<?php
/**
* Base classes for actions done on pages.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*
* @file
*/
/**
* @defgroup Actions Action done on pages
*/
/**
* Actions are things which can be done to pages (edit, delete, rollback, etc). They
* are distinct from Special Pages because an action must apply to exactly one page.
*
* To add an action in an extension, create a subclass of Action, and add the key to
* $wgActions. There is also the deprecated UnknownAction hook
*
* Actions generally fall into two groups: the show-a-form-then-do-something-with-the-input
* format (protect, delete, move, etc), and the just-do-something format (watch, rollback,
* patrol, etc). The FormAction and FormlessAction classes represent these two groups.
*/
abstract class Action {
/**
* Page on which we're performing the action
* @var WikiPage|Article|ImagePage|CategoryPage|Page $page
*/
protected $page;
/**
* IContextSource if specified; otherwise we'll use the Context from the Page
* @var IContextSource $context
*/
protected $context;
/**
* The fields used to create the HTMLForm
* @var Array $fields
*/
protected $fields;
/**
* Get the Action subclass which should be used to handle this action, false if
* the action is disabled, or null if it's not recognised
* @param $action String
* @param $overrides Array
* @return bool|null|string|callable
*/
final private static function getClass( $action, array $overrides ) {
global $wgActions;
$action = strtolower( $action );
if ( !isset( $wgActions[$action] ) ) {
return null;
}
if ( $wgActions[$action] === false ) {
return false;
} elseif ( $wgActions[$action] === true && isset( $overrides[$action] ) ) {
return $overrides[$action];
} elseif ( $wgActions[$action] === true ) {
return ucfirst( $action ) . 'Action';
} else {
return $wgActions[$action];
}
}
/**
* Get an appropriate Action subclass for the given action
* @param $action String
* @param $page Page
* @param $context IContextSource
* @return Action|bool|null false if the action is disabled, null
* if it is not recognised
*/
final public static function factory( $action, Page $page, IContextSource $context = null ) {
$classOrCallable = self::getClass( $action, $page->getActionOverrides() );
if ( is_string( $classOrCallable ) ) {
$obj = new $classOrCallable( $page, $context );
return $obj;
}
if ( is_callable( $classOrCallable ) ) {
return call_user_func_array( $classOrCallable, array( $page, $context ) );
}
return $classOrCallable;
}
/**
* Get the action that will be executed, not necessarily the one passed
* passed through the "action" request parameter. Actions disabled in
* $wgActions will be replaced by "nosuchaction".
*
* @since 1.19
* @param $context IContextSource
* @return string: action name
*/
final public static function getActionName( IContextSource $context ) {
global $wgActions;
$request = $context->getRequest();
$actionName = $request->getVal( 'action', 'view' );
// Check for disabled actions
if ( isset( $wgActions[$actionName] ) && $wgActions[$actionName] === false ) {
$actionName = 'nosuchaction';
}
// Workaround for bug #20966: inability of IE to provide an action dependent
// on which submit button is clicked.
if ( $actionName === 'historysubmit' ) {
if ( $request->getBool( 'revisiondelete' ) ) {
$actionName = 'revisiondelete';
} else {
$actionName = 'view';
}
} elseif ( $actionName == 'editredlink' ) {
$actionName = 'edit';
}
// Trying to get a WikiPage for NS_SPECIAL etc. will result
// in WikiPage::factory throwing "Invalid or virtual namespace -1 given."
// For SpecialPages et al, default to action=view.
if ( !$context->canUseWikiPage() ) {
return 'view';
}
$action = Action::factory( $actionName, $context->getWikiPage(), $context );
if ( $action instanceof Action ) {
return $action->getName();
}
return 'nosuchaction';
}
/**
* Check if a given action is recognised, even if it's disabled
*
* @param string $name name of an action
* @return Bool
*/
final public static function exists( $name ) {
return self::getClass( $name, array() ) !== null;
}
/**
* Get the IContextSource in use here
* @return IContextSource
*/
final public function getContext() {
if ( $this->context instanceof IContextSource ) {
return $this->context;
} else if ( $this->page instanceof Article ) {
// NOTE: $this->page can be a WikiPage, which does not have a context.
