Since the correct transformation method is unclear, change them to plain message keys.
Bug: T211876
Change-Id: I055c089574e7dcf5d634da402290a2ad024126f9
Several links that link to mediawiki.org still use
"http" protocol which isn't a safe protocol. This commit
changes http links that link to mediawiki.org to use
"https" protocol instead.
Bug: T189687
Change-Id: Ie8a8fca4148181c9d1fe4379993aae3aaacf5ed9
Specify which notification types allow notifying the event agent in
$wgEchoNotifications, and stop specifying it in the event_extra data.
Putting 'notifyAgent' => true in event_extra will still work, but is
discouraged.
Change-Id: I4f558654ec23757dd4ecd6986eb3e9a5593f5386
For the algorithms in question this does not make any difference. Excess
elements are thrown away anyway. This is for performance.
Change-Id: I645e389b3f993bc8015fd729b9302aa25471f833
If all the code needs to know is if an array is empty or not, using
count() creates more confusion than anything.
Change-Id: I253308505fe5af5b5c56d85169789271967298ba
Note that the array of matches returned by preg_match changes when
PREG_OFFSET_CAPTURE is set. That's why the additional [0] (for the
match) and [1] (for the offset) are needed.
Bug: T203930
Change-Id: I89f9ea3bef49fe9128fd42805695982f012ecba9
Some Echo events include 'revid' in their extra info.
It can be used to check if a revision is minor in order
to respect the 'enotifminoredits' preference.
This patch ensures that it is not trying to call a function on
a null revision reference and it logs to debug to help
troubleshooting.
Also encapsulate the "is minor" check to a private function
to (hopefully) make the relationship with the preference
more clear.
Bug: T204795
Change-Id: I28a4c54f610dccc1356f6af0de9c2623d7bf94f0
See, this last part of the compiled regular expression is wrapped in
an (…)*, which means it is entirely optional. It does not make any
difference if this part is found or not. The compiled regular
expression matches with or without any of these "line ending"
fragments being present.
I can not really figure out what the intention of this was. A line
ending anchor ($) is not missing – I'm pretty sure about this.
Otherwise it could not detect signatures that are wrapped in more
than a single HTML tag, for example.
Instead of fixing it I decided to remove it. The tests should show
this code was not needed.
The motivation for this patch is to improve performance. This part of
the regular expression is quite heavy and can cause a lot of
backtracking for literally zero benefit.
Bug: T203930
Bug: T204291
Change-Id: Ia5323b401b947edeb7094d7eec131ba6c80edf70
\h matches only horizontal whitespace, but no newlines. This is what
we want in all these cases, because nothing of this (headlines,
signatures, timestamps) is even allowed to span multiple lines in
wikitext. The tests should show this still succeeds.
The idea is to make these regular expressions more strict so they
don't run in so much expensive backtracking.
Bug: T203930
Bug: T204291
Change-Id: I805f8cb082edcd26713ef41d3ae5b61194c131e5
In double quoted strings PHP tries to understand all kinds of escape
sequences, but \A is not one of them. Such sequences are left untouched,
including the backslash.
In single quoted strings, there are no escape sequences. All are left
untouched, which is what we want in case of a regular expression.
TL;DR: The resulting string is the same in both cases. I'm touching this
because my IDE shows a warning about the unknown \A escape sequence.
It must be either turned into "\\A" or '\A'.
Change-Id: Ie1e84c67c344faf77bc86a0b28dc82d31c3a7dbe
false ?? null evaluates to false, so for non-write modules we were
passing false as the token type instead of null, which breaks.
Bug: T204758
Change-Id: Ief25150ce8f4b4b64a224f97f3fd528883b2f326
Disable some errors related to different members of an array
having different taints, and phan-taint-check conflating them.
Bug: T202383
Change-Id: Ic6c2c5bb7c6092d581e646358d836f55d5cf3222
Add a markasreadwiki parameter, and use cross-wiki API proxying to mark
the specified notification(s) as read on the originating wiki.
This allows notifications to be marked as read when the primary link is
followed, even if the primary link points to a different wiki.
Bug: T179765
Change-Id: Id7e1e11997173e1578e33cd189dc0f93a5e4ba63
Add support for POST requests and tokens to EchoForeignRequest
and ApiCrossWiki, and add the ApiCrossWiki trait to ApiEchoMarkRead.
Change-Id: Idadaacd0d0c4a957bf2499049fc105a60c73bc52
That way we'll be able to mix it into non-query modules as well.
