mediawiki-extensions-Thanks/includes/ApiThank.php

<?php
/**
 * Base API module for Thanks
 *
 * @ingroup API
 * @ingroup Extensions
 */
abstract class ApiThank extends ApiBase {
	protected function dieOnBadUser( User $user ) {
		if ( $user->isAnon() ) {
			$this->dieWithError( 'thanks-error-notloggedin', 'notloggedin' );
		} elseif ( $user->pingLimiter( 'thanks-notification' ) ) {
			$this->dieWithError( [ 'thanks-error-ratelimited', $user->getName() ], 'ratelimited' );
		} elseif ( $user->isBlocked() ) {
			$this->dieBlocked( $user->getBlock() );
		} elseif ( $user->isBlockedGlobally() ) {
			$this->dieBlocked( $user->getGlobalBlock() );
		}
	}

	protected function dieOnBadRecipient( User $user, User $recipient ) {
		global $wgThanksSendToBots;

		if ( $user->getId() === $recipient->getId() ) {
			$this->dieWithError( 'thanks-error-invalidrecipient-self', 'invalidrecipient' );
		} elseif ( !$wgThanksSendToBots && $recipient->isBot() ) {
			$this->dieWithError( 'thanks-error-invalidrecipient-bot', 'invalidrecipient' );
		}
	}

	protected function markResultSuccess( $recipientName ) {
		$this->getResult()->addValue( null, 'result', [
			'success' => 1,
			'recipient' => $recipientName,
		] );
	}

	/**
	 * This checks the log_search data.
	 *
	 * @param User $thanker The user sending the thanks.
	 * @param string $uniqueId The identifier for the thanks.
	 * @return bool Whether thanks has already been sent
	 */
	protected function haveAlreadyThanked( User $thanker, $uniqueId ) {
		$dbw = wfGetDB( DB_MASTER );
		$logWhere = ActorMigration::newMigration()->getWhere( $dbw, 'log_user', $thanker );
		return (bool)$dbw->selectRow(
			[ 'log_search', 'logging' ] + $logWhere['tables'],
			[ 'ls_value' ],
			[
				$logWhere['conds'],
				'ls_field' => 'thankid',
				'ls_value' => $uniqueId,
			],
			__METHOD__,
			[],
			[ 'logging' => [ 'INNER JOIN', 'ls_log_id=log_id' ] ] + $logWhere['joins']
		);
	}

	/**
	 * @param User $user The user performing the thanks (and the log entry).
	 * @param User $recipient The target of the thanks (and the log entry).
	 * @param string $uniqueId A unique Id to identify the event being thanked for, to use
	 *                         when checking for duplicate thanks
	 */
	protected function logThanks( User $user, User $recipient, $uniqueId ) {
		global $wgThanksLogging;
		if ( !$wgThanksLogging ) {
			return;
		}
		$logEntry = new ManualLogEntry( 'thanks', 'thank' );
		$logEntry->setPerformer( $user );
		$logEntry->setRelations( [ 'thankid' => $uniqueId ] );
		$target = $recipient->getUserPage();
		$logEntry->setTarget( $target );
		$logId = $logEntry->insert();
		$logEntry->publish( $logId, 'udp' );
	}

