getTable( $dbr ),
+                       $this->getTable( $dbr, $cluster ),
                        [ 'blob_id', 'blob_text' ],
                        [ 'blob_id' => array_keys( $ids ) ],
                        __METHOD__
@@ -302,7 +367,8 @@ class ExternalStoreDB extends ExternalStoreMedium {
                        );
                        // Try the master
                        $dbw = $this->getMaster( $cluster );
-                       $res = $dbw->select( $this->getTable( $dbr ),
+                       $res = $dbw->select(
+                               $this->getTable( $dbr, $cluster ),
                                [ 'blob_id', 'blob_text' ],
                                [ 'blob_id' => array_keys( $ids ) ],
                                __METHOD__ );
index 0d5776b..60d4e29 100644 (file)
@@ -1467,13 +1467,15 @@ abstract class File implements IDBAccessObject {
                // Delete thumbnails and refresh file metadata cache
                $this->purgeCache();
                $this->purgeDescription();
-
                // Purge cache of all pages using this file
                $title = $this->getTitle();
                if ( $title ) {
-                       DeferredUpdates::addUpdate(
-                               new HTMLCacheUpdate( $title, 'imagelinks', 'file-purge' )
+                       $job = HTMLCacheUpdateJob::newForBacklinks(
+                               $title,
+                               'imagelinks',
+                               [ 'causeAction' => 'file-purge' ]
                        );
+                       JobQueueGroup::singleton()->lazyPush( $job );
                }
        }
 
index 9ed7ae3..26f3d3a 100644 (file)
@@ -73,7 +73,7 @@ class FSFileBackend extends FileBackendStore {
        /** @var string Required OS username to own files */
        protected $fileOwner;
 
-       /** @var bool Whether the OS is Windows (otherwise assumed Unix-like)*/
+       /** @var bool Whether the OS is Windows (otherwise assumed Unix-like) */
        protected $isWindows;
        /** @var string OS username running this script */
        protected $currentUser;
index edea75f..5632d5e 100644 (file)
@@ -1083,11 +1083,11 @@ class SwiftFileBackend extends FileBackendStore {
        protected function doStreamFile( array $params ) {
                $status = $this->newStatus();
 
-               $flags = !empty( $params['headless'] ) ? StreamFile::STREAM_HEADLESS : 0;
+               $flags = !empty( $params['headless'] ) ? HTTPFileStreamer::STREAM_HEADLESS : 0;
 
                list( $srcCont, $srcRel ) = $this->resolveStoragePathReal( $params['src'] );
                if ( $srcRel === null ) {
-                       StreamFile::send404Message( $params['src'], $flags );
+                       HTTPFileStreamer::send404Message( $params['src'], $flags );
                        $status->fatal( 'backend-fail-invalidpath', $params['src'] );
 
                        return $status;
@@ -1095,7 +1095,7 @@ class SwiftFileBackend extends FileBackendStore {
 
                $auth = $this->getAuthentication();
                if ( !$auth || !is_array( $this->getContainerStat( $srcCont ) ) ) {
-                       StreamFile::send404Message( $params['src'], $flags );
+                       HTTPFileStreamer::send404Message( $params['src'], $flags );
                        $status->fatal( 'backend-fail-stream', $params['src'] );
 
                        return $status;
@@ -1104,7 +1104,7 @@ class SwiftFileBackend extends FileBackendStore {
                // If "headers" is set, we only want to send them if the file is there.
                // Do not bother checking if the file exists if headers are not set though.
                if ( $params['headers'] && !$this->fileExists( $params ) ) {
-                       StreamFile::send404Message( $params['src'], $flags );
+                       HTTPFileStreamer::send404Message( $params['src'], $flags );
                        $status->fatal( 'backend-fail-stream', $params['src'] );
 
                        return $status;
index 649225d..8697f9f 100644 (file)
@@ -34,6 +34,8 @@ abstract class FileBackendStoreOpHandle {
        public $backend;
        /** @var array */
        public $resourcesToClose = [];
+       /** @var callable name that identifies the function called */
+       public $call;
 
        /**
         * Close all open file handles
index 77b029f..5d33e69 100644 (file)
@@ -60,7 +60,7 @@ class LBFactoryMulti extends LBFactory {
        private $masterTemplateOverrides = [];
        /** @var array[] Map of (host => server config map overrides) for main and external servers */
        private $templateOverridesByServer = [];
-       /**  @var string[]|bool[] A map of section name to read-only message */
+       /** @var string[]|bool[] A map of section name to read-only message */
        private $readOnlyBySection = [];
 
        /** @var string An ILoadMonitor class */
@@ -85,7 +85,7 @@ class LBFactoryMulti extends LBFactory {
         * data can be before the load balancer tries to avoid using it. The map can have 'is static'
         * set to disable blocking  replication sync checks (intended for archive servers with
         * unchanging data).
-
+        *
         * @see LBFactory::__construct()
         * @param array $conf Additional parameters include:
         *   - hostsByName                 Optional (hostname => IP address) map.
index eb645cc..343e35c 100644 (file)
@@ -90,6 +90,10 @@ class RedisConnectionPool implements LoggerAwareInterface {
                if ( !isset( $options['serializer'] ) || $options['serializer'] === 'php' ) {
                        $this->serializer = Redis::SERIALIZER_PHP;
                } elseif ( $options['serializer'] === 'igbinary' ) {
+                       if ( !defined( 'Redis::SERIALIZER_IGBINARY' ) ) {
+                               throw new InvalidArgumentException(
+                                       __CLASS__ . ': configured serializer "igbinary" not available' );
+                       }
                        $this->serializer = Redis::SERIALIZER_IGBINARY;
                } elseif ( $options['serializer'] === 'none' ) {
                        $this->serializer = Redis::SERIALIZER_NONE;
index d27643c..d49e3c5 100644 (file)
@@ -22,6 +22,8 @@
  * @since 1.25
  */
 
+use MediaWiki\MediaWikiServices;
+
 /**
  * This class formats block log entries.
  *
@@ -138,7 +140,9 @@ class BlockLogFormatter extends LogFormatter {
                $linkRenderer = $this->getLinkRenderer();
                if ( $this->entry->isDeleted( LogPage::DELETED_ACTION ) // Action is hidden
                        || !( $subtype === 'block' || $subtype === 'reblock' )
-                       || !$this->context->getUser()->isAllowed( 'block' )
+                       || !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->context->getUser(), 'block' )
                ) {
                        return '';
                }
index e05357c..23c582c 100644 (file)
@@ -1,5 +1,7 @@
 <?php
 
+use MediaWiki\MediaWikiServices;
+
 class ContentModelLogFormatter extends LogFormatter {
        protected function getMessageParameters() {
                $lang = $this->context->getLanguage();
@@ -12,7 +14,9 @@ class ContentModelLogFormatter extends LogFormatter {
        public function getActionLinks() {
                if ( $this->entry->isDeleted( LogPage::DELETED_ACTION ) // Action is hidden
                        || $this->entry->getSubtype() !== 'change'
-                       || !$this->context->getUser()->isAllowed( 'editcontentmodel' )
+                       || !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->context->getUser(), 'editcontentmodel' )
                ) {
                        return '';
                }
index 3bc19ff..0abb6f6 100644 (file)
@@ -23,6 +23,7 @@
  * @since 1.22
  */
 
+use MediaWiki\MediaWikiServices;
 use MediaWiki\Storage\RevisionRecord;
 
 /**
@@ -136,7 +137,8 @@ class DeleteLogFormatter extends LogFormatter {
        public function getActionLinks() {
                $user = $this->context->getUser();
                $linkRenderer = $this->getLinkRenderer();
-               if ( !$user->isAllowed( 'deletedhistory' )
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               if ( !$permissionManager->userHasRight( $user, 'deletedhistory' )
                        || $this->entry->isDeleted( LogPage::DELETED_ACTION )
                ) {
                        return '';
@@ -145,7 +147,7 @@ class DeleteLogFormatter extends LogFormatter {
                switch ( $this->entry->getSubtype() ) {
                        case 'delete': // Show undelete link
                        case 'delete_redir':
-                               if ( $user->isAllowed( 'undelete' ) ) {
+                               if ( $permissionManager->userHasRight( $user, 'undelete' ) ) {
                                        $message = 'undeletelink';
                                } else {
                                        $message = 'undeleteviewlink';
index 6791503..2e7f065 100644 (file)
@@ -233,7 +233,10 @@ class LogEventsList extends ContextSource {
                foreach ( LogPage::validTypes() as $type ) {
                        $page = new LogPage( $type );
                        $restriction = $page->getRestriction();
-                       if ( $this->getUser()->isAllowed( $restriction ) ) {
+                       if ( MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), $restriction )
+                       ) {
                                $typesByName[$type] = $page->getName()->text();
                        }
                }
@@ -450,11 +453,12 @@ class LogEventsList extends ContextSource {
                }
 
                $del = '';
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
                // Don't show useless checkbox to people who cannot hide log entries
-               if ( $user->isAllowed( 'deletedhistory' ) ) {
-                       $canHide = $user->isAllowed( 'deletelogentry' );
-                       $canViewSuppressedOnly = $user->isAllowed( 'viewsuppressed' ) &&
-                               !$user->isAllowed( 'suppressrevision' );
+               if ( $permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
+                       $canHide = $permissionManager->userHasRight( $user, 'deletelogentry' );
+                       $canViewSuppressedOnly = $permissionManager->userHasRight( $user, 'viewsuppressed' ) &&
+                               !$permissionManager->userHasRight( $user, 'suppressrevision' );
                        $entryIsSuppressed = self::isDeleted( $row, LogPage::DELETED_RESTRICTED );
                        $canViewThisSuppressedEntry = $canViewSuppressedOnly && $entryIsSuppressed;
                        if ( $row->log_deleted || $canHide ) {
@@ -508,7 +512,9 @@ class LogEventsList extends ContextSource {
                                in_array( $row->log_action, $action ) : $row->log_action == $action;
                        if ( $match && $right ) {
                                global $wgUser;
-                               $match = $wgUser->isAllowed( $right );
+                               $match = MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $wgUser, $right );
                        }
                }
 
@@ -572,7 +578,10 @@ class LogEventsList extends ContextSource {
                        $user = $wgUser;
                }
                $logRestrictions = MediaWikiServices::getInstance()->getMainConfig()->get( 'LogRestrictions' );
-               if ( isset( $logRestrictions[$type] ) && !$user->isAllowed( $logRestrictions[$type] ) ) {
+               if ( isset( $logRestrictions[$type] ) && !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $user, $logRestrictions[$type] )
+               ) {
                        return false;
                }
                return true;
@@ -783,7 +792,10 @@ class LogEventsList extends ContextSource {
 
                // Don't show private logs to unprivileged users
                foreach ( $wgLogRestrictions as $logType => $right ) {
-                       if ( $audience == 'public' || !$user->isAllowed( $right ) ) {
+                       if ( $audience == 'public' || !MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $user, $right )
+                       ) {
                                $hiddenLogs[] = $logType;
                        }
                }
index 9e63ffe..b4a6825 100644 (file)
@@ -163,7 +163,9 @@ class LogFormatter {
                $logRestrictions = $this->context->getConfig()->get( 'LogRestrictions' );
                $type = $this->entry->getType();
                return !isset( $logRestrictions[$type] )
-                       || $this->context->getUser()->isAllowed( $logRestrictions[$type] );
+                       || MediaWikiServices::getInstance()
+                                  ->getPermissionManager()
+                                  ->userHasRight( $this->context->getUser(), $logRestrictions[$type] );
        }
 
