MediaWiki  master
SpecialUserrights.php
Go to the documentation of this file.
1 <?php
29 class UserrightsPage extends SpecialPage {
30  # The target of the local right-adjuster's interest. Can be gotten from
31  # either a GET parameter or a subpage-style parameter, so have a member
32  # variable for it.
33  protected $mTarget;
34  /*
35  * @var null|User $mFetchedUser The user object of the target username or null.
36  */
37  protected $mFetchedUser = null;
38  protected $isself = false;
39 
40  public function __construct() {
41  parent::__construct( 'Userrights' );
42  }
43 
44  public function doesWrites() {
45  return true;
46  }
47 
48  public function isRestricted() {
49  return true;
50  }
51 
52  public function userCanExecute( User $user ) {
53  return $this->userCanChangeRights( $user, false );
54  }
55 
61  public function userCanChangeRights( $user, $checkIfSelf = true ) {
62  $available = $this->changeableGroups();
63  if ( $user->getId() == 0 ) {
64  return false;
65  }
66 
67  return !empty( $available['add'] )
68  || !empty( $available['remove'] )
69  || ( ( $this->isself || !$checkIfSelf ) &&
70  ( !empty( $available['add-self'] )
71  || !empty( $available['remove-self'] ) ) );
72  }
73 
81  public function execute( $par ) {
82  // If the visitor doesn't have permissions to assign or remove
83  // any groups, it's a bit silly to give them the user search prompt.
84 
85  $user = $this->getUser();
86  $request = $this->getRequest();
87  $out = $this->getOutput();
88 
89  /*
90  * If the user is blocked and they only have "partial" access
91  * (e.g. they don't have the userrights permission), then don't
92  * allow them to use Special:UserRights.
93  */
94  if ( $user->isBlocked() && !$user->isAllowed( 'userrights' ) ) {
95  throw new UserBlockedError( $user->getBlock() );
96  }
97 
98  if ( $par !== null ) {
99  $this->mTarget = $par;
100  } else {
101  $this->mTarget = $request->getVal( 'user' );
102  }
103 
104  $available = $this->changeableGroups();
105 
106  if ( $this->mTarget === null ) {
107  /*
108  * If the user specified no target, and they can only
109  * edit their own groups, automatically set them as the
110  * target.
111  */
112  if ( !count( $available['add'] ) && !count( $available['remove'] ) ) {
113  $this->mTarget = $user->getName();
114  }
115  }
116 
117  if ( $this->mTarget !== null && User::getCanonicalName( $this->mTarget ) === $user->getName() ) {
118  $this->isself = true;
119  }
120 
121  $fetchedStatus = $this->fetchUser( $this->mTarget );
122  if ( $fetchedStatus->isOK() ) {
123  $this->mFetchedUser = $fetchedStatus->value;
124  if ( $this->mFetchedUser instanceof User ) {
125  // Set the 'relevant user' in the skin, so it displays links like Contributions,
126  // User logs, UserRights, etc.
127  $this->getSkin()->setRelevantUser( $this->mFetchedUser );
128  }
129  }
130 
131  if ( !$this->userCanChangeRights( $user, true ) ) {
132  if ( $this->isself && $request->getCheck( 'success' ) ) {
133  // bug 48609: if the user just removed its own rights, this would
134  // leads it in a "permissions error" page. In that case, show a
135  // message that it can't anymore use this page instead of an error
136  $this->setHeaders();
137  $out->wrapWikiMsg( "<div class=\"successbox\">\n$1\n</div>", 'userrights-removed-self' );
138  $out->returnToMain();
139 
140  return;
141  }
142 
143  // @todo FIXME: There may be intermediate groups we can mention.