Unfortunately, PHP traits don't let overridden methods call their
original versions, which had to be worked around in a few places:
- $this->foreignNotifications can't be initialized in the constructor
any more, so it's now lazy-created through $this->getForeignNotifications()
- Adding the 'wikis' parameter to getAllowedParams() now happens by
calling getCrossWikiParams() rather than calling the parent
- Overriding getForeignQueryParams() can't call the parent anymore, so
instead we just inline it
Change-Id: I415e6d921819fc1f7869c7d2f8bb62830a84c2a1
This is what MediaWiki itself does. It's not great, and isn't any more
translatable than a config setting, but consistency isn't valueless. In
future, with T202326 we may wish to vary this, but for now this is
simpler.
Change-Id: I76fca8ee255c65ab9b7e988d44de0d0fbd3c84b7
Instead just use the system message `emailsender` like we do for all other
e-mails, which is thus translatable.
Change-Id: I7e58a3a4e224d551c6fae4a76fcba19fe838d3e9
These were broken because e8632ab0f6 in MW core stopped passing a
triggering user to LinksUpdate.
This commit takes the user from the Revision object instead. In weird
cases that might be different from what LinksUpdate says, but
page-linked notifications don't use the agent in their rendering anyway.
Also remove the code that refused to route events to a page creator if
they didn't have an agent. It's perfectly legitimate for events not to
have an agent, that shouldn't preclude them from using non-agent-related
locators.
Bug: T200119
Change-Id: Ia31131b1d1b2640d962ab7f3e573599c43ae50d4
Followup I85452d0f0afe974d26a575e000f6ae2ceeddf06c
* initialize "$success = true" before using it in
a loop to keep track of the overall success of
all batches.
* Add check for readOnly db in markUnRead() and
markAllRead(), like it was done in markRead()
Bug: T202672
Change-Id: Ifdfa93059268d5b02ba3e0e885661ce593845791
php7 gives:
count(): Parameter must be an array or an object that implements
Countable
null or [] are both evaluate to false, so just remove the count
Change-Id: Id92dbd48f308d1e9dffa086699e0e944744aeeaa
This makes clear which escaping should be used.
In all cases it needs Message::text, because there are used inside
Html::element. There is no visual different.
Change-Id: I17474a7d5f057321e8c759d4bf94c8234c7a89c7
Instead just use $wgPasswordSender explicitly. This also allows us to drop the
extension registration callback function, which is a performance improvement.
Bug: T200390
Change-Id: I08d2f040c5ad8feb395a2e8e176f91636efe1d3d
* Reduce responsibility of resolve() methods to only supplying
the resolves values.
Moved logic for populating the cache and clearing the queue
to the base class, and made 'lookups' private.
* The second parameter to LocalCache::add() is unused, and never passed.
Removed to avoid confusion.
* The getTargets() method is unused. Removed.
* The getLookups() method is unused. Removed.
* The internal 'lookups' member was being used both for its keys and its
values, but never at the same time. This seemed risky, especially in
EchoRevisionLocalCache::resolve() where the associative array was passed
directly to the 'where' clause of IDatabase::select(), which shouldn't
espect keys when creating the 'IN' clause.
Using only values would keep value types flexible, but would require
use of the less efficient in_array().
Keeping both keys and values and calling array_values() would work.
Using only keys also works and is simpler, so long only ints are used.
* The tests were swapping 'targets' MapCacheLRU with a HashBagOStuff.
Following-up 4939bff7, this was forgotten, but works because the two
called methods (get and set) exist in both, but still seems odd.
Fixed by using TestingAccessWrapper to act on the existing object
instead of swapping it out.
* Improved tests by asserting more of the observed behaviour and impact.
Change-Id: I530eeac8bf3b407b8c633e0e20c7d35cc49f7a9f
This fixes some issues I found while updating this code base, e.g.
this removes types a method really does not return.
Change-Id: I19457e7bf88945eec958bf53e0b76a7585715a45
This patch adds a few strict type hints on the language level, not
only on the PHPDoc level as my other patches do.
Change-Id: Ie66f9ebf80317dcaf13e2e96a93332a1a93cebbe
This change requires MediaWiki 1.32 which is already required in
extension.json.
Change-Id: I61856796d864c9493c1a7a875cb2415f11f081a9
Depends-On: I193f5b9a95430b0a05573c361715e053e5411e32
Most modern IDEs as well as documentation generators understand the
keywords "false" and "true", when a bool can only be one of the two.
