Commit graph

63 commits

Author SHA1 Message Date
Daimona Eaytoy e60dacbbea Fix code comments
Fixed some comments adding explanations, fixing syntax, and parameter types
for docblocks. Also fixed some whitespace mess, and added a missing use
statement.

Change-Id: I3547c90bdaa2cab5443e8bf0c63b217fe6ba663f
2018-10-03 16:45:03 +02:00
jenkins-bot a0a4755c59 Merge "Remove unused method from parser" 2018-09-09 12:32:56 +00:00
jenkins-bot 121df619da Merge "Improve coverage for AbuseFilterTokenizer" 2018-09-09 12:30:49 +00:00
Daimona Eaytoy bffba28713 Add full tests for deprecated variables
This test checks every deprecated variable to be identical to the
newly-named one, and to emit a debug notice. It also changes such debug
to be emitted via logger instead of wfDebug.

Bug: T201193
Bug: T173889
Change-Id: Ie55746bb7731062ae2d46d84857af2a05d78cf4c
2018-08-29 11:00:28 +02:00
Daimona Eaytoy 775c736512 Improve coverage for AbuseFilterTokenizer
This will make tokenizer almost fully covered. The only uncovered parts
are the one with cache and an else condition which I think won't ever be
executed, and thus added a comment for that. Also, remove an obsolete
xxx comment from ComputedVariable (fixed in
I8e420f0259ef6c9e579f7a00beb58f28af9da37d)

Bug: T201193
Change-Id: I6e9a73aa9e437f096f6a1e20d53a7cb50e5ed85d
2018-08-25 10:25:16 +02:00
Daimona Eaytoy a8b62dc828 Remove unused method from parser
AbuseFilterParser::setVarsimply calls the setVar method in
VariableHolder and is currently unused. Its only call was removed in
I80cbc4033ff96f2fe8c1da263b1877bfb4c7c0c4. After this patch we'll only
have an uncovered line in the parser, which is likely due to a bug in
the coverage check.

Change-Id: Ic860b03b2d23fec073a9294e356e074ae1b14ae5
2018-08-24 12:30:47 +02:00
Daimona Eaytoy 03b52c2b37 Remove unused function and improve unit test
AbuseFilterParser::setVars is only used in a parser test. In the past it
was also used in the actual code (see for instance
https://phabricator.wikimedia.org/diffusion/EABF/browse/master/;5cc8dac63ca585c288ca4c8605db810774e39666?grep=setVars), but at the moment it's pretty unuseful.
This patch removes such function and makes the unit test use literals
instead of variables to avoid calling it.

Change-Id: I80cbc4033ff96f2fe8c1da263b1877bfb4c7c0c4
2018-08-23 11:00:16 +02:00
jenkins-bot a762c82fe7 Merge "Add aliases for "_text" and "article_" variables" 2018-08-22 12:44:20 +00:00
Daimona Eaytoy 6bc630cfef Add aliases for "_text" and "article_" variables
Variables regarding title (full list in task description) are quite
deceiving, since they use "text" instead of "title". As proposed in the
task, this is the first patch to add aliases for those variables and
slightly deprecate the old ones. In the future we may be able to replace
every occurrence (either with a search function or directly on the
database), but even a coexistence would be enough to avoid
confusion. A wfDebug log is generated whenever a deprecated variable is
parsed. The "article_" prefix is also changed to "title_", in the same
way as above.
Also, added a hook which other extension may use to specify their
deprecated variables, which will be handled the same as core ones.

Bug: T173889
Change-Id: I5c370b54e6516889624088e27928ad3a1f48a821
2018-08-21 16:59:56 +02:00
Daimona Eaytoy 4f3b020f5d Improve code coverage for AbuseFilterParser
Add some tests and improve others to raise coverage percentage. This
should lead to almost 100% for the AbuseFilterParser class. Aside from
this, a couple of changes:
* Remove an unused function
* Let equals_to_any return a genuine result with empty strings
* Remove an if which will never be true in skipOverBraces, since the
function is called after checking the same conditions.