        /**
index 3871047..47aed56 100644 (file)
@@ -146,7 +146,9 @@ class LogPager extends ReverseChronologicalPager {
                $needReindex = false;
                foreach ( $types as $type ) {
                        if ( isset( $wgLogRestrictions[$type] )
-                               && !$user->isAllowed( $wgLogRestrictions[$type] )
+                               && !MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $user, $wgLogRestrictions[$type] )
                        ) {
                                $needReindex = true;
                                $types = array_diff( $types, [ $type ] );
@@ -462,12 +464,10 @@ class LogPager extends ReverseChronologicalPager {
                }
                $this->actionRestrictionsEnforced = true;
                $user = $this->getUser();
-               if ( !$user->isAllowed( 'deletedhistory' ) ) {
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
                        $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_ACTION ) . ' = 0';
-               } elseif ( !MediaWikiServices::getInstance()
-                       ->getPermissionManager()
-                       ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
-               ) {
+               } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) {
                        $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_ACTION ) .
                                ' != ' . LogPage::SUPPRESSED_USER;
                }
@@ -483,12 +483,10 @@ class LogPager extends ReverseChronologicalPager {
                }
                $this->performerRestrictionsEnforced = true;
                $user = $this->getUser();
-               if ( !$user->isAllowed( 'deletedhistory' ) ) {
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
                        $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_USER ) . ' = 0';
-               } elseif ( !MediaWikiServices::getInstance()
-                       ->getPermissionManager()
-                       ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
-               ) {
+               } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) {
                        $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_USER ) .
                                ' != ' . LogPage::SUPPRESSED_ACTION;
                }
index 7a6fb9d..925c976 100644 (file)
@@ -22,6 +22,8 @@
  * @since 1.25
  */
 
+use MediaWiki\MediaWikiServices;
+
 /**
  * This class formats merge log entries.
  *
@@ -47,7 +49,9 @@ class MergeLogFormatter extends LogFormatter {
 
        public function getActionLinks() {
                if ( $this->entry->isDeleted( LogPage::DELETED_ACTION ) // Action is hidden
-                       || !$this->context->getUser()->isAllowed( 'mergehistory' )
+                       || !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->context->getUser(), 'mergehistory' )
                ) {
                        return '';
                }
index 637a8e7..6797f98 100644 (file)
@@ -23,6 +23,8 @@
  * @since 1.22
  */
 
+use MediaWiki\MediaWikiServices;
+
 /**
  * This class formats move log entries.
  *
@@ -60,7 +62,9 @@ class MoveLogFormatter extends LogFormatter {
        public function getActionLinks() {
                if ( $this->entry->isDeleted( LogPage::DELETED_ACTION ) // Action is hidden
                        || $this->entry->getSubtype() !== 'move'
-                       || !$this->context->getUser()->isAllowed( 'move' )
+                       || !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->context->getUser(), 'move' )
                ) {
                        return '';
                }
index ba02457..6e3b26b 100644 (file)
@@ -101,7 +101,10 @@ class ProtectLogFormatter extends LogFormatter {
                ];
 
                // Show change protection link
-               if ( $this->context->getUser()->isAllowed( 'protect' ) ) {
+               if ( !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->context->getUser(), 'protect' )
+               ) {
                        $links[] = $linkRenderer->makeKnownLink(
                                $title,
                                $this->msg( 'protect_change' )->text(),
index cba68ef..4d176fb 100644 (file)
@@ -129,7 +129,10 @@ class EmailNotification {
                if ( $watchers === [] && !count( $wgUsersNotifiedOnAllChanges ) ) {
                        $sendEmail = false;
                        // Only send notification for non minor edits, unless $wgEnotifMinorEdits
-                       if ( !$minorEdit || ( $wgEnotifMinorEdits && !$editor->isAllowed( 'nominornewtalk' ) ) ) {
+                       if ( !$minorEdit || ( $wgEnotifMinorEdits && !MediaWikiServices::getInstance()
+                                               ->getPermissionManager()
+                                               ->userHasRight( $editor, 'nominornewtalk' ) )
+                       ) {
                                $isUserTalkPage = ( $title->getNamespace() == NS_USER_TALK );
                                if ( $wgEnotifUserTalk
                                        && $isUserTalkPage
@@ -214,7 +217,10 @@ class EmailNotification {
 
                $userTalkId = false;
 
-               if ( !$minorEdit || ( $wgEnotifMinorEdits && !$editor->isAllowed( 'nominornewtalk' ) ) ) {
+               if ( !$minorEdit || ( $wgEnotifMinorEdits && !MediaWikiServices::getInstance()
+                                  ->getPermissionManager()
+                                  ->userHasRight( $editor, 'nominornewtalk' ) )
+               ) {
                        if ( $wgEnotifUserTalk
                                && $isUserTalkPage
                                && $this->canSendUserTalkEmail( $editor, $title, $minorEdit )
index 47fa16f..0783068 100644 (file)
@@ -34,8 +34,8 @@ class UserMailer {
         * Send mail using a PEAR mailer
         *
         * @param Mail_smtp $mailer
-        * @param string $dest
-        * @param string $headers
+        * @param string[]|string $dest
+        * @param array $headers
         * @param string $body
         *
         * @return Status
@@ -382,6 +382,8 @@ class UserMailer {
                                throw new MWException( 'PEAR mail package is not installed' );
                        }
 
+                       $recips = array_map( 'strval', $to );
+
                        Wikimedia\suppressWarnings();
 
                        // Create the mail object using the Mail::factory method
@@ -397,13 +399,13 @@ class UserMailer {
                        $headers['Subject'] = self::quotedPrintable( $subject );
 
                        // When sending only to one recipient, shows it its email using To:
-                       if ( count( $to ) == 1 ) {
-                               $headers['To'] = $to[0]->toString();
+                       if ( count( $recips ) == 1 ) {
+                               $headers['To'] = $recips[0];
                        }
 
                        // Split jobs since SMTP servers tends to limit the maximum
                        // number of possible recipients.
-                       $chunks = array_chunk( $to, $wgEnotifMaxRecips );
+                       $chunks = array_chunk( $recips, $wgEnotifMaxRecips );
                        foreach ( $chunks as $chunk ) {
                                $status = self::sendWithPear( $mail_object, $chunk, $headers, $body );
                                // FIXME : some chunks might be sent while others are not!
index 8a26f60..dffb1f9 100644 (file)
@@ -122,14 +122,17 @@ class JpegMetadataExtractor {
                                $temp = self::jpegExtractMarker( $fh );
                                // check what type of app segment this is.
                                if ( substr( $temp, 0, 29 ) === "http://ns.adobe.com/xap/1.0/\x00" && $showXMP ) {
-                                       $segments["XMP"] = substr( $temp, 29 );
+                                       // use trim to remove trailing \0 chars
+                                       $segments["XMP"] = trim( substr( $temp, 29 ) );
                                } elseif ( substr( $temp, 0, 35 ) === "http://ns.adobe.com/xmp/extension/\x00" && $showXMP ) {
-                                       $segments["XMP_ext"][] = substr( $temp, 35 );
+                                       // use trim to remove trailing \0 chars
+                                       $segments["XMP_ext"][] = trim( substr( $temp, 35 ) );
                                } elseif ( substr( $temp, 0, 29 ) === "XMP\x00://ns.adobe.com/xap/1.0/\x00" && $showXMP ) {
                                        // Some images (especially flickr images) seem to have this.
                                        // I really have no idea what the deal is with them, but
                                        // whatever...
-                                       $segments["XMP"] = substr( $temp, 29 );
+                                       // use trim to remove trailing \0 chars
+                                       $segments["XMP"] = trim( substr( $temp, 29 ) );
                                        wfDebug( __METHOD__ . ' Found XMP section with wrong app identifier '
                                                . "Using anyways.\n" );
                                } elseif ( substr( $temp, 0, 6 ) === "Exif\0\0" ) {
index 1c2e782..4bede96 100644 (file)
@@ -1310,7 +1310,10 @@ class Article implements Page {
                }
 
                $outputPage->preventClickjacking();
-               if ( $user->isAllowed( 'writeapi' ) ) {
+               if ( MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $user, 'writeapi' )
+               ) {
                        $outputPage->addModules( 'mediawiki.page.patrol.ajax' );
                }
 
@@ -1827,7 +1830,10 @@ class Article implements Page {
                        [ 'delete', $this->getTitle()->getPrefixedText() ] )
                ) {
                        # Flag to hide all contents of the archived revisions
-                       $suppress = $request->getCheck( 'wpSuppress' ) && $user->isAllowed( 'suppressrevision' );
+
+                       $suppress = $request->getCheck( 'wpSuppress' ) && MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $user, 'suppressrevision' );
 
                        $this->doDelete( $reason, $suppress );
 
@@ -1986,8 +1992,8 @@ class Article implements Page {
                                ]
                        );
                }
-
-               if ( $user->isAllowed( 'suppressrevision' ) ) {
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               if ( $permissionManager->userHasRight( $user, 'suppressrevision' ) ) {
                        $fields[] = new OOUI\FieldLayout(
                                new OOUI\CheckboxInputWidget( [
                                        'name' => 'wpSuppress',
@@ -2045,7 +2051,7 @@ class Article implements Page {
                        ] )
                );
 
-               if ( $user->isAllowed( 'editinterface' ) ) {
+               if ( $permissionManager->userHasRight( $user, 'editinterface' ) ) {
                        $link = Linker::linkKnown(
                                $ctx->msg( 'deletereason-dropdown' )->inContentLanguage()->getTitle(),
                                wfMessage( 'delete-edit-reasonlist' )->escaped(),
index 9edaccc..cf2497f 100644 (file)
@@ -130,11 +130,10 @@ class ImageHistoryList extends ContextSource {
                $row = $selected = '';
 
                // Deletion link
-               if ( $local && ( $pm->userHasAnyRight( $user, 'delete', 'deletedhistory' ) )
-               ) {
+               if ( $local && ( $pm->userHasAnyRight( $user, 'delete', 'deletedhistory' ) ) ) {
                        $row .= '<td>';
                        # Link to remove from history
-                       if ( $user->isAllowed( 'delete' ) ) {
+                       if ( $pm->userHasRight( $user, 'delete' ) ) {
                                $q = [ 'action' => 'delete' ];
                                if ( !$iscur ) {
                                        $q['oldimage'] = $img;
@@ -146,9 +145,10 @@ class ImageHistoryList extends ContextSource {
                                );
                        }
                        # Link to hide content. Don't show useless link to people who cannot hide revisions.
-                       $canHide = $user->isAllowed( 'deleterevision' );
-                       if ( $canHide || ( $user->isAllowed( 'deletedhistory' ) && $file->getVisibility() ) ) {
-                               if ( $user->isAllowed( 'delete' ) ) {
+                       $canHide = $pm->userHasRight( $user, 'deleterevision' );
+                       if ( $canHide || ( $pm->userHasRight( $user, 'deletedhistory' )
+                                       && $file->getVisibility() ) ) {
+                               if ( $pm->userHasRight( $user, 'delete' ) ) {
                                        $row .= '<br />';
                                }
                                // If file is top revision or locked from this user, don't link
index 653e443..bb15532 100644 (file)
@@ -603,7 +603,10 @@ EOT
                                );
                        }
 
