1c57794e37
ApiResult was a mess: some methods could only be used with an array
reference instead of manipulating the stored data, methods that had both
array-ref and internal-data versions had names that didn't at all
correspond, some methods that worked on an array reference were
annoyingly non-static, and then the whole mess with setIndexedTagName.
ApiFormatXml is also entirely annoying to deal with, as it liked to
throw exceptions if certain metadata wasn't provided that no other
formatter required. Its legacy also means we have this silly convention
of using empty-string rather than boolean true, annoying restrictions on
keys (leading to things that should be hashes being arrays of key-value
object instead), '*' used as a key all over the place, and so on.
So, changes here:
* ApiResult is no longer an ApiBase or a ContextSource.
* Wherever sensible, ApiResult provides a static method working on an
arrayref and a non-static method working on internal data.
* Metadata is now always added to ApiResult's internal data structure.
Formatters are responsible for stripping it if necessary. "raw mode"
is deprecated.
* New metadata to replace the '*' key, solve the array() => '[]' vs '{}'
question, and so on.
* New class for formatting warnings and errors using i18n messages, and
support for multiple errors and a more machine-readable format for
warnings. For the moment, though, the actual output will not be changing
yet (see T47843 for future plans).
* New formatversion parameter for format=json and format=php, to select
between BC mode and the modern output.
* In BC mode, booleans will be converted to empty-string presence style;
modules currently returning booleans will need to use
ApiResult::META_BC_BOOLS to preserve their current output.
Actual changes to the API modules' output (e.g. actually returning
booleans for the new formatversion) beyond the use of
ApiResult::setContentValue() are left for a future change.
Bug: T76728
Bug: T57371
Bug: T33629
Change-Id: I7b37295e8862b188d1f3b0cd07f66ac34629678f
328 lines
9.4 KiB
PHP
328 lines
9.4 KiB
PHP
<?php
|
|
/**
|
|
*
|
|
*
|
|
* Created on July 30, 2007
|
|
*
|
|
* Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
* http://www.gnu.org/copyleft/gpl.html
|
|
*
|
|
* @file
|
|
*/
|
|
|
|
/**
|
|
* Query module to get information about a list of users
|
|
*
|
|
* @ingroup API
|
|
*/
|
|
class ApiQueryUsers extends ApiQueryBase {
|
|
|
|
private $tokenFunctions, $prop;
|
|
|
|
/**
|
|
* Properties whose contents does not depend on who is looking at them. If the usprops field
|
|
* contains anything not listed here, the cache mode will never be public for logged-in users.
|
|
* @var array
|
|
*/
|
|
protected static $publicProps = array(
|
|
// everything except 'blockinfo' which might show hidden records if the user
|
|
// making the request has the appropriate permissions
|
|
'groups',
|
|
'implicitgroups',
|
|
'rights',
|
|
'editcount',
|
|
'registration',
|
|
'emailable',
|
|
'gender',
|
|
);
|
|
|
|
public function __construct( ApiQuery $query, $moduleName ) {
|
|
parent::__construct( $query, $moduleName, 'us' );
|
|
}
|
|
|
|
/**
|
|
* Get an array mapping token names to their handler functions.
|
|
* The prototype for a token function is func($user)
|
|
* it should return a token or false (permission denied)
|
|
* @deprecated since 1.24
|
|
* @return array Array of tokenname => function
|
|
*/
|
|
protected function getTokenFunctions() {
|
|
// Don't call the hooks twice
|
|
if ( isset( $this->tokenFunctions ) ) {
|
|
return $this->tokenFunctions;
|
|
}
|
|
|
|
// If we're in a mode that breaks the same-origin policy, no tokens can
|
|
// be obtained
|
|
if ( $this->lacksSameOriginSecurity() ) {
|
|
return array();
|
|
}
|
|
|
|
$this->tokenFunctions = array(
|
|
