首頁 探索 說明
登入
NeoZones
/
pennyspages
镜像来自 https://github.com/NeoZones/pennyspages
關註 2
讚好 0
複刻 0
檔案 問題管理 0 Wiki
分支: main
分支列表 標籤列表
pennyspages
/
includes
/
api
/
ApiQueryUsers.php

ApiQueryUsers.php 12 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
    4. 

  4.  *
    5. 

  5.  * This program is free software; you can redistribute it and/or modify
    6. 

  6.  * it under the terms of the GNU General Public License as published by
    7. 

  7.  * the Free Software Foundation; either version 2 of the License, or
    8. 

  8.  * (at your option) any later version.
    9. 

  9.  *
    10. 

  10.  * This program is distributed in the hope that it will be useful,
    11. 

  11.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    13. 

  13.  * GNU General Public License for more details.
    14. 

  14.  *
    15. 

  15.  * You should have received a copy of the GNU General Public License along
    16. 

  16.  * with this program; if not, write to the Free Software Foundation, Inc.,
    17. 

  17.  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
    18. 

  18.  * http://www.gnu.org/copyleft/gpl.html
    19. 

  19.  *
    20. 

  20.  * @file
    21. 

  21.  */
    22. 

  22. 

  23. use MediaWiki\Block\DatabaseBlock;
    24. 

  24. 

  25. /**
    26. 

  26.  * Query module to get information about a list of users
    27. 

  27.  *
    28. 

  28.  * @ingroup API
    29. 

  29.  */
    30. 

  30. class ApiQueryUsers extends ApiQueryBase {
    31. 

  31. 	use ApiQueryBlockInfoTrait;
    32. 

  32. 

  33. 	private $tokenFunctions, $prop;
    34. 

  34. 

  35. 	/**
    36. 

  36. 	 * Properties whose contents does not depend on who is looking at them. If the usprops field
    37. 

  37. 	 * contains anything not listed here, the cache mode will never be public for logged-in users.
    38. 

  38. 	 * @var array
    39. 

  39. 	 */
    40. 

  40. 	protected static $publicProps = [
    41. 

  41. 		// everything except 'blockinfo' which might show hidden records if the user
    42. 

  42. 		// making the request has the appropriate permissions
    43. 

  43. 		'groups',
    44. 

  44. 		'groupmemberships',
    45. 

  45. 		'implicitgroups',
    46. 

  46. 		'rights',
    47. 

  47. 		'editcount',
    48. 

  48. 		'registration',
    49. 

  49. 		'emailable',
    50. 

  50. 		'gender',
    51. 

  51. 		'centralids',
    52. 

  52. 		'cancreate',
    53. 

  53. 	];
    54. 

  54. 

  55. 	public function __construct( ApiQuery $query, $moduleName ) {
    56. 

  56. 		parent::__construct( $query, $moduleName, 'us' );
    57. 

  57. 	}
    58. 

  58. 

  59. 	/**
    60. 

  60. 	 * Get an array mapping token names to their handler functions.
    61. 

  61. 	 * The prototype for a token function is func($user)
    62. 

  62. 	 * it should return a token or false (permission denied)
    63. 

  63. 	 * @deprecated since 1.24
    64. 

  64. 	 * @return array Array of tokenname => function
    65. 

  65. 	 */
    66. 

  66. 	protected function getTokenFunctions() {
    67. 

  67. 		// Don't call the hooks twice
    68. 

  68. 		if ( isset( $this->tokenFunctions ) ) {
    69. 

  69. 			return $this->tokenFunctions;
    70. 

  70. 		}
    71. 

  71. 

  72. 		// If we're in a mode that breaks the same-origin policy, no tokens can
    73. 

  73. 		// be obtained
    74. 

  74. 		if ( $this->lacksSameOriginSecurity() ) {
    75. 

  75. 			return [];
    76. 

  76. 		}
    77. 

  77. 

  78. 		$this->tokenFunctions = [
    79. 

  79. 			'userrights' => [ self::class, 'getUserrightsToken' ],
    80. 

  80. 		];
    81. 

  81. 		Hooks::run( 'APIQueryUsersTokens', [ &$this->tokenFunctions ] );
    82. 

  82. 

  83. 		return $this->tokenFunctions;
    84. 

  84. 	}
    85. 

  85. 

  86. 	/**
    87. 

  87. 	 * @deprecated since 1.24
    88. 

  88. 	 * @param User $user
    89. 

  89. 	 * @return string
    90. 

  90. 	 */
    91. 

  91. 	public static function getUserrightsToken( $user ) {
    92. 

  92. 		global $wgUser;
    93. 

  93. 

  94. 		// Since the permissions check for userrights is non-trivial,
    95. 

  95. 		// don't bother with it here
    96. 

  96. 		return $wgUser->getEditToken( $user->getName() );
    97. 