Bug: T201193
Change-Id: I7020b2ed996236c38c5784d161ad98ec44163406
2018-08-20 14:38:40 +02:00
jenkins-bot f587230fea Merge "Use noparams exception and correctly count function parameters" 2018-08-02 08:16:12 +00:00
Kunal Mehta 404e098c3b Fix MediaWiki.Usage.InArrayUsage.Found issues
Change-Id: I1898d95d92cda279c1b9c8a452fb7d054ff263bf
2018-07-29 15:19:09 -07:00
Daimona Eaytoy cea1b0aec3 Compact some other comments
Remove unnecessary ones, make clear what the cryptic ones mean, and
inline them when possible.

Change-Id: I384859871a66ced8cb0d81260c06c5a5b278866f
2018-07-17 17:17:44 +02:00
Daimona Eaytoy 32718888c0 Use noparams exception and correctly count function parameters
For the counting part I used this a relatively simple approach. It might
not be the best one, but should work without changing too much code. As
for the exception, I added it to every function which takes a single
parameter. Plus a couple of minor fixes: removed an unused function and
replaced "__METHOD__" with function names.

Bug: T198300
Change-Id: I484fe2994292970276150d2e417801453339e540
2018-07-15 15:32:26 +00:00
Daimona Eaytoy 7a64280893 Add phpunit tests for all exception thrown in the parser
All uses of "throw" inside AbuseFilterParser are now covered.
Bonus: added a standard suppresswarning when checking regex validity.

Change-Id: Iacb8f7a361079e3e117dc6845597c7bd8473e54a
2018-07-01 18:31:11 +02:00
Daimona Eaytoy 7104c40518 Copy levels documentation on AbuseFilterParser
doLevel- functions are currently documented in AFPToken. This patch
copies such comments on docblocks in AbuseFilterParser, the place where
this docs can really be helpful.

Change-Id: I4e47e760a56800faa9b0a1146e0d79f8955dca9a
2018-06-30 20:35:49 +02:00
Daimona Eaytoy ce83417068 Make disabled variables not overridable
Disabled vars can currently be overwritten by assigning them custom
values (e.g. old_text := 'foo'). However, this shouldn't be allowed to
avoid confusion.

Change-Id: I49136bf19371aee1e8068a9ae621310e1ab97c86
2018-06-28 22:40:09 +02:00
Daimona Eaytoy 79ec4ebf8b Stop computing removed variables and show custom error message
Old_text and old_html were disabled a long time ago. With this patch,
the user will get a custom error message if trying to use them (instead
of the unrecognisedvar one), plus they'll stop appearing in /examine and
/details, unless they were computed for the examined edit (and in that case, their description message is now restored). Lastly, added a precisation to their messages.

Bug: T190698
Change-Id: Ife168522e6b1d8eb94ebbb8a16ae8831ec1dc497
2018-06-26 20:02:31 +02:00
Daimona Eaytoy c75bc35f7d Rename lists to arrays
Arrays were introduced with the name "lists". While it **may** look
user-friendlier and so on, it actually uses a wrong name: lists are
different from arrays. I ran a grep and I should've replaced
every occurrence, plus everything seems to work, however a double check
wouldn't be bad.

Change-Id: I6a858f02f5dd9250ba7e1abf9c6422fd98758c9e
2018-06-26 14:42:23 +02:00
jenkins-bot c34eda8936 Merge "Introduce sanitize() function" 2018-06-24 13:53:46 +00:00
jenkins-bot a4a6511972 Merge "Don't allow invalid IP ranges to be entered in ip_in_range()" 2018-06-10 00:33:27 +00:00
Max Semenik 5c8a8da1f2 Fix some Doxygen problems
Change-Id: I04ce5564ec73e45a6d94c51be94bd1423a86780a
2018-06-08 13:02:40 -07:00
jenkins-bot 617e045483 Merge "Get rid of call_user_func_array()" 2018-06-08 19:32:31 +00:00
Thiemo Kreuz 9a185042b8 Update \AbuseFilter::checkSyntax documentation
Change-Id: I5c5caefab8d46773a459809d956a91fda7471863
2018-06-08 19:18:39 +00:00
Max Semenik 4c312a2693 Get rid of call_user_func_array()
Yay PHP7!

