mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-11-24 06:03:49 +00:00
Bug 33380 - Details of actions caught by a private filter should be private
Author: Nikola Kovacs Hide private information from logs
This commit is contained in:
Mark A. Hershberger
parent
b63be7a6ea
commit
4e8be82722
Notes:
Raimond Spekking
2012-03-12 20:46:25 +00:00
|
|
@ -206,7 +206,17 @@ class AbuseFilter {
|
|||
}
|
||||
|
||||
public static function filterHidden( $filter ) {
|
||||
$dbr = wfGetDB( DB_SLAVE );
|
||||
$globalIndex = self::decodeGlobalName( $filter );
|
||||
if ( $globalIndex ) {
|
||||
global $wgAbuseFilterCentralDB;
|
||||
if ( !$wgAbuseFilterCentralDB ) {
|
||||
return false;
|
||||
}
|
||||
$dbr = wfGetDB( DB_SLAVE, array(), $wgAbuseFilterCentralDB );
|
||||
$filter = $globalIndex;
|
||||
} else {
|
||||
$dbr = wfGetDB( DB_SLAVE );
|
||||
}
|
||||
$hidden = $dbr->selectField(
|
||||
'abuse_filter',
|
||||
'af_hidden',
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ Filter description: $7 ($8)',
|
|||
'abusefilter-log-linkoncontribs-text' => 'Abuse log for this user',
|
||||
'abusefilter-log-hidden' => '(entry hidden)',
|
||||
'abusefilter-log-hide' => 'hide or unhide', // @todo FIXME: Message unused?
|
||||
'abusefilter-log-cannot-see-details' => 'You do not have permission to see details of any entries.',
|
||||
'abusefilter-log-cannot-see-details' => 'You do not have permission to see details of this entry.',
|
||||
'abusefilter-log-details-hidden' => 'You cannot view the details for this entry because it is hidden from public view.',
|
||||
|
||||
// Hiding log entries
|
||||
|
|
@ -581,7 +581,7 @@ $messages['qqq'] = array(
|
|||
'abusefilter-log-linkoncontribs-text' => 'Title for link added on [[Special:Contributions]] and other relevant special pages.',
|
||||
'abusefilter-log-hidden' => 'Text for a hidden log entry.',
|
||||
'abusefilter-log-hide' => 'This message may be unused.',
|
||||
'abusefilter-log-cannot-see-details' => 'Message show instead of the log row for users without permissions to see any details.',
|
||||
'abusefilter-log-cannot-see-details' => 'Message show instead of log row details for users without permissions to see them.',
|
||||
'abusefilter-log-details-hidden' => 'Message shown instead of log row details when those are hidden.',
|
||||
'abusefilter-log-hide-legend' => 'Legend for form to hide a log entry.',
|
||||
'abusefilter-log-hide-id' => 'Field label in form to hide a log entry.',
|
||||
|
|
|
|||
|
|
@ -22,9 +22,10 @@ abstract class AbuseFilterView extends ContextSource {
|
|||
abstract function show();
|
||||
|
||||
/**
|
||||
* @static
|
||||
* @return bool
|
||||
*/
|
||||
function canEdit() {
|
||||
static function canEdit() {
|
||||
global $wgUser;
|
||||
static $canEdit = null;
|
||||
|
||||
|
|
@ -36,14 +37,15 @@ abstract class AbuseFilterView extends ContextSource {
|
|||
}
|
||||
|
||||
/**
|
||||
* @static
|
||||
* @return bool
|
||||
*/
|
||||
function canViewPrivate() {
|
||||
static function canViewPrivate() {
|
||||
global $wgUser;
|
||||
static $canView = null;
|
||||
|
||||
if ( is_null( $canView ) ) {
|
||||
$canView = $this->canEdit() || $wgUser->isAllowed( 'abusefilter-view-private' );
|
||||
$canView = self::canEdit() || $wgUser->isAllowed( 'abusefilter-view-private' );
|
||||
}
|
||||
|
||||
return $canView;
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ class AbuseFilterViewExamine extends AbuseFilterView {
|
|||
self::$examineType = 'log';
|
||||
self::$examineId = $logid;
|
||||
|
||||
if ( !SpecialAbuseLog::canSeeDetails() ) {
|
||||
if ( !SpecialAbuseLog::canSeeDetails( $row->afl_filter ) ) {
|
||||
$this->getOutput()->addWikiMsg( 'abusefilter-log-cannot-see-details' );
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -225,11 +225,15 @@ class AbuseFilterPager extends TablePager {
|
|||
$lang->formatNum( $value )
|
||||
);
|
||||
// @todo FIXME: makeKnownLinkObj() is deprecated.
