jenkins-bot has submitted this change and it was merged. Change subject: Fetch moderation status from last revision ......................................................................
Fetch moderation status from last revision We shouldn't be looking at a certain revision to find if it's suppressed, we should check the current revision Bug: 58016 Change-Id: I497900d469acb6984ca250a141a337910b93c650 --- M FlowActions.php M includes/Block/Header.php M includes/Block/Topic.php M includes/Data/ObjectManager.php 4 files changed, 113 insertions(+), 12 deletions(-) Approvals: EBernhardson: Looks good to me, approved jenkins-bot: Verified diff --git a/FlowActions.php b/FlowActions.php index b8d5501..423017c 100644 --- a/FlowActions.php +++ b/FlowActions.php @@ -470,6 +470,21 @@ 'button-method' => 'GET', ), + 'board-history' => array( + 'performs-writes' => false, + 'log_type' => false, + 'permissions' => array( + PostRevision::MODERATED_NONE => '', + PostRevision::MODERATED_HIDDEN => function( PostRevision $post, RevisionActionPermissions $permissions ) { + // visible for logged in users (or anyone with hide permission) + return $permissions->getUser()->isLoggedIn() ? '' : 'flow-hide'; + }, + PostRevision::MODERATED_DELETED => array( 'flow-delete', 'flow-suppress' ), + PostRevision::MODERATED_SUPPRESSED => 'flow-suppress', + ), + 'button-method' => 'GET', + ), + 'view' => array( 'performs-writes' => false, 'log_type' => false, // don't log views diff --git a/includes/Block/Header.php b/includes/Block/Header.php index 4dec609..a272148 100644 --- a/includes/Block/Header.php +++ b/includes/Block/Header.php @@ -91,7 +91,7 @@ // if $wgFlowContentFormat is set to html the Header::create // call will convert the wikitext input into html via parsoid, and // parsoid requires the page exist. - Container::get( 'occupation_controller' )->ensureFlowRevision( new \Article( $title, 0 ) ); + Container::get( 'occupation_controller' )->ensureFlowRevision( new \Article( $title, 0 ) ); } $this->header = Header::create( $this->workflow, $this->user, $this->submitted['content'], 'create-header' ); @@ -139,10 +139,11 @@ 'historyExists' => false, ); - $historyRecord = $this->loadBoardHistory(); - if ( $historyRecord ) { + $history = $this->filterBoardHistory( $this->loadBoardHistory() ); + + if ( $history ) { $tplVars['historyExists'] = true; - $tplVars['history'] = new History( $historyRecord ); + $tplVars['history'] = new History( $history ); $tplVars['historyRenderer'] = new HistoryRenderer( $templating, $this ); } @@ -160,6 +161,52 @@ } } + protected function filterBoardHistory( array $history ) { + // get rid of history entries user doesn't have sufficient permissions for + $query = $needed = array(); + foreach ( $history as $i => $revision ) { + switch( $revision->getRevisionType() ) { + case 'header': + // headers can't be moderated + break; + case 'post': + // comments should not be in board history + if ( $revision->isTopicTitle() ) { + $needed[$revision->getPostId()->getHex()] = $i; + $query[] = array( 'tree_rev_descendant_id' => $revision->getPostId() ); + } else { + unset( $history[$i] ); + } + break; + } + } + + if ( !$needed ) { + return $history; + } + + // check permissions against most recent revision + $found = $this->storage->findMulti( + 'PostRevision', + $query, + array( 'sort' => 'rev_id', 'order' => 'DESC', 'limit' => 1 ) + ); + foreach ( $found as $newest ) { + $newest = reset( $newest ); + $i = $needed[$newest->getPostId()-getHex()]; + unset( $needed[$newest->getPostId()->getHex()] ); + if ( !