2011-08-26 20:12:34 +00:00
|
|
|
<?php
|
|
|
|
|
2020-12-03 22:05:42 +00:00
|
|
|
namespace MediaWiki\Extension\AbuseFilter\Api;
|
|
|
|
|
2021-02-23 19:49:37 +00:00
|
|
|
use LogEventsList;
|
2020-12-03 22:05:42 +00:00
|
|
|
use LogicException;
|
2021-02-23 19:49:37 +00:00
|
|
|
use LogPage;
|
2024-10-19 19:55:40 +00:00
|
|
|
use MediaWiki\Api\ApiBase;
|
|
|
|
use MediaWiki\Api\ApiMain;
|
|
|
|
use MediaWiki\Api\ApiResult;
|
2021-03-25 03:48:03 +00:00
|
|
|
use MediaWiki\Extension\AbuseFilter\AbuseFilterPermissionManager;
|
2024-09-11 17:20:49 +00:00
|
|
|
use MediaWiki\Extension\AbuseFilter\AbuseFilterServices;
|
2021-09-01 11:53:38 +00:00
|
|
|
use MediaWiki\Extension\AbuseFilter\Parser\RuleCheckerFactory;
|
2021-02-23 19:49:37 +00:00
|
|
|
use MediaWiki\Extension\AbuseFilter\Special\SpecialAbuseLog;
|
2021-04-04 18:57:49 +00:00
|
|
|
use MediaWiki\Extension\AbuseFilter\VariableGenerator\VariableGeneratorFactory;
|
2021-01-02 14:01:00 +00:00
|
|
|
use MediaWiki\Extension\AbuseFilter\Variables\VariableHolder;
|
2021-04-04 18:57:49 +00:00
|
|
|
use MediaWiki\Extension\AbuseFilter\Variables\VariablesBlobStore;
|
2024-06-12 18:01:35 +00:00
|
|
|
use MediaWiki\Json\FormatJson;
|
2021-02-23 19:49:37 +00:00
|
|
|
use MediaWiki\Revision\RevisionRecord;
|
2020-12-03 22:05:42 +00:00
|
|
|
use RecentChange;
|
2022-04-03 23:23:52 +00:00
|
|
|
use Wikimedia\ParamValidator\ParamValidator;
|
2020-01-11 17:05:30 +00:00
|
|
|
|
2020-12-03 22:05:42 +00:00
|
|
|
class CheckMatch extends ApiBase {
|
2021-03-25 03:48:03 +00:00
|
|
|
|
2024-10-25 17:02:04 +00:00
|
|
|
private RuleCheckerFactory $ruleCheckerFactory;
|
|
|
|
private AbuseFilterPermissionManager $afPermManager;
|
|
|
|
private VariablesBlobStore $afVariablesBlobStore;
|
|
|
|
private VariableGeneratorFactory $afVariableGeneratorFactory;
|
2021-04-04 18:57:49 +00:00
|
|
|
|
2021-03-25 03:48:03 +00:00
|
|
|
public function __construct(
|
|
|
|
ApiMain $main,
|
2024-10-25 17:02:04 +00:00
|
|
|
string $action,
|
2021-09-01 11:53:38 +00:00
|
|
|
RuleCheckerFactory $ruleCheckerFactory,
|
2021-04-04 18:57:49 +00:00
|
|
|
AbuseFilterPermissionManager $afPermManager,
|
|
|
|
VariablesBlobStore $afVariablesBlobStore,
|
|
|
|
VariableGeneratorFactory $afVariableGeneratorFactory
|
2021-03-25 03:48:03 +00:00
|
|
|
) {
|
|
|
|
parent::__construct( $main, $action );
|
2021-09-01 11:53:38 +00:00
|
|
|
$this->ruleCheckerFactory = $ruleCheckerFactory;
|
2021-03-25 03:48:03 +00:00
|
|
|
$this->afPermManager = $afPermManager;
|
2021-04-04 18:57:49 +00:00
|
|
|
$this->afVariablesBlobStore = $afVariablesBlobStore;
|
|
|
|
$this->afVariableGeneratorFactory = $afVariableGeneratorFactory;
|
2021-03-25 03:48:03 +00:00
|
|
|
}
|
|
|
|
|
2018-04-04 21:14:25 +00:00
|
|
|
/**
|
2020-12-03 08:49:56 +00:00
|
|
|
* @inheritDoc
|
2018-04-04 21:14:25 +00:00
|
|
|
*/
|
2011-08-26 20:12:34 +00:00
|
|
|
public function execute() {
|
2022-07-02 13:35:00 +00:00
|
|
|
$performer = $this->getAuthority();
|
2011-08-26 20:12:34 +00:00
|
|
|
$params = $this->extractRequestParams();
|
|
|
|
$this->requireOnlyOneParameter( $params, 'vars', 'rcid', 'logid' );
|
|
|
|
|
|
|
|
// "Anti-DoS"
|
2022-07-02 13:35:00 +00:00
|
|
|
if ( !$this->afPermManager->canUseTestTools( $performer ) ) {
|
2017-08-07 23:35:21 +00:00
|
