Most accesses to this value (other than technically incorrect use
via WebRequest::getVal), such as in various extensions,
call Action::getActionName($ctx) rather than MediaWiki::getAction
or the new RequestContext::getActionName.
Related changes recently:
* Introduced in 3fdfef96e4 (I1e259b54dca4).
* Primary caller optimised in d7beb0e4ec (I72ffc9f36613bf9).
* Warning for misuse added in Ib9fc34ca64b7c0e89.
This fixes a bug in DerivativeContext, which got exposed by the
ActionTest test cases, which happen to use DerivativeContext and
inheriting from the global RequestContext. That's not ideal for
the test to do, but did luckily help find this bug.
The issue is that when changing the title or wikipage, the action
cache be cleared and re-computed the next time it is accessed.
The RequestContext class (which is also a mutable context) does
the same and that is already covered by tests.
Bug: T314008
Depends-On: I8434442a61449c16981b19935f2dbdf18e4b4e50
Change-Id: I7d40e7ca4878d43fd7d7614d9c8cf8d29a8c7c4b
It currently becomes a string implicitly much later on based on the
default format. All other implementations return a string and for
messages that typically is formatted as text(). This should be done
explicitly as it is the responsibility of RevertAction to know this
message and how it is meant to be formatted to get the string that
the "getPageTitle" contract calls for.
This bug has been here since 2012 with change I2c6fad30e2c4eaebf122,
where the code changed from wfMsg (string, unlike wfMessage) to
`$this->msg` without calling a format.
Bug: T252946
Change-Id: Ibfa335952eb752515a31be6feb6749534bb2a7c4
Flow defines a lot of custom actions which are only implemented for its
own content type. This use case is not what we had in mind when
getActionOverrides() was introduced, but allowing it in ActionFactory
removes the need for Flow to write dummy ignored config to $wgActions.
Bug: T303237
Change-Id: I67c1ae95344b0004eb93023fae7e93de4e47888b
The functions returning null or the class property is set explict null
Found by phan strict checks
Change-Id: I4a271093fb6526564d8083a08249c64cb21f2453
As a security hardening measure to limit exposure on private wikis from
actions on $wgWhitelistRead pages, require an explicit 'read' right on
actions by default. Currently only ViewAction disables this check since
it does its own permissions checking.
This is somewhat duplicative of the permissions check in
MediaWiki::performRequest() but we'll call it defense in depth. It also
matches similar logic in the Action and REST APIs.
Bug: T34716
Bug: T297416
Change-Id: Ib2a6c08dc50c69c3ed6e5708ab72441a90fcd3e1
Inspired by T290004, attempting to solve that ticket will be done
in the next patch on this one.
Bug: T290004
Change-Id: I431e3eba1bcfb446a4ab60aa3d2189762ea9f65f
From within a specific action, the relevant context should
always point to that action, and so we can just use $this->getName()
Bug: T253078
Change-Id: I7d669fc199958cb86086985f954cd509a8957306
Once all actions are having dependencies injected,
those that need a hook container can just have it injected
instead of relying on the global state, which is what
Action::getHookContainer() and ::getHookRunner()
use.
Bug: T253078
Change-Id: I09c70703d4634f855620a56273a9ad924cf061a7
$wgActions used to map string action names to true,
false, a string, a callable, or an object. Now it can also
be an array (that isn't a callable) corresponding to an
ObjectFactory spec for DI.
This patch converts the revisiondelete and rollback actions to
use DI, with the rest to be converted later. The new structure
of $wgActions is fully backwards-compatible.
We don't yet deprecate Action::factory(), ::getActionName(),
and ::exists(), those will be deprecated in a follow-up.
Additionally, we no longer impose a rule that only some
actions can be overridden on a per-article basis via
Article::getActionOverrides().
Bug: T253078
Change-Id: I0fc3c53d671eced1758458f9a0148180b40c6c9b
When calling PermissionManager::isBlockedFrom, don't query the
primary database when only showing UI elements.
Bug: T283268
Change-Id: I9a79badf8a7cfb6afc7b4d12e4f1fbb5c24b6a86
Action::factory() now requires a string and an article object,
dropping the deprecated support for null as the action name
and a non-article Page object.
Change-Id: I1e73a4638edb6f3aa14822b655d977da177d01bd
For compliance with the new version of the table interface policy
(T255803).
This patch was created by an automated search & replace operation
on the includes/ directory.
Bug: T257789
Change-Id: Ie32c1b11b3d16ddfc0c83a757327d449ff80b2e4
For compliance with the new version of the table interface policy
(T255803).
This patch was created by an automated search & replace operation
on the includes/ directory.
