2020-09-18 14:49:13 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace MediaWiki\Extension\AbuseFilter;
|
|
|
|
|
2020-10-10 17:20:21 +00:00
|
|
|
use MediaWiki\Extension\AbuseFilter\Filter\AbstractFilter;
|
2021-06-05 05:06:22 +00:00
|
|
|
use MediaWiki\Permissions\Authority;
|
2020-09-18 14:49:13 +00:00
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* This class simplifies the interactions between the AbuseFilter code and Authority, knowing
|
2020-09-18 14:49:13 +00:00
|
|
|
* what rights are required to perform AF-related actions.
|
|
|
|
*/
|
|
|
|
class AbuseFilterPermissionManager {
|
|
|
|
public const SERVICE_NAME = 'AbuseFilterPermissionManager';
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canEdit( Authority $performer ): bool {
|
|
|
|
$block = $performer->getBlock();
|
2020-09-18 14:49:13 +00:00
|
|
|
return (
|
|
|
|
!( $block && $block->isSitewide() ) &&
|
2021-06-05 05:06:22 +00:00
|
|
|
$performer->isAllowed( 'abusefilter-modify' )
|
2020-09-18 14:49:13 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canEditGlobal( Authority $performer ): bool {
|
|
|
|
return $performer->isAllowed( 'abusefilter-modify-global' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether the user can edit the given filter.
|
|
|
|
*
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-10-10 17:20:21 +00:00
|
|
|
* @param AbstractFilter $filter
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canEditFilter( Authority $performer, AbstractFilter $filter ): bool {
|
2020-09-18 14:49:13 +00:00
|
|
|
return (
|
2021-06-05 05:06:22 +00:00
|
|
|
$this->canEdit( $performer ) &&
|
|
|
|
!( $filter->isGlobal() && !$this->canEditGlobal( $performer ) )
|
2020-09-18 14:49:13 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether the user can edit a filter with restricted actions enabled.
|
|
|
|
*
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canEditFilterWithRestrictedActions( Authority $performer ): bool {
|
|
|
|
return $performer->isAllowed( 'abusefilter-modify-restricted' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canViewPrivateFilters( Authority $performer ): bool {
|
2022-10-12 21:15:53 +00:00
|
|
|
$block = $performer->getBlock();
|
|
|
|
return (
|
|
|
|
!( $block && $block->isSitewide() ) &&
|
|
|
|
$performer->isAllowedAny(
|
|
|
|
'abusefilter-modify',
|
|
|
|
'abusefilter-view-private'
|
|
|
|
)
|
2020-09-18 14:49:13 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canViewPrivateFiltersLogs( Authority $performer ): bool {
|
|
|
|
return $this->canViewPrivateFilters( $performer ) ||
|
|
|
|
$performer->isAllowed( 'abusefilter-log-private' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canViewAbuseLog( Authority $performer ): bool {
|
|
|
|
return $performer->isAllowed( 'abusefilter-log' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canHideAbuseLog( Authority $performer ): bool {
|
|
|
|
return $performer->isAllowed( 'abusefilter-hide-log' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canRevertFilterActions( Authority $performer ): bool {
|
|
|
|
return $performer->isAllowed( 'abusefilter-revert' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2024-05-16 10:40:53 +00:00
|
|
|
* @param int $privacyLevel Bitmask of privacy flags
|
2020-10-27 19:21:44 +00:00
|
|
|
* @todo Take a Filter parameter
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2024-05-16 10:40:53 +00:00
|
|
|
public function canSeeLogDetailsForFilter( Authority $performer, int $privacyLevel ): bool {
|
|
|
|
if ( FilterUtils::isHidden( $privacyLevel ) ) {
|
2021-06-05 05:06:22 +00:00
|
|
|
return $this->canSeeLogDetails( $performer )
|
|
|
|
&& $this->canViewPrivateFiltersLogs( $performer );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
2021-06-05 05:06:22 +00:00
|
|
|
return $this->canSeeLogDetails( $performer );
|
2020-10-27 19:21:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-10-27 19:21:44 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canSeeLogDetails( Authority $performer ): bool {
|
|
|
|
return $performer->isAllowed( 'abusefilter-log-detail' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canSeePrivateDetails( Authority $performer ): bool {
|
|
|
|
return $performer->isAllowed( 'abusefilter-privatedetails' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2020-09-18 14:49:13 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canSeeHiddenLogEntries( Authority $performer ): bool {
|
|
|
|
return $performer->isAllowed( 'abusefilter-hidden-log' );
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|
2021-02-19 17:50:38 +00:00
|
|
|
|
|
|
|
/**
|
2021-06-05 05:06:22 +00:00
|
|
|
* @param Authority $performer
|
2021-02-19 17:50:38 +00:00
|
|
|
* @return bool
|
|
|
|
*/
|
2021-06-05 05:06:22 +00:00
|
|
|
public function canUseTestTools( Authority $performer ): bool {
|
2021-02-19 17:50:38 +00:00
|
|
|
// TODO: make independent
|
2021-06-05 05:06:22 +00:00
|
|
|
return $this->canViewPrivateFilters( $performer );
|
2021-02-19 17:50:38 +00:00
|
|
|
}
|
|
|
|
|
2020-09-18 14:49:13 +00:00
|
|
|
}
|