Jack Phoenix has submitted this change and it was merged. Change subject: Version 0.5.0: extension registration support + various other fixes ......................................................................
Version 0.5.0: extension registration support + various other fixes * Actually made this not fatal due to that stupid legacy require_once call in the body file * Globals -> RequestContext * wfMsg -> wfMessage * Changed MediaWikiBagOStuff initialization in ProtectSiteForm::__construct() to SqlBagOStuff initialization since the former was removed in MW 1.25, as per the core HISTORY file * Removed old PHP i18n file * Added missing i18n message "action-protectsite", which is shown as a part of a sentence in an error message when a user w/o the sufficient privileges tries to access Special:ProtectSite Change-Id: I8a0f3442fe0edaaa8cefcc919dc90a8fe2e3cd5f --- M ProtectSite.body.php D ProtectSite.i18n.php M ProtectSite.php A extension.json M i18n/en.json 5 files changed, 164 insertions(+), 156 deletions(-) Approvals: Jack Phoenix: Looks good to me, approved jenkins-bot: Verified diff --git a/ProtectSite.body.php b/ProtectSite.body.php index ab76119..fa15c0c 100644 --- a/ProtectSite.body.php +++ b/ProtectSite.body.php @@ -1,8 +1,21 @@ <?php /** - * Two classes for providing Special:ProtectSite page. + * This extension provides Special:ProtectSite, which makes it possible for + * users with protectsite permissions to quickly lock down and restore various + * privileges for anonymous and registered users on a wiki. + * + * Knobs: + * 'protectsite' - Group permission to use the special page. + * $wgProtectSiteLimit - Maximum time allowed for protection of the site. + * $wgProtectSiteDefaultTimeout - Default protection time. + * $wgProtectSiteExempt - Array of non-sysop usergroups to be not effected by rights changes + * * @file * @ingroup Extensions + * @author Eric Johnston <[email protected]> + * @author Chris Stafford <[email protected]> + * @author Jack Phoenix <[email protected]> + * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License 2.0 or later */ class ProtectSite extends SpecialPage { @@ -17,32 +30,100 @@ /** * Show the special page * - * @param $par Mixed: parameter passed to the page or null + * @param mixed|null $par Parameter passed to the page */ public function execute( $par ) { - global $wgOut, $wgUser, $wgRequest; + $user = $this->getUser(); // If the user doesn't have 'protectsite' permission, display an error - if ( !$wgUser->isAllowed( 'protectsite' ) ) { + if ( !$user->isAllowed( 'protectsite' ) ) { $this->displayRestrictionError(); return; } // Show a message if the database is in read-only mode if ( wfReadOnly() ) { - $wgOut->readOnlyPage(); - return; + throw new ReadOnlyError; } // If user is blocked, s/he doesn't need to access this page - if ( $wgUser->isBlocked() ) { - $wgOut->blockedPage(); - return; + if ( $user->isBlocked() ) { + throw new UserBlockedError( $user->mBlock ); } $this->setHeaders(); - $form = new ProtectSiteForm( $wgRequest ); + $form = new ProtectSiteForm( $this->getRequest() ); + } + + /** + * Persistent data is unserialized from a record in the objectcache table + * which is set in the special page. It will change the permissions for + * various functions for anonymous and registered users based on the data + * in the array. The data expires after the set amount of time, just like + * a block. + */ + public static function setup() { + /* Globals */ + global $wgGroupPermissions, $wgMemc, $wgProtectSiteExempt, $wgCommandLineMode; + + // macbre: don't run code below when running in command line mode (memcache starts to act strange) + if ( !empty( $wgCommandLineMode ) ) { + return; + } + + /* Initialize Object */ + $persist_data = new SqlBagOStuff( array() ); + + /* Get data into the prot hash */ + $prot = $wgMemc->get( wfMemcKey( 'protectsite' ) ); + if ( !