| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Add $auto parameter to DatabaseBlockStore::newFromTarget and
::newListFromTarget, to help callers filter autoblocks from result
lists.
Change-Id: Iad92d205517eb50ab0ce5e8caae58ee761fe19d5
|
| |/
|
|
|
| |
Bug: T353458
Change-Id: I3cf44dfe5425f2efb8409c83571c427447b053af
|
| |
|
|
|
| |
Bug: T389452
Change-Id: Id7a3f565821231647fe75a24e9ef7efeeb157c5d
|
| |
|
|
|
| |
Bug: T353458
Change-Id: Ibe1810f1c71316a9124e1dc6ae405097dafd5267
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If multiple blocks exist for a given target but the wiki is in the
default/old mode with $wgEnableMultiBlocks=false and
$wgUseCodexSpecialBlock=false, attempting to reblock the user causes an
exception.
A race condition in the database has led to a few such multiblocks
existing in production wikis. This issue will soon be resolved by
migrating to multiblocks, so that the blocks will be allowed and can be
easily manipulated. The same error could occur in the future if
$wgEnableMultiBlocks is set to true and then rolled back.
So, catch the exception and show a regular error in the form instead.
Bug: T388743
Change-Id: I67c6ccc20f3c31ba4a4e5734de1641d626adb7f2
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Main change:
* Add a class hierarchy representing block targets, representing a
target and type.
* Add BlockTargetFactory, replacing BlockUtils.
* Add CrossWikiBlockTargetFactory, replacing BlockUtilsFactory.
* Construct a BlockTarget object early in the request flow and pass it
down through the layers, instead of having every layer interpret
UserIdentity|string target specifications.
Also:
* Remove Block::TYPE_ID. Nothing uses it in code search, so there's
no point in porting it to the new system.
* Stop using the type constants as specificity scores. Add
BlockTarget::getSpecificity().
* Add DatabaseBlockStore::newUnsaved() to replace direct construction of
DatabaseBlock in insertBlock() callers. There are many such callers in
tests. This is part of the effort to remove the service container
usage in DatabaseBlock::__construct().
* Make DatabaseBlock::getRangeStart() and getRangeEnd() return null if
the block is not a range, since that is convenient for their only
caller following the resolution of T51504.
* Add DatabaseBlock::getIpHex() which similarly maps to a DB field in
the new schema.
* In ApiBlock and ApiUnblock, have ParamValidator provide UserIdentity
objects instead of converting to a string and back to a UserIdentity
again.
Bug: T382106
Change-Id: I2ce1a82f3fbb3cf18aa2d17986d46dbdcc70c761
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The doc comment of newBlockPermissionChecker() describes the $target
parameter as being optional. The returned object does not need or use a
target when checkBasePermissions() or checkEmailPermissions() are
called. But failing to pass a target when calling
checkBlockPermissions() is incorrect. This was the subject of the
linked bug. If an admin is performing a block, self-unblock permissions
need to be checked, this is not optional.
This could be enforced at runtime, but it seems safer and simpler to
enforce it statically.
So, move $target from being a constructor parameter to being a formal
parameter of checkBlockPermissions(). This formal parameter will be
statically required after a deprecation period.
Deprecate newBlockPermissionChecker() and introduce newChecker(), using
a name with a slightly less than conventional verbosity to allow us to
change the parameter order. There is no $target parameter to
newChecker().
Backwards compatibility is supported by adding an internal mutator
method setTarget(). This can easily be removed after the deprecation
period is over.
In Special:Block, checkBlockPermissions() was called with $target=null
on form entry, meaning that the user could unblock themselves if the
target was specified in the URL, but could not unblock themselves by
searching with the form. This seems inconsistent. So allow blocked
admins to see the search form, but show an error when they try to block
or unblock someone other than themselves.
Bug: T384716
Change-Id: I8c26cdcc9b87b74bc458fe731cf7f170a2607150
|
| |
|
|
|
|
|
|
|
| |
Add $string === false or $string === null where $string can have other
types than a string.
Also document null as possible return value in FileRepo.
Change-Id: Iaa29ba01c3fd6bea506debdc6f929edfe881c808
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Same as Ia294bf4 did for 1-line comments. This patch removes slightly
more complex 2-line PHPDoc comments that don't add any new information
to the code, but literally repeat what the code already says.
They say "don't document the code, code the documentation", and we
are doing this more and more. We just tend to forget to remove the
obsolete comments.
Note I'm also removing a line of text in a few cases when it's very
short and literally says the same as the method name. Again, such
comments add zero new information.