	public function needsToken() {
		return 'csrf';
	}

	public function isWriteMode() {
		// Writes to the Echo database and sometimes log tables.
		return true;
	}
}
Initial version of Thanks extension See https://www.mediawiki.org/wiki/Extension:Thanks Change-Id: Ic037f1fcde0f7fa10848c2ed8e31291ad022027d 2013-03-18 19:56:12 +00:00			`<?php`
Adding some comments for the API Adding .jshintrc file Change-Id: Ib15a3b3ce2c37933b62ccb112a38b1d61051ca16 2013-04-05 23:47:49 +00:00			`/**`
Add "Thanks" for comments on Flow boards bug: 61930 Change-Id: Id37a14e3c75c63419fc34e0b7c2e21f74b3fa875 Co-authored-by: Bencmq <bencmqwiki@gmail.com> 2014-02-26 02:12:47 +00:00			`* Base API module for Thanks`
Adding some comments for the API Adding .jshintrc file Change-Id: Ib15a3b3ce2c37933b62ccb112a38b1d61051ca16 2013-04-05 23:47:49 +00:00			`*`
			`* @ingroup API`
			`* @ingroup Extensions`
			`*/`
Add "Thanks" for comments on Flow boards bug: 61930 Change-Id: Id37a14e3c75c63419fc34e0b7c2e21f74b3fa875 Co-authored-by: Bencmq <bencmqwiki@gmail.com> 2014-02-26 02:12:47 +00:00			`abstract class ApiThank extends ApiBase {`
			`protected function dieOnBadUser( User $user ) {`
Split Api Module into lovely small functions Change-Id: I77abd54a50090229c7f3a3daa239bcb185702e46 2013-11-03 11:13:03 +00:00			`if ( $user->isAnon() ) {`
Update for API error i18n See Iae0e2ce3. Since Thanks master requires core master, this just depends on the master patch instead of trying to maintain BC. Depends-On: Iae0e2ce3bd42dd4776a9779664086119ac188412 Change-Id: Ib6e66f7e94c41b7a27fe867f079626ac0ade4f1b 2016-11-03 19:16:57 +00:00			`$this->dieWithError( 'thanks-error-notloggedin', 'notloggedin' );`
Split Api Module into lovely small functions Change-Id: I77abd54a50090229c7f3a3daa239bcb185702e46 2013-11-03 11:13:03 +00:00			`} elseif ( $user->pingLimiter( 'thanks-notification' ) ) {`
Update for API error i18n See Iae0e2ce3. Since Thanks master requires core master, this just depends on the master patch instead of trying to maintain BC. Depends-On: Iae0e2ce3bd42dd4776a9779664086119ac188412 Change-Id: Ib6e66f7e94c41b7a27fe867f079626ac0ade4f1b 2016-11-03 19:16:57 +00:00			`$this->dieWithError( [ 'thanks-error-ratelimited', $user->getName() ], 'ratelimited' );`
Split Api Module into lovely small functions Change-Id: I77abd54a50090229c7f3a3daa239bcb185702e46 2013-11-03 11:13:03 +00:00			`} elseif ( $user->isBlocked() ) {`
Update for API error i18n See Iae0e2ce3. Since Thanks master requires core master, this just depends on the master patch instead of trying to maintain BC. Depends-On: Iae0e2ce3bd42dd4776a9779664086119ac188412 Change-Id: Ib6e66f7e94c41b7a27fe867f079626ac0ade4f1b 2016-11-03 19:16:57 +00:00			`$this->dieBlocked( $user->getBlock() );`
Security: Disable thank when the user is globally blocked Bug: T151910 Change-Id: I3f39dd32cb76d1a20c8711d5de88e8fcbc36507d 2018-07-12 13:51:00 +00:00			`} elseif ( $user->isBlockedGlobally() ) {`
			`$this->dieBlocked( $user->getGlobalBlock() );`
Initial version of Thanks extension See https://www.mediawiki.org/wiki/Extension:Thanks Change-Id: Ic037f1fcde0f7fa10848c2ed8e31291ad022027d 2013-03-18 19:56:12 +00:00			`}`
Split Api Module into lovely small functions Change-Id: I77abd54a50090229c7f3a3daa239bcb185702e46 2013-11-03 11:13:03 +00:00			`}`

Add "Thanks" for comments on Flow boards bug: 61930 Change-Id: Id37a14e3c75c63419fc34e0b7c2e21f74b3fa875 Co-authored-by: Bencmq <bencmqwiki@gmail.com> 2014-02-26 02:12:47 +00:00			`protected function dieOnBadRecipient( User $user, User $recipient ) {`
Perform checks before thanking via API If the user attempts to thank an anonymous user, a bot (when $wgThanksSendToBots is not true), or him/herself, return an error. This is consistent with the restrictions imposed in insertThankLink(). Bug: 56954 Change-Id: I9e8ae030a8ff1cc312bf98671e593c7367ca0ea2 2013-11-24 06:45:12 +00:00			`global $wgThanksSendToBots;`

