Page MenuHomePhabricator

abusefilter_private.patch

Authored By
bzimport
Nov 22 2014, 12:08 AM
Size
6 KB
Referenced Files
None
Subscribers
None

abusefilter_private.patch

Index: special/SpecialAbuseLog.php
===================================================================
--- special/SpecialAbuseLog.php (revision 107483)
+++ special/SpecialAbuseLog.php (working copy)
@@ -199,7 +199,10 @@
}
if ( $this->mSearchFilter ) {
- $conds['afl_filter'] = $this->mSearchFilter;
+ // if the filter is hidden, users who can't view private filters should not be able to find log entries generated by it
+ if ( !AbuseFilter::filterHidden( $this->mSearchFilter ) || AbuseFilterView::canViewPrivate() ) {
+ $conds['afl_filter'] = $this->mSearchFilter;
+ }
}
$searchTitle = Title::newFromText( $this->mSearchTitle );
@@ -222,10 +225,6 @@
function showDetails( $id ) {
$out = $this->getOutput();
- if ( !self::canSeeDetails() ) {
- $out->addWikiMsg( 'abusefilter-log-cannot-see-details' );
- return;
- }
$dbr = wfGetDB( DB_SLAVE );
@@ -242,6 +241,17 @@
return;
}
+ if ( AbuseFilter::decodeGlobalName( $row->afl_filter ) ) {
+ $filter_hidden = null;
+ } else {
+ $filter_hidden = $row->af_hidden;
+ }
+
+ if ( !self::canSeeDetails( $row->afl_filter, $filter_hidden ) ) {
+ $out->addWikiMsg( 'abusefilter-log-cannot-see-details' );
+ return;
+ }
+
if ( $row->afl_deleted && !self::canSeeHidden() ) {
$out->addWikiMsg( 'abusefilter-log-details-hidden' );
return;
@@ -325,8 +335,18 @@
/**
* @return bool
*/
- static function canSeeDetails() {
+ static function canSeeDetails( $filter_id = null, $filter_hidden = null ) {
global $wgUser;
+
+ if ( $filter_id !== null ) {
+ if ( $filter_hidden === null ) {
+ $filter_hidden = AbuseFilter::filterHidden( $filter_id );
+ }
+ if ( $filter_hidden ) {
+ return $wgUser->isAllowed( 'abusefilter-log-detail' ) && AbuseFilterView::canViewPrivate();
+ }
+ }
+
return $wgUser->isAllowed( 'abusefilter-log-detail' );
}
@@ -392,11 +412,13 @@
// Pull global filter description
$parsed_comments =
$wgOut->parseInline( AbuseFilter::getGlobalFilterDescription( $globalIndex ) );
+ $filter_hidden = null;
} else {
$parsed_comments = $wgOut->parseInline( $row->af_public_comments );
+ $filter_hidden = $row->af_hidden;
}
- if ( self::canSeeDetails() ) {
+ if ( self::canSeeDetails( $row->afl_filter, $filter_hidden ) ) {
$examineTitle = SpecialPage::getTitleFor( 'AbuseFilter', 'examine/log/' . $row->afl_id );
$detailsLink = $sk->makeKnownLinkObj(
$this->getTitle($row->afl_id),
Index: Views/AbuseFilterViewList.php
===================================================================
--- Views/AbuseFilterViewList.php (revision 107483)
+++ Views/AbuseFilterViewList.php (working copy)
@@ -225,11 +225,15 @@
$lang->formatNum( $value )
);
// @todo FIXME: makeKnownLinkObj() is deprecated.
- $link = Linker::makeKnownLinkObj(
- SpecialPage::getTitleFor( 'AbuseLog' ),
- $count_display,
- 'wpSearchFilter=' . $row->af_id
- );
+ if ( SpecialAbuseLog::canSeeDetails( $row->af_id, $row->af_hidden ) ) {
+ $link = Linker::makeKnownLinkObj(
+ SpecialPage::getTitleFor( 'AbuseLog' ),
+ $count_display,
+ 'wpSearchFilter=' . $row->af_id
+ );
+ } else {
+ $link = "";
+ }
return $link;
case 'af_timestamp':
$userLink =
Index: Views/AbuseFilterView.php
===================================================================
--- Views/AbuseFilterView.php (revision 107483)