|
|
$this->dieWithError( 'apierror-abusefilter-canttest', 'permissiondenied' );
|
2011-08-26 20:12:34 +00:00
|
|
|
}
|
|
|
|
|
2013-10-15 12:28:39 +00:00
|
|
|
$vars = null;
|
2011-08-26 20:12:34 +00:00
|
|
|
if ( $params['vars'] ) {
|
2014-07-30 00:50:30 +00:00
|
|
|
$pairs = FormatJson::decode( $params['vars'], true );
|
2021-01-02 14:01:00 +00:00
|
|
|
$vars = VariableHolder::newFromArray( $pairs );
|
2011-08-26 20:12:34 +00:00
|
|
|
} elseif ( $params['rcid'] ) {
|
2020-05-28 18:09:17 +00:00
|
|
|
$rc = RecentChange::newFromId( $params['rcid'] );
|
2011-08-26 20:12:34 +00:00
|
|
|
|
2020-05-28 18:09:17 +00:00
|
|
|
if ( !$rc ) {
|
2017-08-07 23:35:21 +00:00
|
|
|
$this->dieWithError( [ 'apierror-nosuchrcid', $params['rcid'] ] );
|
2011-08-26 20:12:34 +00:00
|
|
|
}
|
|
|
|
|
2021-02-23 19:49:37 +00:00
|
|
|
$type = (int)$rc->getAttribute( 'rc_type' );
|
|
|
|
$deletedValue = $rc->getAttribute( 'rc_deleted' );
|
|
|
|
if (
|
|
|
|
(
|
|
|
|
$type === RC_LOG &&
|
|
|
|
!LogEventsList::userCanBitfield(
|
|
|
|
$deletedValue,
|
|
|
|
LogPage::SUPPRESSED_ACTION | LogPage::SUPPRESSED_USER,
|
2022-07-02 13:35:00 +00:00
|
|
|
$performer
|
2021-02-23 19:49:37 +00:00
|
|
|
)
|
|
|
|
) || (
|
|
|
|
$type !== RC_LOG &&
|
2022-07-02 13:35:00 +00:00
|
|
|
!RevisionRecord::userCanBitfield( $deletedValue, RevisionRecord::SUPPRESSED_ALL, $performer )
|
2021-02-23 19:49:37 +00:00
|
|
|
)
|
|
|
|
) {
|
|
|
|
// T223654 - Same check as in AbuseFilterChangesList
|
|
|
|
$this->dieWithError( 'apierror-permissiondenied-generic', 'deletedrc' );
|
|
|
|
}
|
|
|
|
|
2022-07-02 13:35:00 +00:00
|
|
|
$varGenerator = $this->afVariableGeneratorFactory->newRCGenerator( $rc, $this->getUser() );
|
2019-06-25 16:39:57 +00:00
|
|
|
$vars = $varGenerator->getVars();
|
2011-08-26 20:12:34 +00:00
|
|
|
} elseif ( $params['logid'] ) {
|
2024-04-30 18:21:20 +00:00
|
|
|
$row = $this->getDB()->newSelectQueryBuilder()
|
|
|
|
->select( '*' )
|
|
|
|
->from( 'abuse_filter_log' )
|
|
|
|
->where( [ 'afl_id' => $params['logid'] ] )
|
|
|
|
->caller( __METHOD__ )
|
|
|
|
->fetchRow();
|
2011-08-26 20:12:34 +00:00
|
|
|
|
|
|
|
if ( !$row ) {
|
2017-08-07 23:35:21 +00:00
|
|
|
$this->dieWithError( [ 'apierror-abusefilter-nosuchlogid', $params['logid'] ], 'nosuchlogid' );
|
2011-08-26 20:12:34 +00:00
|
|
|
}
|
|
|
|
|
2024-09-11 17:20:49 +00:00
|
|
|
// TODO: Replace with dependency injection once security patch is uploaded publicly.
|
|
|
|
$afFilterLookup = AbuseFilterServices::getFilterLookup();
|
|
|
|
$privacyLevel = $afFilterLookup->getFilter( $row->afl_filter_id, $row->afl_global )
|
|
|
|
->getPrivacyLevel();
|
|
|
|
$canSeeDetails = $this->afPermManager->canSeeLogDetailsForFilter( $performer, $privacyLevel );
|
|
|
|
if ( !$canSeeDetails ) {
|
|
|
|
$this->dieWithError( 'apierror-permissiondenied-generic', 'cannotseedetails' );
|
|
|
|
}
|
|
|
|
|
2022-07-02 13:35:00 +00:00
|
|
|
$visibility = SpecialAbuseLog::getEntryVisibilityForUser( $row, $performer, $this->afPermManager );
|
2021-09-15 18:23:36 +00:00
|
|
|
if ( $visibility !== SpecialAbuseLog::VISIBILITY_VISIBLE ) {
|
2021-02-23 19:49:37 +00:00
|
|
|
// T223654 - Same check as in SpecialAbuseLog. Both the visibility of the AbuseLog entry
|
|
|
|
// and the corresponding revision are checked.