$prot ) { + $prot = $persist_data->get( 'protectsite' ); + if ( !$prot ) { + $wgMemc->set( wfMemcKey( 'protectsite' ), 'disabled' ); + } + } + + /* Logic to disable the selected user rights */ + if ( is_array( $prot ) ) { + /* MW doesn't timeout correctly, this handles it */ + if ( time() >= $prot['until'] ) { + $persist_data->delete( 'protectsite' ); + } + + /* Protection-related code for MediaWiki 1.8+ */ + $wgGroupPermissions['*']['createaccount'] = !( $prot['createaccount'] >= 1 ); + $wgGroupPermissions['user']['createaccount'] = !( $prot['createaccount'] == 2 ); + + $wgGroupPermissions['*']['createpage'] = !( $prot['createpage'] >= 1 ); + $wgGroupPermissions['*']['createtalk'] = !( $prot['createpage'] >= 1 ); + $wgGroupPermissions['user']['createpage'] = !( $prot['createpage'] == 2 ); + $wgGroupPermissions['user']['createtalk'] = !( $prot['createpage'] == 2 ); + + $wgGroupPermissions['*']['edit'] = !( $prot['edit'] >= 1 ); + $wgGroupPermissions['user']['edit'] = !( $prot['edit'] == 2 ); + $wgGroupPermissions['sysop']['edit'] = true; + + $wgGroupPermissions['user']['move'] = !( $prot['move'] == 1 ); + $wgGroupPermissions['user']['upload'] = !( $prot['upload'] == 1 ); + $wgGroupPermissions['user']['reupload'] = !( $prot['upload'] == 1 ); + $wgGroupPermissions['user']['reupload-shared'] = !( $prot['upload'] == 1 ); + + // are there any groups that should not get affected by ProtectSite's lockdown? + if ( !empty( $wgProtectSiteExempt ) && is_array( $wgProtectSiteExempt ) ) { + // there are, so loop over them, and force these rights to be true + // will resolve any problems from inheriting rights from 'user' or 'sysop' + foreach ( $wgProtectSiteExempt as $exemptGroup ) { + $wgGroupPermissions[$exemptGroup]['edit'] = 1; + $wgGroupPermissions[$exemptGroup]['createpage'] = 1; + $wgGroupPermissions[$exemptGroup]['createtalk'] = 1; + $wgGroupPermissions[$exemptGroup]['move'] = 1; + $wgGroupPermissions[$exemptGroup]['upload'] = 1; + $wgGroupPermissions[$exemptGroup]['reupload'] = 1; + $wgGroupPermissions[$exemptGroup]['reupload-shared'] = 1; + } + } + } } } @@ -59,25 +140,21 @@ function __construct( &$request ) { global $wgMemc; - if( !class_exists( 'BagOStuff' ) || !class_exists( 'MediaWikiBagOStuff' ) ) { - global $IP; - require_once( $IP . '/includes/BagOStuff.php' ); - } $titleObj = SpecialPage::getTitleFor( 'ProtectSite' ); - $this->action = htmlspecialchars( $titleObj->getLocalURL() ); + $this->action = htmlspecialchars( $titleObj->getLocalURL(), ENT_QUOTES ); $this->mRequest =& $request; - $this->persist_data = new MediaWikiBagOStuff(); + $this->persist_data = new SqlBagOStuff( array() ); /* Get data into the value variable/array */ $prot = $wgMemc->get( wfMemcKey( 'protectsite' ) ); - if( !$prot ) { + if ( !$prot ) { $prot = $this->persist_data->get( 'protectsite' ); } /* If this was a GET request */ - if( !$this->mRequest->wasPosted() ) { + if ( !$this->mRequest->wasPosted() ) { /* If $value is an array, protection is set, allow unsetting */ - if( is_array( $prot ) ) { + if ( is_array( $prot ) ) { $this->unProtectSiteForm( $prot ); } else { /* If $value is not an array, protection is not set */ @@ -85,7 +162,7 @@ } } else { /* If this was a POST request, process the data sent */ - if( $this->mRequest->getVal( 'protect' ) ) { + if ( $this->mRequest->getVal( 'protect' ) ) { $this->setProtectSite(); } else { $this->unProtectSite(); @@ -167,15 +244,15 @@ } /** - * @param $name String: name of the fieldset. - * @param $content String: HTML content to put in. + * @param string $name Name of the fieldset. + * @param string $content HTML content to put in. * @return string HTML fieldset */ private function fieldset( $name, $content ) { // Give grep a chance to find the usages: // protectsite-title, protectsite-createaccount, protectsite-createpage, // protectsite-edit, protectsite-move, protectsite-upload - return '<fieldset><legend>' . wfMsg( 'protectsite-' . $name ) . + return '<fieldset><legend>' . wfMessage( 'protectsite-' . $name )->text() . "</legend>\n" . $content . "\n</fieldset>\n"; } @@ -191,9 +268,9 @@ // protectsite-move-0, protectsite-move-1, // protectsite-upload-0, protectsite-upload-1 $s = ''; - foreach( $fields as $value => $checked ) { + foreach ( $fields as $value => $checked ) { $s .