+++ Views/AbuseFilterView.php (working copy)
@@ -22,9 +22,10 @@
abstract function show();
/**
+ * @static
* @return bool
*/
- function canEdit() {
+ static function canEdit() {
global $wgUser;
static $canEdit = null;
@@ -36,14 +37,15 @@
}
/**
+ * @static
* @return bool
*/
- function canViewPrivate() {
+ static function canViewPrivate() {
global $wgUser;
static $canView = null;
if ( is_null( $canView ) ) {
- $canView = $this->canEdit() || $wgUser->isAllowed( 'abusefilter-view-private' );
+ $canView = self::canEdit() || $wgUser->isAllowed( 'abusefilter-view-private' );
}
return $canView;
Index: Views/AbuseFilterViewExamine.php
===================================================================
--- Views/AbuseFilterViewExamine.php (revision 107483)
+++ Views/AbuseFilterViewExamine.php (working copy)
@@ -106,7 +106,7 @@
self::$examineType = 'log';
self::$examineId = $logid;
- if ( !SpecialAbuseLog::canSeeDetails() ) {
+ if ( !SpecialAbuseLog::canSeeDetails( $row->afl_filter ) ) {
$this->getOutput()->addWikiMsg( 'abusefilter-log-cannot-see-details' );
return;
}
Index: AbuseFilter.class.php
===================================================================
--- AbuseFilter.class.php (revision 107483)
+++ AbuseFilter.class.php (working copy)
@@ -206,7 +206,17 @@
}
public static function filterHidden( $filter ) {
- $dbr = wfGetDB( DB_SLAVE );
+ $globalIndex = self::decodeGlobalName( $filter );
+ if ( $globalIndex ) {
+ global $wgAbuseFilterCentralDB;
+ if ( !$wgAbuseFilterCentralDB ) {
+ return false;
+ }
+ $dbr = wfGetDB( DB_SLAVE, array(), $wgAbuseFilterCentralDB );
+ $filter = $globalIndex;
+ } else {
+ $dbr = wfGetDB( DB_SLAVE );
+ }
$hidden = $dbr->selectField(
'abuse_filter',
'af_hidden',
Index: AbuseFilter.i18n.php
===================================================================
--- AbuseFilter.i18n.php (revision 107483)
+++ AbuseFilter.i18n.php (working copy)
@@ -104,7 +104,7 @@
'abusefilter-log-linkoncontribs-text' => 'Abuse log for this user',
'abusefilter-log-hidden' => '(entry hidden)',
'abusefilter-log-hide' => 'hide or unhide', // @todo FIXME: Message unused?
- 'abusefilter-log-cannot-see-details' => 'You do not have permission to see details of any entries.',
+ 'abusefilter-log-cannot-see-details' => 'You do not have permission to see details of this entry.',
'abusefilter-log-details-hidden' => 'You cannot view the details for this entry because it is hidden from public view.',
// Hiding log entries
@@ -581,7 +581,7 @@
'abusefilter-log-linkoncontribs-text' => 'Title for link added on [[Special:Contributions]] and other relevant special pages.',
'abusefilter-log-hidden' => 'Text for a hidden log entry.',
'abusefilter-log-hide' => 'This message may be unused.',
- 'abusefilter-log-cannot-see-details' => 'Message show instead of the log row for users without permissions to see any details.',
+ 'abusefilter-log-cannot-see-details' => 'Message show instead of log row details for users without permissions to see them.',
'abusefilter-log-details-hidden' => 'Message shown instead of log row details when those are hidden.',
'abusefilter-log-hide-legend' => 'Legend for form to hide a log entry.',
'abusefilter-log-hide-id' => 'Field label in form to hide a log entry.',

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
8307
Default Alt Text
abusefilter_private.patch (6 KB)

Event Timeline