144  $msg = $user->isAnon() ? 'userrights-nologin' : 'userrights-notallowed';
145  throw new PermissionsError( null, [ [ $msg ] ] );
146  }
147 
148  // show a successbox, if the user rights was saved successfully
149  if ( $request->getCheck( 'success' ) && $this->mFetchedUser !== null ) {
150  $out->addModules( [ 'mediawiki.special.userrights' ] );
151  $out->addModuleStyles( 'mediawiki.notification.convertmessagebox.styles' );
152  $out->addHtml(
153  Html::rawElement(
154  'div',
155  [
156  'class' => 'mw-notify-success successbox',
157  'id' => 'mw-preferences-success',
158  'data-mw-autohide' => 'false',
159  ],
160  Html::element(
161  'p',
162  [],
163  $this->msg( 'savedrights', $this->mFetchedUser->getName() )->text()
164  )
165  )
166  );
167  }
168 
169  $this->checkReadOnly();
170 
171  $this->setHeaders();
172  $this->outputHeader();
173 
174  $out->addModuleStyles( 'mediawiki.special' );
175  $this->addHelpLink( 'Help:Assigning permissions' );
176 
177  // show the general form
178  if ( count( $available['add'] ) || count( $available['remove'] ) ) {
179  $this->switchForm();
180  }
181 
182  if (
183  $request->wasPosted() &&
184  $request->getCheck( 'saveusergroups' ) &&
185  $this->mTarget !== null &&
186  $user->matchEditToken( $request->getVal( 'wpEditToken' ), $this->mTarget )
187  ) {
188  // save settings
189  if ( !$fetchedStatus->isOK() ) {
190  $this->getOutput()->addWikiText( $fetchedStatus->getWikiText() );
191 
192  return;
193  }
194 
195  $targetUser = $this->mFetchedUser;
196  if ( $targetUser instanceof User ) { // UserRightsProxy doesn't have this method (bug 61252)
197  $targetUser->clearInstanceCache(); // bug 38989
198  }
199 
200  if ( $request->getVal( 'conflictcheck-originalgroups' )
201  !== implode( ',', $targetUser->getGroups() )
202  ) {
203  $out->addWikiMsg( 'userrights-conflict' );
204  } else {
205  $this->saveUserGroups(
206  $this->mTarget,
207  $request->getVal( 'user-reason' ),
208  $targetUser
209  );
210 
211  $out->redirect( $this->getSuccessURL() );
212 
213  return;
214  }
215  }
216 
217  // show some more forms
218  if ( $this->mTarget !== null ) {
219  $this->editUserGroupsForm( $this->mTarget );
220  }
221  }
222 
223  function getSuccessURL() {
224  return $this->getPageTitle( $this->mTarget )->getFullURL( [ 'success' => 1 ] );
225  }
226 
236  function saveUserGroups( $username, $reason, $user ) {
237  $allgroups = $this->getAllGroups();
238  $addgroup = [];
239  $removegroup = [];
240 
241  // This could possibly create a highly unlikely race condition if permissions are changed between
242  // when the form is loaded and when the form is saved. Ignoring it for the moment.
243  foreach ( $allgroups as $group ) {
244  // We'll tell it to remove all unchecked groups, and add all checked groups.
245  // Later on, this gets filtered for what can actually be removed
246  if ( $this->getRequest()->getCheck( "wpGroup-$group" ) ) {
247  $addgroup[] = $group;
248  } else {
249  $removegroup[] = $group;
250  }
251  }
252 
253  $this->doSaveUserGroups( $user, $addgroup, $removegroup, $reason );
254  }
255 
265  function doSaveUserGroups( $user, $add, $remove, $reason = '' ) {
266  // Validate input set...
267  $isself = $user->getName() == $this->getUser()->getName();
268  $groups = $user->getGroups();
269  $changeable = $this->changeableGroups();
270  $addable = array_merge( $changeable['add'], $isself ? $changeable['add-self'] : [] );
271  $removable = array_merge( $changeable['remove'], $isself ? $changeable['remove-self'] : [] );
272 
273  $remove = array_unique(
274  array_intersect( (array)$remove, $removable, $groups ) );
275  $add = array_unique( array_diff(
276  array_intersect( (array)$add, $addable ),
277  $groups )
278  );
279 
280  $oldGroups = $user->getGroups();
281  $newGroups = $oldGroups;
282 
283  // Remove then add groups
284  if ( $remove ) {
285  foreach ( $remove as $index => $group ) {
286  if ( !$user->removeGroup( $group ) ) {
287  unset( $remove[$index] );
288  }
289  }
290  $newGroups = array_diff( $newGroups, $remove );
291  }
292  if ( $add ) {
293  foreach ( $add as $index => $group ) {
294  if ( !$user->addGroup( $group ) ) {
295  unset( $add[$index] );
296  }
297  }
298  $newGroups = array_merge( $newGroups, $add );
299  }
300  $newGroups = array_unique( $newGroups );
301 
302  // Ensure that caches are cleared
303  $user->invalidateCache();
304 