Add "Thanks" for comments on Flow boards bug: 61930 Change-Id: Id37a14e3c75c63419fc34e0b7c2e21f74b3fa875 Co-authored-by: Bencmq <bencmqwiki@gmail.com> 2014-02-26 02:12:47 +00:00			`if ( $user->getId() === $recipient->getId() ) {`
Update for API error i18n See Iae0e2ce3. Since Thanks master requires core master, this just depends on the master patch instead of trying to maintain BC. Depends-On: Iae0e2ce3bd42dd4776a9779664086119ac188412 Change-Id: Ib6e66f7e94c41b7a27fe867f079626ac0ade4f1b 2016-11-03 19:16:57 +00:00			`$this->dieWithError( 'thanks-error-invalidrecipient-self', 'invalidrecipient' );`
Use User::isBot() rather than rolling our own We were manually checking for the 'bot' group, but MW core has a method for this that's more comprehensive. Bug: T205224 Change-Id: Idce475ce10a21c5593d366470eede7d8dd1f6dfe 2018-10-02 00:24:46 +00:00			`} elseif ( !$wgThanksSendToBots && $recipient->isBot() ) {`
Update for API error i18n See Iae0e2ce3. Since Thanks master requires core master, this just depends on the master patch instead of trying to maintain BC. Depends-On: Iae0e2ce3bd42dd4776a9779664086119ac188412 Change-Id: Ib6e66f7e94c41b7a27fe867f079626ac0ade4f1b 2016-11-03 19:16:57 +00:00			`$this->dieWithError( 'thanks-error-invalidrecipient-bot', 'invalidrecipient' );`
Perform checks before thanking via API If the user attempts to thank an anonymous user, a bot (when $wgThanksSendToBots is not true), or him/herself, return an error. This is consistent with the restrictions imposed in insertThankLink(). Bug: 56954 Change-Id: I9e8ae030a8ff1cc312bf98671e593c7367ca0ea2 2013-11-24 06:45:12 +00:00			`}`
			`}`

Refactor API code and fix invalid input handling Simplify the code and add additional checks for invalid input. Change-Id: Ic1fe978730af7715c72f58cd7af46ab753e614e8 2014-04-15 04:28:10 +00:00			`protected function markResultSuccess( $recipientName ) {`
build: Add doxygen, use composer for phpcs, make pass Change-Id: I939d6f4d989cf21c0f817d262bf3e4acedcf2ffe 2016-04-22 20:13:56 +00:00			`$this->getResult()->addValue( null, 'result', [`
Refactor API code and fix invalid input handling Simplify the code and add additional checks for invalid input. Change-Id: Ic1fe978730af7715c72f58cd7af46ab753e614e8 2014-04-15 04:28:10 +00:00			`'success' => 1,`
			`'recipient' => $recipientName,`
build: Add doxygen, use composer for phpcs, make pass Change-Id: I939d6f4d989cf21c0f817d262bf3e4acedcf2ffe 2016-04-22 20:13:56 +00:00			`] );`
Refactor API code and fix invalid input handling Simplify the code and add additional checks for invalid input. Change-Id: Ic1fe978730af7715c72f58cd7af46ab753e614e8 2014-04-15 04:28:10 +00:00			`}`

