* http://www.mediawiki.org/ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * http://www.gnu.org/copyleft/gpl.html * * @file */ /** * Handles the page protection UI and backend */ class ProtectionForm { /** A map of action to restriction level, from request or default */ var $mRestrictions = array(); /** The custom/additional protection reason */ var $mReason = ''; /** The reason selected from the list, blank for other/additional */ var $mReasonSelection = ''; /** True if the restrictions are cascading, from request or existing protection */ var $mCascade = false; /** Map of action to "other" expiry time. Used in preference to mExpirySelection. */ var $mExpiry = array(); /** * Map of action to value selected in expiry drop-down list. * Will be set to 'othertime' whenever mExpiry is set. */ var $mExpirySelection = array(); /** Permissions errors for the protect action */ var $mPermErrors = array(); /** Types (i.e. actions) for which levels can be selected */ var $mApplicableTypes = array(); /** Map of action to the expiry time of the existing protection */ var $mExistingExpiry = array(); function __construct( Page $article ) { global $wgUser; // Set instance variables. $this->mArticle = $article; $this->mTitle = $article->getTitle(); $this->mApplicableTypes = $this->mTitle->getRestrictionTypes(); // Check if the form should be disabled. // If it is, the form will be available in read-only to show levels. $this->mPermErrors = $this->mTitle->getUserPermissionsErrors( 'protect', $wgUser ); if ( wfReadOnly() ) { $this->mPermErrors[] = array( 'readonlytext', wfReadOnlyReason() ); } $this->disabled = $this->mPermErrors != array(); $this->disabledAttrib = $this->disabled ? array( 'disabled' => 'disabled' ) : array(); $this->loadData(); } /** * Loads the current state of protection into the object. */ function loadData() { global $wgRequest, $wgUser; global $wgRestrictionLevels; $this->mCascade = $this->mTitle->areRestrictionsCascading(); $this->mReason = $wgRequest->getText( 'mwProtect-reason' ); $this->mReasonSelection = $wgRequest->getText( 'wpProtectReasonSelection' ); $this->mCascade = $wgRequest->getBool( 'mwProtect-cascade', $this->mCascade ); foreach( $this->mApplicableTypes as $action ) { // @todo FIXME: This form currently requires individual selections, // but the db allows multiples separated by commas. // Pull the actual restriction from the DB $this->mRestrictions[$action] = implode( '', $this->mTitle->getRestrictions( $action ) ); if ( !$this->mRestrictions[$action] ) { // No existing expiry $existingExpiry = ''; } else { $existingExpiry = $this->mTitle->getRestrictionExpiry( $action ); } $this->mExistingExpiry[$action] = $existingExpiry; $requestExpiry = $wgRequest->getText( "mwProtect-expiry-$action" ); $requestExpirySelection = $wgRequest->getVal( "wpProtectExpirySelection-$action" ); if ( $requestExpiry ) { // Custom expiry takes precedence $this->mExpiry[$action] = $requestExpiry; $this->mExpirySelection[$action] = 'othertime'; } elseif ( $requestExpirySelection ) { // Expiry selected from list $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = $requestExpirySelection; } elseif ( $existingExpiry == 'infinity' ) { // Existing expiry is infinite, use "infinite" in drop-down $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = 'infinite'; } elseif ( $existingExpiry ) { // Use existing expiry in its own list item $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = $existingExpiry; } else { // Final default: infinite $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = 'infinite'; } $val = $wgRequest->getVal( "mwProtect-level-$action" ); if( isset( $val ) && in_array( $val, $wgRestrictionLevels ) ) { // Prevent users from setting levels that they cannot later unset if( $val == 'sysop' ) { // Special case, rewrite sysop to either protect and editprotected if( !$wgUser->isAllowedAny( 'protect', 'editprotected' ) ) continue; } else { if( !$wgUser->isAllowed( $val ) ) continue; } $this->mRestrictions[$action] = $val; } } } /** * Get the expiry time for a given action, by combining the relevant inputs. * * @param $action string * * @return string 14-char timestamp or "infinity", or false if the input was invalid */ function getExpiry( $action ) { if ( $this->mExpirySelection[$action] == 'existing' ) { return $this->mExistingExpiry[$action]; } elseif ( $this->mExpirySelection[$action] == 'othertime' ) { $value = $this->mExpiry[$action]; } else { $value = $this->mExpirySelection[$action]; } if ( $value == 'infinite' || $value == 'indefinite' || $value == 'infinity' ) { $time = wfGetDB( DB_SLAVE )->getInfinity(); } else { $unix = strtotime( $value ); if ( !$unix || $unix === -1 ) { return false; } // @todo FIXME: Non-qualified absolute times are not in users specified timezone // and there isn't notice about it in the ui $time = wfTimestamp( TS_MW, $unix ); } return $time; } /** * Main entry point for action=protect and action=unprotect */ function execute() { global $wgRequest, $wgOut; if ( $this->mTitle->getNamespace() == NS_MEDIAWIKI ) { throw new ErrorPageError( 'protect-badnamespace-title', 'protect-badnamespace-text' ); } if( $wgRequest->wasPosted() ) { if( $this->save() ) { $q = $this->mArticle->isRedirect() ? 'redirect=no' : ''; $wgOut->redirect( $this->mTitle->getFullUrl( $q ) ); } } else { $this->show(); } } /** * Show the input form with optional error message * * @param string $err error message or null if there's no error */ function show( $err = null ) { global $wgOut; $wgOut->setRobotPolicy( 'noindex,nofollow' ); $wgOut->addBacklinkSubtitle( $this->mTitle ); if ( is_array( $err ) ) { $wgOut->wrapWikiMsg( "
