X-Git-Url: https://scripts.mit.edu/gitweb/autoinstallsdev/mediawiki.git/blobdiff_plain/b311bee4b7600bfbf2500bfae0f994719c620a8e..HEAD:/includes/ProtectionForm.php diff --git a/includes/ProtectionForm.php b/includes/ProtectionForm.php index 5fe3cbc7..53608e84 100644 --- a/includes/ProtectionForm.php +++ b/includes/ProtectionForm.php @@ -1,7 +1,9 @@ - * http://www.mediawiki.org/ + * Page protection + * + * Copyright © 2005 Brion Vibber + * https://www.mediawiki.org/ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,65 +19,92 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * http://www.gnu.org/copyleft/gpl.html + * + * @file */ +use MediaWiki\MediaWikiServices; /** * Handles the page protection UI and backend */ class ProtectionForm { - /** A map of action to restriction level, from request or default */ - var $mRestrictions = array(); + /** @var array A map of action to restriction level, from request or default */ + protected $mRestrictions = []; - /** The custom/additional protection reason */ - var $mReason = ''; + /** @var string The custom/additional protection reason */ + protected $mReason = ''; - /** The reason selected from the list, blank for other/additional */ - var $mReasonSelection = ''; + /** @var string The reason selected from the list, blank for other/additional */ + protected $mReasonSelection = ''; - /** True if the restrictions are cascading, from request or existing protection */ - var $mCascade = false; + /** @var bool True if the restrictions are cascading, from request or existing protection */ + protected $mCascade = false; - /** Map of action to "other" expiry time. Used in preference to mExpirySelection. */ - var $mExpiry = array(); + /** @var array Map of action to "other" expiry time. Used in preference to mExpirySelection. */ + protected $mExpiry = []; - /** - * Map of action to value selected in expiry drop-down list. - * Will be set to 'othertime' whenever mExpiry is set. + /** + * @var array Map of action to value selected in expiry drop-down list. + * Will be set to 'othertime' whenever mExpiry is set. */ - var $mExpirySelection = array(); + protected $mExpirySelection = []; + + /** @var array Permissions errors for the protect action */ + protected $mPermErrors = []; - /** Permissions errors for the protect action */ - var $mPermErrors = array(); + /** @var array Types (i.e. actions) for which levels can be selected */ + protected $mApplicableTypes = []; - /** Types (i.e. actions) for which levels can be selected */ - var $mApplicableTypes = array(); + /** @var array Map of action to the expiry time of the existing protection */ + protected $mExistingExpiry = []; - /** Map of action to the expiry time of the existing protection */ - var $mExistingExpiry = array(); + /** @var IContextSource */ + private $mContext; function __construct( Article $article ) { - global $wgRequest, $wgUser; - global $wgRestrictionTypes, $wgRestrictionLevels; + // Set instance variables. $this->mArticle = $article; - $this->mTitle = $article->mTitle; - $this->mApplicableTypes = $this->mTitle->exists() ? $wgRestrictionTypes : array('create'); + $this->mTitle = $article->getTitle(); + $this->mApplicableTypes = $this->mTitle->getRestrictionTypes(); + $this->mContext = $article->getContext(); + + // Check if the form should be disabled. + // If it is, the form will be available in read-only to show levels. + $this->mPermErrors = $this->mTitle->getUserPermissionsErrors( + 'protect', + $this->mContext->getUser(), + $this->mContext->getRequest()->wasPosted() ? 