Use log_search to track already sent thanks We currently use client-side storage to keep track of what revisions and posts have already been thanked for. This is problematic because client- side storage is not permanent, making it easy to send duplicate thanks if you have logged out and in, or switched computers. This starts storing new thanks in the log_search table, which is designed for efficient querying of metadata associated with a specific log entry. With this, we can easily check to see if a user has already sent thanks for a specific revision. The UX is a bit weird right now, we only check log_search when actually sending thanks again, in which case the user thinks they have sent thanks again, but no duplicate thanks is actually sent. Bug: T88820 Bug: T53303 Change-Id: Iaf8cbe0776081dc69e82883d8727ba1cfe20e3e1 2015-06-16 00:53:40 +00:00			`/**`
Remove a coding-standard exclusion Add some parameter comments etc. Change-Id: Ifb663c69711036ea01cb2b90acaa81d22c74a3af 2018-02-09 07:09:43 +00:00			`* This checks the log_search data.`
Use log_search to track already sent thanks We currently use client-side storage to keep track of what revisions and posts have already been thanked for. This is problematic because client- side storage is not permanent, making it easy to send duplicate thanks if you have logged out and in, or switched computers. This starts storing new thanks in the log_search table, which is designed for efficient querying of metadata associated with a specific log entry. With this, we can easily check to see if a user has already sent thanks for a specific revision. The UX is a bit weird right now, we only check log_search when actually sending thanks again, in which case the user thinks they have sent thanks again, but no duplicate thanks is actually sent. Bug: T88820 Bug: T53303 Change-Id: Iaf8cbe0776081dc69e82883d8727ba1cfe20e3e1 2015-06-16 00:53:40 +00:00			`*`
Remove a coding-standard exclusion Add some parameter comments etc. Change-Id: Ifb663c69711036ea01cb2b90acaa81d22c74a3af 2018-02-09 07:09:43 +00:00			`* @param User $thanker The user sending the thanks.`
			`* @param string $uniqueId The identifier for the thanks.`
Use log_search to track already sent thanks We currently use client-side storage to keep track of what revisions and posts have already been thanked for. This is problematic because client- side storage is not permanent, making it easy to send duplicate thanks if you have logged out and in, or switched computers. This starts storing new thanks in the log_search table, which is designed for efficient querying of metadata associated with a specific log entry. With this, we can easily check to see if a user has already sent thanks for a specific revision. The UX is a bit weird right now, we only check log_search when actually sending thanks again, in which case the user thinks they have sent thanks again, but no duplicate thanks is actually sent. Bug: T88820 Bug: T53303 Change-Id: Iaf8cbe0776081dc69e82883d8727ba1cfe20e3e1 2015-06-16 00:53:40 +00:00			`* @return bool Whether thanks has already been sent`
			`*/`
			`protected function haveAlreadyThanked( User $thanker, $uniqueId ) {`
			`$dbw = wfGetDB( DB_MASTER );`
Update for the actor table change Core change I8d825eb0 begins the process of changing core database tables from using xx_user and xx_user_text fields to using xx_actor. This updates the extension to continue to function during and after the transition. Bug: T167246 Change-Id: Ib84a5a7a9f80fa321f7482d4c27c5f58add47230 2018-03-20 19:29:32 +00:00			`$logWhere = ActorMigration::newMigration()->getWhere( $dbw, 'log_user', $thanker );`
Use log_search to track already sent thanks We currently use client-side storage to keep track of what revisions and posts have already been thanked for. This is problematic because client- side storage is not permanent, making it easy to send duplicate thanks if you have logged out and in, or switched computers. This starts storing new thanks in the log_search table, which is designed for efficient querying of metadata associated with a specific log entry. With this, we can easily check to see if a user has already sent thanks for a specific revision. The UX is a bit weird right now, we only check log_search when actually sending thanks again, in which case the user thinks they have sent thanks again, but no duplicate thanks is actually sent. Bug: T88820 Bug: T53303 Change-Id: Iaf8cbe0776081dc69e82883d8727ba1cfe20e3e1 2015-06-16 00:53:40 +00:00			`return (bool)$dbw->selectRow(`
Update for the actor table change Core change I8d825eb0 begins the process of changing core database tables from using xx_user and xx_user_text fields to using xx_actor. This updates the extension to continue to function during and after the transition. Bug: T167246 Change-Id: Ib84a5a7a9f80fa321f7482d4c27c5f58add47230 2018-03-20 19:29:32 +00:00			`[ 'log_search', 'logging' ] + $logWhere['tables'],`
build: Add doxygen, use composer for phpcs, make pass Change-Id: I939d6f4d989cf21c0f817d262bf3e4acedcf2ffe 2016-04-22 20:13:56 +00:00			`[ 'ls_value' ],`
			`[`
Update for the actor table change Core change I8d825eb0 begins the process of changing core database tables from using xx_user and xx_user_text fields to using xx_actor. This updates the extension to continue to function during and after the transition. Bug: T167246 Change-Id: Ib84a5a7a9f80fa321f7482d4c27c5f58add47230 2018-03-20 19:29:32 +00:00			`$logWhere['conds'],`
Use log_search to track already sent thanks We currently use client-side storage to keep track of what revisions and posts have already been thanked for. This is problematic because client- side storage is not permanent, making it easy to send duplicate thanks if you have logged out and in, or switched computers. This starts storing new thanks in the log_search table, which is designed for efficient querying of metadata associated with a specific log entry. With this, we can easily check to see if a user has already sent thanks for a specific revision. The UX is a bit weird right now, we only check log_search when actually sending thanks again, in which case the user thinks they have sent thanks again, but no duplicate thanks is actually sent. Bug: T88820 Bug: T53303 Change-Id: Iaf8cbe0776081dc69e82883d8727ba1cfe20e3e1 2015-06-16 00:53:40 +00:00			`'ls_field' => 'thankid',`
			`'ls_value' => $uniqueId,`
build: Add doxygen, use composer for phpcs, make pass Change-Id: I939d6f4d989cf21c0f817d262bf3e4acedcf2ffe 2016-04-22 20:13:56 +00:00			`],`
Use log_search to track already sent thanks We currently use client-side storage to keep track of what revisions and posts have already been thanked for. This is problematic because client- side storage is not permanent, making it easy to send duplicate thanks if you have logged out and in, or switched computers. This starts storing new thanks in the log_search table, which is designed for efficient querying of metadata associated with a specific log entry. With this, we can easily check to see if a user has already sent thanks for a specific revision. The UX is a bit weird right now, we only check log_search when actually sending thanks again, in which case the user thinks they have sent thanks again, but no duplicate thanks is actually sent. Bug: T88820 Bug: T53303 Change-Id: Iaf8cbe0776081dc69e82883d8727ba1cfe20e3e1 2015-06-16 00:53:40 +00:00			`__METHOD__,`
build: Add doxygen, use composer for phpcs, make pass Change-Id: I939d6f4d989cf21c0f817d262bf3e4acedcf2ffe 2016-04-22 20:13:56 +00:00			`[],`
Update for the actor table change Core change I8d825eb0 begins the process of changing core database tables from using xx_user and xx_user_text fields to using xx_actor. This updates the extension to continue to function during and after the transition. Bug: T167246 Change-Id: Ib84a5a7a9f80fa321f7482d4c27c5f58add47230 2018-03-20 19:29:32 +00:00			`[ 'logging' => [ 'INNER JOIN', 'ls_log_id=log_id' ] ] + $logWhere['joins']`
Use log_search to track already sent thanks We currently use client-side storage to keep track of what revisions and posts have already been thanked for. This is problematic because client- side storage is not permanent, making it easy to send duplicate thanks if you have logged out and in, or switched computers. This starts storing new thanks in the log_search table, which is designed for efficient querying of metadata associated with a specific log entry. With this, we can easily check to see if a user has already sent thanks for a specific revision. The UX is a bit weird right now, we only check log_search when actually sending thanks again, in which case the user thinks they have sent thanks again, but no duplicate thanks is actually sent. Bug: T88820 Bug: T53303 Change-Id: Iaf8cbe0776081dc69e82883d8727ba1cfe20e3e1 2015-06-16 00:53:40 +00:00			`);`
			`}`