Bug: T257789
Change-Id: I5ffbb91882ecce2019ab644839eab5e8fb8a1c5f
For compliance with the new version of the table interface policy
(T255803).
This patch was created by an automated search & replace operation
on the includes/ directory.
Bug: T257789
Change-Id: If560596f5e1e0a3da91afc36e656e7c27f040968
A terminating line break has not been required in wfDebug() since 2014,
however no migration was done. Some of these line breaks found their way
into LoggerInterface::debug() calls, where they mess up the formatting
of the debug log.
So, remove terminating line breaks from wfDebug() and
LoggerInterface::debug() calls.
Also:
* Fix the stripping of leading line breaks from the log header emitted
by Setup.php. This feature, accidentally broken in 2014, allows
requests to be distinguished in the log file.
* Avoid using the global variable $self.
* Move the logging of the client IP back to Setup.php. It was moved to
WebRequest in the hopes that it would not always be needed, however
$wgRequest->getIP() is now called unconditionally a few lines up in
Setup.php. This means that it is put in its proper place after the
"start request" message.
* Wrap the log header code in a closure so that variables like $name do
not leak into global scope.
* In Linker.php, remove a few instances of an unnecessary second
parameter to wfDebug().
Change-Id: I96651d3044a95b9d210b51cb8368edc76bebbb9e
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
This partialy reverts commit 07f57bd271.
Reason for revert: Article::newFromWikiPage causes an infinite loop
if 'ArticleFromTitle' hook handler ends up calling Action::getActionName.
The revert preserves new getArticle and getWikiPage methods since there
are a few extension changes merged dependent on these. Alternatively this partial revert, we could do a full revert with all the dependencies https://gerrit.wikimedia.org/r/c/mediawiki/core/+/585343
Bug: T249162
Change-Id: Ifa642a631caa2d265ee097711dc8727f84435ef0
This is a first step in the split. This keeps b/c for
constructing the Action with a WikiPage, but is deprecated.
Introduces article accessor to remove direct access to
Action::page property.
Action::page property is deprecated for direct access.
Use Action::getArticle or Action::getWikiPage instead.
Bug: T239975
Change-Id: Ib8eb8a141b4b7cb72ff65afbcd17385fcc6b3b1c
This is a collection of random bits from my local stashes. This patch
intentionally only touches comments, no code.
Notably:
* Use more specific string[] instead of array, if possible.
* Some comments mention "or null", but miss to list the type.
Change-Id: I712b28964f125c8e3dcb4e3fb993757a09f96644
Repeating the variable name doesn't do anything. Documentation
generators don't need it. It's more stuff to read that doesn't add new
information. And it can become outdated.
Note there are two types of @var docs. When used inline (and not on a
class property) the variable name is needed.
Change-Id: If5a520405efacd8cefd90b878c999b842b91ac61
Accept these objects as params to the UserBlockedError constructor,
since they are used to make the block error message. Pass them from
SpecialPages, Actions and EditPage.
If a caller does not pass all of these params, get them from the
global context as before.
Bug: T234406
Change-Id: Ie8ef047d2710c523b67bfc54fa2ad70fc47c5236
~ Move local variable $obj to one liner as it's redundant in
this case.
~ Use === check instead of == as in order case above for the
purpose of consistency.
~ Make use of single quotes for strings literals instead of
double quotes.
Change-Id: I69650cacb0658a7369147ea5e9933fb5585e3376
The method over-enforces partial blocks by preventing users from performing
the action on unrelated pages.
Bug: T209284
Change-Id: I4ee0e7c0188d491cf8fc0bbbbf7e492cdf309f45
Uses new PHP 5.6 syntax like ...parameter unpacking and
calling anything looking like a callback to make the code more readable.
There are much more occurrences but this commit is intentionally limited
to an easily reviewable size.
Change-Id: Idcec077ef3fdf029b632cceafd0150851ad723e3
And auto-fix all errors.
The `<exclude-pattern>` stanzas are now included in the default ruleset
and don't need to be repeated.
Change-Id: I928af549dc88ac2c6cb82058f64c7c7f3111598a
Having such comments is worse than not having them. They add zero
information. But you must read the text to understand there is
nothing you don't already know from the class and the method name.
Change-Id: I994d11e05f202b880390723e148d79c72cca29f0
Note: calling msg() with no parameter was never supported,
doing this on a RequestContext for example would result in:
PHP Warning: Missing argument 1 for wfMessage() ...followed
by a bunch of fallout.
So this patch only formally declares what was already a
requirement in reality.
Change-Id: I1864afb8bcc641698689828914949a06506d8f3a