'secure' : 'full' // T92357 + ); + if ( wfReadOnly() ) { + $this->mPermErrors[] = [ 'readonlytext', wfReadOnlyReason() ]; + } + $this->disabled = $this->mPermErrors != []; + $this->disabledAttrib = $this->disabled + ? [ 'disabled' => 'disabled' ] + : []; - $this->mCascade = $this->mTitle->areRestrictionsCascading(); + $this->loadData(); + } - // The form will be available in read-only to show levels. - $this->mPermErrors = $this->mTitle->getUserPermissionsErrors('protect',$wgUser); - $this->disabled = wfReadOnly() || $this->mPermErrors != array(); - $this->disabledAttrib = $this->disabled - ? array( 'disabled' => 'disabled' ) - : array(); + /** + * Loads the current state of protection into the object. + */ + function loadData() { + $levels = MWNamespace::getRestrictionLevels( + $this->mTitle->getNamespace(), $this->mContext->getUser() + ); + $this->mCascade = $this->mTitle->areRestrictionsCascading(); - $this->mReason = $wgRequest->getText( 'mwProtect-reason' ); - $this->mReasonSelection = $wgRequest->getText( 'wpProtectReasonSelection' ); - $this->mCascade = $wgRequest->getBool( 'mwProtect-cascade', $this->mCascade ); + $request = $this->mContext->getRequest(); + $this->mReason = $request->getText( 'mwProtect-reason' ); + $this->mReasonSelection = $request->getText( 'wpProtectReasonSelection' ); + $this->mCascade = $request->getBool( 'mwProtect-cascade', $this->mCascade ); - foreach( $this->mApplicableTypes as $action ) { - // Fixme: this form currently requires individual selections, + foreach ( $this->mApplicableTypes as $action ) { + // @todo FIXME: This form currently requires individual selections, // but the db allows multiples separated by commas. + + // Pull the actual restriction from the DB $this->mRestrictions[$action] = implode( '', $this->mTitle->getRestrictions( $action ) ); if ( !$this->mRestrictions[$action] ) { @@ -86,8 +115,8 @@ class ProtectionForm { } $this->mExistingExpiry[$action] = $existingExpiry; - $requestExpiry = $wgRequest->getText( "mwProtect-expiry-$action" ); - $requestExpirySelection = $wgRequest->getVal( "wpProtectExpirySelection-$action" ); + $requestExpiry = $request->getText( "mwProtect-expiry-$action" ); + $requestExpirySelection = $request->getVal( "wpProtectExpirySelection-$action" ); if ( $requestExpiry ) { // Custom expiry takes precedence @@ -97,39 +126,30 @@ class ProtectionForm { // Expiry selected from list $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = $requestExpirySelection; - } elseif ( $existingExpiry == 'infinity' ) { - // Existing expiry is infinite, use "infinite" in drop-down - $this->mExpiry[$action] = ''; - $this->mExpirySelection[$action] = 'infinite'; } elseif ( $existingExpiry ) { // Use existing expiry in its own list item $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = $existingExpiry; } else { + // Catches 'infinity' - Existing expiry is infinite, use "infinite" in drop-down // Final default: infinite $this->mExpiry[$action] = ''; $this->mExpirySelection[$action] = 'infinite'; } - $val = $wgRequest->getVal( "mwProtect-level-$action" ); - if( isset( $val ) && in_array( $val, $wgRestrictionLevels ) ) { - // Prevent users from setting levels that they cannot later unset - if( $val == 'sysop' ) { - // Special case, rewrite sysop to either protect and editprotected - if( !$wgUser->isAllowed('protect') && !$wgUser->isAllowed('editprotected') ) - continue; - } else { - if( !