wfDebug( __METHOD__ . ': no context known, falling back to Article\'s context.' );
return $this->page->getContext();
}
wfWarn( __METHOD__ . ': no context known, falling back to RequestContext::getMain().' );
return RequestContext::getMain();
}
/**
* Get the WebRequest being used for this instance
*
* @return WebRequest
*/
final public function getRequest() {
return $this->getContext()->getRequest();
}
/**
* Get the OutputPage being used for this instance
*
* @return OutputPage
*/
final public function getOutput() {
return $this->getContext()->getOutput();
}
/**
* Shortcut to get the User being used for this instance
*
* @return User
*/
final public function getUser() {
return $this->getContext()->getUser();
}
/**
* Shortcut to get the Skin being used for this instance
*
* @return Skin
*/
final public function getSkin() {
return $this->getContext()->getSkin();
}
/**
* Shortcut to get the user Language being used for this instance
*
* @return Language
*/
final public function getLanguage() {
return $this->getContext()->getLanguage();
}
/**
* Shortcut to get the user Language being used for this instance
*
* @deprecated since 1.19 Use getLanguage instead
* @return Language
*/
final public function getLang() {
wfDeprecated( __METHOD__, '1.19' );
return $this->getLanguage();
}
/**
* Shortcut to get the Title object from the page
* @return Title
*/
final public function getTitle() {
return $this->page->getTitle();
}
/**
* Get a Message object with context set
* Parameters are the same as wfMessage()
*
* @return Message object
*/
final public function msg() {
$params = func_get_args();
return call_user_func_array( array( $this->getContext(), 'msg' ), $params );
}
/**
* Constructor.
*
* Only public since 1.21
*
* @param $page Page
* @param $context IContextSource
*/
public function __construct( Page $page, IContextSource $context = null ) {
if ( $context === null ) {
wfWarn( __METHOD__ . ' called without providing a Context object.' );
// NOTE: We could try to initialize $context using $page->getContext(),
// if $page is an Article. That however seems to not work seamlessly.
}
$this->page = $page;
$this->context = $context;
}
/**
* Return the name of the action this object responds to
* @return String lowercase
*/
abstract public function getName();
/**
* Get the permission required to perform this action. Often, but not always,
* the same as the action name
* @return String|null
*/
public function getRestriction() {
return null;
}
/**
* Checks if the given user (identified by an object) can perform this action. Can be
* overridden by sub-classes with more complicated permissions schemes. Failures here
* must throw subclasses of ErrorPageError
*
* @param $user User: the user to check, or null to use the context user
* @throws UserBlockedError|ReadOnlyError|PermissionsError
* @return bool True on success
*/
protected function checkCanExecute( User $user ) {
$right = $this->getRestriction();
if ( $right !== null ) {
$errors = $this->getTitle()->getUserPermissionsErrors( $right, $user );
if ( count( $errors ) ) {
throw new PermissionsError( $right, $errors );
}
}
if ( $this->requiresUnblock() && $user->isBlocked() ) {
$block = $user->getBlock();
throw new UserBlockedError( $block );
}
// This should be checked at the end so that the user won't think the
// error is only temporary when he also don't have the rights to execute
// this action
if ( $this->requiresWrite() && wfReadOnly() ) {
throw new ReadOnlyError();
}
return true;
}
/**
* Whether this action requires the wiki not to be locked
* @return Bool
*/
public function requiresWrite() {
return true;
}
/**
* Whether this action can still be executed by a blocked user
* @return Bool
*/
public function requiresUnblock() {
return true;
}
/**
* Set output headers for noindexing etc. This function will not be called through
* the execute() entry point, so only put UI-related stuff in here.
*/
protected function setHeaders() {
$out = $this->getOutput();
$out->setRobotPolicy( "noindex,nofollow" );
$out->setPageTitle( $this->getPageTitle() );
$this->getOutput()->setSubtitle( $this->getDescription() );
$out->setArticleRelated( true );
}
/**
* Returns the name that goes in the \<h1\> page title
*
* @return String
*/
protected function getPageTitle() {
return $this->getTitle()->getPrefixedText();
}
/**
* Returns the description that goes below the \<h1\> tag
*
* @return String
*/
protected function getDescription() {
return $this->msg( strtolower( $this->getName() ) )->escaped();
}
/**
* The main action entry point. Do all output for display and send it to the context
* output. Do not use globals $wgOut, $wgRequest, etc, in implementations; use
* $this->getOutput(), etc.
* @throws ErrorPageError
*/
abstract public function show();
/**
* Execute the action in a silent fashion: do not display anything or release any errors.
