From: This, that and the other <at.light@live.com.au>
Date: Fri, 23 Dec 2016 02:07:59 +0000 (+1100)
Subject: Disregard expired user_group rows in special page and API DB queries
X-Git-Tag: 1.31.0-rc.0~4212
X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=commitdiff_plain;h=ac8f144c042ae9d06f2baeb3c713afcc2a9a778a

Disregard expired user_group rows in special page and API DB queries

An essential follow-up to I93c955dc7a970f78e32aa503c01c67da30971d1a.

Bug: T12493
Change-Id: Icf78cce3f3e362677d10897b8d1103b3df91fa08
---

diff --git a/includes/SiteStats.php b/includes/SiteStats.php
index ff7875c948..42b080f455 100644
--- a/includes/SiteStats.php
+++ b/includes/SiteStats.php
@@ -193,7 +193,10 @@ class SiteStats {
 				return $dbr->selectField(
 					'user_groups',
 					'COUNT(*)',
-					[ 'ug_group' => $group ],
+					[
+						'ug_group' => $group,
+						'ug_expiry IS NULL OR ug_expiry >= ' . $dbr->addQuotes( $dbr->timestamp() )
+					],
 					__METHOD__
 				);
 			},
diff --git a/includes/api/ApiQueryAllImages.php b/includes/api/ApiQueryAllImages.php
index e3e5ed6c9f..22561a9bce 100644
--- a/includes/api/ApiQueryAllImages.php
+++ b/includes/api/ApiQueryAllImages.php
@@ -197,7 +197,8 @@ class ApiQueryAllImages extends ApiQueryGeneratorBase {
 					'LEFT JOIN',
 					[
 						'ug_group' => User::getGroupsWithPermission( 'bot' ),
-						'ug_user = img_user'
+						'ug_user = img_user',
+						'ug_expiry IS NULL OR ug_expiry >=' . $db->addQuotes( $db->timestamp() )
 					]
 				] ] );
 				$groupCond = ( $params['filterbots'] == 'nobots' ? 'NULL' : 'NOT NULL' );
diff --git a/includes/api/ApiQueryAllUsers.php b/includes/api/ApiQueryAllUsers.php
index 2e2ac320fd..3faccf99be 100644
--- a/includes/api/ApiQueryAllUsers.php
+++ b/includes/api/ApiQueryAllUsers.php
@@ -116,8 +116,16 @@ class ApiQueryAllUsers extends ApiQueryBase {
 			// Filter only users that belong to a given group. This might
 			// produce as many rows-per-user as there are groups being checked.
 			$this->addTables( 'user_groups', 'ug1' );
-			$this->addJoinConds( [ 'ug1' => [ 'INNER JOIN', [ 'ug1.ug_user=user_id',
-				'ug1.ug_group' => $params['group'] ] ] ] );
+			$this->addJoinConds( [
+				'ug1' => [
+					'INNER JOIN',
+					[
+						'ug1.ug_user=user_id',
+						'ug1.ug_group' => $params['group'],
+						'ug1.ug_expiry IS NULL OR ug1.ug_expiry >= ' . $db->addQuotes( $db->timestamp() )
+					]
+				]
+			] );
 			$maxDuplicateRows *= count( $params['group'] );
 		}
 
@@ -135,7 +143,10 @@ class ApiQueryAllUsers extends ApiQueryBase {
 				) ];
 			}
 			$this->addJoinConds( [ 'ug1' => [ 'LEFT OUTER JOIN',
-				array_merge( [ 'ug1.ug_user=user_id' ], $exclude )
+				array_merge( [
+					'ug1.ug_user=user_id',
+					'ug1.ug_expiry IS NULL OR ug1.ug_expiry >= ' . $db->addQuotes( $db->timestamp() )
+				], $exclude )
 			] ] );
 			$this->addWhere( 'ug1.ug_user IS NULL' );
 		}
@@ -148,7 +159,10 @@ class ApiQueryAllUsers extends ApiQueryBase {
 
 		if ( $fld_groups || $fld_rights ) {
 			$this->addFields( [ 'groups' =>
-				$db->buildGroupConcatField( '|', 'user_groups', 'ug_group', 'ug_user=user_id' )
+				$db->buildGroupConcatField( '|', 'user_groups', 'ug_group', [
+					'ug_user=user_id',
+					'ug_expiry IS NULL OR ug_expiry >= ' . $db->addQuotes( $db->timestamp() )
+				] )
 			] );
 		}
 
diff --git a/includes/api/ApiQueryContributors.php b/includes/api/ApiQueryContributors.php
index ac5ccca84c..89fffd6cef 100644
--- a/includes/api/ApiQueryContributors.php
+++ b/includes/api/ApiQueryContributors.php
@@ -160,7 +160,11 @@ class ApiQueryContributors extends ApiQueryBase {
 			$this->addTables( 'user_groups' );
 			$this->addJoinConds( [ 'user_groups' => [
 				$excludeGroups ? 'LEFT OUTER JOIN' : 'INNER JOIN',
-				[ 'ug_user=rev_user', 'ug_group' => $limitGroups ]
+				[
+					'ug_user=rev_user',
+					'ug_group' => $limitGroups,
+					'ug_expiry IS NULL OR ug_expiry >= ' . $db->addQuotes( $db->timestamp() )
+				]
 			] ] );
 			$this->addWhereIf( 'ug_user IS NULL', $excludeGroups );
 		}
diff --git a/includes/api/ApiQueryUsers.php b/includes/api/ApiQueryUsers.php
index 609f90ddd2..01265cc7c0 100644
--- a/includes/api/ApiQueryUsers.php
+++ b/includes/api/ApiQueryUsers.php
@@ -98,6 +98,8 @@ class ApiQueryUsers extends ApiQueryBase {
 	}
 
 	public function execute() {
+		$db = $this->getDB();
+
 		$params = $this->extractRequestParams();
 		$this->requireMaxOneParameter( $params, 'userids', 'users' );
 