$wgUser->isAllowed($val) ) - continue; - } + $val = $request->getVal( "mwProtect-level-$action" ); + if ( isset( $val ) && in_array( $val, $levels ) ) { $this->mRestrictions[$action] = $val; } } } - /** + /** * Get the expiry time for a given action, by combining the relevant inputs. - * Returns a 14-char timestamp or "infinity", or false if the input was invalid + * + * @param string $action + * + * @return string|false 14-char timestamp or "infinity", or false if the input was invalid */ function getExpiry( $action ) { if ( $this->mExpirySelection[$action] == 'existing' ) { @@ -139,8 +159,8 @@ class ProtectionForm { } else { $value = $this->mExpirySelection[$action]; } - if ( $value == 'infinite' || $value == 'indefinite' || $value == 'infinity' ) { - $time = Block::infinity(); + if ( wfIsInfinity( $value ) ) { + $time = 'infinity'; } else { $unix = strtotime( $value ); @@ -148,234 +168,278 @@ class ProtectionForm { return false; } - // Fixme: non-qualified absolute times are not in users specified timezone + // @todo FIXME: Non-qualified absolute times are not in users specified timezone // and there isn't notice about it in the ui $time = wfTimestamp( TS_MW, $unix ); } return $time; } + /** + * Main entry point for action=protect and action=unprotect + */ function execute() { - global $wgRequest, $wgOut; - if( $wgRequest->wasPosted() ) { - if( $this->save() ) { + if ( MWNamespace::getRestrictionLevels( $this->mTitle->getNamespace() ) === [ '' ] ) { + throw new ErrorPageError( 'protect-badnamespace-title', 'protect-badnamespace-text' ); + } + + if ( $this->mContext->getRequest()->wasPosted() ) { + if ( $this->save() ) { $q = $this->mArticle->isRedirect() ? 'redirect=no' : ''; - $wgOut->redirect( $this->mTitle->getFullUrl( $q ) ); + $this->mContext->getOutput()->redirect( $this->mTitle->getFullURL( $q ) ); } } else { $this->show(); } } + /** + * Show the input form with optional error message + * + * @param string $err Error message or null if there's no error + */ function show( $err = null ) { - global $wgOut, $wgUser; - - $wgOut->setRobotPolicy( 'noindex,nofollow' ); + $out = $this->mContext->getOutput(); + $out->setRobotPolicy( 'noindex,nofollow' ); + $out->addBacklinkSubtitle( $this->mTitle ); + + if ( is_array( $err ) ) { + $out->wrapWikiMsg( "

\n$1\n

\n", $err ); + } elseif ( is_string( $err ) ) { + $out->addHTML( "

{$err}

\n" ); + } - if( is_null( $this->mTitle ) || - $this->mTitle->getNamespace() == NS_MEDIAWIKI ) { - $wgOut->showFatalError( wfMsg( 'badarticleerror' ) ); + if ( $this->mTitle->getRestrictionTypes() === [] ) { + // No restriction types available for the current title + // this might happen if an extension alters the available types + $out->setPageTitle( $this->mContext->msg( + 'protect-norestrictiontypes-title', + $this->mTitle->getPrefixedText() + ) ); + $out->addWikiText( $this->mContext->msg( 'protect-norestrictiontypes-text' )->plain() ); + + // Show the log in case protection was possible once + $this->showLogExtract( $out ); + // return as there isn't anything else we can do return; } list( $cascadeSources, /* $restrictions */ ) = $this->mTitle->getCascadeProtectionSources(); - - if ( "" != $err ) { - $wgOut->setSubtitle( wfMsgHtml( 'formerror' ) ); - $wgOut->addHTML( "

{$err}

\n" ); - } - - if ( $cascadeSources && count($cascadeSources) > 0 ) { + if ( $cascadeSources && count( $cascadeSources ) > 0 ) { $titles = ''; foreach ( $cascadeSources as $title ) { $titles .= '* [[:' . $title->getPrefixedText() . "]]\n"; } - $wgOut->wrapWikiMsg( "$1\n$titles", array( 'protect-cascadeon', count($cascadeSources) ) ); + /** @todo FIXME: i18n issue, should use formatted number. */ + $out->wrapWikiMsg( + "
\n$1\n" . $titles . "