* @return Bool whether execution was successful
*/
abstract public function execute();
}
/**
* An action which shows a form and does something based on the input from the form
*/
abstract class FormAction extends Action {
/**
* Get an HTMLForm descriptor array
* @return Array
*/
abstract protected function getFormFields();
/**
* Add pre- or post-text to the form
* @return String HTML which will be sent to $form->addPreText()
*/
protected function preText() {
return '';
}
/**
* @return string
*/
protected function postText() {
return '';
}
/**
* Play with the HTMLForm if you need to more substantially
* @param $form HTMLForm
*/
protected function alterForm( HTMLForm $form ) {
}
/**
* Get the HTMLForm to control behavior
* @return HTMLForm|null
*/
protected function getForm() {
$this->fields = $this->getFormFields();
// Give hooks a chance to alter the form, adding extra fields or text etc
wfRunHooks( 'ActionModifyFormFields', array( $this->getName(), &$this->fields, $this->page ) );
$form = new HTMLForm( $this->fields, $this->getContext(), $this->getName() );
$form->setSubmitCallback( array( $this, 'onSubmit' ) );
// Retain query parameters (uselang etc)
$form->addHiddenField( 'action', $this->getName() ); // Might not be the same as the query string
$params = array_diff_key(
$this->getRequest()->getQueryValues(),
array( 'action' => null, 'title' => null )
);
$form->addHiddenField( 'redirectparams', wfArrayToCgi( $params ) );
$form->addPreText( $this->preText() );
$form->addPostText( $this->postText() );
$this->alterForm( $form );
// Give hooks a chance to alter the form, adding extra fields or text etc
wfRunHooks( 'ActionBeforeFormDisplay', array( $this->getName(), &$form, $this->page ) );
return $form;
}
/**
* Process the form on POST submission. If you return false from getFormFields(),
* this will obviously never be reached. If you don't want to do anything with the
* form, just return false here
* @param $data Array
* @return Bool|Array true for success, false for didn't-try, array of errors on failure
*/
abstract public function onSubmit( $data );
/**
* Do something exciting on successful processing of the form. This might be to show
* a confirmation message (watch, rollback, etc) or to redirect somewhere else (edit,
* protect, etc).
*/
abstract public function onSuccess();
/**
* The basic pattern for actions is to display some sort of HTMLForm UI, maybe with
* some stuff underneath (history etc); to do some processing on submission of that
* form (delete, protect, etc) and to do something exciting on 'success', be that
* display something new or redirect to somewhere. Some actions have more exotic
* behavior, but that's what subclassing is for :D
*/
public function show() {
$this->setHeaders();
// This will throw exceptions if there's a problem
$this->checkCanExecute( $this->getUser() );
$form = $this->getForm();
if ( $form->show() ) {
$this->onSuccess();
}
}
/**
* @see Action::execute()
*
* @param $data array|null
* @param $captureErrors bool
* @throws ErrorPageError|Exception
* @return bool
*/
public function execute( array $data = null, $captureErrors = true ) {
try {
// Set a new context so output doesn't leak.
$this->context = clone $this->getContext();
// This will throw exceptions if there's a problem
$this->checkCanExecute( $this->getUser() );
$fields = array();
foreach ( $this->fields as $key => $params ) {
if ( isset( $data[$key] ) ) {
$fields[$key] = $data[$key];
} elseif ( isset( $params['default'] ) ) {
$fields[$key] = $params['default'];
} else {
$fields[$key] = null;
}
}
$status = $this->onSubmit( $fields );
if ( $status === true ) {
// This might do permanent stuff
$this->onSuccess();
return true;
} else {
return false;
}
}
catch ( ErrorPageError $e ) {
if ( $captureErrors ) {
return false;
} else {
throw $e;
}
}
}
}
/**
* An action which just does something, without showing a form first.
*/
abstract class FormlessAction extends Action {
/**
* Show something on GET request.
* @return String|null will be added to the HTMLForm if present, or just added to the
* output if not. Return null to not add anything
*/
abstract public function onView();
/**
* We don't want an HTMLForm
* @return bool
*/
protected function getFormFields() {
return false;
}
/**
* @param $data Array
* @return bool
*/
public function onSubmit( $data ) {
return false;
}
/**
* @return bool
*/
public function onSuccess() {
return false;
}
public function show() {
$this->setHeaders();
// This will throw exceptions if there's a problem
$this->checkCanExecute( $this->getUser() );
$this->getOutput()->addHTML( $this->onView() );
}
/**
* Execute the action silently, not giving any output. Since these actions don't have
* forms, they probably won't have any data, but some (eg rollback) may do
* @param array $data values that would normally be in the GET request
* @param bool $captureErrors whether to catch exceptions and just return false
* @throws ErrorPageError|Exception
* @return Bool whether execution was successful
*/
public function execute( array $data = null, $captureErrors = true ) {
try {
// Set a new context so output doesn't leak.
$this->context = clone $this->getContext();
if ( is_array( $data ) ) {
$this->context->setRequest( new FauxRequest( $data, false ) );
}
// This will throw exceptions if there's a problem
$this->checkCanExecute( $this->getUser() );
$this->onView();
return true;
}
catch ( ErrorPageError $e ) {
if ( $captureErrors ) {
return false;
} else {
throw $e;
}
}
}
}