wikimedia/mediawiki-extensions-AbuseFilter
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git synced 2024-11-28 07:50:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
mediawiki-extensions-AbuseF.../includes/AbuseFilterPermissionManager.php
Daimona Eaytoy e0b187a546 Divide AbuseFilterPermissionManager::canSeeLogDetails 
This commit splits this method into a version that doesn't need a
filter, and another version which requires one. This latter version has
a single mandatory parameter, $filterHidden, and it's up to the callers
to retrieve the value to pass in.

As mentioned in a TODO, this should eventually be changed to take a
Filter object (still under review as
I5f33227887c035e301313bbe24d1c1fefb75bc6a), which is also why
AbuseFilter::filterHidden is not being used here.

Change-Id: Id47a80131e12a5f7e1e93676299641dbf1e2b0ad
2020-10-27 19:51:01 +00:00

154 lines
3.8 KiB
PHP
Raw Blame History

<?php
namespace MediaWiki\Extension\AbuseFilter;
use MediaWiki\Permissions\PermissionManager;
use MediaWiki\User\UserIdentity;
use stdClass;
use User;
/**
* This class acts as a mediator between the AbuseFilter code and the PermissionManager, knowing
* what rights are required to perform AF-related actions.
*/
class AbuseFilterPermissionManager {
public const SERVICE_NAME = 'AbuseFilterPermissionManager';
/** @var PermissionManager */
private $permissionManager;
/**
* @param PermissionManager $pm
*/
public function __construct( PermissionManager $pm ) {
$this->permissionManager = $pm;
}
/**
* @param User $user
* @return bool
*/
public function canEdit( User $user ) : bool {
$block = $user->getBlock();
return (
!( $block && $block->isSitewide() ) &&
$this->permissionManager->userHasRight( $user, 'abusefilter-modify' )
);
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canEditGlobal( UserIdentity $user ) : bool {
return $this->permissionManager->userHasRight( $user, 'abusefilter-modify-global' );
}
/**
* Whether the user can edit the given filter.
*
* @param User $user
* @param stdClass $row Filter row
* @return bool
*/
public function canEditFilter( User $user, stdClass $row ) : bool {
return (
$this->canEdit( $user ) &&
!( isset( $row->af_global ) && $row->af_global && !$this->canEditGlobal( $user ) )
);
}
/**
* Whether the user can edit a filter with restricted actions enabled.
*
* @param UserIdentity $user
* @return bool
*/
public function canEditFilterWithRestrictedActions( UserIdentity $user ) : bool {
return $this->permissionManager->userHasRight( $user, 'abusefilter-modify-restricted' );
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canViewPrivateFilters( UserIdentity $user ) : bool {
return $this->permissionManager->userHasAnyRight(
$user,
'abusefilter-modify',
'abusefilter-view-private'
);
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canViewPrivateFiltersLogs( UserIdentity $user ) : bool {
return $this->canViewPrivateFilters( $user ) ||
$this->permissionManager->userHasRight( $user, 'abusefilter-log-private' );
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canViewAbuseLog( UserIdentity $user ) : bool {
return $this->permissionManager->userHasRight( $user, 'abusefilter-log' );
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canHideAbuseLog( UserIdentity $user ) : bool {
return $this->permissionManager->userHasRight( $user, 'abusefilter-hide-log' );
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canRevertFilterActions( UserIdentity $user ) : bool {
return $this->permissionManager->userHasRight( $user, 'abusefilter-revert' );
}
/**
* @param UserIdentity $user
* @param bool|int $filterHidden Whether the filter is hidden
* @todo Take a Filter parameter
* @return bool
*/
public function canSeeLogDetailsForFilter( UserIdentity $user, $filterHidden ) : bool {
if ( $filterHidden ) {
return $this->canSeeLogDetails( $user ) && $this->canViewPrivateFiltersLogs( $user );
}
return $this->canSeeLogDetails( $user );
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canSeeLogDetails( UserIdentity $user ) : bool {
return $this->permissionManager->userHasRight( $user, 'abusefilter-log-detail' );
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canSeePrivateDetails( UserIdentity $user ) : bool {
return $this->permissionManager->userHasRight( $user, 'abusefilter-privatedetails' );
}
/**
* @param UserIdentity $user
* @return bool
*/
public function canSeeHiddenLogEntries( UserIdentity $user ) : bool {
return $this->permissionManager->userHasRight( $user, 'abusefilter-hidden-log' );
}
}
Reference in a new issue View git blame Copy permalink