jenkins-bot has submitted this change and it was merged.
Change subject: Fetch moderation status from last revision
......................................................................
Fetch moderation status from last revision
We shouldn't be looking at a certain revision to find if it's suppressed, we
should check the current revision
Bug: 58016
Change-Id: I497900d469acb6984ca250a141a337910b93c650
---
M FlowActions.php
M includes/Block/Header.php
M includes/Block/Topic.php
M includes/Data/ObjectManager.php
4 files changed, 113 insertions(+), 12 deletions(-)
Approvals:
EBernhardson: Looks good to me, approved
jenkins-bot: Verified
diff --git a/FlowActions.php b/FlowActions.php
index b8d5501..423017c 100644
--- a/FlowActions.php
+++ b/FlowActions.php
@@ -470,6 +470,21 @@
'button-method' => 'GET',
),
+ 'board-history' => array(
+ 'performs-writes' => false,
+ 'log_type' => false,
+ 'permissions' => array(
+ PostRevision::MODERATED_NONE => '',
+ PostRevision::MODERATED_HIDDEN => function(
PostRevision $post, RevisionActionPermissions $permissions ) {
+ // visible for logged in users (or
anyone with hide permission)
+ return
$permissions->getUser()->isLoggedIn() ? '' : 'flow-hide';
+ },
+ PostRevision::MODERATED_DELETED => array(
'flow-delete', 'flow-suppress' ),
+ PostRevision::MODERATED_SUPPRESSED => 'flow-suppress',
+ ),
+ 'button-method' => 'GET',
+ ),
+
'view' => array(
'performs-writes' => false,
'log_type' => false, // don't log views
diff --git a/includes/Block/Header.php b/includes/Block/Header.php
index 4dec609..a272148 100644
--- a/includes/Block/Header.php
+++ b/includes/Block/Header.php
@@ -91,7 +91,7 @@
// if $wgFlowContentFormat is set to
html the Header::create
// call will convert the wikitext input
into html via parsoid, and
// parsoid requires the page exist.
- Container::get( 'occupation_controller'
)->ensureFlowRevision( new \Article( $title, 0 ) );
+ Container::get( 'occupation_controller'
)->ensureFlowRevision( new \Article( $title, 0 ) );
}
$this->header = Header::create(
$this->workflow, $this->user, $this->submitted['content'], 'create-header' );
@@ -139,10 +139,11 @@
'historyExists' => false,
);
- $historyRecord = $this->loadBoardHistory();
- if ( $historyRecord ) {
+ $history = $this->filterBoardHistory(
$this->loadBoardHistory() );
+
+ if ( $history ) {
$tplVars['historyExists'] = true;
- $tplVars['history'] = new History(
$historyRecord );
+ $tplVars['history'] = new History( $history );
$tplVars['historyRenderer'] = new
HistoryRenderer( $templating, $this );
}
@@ -160,6 +161,52 @@
}
}
+ protected function filterBoardHistory( array $history ) {
+ // get rid of history entries user doesn't have sufficient
permissions for
+ $query = $needed = array();
+ foreach ( $history as $i => $revision ) {
+ switch( $revision->getRevisionType() ) {
+ case 'header':
+ // headers can't be moderated
+ break;
+ case 'post':
+ // comments should not be in board
history
+ if ( $revision->isTopicTitle() ) {
+
$needed[$revision->getPostId()->getHex()] = $i;
+ $query[] = array(
'tree_rev_descendant_id' => $revision->getPostId() );
+ } else {
+ unset( $history[$i] );
+ }
+ break;
+ }
+ }
+
+ if ( !$needed ) {
+ return $history;
+ }
+
+ // check permissions against most recent revision
+ $found = $this->storage->findMulti(
+ 'PostRevision',
+ $query,
+ array( 'sort' => 'rev_id', 'order' => 'DESC', 'limit'
=> 1 )
+ );
+ foreach ( $found as $newest ) {
+ $newest = reset( $newest );
+ $i = $needed[$newest->getPostId()-getHex()];
+ unset( $needed[$newest->getPostId()->getHex()] );
+ if ( !$this->permissions->isAllowed( $newest,
'board-history' ) ) {
+ unset( $history[$i] );
+ }
+ }
+ // not found
+ foreach ( $needed as $i ) {
+ unset( $history[$i] );
+ }
+
+ return $history;
