api: Use a temp placeholder for signature on preview/pst

For pst on parse/compare/editstash/(all)revisions/(all)deletedrevisions

Do not show the IP when IP masking is enabled,
instead show a previous aquired temp name or a placeholder on preview.
MediaWiki itself used this for the ajax preview on GUI's action=edit

Cannot acquire a new unsaved temp user as api parse does not persist
the global session (each request results in a new id)
and it would require a db write on a read request.

Bug: T331397
Change-Id: I74bb4d655f371bd99e3b618d1a0ac45d730c746c

1 files changed, 29 insertions, 2 deletions

diff --git a/includes/api/ApiQueryRevisionsBase.php b/includes/api/ApiQueryRevisionsBase.php
index b1d583de736b..1634f42abc66 100644
--- a/includes/api/ApiQueryRevisionsBase.php
+++ b/includes/api/ApiQueryRevisionsBase.php
@@ -33,6 +33,8 @@ use MediaWiki\Revision\RevisionStore;
 use MediaWiki\Revision\SlotRecord;
 use MediaWiki\Revision\SlotRoleRegistry;
 use MediaWiki\Title\Title;
+use MediaWiki\User\TempUser\TempUserCreator;
+use MediaWiki\User\UserFactory;
 use Wikimedia\ParamValidator\ParamValidator;
 use Wikimedia\ParamValidator\TypeDef\EnumDef;
 use Wikimedia\ParamValidator\TypeDef\IntegerDef;
@@ -93,6 +95,12 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase {
 	/** @var CommentFormatter */
 	private $commentFormatter;
 
+	/** @var TempUserCreator */
+	private $tempUserCreator;
+
+	/** @var UserFactory */
+	private $userFactory;
+
 	/**
 	 * @since 1.37 Support injection of services
 	 * @stable to call
@@ -106,6 +114,8 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase {
 	 * @param ContentRenderer|null $contentRenderer
 	 * @param ContentTransformer|null $contentTransformer
 	 * @param CommentFormatter|null $commentFormatter
+	 * @param TempUserCreator|null $tempUserCreator
+	 * @param UserFactory|null $userFactory
 	 */
 	public function __construct(
 		ApiQuery $queryModule,
@@ -117,7 +127,9 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase {
 		SlotRoleRegistry $slotRoleRegistry = null,
 		ContentRenderer $contentRenderer = null,
 		ContentTransformer $contentTransformer = null,
-		CommentFormatter $commentFormatter = null
+		CommentFormatter $commentFormatter = null,
+		TempUserCreator $tempUserCreator = null,
+		UserFactory $userFactory = null
 	) {
 		parent::__construct( $queryModule, $moduleName, $paramPrefix );
 		// This class is part of the stable interface and
@@ -130,6 +142,8 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase {
 		$this->contentRenderer = $contentRenderer ?? $services->getContentRenderer();
 		$this->contentTransformer = $contentTransformer ?? $services->getContentTransformer();
 		$this->commentFormatter = $commentFormatter ?? $services->getCommentFormatter();
+		$this->tempUserCreator = $tempUserCreator ?? $services->getTempUserCreator();
+		$this->userFactory = $userFactory ?? $services->getUserFactory();
 	}
 
 	public function execute() {
@@ -698,7 +712,7 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase {
 							$difftocontent = $this->contentTransformer->preSaveTransform(
 								$difftocontent,
 								$title,
-								$this->getUser(),
+								$this->getUserForPreview(),
 								$popts
 							);
 						}
@@ -729,6 +743,19 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase {
 		return $vals;
 	}
 
+	private function getUserForPreview() {
+		$user = $this->getUser();
+		if ( !$user->isRegistered()
+			&& $this->tempUserCreator->isAutoCreateAction( 'edit' )
+			&& $user->isAllowed( 'createaccount' )
+		) {
+			return $this->userFactory->newUnsavedTempUser(
+				$this->tempUserCreator->getStashedNameOrPlaceholder( $this->getRequest()->getSession() )
+			);
+		}
+		return $user;
+	}
+
 	/**
 	 * @stable to override
 	 * @param array $params