Change-Id: I2ec13d1a51981c6922949bed0c7dd2525c48f591
2018-06-07 23:01:27 -07:00
Huji Lee 2792fce41e Introduce sanitize() function
Normalizes HTML entities into unicode characters

Bug: T169122
Change-Id: Ic916a6f8976e486d62d65156fa2dab56a55cf22a
2018-06-03 16:37:23 -04:00
Max Semenik 94f3bc67ca Use PHP7 ?? operator
Change-Id: I757b832ac86f52d8b70ffc42fdb60796ab81e7fe
2018-05-31 11:53:03 -07:00
libraryupgrader 99c212226d build: Updating mediawiki/mediawiki-codesniffer to 20.0.0
Change-Id: Ib1d0dfa76babc01c30f4e905e8f6fb80e1e9a0bc
2018-05-25 23:31:49 +00:00
Daimona Eaytoy 5916910e25 Prevent the user from overriding blacklisted variables
Like we do for built-in values. If a blacklisted variable is overridden,
it still works, but there's no reason to allow it.

Bug: T191715
Change-Id: Ia4d42ec56dc4805454b96c52c2eace1924f6536c
2018-05-04 19:33:12 +02:00
Daimona Eaytoy caa4b1c763 Add phan configuration
This is taken from I6a57a28f22600aafb2e529587ecce6083e9f7da4 and makes
all the needed changes to make phan pass. Seccheck will instead fail,
but since it's not clear how to fix it (and it is non-voting), for the
moment we may merge this and enable phan on IC.

Bug: T192325
Change-Id: I77648b6f8e146114fd43bb0f4dfccdb36b7ac1ac
2018-04-30 08:32:58 +00:00
jenkins-bot 6aa6b8fc13 Merge "Add the remaining equality checks" 2018-04-26 13:25:56 +00:00
Daimona Eaytoy 71f375f19a Add equals_to_any function
Introduce a new function which can be used to group multiple comparisons
in a single condition. In particular, equals_to_any(S, A, B) is the
equivalent of S === A || S === B. This is especially useful in checking
for multiple namespaces, as proposed in the Community health initiative.

Change-Id: I9dcfe303eb5e51e1882fe4a65fa876aa93db7686
2018-04-25 23:12:19 +00:00
Daimona Eaytoy 24c8d7d54e Add the remaining equality checks
I left as ToDo the checks between an array and something else. With this
patch, it'll work like PHP: the result will be true iff the comparison
is loose, the array is empty and the other operand is either false or
null.

Change-Id: Idc5cadb697ed4fc7f4856967274169f77495ed9f
2018-04-25 10:16:50 +02:00
Daimona Eaytoy 3c3a521fec Fix coding conventions exclusion rules
This should fix every error with excluded rules, leaving only the one
for $wgTitle. A double check would be nice in order to avoid regressions
due to stupid mistakes.

Bug: T178007
Change-Id: I22c179f3a01d652640304b59e43fcb5b5a9abac3
2018-04-20 08:40:18 +00:00
jenkins-bot 0c47bb5574 Merge "Fix parameter order for AbuseFilterParser::contains" 2018-04-16 23:32:50 +00:00
Glaisher 7fade990d2 Don't allow invalid IP ranges to be entered in ip_in_range()
IP::isInRange() can return true for invalid IPs so this can
cause false positives. Instead of letting this happen, don't
allow it in the first place.

See also Ibfe55c2ebac0fccfa8329436

Bug: T124117
Change-Id: Id10552e117ce2b231504e41627b44f8cfb0d4329
2018-04-13 10:59:08 +02:00
jenkins-bot c10f61f623 Merge "Properly detect unclosed comments" 2018-04-11 00:02:35 +00:00
Daimona Eaytoy 73ec0d7896 Properly detect unclosed comments
Right now we don't have a specific exception for that, plus we don't
really check if they're closed. In fact, we use the result of strpos
without checking if it evaluates to false; if so, in some particular
cases like the one reported on phab, the while loop will never end.