305  // update groups in external authentication database
306  Hooks::run( 'UserGroupsChanged', [ $user, $add, $remove, $this->getUser(), $reason ] );
307  MediaWiki\Auth\AuthManager::callLegacyAuthPlugin(
308  'updateExternalDBGroups', [ $user, $add, $remove ]
309  );
310 
311  wfDebug( 'oldGroups: ' . print_r( $oldGroups, true ) . "\n" );
312  wfDebug( 'newGroups: ' . print_r( $newGroups, true ) . "\n" );
313  // Deprecated in favor of UserGroupsChanged hook
314  Hooks::run( 'UserRights', [ &$user, $add, $remove ], '1.26' );
315 
316  if ( $newGroups != $oldGroups ) {
317  $this->addLogEntry( $user, $oldGroups, $newGroups, $reason );
318  }
319 
320  return [ $add, $remove ];
321  }
322 
330  function addLogEntry( $user, $oldGroups, $newGroups, $reason ) {
331  $logEntry = new ManualLogEntry( 'rights', 'rights' );
332  $logEntry->setPerformer( $this->getUser() );
333  $logEntry->setTarget( $user->getUserPage() );
334  $logEntry->setComment( $reason );
335  $logEntry->setParameters( [
336  '4::oldgroups' => $oldGroups,
337  '5::newgroups' => $newGroups,
338  ] );
339  $logid = $logEntry->insert();
340  $logEntry->publish( $logid );
341  }
342 
347  function editUserGroupsForm( $username ) {
348  $status = $this->fetchUser( $username );
349  if ( !$status->isOK() ) {
350  $this->getOutput()->addWikiText( $status->getWikiText() );
351 
352  return;
353  } else {
354  $user = $status->value;
355  }
356 
357  $groups = $user->getGroups();
358 
359  $this->showEditUserGroupsForm( $user, $groups );
360 
361  // This isn't really ideal logging behavior, but let's not hide the
362  // interwiki logs if we're using them as is.
363  $this->showLogFragment( $user, $this->getOutput() );
364  }
365 
374  public function fetchUser( $username ) {
375  $parts = explode( $this->getConfig()->get( 'UserrightsInterwikiDelimiter' ), $username );
376  if ( count( $parts ) < 2 ) {
377  $name = trim( $username );
378  $database = '';
379  } else {
380  list( $name, $database ) = array_map( 'trim', $parts );
381 
382  if ( $database == wfWikiID() ) {
383  $database = '';
384  } else {
385  if ( !$this->getUser()->isAllowed( 'userrights-interwiki' ) ) {
386  return Status::newFatal( 'userrights-no-interwiki' );
387  }
388  if ( !UserRightsProxy::validDatabase( $database ) ) {
389  return Status::newFatal( 'userrights-nodatabase', $database );
390  }
391  }
392  }
393 
394  if ( $name === '' ) {
395  return Status::newFatal( 'nouserspecified' );
396  }
397 
398  if ( $name[0] == '#' ) {
399  // Numeric ID can be specified...
400  // We'll do a lookup for the name internally.
401  $id = intval( substr( $name, 1 ) );
402 
403  if ( $database == '' ) {
404  $name = User::whoIs( $id );
405  } else {
406  $name = UserRightsProxy::whoIs( $database, $id );
407  }
408 
409  if ( !$name ) {
410  return Status::newFatal( 'noname' );
411  }
412  } else {
413  $name = User::getCanonicalName( $name );
414  if ( $name === false ) {
415  // invalid name
416  return Status::newFatal( 'nosuchusershort', $username );
417  }
418  }
419 
420  if ( $database == '' ) {
421  $user = User::newFromName( $name );
422  } else {
423  $user = UserRightsProxy::newFromName( $database, $name );
424  }
425 
426  if ( !$user || $user->isAnon() ) {
427  return Status::newFatal( 'nosuchusershort', $username );
428  }
429 
430  return Status::newGood( $user );
431  }
432 
440  public function makeGroupNameList( $ids ) {
441  if ( empty( $ids ) ) {
442  return $this->msg( 'rightsnone' )->inContentLanguage()->text();
443  } else {
444  return implode( ', ', $ids );
445  }
446  }
447 
451  function switchForm() {
452  $this->getOutput()->addModules( 'mediawiki.userSuggest' );
453 
454  $this->getOutput()->addHTML(
455  Html::openElement(
456  'form',
457  [
458  'method' => 'get',
459  'action' => wfScript(),
460  'name' => 'uluser',
461  'id' => 'mw-userrights-form1'
462  ]
463  ) .
464  Html::hidden( 'title', $this->getPageTitle()->getPrefixedText() ) .
465  Xml::fieldset( $this->msg( 'userrights-lookup-user' )->text() ) .
466  Xml::inputLabel(
467  $this->msg( 'userrights-user-editname' )->text(),
468  'user',
469  'username',
470  30,
471  str_replace( '_', ' ', $this->mTarget ),
472  [
473  'class' => 'mw-autocomplete-user', // used by mediawiki.userSuggest
474  ] + (
475  // Set autofocus on blank input and error input
476  $this->mFetchedUser === null ? [ 'autofocus' => '' ] : []
477  )
478  ) . ' ' .