", + [ 'protect-cascadeon', count( $cascadeSources ) ] + ); } - $sk = $wgUser->getSkin(); - $titleLink = $sk->makeLinkObj( $this->mTitle ); - $wgOut->setPageTitle( wfMsg( 'protect-title', $this->mTitle->getPrefixedText() ) ); - $wgOut->setSubtitle( wfMsg( 'protect-backlink', $titleLink ) ); - # Show an appropriate message if the user isn't allowed or able to change # the protection settings at this time - if( $this->disabled ) { - if( wfReadOnly() ) { - $wgOut->readOnlyPage(); - } elseif( $this->mPermErrors ) { - $wgOut->addWikiText( $wgOut->formatPermissionsErrorMessage( $this->mPermErrors ) ); - } + if ( $this->disabled ) { + $out->setPageTitle( + $this->mContext->msg( 'protect-title-notallowed', + $this->mTitle->getPrefixedText() ) + ); + $out->addWikiText( $out->formatPermissionsErrorMessage( $this->mPermErrors, 'protect' ) ); } else { - $wgOut->addWikiMsg( 'protect-text', $this->mTitle->getPrefixedText() ); + $out->setPageTitle( $this->mContext->msg( 'protect-title', $this->mTitle->getPrefixedText() ) ); + $out->addWikiMsg( 'protect-text', + wfEscapeWikiText( $this->mTitle->getPrefixedText() ) ); } - $wgOut->addHTML( $this->buildForm() ); - - $this->showLogExtract( $wgOut ); + $out->addHTML( $this->buildForm() ); + $this->showLogExtract( $out ); } + /** + * Save submitted protection form + * + * @return bool Success + */ function save() { - global $wgRequest, $wgUser, $wgOut; # Permission check! if ( $this->disabled ) { $this->show(); return false; } - $token = $wgRequest->getVal( 'wpEditToken' ); - if ( !$wgUser->matchEditToken( $token ) ) { - $this->show( wfMsg( 'sessionfailure' ) ); + $request = $this->mContext->getRequest(); + $user = $this->mContext->getUser(); + $out = $this->mContext->getOutput(); + $token = $request->getVal( 'wpEditToken' ); + if ( !$user->matchEditToken( $token, [ 'protect', $this->mTitle->getPrefixedDBkey() ] ) ) { + $this->show( [ 'sessionfailure' ] ); return false; } - + # Create reason string. Use list and/or custom string. $reasonstr = $this->mReasonSelection; if ( $reasonstr != 'other' && $this->mReason != '' ) { // Entry from drop down menu + additional comment - $reasonstr .= wfMsgForContent( 'colon-separator' ) . $this->mReason; + $reasonstr .= $this->mContext->msg( 'colon-separator' )->text() . $this->mReason; } elseif ( $reasonstr == 'other' ) { $reasonstr = $this->mReason; } - $expiry = array(); - foreach( $this->mApplicableTypes as $action ) { + $expiry = []; + foreach ( $this->mApplicableTypes as $action ) { $expiry[$action] = $this->getExpiry( $action ); - if( empty($this->mRestrictions[$action]) ) + if ( empty( $this->mRestrictions[$action] ) ) { continue; // unprotected + } if ( !$expiry[$action] ) { - $this->show( wfMsg( 'protect_expiry_invalid' ) ); + $this->show( [ 'protect_expiry_invalid' ] ); return false; } if ( $expiry[$action] < wfTimestampNow() ) { - $this->show( wfMsg( 'protect_expiry_old' ) ); + $this->show( [ 'protect_expiry_old' ] ); return false; } } - # They shouldn't be able to do this anyway, but just to make sure, ensure that cascading restrictions aren't being applied - # to a semi-protected page. - global $wgGroupPermissions; + $this->mCascade = $request->getBool( 'mwProtect-cascade' ); - $edit_restriction = $this->mRestrictions['edit']; - $this->mCascade = $wgRequest->getBool( 'mwProtect-cascade' ); - if ($this->mCascade && ($edit_restriction != 'protect') && - !(isset($wgGroupPermissions[$edit_restriction]['protect']) && $wgGroupPermissions[$edit_restriction]['protect'] ) ) - $this->mCascade = false; + $status = $this->mArticle->doUpdateRestrictions( + $this->mRestrictions, + $expiry, + $this->mCascade, + $reasonstr, + $user + ); - if ($this->mTitle->exists()) { - $ok = $this->mArticle->updateRestrictions( $this->mRestrictions, $reasonstr, $this->mCascade, $expiry ); - } else { - $ok = $this->mTitle->updateTitleProtection( $this->mRestrictions['create'], $reasonstr, $expiry['create'] ); + if ( !$status->isOK() ) { + $this->show( $out->parseInline( $status->getWikiText() ) ); + return false; } - if( !