= "<div><label><input type=\"radio\" name=\"{$varname}\" value=\"{$value}\"" . ( $checked ? ' checked="checked"' : '' ) . ' />' - . wfMsg( 'protectsite-' . $varname . '-' . $value ) . + . wfMessage( 'protectsite-' . $varname . '-' . $value )->text() . "</label></div>\n"; } @@ -205,14 +282,14 @@ * after the text box itself. */ private function textbox( $varname, $value = '', $append = '' ) { - if( $this->mRequest->wasPosted() ) { + if ( $this->mRequest->wasPosted() ) { $value = $this->mRequest->getText( $varname, $value ); } // Give grep a chance to find the usages: - // protectsite-timeout, protectsite-comment, protectsite-ucomment - $value = htmlspecialchars( $value ); - return '<div><label>' . wfMsg( 'protectsite-' . $varname ) . + // protectsite-timeout, protectsite-comment, protectsite-ucomment + $value = htmlspecialchars( $value, ENT_QUOTES ); + return '<div><label>' . wfMessage( 'protectsite-' . $varname )->text() . "<input type=\"text\" name=\"{$varname}\" value=\"{$value}\" /> " . $append . "</label></div>\n"; @@ -229,9 +306,9 @@ // protectsite-edit-0, protectsite-edit-1, protectsite-edit-2, // protectsite-move-0, protectsite-move-1, // protectsite-upload-0, protectsite-upload-1 - return '<b>' . wfMsg( 'protectsite-' . $name ) . ' - <i>' . + return '<b>' . wfMessage( 'protectsite-' . $name )->text() . ' - <i>' . '<span style="color: ' . ( ( $state > 0 ) ? 'red' : 'green' ) . '">' . - wfMsg( 'protectsite-' . $name . '-' . $state ) . '</span>' . + wfMessage( 'protectsite-' . $name . '-' . $state )->text() . '</span>' . "</i></b><br />\n"; } @@ -248,11 +325,11 @@ $this->showField( 'edit', $prot['edit'] ) . $this->showField( 'move', $prot['move'] ) . $this->showField( 'upload', $prot['upload'] ) . - '<b>' . wfMsg( 'protectsite-timeout' ) . ' </b> ' . + '<b>' . wfMessage( 'protectsite-timeout' )->text() . ' </b> ' . '<i>' . $wgLang->timeAndDate( wfTimestamp( TS_MW, $prot['until'] ), true ) . '</i>' . '<br />' . ( $prot['comment'] != '' ? - '<b>' . wfMsg( 'protectsite-comment' ) . ' </b> ' . + '<b>' . wfMessage( 'protectsite-comment' )->text() . ' </b> ' . '<i>' . $prot['comment'] . '</i>' . '<br />' : '' ) . "<br />\n" . @@ -261,7 +338,7 @@ Xml::element( 'input', array( 'type' => 'submit', 'name' => 'unprotect', - 'value' => wfMsg( 'protectsite-unprotect' ) ) + 'value' => wfMessage( 'protectsite-unprotect' )->text() ) ) ) . '</form>' @@ -295,7 +372,7 @@ $this->radiobox( 'upload', $upload ) . $this->textbox( 'timeout', $wgProtectSiteDefaultTimeout, ( isset( $wgProtectSiteLimit ) ? - ' (' . wfMsg( 'protectsite-maxtimeout', $wgProtectSiteLimit ) . ')' : + ' (' . wfMessage( 'protectsite-maxtimeout', $wgProtectSiteLimit )->text() . ')' : '' )) . "\n<br />" . @@ -304,7 +381,7 @@ Xml::element( 'input', array( 'type' => 'submit', 'name' => 'protect', - 'value' => wfMsg( 'protectsite-protect' ) ) + 'value' => wfMessage( 'protectsite-protect' )->text() ) ) ) . '</form>' diff --git a/ProtectSite.i18n.php b/ProtectSite.i18n.php deleted file mode 100644 index 9346570..0000000 --- a/ProtectSite.i18n.php +++ /dev/null @@ -1,35 +0,0 @@ -<?php -/** - * This is a backwards-compatibility shim, generated by: - * https://git.wikimedia.org/blob/mediawiki%2Fcore.git/HEAD/maintenance%2FgenerateJsonI18n.php - * - * Beginning with MediaWiki 1.23, translation strings are stored in json files, - * and the EXTENSION.i18n.php file only exists to provide compatibility with - * older releases of MediaWiki. For