\n$1\n
\n", $err ); } elseif ( is_string( $err ) ) { $wgOut->addHTML( "{$err}
\n" ); } if ( $this->mTitle->getRestrictionTypes() === array() ) { // No restriction types available for the current title // this might happen if an extension alters the available types $wgOut->setPageTitle( wfMessage( 'protect-norestrictiontypes-title', $this->mTitle->getPrefixedText() ) ); $wgOut->addWikiText( wfMessage( 'protect-norestrictiontypes-text' )->text() ); // Show the log in case protection was possible once $this->showLogExtract( $wgOut ); // return as there isn't anything else we can do return; } list( $cascadeSources, /* $restrictions */ ) = $this->mTitle->getCascadeProtectionSources(); if ( $cascadeSources && count( $cascadeSources ) > 0 ) { $titles = ''; foreach ( $cascadeSources as $title ) { $titles .= '* [[:' . $title->getPrefixedText() . "]]\n"; } $wgOut->wrapWikiMsg( "{$mProtectexpiry} | " . Xml::tags( 'select', array( 'id' => "mwProtectExpirySelection-$action", 'name' => "wpProtectExpirySelection-$action", 'onchange' => "ProtectionForm.updateExpiryList(this)", 'tabindex' => '2' ) + $this->disabledAttrib, $expiryFormOptions ) . " |
" . $mProtectother . ' | ' . Xml::input( "mwProtect-expiry-$action", 50, $this->mExpiry[$action], $attribs ) . ' |
' . $link . '
'; } if ( !$this->disabled ) { $out .= Html::hidden( 'wpEditToken', $wgUser->getEditToken( array( 'protect', $this->mTitle->getPrefixedDBkey() ) ) ); $out .= Xml::closeElement( 'form' ); $wgOut->addScript( $this->buildCleanupScript() ); } return $out; } /** * Build protection level selector * * @param string $action action to protect * @param string $selected current protection level * @return String: HTML fragment */ function buildSelector( $action, $selected ) { global $wgRestrictionLevels, $wgUser; $levels = array(); foreach( $wgRestrictionLevels as $key ) { //don't let them choose levels above their own (aka so they can still unprotect and edit the page). but only when the form isn't disabled if( $key == 'sysop' ) { //special case, rewrite sysop to protect and editprotected if( !$wgUser->isAllowedAny( 'protect', 'editprotected' ) && !$this->disabled ) continue; } else { if( !$wgUser->isAllowed( $key ) && !$this->disabled ) continue; } $levels[] = $key; } $id = 'mwProtect-level-' . $action; $attribs = array( 'id' => $id, 'name' => $id, 'size' => count( $levels ), 'onchange' => 'ProtectionForm.updateLevels(this)', ) + $this->disabledAttrib; $out = Xml::openElement( 'select', $attribs ); foreach( $levels as $key ) { $out .= Xml::option( $this->getOptionLabel( $key ), $key, $key == $selected ); } $out .= Xml::closeElement( 'select' ); return $out; } /** * Prepare the label for a protection selector option * * @param string $permission permission required * @return String */ private function getOptionLabel( $permission ) { if( $permission == '' ) { return wfMessage( 'protect-default' )->text(); } else { $msg = wfMessage( "protect-level-{$permission}" ); if( $msg->exists() ) { return $msg->text(); } return wfMessage( 'protect-fallback', $permission )->text(); } } function buildCleanupScript() { global $wgRestrictionLevels, $wgOut; $cascadeableLevels = array(); foreach( $wgRestrictionLevels as $key ) { if ( User::groupHasPermission( $key, 'protect' ) || $key == 'protect' ) { $cascadeableLevels[] = $key; } } $options = array( 'tableId' => 'mwProtectSet', 'labelText' => wfMessage( 'protect-unchain-permissions' )->plain(), 'numTypes' => count( $this->mApplicableTypes ), 'existingMatch' => count( array_unique( $this->mExistingExpiry ) ) === 1, ); $wgOut->addJsConfigVars( 'wgCascadeableLevels', $cascadeableLevels ); $script = Xml::encodeJsCall( 'ProtectionForm.init', array( $options ) ); return Html::inlineScript( ResourceLoader::makeLoaderConditionalScript( $script ) ); } /** * Show protection long extracts for this page * * @param $out OutputPage * @access private */ function showLogExtract( &$out ) { # Show relevant lines from the protection log: $protectLogPage = new LogPage( 'protect' ); $out->addHTML( Xml::element( 'h2', null, $protectLogPage->getName()->text() ) ); LogEventsList::showLogExtract( $out, 'protect', $this->mTitle ); # Let extensions add other relevant log extracts wfRunHooks( 'ProtectionForm::showLogExtract', array( $this->mArticle, $out ) ); } }