$ok ) { - throw new FatalError( "Unknown error at restriction save time." ); + /** + * Give extensions a change to handle added form items + * + * @since 1.19 you can (and you should) return false to abort saving; + * you can also return an array of message name and its parameters + */ + $errorMsg = ''; + if ( !Hooks::run( 'ProtectionForm::save', [ $this->mArticle, &$errorMsg, $reasonstr ] ) ) { + if ( $errorMsg == '' ) { + $errorMsg = [ 'hookaborted' ]; + } } - - if( $wgRequest->getCheck( 'mwProtectWatch' ) ) { - $this->mArticle->doWatch(); - } elseif( $this->mTitle->userIsWatching() ) { - $this->mArticle->doUnwatch(); + if ( $errorMsg != '' ) { + $this->show( $errorMsg ); + return false; } - return $ok; + + WatchAction::doWatchOrUnwatch( $request->getCheck( 'mwProtectWatch' ), $this->mTitle, $user ); + + return true; } /** * Build the input form * - * @return $out string HTML form + * @return string HTML form */ function buildForm() { - global $wgUser, $wgLang; - - $mProtectreasonother = Xml::label( wfMsg( 'protectcomment' ), 'wpProtectReasonSelection' ); - $mProtectreason = Xml::label( wfMsg( 'protect-otherreason' ), 'mwProtect-reason' ); - + $context = $this->mContext; + $user = $context->getUser(); + $output = $context->getOutput(); + $lang = $context->getLanguage(); + $cascadingRestrictionLevels = $context->getConfig()->get( 'CascadingRestrictionLevels' ); $out = ''; - if( !$this->disabled ) { - $out .= $this->buildScript(); - $out .= Xml::openElement( 'form', array( 'method' => 'post', - 'action' => $this->mTitle->getLocalUrl( 'action=protect' ), - 'id' => 'mw-Protect-Form', 'onsubmit' => 'ProtectionForm.enableUnchainedInputs(true)' ) ); - $out .= Xml::hidden( 'wpEditToken',$wgUser->editToken() ); + if ( !$this->disabled ) { + $output->addModules( 'mediawiki.legacy.protect' ); + $output->addJsConfigVars( 'wgCascadeableLevels', $cascadingRestrictionLevels ); + $out .= Xml::openElement( 'form', [ 'method' => 'post', + 'action' => $this->mTitle->getLocalURL( 'action=protect' ), + 'id' => 'mw-Protect-Form' ] ); } $out .= Xml::openElement( 'fieldset' ) . - Xml::element( 'legend', null, wfMsg( 'protect-legend' ) ) . - Xml::openElement( 'table', array( 'id' => 'mwProtectSet' ) ) . + Xml::element( 'legend', null, $context->msg( 'protect-legend' )->text() ) . + Xml::openElement( 'table', [ 'id' => 'mwProtectSet' ] ) . Xml::openElement( 'tbody' ); - foreach( $this->mRestrictions as $action => $selected ) { - /* Not all languages have V_x <-> N_x relation */ - $msg = wfMsg( 'restriction-' . $action ); - if( wfEmptyMsg( 'restriction-' . $action, $msg ) ) { - $msg = $action; - } - $out .= "". + $scExpiryOptions = wfMessage( 'protect-expiry-options' )->inContentLanguage()->text(); + $showProtectOptions = $scExpiryOptions !== '-' && !$this->disabled; + + // Not all languages have V_x <-> N_x relation + foreach ( $this->mRestrictions as $action => $selected ) { + // Messages: + // restriction-edit, restriction-move, restriction-create, restriction-upload + $msg = $context->msg( 'restriction-' . $action ); + $out .= "" . Xml::openElement( 'fieldset' ) . - Xml::element( 'legend', null, $msg ) . - Xml::openElement( 'table', array( 'id' => "mw-protect-table-$action" ) ) . + Xml::element( 'legend', null, $msg->exists() ? $msg->text() : $action ) . + Xml::openElement( 'table', [ 'id' => "mw-protect-table-$action" ] ) . "" . $this->buildSelector( $action, $selected ) . ""; - $reasonDropDown = Xml::listDropDown( 'wpProtectReasonSelection', - wfMsgForContent( 'protect-dropdown' ), - wfMsgForContent( 'protect-otherreason-op' ), - $this->mReasonSelection, - 'mwProtect-reason', 4 ); - $scExpiryOptions = wfMsgForContent( 'protect-expiry-options' ); - - $showProtectOptions = ($scExpiryOptions !== '-' && !