			`/**`
Remove a coding-standard exclusion Add some parameter comments etc. Change-Id: Ifb663c69711036ea01cb2b90acaa81d22c74a3af 2018-02-09 07:09:43 +00:00			`* @param User $user The user performing the thanks (and the log entry).`
			`* @param User $recipient The target of the thanks (and the log entry).`
Use log_search to track already sent thanks We currently use client-side storage to keep track of what revisions and posts have already been thanked for. This is problematic because client- side storage is not permanent, making it easy to send duplicate thanks if you have logged out and in, or switched computers. This starts storing new thanks in the log_search table, which is designed for efficient querying of metadata associated with a specific log entry. With this, we can easily check to see if a user has already sent thanks for a specific revision. The UX is a bit weird right now, we only check log_search when actually sending thanks again, in which case the user thinks they have sent thanks again, but no duplicate thanks is actually sent. Bug: T88820 Bug: T53303 Change-Id: Iaf8cbe0776081dc69e82883d8727ba1cfe20e3e1 2015-06-16 00:53:40 +00:00			`* @param string $uniqueId A unique Id to identify the event being thanked for, to use`
			`* when checking for duplicate thanks`
			`*/`
			`protected function logThanks( User $user, User $recipient, $uniqueId ) {`
			`global $wgThanksLogging;`
			`if ( !$wgThanksLogging ) {`
			`return;`
			`}`
Add "Thanks" for comments on Flow boards bug: 61930 Change-Id: Id37a14e3c75c63419fc34e0b7c2e21f74b3fa875 Co-authored-by: Bencmq <bencmqwiki@gmail.com> 2014-02-26 02:12:47 +00:00			`$logEntry = new ManualLogEntry( 'thanks', 'thank' );`
			`$logEntry->setPerformer( $user );`
build: Add doxygen, use composer for phpcs, make pass Change-Id: I939d6f4d989cf21c0f817d262bf3e4acedcf2ffe 2016-04-22 20:13:56 +00:00			`$logEntry->setRelations( [ 'thankid' => $uniqueId ] );`
Add "Thanks" for comments on Flow boards bug: 61930 Change-Id: Id37a14e3c75c63419fc34e0b7c2e21f74b3fa875 Co-authored-by: Bencmq <bencmqwiki@gmail.com> 2014-02-26 02:12:47 +00:00			`$target = $recipient->getUserPage();`
			`$logEntry->setTarget( $target );`
			`$logId = $logEntry->insert();`
			`$logEntry->publish( $logId, 'udp' );`
Initial version of Thanks extension See https://www.mediawiki.org/wiki/Extension:Thanks Change-Id: Ic037f1fcde0f7fa10848c2ed8e31291ad022027d 2013-03-18 19:56:12 +00:00			`}`