Change-Id: I01535404bab458c6c47e48e5456403b7a64198ed
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the new Codex block page is enabled:
* In BlockLogFormatter, relabel the unblock link as "remove block". Link
to Special:Block?remove=1 instead of Special:Unblock.
* In BlockLogFormatter, pass the block ID to the special page using the
"id" parameter if it is available in log_params.
* In Special:Contributions and other special pages derived from
ContributionsSpecialPage, if the user is blocked, combine the
unblock/reblock links into a single "manage blocks" link.
Also:
* When blocking or unblocking, copy the block ID to log_params.
Associations from log_search are not available to LogFormatter
subclasses. There are many callers so copying this data is much
easier than querying log_search.
Bug: T378150
Change-Id: Ice0aa13291f8b38fc66d2a1524aef65ea17c8b27
|
| |
|
|
|
|
|
| |
"Sysop added a block for Target" instead of "Sysop blocked Target".
Bug: T378150
Change-Id: I2febf1bcb57d014e48bd58eecbdecaa3c2f9c724
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In ApiBlock:
* Add an "id" parameter. If this is given, update the specified block.
* Add a "newblock" parameter. If this is given, always add a new block,
don't check if the target is already blocked.
* If "reblock" is given and the target has more than one block, fail
with an "ambiguous-block" error.
Supporting changes:
* Add BlockUserFactory::newUpdateBlock(), which takes a DatabaseBlock
instead of a target union to act on. The block is passed through to
the BlockUser constructor.
* Rename the first parameter to BlockUser::placeBlock() from $reblock to
$conflictMode, and style it like an enum. Add the CONFLICT_NEW value,
to support the "newblock" API option.
* In DatabaseBlockStore::newFromId(), add $fromPrimary, so that ApiBlock
can pass data to BlockUserFactory with equivalent freshness to the
LHS.
Also:
* In BlockUser, memoize prior blocks loaded from the DB
* Move T287798 autoblock check to the memoized accessor. Just don't
return autoblocks.
* Move "TODO handle failure" comment in BlockUser to the called method.
It really can't fail.
* In DatabaseBlockStore::newFromId(), add an $includeExpired parameter
and default to false although it was previously implicitly true.
Based on a brief review of callers, I think this is beneficial.
Bug: T378147
Change-Id: Iea5b77cb27006b33f3dde61660be5ad2c374a425
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mostly used find-and-replace:
Find:
/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?)[\s\*]+/\s*(private|protected|public) (\$[a-z]\w+;\n)((?=\s*/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?))\n|)
Replace with:
\3 \1 \4
More could be done, but to keep this patch reasonably sized, I only
changed the most obvious and unambiguously correct cases.
In some cases, I also removed redundant doc comments on the
constructor, and re-ordered the properties to match the constructor.
Change-Id: I819ed771c915293663856c577a481d607b76ed80
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I088cbc53fbcdb974e5b05b45a62e91709dacc024
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This should act identical to before, apart for support of expiry before
unix epoch. This shouldn't be a real world use-case, rather the check
for a negative expiry was for PHP 5 support when -1 was returned instead
of false.
Bug: T248196
Change-Id: I803c99f20844a4ccf151b454e75f7d4d128f429c
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* The ability to block temporary account usernames with 'hideuser'
needs to be added so that we can hide the username of temporary
accounts in the case of accidental logged out edits by editors.
* This brings similar behaviour how IP addresses are hidden on
WMF wikis, as the IP addresses are hidden for logged out edits
using the suppression tool. Blocking the account with 'hideuser'
allows all edits to be hidden plus also prevent further editing
using that temporary account.
What:
* This reverts commit 878602ad970770a3576673f6a804effc33000076.
Bug: T355430
Change-Id: I7b38d2bf0155df479a179c69c91cfe1987bd234a
|
| |
|
|
|
|
|
| |
Changes to the use statements done automatically via script
Addition of missing use statements and changes to docs done manually
Change-Id: I443aada1c18c8628b02671aa9fd6f441961e5c2e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I was worried about the duration of gap locks in Special:Block, so I
moved some things out of the critical section.
* Load the user page ID before inserting the block
* Defer calling the BlockIpComplete hook. Production has PageTriage and
EventBus which do queries in this hook, but can apparently tolerate
being deferred.
On my test wiki I'm now measuring just 3ms lock time, although it's
probably slower in production.