'userrights' => array( 'ApiQueryUsers', 'getUserrightsToken' ),
|
|
);
|
|
Hooks::run( 'APIQueryUsersTokens', array( &$this->tokenFunctions ) );
|
|
|
|
return $this->tokenFunctions;
|
|
}
|
|
|
|
/**
|
|
* @deprecated since 1.24
|
|
* @param User $user
|
|
* @return string
|
|
*/
|
|
public static function getUserrightsToken( $user ) {
|
|
global $wgUser;
|
|
|
|
// Since the permissions check for userrights is non-trivial,
|
|
// don't bother with it here
|
|
return $wgUser->getEditToken( $user->getName() );
|
|
}
|
|
|
|
public function execute() {
|
|
$params = $this->extractRequestParams();
|
|
|
|
if ( !is_null( $params['prop'] ) ) {
|
|
$this->prop = array_flip( $params['prop'] );
|
|
} else {
|
|
$this->prop = array();
|
|
}
|
|
|
|
$users = (array)$params['users'];
|
|
$goodNames = $done = array();
|
|
$result = $this->getResult();
|
|
// Canonicalize user names
|
|
foreach ( $users as $u ) {
|
|
$n = User::getCanonicalName( $u );
|
|
if ( $n === false || $n === '' ) {
|
|
$vals = array( 'name' => $u, 'invalid' => '' );
|
|
$fit = $result->addValue( array( 'query', $this->getModuleName() ),
|
|
null, $vals );
|
|
if ( !$fit ) {
|
|
$this->setContinueEnumParameter( 'users',
|
|
implode( '|', array_diff( $users, $done ) ) );
|
|
$goodNames = array();
|
|
break;
|
|
}
|
|
$done[] = $u;
|
|
} else {
|
|
$goodNames[] = $n;
|
|
}
|
|
}
|
|
|
|
$result = $this->getResult();
|
|
|
|
if ( count( $goodNames ) ) {
|
|
$this->addTables( 'user' );
|
|
$this->addFields( User::selectFields() );
|
|
$this->addWhereFld( 'user_name', $goodNames );
|
|
|
|
$this->showHiddenUsersAddBlockInfo( isset( $this->prop['blockinfo'] ) );
|
|
|
|
$data = array();
|
|
$res = $this->select( __METHOD__ );
|
|
$this->resetQueryParams();
|
|
|
|
// get user groups if needed
|
|
if ( isset( $this->prop['groups'] ) || isset( $this->prop['rights'] ) ) {
|
|
$userGroups = array();
|
|
|
|
$this->addTables( 'user' );
|
|
$this->addWhereFld( 'user_name', $goodNames );
|
|
$this->addTables( 'user_groups' );
|
|
$this->addJoinConds( array( 'user_groups' => array( 'INNER JOIN', 'ug_user=user_id' ) ) );
|
|
$this->addFields( array( 'user_name', 'ug_group' ) );
|
|
$userGroupsRes = $this->select( __METHOD__ );
|
|
|
|
foreach ( $userGroupsRes as $row ) {
|
|
$userGroups[$row->user_name][] = $row->ug_group;
|
|
}
|
|
}
|
|
|
|
foreach ( $res as $row ) {
|
|
// create user object and pass along $userGroups if set
|
|
// that reduces the number of database queries needed in User dramatically
|
|
if ( !isset( $userGroups ) ) {
|
|
$user = User::newFromRow( $row );
|
|
} else {
|
|
if ( !isset( $userGroups[$row->user_name] ) || !is_array( $userGroups[$row->user_name] ) ) {
|
|
$userGroups[$row->user_name] = array();
|
|
}
|
|
$user = User::newFromRow( $row, array( 'user_groups' => $userGroups[$row->user_name] ) );
|
|
}
|
|
$name = $user->getName();
|
|
|
|
$data[$name]['userid'] = $user->getId();
|
|
$data[$name]['name'] = $name;
|
|
|
|
if ( isset( $this->prop['editcount'] ) ) {
|
|
$data[$name]['editcount'] = $user->getEditCount();
|
|
}
|
|
|
|
if ( isset( $this->prop['registration'] ) ) {
|
|
$data[$name]['registration'] = wfTimestampOrNull( TS_ISO_8601, $user->getRegistration() );
|
|
}
|
|
|
|
if ( isset( $this->prop['groups'] ) ) {
|
|
$data[$name]['groups'] = $user->getEffectiveGroups();
|
|
}
|
|
|
|
if ( isset( $this->prop['implicitgroups'] ) ) {
|
|
$data[$name]['implicitgroups'] = $user->getAutomaticGroups();
|
|
}
|
|
|
|
if ( isset( $this->prop['rights'] ) ) {
|
|
$data[$name]['rights'] = $user->getRights();
|
|
}
|
|
if ( $row->ipb_deleted ) {
|
|
$data[$name]['hidden'] = '';
|
|
}
|
|
if ( isset( $this->prop['blockinfo'] ) && !is_null( $row->ipb_by_text ) ) {
|
|
$data[$name]['blockid'] = $row->ipb_id;
|
|
$data[$name]['blockedby'] = $row->ipb_by_text;