|
||||
$link = Linker::makeKnownLinkObj(
|
||||
SpecialPage::getTitleFor( 'AbuseLog' ),
|
||||
$count_display,
|
||||
'wpSearchFilter=' . $row->af_id
|
||||
);
|
||||
if ( SpecialAbuseLog::canSeeDetails( $row->af_id, $row->af_hidden ) ) {
|
||||
$link = Linker::makeKnownLinkObj(
|
||||
SpecialPage::getTitleFor( 'AbuseLog' ),
|
||||
$count_display,
|
||||
'wpSearchFilter=' . $row->af_id
|
||||
);
|
||||
} else {
|
||||
$link = "";
|
||||
}
|
||||
return $link;
|
||||
case 'af_timestamp':
|
||||
$userLink =
|
||||
|
|
|
|||
|
|
@ -199,7 +199,10 @@ class SpecialAbuseLog extends SpecialPage {
|
|||
}
|
||||
|
||||
if ( $this->mSearchFilter ) {
|
||||
$conds['afl_filter'] = $this->mSearchFilter;
|
||||
// if the filter is hidden, users who can't view private filters should not be able to find log entries generated by it
|
||||
if ( !AbuseFilter::filterHidden( $this->mSearchFilter ) || AbuseFilterView::canViewPrivate() ) {
|
||||
$conds['afl_filter'] = $this->mSearchFilter;
|
||||
}
|
||||
}
|
||||
|
||||
$searchTitle = Title::newFromText( $this->mSearchTitle );
|
||||
|
|
@ -222,10 +225,6 @@ class SpecialAbuseLog extends SpecialPage {
|
|||
|
||||
function showDetails( $id ) {
|
||||
$out = $this->getOutput();
|
||||
if ( !self::canSeeDetails() ) {
|
||||
$out->addWikiMsg( 'abusefilter-log-cannot-see-details' );
|
||||
return;
|
||||
}
|
||||
|
||||
$dbr = wfGetDB( DB_SLAVE );
|
||||
|
||||
|
|
@ -242,6 +241,17 @@ class SpecialAbuseLog extends SpecialPage {
|
|||
return;
|
||||
}
|
||||
|
||||
if ( AbuseFilter::decodeGlobalName( $row->afl_filter ) ) {
|
||||
$filter_hidden = null;
|
||||
} else {
|
||||
$filter_hidden = $row->af_hidden;
|
||||
}
|
||||
|
||||
if ( !self::canSeeDetails( $row->afl_filter, $filter_hidden ) ) {
|
||||
$out->addWikiMsg( 'abusefilter-log-cannot-see-details' );
|
||||
return;
|
||||
}
|
||||
|
||||
if ( $row->afl_deleted && !self::canSeeHidden() ) {
|
||||
$out->addWikiMsg( 'abusefilter-log-details-hidden' );
|
||||
return;
|
||||
|
|
@ -325,8 +335,18 @@ class SpecialAbuseLog extends SpecialPage {
|
|||
/**
|
||||
* @return bool
|
||||
*/
|
||||
static function canSeeDetails() {
|
||||
static function canSeeDetails( $filter_id = null, $filter_hidden = null ) {
|
||||
global $wgUser;
|
||||
|
||||
if ( $filter_id !== null ) {
|
||||
if ( $filter_hidden === null ) {
|
||||
$filter_hidden = AbuseFilter::filterHidden( $filter_id );
|
||||
}
|
||||
if ( $filter_hidden ) {
|
||||
return $wgUser->isAllowed( 'abusefilter-log-detail' ) && AbuseFilterView::canViewPrivate();
|
||||
}
|
||||
}
|
||||
|
||||
return $wgUser->isAllowed( 'abusefilter-log-detail' );
|
||||
}
|
||||
|
||||
|
|
@ -392,11 +412,13 @@ class SpecialAbuseLog extends SpecialPage {
|
|||
// Pull global filter description
|
||||
$parsed_comments =
|
||||
$wgOut->parseInline( AbuseFilter::getGlobalFilterDescription( $globalIndex ) );
|
||||
$filter_hidden = null;
|
||||
} else {
|
||||
$parsed_comments = $wgOut->parseInline( $row->af_public_comments );
|
||||
$filter_hidden = $row->af_hidden;
|
||||
}
|
||||
|
||||
if ( self::canSeeDetails() ) {
|
||||
if ( self::canSeeDetails( $row->afl_filter, $filter_hidden ) ) {
|
||||
$examineTitle = SpecialPage::getTitleFor( 'AbuseFilter', 'examine/log/' . $row->afl_id );
|
||||
$detailsLink = $sk->makeKnownLinkObj(
|
||||
$this->getTitle($row->afl_id),
|
||||
|
|
|
|||
Loading…
Reference in a new issue