479  Xml::submitButton(
480  $this->msg(
481  'editusergroup',
482  $this->mFetchedUser === null ? '[]' : $this->mFetchedUser->getName()
483  )->text()
484  ) .
485  Html::closeElement( 'fieldset' ) .
486  Html::closeElement( 'form' ) . "\n"
487  );
488  }
489 
498  protected function splitGroups( $groups ) {
499  list( $addable, $removable, $addself, $removeself ) = array_values( $this->changeableGroups() );
500 
501  $removable = array_intersect(
502  array_merge( $this->isself ? $removeself : [], $removable ),
503  $groups
504  ); // Can't remove groups the user doesn't have
505  $addable = array_diff(
506  array_merge( $this->isself ? $addself : [], $addable ),
507  $groups
508  ); // Can't add groups the user does have
509 
510  return [ $addable, $removable ];
511  }
512 
519  protected function showEditUserGroupsForm( $user, $groups ) {
520  $list = [];
521  $membersList = [];
522  foreach ( $groups as $group ) {
523  $list[] = self::buildGroupLink( $group );
524  $membersList[] = self::buildGroupMemberLink( $group );
525  }
526 
527  $autoList = [];
528  $autoMembersList = [];
529  if ( $user instanceof User ) {
530  foreach ( Autopromote::getAutopromoteGroups( $user ) as $group ) {
531  $autoList[] = self::buildGroupLink( $group );
532  $autoMembersList[] = self::buildGroupMemberLink( $group );
533  }
534  }
535 
536  $language = $this->getLanguage();
537  $displayedList = $this->msg( 'userrights-groupsmember-type' )
538  ->rawParams(
539  $language->listToText( $list ),
540  $language->listToText( $membersList )
541  )->escaped();
542  $displayedAutolist = $this->msg( 'userrights-groupsmember-type' )
543  ->rawParams(
544  $language->listToText( $autoList ),
545  $language->listToText( $autoMembersList )
546  )->escaped();
547 
548  $grouplist = '';
549  $count = count( $list );
550  if ( $count > 0 ) {
551  $grouplist = $this->msg( 'userrights-groupsmember' )
552  ->numParams( $count )
553  ->params( $user->getName() )
554  ->parse();
555  $grouplist = '<p>' . $grouplist . ' ' . $displayedList . "</p>\n";
556  }
557 
558  $count = count( $autoList );
559  if ( $count > 0 ) {
560  $autogrouplistintro = $this->msg( 'userrights-groupsmember-auto' )
561  ->numParams( $count )
562  ->params( $user->getName() )
563  ->parse();
564  $grouplist .= '<p>' . $autogrouplistintro . ' ' . $displayedAutolist . "</p>\n";
565  }
566 
567  $userToolLinks = Linker::userToolLinks(
568  $user->getId(),
569  $user->getName(),
570  false, /* default for redContribsWhenNoEdits */
571  Linker::TOOL_LINKS_EMAIL /* Add "send e-mail" link */
572  );
573 
574  $this->getOutput()->addHTML(
575  Xml::openElement(
576  'form',
577  [
578  'method' => 'post',
579  'action' => $this->getPageTitle()->getLocalURL(),
580  'name' => 'editGroup',
581  'id' => 'mw-userrights-form2'
582  ]
583  ) .
584  Html::hidden( 'user', $this->mTarget ) .
585  Html::hidden( 'wpEditToken', $this->getUser()->getEditToken( $this->mTarget ) ) .
586  Html::hidden(
587  'conflictcheck-originalgroups',
588  implode( ',', $user->getGroups() )
589  ) . // Conflict detection
590  Xml::openElement( 'fieldset' ) .
591  Xml::element(
592  'legend',
593  [],
594  $this->msg( 'userrights-editusergroup', $user->getName() )->text()
595  ) .
596  $this->msg( 'editinguser' )->params( wfEscapeWikiText( $user->getName() ) )
597  ->rawParams( $userToolLinks )->parse() .
598  $this->msg( 'userrights-groups-help', $user->getName() )->parse() .
599  $grouplist .
600  $this->groupCheckboxes( $groups, $user ) .
601  Xml::openElement( 'table', [ 'id' => 'mw-userrights-table-outer' ] ) .
602  "<tr>
603  <td class='mw-label'>" .
604  Xml::label( $this->msg( 'userrights-reason' )->text(), 'wpReason' ) .
605  "</td>
606  <td class='mw-input'>" .