Change-Id: I83dd1f0cc0802fa74ee35e7ca7425615230a767f
There are about 200 of such generic "array" type hints in this code base,
the majority in @param tags. I started with what I found most relevant:
@var and @return tags. I might continue working on this later, but
wanted to stop for now to keep this patch moderately small.
Change-Id: Iff0d9590a794ae0f885466ef6bb336b0b42a6cd3
Tested with the quick preview (Ctrl+Q) feature in PHPStorm.
I'm also updating a few type hints I could not split off into a separate
patch, because the lines are to close to each other.
Change-Id: I312ec601a5f443c2b12515e34c574b8889c4c128
The special page is only a MessageLocalizer, not a IContextSource.
Its implements all methods of IContextSource, but are delegated to the
underlayed IContextSource. So pass it directly make phan happy, while
the current code works as expected
Change-Id: Ia9d83f2f71a466a2ba74540f96f165c96fb7ca00
This cache was only used so that, if we're told to clear the newtalk
flag and we already know there are no edit-user-talk notifications, we
won't try to delete them. But that's not a good justification for such a
confusingly-written cache that would have been hard to convert to
getWithSetCallback(), and I'm concerned that using cached data to make
this decision could lead to inconsistencies.
Also remove the notifCountHasReachedMax() check, which made no sense: if
the user has >99 notifications, that is no justification for not marking
their user talk notifications as read when they visit their user talk
page. Whether the displayed notification count will change has no
bearing on whether these notifications should be marked as read (and now
that bundled notifications are counted individually, the displayed count
actually could change).
Bug: T164860
Change-Id: I3ff5c9b31307839b9336bd8856015db9baa52fad
* Move revision ids out of configuration and into MWEchoEventLogging
class. Because the EchoInteraction schema is used both server and
client, we have to duplicate the revision id.
* Use EventLoggingSchemas attribute to register client-side schema in
extension.json instead of a hook.
* Check if EventLogging is enabled in MWEchoEventLogging instead of
$wgExtensionFunctions.
* Pass only whether the EchoInteraction schema is enabled to the
client-side instead of all of $wgEchoEventLoggingSchemas.
Change-Id: I968294f96cedac19dc9d8f53df14fecfb666ceee
Also test it more meaningfully by setting up a mock database and
asserting that the right DELETE queries are issued.
Change-Id: Id39723b92118e98d9c9f0cd7381e9396dce67c17
The only place that reads the config variable is in ext.echo.logger,
which uses OO.getProp() to do so. If that property doesn't exist,
`undefined` will be returned, which we can force to boolean false.
Bug: T118488
Change-Id: Iac352b133950f6f2e4b88950c1fcd0c893284fd9
This avoids needing any dependencies on EventLogging in the module
definition, as well as allowing the extra dependencies to be lazy-loaded
as necessary.
Change-Id: I49b5be4be4f55cd4e27064247463b2ddb8e81296
$wgExtensionFunctions are run on every MediaWiki request, and should be
avoided unless necessary. Default user options should be controlled by
the UserGetDefaultOptions hook instead.
Bug: T180192
Change-Id: I2a79e078753d289c3ea2f04b613ce72c59a9e59a
Makes so many things simpler and robust.
Bug: T198935
Change-Id: Ia836f8f497cae8599f85cf86a7f6b299cd012e81
Depends-On: Iff63da0d215585cfcf083e7f7ec8ed45d5b77301
Explaining that a variable named "$username" contains a "username" is
not helpful. One have to read this comment first to understand that it
does not add anything to what's already obvious from the variable name
and the type.
Change-Id: I9a43866498d0c94422caf16233f502320a8e36c9
When a presentation model is specified for an event type,
check if the class actually exist before trying to use it.
Logs to debug when the class is not specified or doesn't exist.
This is useful for extensions that get undeployed
(looking at you, OpenStackManager). Their notifications
cannot really render since the code to render them
is not available anymore. This make them simply go away and
the notification counts get updated shortly after because
unrenderable notifications are marked as deleted.
Bug: T195253
Change-Id: I6335204942002bba3e73887ab81e55a27b4e181a
Add the ability to create notifications with specific timestamps
when generating notifications through the maintenance script.
Note, that not all notifications can be given specific timestamp;
only notifications that do not involve a direct editing action
will be given this timestamp and their events will be created
as if the actions were taken at the given timestamp, with
1 minute intervals.
Change-Id: I9e6b8660178ca0734979946c8e6ec8d43fc3de41
The `DBMasterPos` class is not JSON-serializable, so
we can not transfer the job in the kafka-based queue.