$this->disabled); - - $mProtectexpiry = Xml::label( wfMsg( 'protectexpiry' ), "mwProtectExpirySelection-$action" ); - $mProtectother = Xml::label( wfMsg( 'protect-othertime' ), "mwProtect-$action-expires" ); - - $expiryFormOptions = ''; - if ( $this->mExistingExpiry[$action] && $this->mExistingExpiry[$action] != 'infinity' ) { - $timestamp = $wgLang->timeanddate( $this->mExistingExpiry[$action] ); - $d = $wgLang->date( $this->mExistingExpiry[$action] ); - $t = $wgLang->time( $this->mExistingExpiry[$action] ); - $expiryFormOptions .= - Xml::option( - wfMsg( 'protect-existing-expiry', $timestamp, $d, $t ), - 'existing', - $this->mExpirySelection[$action] == 'existing' - ) . "\n"; + $mProtectexpiry = Xml::label( + $context->msg( 'protectexpiry' )->text(), + "mwProtectExpirySelection-$action" + ); + $mProtectother = Xml::label( + $context->msg( 'protect-othertime' )->text(), + "mwProtect-$action-expires" + ); + + $expiryFormOptions = new XmlSelect( + "wpProtectExpirySelection-$action", + "mwProtectExpirySelection-$action", + $this->mExpirySelection[$action] + ); + $expiryFormOptions->setAttribute( 'tabindex', '2' ); + if ( $this->disabled ) { + $expiryFormOptions->setAttribute( 'disabled', 'disabled' ); } - - $expiryFormOptions .= Xml::option( wfMsg( 'protect-othertime-op' ), "othertime" ) . "\n"; - foreach( explode(',', $scExpiryOptions) as $option ) { - if ( strpos($option, ":") === false ) { + + if ( $this->mExistingExpiry[$action] ) { + if ( $this->mExistingExpiry[$action] == 'infinity' ) { + $existingExpiryMessage = $context->msg( 'protect-existing-expiry-infinity' ); + } else { + $timestamp = $lang->userTimeAndDate( $this->mExistingExpiry[$action], $user ); + $d = $lang->userDate( $this->mExistingExpiry[$action], $user ); + $t = $lang->userTime( $this->mExistingExpiry[$action], $user ); + $existingExpiryMessage = $context->msg( + 'protect-existing-expiry', + $timestamp, + $d, + $t + ); + } + $expiryFormOptions->addOption( $existingExpiryMessage->text(), 'existing' ); + } + + $expiryFormOptions->addOption( + $context->msg( 'protect-othertime-op' )->text(), + 'othertime' + ); + foreach ( explode( ',', $scExpiryOptions ) as $option ) { + if ( strpos( $option, ":" ) === false ) { $show = $value = $option; } else { - list($show, $value) = explode(":", $option); + list( $show, $value ) = explode( ":", $option ); } - $show = htmlspecialchars($show); - $value = htmlspecialchars($value); - $expiryFormOptions .= Xml::option( $show, $value, $this->mExpirySelection[$action] === $value ) . "\n"; + $expiryFormOptions->addOption( $show, htmlspecialchars( $value ) ); } # Add expiry dropdown - if( $showProtectOptions && !$this->disabled ) { + if ( $showProtectOptions && !$this->disabled ) { $out .= "
{$mProtectexpiry} " . - Xml::tags( 'select', - array( - 'id' => "mwProtectExpirySelection-$action", - 'name' => "wpProtectExpirySelection-$action", - 'onchange' => "ProtectionForm.updateExpiryList(this)", - 'tabindex' => '2' ) + $this->disabledAttrib, - $expiryFormOptions ) . + $expiryFormOptions->getHTML() . "
"; } # Add custom expiry field - $attribs = array( 'id' => "mwProtect-$action-expires", - 'onkeyup' => 'ProtectionForm.updateExpiry(this)' ) + $this->disabledAttrib; + $attribs = [ 'id' => "mwProtect-$action-expires" ] + $this->disabledAttrib; $out .= ""; } + # Give extensions a chance to add items to the form + Hooks::run( 'ProtectionForm::buildForm', [ $this->mArticle, &$out ] ); $out .= Xml::closeElement( 'tbody' ) . Xml::closeElement( 'table' ); // JavaScript will add another row with a value-chaining checkbox - if( $this->mTitle->exists() ) { - $out .= Xml::openElement( 'table', array( 'id' => 'mw-protect-table2' ) ) . + if ( $this->mTitle->exists() ) { + $out .= Xml::openElement( 'table', [ 'id' => 'mw-protect-table2' ] ) . Xml::openElement( 'tbody' ); $out .= '\n"; $out .= Xml::closeElement( 'tbody' ) . Xml::closeElement( 'table' ); } - + # Add manual and custom reason field/selects as well as submit - if( !