more information about this migration, see: - * https://www.mediawiki.org/wiki/Requests_for_comment/Localisation_format - * - * This shim maintains compatibility back to MediaWiki 1.17. - */ -$messages = array(); -if ( !function_exists( 'wfJsonI18nShimce2d8f79140e9433' ) ) { - function wfJsonI18nShimce2d8f79140e9433( $cache, $code, &$cachedData ) { - $codeSequence = array_merge( array( $code ), $cachedData['fallbackSequence'] ); - foreach ( $codeSequence as $csCode ) { - $fileName = dirname( __FILE__ ) . "/i18n/$csCode.json"; - if ( is_readable( $fileName ) ) { - $data = FormatJson::decode( file_get_contents( $fileName ), true ); - foreach ( array_keys( $data ) as $key ) { - if ( $key === '' || $key[0] === '@' ) { - unset( $data[$key] ); - } - } - $cachedData['messages'] = array_merge( $data, $cachedData['messages'] ); - } - - $cachedData['deps'][] = new FileDependency( $fileName ); - } - return true; - } - - $GLOBALS['wgHooks']['LocalisationCacheRecache'][] = 'wfJsonI18nShimce2d8f79140e9433'; -} diff --git a/ProtectSite.php b/ProtectSite.php index 131850c..30fbd2f 100644 --- a/ProtectSite.php +++ b/ProtectSite.php @@ -18,19 +18,11 @@ * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License 2.0 or later */ -/** - * Protect against register_globals vulnerabilities. - * This line must be present before any global variable is referenced. - */ -if ( !defined( 'MEDIAWIKI' ) ) { - die( "This is not a valid entry point.\n" ); -} - /* Extension Credits. Splarka wants me to be so UN:VAIN! Haet haet hat! */ $wgExtensionCredits['specialpage'][] = array( 'path' => __FILE__, 'name' => 'Protect Site', - 'version' => '0.4.0', + 'version' => '0.5.0', 'author' => array( '[http://en.uncyclopedia.co/wiki/User:Dawg Eric Johnston]', 'Chris Stafford', 'Jack Phoenix' ), 'descriptionmsg' => 'protectsite-desc', 'url' => 'https://www.mediawiki.org/wiki/Extension:ProtectSite', @@ -54,83 +46,11 @@ $wgGroupPermissions['bureaucrat']['protectsite'] = true; /* Add this special page to the special page listing array */ -$dir = dirname( __FILE__ ) . '/'; $wgMessagesDirs['ProtectSite'] = __DIR__ . '/i18n'; -$wgExtensionMessagesFiles['ProtectSite'] = $dir . 'ProtectSite.i18n.php'; -$wgExtensionMessagesFiles['ProtectSiteAliases'] = $dir . 'ProtectSite.alias.php'; -$wgAutoloadClasses['ProtectSite'] = $dir . 'ProtectSite.body.php'; -$wgAutoloadClasses['ProtectSiteForm'] = $dir . 'ProtectSite.body.php'; +$wgExtensionMessagesFiles['ProtectSiteAliases'] = __DIR__ . '/ProtectSite.alias.php'; +$wgAutoloadClasses['ProtectSite'] = __DIR__ . '/ProtectSite.body.php'; +$wgAutoloadClasses['ProtectSiteForm'] = __DIR__ . '/ProtectSite.body.php'; $wgSpecialPages['ProtectSite'] = 'ProtectSite'; /* Register initialization function */ -$wgExtensionFunctions[] = 'wfSetupProtectsite'; - -/** - * Persistent data is unserialized from a record in the objectcache table - * which is set in the Special page. It will change the permissions for - * various functions for anonymous and registered users based on the data - * in the array. The data expires after the set amount of time, just like - * a block. - */ -function wfSetupProtectsite() { - /* Globals */ - global $wgGroupPermissions, $wgMemc, $wgProtectSiteExempt, $wgCommandLineMode; - - // macbre: don't run code below when running in command line mode (memcache starts to act strange) - if ( !empty( $wgCommandLineMode ) ) { - return; - } - - /* Initialize Object */ - $persist_data = new SqlBagOStuff( array() ); - - /* Get data into the prot hash */ - $prot = $wgMemc->get( wfMemcKey( 'protectsite' ) ); - if( !$prot ) { - $prot = $persist_data->get( 'protectsite' ); - if( !$prot ) { - $wgMemc->set( wfMemcKey( 'protectsite' ), 'disabled' ); - } - } - - /* Logic to disable the selected user rights */ - if( is_array( $prot ) ) { - /* MW doesn't timeout correctly, this handles it */ - if( time() >= $prot['until'] ) { - $persist_data->delete( 'protectsite' ); - } - - /* Protection-related code for MediaWiki 1.8+ */ - $wgGroupPermissions['*']['createaccount'] = !