Before, we were waiting for slaves before executing the
job till the point in time when the job was submitted,
now we will just wait for slaves till the point in time
the job was executed. That lets up not to include the
database master position in the event and make it serializable.
Bug: T192945
Change-Id: I7c754bd1e899bad030cc6434be19daf2542e015f
See I2291c69d9df17c1a9e4ab1b7d4cbc73bc51d3ebb for the anticipated
hard-deprecation of this method in core.
Bug: T197492
Change-Id: I4687db09c27480147cfa7a648a886b1670812deb
Other places like Message::inLanguage also use
Language::factory( $user->getOption( 'language' ) ).
Change-Id: I911dc2319e1922276daa3eb3614a350c80b8b57f
The $cached and $dbSource parameters are now unused, so remove them.
This affects get{Notification,Alert,Message}Count and
getLastUnread{Notification,Alert,Message}Time.
There are some callers in other extensions and in skins, but none of
them pass any parameters (except one, which I fixed in Ice42930280da).
Change-Id: If6f10c4f163ecb1def5a150656a60d1ab5f44d52
We used to have code that called getMemcKey() with a boolean parameter
deciding whether to get a local or global key, but we don't do that
anymore: every code path now knows whether it needs a local or global
key. Consequently, move the code for global cache key generation back to
getGlobalMemcKey(), rather than having both be in getMemcKey() and
getGlobalMemcKey() being a wrapper.
Change-Id: If35bafc53e1e0086c31fd9675a9dc057e36f5717
As Krinkle points out, it always writes to DB_MASTER, so it doesn't make
much sense to offer an option to read from DB_REPLICA. This also
resolves the race condition that I believe arises from the one caller
that passes in DB_REPLICA.
Change-Id: I6976e5479debc3f4a8f28d53b1616c01475772be
To use WANObjectCache correctly in a multi-DC-safe way, we need to use
getWithSetCallback() to read data, and call delete() when it changes.
NotifUser's caching of notification counts and timestamps relied
heavily on set() calls, and so wasn't multi-DC-safe.
Changes in this commit:
* Rather than caching counts/timestamps in separate cache keys, and
using separate cache keys for each section (alert/message/all), put
all this data in an array and store that in a single cache key.
This reduces the number of cache keys per user per wiki from 6 to 1.
* Similarly, use a single global cache key per user. The global check
key for the last updated timestamp is retained, so we now have
2 global cache keys per user (down from 7)
* Remove preloading using getMulti(), no longer needed
* Move computation of counts and timestamps into separate compute
functions (one for local, one for global), and wrap them with
a getter that uses getWithSetCallback().
* Use TS_MW strings instead of MWTimestamp objects internally, to
simplify comparisons and max() operations.
* Make existing getters wrap around this new getter. They now ignore
their $cached and $dbSource parameters, and we should deprecate/change
these function signatures.
* In resetNotificationCounts(), just delete the cache keys. In global
mode, also recompute the notification counts and put them in the
echo_unread_wikis table. We could also set() the data into the cache
at this point, but don't, because you're not supposed to mix set() and
getWithSetCallback() calls and I don't want to find out what happens
if you do.
Bug: T164860
Change-Id: I4f86aab11d50d20280a33e0504ba8ad0c6c01842
We almost always call it with DB_MASTER, and I'm pretty sure that the
one call that uses DB_REPLICA introduces a race condition. I didn't want
to change that quite yet, though, so I left it in for now.
Change-Id: Ia5a59fdda357b799e327b8ed224f3ccb09509a8a
In principle, if $alertCount > 0, $alertTime should never be null,
but it feels much safer to check $alertTime itself instead.
Change-Id: Ifb107e257fbcd65e8181e2a214028f1b3733ac30
So that classes that get a UserNotificationGateway dependency-injected
into them can get something to call Database::getCacheSetOptions() on.
Change-Id: Ie1c98f09d1581ea17809a4dfc68adec1e2805580
The call of wfGetLangObj() is not necessary anymore.
Depends-On: I36834dbd119f4299f84b3dfe5e085eb0f6b8499c
Change-Id: I4e047393eee337432dd5edd0b4e3d650b6c7d393
NotificationJob used to include an instance
of EchoEvent, which is not serializable.
With this change, it only includes the
event Id (int) and retrieve the event
instance in its run() function.
Bug: T192945
Change-Id: I00950ddfa37717c7dfc19efdca9701693622da5d
Changed to interface, because the result of IDatabase::select is
directly returned and now the same type
Change-Id: Ib77e1f5c26ebf0b474dc944b15d6ef671a88e836
Core change I8d825eb0 begins the process of changing core database
tables from using xx_user and xx_user_text fields to using xx_actor.