Change-Id: I07567af29499407950b9c12cb83de38196b9863d
|
| |
|
|
| |
Change-Id: Iec3edc0543b3b4fadd1d8f91ae24cae7baae97e3
|
| |
|
|
|
|
|
|
|
|
| |
* Migrate callers of DatabaseBlock methods newListFromTarget,
newFromID, newFromTarget, doAutoblock.
* Deprecate DatabaseBlock methods newFromID and getAutoblockExpiry.
These are the methods with no extension callers in code search.
Bug: T255433
Change-Id: If0358459f53d32e7fe984c2fb8b61e0088f28922
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Make BlockManager internal methods private, since nothing calls them
anymore.
* In AbstractBlock and DatabaseBlock, remove deprecated public
properties mExpiry, mHideName, mTimestamp, mAuto and mParentBlockId.
* In BlockRestrictionStore, remove all the "instanceof Restriction"
checks. If someone passes in something that's not a Restriction, we
should throw, not ignore it, because we don't know the caller's
intention. Add a type declaration to $hasher in equals() so that it
will throw.
* Remove the "m" prefix from all private and protected properties.
AbstractBlock is not stable to override so this is not a stable
interface break.
* In BlockRestrictionStore::restrictionsToRemove(), use an O(N)
algorithm.
* In BlockRestrictionStore::rowToRestriction(), use a switch instead of
a type map, so that the calls are statically analyzable.
* In BlockUser::__construct(), fix the initialisation order issue by
inlining the relevant logic.
* Rename variable $actionRestriction.
* In Special:Block, fix call to deprecated method getTargetAndType(),
and hard deprecate it. @deprecated has the effect of deprecating a
method for both internal and external callers, there's no such thing
as an external-only deprecation. So it's necessary to rename it if you
want to keep it as a private method.
Bug: T345683
Change-Id: If4a4a18d7b5fec825417de81302266119c215fd3
|
| |/
|
|
|
| |
Bug: T166010
Change-Id: Ia2e5a7367cc8cdbd8a7b845ae2fd5d776ff22891
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Use a consistent single-line comment style.
* Start each sentence with a capital letter.
* Use imperative mood.
* Put a space between the adjective and the noun in "hardblock" and
"rangeblock".
* Capitalise acronyms.
* Break long lines.
* Remove excessively obvious or off-topic comments.
* Indent the non-initial lines of a multi-line @ command.
* Don't try to apply @deprecated to a parameter. Doxygen and PHPStorm
interpret this as method deprecation.
Bug: T345683
Change-Id: I7df126f7a031dde241dd46f66e5e83722f9b383c
|
| |
|
|
|
|
|
|
|
|
| |
This class is used heavily basically everywhere, moving it to Utils
wouldn't make much sense. Also with this change, we can move
StatusValue to MediaWiki\Status as well.
Bug: T321882
Depends-On: I5f89ecf27ce1471a74f31c6018806461781213c3
Change-Id: I04c1dcf5129df437589149f0f3e284974d7c98fa
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Ensure that temporary users cannot have their name hidden via a block.
Temporary users are now handled the same as IP users:
* SpecialBlock: the option to hide a user is disabled if the target
entered is a temporary user name
* BlockUser: the option to hide a user cannot be set to true if the
target is a temporary user; however a non-hiding block is still made
Bug: T343705
Change-Id: I47b2ca55797d4e7d9dc1b61d0368e1269ad0fd3c
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* A soft block against an IP address does not block logged-in
users, but it should block temporary users, otherwise anonymous
users can circumvent it by creating a temporary account.
What:
* Return a block for a temporary user if a soft block is found
against their IP address, from DatabaseBlock::newLoad
* Return soft blocks for temporary users in
BlockManager::getXffBlocks
* Update documentation to make clear that soft blocks apply to
temporary users, including where they are referred to as
anon-only blocks
Bug: T343714
Change-Id: I5a2928eb3370bd47544b164b08014ef62297ce36
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is moderately messy.
Process was principally:
* xargs rg --files-with-matches '^use Title;' | grep 'php$' | \
xargs -P 1 -n 1 sed -i -z 's/use Title;/use MediaWiki\\Title\\Title;/1'
* rg --files-without-match 'MediaWiki\\Title\\Title;' . | grep 'php$' | \
xargs rg --files-with-matches 'Title\b' | \
xargs -P 1 -n 1 sed -i -z 's/\nuse /\nuse MediaWiki\\Title\\Title;\nuse /1'
* composer fix
Then manual fix-ups for a few files that don't have any use statements.