|
|
|
|
$this->dieWithError( 'apierror-permissiondenied-generic', 'deletedabuselog' );
|
|
|
|
}
|
|
|
|
|
2024-03-22 13:40:06 +00:00
|
|
|
$vars = $this->afVariablesBlobStore->loadVarDump( $row );
|
2011-08-26 20:12:34 +00:00
|
|
|
}
|
2020-09-19 22:30:14 +00:00
|
|
|
if ( $vars === null ) {
|
2021-04-17 16:08:05 +00:00
|
|
|
// @codeCoverageIgnoreStart
|
2020-09-19 22:30:14 +00:00
|
|
|
throw new LogicException( 'Impossible.' );
|
2021-04-17 16:08:05 +00:00
|
|
|
// @codeCoverageIgnoreEnd
|
2020-09-19 22:30:14 +00:00
|
|
|
}
|
2011-08-26 20:12:34 +00:00
|
|
|
|
2021-09-01 11:53:38 +00:00
|
|
|
$ruleChecker = $this->ruleCheckerFactory->newRuleChecker( $vars );
|
2021-09-06 20:40:36 +00:00
|
|
|
if ( !$ruleChecker->checkSyntax( $params['filter'] )->isValid() ) {
|
2017-08-07 23:35:21 +00:00
|
|
|
$this->dieWithError( 'apierror-abusefilter-badsyntax', 'badsyntax' );
|
2011-08-26 20:12:34 +00:00
|
|
|
}
|
|
|
|
|
2017-06-15 14:23:16 +00:00
|
|
|
$result = [
|
2016-10-27 14:10:31 +00:00
|
|
|
ApiResult::META_BC_BOOLS => [ 'result' ],
|
2021-09-01 11:53:38 +00:00
|
|
|
'result' => $ruleChecker->checkConditions( $params['filter'] )->getResult(),
|
2017-06-15 14:23:16 +00:00
|
|
|
];
|
2015-05-18 14:30:02 +00:00
|
|
|
|
2011-08-26 20:12:34 +00:00
|
|
|
$this->getResult()->addValue(
|
|
|
|
null,
|
|
|
|
$this->getModuleName(),
|
2015-05-18 14:30:02 +00:00
|
|
|
$result
|
2011-08-26 20:12:34 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2018-04-04 21:14:25 +00:00
|
|
|
/**
|
2021-01-17 11:54:43 +00:00
|
|
|
* @codeCoverageIgnore Merely declarative
|
|
|
|
* @inheritDoc
|
2018-04-04 21:14:25 +00:00
|
|
|
*/
|
2011-08-26 20:12:34 +00:00
|
|
|
public function getAllowedParams() {
|
2017-06-15 14:23:16 +00:00
|
|
|
return [
|
|
|
|
'filter' => [
|
2022-04-03 23:23:52 +00:00
|
|
|
ParamValidator::PARAM_REQUIRED => true,
|
2017-06-15 14:23:16 +00:00
|
|
|
],
|
2011-08-26 20:12:34 +00:00
|
|
|
'vars' => null,
|
2017-06-15 14:23:16 +00:00
|
|
|
'rcid' => [
|
2022-04-03 23:23:52 +00:00
|
|
|
ParamValidator::PARAM_TYPE => 'integer'
|
2017-06-15 14:23:16 +00:00
|
|
|
],
|
|
|
|
'logid' => [
|
2022-04-03 23:23:52 +00:00
|
|
|
ParamValidator::PARAM_TYPE => 'integer'
|
2017-06-15 14:23:16 +00:00
|
|
|
],
|
|
|
|
];
|
2011-08-26 20:12:34 +00:00
|
|
|
}
|
|
|
|
|
2014-10-28 16:25:22 +00:00
|
|
|
/**
|
2021-01-17 11:54:43 +00:00
|
|
|
* @codeCoverageIgnore Merely declarative
|
|
|
|
* @inheritDoc
|
2014-10-28 16:25:22 +00:00
|
|
|
*/
|
|
|
|
protected function getExamplesMessages() {
|
2017-06-15 14:23:16 +00:00
|
|
|
return [
|
2014-10-28 16:25:22 +00:00
|
|
|
'action=abusefiltercheckmatch&filter=!("autoconfirmed"%20in%20user_groups)&rcid=15'
|
|
|
|
=> 'apihelp-abusefiltercheckmatch-example-1',
|
2017-06-15 14:23:16 +00:00
|
|
|
];
|
2011-08-26 20:12:34 +00:00
|
|
|
}
|
|
|
|
}
|