-                       if ( $wgEnableUploads && $user->isAllowed( 'upload' ) ) {
+                       if ( $wgEnableUploads && MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $user, 'upload' )
+                       ) {
                                // Only show an upload link if the user can upload
                                $uploadTitle = SpecialPage::getTitleFor( 'Upload' );
                                $nofile = [
index bad75da..f0a656d 100644 (file)
@@ -1896,7 +1896,8 @@ class WikiPage implements Page, IDBAccessObject {
                // TODO: this check is here for backwards-compatibility with 1.31 behavior.
                // Checking the minoredit right should be done in the same place the 'bot' right is
                // checked for the EDIT_FORCE_BOT flag, which is currently in EditPage::attemptSave.
-               if ( ( $flags & EDIT_MINOR ) && !$user->isAllowed( 'minoredit' ) ) {
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               if ( ( $flags & EDIT_MINOR ) && !$permissionManager->userHasRight( $user, 'minoredit' ) ) {
                        $flags = ( $flags & ~EDIT_MINOR );
                }
 
@@ -1916,7 +1917,6 @@ class WikiPage implements Page, IDBAccessObject {
                // TODO: this logic should not be in the storage layer, it's here for compatibility
                // with 1.31 behavior. Applying the 'autopatrol' right should be done in the same
                // place the 'bot' right is handled, which is currently in EditPage::attemptSave.
-               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
 
                if ( $needsPatrol && $permissionManager->userCan(
                        'autopatrol', $user, $this->getTitle()
@@ -3249,14 +3249,12 @@ class WikiPage implements Page, IDBAccessObject {
                // Save
                $flags = EDIT_UPDATE | EDIT_INTERNAL;
 
-               if ( $guser->isAllowed( 'minoredit' ) ) {
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               if ( $permissionManager->userHasRight( $guser, 'minoredit' ) ) {
                        $flags |= EDIT_MINOR;
                }
 
-               if ( $bot && ( MediaWikiServices::getInstance()
-                               ->getPermissionManager()
-                               ->userHasAnyRight( $guser, 'markbotedits', 'bot' ) )
-               ) {
+               if ( $bot && ( $permissionManager->userHasAnyRight( $guser, 'markbotedits', 'bot' ) ) ) {
                        $flags |= EDIT_FORCE_BOT;
                }
 
@@ -3291,7 +3289,6 @@ class WikiPage implements Page, IDBAccessObject {
                // TODO: this logic should not be in the storage layer, it's here for compatibility
                // with 1.31 behavior. Applying the 'autopatrol' right should be done in the same
                // place the 'bot' right is handled, which is currently in EditPage::attemptSave.
-               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
 
                if ( $wgUseRCPatrol && $permissionManager->userCan(
                        'autopatrol', $guser, $this->getTitle()
@@ -3308,7 +3305,7 @@ class WikiPage implements Page, IDBAccessObject {
                // Set patrolling and bot flag on the edits, which gets rollbacked.
                // This is done even on edit failure to have patrolling in that case (T64157).
                $set = [];
-               if ( $bot && $guser->isAllowed( 'markbotedits' ) ) {
+               if ( $bot && $permissionManager->userHasRight( $guser, 'markbotedits' ) ) {
                        // Mark all reverted edits as bot
                        $set['rc_bot'] = 1;
                }
index 66c2bc3..56db812 100644 (file)
@@ -20,7 +20,6 @@
 
 namespace MediaWiki\Preferences;
 
-use Config;
 use DateTime;
 use DateTimeZone;
 use Exception;
@@ -37,6 +36,7 @@ use MediaWiki\Auth\PasswordAuthenticationRequest;
 use MediaWiki\Config\ServiceOptions;
 use MediaWiki\Linker\LinkRenderer;
 use MediaWiki\MediaWikiServices;
+use MediaWiki\Permissions\PermissionManager;
 use MessageLocalizer;
 use MWException;
 use MWTimestamp;
@@ -77,6 +77,9 @@ class DefaultPreferencesFactory implements PreferencesFactory {
        /** @var NamespaceInfo */
        protected $nsInfo;
 
+       /** @var PermissionManager */
+       protected $permissionManager;
+
        /**
         * TODO Make this a const when we drop HHVM support (T192166)
         *
@@ -114,35 +117,34 @@ class DefaultPreferencesFactory implements PreferencesFactory {
        /**
         * Do not call this directly.  Get it from MediaWikiServices.
         *
-        * @param ServiceOptions|Config $options Config accepted for backwards compatibility
+        * @param ServiceOptions $options
         * @param Language $contLang
         * @param AuthManager $authManager
         * @param LinkRenderer $linkRenderer
-        * @param NamespaceInfo|null $nsInfo
+        * @param NamespaceInfo $nsInfo
+        * @param PermissionManager|null $permissionManager
         */
        public function __construct(
-               $options,
+               ServiceOptions $options,
                Language $contLang,
                AuthManager $authManager,
                LinkRenderer $linkRenderer,
-               NamespaceInfo $nsInfo = null
+               NamespaceInfo $nsInfo,
+               PermissionManager $permissionManager = null
        ) {
-               if ( $options instanceof Config ) {
-                       wfDeprecated( __METHOD__ . ' with Config parameter', '1.34' );
-                       $options = new ServiceOptions( self::$constructorOptions, $options );
-               }
-
                $options->assertRequiredOptions( self::$constructorOptions );
 
-               if ( !$nsInfo ) {
-                       wfDeprecated( __METHOD__ . ' with no NamespaceInfo argument', '1.34' );
-                       $nsInfo = MediaWikiServices::getInstance()->getNamespaceInfo();
+               if ( !$permissionManager ) {
+                       // TODO: this is actually hard-deprecated, left for jenkins to pass
+                       // together with GlobalPreferences extension. Will be removed in a followup.
+                       $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
                }
                $this->options = $options;
                $this->contLang = $contLang;
                $this->authManager = $authManager;
                $this->linkRenderer = $linkRenderer;
                $this->nsInfo = $nsInfo;
+               $this->permissionManager = $permissionManager;
                $this->logger = new NullLogger();
        }
 
@@ -209,7 +211,7 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                # # Make sure that form fields have their parent set. See T43337.
                $dummyForm = new HTMLForm( [], $context );
 
-               $disable = !$user->isAllowed( 'editmyoptions' );
+               $disable = !$this->permissionManager->userHasRight( $user, 'editmyoptions' );
 
                $defaultOptions = User::getDefaultOptions();
                $userOptions = $user->getOptions();
@@ -390,8 +392,8 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                        ];
                }
 
-               $canViewPrivateInfo = $user->isAllowed( 'viewmyprivateinfo' );
-               $canEditPrivateInfo = $user->isAllowed( 'editmyprivateinfo' );
+               $canViewPrivateInfo = $this->permissionManager->userHasRight( $user, 'viewmyprivateinfo' );
+               $canEditPrivateInfo = $this->permissionManager->userHasRight( $user, 'editmyprivateinfo' );
 
                // Actually changeable stuff
                $defaultPreferences['realname'] = [
@@ -631,7 +633,9 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                                ];
                        }
 
-                       if ( $this->options->get( 'EnableUserEmail' ) && $user->isAllowed( 'sendemail' ) ) {
+                       if ( $this->options->get( 'EnableUserEmail' ) &&
+                               $this->permissionManager->userHasRight( $user, 'sendemail' )
+                       ) {
                                $defaultPreferences['disablemail'] = [
                                        'id' => 'wpAllowEmail',
                                        'type' => 'toggle',
@@ -921,7 +925,7 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                        'label-message' => 'tog-numberheadings',
                ];
 
-               if ( $user->isAllowed( 'rollback' ) ) {
+               if ( $this->permissionManager->userHasRight( $user, 'rollback' ) ) {
                        $defaultPreferences['showrollbackconfirmation'] = [
                                'type' => 'toggle',
                                'section' => 'rendering/advancedrendering',
@@ -961,7 +965,7 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                        ];
                }
 
-               if ( $user->isAllowed( 'minoredit' ) ) {
+               if ( $this->permissionManager->userHasRight( $user, 'minoredit' ) ) {
                        $defaultPreferences['minordefault'] = [
                                'type' => 'toggle',
                                'section' => 'editing/editor',
@@ -1107,7 +1111,7 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                $watchlistdaysMax = ceil( $this->options->get( 'RCMaxAge' ) / ( 3600 * 24 ) );
 
                # # Watchlist #####################################
-               if ( $user->isAllowed( 'editmywatchlist' ) ) {
+               if ( $this->permissionManager->userHasRight( $user, 'editmywatchlist' ) ) {
                        $editWatchlistLinks = '';
                        $editWatchlistModes = [
                                'edit' => [ 'subpage' => false, 'flags' => [] ],
@@ -1221,20 +1225,20 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                ];
 
                // Kinda hacky
-               if ( $user->isAllowed( 'createpage' ) || $user->isAllowed( 'createtalk' ) ) {
+               if ( $this->permissionManager->userHasAnyRight( $user, 'createpage', 'createtalk' ) ) {
                        $watchTypes['read'] = 'watchcreations';
                }
 
-               if ( $user->isAllowed( 'rollback' ) ) {
+               if ( $this->permissionManager->userHasRight( $user, 'rollback' ) ) {
                        $watchTypes['rollback'] = 'watchrollback';
                }
 
-               if ( $user->isAllowed( 'upload' ) ) {
+               if ( $this->permissionManager->userHasRight( $user, 'upload' ) ) {
                        $watchTypes['upload'] = 'watchuploads';
                }
 
                foreach ( $watchTypes as $action => $pref ) {
-                       if ( $user->isAllowed( $action ) ) {
+                       if ( $this->permissionManager->userHasRight( $user, $action ) ) {
                                // Messages:
                                // tog-watchdefault, tog-watchmoves, tog-watchdeletion, tog-watchcreations, tog-watchuploads
                                // tog-watchrollback
@@ -1606,7 +1610,9 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                $hiddenPrefs = $this->options->get( 'HiddenPrefs' );
                $result = true;
 
-               if ( !$user->isAllowedAny( 'editmyprivateinfo', 'editmyoptions' ) ) {
+               if ( !$this->permissionManager
+                               ->userHasAnyRight( $user, 'editmyprivateinfo', 'editmyoptions' )
+               ) {
                        return Status::newFatal( 'mypreferencesprotected' );
                }
 
@@ -1617,14 +1623,14 @@ class DefaultPreferencesFactory implements PreferencesFactory {
                // (not really "private", but still shouldn't be edited without permission)
 
                if ( !in_array( 'realname', $hiddenPrefs )
-                       && $user->isAllowed( 'editmyprivateinfo' )
+                       && $this->permissionManager->userHasRight( $user, 'editmyprivateinfo' )
                        && array_key_exists( 'realname', $formData )
                ) {
                        $realName = $formData['realname'];
                        $user->setRealName( $realName );
                }
 