607  Xml::input( 'user-reason', 60, $this->getRequest()->getVal( 'user-reason', false ),
608  [ 'id' => 'wpReason', 'maxlength' => 255 ] ) .
609  "</td>
610  </tr>
611  <tr>
612  <td></td>
613  <td class='mw-submit'>" .
614  Xml::submitButton( $this->msg( 'saveusergroups', $user->getName() )->text(),
615  [ 'name' => 'saveusergroups' ] +
616  Linker::tooltipAndAccesskeyAttribs( 'userrights-set' )
617  ) .
618  "</td>
619  </tr>" .
620  Xml::closeElement( 'table' ) . "\n" .
621  Xml::closeElement( 'fieldset' ) .
622  Xml::closeElement( 'form' ) . "\n"
623  );
624  }
625 
632  private static function buildGroupLink( $group ) {
633  return User::makeGroupLinkHTML( $group, User::getGroupName( $group ) );
634  }
635 
642  private static function buildGroupMemberLink( $group ) {
643  return User::makeGroupLinkHTML( $group, User::getGroupMember( $group ) );
644  }
645 
650  protected static function getAllGroups() {
651  return User::getAllGroups();
652  }
653 
662  private function groupCheckboxes( $usergroups, $user ) {
663  $allgroups = $this->getAllGroups();
664  $ret = '';
665 
666  // Put all column info into an associative array so that extensions can
667  // more easily manage it.
668  $columns = [ 'unchangeable' => [], 'changeable' => [] ];
669 
670  foreach ( $allgroups as $group ) {
671  $set = in_array( $group, $usergroups );
672  // Should the checkbox be disabled?
673  $disabled = !(
674  ( $set && $this->canRemove( $group ) ) ||
675  ( !$set && $this->canAdd( $group ) ) );
676  // Do we need to point out that this action is irreversible?
677  $irreversible = !$disabled && (
678  ( $set && !$this->canAdd( $group ) ) ||
679  ( !$set && !$this->canRemove( $group ) ) );
680 
681  $checkbox = [
682  'set' => $set,
683  'disabled' => $disabled,
684  'irreversible' => $irreversible
685  ];
686 
687  if ( $disabled ) {
688  $columns['unchangeable'][$group] = $checkbox;
689  } else {
690  $columns['changeable'][$group] = $checkbox;
691  }
692  }
693 
694  // Build the HTML table
695  $ret .= Xml::openElement( 'table', [ 'class' => 'mw-userrights-groups' ] ) .
696  "<tr>\n";
697  foreach ( $columns as $name => $column ) {
698  if ( $column === [] ) {
699  continue;
700  }
701  // Messages: userrights-changeable-col, userrights-unchangeable-col
702  $ret .= Xml::element(
703  'th',
704  null,
705  $this->msg( 'userrights-' . $name . '-col', count( $column ) )->text()
706  );
707  }
708 
709  $ret .= "</tr>\n<tr>\n";
710  foreach ( $columns as $column ) {
711  if ( $column === [] ) {
712  continue;
713  }
714  $ret .= "\t<td style='vertical-align:top;'>\n";
715  foreach ( $column as $group => $checkbox ) {
716  $attr = $checkbox['disabled'] ? [ 'disabled' => 'disabled' ] : [];
717 
718  $member = User::getGroupMember( $group, $user->getName() );
719  if ( $checkbox['irreversible'] ) {
720  $text = $this->msg( 'userrights-irreversible-marker', $member )->text();
721  } else {
722  $text = $member;
723  }
724  $checkboxHtml = Xml::checkLabel( $text, "wpGroup-" . $group,
725  "wpGroup-" . $group, $checkbox['set'], $attr );
726  $ret .= "\t\t" . ( $checkbox['disabled']
727  ? Xml::tags( 'span', [ 'class' => 'mw-userrights-disabled' ], $checkboxHtml )
728  : $checkboxHtml
729  ) . "<br />\n";
730  }
731  $ret .= "\t</td>\n";
732  }
733  $ret .= Xml::closeElement( 'tr' ) . Xml::closeElement( 'table' );
734 
735  return $ret;
736  }
737 
742  private function canRemove( $group ) {
743  // $this->changeableGroups()['remove'] doesn't work, of course. Thanks, PHP.