|
|
$data[$name]['blockedbyid'] = $row->ipb_by;
|
|
$data[$name]['blockedtimestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
|
|
$data[$name]['blockreason'] = $row->ipb_reason;
|
|
$data[$name]['blockexpiry'] = $row->ipb_expiry;
|
|
}
|
|
|
|
if ( isset( $this->prop['emailable'] ) && $user->canReceiveEmail() ) {
|
|
$data[$name]['emailable'] = '';
|
|
}
|
|
|
|
if ( isset( $this->prop['gender'] ) ) {
|
|
$gender = $user->getOption( 'gender' );
|
|
if ( strval( $gender ) === '' ) {
|
|
$gender = 'unknown';
|
|
}
|
|
$data[$name]['gender'] = $gender;
|
|
}
|
|
|
|
if ( !is_null( $params['token'] ) ) {
|
|
$tokenFunctions = $this->getTokenFunctions();
|
|
foreach ( $params['token'] as $t ) {
|
|
$val = call_user_func( $tokenFunctions[$t], $user );
|
|
if ( $val === false ) {
|
|
$this->setWarning( "Action '$t' is not allowed for the current user" );
|
|
} else {
|
|
$data[$name][$t . 'token'] = $val;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$context = $this->getContext();
|
|
// Second pass: add result data to $retval
|
|
foreach ( $goodNames as $u ) {
|
|
if ( !isset( $data[$u] ) ) {
|
|
$data[$u] = array( 'name' => $u );
|
|
$urPage = new UserrightsPage;
|
|
$urPage->setContext( $context );
|
|
$iwUser = $urPage->fetchUser( $u );
|
|
|
|
if ( $iwUser instanceof UserRightsProxy ) {
|
|
$data[$u]['interwiki'] = '';
|
|
|
|
if ( !is_null( $params['token'] ) ) {
|
|
$tokenFunctions = $this->getTokenFunctions();
|
|
|
|
foreach ( $params['token'] as $t ) {
|
|
$val = call_user_func( $tokenFunctions[$t], $iwUser );
|
|
if ( $val === false ) {
|
|
$this->setWarning( "Action '$t' is not allowed for the current user" );
|
|
} else {
|
|
$data[$u][$t . 'token'] = $val;
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
$data[$u]['missing'] = '';
|
|
}
|
|
} else {
|
|
if ( isset( $this->prop['groups'] ) && isset( $data[$u]['groups'] ) ) {
|
|
ApiResult::setIndexedTagName( $data[$u]['groups'], 'g' );
|
|
}
|
|
if ( isset( $this->prop['implicitgroups'] ) && isset( $data[$u]['implicitgroups'] ) ) {
|
|
ApiResult::setIndexedTagName( $data[$u]['implicitgroups'], 'g' );
|
|
}
|
|
if ( isset( $this->prop['rights'] ) && isset( $data[$u]['rights'] ) ) {
|
|
ApiResult::setIndexedTagName( $data[$u]['rights'], 'r' );
|
|
}
|
|
}
|
|
|
|
$fit = $result->addValue( array( 'query', $this->getModuleName() ),
|
|
null, $data[$u] );
|
|
if ( !$fit ) {
|
|
$this->setContinueEnumParameter( 'users',
|
|
implode( '|', array_diff( $users, $done ) ) );
|
|
break;
|
|
}
|
|
$done[] = $u;
|
|
}
|
|
$result->addIndexedTagName( array( 'query', $this->getModuleName() ), 'user' );
|
|
}
|
|
|
|
public function getCacheMode( $params ) {
|
|
if ( isset( $params['token'] ) ) {
|
|
return 'private';
|
|
} elseif ( array_diff( (array)$params['prop'], static::$publicProps ) ) {
|
|
return 'anon-public-user-private';
|
|
} else {
|
|
return 'public';
|
|
}
|
|
}
|
|
|
|
public function getAllowedParams() {
|
|
return array(
|
|
'prop' => array(
|
|
ApiBase::PARAM_DFLT => null,
|
|
ApiBase::PARAM_ISMULTI => true,
|
|
ApiBase::PARAM_TYPE => array(
|
|
'blockinfo',
|
|
'groups',
|
|
'implicitgroups',
|
|
'rights',
|
|
'editcount',
|
|
'registration',
|
|
'emailable',
|
|
'gender',
|
|
)
|
|
),
|
|
'users' => array(
|
|
ApiBase::PARAM_ISMULTI => true
|
|
),
|
|
'token' => array(
|
|
ApiBase::PARAM_DEPRECATED => true,
|
|
ApiBase::PARAM_TYPE => array_keys( $this->getTokenFunctions() ),
|
|
ApiBase::PARAM_ISMULTI => true
|
|
),
|
|
);
|
|
}
|
|
|
|
protected function getExamplesMessages() {
|
|
return array(
|
|
'action=query&list=users&ususers=Example&usprop=groups|editcount|gender'
|
|
=> 'apihelp-query+users-example-simple',
|
|
);
|
|
}
|
|
|
|
public function getHelpUrls() {
|
|
return 'https://www.mediawiki.org/wiki/API:Users';
|
|
}
|
|
}
|