  97. 	}
    98. 

  98. 

  99. 	public function execute() {
    100. 

  100. 		$db = $this->getDB();
    101. 

  101. 		$commentStore = CommentStore::getStore();
    102. 

  102. 

  103. 		$params = $this->extractRequestParams();
    104. 

  104. 		$this->requireMaxOneParameter( $params, 'userids', 'users' );
    105. 

  105. 

  106. 		if ( !is_null( $params['prop'] ) ) {
    107. 

  107. 			$this->prop = array_flip( $params['prop'] );
    108. 

  108. 		} else {
    109. 

  109. 			$this->prop = [];
    110. 

  110. 		}
    111. 

  111. 		$useNames = !is_null( $params['users'] );
    112. 

  112. 

  113. 		$users = (array)$params['users'];
    114. 

  114. 		$userids = (array)$params['userids'];
    115. 

  115. 

  116. 		$goodNames = $done = [];
    117. 

  117. 		$result = $this->getResult();
    118. 

  118. 		// Canonicalize user names
    119. 

  119. 		foreach ( $users as $u ) {
    120. 

  120. 			$n = User::getCanonicalName( $u );
    121. 

  121. 			if ( $n === false || $n === '' ) {
    122. 

  122. 				$vals = [ 'name' => $u, 'invalid' => true ];
    123. 

  123. 				$fit = $result->addValue( [ 'query', $this->getModuleName() ],
    124. 

  124. 					null, $vals );
    125. 

  125. 				if ( !$fit ) {
    126. 

  126. 					$this->setContinueEnumParameter( 'users',
    127. 

  127. 						implode( '|', array_diff( $users, $done ) ) );
    128. 

  128. 					$goodNames = [];
    129. 

  129. 					break;
    130. 

  130. 				}
    131. 

  131. 				$done[] = $u;
    132. 

  132. 			} else {
    133. 

  133. 				$goodNames[] = $n;
    134. 

  134. 			}
    135. 

  135. 		}
    136. 

  136. 

  137. 		if ( $useNames ) {
    138. 

  138. 			$parameters = &$goodNames;
    139. 

  139. 		} else {
    140. 

  140. 			$parameters = &$userids;
    141. 

  141. 		}
    142. 

  142. 

  143. 		$result = $this->getResult();
    144. 

  144. 

  145. 		if ( count( $parameters ) ) {
    146. 

  146. 			$userQuery = User::getQueryInfo();
    147. 

  147. 			$this->addTables( $userQuery['tables'] );
    148. 

  148. 			$this->addFields( $userQuery['fields'] );
    149. 

  149. 			$this->addJoinConds( $userQuery['joins'] );
    150. 

  150. 			if ( $useNames ) {
    151. 

  151. 				$this->addWhereFld( 'user_name', $goodNames );
    152. 

  152. 			} else {
    153. 

  153. 				$this->addWhereFld( 'user_id', $userids );
    154. 

  154. 			}
    155. 

  155. 

  156. 			$this->addBlockInfoToQuery( isset( $this->prop['blockinfo'] ) );
    157. 

  157. 

  158. 			$data = [];
    159. 

  159. 			$res = $this->select( __METHOD__ );
    160. 

  160. 			$this->resetQueryParams();
    161. 

  161. 

  162. 			// get user groups if needed
    163. 

  163. 			if ( isset( $this->prop['groups'] ) || isset( $this->prop['rights'] ) ) {
    164. 

  164. 				$userGroups = [];
    165. 

  165. 

  166. 				$this->addTables( 'user' );
    167. 

  167. 				if ( $useNames ) {
    168. 

  168. 					$this->addWhereFld( 'user_name', $goodNames );
    169. 

  169. 				} else {
    170. 

  170. 					$this->addWhereFld( 'user_id', $userids );
    171. 

  171. 				}
    172. 

  172. 

  173. 				$this->addTables( 'user_groups' );
    174. 

  174. 				$this->addJoinConds( [ 'user_groups' => [ 'JOIN', 'ug_user=user_id' ] ] );
    175. 

  175. 				$this->addFields( [ 'user_name' ] );
    176. 

  176. 				$this->addFields( UserGroupMembership::selectFields() );
    177. 

  177. 				$this->addWhere( 'ug_expiry IS NULL OR ug_expiry >= ' .
    178. 

  178. 					$db->addQuotes( $db->timestamp() ) );
    179. 

  179. 				$userGroupsRes = $this->select( __METHOD__ );
    180. 

  180. 

  181. 				foreach ( $userGroupsRes as $row ) {
    182. 

  182. 					$userGroups[$row->user_name][] = $row;
    183. 

  183. 				}
    184. 

  184. 			}
    185. 

  185. 

  186. 			foreach ( $res as $row ) {
    187. 

  187. 				// create user object and pass along $userGroups if set
    188. 

