From 65f04c763aa062d90a4c72cab222bb068a433aa0 Mon Sep 17 00:00:00 2001 From: Umherirrender Date: Mon, 17 Apr 2023 22:36:48 +0200 Subject: api: Use a temp placeholder for signature on preview/pst For pst on parse/compare/editstash/(all)revisions/(all)deletedrevisions Do not show the IP when IP masking is enabled, instead show a previous aquired temp name or a placeholder on preview. MediaWiki itself used this for the ajax preview on GUI's action=edit Cannot acquire a new unsaved temp user as api parse does not persist the global session (each request results in a new id) and it would require a db write on a read request. Bug: T331397 Change-Id: I74bb4d655f371bd99e3b618d1a0ac45d730c746c --- includes/api/ApiQueryRevisionsBase.php | 31 +++++++++++++++++++++++++++++-- 1 file changed, 29 insertions(+), 2 deletions(-) (limited to 'includes/api/ApiQueryRevisionsBase.php') diff --git a/includes/api/ApiQueryRevisionsBase.php b/includes/api/ApiQueryRevisionsBase.php index b1d583de736b..1634f42abc66 100644 --- a/includes/api/ApiQueryRevisionsBase.php +++ b/includes/api/ApiQueryRevisionsBase.php @@ -33,6 +33,8 @@ use MediaWiki\Revision\RevisionStore; use MediaWiki\Revision\SlotRecord; use MediaWiki\Revision\SlotRoleRegistry; use MediaWiki\Title\Title; +use MediaWiki\User\TempUser\TempUserCreator; +use MediaWiki\User\UserFactory; use Wikimedia\ParamValidator\ParamValidator; use Wikimedia\ParamValidator\TypeDef\EnumDef; use Wikimedia\ParamValidator\TypeDef\IntegerDef; @@ -93,6 +95,12 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase { /** @var CommentFormatter */ private $commentFormatter; + /** @var TempUserCreator */ + private $tempUserCreator; + + /** @var UserFactory */ + private $userFactory; + /** * @since 1.37 Support injection of services * @stable to call @@ -106,6 +114,8 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase { * @param ContentRenderer|null $contentRenderer * @param ContentTransformer|null $contentTransformer * @param CommentFormatter|null $commentFormatter + * @param TempUserCreator|null $tempUserCreator + * @param UserFactory|null $userFactory */ public function __construct( ApiQuery $queryModule, @@ -117,7 +127,9 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase { SlotRoleRegistry $slotRoleRegistry = null, ContentRenderer $contentRenderer = null, ContentTransformer $contentTransformer = null, - CommentFormatter $commentFormatter = null + CommentFormatter $commentFormatter = null, + TempUserCreator $tempUserCreator = null, + UserFactory $userFactory = null ) { parent::__construct( $queryModule, $moduleName, $paramPrefix ); // This class is part of the stable interface and @@ -130,6 +142,8 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase { $this->contentRenderer = $contentRenderer ?? $services->getContentRenderer(); $this->contentTransformer = $contentTransformer ?? $services->getContentTransformer(); $this->commentFormatter = $commentFormatter ?? $services->getCommentFormatter(); + $this->tempUserCreator = $tempUserCreator ?? $services->getTempUserCreator(); + $this->userFactory = $userFactory ?? $services->getUserFactory(); } public function execute() { @@ -698,7 +712,7 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase { $difftocontent = $this->contentTransformer->preSaveTransform( $difftocontent, $title, - $this->getUser(), + $this->getUserForPreview(), $popts ); } @@ -729,6 +743,19 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase { return $vals; } + private function getUserForPreview() { + $user = $this->getUser(); + if ( !$user->isRegistered() + && $this->tempUserCreator->isAutoCreateAction( 'edit' ) + && $user->isAllowed( 'createaccount' ) + ) { + return $this->userFactory->newUnsavedTempUser( + $this->tempUserCreator->getStashedNameOrPlaceholder( $this->getRequest()->getSession() ) + ); + } + return $user; + } + /** * @stable to override * @param array $params -- cgit v1.2.3