Bug: T134124
Change-Id: I3b6000f197502a4832a53465b6617b4217080739
2018-04-10 19:26:02 +02:00
Daimona Eaytoy aeeac22490 Fix parameter order for AbuseFilterParser::contains
Move optional parameters after required ones.

Change-Id: Ice243bc5c793ffe6323931e45f36939d4b428b30
2018-04-10 13:28:34 +02:00
Daimona Eaytoy 3e9a2dfd33 Properly use integers in exponentiation
Right now they're always float.

Bug: T191688
Depends-On: I398c9a972b7e9fcb27d055d23939be2b8bb68244
Change-Id: I0bb1ed0109af66997e238b532d342d82d4c4ae19
2018-04-09 16:17:54 +02:00
Daimona Eaytoy 2dda2e381c Convert division/multiplication/modulo results after calculation
So that type and value will be identical to PHP's ones.

Bug: T191688
Depends-On: I1140900cdda63eed292d9f20aefd721ef9247fcd
Change-Id: I398c9a972b7e9fcb27d055d23939be2b8bb68244
2018-04-09 16:16:04 +02:00
Daimona Eaytoy be076eb97e Use integers in addition and subtractions
Right now they're always returned as float values, even stuff like 1+1.
With these patch the results will have the same type as they would with
pure PHP calculation. Added a method to convert numbers to int/float
depending on their type.

Bug: T191688
Change-Id: I1140900cdda63eed292d9f20aefd721ef9247fcd
2018-04-09 16:11:16 +02:00
Daimona Eaytoy 284ab234fd Allow comparing two lists
This feature was never implemented. I'm not sure whether we need a way to compare array and other types of variables (left as ToDo), since e.g. in PHP it's always false.

Bug: T179238
Change-Id: I5d2c33fd117e69cbc84c0b04b6cb82edbdcadf16
2018-04-06 11:44:28 +00:00
Umherirrender 0aafdb9b2f Fix typo in class name AFPData
Change-Id: I32987ebc6b9fefab41b1bbc419140805502c6b7b
2018-04-06 10:45:15 +02:00
Jayprakash12345 4f176dad83 Up at-ease calls in extensions
Bug: T187037
Change-Id: I4efbbbd1929baeb0410d820eb2a91c3d3c027e9c
2018-02-12 10:31:55 +00:00
Daimona Eaytoy a0de056299 Add contains_all and ccnorm_contains_all functions
Added the contains_all function, with basically the same role as
contains_any but using logic AND instead of OR. Also added
ccnorm_contains_all, that is the same of ccnorm_contains_any but with
AND mode. Finally, fixed three wrong task IDs.
Co-authored with Valerio Bozzolan.

Bug: T21176
Change-Id: Ib0a8b783db6ce0d5db64771c8e0c70f0f8d13d36
2018-02-09 17:33:24 +01:00
Daimona Eaytoy 4e20c933f4 Add get_matches function
Added the get_matches function to store a regex match.

Bug: T179957
Change-Id: I19366ebcaa4d0f007dd675a61c91457dde57f604
2017-11-13 17:32:45 +01:00
jenkins-bot b7b04cb830 Merge "Avoid Call Stack warning when there is an error in the regex pattern" 2017-11-03 20:01:30 +00:00
Max Semenik 32598c18bb Drop FastStringSearch support
This PHP extension doesn't have any speed benefits over our minimum
required PHP and so isn't used in WMF production anymore.

Change-Id: I4883643908f765eee5db6b3ca88eed179264e93f
2017-10-26 00:51:07 +00:00
David Barratt 5335b6c811 Use Equivset library intead of AntiSpoof
Use the new equivset library instead of AntiSpoof.

Bug: T175413
Change-Id: I439387deeba99543e194c210953ac73ff98bc5b7
Depends-On: I977d3498b2084a426e2ab4d85c000d1b9dcfe824
2017-10-21 21:55:18 -07:00