744  $groups = $this->changeableGroups();
745 
746  return in_array(
747  $group,
748  $groups['remove'] ) || ( $this->isself && in_array( $group, $groups['remove-self'] )
749  );
750  }
751 
756  private function canAdd( $group ) {
757  $groups = $this->changeableGroups();
758 
759  return in_array(
760  $group,
761  $groups['add'] ) || ( $this->isself && in_array( $group, $groups['add-self'] )
762  );
763  }
764 
775  function changeableGroups() {
776  return $this->getUser()->changeableGroups();
777  }
778 
785  protected function showLogFragment( $user, $output ) {
786  $rightsLogPage = new LogPage( 'rights' );
787  $output->addHTML( Xml::element( 'h2', null, $rightsLogPage->getName()->text() ) );
788  LogEventsList::showLogExtract( $output, 'rights', $user->getUserPage() );
789  }
790 
799  public function prefixSearchSubpages( $search, $limit, $offset ) {
800  $user = User::newFromName( $search );
801  if ( !$user ) {
802  // No prefix suggestion for invalid user
803  return [];
804  }
805  // Autocomplete subpage as user list - public to allow caching
806  return UserNamePrefixSearch::search( 'public', $search, $limit, $offset );
807  }
808 
809  protected function getGroupName() {
810  return 'users';
811  }
812 }
User\newFromName
static newFromName($name, $validate= 'valid')
Static factory method for creation from username.
Definition: User.php:522
UserrightsPage\showEditUserGroupsForm
showEditUserGroupsForm($user, $groups)
Show the form to edit group memberships.
Definition: SpecialUserrights.php:519
Html\closeElement
static closeElement($element)
Returns "</$element>".
Definition: Html.php:306
User\whoIs
static whoIs($id)
Get the username corresponding to a given user ID.
Definition: User.php:744
list
deferred txt A few of the database updates required by various functions here can be deferred until after the result page is displayed to the user For updating the view updating the linked to tables after a etc PHP does not yet have any way to tell the server to actually return and disconnect while still running these but it might have such a feature in the future We handle these by creating a deferred update object and putting those objects on a global list
Definition: deferred.txt:11
UserrightsPage\userCanExecute
userCanExecute(User $user)
Definition: SpecialUserrights.php:52
$out
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition: hooks.txt:776
array
the array() calling protocol came about after MediaWiki 1.4rc1.
wfScript
wfScript($script= 'index')
Get the path to a specified script file, respecting file extensions; this is a wrapper around $wgScri...
Definition: GlobalFunctions.php:3226
Xml\element
static element($element, $attribs=null, $contents= '', $allowShortTag=true)
Format an XML element with given attributes and, optionally, text content.
Definition: Xml.php:39
UserrightsPage\buildGroupLink
static buildGroupLink($group)
Format a link to a group description page.
Definition: SpecialUserrights.php:632
UserRightsProxy\whoIs
static whoIs($database, $id, $ignoreInvalidDB=false)
Same as User::whoIs()
Definition: UserRightsProxy.php:75
User\getCanonicalName
static getCanonicalName($name, $validate= 'valid')
Given unvalidated user input, return a canonical username, or false if the username is invalid...
Definition: User.php:1082
Html\rawElement
static rawElement($element, $attribs=[], $contents= '')
Returns an HTML element in a string.
Definition: Html.php:210
UserRightsProxy\newFromName
static newFromName($database, $name, $ignoreInvalidDB=false)
Factory function; get a remote user entry by name.
Definition: UserRightsProxy.php:104
UserrightsPage\changeableGroups
changeableGroups()
Returns $this->getUser()->changeableGroups()
Definition: SpecialUserrights.php:775
UserrightsPage\fetchUser
fetchUser($username)
Normalize the input username, which may be local or remote, and return a user (or proxy) object for m...
Definition: SpecialUserrights.php:374
Html\hidden
static hidden($name, $value, array $attribs=[])
Convenience function to produce an input element with type=hidden.
Definition: Html.php:749
Xml\input
static input($name, $size=false, $value=false, $attribs=[])
Convenience function to build an HTML text input field.
Definition: Xml.php:275
UserrightsPage\splitGroups
splitGroups($groups)
Go through used and available groups and return the ones that this form will be able to manipulate ba...
Definition: SpecialUserrights.php:498
Xml\inputLabel
static inputLabel($label, $name, $id, $size=false, $value=false, $attribs=[])
Convenience function to build an HTML text input field with a label.
Definition: Xml.php:381
SpecialPage\msg
msg()
Wrapper around wfMessage that sets the current context.
Definition: SpecialPage.php:729
SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition: SpecialPage.php:658
Status\newFatal
static newFatal($message)
Factory function for fatal errors.