-               if ( $user->isAllowed( 'editmyoptions' ) ) {
+               if ( $this->permissionManager->userHasRight( $user, 'editmyoptions' ) ) {
                        $oldUserOptions = $user->getOptions();
 
                        foreach ( $this->getSaveBlacklist() as $b ) {
index 693afcf..6121bbf 100644 (file)
@@ -812,9 +812,9 @@ class ResourceLoader implements LoggerAwareInterface {
                        $errorText = implode( "\n\n", $this->errors );
                        $errorResponse = self::makeComment( $errorText );
                        if ( $context->shouldIncludeScripts() ) {
-                               $errorResponse .= 'if (window.console && console.error) {'
-                                       . Xml::encodeJsCall( 'console.error', [ $errorText ] )
-                                       . "}\n";
+                               $errorResponse .= 'if (window.console && console.error) { console.error('
+                                       . self::encodeJsonForScript( $errorText )
+                                       . "); }\n";
                        }
 
                        // Prepend error info to the response
@@ -1273,8 +1273,7 @@ MESSAGE;
        /**
         * Returns JS code which, when called, will register a given list of messages.
         *
-        * @param mixed $messages Either an associative array mapping message key to value, or a
-        *   JSON-encoded message blob containing the same data, wrapped in an XmlJsCode object.
+        * @param mixed $messages Associative array mapping message key to value.
         * @return string JavaScript code
         */
        public static function makeMessageSetScript( $messages ) {
@@ -1324,7 +1323,7 @@ MESSAGE;
         * @internal
         * @since 1.32
         * @param mixed $data
-        * @return string JSON
+        * @return string|false JSON string, false on error
         */
        public static function encodeJsonForScript( $data ) {
                // Keep output as small as possible by disabling needless escape modes
@@ -1545,20 +1544,16 @@ MESSAGE;
         * @throws Exception
         */
        public static function makeConfigSetScript( array $configuration ) {
-               $js = Xml::encodeJsCall(
-                       'mw.config.set',
-                       [ $configuration ],
-                       self::inDebugMode()
-               );
-               if ( $js === false ) {
+               $json = self::encodeJsonForScript( $configuration );
+               if ( $json === false ) {
                        $e = new Exception(
                                'JSON serialization of config data failed. ' .
                                'This usually means the config data is not valid UTF-8.'
                        );
                        MWExceptionHandler::logException( $e );
-                       $js = Xml::encodeJsCall( 'mw.log.error', [ $e->__toString() ] );
+                       return 'mw.log.error(' . self::encodeJsonForScript( $e->__toString() ) . ');';
                }
-               return $js;
+               return "mw.config.set($json);";
        }
 
        /**
index 151b5fd..ea35de6 100644 (file)
@@ -478,7 +478,7 @@ JAVASCRIPT;
                                                        ] );
                                                } else {
                                                        $chunk = ResourceLoader::makeInlineScript(
-                                                               Xml::encodeJsCall( 'mw.loader.load', [ $url ] ),
+                                                               'mw.loader.load(' . ResourceLoader::encodeJsonForScript( $url ) . ');',
                                                                $nonce
                                                        );
                                                }
index 7a7ab89..c0a0921 100644 (file)
@@ -52,16 +52,11 @@ class ResourceLoaderLanguageDataModule extends ResourceLoaderFileModule {
         * @return string JavaScript code
         */
        public function getScript( ResourceLoaderContext $context ) {
-               $fileScript = parent::getScript( $context );
-               $langDataScript = Xml::encodeJsCall(
-                       'mw.language.setData',
-                       [
-                               $context->getLanguage(),
-                               $this->getData( $context )
-                       ],
-                       ResourceLoader::inDebugMode()
-               );
-               return $fileScript . $langDataScript;
+               return parent::getScript( $context )
+                       . 'mw.language.setData('
+                       . ResourceLoader::encodeJsonForScript( $context->getLanguage() ) . ','
+                       . ResourceLoader::encodeJsonForScript( $this->getData( $context ) )
+                       . ');';
        }
 
        /**
index b9dc098..61cff82 100644 (file)
@@ -40,10 +40,8 @@ class ResourceLoaderUserDefaultsModule extends ResourceLoaderModule {
         * @return string JavaScript code
         */
        public function getScript( ResourceLoaderContext $context ) {
-               return Xml::encodeJsCall(
-                       'mw.user.options.set',
-                       [ User::getDefaultOptions() ],
-                       ResourceLoader::inDebugMode()
-               );
+               return 'mw.user.options.set('
+                       . ResourceLoader::encodeJsonForScript( User::getDefaultOptions() )
+                       . ');';
        }
 }
index 0d40ad7..ecbb501 100644 (file)
@@ -52,11 +52,12 @@ class ResourceLoaderUserOptionsModule extends ResourceLoaderModule {
         */
        public function getScript( ResourceLoaderContext $context ) {
                // Use FILTER_NOMIN annotation to prevent needless minification and caching (T84960).
-               return ResourceLoader::FILTER_NOMIN . Xml::encodeJsCall(
-                       'mw.user.options.set',
-                       [ $context->getUserObj()->getOptions( User::GETOPTIONS_EXCLUDE_DEFAULTS ) ],
-                       ResourceLoader::inDebugMode()
-               );
+               return ResourceLoader::FILTER_NOMIN
+                       . 'mw.user.options.set('
+                       . ResourceLoader::encodeJsonForScript(
+                               $context->getUserObj()->getOptions( User::GETOPTIONS_EXCLUDE_DEFAULTS )
+                       )
+                       . ');';
        }
 
        /**
index ae4fb67..85c14cb 100644 (file)
@@ -53,11 +53,10 @@ class ResourceLoaderUserTokensModule extends ResourceLoaderModule {
         */
        public function getScript( ResourceLoaderContext $context ) {
                // Use FILTER_NOMIN annotation to prevent needless minification and caching (T84960).
-               return ResourceLoader::FILTER_NOMIN . Xml::encodeJsCall(
-                       'mw.user.tokens.set',
-                       [ $this->contextUserTokens( $context ) ],
-                       ResourceLoader::inDebugMode()
-               );
+               return ResourceLoader::FILTER_NOMIN
+                       . 'mw.user.tokens.set('
+                       . ResourceLoader::encodeJsonForScript( $this->contextUserTokens( $context ) )
+                       . ');';
        }
 
        /**
index 09cdf72..a3380ff 100644 (file)
@@ -505,11 +505,10 @@ final class SessionManager implements SessionManagerInterface {
                }
 
                if ( count( $retInfos ) > 1 ) {
-                       $ex = new \OverflowException(
+                       throw new SessionOverflowException(
+                               $retInfos,
                                'Multiple sessions for this request tied for top priority: ' . implode( ', ', $retInfos )
                        );
-                       $ex->sessionInfos = $retInfos;
-                       throw $ex;
                }
 
                return $retInfos ? $retInfos[0] : null;
diff --git a/includes/session/SessionOverflowException.php b/includes/session/SessionOverflowException.php
new file mode 100644 (file)
index 0000000..2a5ed2b
--- /dev/null
@@ -0,0 +1,34 @@
+<?php
+
+namespace MediaWiki\Session;
+
+/**
+ * OverflowException specific to the SessionManager, used when the request had multiple possible
+ * sessions tied for top priority.
+ *
+ * @since 1.34
+ */
+class SessionOverflowException extends \OverflowException {
+       /** @var SessionInfo[] */
+       private $sessionInfos;
+
+       /**
+        * @param SessionInfo[] $sessionInfos Must have at least two elements
+        * @param string $msg
+        * @throws \InvalidArgumentException If $sessionInfos has less than 2 elements
+        */
+       function __construct( array $sessionInfos, $msg ) {
+               if ( count( $sessionInfos ) < 2 ) {
+                       throw new \InvalidArgumentException( 'Expected at least two SessionInfo objects.' );
+               }
+               parent::__construct( $msg );
+               $this->sessionInfos = $sessionInfos;
+       }
+
+       /**
+        * @return SessionInfo[]
+        */
+       public function getSessionInfos() : array {
+               return $this->sessionInfos;
+       }
+}
index 70df73b..327061c 100644 (file)
@@ -595,7 +595,7 @@ class SkinTemplate extends Skin {
                # $this->getTitle() will just give Special:Badtitle, which is
                # not especially useful as a returnto parameter. Use the title
                # from the request instead, if there was one.
-               if ( $this->getUser()->isAllowed( 'read' ) ) {
+               if ( $permissionManager->userHasRight( $this->getUser(), 'read' ) ) {
                        $page = $this->getTitle();
                } else {
                        $page = Title::newFromText( $request->getVal( 'title', '' ) );
@@ -636,7 +636,7 @@ class SkinTemplate extends Skin {
                                'active' => ( $href == $pageurl )
                        ];
 
-                       if ( $this->getUser()->isAllowed( 'viewmywatchlist' ) ) {
+                       if ( $permissionManager->userHasRight( $this->getUser(), 'viewmywatchlist' ) ) {
                                $href = self::makeSpecialUrl( 'Watchlist' );
                                $personal_urls['watchlist'] = [
                                        'text' => $this->msg( 'mywatchlist' )->text(),
@@ -689,9 +689,8 @@ class SkinTemplate extends Skin {
                                $useCombinedLoginLink = false;
                        }
 
-                       $loginlink = $this->getUser()->isAllowed( 'createaccount' ) && $useCombinedLoginLink
-                               ? 'nav-login-createaccount'
-                               : 'pt-login';
+                       $loginlink = $permissionManager->userHasRight( $this->getUser(), 'createaccount' )
+                                                && $useCombinedLoginLink ? 'nav-login-createaccount' : 'pt-login';
 
                        $login_url = [
                                'text' => $this->msg( $loginlink )->text(),
@@ -727,7 +726,7 @@ class SkinTemplate extends Skin {
 
                        if (
                                $authManager->canCreateAccounts()
-                               && $this->getUser()->isAllowed( 'createaccount' )
+                               && $permissionManager->userHasRight( $this->getUser(), 'createaccount' )
                                && !$useCombinedLoginLink
                        ) {
                                $personal_urls['createaccount'] = $createaccount_url;
@@ -1074,8 +1073,7 @@ class SkinTemplate extends Skin {
 
                                if ( $permissionManager->quickUserCan( 'protect', $user, $title ) &&
                                         $title->getRestrictionTypes() &&
-                                        $permissionManager->getNamespaceRestrictionLevels( $title->getNamespace(),
-                                                $user ) !== [ '' ]
+                                        $permissionManager->getNamespaceRestrictionLevels( $title->getNamespace(), $user ) !== [ '' ]
                                ) {
                                        $mode = $title->isProtected() ? 'unprotect' : 'protect';
                                        $content_navigation['actions'][$mode] = [
@@ -1345,7 +1343,10 @@ class SkinTemplate extends Skin {
                                'href' => self::makeSpecialUrlSubpage( 'Log', $rootUser )
                        ];
 
-                       if ( $this->getUser()->isAllowed( 'block' ) ) {
+                       if ( MediawikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $this->getUser(), 'block' )
+                       ) {
                                $nav_urls['blockip'] = [
                                        'text' => $this->msg( 'blockip', $rootUser )->text(),
                                        'href' => self::makeSpecialUrlSubpage( 'Block', $rootUser )
index ce80c1a..94be852 100644 (file)
@@ -95,9 +95,8 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
 
