Daniel Kinzler has uploaded a new change for review. https://gerrit.wikimedia.org/r/249214
Change subject: [WIP] RestrictedRevisionContentLookup for enforcing access restrictions on revision content. ...................................................................... [WIP] RestrictedRevisionContentLookup for enforcing access restrictions on revision content. Change-Id: I60979f98ef83b57b7ba804a0bc4a49df7a7c3488 --- A includes/storage/PublicAudienceRevisionContentLookup.php A includes/storage/RestrictedRevisionContentLookup.php A includes/storage/SlotAccessDeniedException.php A includes/storage/UserAudienceRevisionContentLookup.php 4 files changed, 252 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/14/249214/3 diff --git a/includes/storage/PublicAudienceRevisionContentLookup.php b/includes/storage/PublicAudienceRevisionContentLookup.php new file mode 100644 index 0000000..c797ef5 --- /dev/null +++ b/includes/storage/PublicAudienceRevisionContentLookup.php @@ -0,0 +1,43 @@ +<?php + +namespace MediaWiki\Storage; + +/** + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * http://www.gnu.org/copyleft/gpl.html + * + * @since 1.27 + * + * @file + * @ingroup Storage + * + * @author Daniel Kinzler + */ + +/** + * Implementation of RevisionContentLookup that enforces access control for the "public" audience. + */ +class PublicAudienceRevisionContentLookup extends RestrictedRevisionContentLookup { + + /** + * @param RevisionSlot $slotRecord + * + * @return bool + */ + protected function canAccess( RevisionSlot $slotRecord ) { + return ( $slotRecord->getReadRestrictions() === null ); + } + +} diff --git a/includes/storage/RestrictedRevisionContentLookup.php b/includes/storage/RestrictedRevisionContentLookup.php new file mode 100644 index 0000000..888cb19 --- /dev/null +++ b/includes/storage/RestrictedRevisionContentLookup.php @@ -0,0 +1,76 @@ +<?php + +namespace MediaWiki\Storage; + +use Title; + +/** + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * http://www.gnu.org/copyleft/gpl.html + * + * @since 1.27 + * + * @file + * @ingroup Storage + * + * @author Daniel Kinzler + */ + +/** + * Abstract base implementation of RevisionContentLookup that enforces access control. + */ +abstract class RestrictedRevisionContentLookup implements RevisionContentLookup { + + /** + * @var RevisionContentLookup + */ + private $lookup; + + /** + * @param RevisionContentLookup $lookup + */ + public function __construct( RevisionContentLookup $lookup ) { + $this->lookup = $lookup; + } + + /** + * @param RevisionSlot $slotRecord + * + * @todo: provide more details + * @return bool + */ + protected abstract function canAccess( RevisionSlot $slotRecord ); + + /** + * @see RevisionContentLookup::getRevisionSlot + * + * @param Title $title + * @param int $revisionId The revision ID (not 0) + * @param string $slot The slot name. + * + * @throws RevisionContentException + * @return RevisionSlot + */ + function getRevisionSlot( Title $title, $revisionId, $slotName = 'main' ) { + $slot = $this->lookup->getRevisionSlot( $title, $revisionId, $slotName ); + + if ( !$this->canAccess( $slot ) ) { + throw new SlotAccessDeniedException( $title, $revisionId, $slotName ); + } + + return $slot; + } + +} diff --git a/includes/storage/SlotAccessDeniedException.php b/includes/storage/SlotAccessDeniedException.php new file mode 100644 index 0000000..9aa9c80 --- /dev/null +++ b/includes/storage/SlotAccessDeniedException.php @@ -0,0 +1,49 @@ +<?php + +namespace MediaWiki\Storage; + +use Title; + +/** + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * http://www.gnu.org/copyleft/gpl.html + * + * @since 1.27 + * + * @file + * @ingroup Storage + * + * @author Daniel Kinzler + */ + +/** + * SlotAccessDeniedException is raised when trying to access a slot to which the current user + * does not have access. + * + * @license GPL 2+ + * @author Daniel Kinzler + */ +class SlotAccessDeniedException extends RevisionContentException { + + /** + * @param Title $title + * @param int $revisionId + * @param string $slot + */ + public function __construct( Title $title, $revisionId, $slot ) { + parent::__construct( "Access denied", $title, $revisionId, $slot ); + } + +} diff --git a/includes/storage/UserAudienceRevisionContentLookup.php b/includes/storage/UserAudienceRevisionContentLookup.php new file mode 100644 index 0000000..6a34529 --- /dev/null +++ b/includes/storage/UserAudienceRevisionContentLookup.php @@ -0,0 +1,84 @@ +<?php + +namespace MediaWiki\Storage; + +use Title; +use User; + +/** + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * http://www.gnu.org/copyleft/gpl.html + * + * @since 1.27 + * + * @file + * @ingroup Storage + * + * @author Daniel Kinzler + */ + +/** + * Implementation of RevisionContentLookup that enforces access control based on + * user permissions. + */ +class UserAudienceRevisionContentLookup extends RestrictedRevisionContentLookup { + + /** + * @var User + */ + private $user; + + /** + * @param User $user + * @param string[] $permissions list of sufficient permissions for viewing non-suppressed content + * @param string[] $permissionsForSuppressed list of sufficient permissions for viewing suppressed content + */ + public function __construct( User $user ) { + $this->user = $user; + } + + /** + * @param RevisionSlot $slotRecord + * + * @return bool + */ + protected function canAccess( RevisionSlot $slotRecord ) { + $restrictions = $slotRecord->getReadRestrictions(); + + if ( $restrictions === null ) { + return true; + } + + $permissionlist = implode( ',', $restrictions ); + + //FIXME: inject a TitleFactory + $title = Title::newFromID( $slotRecord->getPageId() ); + + if ( $title === null ) { + wfDebug( "Checking for $permissionlist\n" ); + return call_user_func_array( array( $this->user, 'isAllowedAny' ), $restrictions ); + } else { + $text = $title->getPrefixedText(); + wfDebug( "Checking for $permissionlist on $text\n" ); + foreach ( $restrictions as $perm ) { + if ( $title->userCan( $perm, $this->user ) ) { + return true; + } + } + return false; + } + } + +} -- To view, visit https://gerrit.wikimedia.org/r/249214 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I60979f98ef83b57b7ba804a0bc4a49df7a7c3488 Gerrit-PatchSet: 3 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Daniel Kinzler <[email protected]> Gerrit-Reviewer: Brion VIBBER <[email protected]> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