$this->disabled ) { - $out .= Xml::openElement( 'table', array( 'id' => 'mw-protect-table3' ) ) . + if ( !$this->disabled ) { + $mProtectreasonother = Xml::label( + $context->msg( 'protectcomment' )->text(), + 'wpProtectReasonSelection' + ); + + $mProtectreason = Xml::label( + $context->msg( 'protect-otherreason' )->text(), + 'mwProtect-reason' + ); + + $reasonDropDown = Xml::listDropDown( 'wpProtectReasonSelection', + wfMessage( 'protect-dropdown' )->inContentLanguage()->text(), + wfMessage( 'protect-otherreason-op' )->inContentLanguage()->text(), + $this->mReasonSelection, + 'mwProtect-reason', 4 ); + + $out .= Xml::openElement( 'table', [ 'id' => 'mw-protect-table3' ] ) . Xml::openElement( 'tbody' ); $out .= " @@ -424,73 +510,88 @@ class ProtectionForm { {$mProtectreason} - + "; + # Disallow watching is user is not logged in + if ( $user->isLoggedIn() ) { + $out .= " - + "; + } + $out .= " \n"; $out .= Xml::closeElement( 'tbody' ) . Xml::closeElement( 'table' ); } $out .= Xml::closeElement( 'fieldset' ); - if ( $wgUser->isAllowed( 'editinterface' ) ) { - $linkTitle = Title::makeTitleSafe( NS_MEDIAWIKI, 'protect-dropdown' ); - $link = $wgUser->getSkin()->Link ( $linkTitle, wfMsgHtml( 'protect-edit-reasonlist' ) ); + if ( $user->isAllowed( 'editinterface' ) ) { + $linkRenderer = MediaWikiServices::getInstance()->getLinkRenderer(); + $link = $linkRenderer->makeKnownLink( + $context->msg( 'protect-dropdown' )->inContentLanguage()->getTitle(), + $context->msg( 'protect-edit-reasonlist' )->text(), + [], + [ 'action' => 'edit' ] + ); $out .= '

' . $link . '

'; } if ( !$this->disabled ) { - $out .= Xml::closeElement( 'form' ) . - $this->buildCleanupScript(); + $out .= Html::hidden( + 'wpEditToken', + $user->getEditToken( [ 'protect', $this->mTitle->getPrefixedDBkey() ] ) + ); + $out .= Xml::closeElement( 'form' ); } return $out; } + /** + * Build protection level selector + * + * @param string $action Action to protect + * @param string $selected Current protection level + * @return string HTML fragment + */ function buildSelector( $action, $selected ) { - global $wgRestrictionLevels, $wgUser; - - $levels = array(); - foreach( $wgRestrictionLevels as $key ) { - //don't let them choose levels above their own (aka so they can still unprotect and edit the page). but only when the form isn't disabled - if( $key == 'sysop' ) { - //special case, rewrite sysop to protect and editprotected - if( !$wgUser->isAllowed('protect') && !$wgUser->isAllowed('editprotected') && !$this->disabled ) - continue; - } else { - if( !$wgUser->isAllowed($key) && !$this->disabled ) - continue; - } - $levels[] = $key; - } + // If the form is disabled, display all relevant levels. Otherwise, + // just show the ones this user can use. + $levels = MWNamespace::getRestrictionLevels( $this->mTitle->getNamespace(), + $this->disabled ? null : $this->mContext->getUser() + ); $id = 'mwProtect-level-' . $action; - $attribs = array( - 'id' => $id, - 'name' => $id, - 'size' => count( $levels ), - 'onchange' => 'ProtectionForm.updateLevels(this)', - ) + $this->disabledAttrib; - - $out = Xml::openElement( 'select', $attribs ); - foreach( $levels as $key ) { - $out .= Xml::option( $this->getOptionLabel( $key ), $key, $key == $selected ); + + $select = new XmlSelect( $id, $id, $selected ); + $select->setAttribute( 'size', count( $levels ) ); + if ( $this->disabled ) { + $select->setAttribute( 'disabled', 'disabled' ); } - $out .