$this->permissions->isAllowed( $newest, 'board-history' ) ) { + unset( $history[$i] ); + } + } + // not found + foreach ( $needed as $i ) { + unset( $history[$i] ); + } + + return $history; + } + public function renderAPI( Templating $templating, array $options ) { $output = array(); $output['type'] = 'header'; diff --git a/includes/Block/Topic.php b/includes/Block/Topic.php index 0f63637..80ad8a5 100644 --- a/includes/Block/Topic.php +++ b/includes/Block/Topic.php @@ -350,7 +350,7 @@ $templating->getOutput()->addModules( array( 'ext.flow.history' ) ); } else { $templating->getOutput()->addModuleStyles( array( 'ext.flow.discussion', 'ext.flow.moderation' ) ); - $templating->getOutput()->addModules( array( 'ext.flow.discussion' ) ); + $templating->getOutput()->addModules( array( 'ext.flow.discussion' ) ); } $prefix = ''; @@ -363,8 +363,37 @@ $history = $this->loadTopicHistory(); // get rid of history entries user doesn't have sufficient permissions for - foreach ( $history as $i => $post ) { - if ( !$this->permissions->isAllowed( $post, 'topic-history' ) ) { + $needed = $query = array(); + foreach ( $history as $i => $revision ) { + $hex = $revision->getPostId()->getHex(); + if ( !isset( $needed[$hex] ) ) { + $query[] = array( 'tree_rev_descendant_id' => $revision->getPostId() ); + } + $needed[$hex][] = $i; + } + $found = $this->storage->findMulti( + 'PostRevision', + $query, + array( 'sort' => 'rev_id', 'order' => 'DESC', 'limit' => 1 ) + ); + foreach ( $found as $newest ) { + $newest = reset( $newest ); + $hex = $newest->getPostId()->getHex(); + if ( !isset( $needed[$hex] ) ) { + wfWarn( __METHOD__ . ': Received unrequested postId : ' . $hex ); + continue; + } + $indexes = $needed[$hex]; + unset( $needed[$hex] ); + if ( !$this->permissions->isAllowed( $newest, 'topic-history' ) ) { + foreach ( $indexes as $i ) { + unset( $history[$i] ); + } + } + } + foreach ( $needed as $hex => $indexes ) { + wfWarn( __METHOD__ . ': Did not receive postId: ' . $hex ); + foreach ( $indexes as $i ) { unset( $history[$i] ); } } @@ -518,12 +547,21 @@ return; } - $history = $this->getHistory( $options['postId'] ); + $topicTitle = $this->loadTopicTitle(); // pre-loaded by loadRequestedPost + if ( !$this->permissions->isAllowed( $topicTitle, 'view' ) ) { + $this->addError( 'permissions', wfMessage( 'flow-error-not-allowed' ) ); + return; + } - // get rid of history entries user doesn't have sufficient permissions for - foreach ( $history as $i => $post ) { - if ( !$this->permissions->isAllowed( $post, 'post-history' ) ) { - unset( $history[$i] ); + $history = array(); + // don't show post history if user doesn't have permissions + // @todo: if some day, we have rev-delete, we'll need to also check for that in here + if ( $this->permissions->isAllowed( $post, 'post-history' ) ) { + // get rid of history entries user doesn't have sufficient permissions for + foreach ( $this->getHistory( $options['postId'] ) as $i => $post ) { + if ( $this->permissions->isAllowed( $post, 'post-history' ) ) { + $history[$i] = $post; + } } } diff --git a/includes/Data/ObjectManager.php b/includes/Data/ObjectManager.php index 6d0f9ff..a0e98ef 100644 --- a/includes/Data/ObjectManager.php +++ b/includes/Data/ObjectManager.php @@ -241,6 +241,7 @@ $index = $this->getIndexFor( $keys, $options ); $res = $index->findMulti( $queries ); } catch ( NoIndexException $e ) { + wfDebugLog( __CLASS__, __FUNCTION__ . ': ' . $e->getMessage() ); $res = $this->storage->findMulti( $queries, $this->convertToDbOptions( $options ) ); $output = array(); -- To view, visit https://gerrit.wikimedia.org/r/102203 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I497900d469acb6984ca250a141a337910b93c650 Gerrit-PatchSet: 5 Gerrit-Project: mediawiki/extensions/Flow Gerrit-Branch: master Gerrit-Owner: Matthias Mullie <mmul...@wikimedia.org> Gerrit-Reviewer: EBernhardson <ebernhard...@wikimedia.org> Gerrit-Reviewer: jenkins-bot _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits