This already returns safe Message objects, which allow Special:Gadgets
to localise it accordingly.
Avoid formatting the list ahead of time with a hardcoded user language,
and instead use Message::listParam() so that the caller controls
the Language object. This makes it safe to use in jobs, CLI, tests,
load.php and elsewhere instead of previously where RequestContext would
cause an exception or use something the caller doesn't control.
Bug: T298334
Change-Id: I77dd3c7fef86b4c8c41837bfb276b019f30baeb0
* Validate that pages have .js, .css or .json suffixes.
* Validate that namespaces are integers, disallowing doubles.
* Validate that type is either general or styles.
* Validate that targets are either desktop or mobile.
* Fix validation of skins: stop allowing `true` as it isn't actually
allowed - it causes an exception in Gadget::isSkinSupported().
Bug: T298334
Change-Id: Ic59c20172f496d281acd59419f5c760ad29ce317
The column user_properties.up_value is a text based type in all rdbms.
postgres does not autoconvert strings to numbers, so SUM( up_value )
gives an error when running on postgres.
The use of SUM( up_value ) is also problematic on mariadb/sqlite, as
up_value can be set to any number via the Action API's options module.
This value goes into the sum and produce a wrong result. Using a
non-number value allows to remove the value from the sum and that also
produce a wrong result.
Change the query to exclude the rows which disables a gadget and just
count the "active" ones. Typically there are only rows to disable a
gadget, when the gadget is marked as default, but default gadget are
displayed with the message 'gadgetusage-default' and does not needs to
be counted. In case a gadget was default in the past, there could always
such rows, so be safe and exclude them. That means it is safe to only
count for "active" gadget option usage.
This also allows to remove the up_value condition on the join to
querycachetwo as only rows to enable a gadget are now selected and get
joined to find the active users.
For the join condition use an assoc array, as for database condition the
database class is quoting the value of that array, if that is a string.
In postgres the " is used to quote columns or tables, but not values,
that gives a query error on postgres about the condition.
fixed when using the array style and not "raw" sql.
Define the condition only once as it should be the same for both
queries. Use the new IDatabase::expr function to write that sql piece.
Change-Id: I8dfc3fd5adc4c4bdabceaab20c4b37ffd48e6bee
This requires 1.42 for some new names
Changes to the use statements done automatically via script
Addition of missing use statement done manually
Change-Id: Iacbea33299995c537a7ef77b524614ad02c6a559
0c61a5a468 subtly affected the
gadget definition parsing, causing issues with definitions containing
HTML comments or certain kinds of whitespace characters. They would get
saved to the pages array with a trailing whitespace but
Gadget::getScripts() would only return pages strictly ending in `.js`.
Trimming the title before in MediaWikiGadgetsDefinitionRepo fixes the
issue.
Bug: T354385
Change-Id: Iacee432756006060217981a534434fd455285793
Remove the test that expects ES6 to fail by default, instead assert
that invalid syntax fails (as it should). Also add various other
test cases, including a commented-out test for valid ES6 by default,
to be enabled after Ie309e761f8b20640f7c0 in MediaWiki core.
Change-Id: If45856c563518255189687e3b1f620973349fb27
As this repo is not used anywhere in production, there is no backward
compatibility. Any scripts, styles, datas specified in existing
definition pages will get ignored.
Gadget::getJSON() no longer checks isPackaged() – that is now left
for callers - only relevant one is in GadgetRLModule. That was done
because validationWarnings() method needs the JSON page list even for
non-package gadgets.
Bug: T353174
Change-Id: Ic820bc4632981369c72f822fb8b9b7195930eaa6
A little efficiency to make getting from Special:GadgetUsage
to the relevant gadget files easier.
Bug: T344255
Change-Id: I0e26d10992bc3f8073bcdc8dbac86726ee6f7c36
Remove DefinitionDeletionUpdate and DefinitionSecondaryDataUpdate –
both call $repo->handlePageUpdate() which is already being called from
onPageSaveComplete/onPageDeleteComplete hooks.
The chain that made this redundant:
1. Ibe2e26d123, change hooks from hardcoded to GadgetRepo singleton.
2. Ieccc1cae8c, migrate from create-only onPageContentInsertComplete
hook to create-and-edit onPageSaveComplete hook.
3. Ib27fd34fbf, further consolidate handling of create and edit
events with handlePageUpdate, and remove any hook-level
conditionals. At this point, the DateUpdate classes became redundant.
Bug: T31272
Change-Id: I20c2759b219c80571237a73e8422f3128047eb87
* Separate out tests for MediaWikiGadgetsDefinitionRepo and
Hooks::onGetPreferences. Removed hack in fetchStructuredList() for
overriding page content for tests.
* Add tests for ES6 gadgets. For this, ResourceLoaderModuleTest is
converted back to an integration test.
* Removed createGadgetDefinitionPage() test helper method. Now using
MediaWikiIntegrationTestCase::editPage().
* Fixed GDNamespaceRepoTest failure when GDNamespaceRepo is the active
repo, by clearing WAN process cache.
Change-Id: I26b84576a91f6cb0ebae64c5fc1408666d767911
* Add tests for onBeforePageDisplay hook. A simple gadget repo
implementation, StaticGadgetRepo, is introduced for this.
* Add integrations tests for various gadget load conditions.
* Add test for onUserGetDefaultOptions hook.
* Add tests for GadgetDefinitionNamespaceRepo.
* Convert ResourceLoaderModuleTest to a unit test.
Change-Id: I275380c2bfcaa44770b3946a0a468eaaabef70c0
With GadgetDefinitionNamespaceRepo, there should be separate rights for
editing gadget json as opposed to editing gadget css/js, so that admins
can be granted the former, while the latter remains restricted to
int-admins.
Reusing the MW core rights for site CSS/JS/JSON seems to make the most
sense here. Protection is now applied via GetUserPermissionsErrors hook
rather than as namespace protection.
For editing any non-CSS/JS/JSON pages in the namespace, editsitejs right
is required.
Bug: T298834
Change-Id: I6ffd5e9467774f1e79ccdce8b6b4739f07be2da8
… e.g. using modern syntax, or avoiding unnecessarily complex
language features. For example, we don't need to call count() when
all we care about is the boolean "is empty/not empty" information.
Change-Id: I13ae802f64627a79b29d1e57ad71486cb2fb977f
This can't do anything for two reasons:
* There are no spaces in the string after the str_replace. There is
nothing to trim.
* The regular expression above guarantees the string starts and ends
with alphanumeric characters. There can't be anything to trim, not
even underscores.
Change-Id: Iea40aafaa2457cdee9d05f105978627d38d9d5b8
* A fixed license header for the file.
* Move class descriptions, doc tags, author/copyright to the
class block. Remove MW-core specific "ingroup" tags such as
"SpecialPage" which has no meaning in an extension and are not
used by Doxygen.
Ref https://gerrit.wikimedia.org/r/q/message:ingroup
Change-Id: I13d9b0ff7a3150180196c9fa58f8a321b14edd22
Adds a "namespaces" option to the gadget definition, which takes a
list of namespace IDs. Enabled gadgets will only load when the
viewed page is in one of the required namespaces.
Bug: T204201
Bug: T63007
Change-Id: I7f797e35352b242ad78704074e98c6569a1adf91
Follows-up 087ab65e24 (Ieae6706537). To avoid silent mistakes such
as during development of T63007 (I7f797e35352b242).
Bug: T303194
Change-Id: If675f8d02ed3fee768af3d2b4912249319ae9ef4
- Always define gadget enable/disable preferences
- Show a gadget's preference when it can be enabled
Bug: T341421
Change-Id: If32eecebccf2c9b557d7dde273b7faf7118a7ac3
Easier to translate
There is no visible change on Special:ApiHelp/query+gadgets
Also split for list=gadgetcategories&gcprop=
Visible on Special:ApiHelp/query+gadgetcategories
Bug: T285545
Change-Id: Ic40326cd747ffe2153cff7d10e0083bd5e51345e
This method is possibly the main cause of DB access in non-database
tests, because it's called from the UserGetDefaultOptions hook handler,
which is triggered by most tests using UserOptionsLookup in any way.
Trying to obtain a DB connection will throw an exception in I96ecf9ff,
so just skip the lookup altogether.
Bug: T155147
Change-Id: I2ac659a472655b2a95e64dcbd3f709e465839b33
The ResourceLoader module associated with the gadget will have
mobile and desktop targets, but this allows gadgets to disable
themselves on the mobile site if necessary by not adding the gadget
to the page if it's been marked as such.
This also has the benefit of not showing the gadget on the preferences
page if it's not relevant.
Bug: T328610
Change-Id: I4f2b57d1d22f641ff7520358a46cd0e6b2103aa9
Cache array representation of the Gadget object instead of the
php-serialized representation. Gadget::toArray() is an inverse of the
constructor which already constructs an object from an array of config
values.
Also, the static Gadget::newFromDefinitionContent method which accesses
the service container is replaced with the dependency-less
serializeDefinition() method.
Bug: T303194
Change-Id: Ieae6706537143d766777b2299c31726e2a1dfd29
The class is deprecated and RL will likely stop using it. And even then, this method shouldn't care. The exception is unchecked, so whatever its type is, it's just an implementation detail.
Bug: T328220
Change-Id: I3c87a376ce1d36f4a1d81a435bbc015199c75913
Gadgets can mark themselves as ES6-only by specifying the requiresES6
boolean attribute. Syntax validation is disabled for them (as the
validator doesn't support ES6 yet), and they are loaded together in a
separate request.
The minifier doesn't reject syntax errors, and thus these would
be passed through to web clients. Hence, communities using this feature
are encouraged to use ESLint or another linter to make sure only
valid ES <= 6 code is being used.
Because of the above, this feature is only made available for
non-default gadgets.
Bug: T75714
Change-Id: Ib98ac0700471554d5721d7ab858d4660e1e0e980
Added PreferencesGetIconHook to add an icon on the Special:Preferences section.
Bug: T317419
Depends-On: I6d5730d47e7595b1705787995fe5db2fe734d7f5
Change-Id: Ie2505622680573dfe9e50b48976c986cf2512097
* Remove most APCu logic, including the reverse checking of WANCache
touch time to validate the APCu key
The APCu expiry had a 7-15s blind TTL before this check took place.
Keep the conservative part of this (blind TTL). This should be
more than enough to debounce memcached traffic.
* Simplify WAN handling with plain key and delete (using the default
holdoff tombstone, which should take care of edge cases like second
DC warming up the WAN key shortly after a delete).
* Fix incorrect method doc about being by section. The returned
list is not by section.
Change-Id: If14ff83a29367df58d1824615bcf0bcd2edc886f
== Motivation ==
On a local dev wiki and in CI, where no gadgets are defined yet,
fetchStructuredList() is called on every load.php request and doing
uncached database look ups. This is because T39228 (stale cache
after Gadgets-definition was empty or created) was fixed by disabling
the cache until the page exists. This seems like a poor solution,
and commit I3092bcb162d032 recognises that the problem was not
understood at the time. I propose to instead cache it always and
purge it when the page is modified in any way.
Cold calling fetchStructuredList() accounted for ~170ms of ~400ms
when trying out debug v2 (T85805), thus making it significantly
slower and causing a chain of dozens of requests to pile up.
== Previously ==
* Legacy repo (MediaWikiGadgetsDefinitionRepo) only implemented
handlePageUpdate.
* handlePageUpdate was called from onPageSaveComplete for both
any page edit, and for creations in the experimental namespace.
* The experimental GadgetDefinitionNamespaceRepo is based on
ContentHandler rather than global hooks. This system does not
have a create-specific callback. It called update for edit/create,
and delete for delete. The experimental repo relied on create being
called from the global hook for the legacy repo, and update was
then called twice.
* There was no global hook for onPageDeleteComplete, thus the
legacy repo did not get purges.
== Changes ==
* Add onPageDeleteComplete hook to fix purges after deletion,
with the legacy repo now implementing handlePageDeletion() and doing
the same as handlePageUpdate().
* Fix handlePageUpdate() docs to reflect that it covers page create,
since onPageSaveComplete() called it either way.
* Fix experimental repo to include its namespace purge in
its handlePageUpdate() method.
* Get rid of now-redundant handlePageCreation().
* Get rid of handlePageDeletion() since its implementations would
now be identical to handlePageUpdate().
All these hooks and handle*() methods are just for a memc key
holding gadget metadata. We don't need to microoptimise this
on a per-page basis. Gadget edits are rare enough that purging them
as a whole each time is fine. We do the same in MediaWiki core
with ResourceLoaderGadgetsModule already.
Bug: T85805
Change-Id: Ib27fd34fbfe7a75c851602c8a93a2e3e1f2c38a0
HTMLForm would handle title itself, don't need to set it manually here.
Depends-On: Iaec81a2fb49162f2fc764f143f88e887572a3a0b
Change-Id: I4a9788e853463e51570ba7c04a8bd40f1ed95cfa
Overrides ResourceLoaderModule#getSkins() as introduced in core
with I08a1a59b4eab90d380ca8f874, so that skin-specific gadgets are
only registered client-side if applicable to the current skin.
Bug: T236603
Depends-On: I08a1a59b4eab90d380ca8f874bb6dbba2f399590
Change-Id: I111a67c3119a294afc093b7b64bf0927a56f5b1f
The errorbox class will soon stop working. It and its successor
mw-message-box-error were designed to work with block elements, which
meant that its inline usage caused overlaps and partially unreadable
text above/below it. To fix this, and to be able to use the
Html::errorBox function, I switched to use block elements (<div>s).
Please note that *this causes visual changes* (see screenshots on
Phabricator), and while I tried to test it locally, I might have missed
edge cases, so do tell me if it breaks something.
Bug: T304602
Change-Id: If68b934723722f976668d08a910984f89538a4f2
Avoids expensive re-computations such as that of Action::getActionName, for
each gadget. It is now computed just once in the GadgetLoadConditions
constructor and stored.
This structure makes it cleaner to add more conditions down the line (such as
namespaces and content models - see T204201) and could be reused for user gadgets
(T36958).
Change-Id: I8cbc4bba4d248d9f2ff3a2836450f69970370b1a
The validation appears to be occurring 4 times:
1. JsonContentHandler->preSaveTransform --> GadgetDefinitionContent->isValid
2. GadgetHooks::onEditFilterMergedContent --> GadgetDefinitionContent->validate
3. ContentHandler->validateSave --> GadgetDefinitionContent->isValid
4. RevisionStore->checkContent ---> GadgetDefinitionContent->isValid
Caching the validation result reduces it down to 2.
(Validation in GadgetHooks::onEditFilterMergedContent is to provide a more useful error message than what ContentHandler gives – which is just "Invalid content data".)
Change-Id: I026751b7e9b111b4f0bb9ab5fa0e9737a0385b07
?withgadget query parameters allows for ad-hoc loading of gadgets
(after passing all other basic checks). This was recently added in
I5b30d4e.
In T29766#7611796 Gergo raised concerns about how this can be
potentially abused.
This patch aims to restrict the feature by giving gadgets latitude
to either use it or not depending on the nature of the gadget.
The patch does so by adding `supportsUrlLoad` option that gadgets
(maybe those deemed safe) can use it to opt-in to the parameter.
By default gadgets don't support it, so it can be enabled for each
on a case-by-case basis.
Bug: T29766
Change-Id: Ie64174085e650579d76cc862774a4fe1b3d08396
In addition, renamed several instance of $output to $parserOutput to
help readers (and code search!) differentiate between variables which
contain a ParserOutput and those which contain an OutputPage (esp.
since those two classes contain many similarly-named methods).