= Xml::closeElement( 'select' ); - return $out; + + foreach ( $levels as $key ) { + $select->addOption( $this->getOptionLabel( $key ), $key ); + } + + return $select->getHTML(); } /** @@ -500,53 +601,30 @@ class ProtectionForm { * @return string */ private function getOptionLabel( $permission ) { - if( $permission == '' ) { - return wfMsg( 'protect-default' ); + if ( $permission == '' ) { + return $this->mContext->msg( 'protect-default' )->text(); } else { - $key = "protect-level-{$permission}"; - $msg = wfMsg( $key ); - if( wfEmptyMsg( $key, $msg ) ) - $msg = wfMsg( 'protect-fallback', $permission ); - return $msg; - } - } - - function buildScript() { - global $wgStylePath, $wgStyleVersion; - return Xml::tags( 'script', array( - 'type' => 'text/javascript', - 'src' => $wgStylePath . "/common/protect.js?$wgStyleVersion.1" ), '' ); - } - - function buildCleanupScript() { - global $wgRestrictionLevels, $wgGroupPermissions; - $script = 'var wgCascadeableLevels='; - $CascadeableLevels = array(); - foreach( $wgRestrictionLevels as $key ) { - if ( (isset($wgGroupPermissions[$key]['protect']) && $wgGroupPermissions[$key]['protect']) || $key == 'protect' ) { - $CascadeableLevels[] = "'" . Xml::escapeJsString( $key ) . "'"; + // Messages: protect-level-autoconfirmed, protect-level-sysop + $msg = $this->mContext->msg( "protect-level-{$permission}" ); + if ( $msg->exists() ) { + return $msg->text(); } + return $this->mContext->msg( 'protect-fallback', $permission )->text(); } - $script .= "[" . implode(',',$CascadeableLevels) . "];\n"; - $options = (object)array( - 'tableId' => 'mw-protect-table-move', - 'labelText' => wfMsg( 'protect-unchain' ), - 'numTypes' => count($this->mApplicableTypes), - 'existingMatch' => 1 == count( array_unique( $this->mExistingExpiry ) ), - ); - $encOptions = Xml::encodeJsVar( $options ); - - $script .= "ProtectionForm.init($encOptions)"; - return Xml::tags( 'script', array( 'type' => 'text/javascript' ), $script ); } /** - * @param OutputPage $out + * Show protection long extracts for this page + * + * @param OutputPage &$out * @access private */ function showLogExtract( &$out ) { # Show relevant lines from the protection log: - $out->addHTML( Xml::element( 'h2', null, LogPage::logName( 'protect' ) ) ); - LogEventsList::showLogExtract( $out, 'protect', $this->mTitle->getPrefixedText() ); + $protectLogPage = new LogPage( 'protect' ); + $out->addHTML( Xml::element( 'h2', null, $protectLogPage->getName()->text() ) ); + LogEventsList::showLogExtract( $out, 'protect', $this->mTitle ); + # Let extensions add other relevant log extracts + Hooks::run( 'ProtectionForm::showLogExtract', [ $this->mArticle, $out ] ); } }
" . $mProtectother . @@ -389,26 +453,48 @@ class ProtectionForm { Xml::closeElement( 'fieldset' ) . "
' . - Xml::checkLabel( wfMsg( 'protect-cascade' ), 'mwProtect-cascade', 'mwProtect-cascade', - $this->mCascade, $this->disabledAttrib ) . + Xml::checkLabel( + $context->msg( 'protect-cascade' )->text(), + 'mwProtect-cascade', + 'mwProtect-cascade', + $this->mCascade, $this->disabledAttrib + ) . "
" . - Xml::input( 'mwProtect-reason', 60, $this->mReason, array( 'type' => 'text', - 'id' => 'mwProtect-reason', 'maxlength' => 255 ) ) . + Xml::input( 'mwProtect-reason', 60, $this->mReason, [ 'type' => 'text', + 'id' => 'mwProtect-reason', 'maxlength' => 180 ] ) . + // Limited maxlength as the database trims at 255 bytes and other texts + // chosen by dropdown menus on this page are also included in this database field. + // The byte limit of 180 bytes is enforced in javascript "
" . - Xml::checkLabel( wfMsg( 'watchthis' ), + Xml::checkLabel( $context->msg( 'watchthis' )->text(), 'mwProtectWatch', 'mwProtectWatch', - $this->mTitle->userIsWatching() || $wgUser->getOption( 'watchdefault' ) ) . + $user->isWatched( $this->mTitle ) || $user->getOption( 'watchdefault' ) ) . "
" . - Xml::submitButton( wfMsg( 'confirm' ), array( 'id' => 'mw-Protect-submit' ) ) . + Xml::submitButton( + $context->msg( 'confirm' )->text(), + [ 'id' => 'mw-Protect-submit' ] + ) . "