Definition: Status.php:89
UserrightsPage\userCanChangeRights
userCanChangeRights($user, $checkIfSelf=true)
Definition: SpecialUserrights.php:61
User\makeGroupLinkHTML
static makeGroupLinkHTML($group, $text= '')
Create a link to the group in HTML, if available; else return the group name.
Definition: User.php:4978
Linker\tooltipAndAccesskeyAttribs
static tooltipAndAccesskeyAttribs($name, array $msgParams=[])
Returns the attributes for the tooltip and access key.
Definition: Linker.php:2240
Xml\submitButton
static submitButton($value, $attribs=[])
Convenience function to build an HTML submit button When $wgUseMediaWikiUIEverywhere is true it will ...
Definition: Xml.php:460
SpecialPage\addHelpLink
addHelpLink($to, $overrideBaseUrl=false)
Adds help link with an icon via page indicators.
Definition: SpecialPage.php:768
Xml\label
static label($label, $id, $attribs=[])
Convenience function to build an HTML form label.
Definition: Xml.php:359
wfDebug
wfDebug($text, $dest= 'all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
Definition: GlobalFunctions.php:997
LogEventsList\showLogExtract
static showLogExtract(&$out, $types=[], $page= '', $user= '', $param=[])
Show log extract.
Definition: LogEventsList.php:559
User\getAllGroups
static getAllGroups()
Return the set of defined explicit groups.
Definition: User.php:4914
SpecialPage\outputHeader
outputHeader($summaryMessageKey= '')
Outputs a summary message on top of special pages Per default the message key is the canonical name o...
Definition: SpecialPage.php:566
LogPage
Class to simplify the use of log pages.
Definition: LogPage.php:32
User
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time).
Definition: User.php:47
Xml\fieldset
static fieldset($legend=false, $content=false, $attribs=[])
Shortcut for creating fieldsets.
Definition: Xml.php:578
Xml\closeElement
static closeElement($element)
Shortcut to close an XML element.
Definition: Xml.php:118
UserrightsPage\prefixSearchSubpages
prefixSearchSubpages($search, $limit, $offset)
Return an array of subpages beginning with $search that this special page will accept.
Definition: SpecialUserrights.php:799
SpecialPage
Parent class for all special pages.
Definition: SpecialPage.php:36
Html\openElement
static openElement($element, $attribs=[])
Identical to rawElement(), but has no third parameter and omits the end tag (and the self-closing '/'...
Definition: Html.php:248
wfEscapeWikiText
wfEscapeWikiText($text)
Escapes the given text so that it may be output using addWikiText() without any linking, formatting, etc.
Definition: GlobalFunctions.php:1666
UserrightsPage\switchForm
switchForm()
Output a form to allow searching for a user.
Definition: SpecialUserrights.php:451
UserrightsPage\execute
execute($par)
Manage forms to be shown according to posted data.
Definition: SpecialUserrights.php:81
UserRightsProxy\validDatabase
static validDatabase($database)
Confirm the selected database name is a valid local interwiki database name.
Definition: UserRightsProxy.php:62
UserNamePrefixSearch\search
static search($audience, $search, $limit, $offset=0)
Do a prefix search of user names and return a list of matching user names.
Definition: UserNamePrefixSearch.php:39
Xml\openElement
static openElement($element, $attribs=null)
This opens an XML element.
Definition: Xml.php:109
SpecialPage\getSkin
getSkin()
Shortcut to get the skin being used for this instance.
Definition: SpecialPage.php:678
SpecialPage\setHeaders
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes! ...
Definition: SpecialPage.php:467
UserrightsPage\doSaveUserGroups
doSaveUserGroups($user, $add, $remove, $reason= '')
Save user groups changes in the database.
Definition: SpecialUserrights.php:265
Autopromote\getAutopromoteGroups
static getAutopromoteGroups(User $user)
Get the groups for the given user based on $wgAutopromote.
Definition: Autopromote.php:35
MediaWiki\Auth\AuthManager\callLegacyAuthPlugin
static callLegacyAuthPlugin($method, array $params, $return=null)
Call a legacy AuthPlugin method, if necessary.
Definition: AuthManager.php:205
UserrightsPage\buildGroupMemberLink
static buildGroupMemberLink($group)
Format a link to a group member description page.
Definition: SpecialUserrights.php:642
Hooks\run
static run($event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
Definition: Hooks.php:131
text
design txt This is a brief overview of the new design More thorough and up to date information is available on the documentation wiki at etc Handles the details of getting and saving to the user table of the and dealing with sessions and cookies OutputPage Encapsulates the entire HTML page that will be sent in response to any server request It is used by calling its functions to add text
Definition: design.txt:12
wfWikiID
wfWikiID()
Get an ASCII string identifying this wiki This is used as a prefix in memcached keys.