Bug: T166010
Follows-Up: Ia5d8cb759dc3bc9e9bbe217d0fb109e2f8c4101a
Change-Id: If8fc9d0d95fc1a114021e282a706fc3e7da3524b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
These three classes:
- TitleArray
- TitleArrayFromResult
- TitleFactory
We need to move these and the rest of files under title/ to Title/ (and
namespace them) but the patch will become way too big given that Title class is
also one of them.
Bug: T321882
Change-Id: Iac1688172ee457348a08a470c86e047571feb8e0
|
| |
|
|
|
|
|
|
| |
Introduced in PHP 7.1. Because it's shorter and looks nice.
I used regex replacement.
Change-Id: I0555e199d126cd44501f859cb4589f8bd49694da
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now largely automated:
VARS=$(grep -o "'[A-Za-z0-9_]*'" includes/MainConfigNames.php | \
tr "\n" '|' | sed "s/|$/\n/;s/'//g")
sed -i -E "s/'($VARS)'/MainConfigNames::\1/g" \
$(grep -ERIl "'($VARS)'" includes/)
Then git add -p with lots of error-prone manual checking. Then
semi-manually add all the necessary "use" lines:
vim $(grep -L 'use MediaWiki\\MainConfigNames;' \
$(git diff --cached --name-only --diff-filter=M HEAD^))
I didn't bother fixing lines that were over 100 characters unless they
were over 120 and triggered phpcs.
Bug: T305805
Change-Id: I74e0ab511abecb276717ad4276a124760a268147
|
| |
|
|
|
|
|
|
| |
Use a local variable to allow phan to track the not-null part
Found by phan strict checks
Change-Id: I32e023d3dbd70e987c79527a6936209d62deffcf
|
| |
|
|
| |
Change-Id: I852453fbeeebdc4e34c0b35c0fdca4b4ab74fde9
|
| |
|
|
|
|
|
|
| |
Nothing to learn from these.
You can find a longer explanation in the comments in I93751e6.
Change-Id: I195aae70fc282b58be5b18160783f27d38605d15
|
| |
|
|
|
| |
Bug: T254646
Change-Id: I2b120f0b9c9e1dc1a6c216bfefa3f2463efe1001
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This seems to be a regression from 166ed5c.
DatabaseBlock::newFromTarget may return an autoblock for an IP
unless there is an existing manual block. If so, ignore it
because it is allowed to have an IP address both manually
blocked and autoblocked (see ipb_address_unique index).
Also add an integration test case.
Bug: T287798
Change-Id: I7c9a66ba0ffe759f43f4d0821c30fb94649d3dea
|
| |
|
|
|
|
|
| |
Make both loads use primary. Deduplication is left
for a future refactoring.
Change-Id: I54431beae69fcdc7a2864ebb3e06f91240fa7a00
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
composer:
* mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0
The following sniffs now pass and were enabled:
* Generic.ControlStructures.InlineControlStructure
* MediaWiki.PHPUnit.AssertCount.NotUsed
npm:
* svgo: 2.3.0 → 2.3.1
* https://npmjs.com/advisories/1754 (CVE-2021-33587)
Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
|
| |\ |
|
| | |
| |
| |
| |
| | |
Bug: T286490
Change-Id: Ice96180690828bcf2efd60faf6ad10d64307713d
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, BlockUser::placeBlockInternal attempted to insert
the new block with possible failure due to an existing block.
Regardless of the result, it would then retrieve the current
block which could be the just now inserted block. This one
was treated as the prior block and incorrectly provided to
the hook as such.
Refactor the method a little by retrieving the prior block
before attempting to insert a new one to make it more
efficient and to ensure the hook will have the correct value
for the prior block.
Change-Id: I70480ce32545f28f8317bb58f9c724d64cc54ccf
|
| |/
|
|
|
|
| |
deprecated since 1.36 and unused
Change-Id: I9d67d7f4294d175b536a518b2c89cd620773f7b9
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In order to allow Authority to know about user blocks,
we need a narrow interface to represent such blocks.
This deprecates some methods on AbstractBlocks in favor
of new methods on the Block interface that avoid binding to
the User class.
Bug: T271494
Change-Id: I7bb950533970984a014de0434518fbbefb695131
|
| |
|
|
|
| |
Bug: T279560
Change-Id: Icd6ba193a2ce7af83a074cd135470a5097638791
|
| |
|
|
|
| |
Bug: T269341
Change-Id: I5836d72960c3f9df874ac3348602e3f8e6322afa
|
| |
|
|
| |
Change-Id: Ie049cc18cac27203a38486d97b2b4d9f056bdd42
|
