mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-11-27 23:40:19 +00:00
a722dfe1a4
The old parser now has the correct name "Evaluator", so the ParserFactory name was outdated. Additionally, the plan is to create a new RuleChecker class, acting as a facade for the different parsing-related stages (lexer, parser, evaluator, etc.), which is what most if not all callers should use. The RuleCheckerFactory still returns a FilterEvaluator for now. Also, "Parser" is a specific term defining *how* things happen internally, whereas "RuleChecker" describes *what* callers should expect from the new class. Change-Id: I25b47a162d933c1e385175aae715ca38872b1442
176 lines
4.9 KiB
PHP
176 lines
4.9 KiB
PHP
<?php
|
|
|
|
namespace MediaWiki\Extension\AbuseFilter\Api;
|
|
|
|
use ApiBase;
|
|
use ApiMain;
|
|
use ApiResult;
|
|
use FormatJson;
|
|
use LogEventsList;
|
|
use LogicException;
|
|
use LogPage;
|
|
use MediaWiki\Extension\AbuseFilter\AbuseFilterPermissionManager;
|
|
use MediaWiki\Extension\AbuseFilter\Parser\RuleCheckerFactory;
|
|
use MediaWiki\Extension\AbuseFilter\Special\SpecialAbuseLog;
|
|
use MediaWiki\Extension\AbuseFilter\VariableGenerator\VariableGeneratorFactory;
|
|
use MediaWiki\Extension\AbuseFilter\Variables\VariableHolder;
|
|
use MediaWiki\Extension\AbuseFilter\Variables\VariablesBlobStore;
|
|
use MediaWiki\Revision\RevisionRecord;
|
|
use RecentChange;
|
|
|
|
class CheckMatch extends ApiBase {
|
|
|
|
/** @var RuleCheckerFactory */
|
|
private $ruleCheckerFactory;
|
|
|
|
/** @var AbuseFilterPermissionManager */
|
|
private $afPermManager;
|
|
|
|
/** @var VariablesBlobStore */
|
|
private $afVariablesBlobStore;
|
|
|
|
/** @var VariableGeneratorFactory */
|
|
private $afVariableGeneratorFactory;
|
|
|
|
/**
|
|
* @param ApiMain $main
|
|
* @param string $action
|
|
* @param RuleCheckerFactory $ruleCheckerFactory
|
|
* @param AbuseFilterPermissionManager $afPermManager
|
|
* @param VariablesBlobStore $afVariablesBlobStore
|
|
* @param VariableGeneratorFactory $afVariableGeneratorFactory
|
|
*/
|
|
public function __construct(
|
|
ApiMain $main,
|
|
$action,
|
|
RuleCheckerFactory $ruleCheckerFactory,
|
|
AbuseFilterPermissionManager $afPermManager,
|
|
VariablesBlobStore $afVariablesBlobStore,
|
|
VariableGeneratorFactory $afVariableGeneratorFactory
|
|
) {
|
|
parent::__construct( $main, $action );
|
|
$this->ruleCheckerFactory = $ruleCheckerFactory;
|
|
$this->afPermManager = $afPermManager;
|
|
$this->afVariablesBlobStore = $afVariablesBlobStore;
|
|
$this->afVariableGeneratorFactory = $afVariableGeneratorFactory;
|
|
}
|
|
|
|
/**
|
|
* @inheritDoc
|
|
*/
|
|
public function execute() {
|
|
$user = $this->getUser();
|
|
$params = $this->extractRequestParams();
|
|
$this->requireOnlyOneParameter( $params, 'vars', 'rcid', 'logid' );
|
|
|
|
// "Anti-DoS"
|
|
if ( !$this->afPermManager->canUseTestTools( $this->getUser() ) ) {
|
|
$this->dieWithError( 'apierror-abusefilter-canttest', 'permissiondenied' );
|
|
}
|
|
|
|
$vars = null;
|
|