Definition: GlobalFunctions.php:3099
UserBlockedError
Show an error when the user tries to do something whilst blocked.
Definition: UserBlockedError.php:27
$ret
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition: hooks.txt:1816
as
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition: distributors.txt:9
$user
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account $user
Definition: hooks.txt:242
User\getGroupName
static getGroupName($group)
Get the localized descriptive name for a group, if it exists.
Definition: User.php:4891
$output
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context the output can only depend on parameters provided to this hook not on global state indicating whether full HTML should be generated If generation of HTML may be but other information should still be present in the ParserOutput object & $output
Definition: hooks.txt:1020
UserrightsPage\groupCheckboxes
groupCheckboxes($usergroups, $user)
Adds a table with checkboxes where you can select what groups to add/remove.
Definition: SpecialUserrights.php:662
UserrightsPage\getAllGroups
static getAllGroups()
Returns an array of all groups that may be edited.
Definition: SpecialUserrights.php:650
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
$username
this hook is for auditing only or null if authentication failed before getting that far $username
Definition: hooks.txt:776
Xml\tags
static tags($element, $attribs=null, $contents)
Same as Xml::element(), but does not escape contents.
Definition: Xml.php:131
User\getGroupMember
static getGroupMember($group, $username= '#')
Get the localized descriptive name for a member of a group, if it exists.
Definition: User.php:4903
UserrightsPage\editUserGroupsForm
editUserGroupsForm($username)
Edit user groups membership.
Definition: SpecialUserrights.php:347
ManualLogEntry
Class for creating log entries manually, to inject them into the database.
Definition: LogEntry.php:394
$request
error also a ContextSource you ll probably need to make sure the header is varied on $request
Definition: hooks.txt:2458
SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition: SpecialPage.php:668
SpecialPage\getConfig
getConfig()
Shortcut to get main config object.
Definition: SpecialPage.php:697
UserrightsPage\addLogEntry
addLogEntry($user, $oldGroups, $newGroups, $reason)
Add a rights log entry for an action.
Definition: SpecialUserrights.php:330
PermissionsError
Show an error when a user tries to do something they do not have the necessary permissions for...
Definition: PermissionsError.php:28
Linker\userToolLinks
static userToolLinks($userId, $userText, $redContribsWhenNoEdits=false, $flags=0, $edits=null)
Generate standard user tool links (talk, contributions, block link, etc.)
Definition: Linker.php:1018
SpecialPage\getLanguage
getLanguage()
Shortcut to get user's language.
Definition: SpecialPage.php:688
UserrightsPage\saveUserGroups
saveUserGroups($username, $reason, $user)
Save user groups changes in the database.
Definition: SpecialUserrights.php:236
$limit
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context the output can only depend on parameters provided to this hook not on global state indicating whether full HTML should be generated If generation of HTML may be but other information should still be present in the ParserOutput object to manipulate or replace but no entry for that model exists in $wgContentHandlers if desired whether it is OK to use $contentModel on $title Handler functions that modify $ok should generally return false to prevent further hooks from further modifying $ok inclusive $limit
Definition: hooks.txt:1020
$status
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
Definition: hooks.txt:1020
UserrightsPage
Special page to allow managing user group membership.
Definition: SpecialUserrights.php:29
$count
$count
Definition: importImages.php:141
Xml\checkLabel
static checkLabel($label, $name, $id, $checked=false, $attribs=[])
Convenience function to build an HTML checkbox with a label.
Definition: Xml.php:420
SpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition: SpecialPage.php:648
UserrightsPage\showLogFragment
showLogFragment($user, $output)
Show a rights log fragment for the specified user.
Definition: SpecialUserrights.php:785
SpecialPage\checkReadOnly
checkReadOnly()
If the wiki is currently in readonly mode, throws a ReadOnlyError.
Definition: SpecialPage.php:302
Html\element
static element($element, $attribs=[], $contents= '')
Identical to rawElement(), but HTML-escapes $contents (like Xml::element()).
Definition: Html.php:230
Status\newGood
static newGood($value=null)
Factory function for good results.
Definition: Status.php:101
Linker\TOOL_LINKS_EMAIL
const TOOL_LINKS_EMAIL
Definition: Linker.php:39
SpecialPage\getPageTitle
getPageTitle($subpage=false)
Get a self-referential title object.
Definition: SpecialPage.php:611
$name
Allows to change the fields on the form that will be generated $name
Definition: hooks.txt:310