			`public function needsToken() {`
Update token handling for core API change Core change I2793a3f2 changes API handling in a way that needs updates to extensions for proper operation: * needsToken() now returns a string * Most custom token types are being replaced with a 'csrf' token (the former 'edit' token); any others need a new hook. * All tokens must use a static salt. Compat with web UI using non-static tokens is supported and also serves to handle the now-deprecated token fetching. * Documentation in getParamDescription() should return a string (not array) for 'token', as the signal to core that it should be replaced with a standardized message. When compatibility with earlier versions of MediaWiki is no longer maintained, the entry for 'token' from getAllowedParams() and getParamDescription() may be removed, as may getTokenSalt(). This patch leaves them in place. Note this is intended to be compatible with earlier versions of MediaWiki, and so should be safe to merge before the core change. Change-Id: Ifb9a080f1ad7236127c61287d14ff4a465543e0f 2014-08-09 13:07:55 +00:00			`return 'csrf';`
Initial version of Thanks extension See https://www.mediawiki.org/wiki/Extension:Thanks Change-Id: Ic037f1fcde0f7fa10848c2ed8e31291ad022027d 2013-03-18 19:56:12 +00:00			`}`

Mark ApiThank as requiring write Change-Id: Ic6bc0ec65ed0b39114f12a41551c25898d784110 2013-11-23 07:47:54 +00:00			`public function isWriteMode() {`
Improve some parameter docs Change-Id: I5b84aec326dad863af152e0b53dbd9f8f66e40d2 2017-09-24 19:54:35 +00:00			`// Writes to the Echo database and sometimes log tables.`
Mark ApiThank as requiring write Change-Id: Ic6bc0ec65ed0b39114f12a41551c25898d784110 2013-11-23 07:47:54 +00:00			`return true;`
			`}`
Initial version of Thanks extension See https://www.mediawiki.org/wiki/Extension:Thanks Change-Id: Ic037f1fcde0f7fa10848c2ed8e31291ad022027d 2013-03-18 19:56:12 +00:00			`}`