This updates the extension to continue to function during and after the
transition.
Bug: T167246
Change-Id: I5c0c4879c5ab252be9c0582aa9efa871304a8ad8
* Make updateCount() check isReadOnly()
* Make EchoUserNotificationGateway::markRead() check isReadOnly()
* Make ApiEchoMarkRead check if the echo DB is read-only
* Remove access getExternalLB() argument
Bug: T187942
Change-Id: Ibafce8839b46e28251a6c1c08dd61fec4756bf33
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.MissingCovers.MissingCovers
Change-Id: I2a48e5c27a7307b3982d11875180fc11f2a125d9
Doing it in two lines makes it easier to read
This makes also clear that this is not a broken condition
Change-Id: I9771b6457789b7dc572f2d73d1fae8c361f9a1e6
All files containing more than one PHP class were split into
multiple files.
extension.json was updated to match new class locations.
Bug: T177809
Change-Id: I4e7d8f02164c3048c41c4c9fbe4be18a99e7abaa
Format user-rights reason as plain text
in both web and email since links
in notification body are not supported.
Bug: T172636
Change-Id: Ief5ff0aff18aad070f4388e075b5aae072d8f101
See MediaWiki core change Ied5fe1a61. There's no need for a dependency
here, though, since it'll just ignore the extra parameter.
Change-Id: Iff28b00638c15de7307a130196bbb91cda91c3d1
We used to have to DIY it because the core method stripped links, but
with guessSectionNameFromStrippedText() this is no longer an issue.
This allows us to pick up the nbsp handling that was added to core in
129067c907.
Bug: T180689
Depends-On: I56b9dda805a51517549c5ed709f4bd747ca04577
Change-Id: I192218dd14464de5041ceb1c16125bbcd8f44f18
When intval() fails, the function returns a zero. We should remove
the failures from the blacklist.
Bug: T178512
Change-Id: I89ad680a287da16c2fbd6aa4d53a725142429144
Title fragment isn't supposed to be escaped on input. It gets escaped later,
when getFullURL() gets called on the title. This previously didn't matter much
because Sanitizer::escapeId() doesn't break anything if called repeatedly. However,
now it's deprecated anyway and uses legacy encoding so I need to get rid of it.
Change-Id: I6392604ac0841ae92a21ecb569c9643d7bc6231c
Otherwise, if $list->getValues() contains the number 0,
any non-numerical string will match, because 'foo'==0 is true.
This, in combination with a broken maintenance script that had
inserted 0s into some users' blacklist, broke all notifications
for those users.
Bug: T177825
Change-Id: If8700b4d0de0fdba876eb9d5cc4997e185dfeb3c
Various selectFields() methods were deprecated in MediaWiki core change
Idcfd1556, replaced with getQueryInfo() methods.
Change-Id: I5d62ad76fdb64a9c6efd228f27e9b5f512f17d5e
Depends-On: Idcfd15568489d9f03a7ba4460e96610d33bc4089
User objects haven't been stubbed in awhile, and language objects
aren't being stubbed anymore.
While we're here, swap a few MWException -> InvalidArgumentException
since they're more accurate :)
Change-Id: I7e2f2aa135b024fb653c3ec13181d7015383ff2f
The echo mute list uses user names which are not stable. User ids should be used instead.
Bug: T173475
Change-Id: I947bcf37a8f85aaa105776d368dbd0ab76823aeb
While working on my own Echo notifications for CategoryWatch, I came
across this bug. I was happy to see that someone else identified this
a while back.
Wikitext-to-html production for the body of Echo messages does
not fully qualify urls. This means that links are created pointing
to, for example, "/w/index.php..." instead of
"http://example.com/w/index.php...". Supplying a base URL in the html
for the message fixes this problem.
Bug: T141521
Change-Id: Icfb9f3be58b83d2a441972adb58fef1169169d7c
The following sniffs are failing and were disabled:
* MediaWiki.Files.ClassMatchesFilename.NotMatch
* MediaWiki.Files.ClassMatchesFilename.WrongCase
* MediaWiki.Files.OneClassPerFile.MultipleFound
Change-Id: I7cbf305fae765dbf68df07f84992c2d5ed5486c6
Currently, the 'Mark all as read' button exists only for JS users.
This patch adds the button for no-JS users as well.
Bug: T96061
Change-Id: I1a62c56306597209540ffd694c8fb7b2a92885c9