        /**
         * Load basic request parameters for this Special page.
-        * @param string $subPage
         */
-       private function loadRequestParameters( $subPage ) {
+       private function loadRequestParameters() {
                if ( $this->mLoadedRequest ) {
                        return;
                }
@@ -105,7 +104,6 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
                $request = $this->getRequest();
 
                $this->mPosted = $request->wasPosted();
-               $this->mIsReturn = $subPage === 'return';
                $this->mAction = $request->getVal( 'action' );
                $this->mFromHTTP = $request->getBool( 'fromhttp', false )
                        || $request->getBool( 'wpFromhttp', false );
@@ -124,7 +122,7 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
        protected function load( $subPage ) {
                global $wgSecureLogin;
 
-               $this->loadRequestParameters( $subPage );
+               $this->loadRequestParameters();
                if ( $this->mLoaded ) {
                        return;
                }
@@ -203,7 +201,7 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
 
        protected function beforeExecute( $subPage ) {
                // finish initializing the class before processing the request - T135924
-               $this->loadRequestParameters( $subPage );
+               $this->loadRequestParameters();
                return parent::beforeExecute( $subPage );
        }
 
@@ -977,7 +975,11 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
                        }
                }
                if ( !$this->isSignup() && $this->showExtraInformation() ) {
-                       $passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
+                       $passwordReset = new PasswordReset(
+                               $this->getConfig(),
+                               AuthManager::singleton(),
+                               MediaWikiServices::getInstance()->getPermissionManager()
+                       );
                        if ( $passwordReset->isAllowed( $this->getUser() )->isGood() ) {
                                $fieldDefinitions['passwordReset'] = [
                                        'type' => 'info',
@@ -1074,7 +1076,10 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
        private function showCreateAccountLink() {
                if ( $this->isSignup() ) {
                        return true;
-               } elseif ( $this->getUser()->isAllowed( 'createaccount' ) ) {
+               } elseif ( MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $this->getUser(), 'createaccount' )
+               ) {
                        return true;
                } else {
                        return false;
index 7d33035..ba8e318 100644 (file)
@@ -292,7 +292,9 @@ class SpecialPage implements MessageLocalizer {
         * @return bool Does the user have permission to view the page?
         */
        public function userCanExecute( User $user ) {
-               return $user->isAllowed( $this->mRestriction );
+               return MediaWikiServices::getInstance()
+                       ->getPermissionManager()
+                       ->userHasRight( $user, $this->mRestriction );
        }
 
        /**
index 3f9c491..b83be91 100644 (file)
@@ -192,7 +192,12 @@ class SpecialPageFactory {
                'ApiHelp' => \SpecialApiHelp::class,
                'Blankpage' => \SpecialBlankpage::class,
                'Diff' => \SpecialDiff::class,
-               'EditTags' => \SpecialEditTags::class,
+               'EditTags' => [
+                       'class' => \SpecialEditTags::class,
+                       'services' => [
+                               'PermissionManager',
+                       ],
+               ],
                'Emailuser' => \SpecialEmailUser::class,
                'Movepage' => \MovePageForm::class,
                'Mycontributions' => \SpecialMycontributions::class,
@@ -204,7 +209,12 @@ class SpecialPageFactory {
                'NewSection' => \SpecialNewSection::class,
                'PermanentLink' => \SpecialPermanentLink::class,
                'Redirect' => \SpecialRedirect::class,
-               'Revisiondelete' => \SpecialRevisionDelete::class,
+               'Revisiondelete' => [
+                       'class' => \SpecialRevisionDelete::class,
+                       'services' => [
+                               'PermissionManager',
+                       ],
+               ],
                'RunJobs' => \SpecialRunJobs::class,
                'Specialpages' => \SpecialSpecialpages::class,
                'PageData' => \SpecialPageData::class,
index 9e49684..f4a33c8 100644 (file)
@@ -21,6 +21,8 @@
  * @ingroup SpecialPage
  */
 
+use MediaWiki\MediaWikiServices;
+
 /**
  * @ingroup SpecialPage
  * @since 1.27
@@ -35,7 +37,10 @@ class SpecialApiSandbox extends SpecialPage {
                $out = $this->getOutput();
                $this->addHelpLink( 'Help:ApiSandbox' );
 
-               $out->addJsConfigVars( 'apihighlimits', $this->getUser()->isAllowed( 'apihighlimits' ) );
+               $out->addJsConfigVars( 'apihighlimits', MediaWikiServices::getInstance()
+                       ->getPermissionManager()
+                       ->userHasRight( $this->getUser(), 'apihighlimits' )
+               );
                $out->addModuleStyles( [
                        'mediawiki.special',
                        'mediawiki.hlist',
index 34c3371..3f98e93 100644 (file)
@@ -21,6 +21,8 @@
  * @ingroup SpecialPage
  */
 
+use MediaWiki\MediaWikiServices;
+
 /**
  * A special page that lists autoblocks
  *
@@ -81,7 +83,10 @@ class SpecialAutoblockList extends SpecialPage {
                        'ipb_parent_block_id IS NOT NULL'
                ];
                # Is the user allowed to see hidden blocks?
-               if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
+               if ( !MediaWikiServices::getInstance()
+                       ->getPermissionManager()
+                       ->userHasRight( $this->getUser(), 'hideuser' )
+               ) {
                        $conds['ipb_deleted'] = 0;
                }
 
index 07214af..1b0db73 100644 (file)
@@ -25,6 +25,7 @@ use MediaWiki\Block\DatabaseBlock;
 use MediaWiki\Block\Restriction\PageRestriction;
 use MediaWiki\Block\Restriction\NamespaceRestriction;
 use MediaWiki\MediaWikiServices;
+use MediaWiki\User\UserIdentity;
 
 /**
  * A special page that allows users with 'block' right to block users from
@@ -269,7 +270,10 @@ class SpecialBlock extends FormSpecialPage {
                ];
 
                # Allow some users to hide name from block log, blocklist and listusers
-               if ( $user->isAllowed( 'hideuser' ) ) {
+               if ( MediaWikiServices::getInstance()
+                       ->getPermissionManager()
+                       ->userHasRight( $user, 'hideuser' )
+               ) {
                        $a['HideUser'] = [
                                'type' => 'check',
                                'label-message' => 'ipbhidename',
@@ -363,7 +367,10 @@ class SpecialBlock extends FormSpecialPage {
 
                        // If the username was hidden (ipb_deleted == 1), don't show the reason
                        // unless this user also has rights to hideuser: T37839
-                       if ( !$block->getHideName() || $this->getUser()->isAllowed( 'hideuser' ) ) {
+                       if ( !$block->getHideName() || MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $this->getUser(), 'hideuser' )
+                       ) {
                                $fields['Reason']['default'] = $block->getReason();
                        } else {
                                $fields['Reason']['default'] = '';
@@ -545,7 +552,8 @@ class SpecialBlock extends FormSpecialPage {
                $user = $this->getUser();
 
                # Link to edit the block dropdown reasons, if applicable
-               if ( $user->isAllowed( 'editinterface' ) ) {
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               if ( $permissionManager->userHasRight( $user, 'editinterface' ) ) {
                        $links[] = $linkRenderer->makeKnownLink(
                                $this->msg( 'ipbreason-dropdown' )->inContentLanguage()->getTitle(),
                                $this->msg( 'ipb-edit-dropdown' )->text(),
@@ -579,7 +587,7 @@ class SpecialBlock extends FormSpecialPage {
                        $text .= $out;
 
                        # Add suppression block entries if allowed
-                       if ( $user->isAllowed( 'suppressionlog' ) ) {
+                       if ( $permissionManager->userHasRight( $user, 'suppressionlog' ) ) {
                                LogEventsList::showLogExtract(
                                        $out,
                                        'suppress',
@@ -828,7 +836,10 @@ class SpecialBlock extends FormSpecialPage {
                }
 
                if ( $data['HideUser'] ) {
-                       if ( !$performer->isAllowed( 'hideuser' ) ) {
+                       if ( !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $performer, 'hideuser' )
+                       ) {
                                # this codepath is unreachable except by a malicious user spoofing forms,
                                # or by race conditions (user has hideuser and block rights, loads block form,
                                # and loses hideuser rights before submission); so need to fail completely
@@ -938,7 +949,10 @@ class SpecialBlock extends FormSpecialPage {
                                }
                                # If the name was hidden and the blocking user cannot hide
                                # names, then don't allow any block changes...
-                               if ( $currentBlock->getHideName() && !$performer->isAllowed( 'hideuser' ) ) {
+                               if ( $currentBlock->getHideName() && !MediaWikiServices::getInstance()
+                                               ->getPermissionManager()
+                                               ->userHasRight( $performer, 'hideuser' )
+                               ) {
                                        return [ 'cant-see-hidden-user' ];
                                }
 
@@ -1106,13 +1120,15 @@ class SpecialBlock extends FormSpecialPage {
 
        /**
         * Can we do an email block?
-        * @param User $user The sysop wanting to make a block
+        * @param UserIdentity $user The sysop wanting to make a block
         * @return bool
         */
-       public static function canBlockEmail( $user ) {
+       public static function canBlockEmail( UserIdentity $user ) {
                global $wgEnableUserEmail, $wgSysopEmailBans;
 
-               return ( $wgEnableUserEmail && $wgSysopEmailBans && $user->isAllowed( 'blockemail' ) );
+               return ( $wgEnableUserEmail && $wgSysopEmailBans && MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $user, 'blockemail' ) );
        }
 
        /**
@@ -1138,7 +1154,10 @@ class SpecialBlock extends FormSpecialPage {
                if ( $performer->getBlock() ) {
                        if ( $target instanceof User && $target->getId() == $performer->getId() ) {
                                # User is trying to unblock themselves
-                               if ( $performer->isAllowed( 'unblockself' ) ) {
+                               if ( MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $performer, 'unblockself' )
+                               ) {
                                        return true;
                                        # User blocked themselves and is now trying to reverse it
                                } elseif ( $performer->blockedBy() === $performer->getName() ) {
index b3d2358..2dd682f 100644 (file)
@@ -22,6 +22,7 @@
  */
 
 use MediaWiki\Block\DatabaseBlock;
+use MediaWiki\MediaWikiServices;
 
 /**
  * A special page that lists existing blocks
@@ -82,8 +83,9 @@ class SpecialBlockList extends SpecialPage {
                        'Options' => [
                                'type' => 'multiselect',
                                'options-messages' => [
-                                       'blocklist-userblocks' => 'userblocks',
                                        'blocklist-tempblocks' => 'tempblocks',
+                                       'blocklist-indefblocks' => 'indefblocks',
+                                       'blocklist-userblocks' => 'userblocks',
                                        'blocklist-addressblocks' => 'addressblocks',
                                        'blocklist-rangeblocks' => 'rangeblocks',
                                ],
@@ -136,8 +138,12 @@ class SpecialBlockList extends SpecialPage {
         */
        protected function getBlockListPager() {
                $conds = [];
+               $db = $this->getDB();
                # Is the user allowed to see hidden blocks?
-               if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
+               if ( !MediaWikiServices::getInstance()
+                       ->getPermissionManager()
+                       ->userHasRight( $this->getUser(), 'hideuser' )
+               ) {
                        $conds['ipb_deleted'] = 0;
                }
 