Bug: T296123
Change-Id: If34330acf97d2c4e357b693b086264a718738fb1
* Gadget::isEnabled() only requires a UserIdentity, not the whole User
* Gadget::isAllowed() only requires an Authority, not the whole User
Both of those interfaces are implemented by the User class, so this is
compatible with all existing code, and it's easier to call from code
that only has access to a UserIdentity/Authority.
Change-Id: I8ea710c555f6fb7790ae575bb60aab1a05e288d8
Currently, trying to change content model of a page in gadget definition namespace (via either the special page or the API) raises an exception. This uncaught exception has been replaced with a localisable error message.
Bug: T299303
Change-Id: Iad7d353d03cdfb52bf66aa2c9a12bc71a840577c
Hidden gadgets do not have associated user preferences. Adding them to $defaultOptions only causes them to be unnecessarily exported in mw.user.options.
Bug: T299071
Change-Id: Ic55e7f2a9daa405cddd0189de3d32f5825bc336a
Links the following entries in gadget definitions to the associated page:
- scripts
- styles
- datas
- peers
- dependencies (only when they are also a gadget)
- category (links to MW message page)
- messages
unserialize(serialize()) hack is a bit ugly, but it works.
Co-Authored-By: Siddharth VP <siddharthvp@gmail.com>
Bug: T298844
Change-Id: I9154f600997fe693410e7560ed30732102b806aa
When using the Gadget definition: namespace, link to the definition
pages from Special:Gadgets. Also change the wording of the links
to edit the names of the gadgets, to disambiguate them.
Change-Id: I327a4cfa9846edec60e1aaafc674cd66f4e0beae
Allow specifying page actions ('view', 'edit', 'history', etc) in
gadget definitions. If specified, the gadget is run only on the given
page action(s).
This is especially useful for default gadgets like RefToolbar[1] and
TextReactions[2] that only need to be loaded while editing.
[1]: https://en.wikipedia.org/wiki/WP:RefToolbar
[2]: https://en.wikipedia.org/wiki/WP:Text_reactions
Bug: T204201
Bug: T63007
Change-Id: Idde71b3f1f6c36cd21539a2312be8f12217a9acc
The parsed content of JSON files in the gadget is made available from the
gadget's JS files via require(). That is, MediaWiki:Gadget-data.json (or
Gadget:data.json) is available as `require('./data.json')`. This is
supported for both MediaWikiGadgetsDefinitionRepo and
GadgetDefinitionNamespaceRepo. The JSON parsing is done server-side.
JSON can only be used in "package" gadgets - in which the JS files can
also be invoked via require().
Also added a test for GadgetResourceLoaderModule.
Bug: T198758
Depends-On: Ib4556d09c4d393269e32771aab00f59a5f630e1b
Depends-On: Id4589a597ccfc4266b3e63d10f75b146aa7a287a
Change-Id: I21acb46cdd244a39b5cc6963aa763f0113bd1e38
Remove using of User:getOption since this method
will be hard-deprecated. Now it is soft-deprecated.
Bug: T296083
Change-Id: I140cbd5655ac4ae0ad7b6d30c5e6bae0008aba07
Previously attempted in 82281d82d0,
reverted in 7c4ac597e2.
This gives each section and each gadget's entry an `id` attribute,
which can be used for linking, as requested in T126962. Existing user
options still match the new preferences.
It also probably makes future improvements easier. No one understands
multiselects with subsections.
Bug: T126962
Change-Id: Ie96fd94c994d05ab8507920fa560c7ed9c1f9b69
When viewing pages, the 'withgadget=' query parameter can be used in
the URL to load a gadget that isn't enabled by the user's preferences.
The gadget is only loaded if all other conditions are still satisfied
(supported skin, supported targets, required user rights).
Bug: T29766
Change-Id: I5b30d4e0010561685eef661a515e2892045bb776