if ( $params['vars'] ) {
|
|
$pairs = FormatJson::decode( $params['vars'], true );
|
|
$vars = VariableHolder::newFromArray( $pairs );
|
|
} elseif ( $params['rcid'] ) {
|
|
$rc = RecentChange::newFromId( $params['rcid'] );
|
|
|
|
if ( !$rc ) {
|
|
$this->dieWithError( [ 'apierror-nosuchrcid', $params['rcid'] ] );
|
|
}
|
|
|
|
$type = (int)$rc->getAttribute( 'rc_type' );
|
|
$deletedValue = $rc->getAttribute( 'rc_deleted' );
|
|
if (
|
|
(
|
|
$type === RC_LOG &&
|
|
!LogEventsList::userCanBitfield(
|
|
$deletedValue,
|
|
LogPage::SUPPRESSED_ACTION | LogPage::SUPPRESSED_USER,
|
|
$user
|
|
)
|
|
) || (
|
|
$type !== RC_LOG &&
|
|
!RevisionRecord::userCanBitfield( $deletedValue, RevisionRecord::SUPPRESSED_ALL, $user )
|
|
)
|
|
) {
|
|
// T223654 - Same check as in AbuseFilterChangesList
|
|
$this->dieWithError( 'apierror-permissiondenied-generic', 'deletedrc' );
|
|
}
|
|
|
|
$varGenerator = $this->afVariableGeneratorFactory->newRCGenerator( $rc, $user );
|
|
$vars = $varGenerator->getVars();
|
|
} elseif ( $params['logid'] ) {
|
|
$row = $this->getDB()->selectRow(
|
|
'abuse_filter_log',
|
|
'*',
|
|
[ 'afl_id' => $params['logid'] ],
|
|
__METHOD__
|
|
);
|
|
|
|
if ( !$row ) {
|
|
$this->dieWithError( [ 'apierror-abusefilter-nosuchlogid', $params['logid'] ], 'nosuchlogid' );
|
|
}
|
|
|
|
if ( !$this->afPermManager->canSeeHiddenLogEntries( $user ) && SpecialAbuseLog::isHidden( $row ) ) {
|
|
// T223654 - Same check as in SpecialAbuseLog. Both the visibility of the AbuseLog entry
|
|
// and the corresponding revision are checked.
|
|
$this->dieWithError( 'apierror-permissiondenied-generic', 'deletedabuselog' );
|
|
}
|
|
|
|
$vars = $this->afVariablesBlobStore->loadVarDump( $row->afl_var_dump );
|
|
}
|
|
if ( $vars === null ) {
|
|
// @codeCoverageIgnoreStart
|
|
throw new LogicException( 'Impossible.' );
|
|
// @codeCoverageIgnoreEnd
|
|
}
|
|
|
|
$ruleChecker = $this->ruleCheckerFactory->newRuleChecker( $vars );
|
|
if ( !$ruleChecker->checkSyntax( $params['filter'] )->getResult() ) {
|
|
$this->dieWithError( 'apierror-abusefilter-badsyntax', 'badsyntax' );
|
|
}
|
|
|
|
$result = [
|
|
ApiResult::META_BC_BOOLS => [ 'result' ],
|
|
'result' => $ruleChecker->checkConditions( $params['filter'] )->getResult(),
|
|
];
|
|
|
|
$this->getResult()->addValue(
|
|
null,
|
|
$this->getModuleName(),
|
|
$result
|
|
);
|
|
}
|
|
|
|
/**
|
|
* @codeCoverageIgnore Merely declarative
|
|
* @inheritDoc
|
|
*/
|
|
public function getAllowedParams() {
|
|
return [
|
|
'filter' => [
|
|
ApiBase::PARAM_REQUIRED => true,
|
|
],
|
|
'vars' => null,
|
|
'rcid' => [
|
|
ApiBase::PARAM_TYPE => 'integer'
|
|
],
|
|
'logid' => [
|
|
ApiBase::PARAM_TYPE => 'integer'
|
|
],
|
|
];
|
|
}
|
|
|
|
/**
|
|
* @codeCoverageIgnore Merely declarative
|
|
* @inheritDoc
|
|
*/
|
|
protected function getExamplesMessages() {
|
|
return [
|
|
'action=abusefiltercheckmatch&filter=!("autoconfirmed"%20in%20user_groups)&rcid=15'
|
|
=> 'apihelp-abusefiltercheckmatch-example-1',
|
|
];
|
|
}
|
|
}
|