( $prot['createaccount'] >= 1 ); - $wgGroupPermissions['user']['createaccount'] = !( $prot['createaccount'] == 2 ); - - $wgGroupPermissions['*']['createpage'] = !( $prot['createpage'] >= 1 ); - $wgGroupPermissions['*']['createtalk'] = !( $prot['createpage'] >= 1 ); - $wgGroupPermissions['user']['createpage'] = !( $prot['createpage'] == 2 ); - $wgGroupPermissions['user']['createtalk'] = !( $prot['createpage'] == 2 ); - - $wgGroupPermissions['*']['edit'] = !( $prot['edit'] >= 1 ); - $wgGroupPermissions['user']['edit'] = !( $prot['edit'] == 2 ); - $wgGroupPermissions['sysop']['edit'] = true; - - $wgGroupPermissions['user']['move'] = !( $prot['move'] == 1 ); - $wgGroupPermissions['user']['upload'] = !( $prot['upload'] == 1 ); - $wgGroupPermissions['user']['reupload'] = !( $prot['upload'] == 1 ); - $wgGroupPermissions['user']['reupload-shared'] = !( $prot['upload'] == 1 ); - - // are there any groups that should not get affected by ProtectSite's lockdown? - if( !empty( $wgProtectSiteExempt ) && is_array( $wgProtectSiteExempt ) ) { - // there are, so loop over them, and force these rights to be true - // will resolve any problems from inheriting rights from 'user' or 'sysop' - foreach( $wgProtectSiteExempt as $exemptGroup ) { - $wgGroupPermissions[$exemptGroup]['edit'] = 1; - $wgGroupPermissions[$exemptGroup]['createpage'] = 1; - $wgGroupPermissions[$exemptGroup]['createtalk'] = 1; - $wgGroupPermissions[$exemptGroup]['move'] = 1; - $wgGroupPermissions[$exemptGroup]['upload'] = 1; - $wgGroupPermissions[$exemptGroup]['reupload'] = 1; - $wgGroupPermissions[$exemptGroup]['reupload-shared'] = 1; - } - } - } -} +$wgExtensionFunctions[] = 'ProtectSite::setup'; \ No newline at end of file diff --git a/extension.json b/extension.json new file mode 100644 index 0000000..ba8d4cc --- /dev/null +++ b/extension.json @@ -0,0 +1,45 @@ +{ + "name": "Protect Site", + "version": "0.5.0", + "author": [ + "[http://en.uncyclopedia.co/wiki/User:Dawg Eric Johnston]", + "Chris Stafford", + "Jack Phoenix" + ], + "license-name": "GPL-2.0+", + "url": "https://www.mediawiki.org/wiki/Extension:ProtectSite";, + "descriptionmsg": "protectsite-desc", + "type": "specialpage", + "config": { + "ProtectSiteExempt": [], + "ProtectsiteDefaultTimeout": "1 hour", + "ProtectSiteLimit": "1 week" + }, + "SpecialPages": { + "ProtectSite": "ProtectSite" + }, + "MessagesDirs": { + "ProtectSite": [ + "i18n" + ] + }, + "ExtensionMessagesFiles": { + "ProtectSiteAliases": "ProtectSite.alias.php" + }, + "AutoloadClasses": { + "ProtectSite": "ProtectSite.body.php", + "ProtectSiteForm": "ProtectSite.body.php" + }, + "AvailableRights": [ + "protectsite" + ], + "GroupPermissions": { + "bureaucrat": { + "protectsite": true + } + }, + "ExtensionFunctions": [ + "ProtectSite::setup" + ], + "manifest_version": 1 +} diff --git a/i18n/en.json b/i18n/en.json index 2778d8e..0e69c47 100644 --- a/i18n/en.json +++ b/i18n/en.json @@ -38,5 +38,6 @@ "protectsite-move-1": "Administrators only", "protectsite-upload-0": "Registered users and administrators", "protectsite-upload-1": "Administrators only", + "action-protectsite": "limit actions that can be performed for some groups for a limited time", "right-protectsite": "Limit actions that can be performed for some groups for a limited time" } -- To view, visit https://gerrit.wikimedia.org/r/254387 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I8a0f3442fe0edaaa8cefcc919dc90a8fe2e3cd5f Gerrit-PatchSet: 4 Gerrit-Project: mediawiki/extensions/ProtectSite Gerrit-Branch: master Gerrit-Owner: Jack Phoenix <[email protected]> Gerrit-Reviewer: Jack Phoenix <[email protected]> Gerrit-Reviewer: Siebrand <[email protected]> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