@@ -153,7 +159,7 @@ class SpecialBlockList extends SpecialPage {
                                case DatabaseBlock::TYPE_IP:
                                case DatabaseBlock::TYPE_RANGE:
                                        list( $start, $end ) = IP::parseRange( $target );
-                                       $conds[] = wfGetDB( DB_REPLICA )->makeList(
+                                       $conds[] = $db->makeList(
                                                [
                                                        'ipb_address' => $target,
                                                        DatabaseBlock::getRangeCond( $start, $end )
@@ -174,9 +180,6 @@ class SpecialBlockList extends SpecialPage {
                if ( in_array( 'userblocks', $this->options ) ) {
                        $conds['ipb_user'] = 0;
                }
-               if ( in_array( 'tempblocks', $this->options ) ) {
-                       $conds['ipb_expiry'] = 'infinity';
-               }
                if ( in_array( 'addressblocks', $this->options ) ) {
                        $conds[] = "ipb_user != 0 OR ipb_range_end > ipb_range_start";
                }
@@ -184,10 +187,21 @@ class SpecialBlockList extends SpecialPage {
                        $conds[] = "ipb_range_end = ipb_range_start";
                }
 
+               $hideTemp = in_array( 'tempblocks', $this->options );
+               $hideIndef = in_array( 'indefblocks', $this->options );
+               if ( $hideTemp && $hideIndef ) {
+                       // If both types are hidden, ensure query doesn't produce any results
+                       $conds[] = '1=0';
+               } elseif ( $hideTemp ) {
+                       $conds['ipb_expiry'] = $db->getInfinity();
+               } elseif ( $hideIndef ) {
+                       $conds[] = "ipb_expiry != " . $db->addQuotes( $db->getInfinity() );
+               }
+
                if ( $this->blockType === 'sitewide' ) {
-                       $conds[] = 'ipb_sitewide = 1';
+                       $conds['ipb_sitewide'] = 1;
                } elseif ( $this->blockType === 'partial' ) {
-                       $conds[] = 'ipb_sitewide = 0';
+                       $conds['ipb_sitewide'] = 0;
                }
 
                return new BlockListPager( $this, $conds );
@@ -243,4 +257,13 @@ class SpecialBlockList extends SpecialPage {
        protected function getGroupName() {
                return 'users';
        }
+
+       /**
+        * Return a IDatabase object for reading
+        *
+        * @return IDatabase
+        */
+       protected function getDB() {
+               return wfGetDB( DB_REPLICA );
+       }
 }
index 9431cef..392b4e9 100644 (file)
@@ -21,6 +21,7 @@
  * @ingroup SpecialPage
  */
 
+use MediaWiki\MediaWikiServices;
 use Wikimedia\Rdbms\IResultWrapper;
 use Wikimedia\Rdbms\IDatabase;
 
@@ -114,6 +115,8 @@ class SpecialBrokenRedirects extends QueryPage {
                }
 
                $linkRenderer = $this->getLinkRenderer();
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+
                // $toObj may very easily be false if the $result list is cached
                if ( !is_object( $toObj ) ) {
                        return '<del>' . $linkRenderer->makeLink( $fromObj ) . '</del>';
@@ -129,7 +132,7 @@ class SpecialBrokenRedirects extends QueryPage {
                // if the page is editable, add an edit link
                if (
                        // check user permissions
-                       $this->getUser()->isAllowed( 'edit' ) &&
+                       $permissionManager->userHasRight( $this->getUser(), 'edit' ) &&
                        // check, if the content model is editable through action=edit
                        ContentHandler::getForTitle( $fromObj )->supportsDirectEditing()
                ) {
@@ -145,7 +148,7 @@ class SpecialBrokenRedirects extends QueryPage {
 
                $out = $from . $this->msg( 'word-separator' )->escaped();
 
-               if ( $this->getUser()->isAllowed( 'delete' ) ) {
+               if ( $permissionManager->userHasRight( $this->getUser(), 'delete' ) ) {
                        $links[] = $linkRenderer->makeKnownLink(
                                $fromObj,
                                $this->msg( 'brokenredirects-delete' )->text(),
index 01f7e56..46fa17e 100644 (file)
@@ -1,5 +1,7 @@
 <?php
 
+use MediaWiki\MediaWikiServices;
+
 class SpecialChangeContentModel extends FormSpecialPage {
 
        public function __construct() {
@@ -226,7 +228,10 @@ class SpecialChangeContentModel extends FormSpecialPage {
 
                $flags = $this->oldRevision ? EDIT_UPDATE : EDIT_NEW;
                $flags |= EDIT_INTERNAL;
-               if ( $user->isAllowed( 'bot' ) ) {
+               if ( MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $user, 'bot' )
+               ) {
                        $flags |= EDIT_FORCE_BOT;
                }
 
index c95aa1b..7331cd7 100644 (file)
@@ -23,6 +23,7 @@
 
 use MediaWiki\Auth\AuthManager;
 use MediaWiki\Logger\LoggerFactory;
+use MediaWiki\MediaWikiServices;
 
 /**
  * Let users change their email address.
@@ -74,7 +75,10 @@ class SpecialChangeEmail extends FormSpecialPage {
 
                // This could also let someone check the current email address, so
                // require both permissions.
-               if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
+               if ( !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'viewmyprivateinfo' )
+               ) {
                        throw new PermissionsError( 'viewmyprivateinfo' );
                }
 
index f86a133..2c42cd3 100644 (file)
@@ -21,6 +21,8 @@
  * @ingroup SpecialPage
  */
 
+use MediaWiki\MediaWikiServices;
+
 /**
  * Special page allows users to request email confirmation message, and handles
  * processing of the confirmation code when the link in the email is followed
@@ -57,7 +59,10 @@ class SpecialConfirmEmail extends UnlistedSpecialPage {
 
                // This could also let someone check the current email address, so
                // require both permissions.
-               if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
+               if ( !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'viewmyprivateinfo' )
+               ) {
                        throw new PermissionsError( 'viewmyprivateinfo' );
                }
 
index 40c0edf..e8b85fa 100644 (file)
@@ -126,7 +126,10 @@ class SpecialContributions extends IncludableSpecialPage {
 
                // Allows reverts to have the bot flag in recent changes. It is just here to
                // be passed in the form at the top of the page
-               if ( $user->isAllowed( 'markbotedits' ) && $request->getBool( 'bot' ) ) {
+               if ( MediaWikiServices::getInstance()
+                                ->getPermissionManager()
+                                ->userHasRight( $user, 'markbotedits' ) && $request->getBool( 'bot' )
+               ) {
                        $this->opts['bot'] = '1';
                }
 
@@ -373,7 +376,9 @@ class SpecialContributions extends IncludableSpecialPage {
                        );
                }
 
-               if ( $sp->getUser()->isAllowed( 'block' ) ) { # Block / Change block / Unblock links
+               # Block / Change block / Unblock links
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               if ( $permissionManager->userHasRight( $sp->getUser(), 'block' ) ) {
                        if ( $target->getBlock() && $target->getBlock()->getType() != DatabaseBlock::TYPE_AUTO ) {
                                $tools['block'] = $linkRenderer->makeKnownLink( # Change block link
                                        SpecialPage::getTitleFor( 'Block', $username ),
@@ -400,7 +405,7 @@ class SpecialContributions extends IncludableSpecialPage {
                );
 
                # Suppression log link (T61120)
-               if ( $sp->getUser()->isAllowed( 'suppressionlog' ) ) {
+               if ( $permissionManager->userHasRight( $sp->getUser(), 'suppressionlog' ) ) {
                        $tools['log-suppression'] = $linkRenderer->makeKnownLink(
                                SpecialPage::getTitleFor( 'Log', 'suppress' ),
                                $sp->msg( 'sp-contributions-suppresslog', $username )->text(),
@@ -412,7 +417,7 @@ class SpecialContributions extends IncludableSpecialPage {
                # Don't show some links for IP ranges
                if ( !$isRange ) {
                        # Uploads: hide if IPs cannot upload (T220674)
-                       if ( !$isIP || $target->isAllowed( 'upload' ) ) {
+                       if ( !$isIP || $permissionManager->userHasRight( $target, 'upload' ) ) {
                                $tools['uploads'] = $linkRenderer->makeKnownLink(
                                        SpecialPage::getTitleFor( 'Listfiles', $username ),
                                        $sp->msg( 'sp-contributions-uploads' )->text()
@@ -428,7 +433,7 @@ class SpecialContributions extends IncludableSpecialPage {
 
                        # Add link to deleted user contributions for priviledged users
                        # Todo: T183457
-                       if ( $sp->getUser()->isAllowed( 'deletedhistory' ) ) {
+                       if ( $permissionManager->userHasRight( $sp->getUser(), 'deletedhistory' ) ) {
                                $tools['deletedcontribs'] = $linkRenderer->makeKnownLink(
                                        SpecialPage::getTitleFor( 'DeletedContributions', $username ),
                                        $sp->msg( 'sp-contributions-deleted', $username )->text()
@@ -628,7 +633,10 @@ class SpecialContributions extends IncludableSpecialPage {
 
                $filters = [];
 
-               if ( $this->getUser()->isAllowed( 'deletedhistory' ) ) {
+               if ( MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'deletedhistory' )
+               ) {
                        $filters[] = Html::rawElement(
                                'span',
                                [ 'class' => 'mw-input-with-label' ],
index cc2fc80..637025c 100644 (file)
@@ -57,7 +57,9 @@ class SpecialCreateAccount extends LoginSignupSpecialPage {
        }
 
        public function userCanExecute( User $user ) {
-               return $user->isAllowed( 'createaccount' );
+               return MediaWikiServices::getInstance()
+                       ->getPermissionManager()
+                       ->userHasRight( $user, 'createaccount' );
        }
 
        public function checkPermissions() {
index cccca50..540ac5a 100644 (file)
@@ -21,6 +21,7 @@
  * @ingroup SpecialPage
  */
 
+use MediaWiki\MediaWikiServices;
 use Wikimedia\Rdbms\IResultWrapper;
 use Wikimedia\Rdbms\IDatabase;
 
@@ -155,7 +156,9 @@ class SpecialDoubleRedirects extends QueryPage {
                // if the page is editable, add an edit link
                if (
                        // check user permissions
-                       $this->getUser()->isAllowed( 'edit' ) &&
+                       MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'edit' ) &&
                        // check, if the content model is editable through action=edit
                        ContentHandler::getForTitle( $titleA )->supportsDirectEditing()
                ) {
index 70a1bd4..48357aa 100644 (file)
@@ -19,6 +19,8 @@
  * @ingroup SpecialPage
  */
 
+use MediaWiki\Permissions\PermissionManager;
+
 /**
  * Special page for adding and removing change tags to individual revisions.
  * A lot of this is copied out of SpecialRevisiondelete.
@@ -51,8 +53,18 @@ class SpecialEditTags extends UnlistedSpecialPage {
        /** @var string */
        private $reason;
 
-       public function __construct() {
+       /** @var PermissionManager */
+       private $permissionManager;
+
+       /**
+        * @inheritDoc
+        *
+        * @param PermissionManager $permissionManager
+        */
+       public function __construct( PermissionManager $permissionManager ) {
                parent::__construct( 'EditTags', 'changetags' );
+
+               $this->permissionManager = $permissionManager;
        }
 
        public function doesWrites() {
@@ -67,13 +79,6 @@ class SpecialEditTags extends UnlistedSpecialPage {
                $user = $this->getUser();
                $request = $this->getRequest();
 
-               // Check blocks
-               // @TODO Use PermissionManager::isBlockedFrom() instead.
-               $block = $user->getBlock();
-               if ( $block ) {
-                       throw new UserBlockedError( $block );
-               }
-
                $this->setHeaders();
                $this->outputHeader();
 
@@ -124,7 +129,7 @@ class SpecialEditTags extends UnlistedSpecialPage {
                        $this->ids
                );
 
-               $this->isAllowed = $user->isAllowed( 'changetags' );
+               $this->isAllowed = $this->permissionManager->userHasRight( $user, 'changetags' );
 
                $this->reason = $request->getVal( 'wpReason' );
                // We need a target page!
@@ -132,6 +137,12 @@ class SpecialEditTags extends UnlistedSpecialPage {
                        $output->addWikiMsg( 'undelete-header' );
                        return;
                }
+
+               // Check blocks
+               if ( $this->permissionManager->isBlockedFrom( $user, $this->targetObj ) ) {
+                       throw new UserBlockedError( $user->getBlock() );
+               }
+
                // Give a link to the logs/hist for this page
                $this->showConvenienceLinks();
 
index b42cdea..c8b92bd 100644 (file)
@@ -253,7 +253,10 @@ class SpecialEmailUser extends UnlistedSpecialPage {
                        return 'mailnologin';
                }
 
-               if ( !$user->isAllowed( 'sendemail' ) ) {
+               if ( !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $user, 'sendemail' )
+               ) {
                        return 'badaccess';
                }
 
index ef1b3d8..72e881f 100644 (file)
@@ -273,7 +273,10 @@ class SpecialExpandTemplates extends SpecialPage {
                        // allowed and a valid edit token is not provided (T73111). However, MediaWiki
                        // does not currently provide logged-out users with CSRF protection; in that case,
                        // do not show the preview unless anonymous editing is allowed.
-                       if ( $user->isAnon() && !$user->isAllowed( 'edit' ) ) {
+                       if ( $user->isAnon() && !MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $user, 'edit' )
+                       ) {
                                $error = [ 'expand_templates_preview_fail_html_anon' ];
                        } elseif ( !$user->matchEditToken( $request->getVal( 'wpEditToken' ), '', $request ) ) {
                                $error = [ 'expand_templates_preview_fail_html' ];
@@ -282,7 +285,7 @@ class SpecialExpandTemplates extends SpecialPage {
                        }
 
                        if ( $error ) {
-                               $out->wrapWikiMsg( "<div class='previewnote'>\n$1\n</div>", $error );
+                               $out->wrapWikiMsg( "<div class='previewnote errorbox'>\n$1\n</div>", $error );
                                return;
                        }
                }
index 5a63581..e680d24 100644 (file)
@@ -327,7 +327,9 @@ class SpecialExport extends SpecialPage {
         * @return bool
         */
        private function userCanOverrideExportDepth() {
-               return $this->getUser()->isAllowed( 'override-export-depth' );
+               return MediaWikiServices::getInstance()
+                       ->getPermissionManager()
+                       ->userHasRight( $this->getUser(), 'override-export-depth' );
        }
 
        /**
index f21c206..cfefa47 100644 (file)
@@ -135,18 +135,19 @@ class SpecialImport extends SpecialPage {
                }
 
                $user = $this->getUser();
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
                if ( !$user->matchEditToken( $request->getVal( 'editToken' ) ) ) {
                        $source = Status::newFatal( 'import-token-mismatch' );
                } elseif ( $this->sourceName === 'upload' ) {
                        $isUpload = true;
                        $this->usernamePrefix = $this->fullInterwikiPrefix = $request->getVal( 'usernamePrefix' );
-                       if ( $user->isAllowed( 'importupload' ) ) {
+                       if ( $permissionManager->userHasRight( $user, 'importupload' ) ) {
                                $source = ImportStreamSource::newFromUpload( "xmlimport" );
                        } else {
                                throw new PermissionsError( 'importupload' );
                        }
                } elseif ( $this->sourceName === 'interwiki' ) {
-                       if ( !$user->isAllowed( 'import' ) ) {
+                       if ( !$permissionManager->userHasRight( $user, 'import' ) ) {
                                throw new PermissionsError( 'import' );
                        }
                        $this->interwiki = $this->fullInterwikiPrefix = $request->getVal( 'interwiki' );
@@ -325,10 +326,11 @@ class SpecialImport extends SpecialPage {
        private function showForm() {
                $action = $this->getPageTitle()->getLocalURL( [ 'action' => 'submit' ] );
                $user = $this->getUser();
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
                $out = $this->getOutput();
                $this->addHelpLink( 'https://meta.wikimedia.org/wiki/Special:MyLanguage/Help:Import', true );
 
-               if ( $user->isAllowed( 'importupload' ) ) {
+               if ( $permissionManager->userHasRight( $user, 'importupload' ) ) {
                        $mappingSelection = $this->getMappingFormPart( 'upload' );
                        $out->addHTML(
                                Xml::fieldset( $this->msg( 'import-upload' )->text() ) .
@@ -401,7 +403,7 @@ class SpecialImport extends SpecialPage {
                        $out->addWikiMsg( 'importnosources' );
                }
 
-               if ( $user->isAllowed( 'import' ) && !empty( $this->importSources ) ) {
+               if ( $permissionManager->userHasRight( $user, 'import' ) && !empty( $this->importSources ) ) {
                        # Show input field for import depth only if $wgExportMaxLinkDepth > 0
                        $importDepth = '';
                        if ( $this->getConfig()->get( 'ExportMaxLinkDepth' ) > 0 ) {
index f2a3f80..60aedda 100644 (file)
@@ -32,6 +32,12 @@ use Wikimedia\Rdbms\IDatabase;
 class SpecialLinkSearch extends QueryPage {
        /** @var array|bool */
        private $mungedQuery = false;
+       /** @var string|null */
+       private $mQuery;
+       /** @var int|null */
+       private $mNs;
+       /** @var string|null */
+       private $mProt;
 
        function setParams( $params ) {
                $this->mQuery = $params['query'];
index ac8baa1..7c85814 100644 (file)
@@ -94,7 +94,9 @@ class SpecialLog extends SpecialPage {
                if ( !LogPage::isLogType( $type ) ) {
                        $opts->setValue( 'type', '' );
                } elseif ( isset( $logRestrictions[$type] )
-                       && !$this->getUser()->isAllowed( $logRestrictions[$type] )
+                       && !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), $logRestrictions[$type] )
                ) {
                        throw new PermissionsError( $logRestrictions[$type] );
                }
index 6da362d..0767faf 100644 (file)
@@ -209,7 +209,9 @@ class MovePageForm extends UnlistedSpecialPage {
                }
 
                if ( count( $err ) == 1 && isset( $err[0][0] ) && $err[0][0] == 'file-exists-sharedrepo'
-                       && $user->isAllowed( 'reupload-shared' )
+                       && MediaWikiServices::getInstance()
+                                ->getPermissionManager()
+                                ->userHasRight( $user, 'reupload-shared' )
                ) {
                        $out->wrapWikiMsg(
                                "<div class='warningbox'>\n$1\n</div>\n",
@@ -374,7 +376,10 @@ class MovePageForm extends UnlistedSpecialPage {
                        );
                }
 
-               if ( $user->isAllowed( 'suppressredirect' ) ) {
+               if ( MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $user, 'suppressredirect' )
+               ) {
                        if ( $handlerSupportsRedirects ) {
                                $isChecked = $this->leaveRedirect;
                                $isDisabled = false;
@@ -520,6 +525,7 @@ class MovePageForm extends UnlistedSpecialPage {
 
        function doSubmit() {
                $user = $this->getUser();
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
 
                if ( $user->pingLimiter( 'move' ) ) {
                        throw new ThrottledError;
@@ -540,7 +546,7 @@ class MovePageForm extends UnlistedSpecialPage {
                # Show a warning if the target file exists on a shared repo
                $repoGroup = $services->getRepoGroup();
                if ( $nt->getNamespace() == NS_FILE
-                       && !( $this->moveOverShared && $user->isAllowed( 'reupload-shared' ) )
+                       && !( $this->moveOverShared && $permissionManager->userHasRight( $user, 'reupload-shared' ) )
                        && !$repoGroup->getLocalRepo()->findFile( $nt )
                        && $repoGroup->findFile( $nt )
                ) {
@@ -551,7 +557,7 @@ class MovePageForm extends UnlistedSpecialPage {
 
                # Delete to make way if requested
                if ( $this->deleteAndMove ) {
-                       $permErrors = $nt->getUserPermissionsErrors( 'delete', $user );
+                       $permErrors = $permissionManager->getPermissionErrors( 'delete', $user, $nt );
                        if ( count( $permErrors ) ) {
                                # Only show the first error
                                $this->showForm( $permErrors, true );
@@ -592,7 +598,7 @@ class MovePageForm extends UnlistedSpecialPage {
 
                if ( !$handler->supportsRedirects() ) {
                        $createRedirect = false;
-               } elseif ( $user->isAllowed( 'suppressredirect' ) ) {
+               } elseif ( $permissionManager->userHasRight( $user, 'suppressredirect' ) ) {
                        $createRedirect = $this->leaveRedirect;
                } else {
                        $createRedirect = true;
@@ -607,7 +613,6 @@ class MovePageForm extends UnlistedSpecialPage {
                        $this->moveTalk = false;
                }
                if ( $this->moveSubpages ) {
-                       $permissionManager = $services->getPermissionManager();
                        $this->moveSubpages = $permissionManager->userCan( 'move-subpages', $user, $ot );
                }
 
index 3c009c3..527b910 100644 (file)
@@ -39,6 +39,11 @@ class SpecialPagesWithProp extends QueryPage {
         */
        private $existingPropNames = null;
 
+       /**
+        * @var string|null
+        */
+       private $ns;
+
        /**
         * @var bool
         */
@@ -78,6 +83,13 @@ class SpecialPagesWithProp extends QueryPage {
                                'label-message' => 'pageswithprop-prop',
                                'required' => true,
                        ],
+                       'namespace' => [
+                               'type' => 'namespaceselect',
+                               'name' => 'namespace',
+                               'label-message' => 'namespace',
+                               'all' => null,
+                               'default' => null,
+                       ],
                        'reverse' => [
                                'type' => 'check',
                                'name' => 'reverse',
@@ -108,6 +120,7 @@ class SpecialPagesWithProp extends QueryPage {
 
        public function onSubmit( $data, $form ) {
                $this->propName = $data['propname'];
+               $this->ns = $data['namespace'];
                parent::execute( $data['propname'] );
        }
 