+ }
+
public function renderAPI( Templating $templating, array $options ) {
$output = array();
$output['type'] = 'header';
diff --git a/includes/Block/Topic.php b/includes/Block/Topic.php
index 0f63637..80ad8a5 100644
--- a/includes/Block/Topic.php
+++ b/includes/Block/Topic.php
@@ -350,7 +350,7 @@
$templating->getOutput()->addModules( array(
'ext.flow.history' ) );
} else {
$templating->getOutput()->addModuleStyles( array(
'ext.flow.discussion', 'ext.flow.moderation' ) );
- $templating->getOutput()->addModules( array(
'ext.flow.discussion' ) );
+ $templating->getOutput()->addModules( array(
'ext.flow.discussion' ) );
}
$prefix = '';
@@ -363,8 +363,37 @@
$history = $this->loadTopicHistory();
// get rid of history entries user doesn't have
sufficient permissions for
- foreach ( $history as $i => $post ) {
- if ( !$this->permissions->isAllowed( $post,
'topic-history' ) ) {
+ $needed = $query = array();
+ foreach ( $history as $i => $revision ) {
+ $hex = $revision->getPostId()->getHex();
+ if ( !isset( $needed[$hex] ) ) {
+ $query[] = array(
'tree_rev_descendant_id' => $revision->getPostId() );
+ }
+ $needed[$hex][] = $i;
+ }
+ $found = $this->storage->findMulti(
+ 'PostRevision',
+ $query,
+ array( 'sort' => 'rev_id', 'order' => 'DESC',
'limit' => 1 )
+ );
+ foreach ( $found as $newest ) {
+ $newest = reset( $newest );
+ $hex = $newest->getPostId()->getHex();
+ if ( !isset( $needed[$hex] ) ) {
+ wfWarn( __METHOD__ . ': Received
unrequested postId : ' . $hex );
+ continue;
+ }
+ $indexes = $needed[$hex];
+ unset( $needed[$hex] );
+ if ( !$this->permissions->isAllowed( $newest,
'topic-history' ) ) {
+ foreach ( $indexes as $i ) {
+ unset( $history[$i] );
+ }
+ }
+ }
+ foreach ( $needed as $hex => $indexes ) {
+ wfWarn( __METHOD__ . ': Did not receive postId:
' . $hex );
+ foreach ( $indexes as $i ) {
unset( $history[$i] );
}
}
@@ -518,12 +547,21 @@
return;
}
- $history = $this->getHistory( $options['postId'] );
+ $topicTitle = $this->loadTopicTitle(); // pre-loaded by
loadRequestedPost
+ if ( !$this->permissions->isAllowed( $topicTitle, 'view' ) ) {
+ $this->addError( 'permissions', wfMessage(
'flow-error-not-allowed' ) );
+ return;
+ }
- // get rid of history entries user doesn't have sufficient
permissions for
- foreach ( $history as $i => $post ) {
- if ( !$this->permissions->isAllowed( $post,
'post-history' ) ) {
- unset( $history[$i] );
+ $history = array();
+ // don't show post history if user doesn't have permissions
+ // @todo: if some day, we have rev-delete, we'll need to also
check for that in here
+ if ( $this->permissions->isAllowed( $post, 'post-history' ) ) {
+ // get rid of history entries user doesn't have
sufficient permissions for
+ foreach ( $this->getHistory( $options['postId'] ) as $i
=> $post ) {
+ if ( $this->permissions->isAllowed( $post,
'post-history' ) ) {
+ $history[$i] = $post;
+ }
}
}
diff --git a/includes/Data/ObjectManager.php b/includes/Data/ObjectManager.php
index 6d0f9ff..a0e98ef 100644
--- a/includes/Data/ObjectManager.php
+++ b/includes/Data/ObjectManager.php
@@ -241,6 +241,7 @@
$index = $this->getIndexFor( $keys, $options );
$res = $index->findMulti( $queries );
} catch ( NoIndexException $e ) {
+ wfDebugLog( __CLASS__, __FUNCTION__ . ': ' .
$e->getMessage() );
$res = $this->storage->findMulti( $queries,
$this->convertToDbOptions( $options ) );
$output = array();
--
To view, visit https://gerrit.wikimedia.org/r/102203
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I497900d469acb6984ca250a141a337910b93c650
Gerrit-PatchSet: 5
Gerrit-Project: mediawiki/extensions/Flow
Gerrit-Branch: master
Gerrit-Owner: Matthias Mullie <mmul...@wikimedia.org>
Gerrit-Reviewer: EBernhardson <ebernhard...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