@@ -168,11 +170,14 @@ class ApiQueryUsers extends ApiQueryBase {
 
 				$this->addTables( 'user_groups' );
 				$this->addJoinConds( [ 'user_groups' => [ 'INNER JOIN', 'ug_user=user_id' ] ] );
-				$this->addFields( [ 'user_name', 'ug_group' ] );
+				$this->addFields( [ 'user_name' ] );
+				$this->addFields( UserGroupMembership::selectFields() );
+				$this->addWhere( 'ug_expiry IS NULL OR ug_expiry >= ' .
+					$db->addQuotes( $db->timestamp() ) );
 				$userGroupsRes = $this->select( __METHOD__ );
 
 				foreach ( $userGroupsRes as $row ) {
-					$userGroups[$row->user_name][] = $row->ug_group;
+					$userGroups[$row->user_name][] = $row;
 				}
 			}
 
diff --git a/includes/specials/pagers/ActiveUsersPager.php b/includes/specials/pagers/ActiveUsersPager.php
index a7482723f3..e2f4d4b57d 100644
--- a/includes/specials/pagers/ActiveUsersPager.php
+++ b/includes/specials/pagers/ActiveUsersPager.php
@@ -101,12 +101,17 @@ class ActiveUsersPager extends UsersPager {
 			$tables[] = 'user_groups';
 			$conds[] = 'ug_user = user_id';
 			$conds['ug_group'] = $this->groups;
+			$conds[] = 'ug_expiry IS NULL OR ug_expiry >= ' . $dbr->addQuotes( $dbr->timestamp() );
 		}
 		if ( $this->excludegroups !== [] ) {
 			foreach ( $this->excludegroups as $group ) {
 				$conds[] = 'NOT EXISTS (' . $dbr->selectSQLText(
-						'user_groups', '1', [ 'ug_user = user_id', 'ug_group' => $group ]
-					) . ')';
+					'user_groups', '1', [
+						'ug_user = user_id',
+						'ug_group' => $group,
+						'ug_expiry IS NULL OR ug_expiry >= ' . $dbr->addQuotes( $dbr->timestamp() )
+					]
+				) . ')';
 			}
 		}
 		if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
diff --git a/includes/specials/pagers/ContribsPager.php b/includes/specials/pagers/ContribsPager.php
index 39c55c8a0c..3993f620d9 100644
--- a/includes/specials/pagers/ContribsPager.php
+++ b/includes/specials/pagers/ContribsPager.php
@@ -222,7 +222,8 @@ class ContribsPager extends ReverseChronologicalPager {
 				$join_conds['user_groups'] = [
 					'LEFT JOIN', [
 						'ug_user = rev_user',
-						'ug_group' => $groupsWithBotPermission
+						'ug_group' => $groupsWithBotPermission,
+						'ug_expiry IS NULL OR ug_expiry >= ' . $this->mDb->addQuotes( $this->mDb->timestamp() )
 					]
 				];
 			}
diff --git a/includes/specials/pagers/NewFilesPager.php b/includes/specials/pagers/NewFilesPager.php
index e22b939fd6..76f90bd312 100644
--- a/includes/specials/pagers/NewFilesPager.php
+++ b/includes/specials/pagers/NewFilesPager.php
@@ -59,13 +59,15 @@ class NewFilesPager extends ReverseChronologicalPager {
 			$groupsWithBotPermission = User::getGroupsWithPermission( 'bot' );
 
 			if ( count( $groupsWithBotPermission ) ) {
+				$dbr = wfGetDB( DB_REPLICA );
 				$tables[] = 'user_groups';
 				$conds[] = 'ug_group IS NULL';
 				$jconds['user_groups'] = [
 					'LEFT JOIN',
 					[
 						'ug_group' => $groupsWithBotPermission,
-						'ug_user = img_user'
+						'ug_user = img_user',
+						'ug_expiry IS NULL OR ug_expiry >= ' . $dbr->addQuotes( $dbr->timestamp() )
 					]
 				];
 			}
diff --git a/includes/specials/pagers/UsersPager.php b/includes/specials/pagers/UsersPager.php
index 48ce23a059..da3a30be8c 100644
--- a/includes/specials/pagers/UsersPager.php
+++ b/includes/specials/pagers/UsersPager.php
@@ -112,6 +112,7 @@ class UsersPager extends AlphabeticPager {
 
 		if ( $this->requestedGroup != '' ) {
 			$conds['ug_group'] = $this->requestedGroup;
+			$conds[] = 'ug_expiry IS NULL OR ug_expiry >= ' . $dbr->addQuotes( $dbr->timestamp() );
 		}
 
 		if ( $this->requestedUser != '' ) {