@@ -134,7 +147,7 @@ class SpecialPagesWithProp extends QueryPage {
        }
 
        public function getQueryInfo() {
-               return [
+               $query = [
                        'tables' => [ 'page_props', 'page' ],
                        'fields' => [
                                'page_id' => 'pp_page',
@@ -153,6 +166,12 @@ class SpecialPagesWithProp extends QueryPage {
                        ],
                        'options' => []
                ];
+
+               if ( $this->ns && isset( $this->ns ) ) {
+                       $query['conds']['page_namespace'] = $this->ns;
+               }
+
+               return $query;
        }
 
        function getOrderFields() {
index 3524d79..2ef96ad 100644 (file)
@@ -22,6 +22,7 @@
  */
 
 use MediaWiki\Auth\AuthManager;
+use MediaWiki\MediaWikiServices;
 
 /**
  * Special page for requesting a password reset email.
@@ -52,7 +53,11 @@ class SpecialPasswordReset extends FormSpecialPage {
 
        private function getPasswordReset() {
                if ( $this->passwordReset === null ) {
-                       $this->passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
+                       $this->passwordReset = new PasswordReset(
+                               $this->getConfig(),
+                               AuthManager::singleton(),
+                               MediaWikiServices::getInstance()->getPermissionManager()
+                       );
                }
                return $this->passwordReset;
        }
index 0bc9147..d541ead 100644 (file)
@@ -115,7 +115,10 @@ class SpecialPreferences extends SpecialPage {
        }
 
        protected function showResetForm() {
-               if ( !$this->getUser()->isAllowed( 'editmyoptions' ) ) {
+               if ( !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'editmyoptions' )
+               ) {
                        throw new PermissionsError( 'editmyoptions' );
                }
 
@@ -134,7 +137,10 @@ class SpecialPreferences extends SpecialPage {
        }
 
        public function submitReset( $formData ) {
-               if ( !$this->getUser()->isAllowed( 'editmyoptions' ) ) {
+               if ( !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'editmyoptions' )
+               ) {
                        throw new PermissionsError( 'editmyoptions' );
                }
 
index 0bfe185..4683fe6 100644 (file)
@@ -185,7 +185,9 @@ class SpecialRecentChanges extends ChangesListSpecialPage {
                if (
                        !$this->including() &&
                        $this->getUser()->isLoggedIn() &&
-                       $this->getUser()->isAllowed( 'viewmywatchlist' )
+                       MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'viewmywatchlist' )
                ) {
                        $this->registerFiltersFromDefinitions( [ $this->watchlistFilterGroupDefinition ] );
                        $watchlistGroup = $this->getFilterGroup( 'watchlist' );
@@ -279,7 +281,10 @@ class SpecialRecentChanges extends ChangesListSpecialPage {
                $join_conds = array_merge( $join_conds, $rcQuery['joins'] );
 
                // JOIN on watchlist for users
-               if ( $user->isLoggedIn() && $user->isAllowed( 'viewmywatchlist' ) ) {
+               if ( $user->isLoggedIn() && MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $user, 'viewmywatchlist' )
+               ) {
                        $tables[] = 'watchlist';
                        $fields[] = 'wl_user';
                        $fields[] = 'wl_notificationtimestamp';
index 26f3665..0921ada 100644 (file)
@@ -21,6 +21,8 @@
  * @ingroup SpecialPage
  */
 
+use MediaWiki\MediaWikiServices;
+
 /**
  * This is to display changes made to all articles linked in an article.
  *
@@ -91,7 +93,10 @@ class SpecialRecentChangesLinked extends SpecialRecentChanges {
 
                // left join with watchlist table to highlight watched rows
                $uid = $this->getUser()->getId();
-               if ( $uid && $this->getUser()->isAllowed( 'viewmywatchlist' ) ) {
+               if ( $uid && MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'viewmywatchlist' )
+               ) {
                        $tables[] = 'watchlist';
                        $select[] = 'wl_user';
                        $join_conds['watchlist'] = [ 'LEFT JOIN', [
index 50867dd..82d8b73 100644 (file)
@@ -90,7 +90,9 @@ class SpecialRedirect extends FormSpecialPage {
                }
                $userpage = Title::makeTitle( NS_USER, $username );
 
-               return Status::newGood( $userpage->getFullURL( '', false, PROTO_CURRENT ) );
+               return Status::newGood( [
+                       $userpage->getFullURL( '', false, PROTO_CURRENT ), 302
+               ] );
        }
 
        /**
index 7444225..698e590 100644 (file)
@@ -21,7 +21,9 @@
  * @ingroup SpecialPage
  */
 
+use MediaWiki\MediaWikiServices;
 use MediaWiki\Storage\RevisionRecord;
+use MediaWiki\Permissions\PermissionManager;
 
 /**
  * Special page allowing users with the appropriate permissions to view
@@ -66,6 +68,9 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
        /** @var string */
        private $otherReason;
 
+       /** @var PermissionManager */
+       private $permissionManager;
+
        /**
         * UI labels for each type.
         */
@@ -107,8 +112,15 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                ],
        ];
 
-       public function __construct() {
+       /**
+        * @inheritDoc
+        *
+        * @param PermissionManager $permissionManager
+        */
+       public function __construct( PermissionManager $permissionManager ) {
                parent::__construct( 'Revisiondelete', 'deleterevision' );
+
+               $this->permissionManager = $permissionManager;
        }
 
        public function doesWrites() {
@@ -124,13 +136,6 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                $output = $this->getOutput();
                $user = $this->getUser();
 
-               // Check blocks
-               // @TODO Use PermissionManager::isBlockedFrom() instead.
-               $block = $user->getBlock();
-               if ( $block ) {
-                       throw new UserBlockedError( $block );
-               }
-
                $this->setHeaders();
                $this->outputHeader();
                $request = $this->getRequest();
@@ -180,12 +185,19 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                        return;
                }
 
+               // Check blocks
+               if ( $this->permissionManager->isBlockedFrom( $user, $this->targetObj ) ) {
+                       throw new UserBlockedError( $user->getBlock() );
+               }
+
                $this->typeLabels = self::$UILabels[$this->typeName];
                $list = $this->getList();
                $list->reset();
-               $this->mIsAllowed = $user->isAllowed( RevisionDeleter::getRestriction( $this->typeName ) );
-               $canViewSuppressedOnly = $this->getUser()->isAllowed( 'viewsuppressed' ) &&
-                       !$this->getUser()->isAllowed( 'suppressrevision' );
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               $this->mIsAllowed = $permissionManager->userHasRight( $user,
+                       RevisionDeleter::getRestriction( $this->typeName ) );
+               $canViewSuppressedOnly = $permissionManager->userHasRight( $user, 'viewsuppressed' ) &&
+                       !$permissionManager->userHasRight( $user, 'suppressrevision' );
                $pageIsSuppressed = $list->areAnySuppressed();
                $this->mIsAllowed = $this->mIsAllowed && !( $canViewSuppressedOnly && $pageIsSuppressed );
 
@@ -202,7 +214,7 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                        [ 'revdelete-hide-comment', 'wpHideComment', RevisionRecord::DELETED_COMMENT ],
                        [ 'revdelete-hide-user', 'wpHideUser', RevisionRecord::DELETED_USER ]
                ];
-               if ( $user->isAllowed( 'suppressrevision' ) ) {
+               if ( $permissionManager->userHasRight( $user, 'suppressrevision' ) ) {
                        $this->checks[] = [ 'revdelete-hide-restricted',
                                'wpHideRestricted', RevisionRecord::DELETED_RESTRICTED ];
                }
@@ -214,7 +226,7 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                        $this->showForm();
                }
 
-               if ( $user->isAllowed( 'deletedhistory' ) ) {
+               if ( $permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
                        $qc = $this->getLogQueryCond();
                        # Show relevant lines from the deletion log
                        $deleteLogPage = new LogPage( 'delete' );
@@ -228,7 +240,7 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                        );
                }
                # Show relevant lines from the suppression log
-               if ( $user->isAllowed( 'suppressionlog' ) ) {
+               if ( $permissionManager->userHasRight( $user, 'suppressionlog' ) ) {
                        $suppressLogPage = new LogPage( 'suppress' );
                        $output->addHTML( "<h2>" . $suppressLogPage->getName()->escaped() . "</h2>\n" );
                        LogEventsList::showLogExtract(
@@ -267,7 +279,10 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                                        [ 'action' => 'history' ]
                                );
                                # Link to deleted edits
-                               if ( $this->getUser()->isAllowed( 'undelete' ) ) {
+                               if ( MediaWikiServices::getInstance()
+                                               ->getPermissionManager()
+                                               ->userHasRight( $this->getUser(), 'undelete' )
+                               ) {
                                        $undelete = SpecialPage::getTitleFor( 'Undelete' );
                                        $links[] = $linkRenderer->makeKnownLink(
                                                $undelete,
@@ -471,7 +486,10 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                                Xml::closeElement( 'fieldset' ) . "\n" .
                                Xml::closeElement( 'form' ) . "\n";
                        // Show link to edit the dropdown reasons
-                       if ( $this->getUser()->isAllowed( 'editinterface' ) ) {
+                       if ( MediaWikiServices::getInstance()
+                                       ->getPermissionManager()
+                                       ->userHasRight( $this->getUser(), 'editinterface' )
+                       ) {
                                $link = $this->getLinkRenderer()->makeKnownLink(
                                        $this->msg( 'revdelete-reason-dropdown' )->inContentLanguage()->getTitle(),
                                        $this->msg( 'revdelete-edit-reasonlist' )->text(),
@@ -497,7 +515,10 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                        'revdelete-text-others'
                );
 
-               if ( $this->getUser()->isAllowed( 'suppressrevision' ) ) {
+               if ( MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'suppressrevision' )
+               ) {
                        $this->getOutput()->addWikiMsg( 'revdelete-suppress-text' );
                }
 
@@ -602,7 +623,9 @@ class SpecialRevisionDelete extends UnlistedSpecialPage {
                }
                # Can the user set this field?
                if ( $bitParams[RevisionRecord::DELETED_RESTRICTED] == 1
-                       && !$this->getUser()->isAllowed( 'suppressrevision' )
+                       && !MediaWikiServices::getInstance()
+                               ->getPermissionManager()
+                               ->userHasRight( $this->getUser(), 'suppressrevision' )
                ) {
                        throw new PermissionsError( 'suppressrevision' );
                }
index 375694b..530c580 100644 (file)
@@ -52,7 +52,8 @@ class SpecialRunJobs extends UnlistedSpecialPage {
                }
 
                // Validate request parameters
-               $optional = [ 'maxjobs' => 0, 'maxtime' => 30, 'type' => false, 'async' => true ];
+               $optional = [ 'maxjobs' => 0, 'maxtime' => 30, 'type' => false,
+                       'async' => true, 'stats' => false ];
                $required = array_flip( [ 'title', 'tasks', 'signature', 'sigexpiry' ] );
                $params = array_intersect_key( $this->getRequest()->getValues(), $required + $optional );
                $missing = array_diff_key( $required, $params );
@@ -95,14 +96,20 @@ class SpecialRunJobs extends UnlistedSpecialPage {
                                DeferredUpdates::POSTSEND
                        );
                } else {
-                       $this->doRun( $params );
-                       print "Done\n";
+                       $stats = $this->doRun( $params );
+
+                       if ( $params['stats'] ) {
+                               $this->getRequest()->response()->header( 'Content-Type: application/json' );
+                               print FormatJson::encode( $stats );
+                       } else {
+                               print "Done\n";
+          &nbs