  188. 				// that reduces the number of database queries needed in User dramatically
    189. 

  189. 				if ( !isset( $userGroups ) ) {
    190. 

  190. 					$user = User::newFromRow( $row );
    191. 

  191. 				} else {
    192. 

  192. 					if ( !isset( $userGroups[$row->user_name] ) || !is_array( $userGroups[$row->user_name] ) ) {
    193. 

  193. 						$userGroups[$row->user_name] = [];
    194. 

  194. 					}
    195. 

  195. 					$user = User::newFromRow( $row, [ 'user_groups' => $userGroups[$row->user_name] ] );
    196. 

  196. 				}
    197. 

  197. 				if ( $useNames ) {
    198. 

  198. 					$key = $user->getName();
    199. 

  199. 				} else {
    200. 

  200. 					$key = $user->getId();
    201. 

  201. 				}
    202. 

  202. 				$data[$key]['userid'] = $user->getId();
    203. 

  203. 				$data[$key]['name'] = $user->getName();
    204. 

  204. 

  205. 				if ( isset( $this->prop['editcount'] ) ) {
    206. 

  206. 					$data[$key]['editcount'] = $user->getEditCount();
    207. 

  207. 				}
    208. 

  208. 

  209. 				if ( isset( $this->prop['registration'] ) ) {
    210. 

  210. 					$data[$key]['registration'] = wfTimestampOrNull( TS_ISO_8601, $user->getRegistration() );
    211. 

  211. 				}
    212. 

  212. 

  213. 				if ( isset( $this->prop['groups'] ) ) {
    214. 

  214. 					$data[$key]['groups'] = $user->getEffectiveGroups();
    215. 

  215. 				}
    216. 

  216. 

  217. 				if ( isset( $this->prop['groupmemberships'] ) ) {
    218. 

  218. 					$data[$key]['groupmemberships'] = array_map( function ( $ugm ) {
    219. 

  219. 						return [
    220. 

  220. 							'group' => $ugm->getGroup(),
    221. 

  221. 							'expiry' => ApiResult::formatExpiry( $ugm->getExpiry() ),
    222. 

  222. 						];
    223. 

  223. 					}, $user->getGroupMemberships() );
    224. 

  224. 				}
    225. 

  225. 

  226. 				if ( isset( $this->prop['implicitgroups'] ) ) {
    227. 

  227. 					$data[$key]['implicitgroups'] = $user->getAutomaticGroups();
    228. 

  228. 				}
    229. 

  229. 

  230. 				if ( isset( $this->prop['rights'] ) ) {
    231. 

  231. 					$data[$key]['rights'] = $this->getPermissionManager()
    232. 

  232. 						->getUserPermissions( $user );
    233. 

  233. 				}
    234. 

  234. 				if ( $row->ipb_deleted ) {
    235. 

  235. 					$data[$key]['hidden'] = true;
    236. 

  236. 				}
    237. 

  237. 				if ( isset( $this->prop['blockinfo'] ) && !is_null( $row->ipb_by_text ) ) {
    238. 

  238. 					$data[$key] += $this->getBlockDetails( DatabaseBlock::newFromRow( $row ) );
    239. 

  239. 				}
    240. 

  240. 

  241. 				if ( isset( $this->prop['emailable'] ) ) {
    242. 

  242. 					$data[$key]['emailable'] = $user->canReceiveEmail();
    243. 

  243. 				}
    244. 

  244. 

  245. 				if ( isset( $this->prop['gender'] ) ) {
    246. 

  246. 					$gender = $user->getOption( 'gender' );
    247. 

  247. 					if ( strval( $gender ) === '' ) {
    248. 

  248. 						$gender = 'unknown';
    249. 

  249. 					}
    250. 

  250. 					$data[$key]['gender'] = $gender;
    251. 

  251. 				}
    252. 

  252. 

  253. 				if ( isset( $this->prop['centralids'] ) ) {
    254. 

  254. 					$data[$key] += ApiQueryUserInfo::getCentralUserInfo(
    255. 

  255. 						$this->getConfig(), $user, $params['attachedwiki']
    256. 

  256. 					);
    257. 

  257. 				}
    258. 

  258. 

  259. 				if ( !is_null( $params['token'] ) ) {
    260. 

  260. 					$tokenFunctions = $this->getTokenFunctions();
    261. 

  261. 					foreach ( $params['token'] as $t ) {
    262. 

  262. 						$val = call_user_func( $tokenFunctions[$t], $user );
    263. 

  263. 						if ( $val === false ) {
    264. 

  264. 							$this->addWarning( [ 'apiwarn-tokennotallowed', $t ] );
    265. 

  265. 						} else {
    266. 

  266. 							$data[$key][$t . 'token'] = $val;
    267. 

  267. 						}
    268. 

  268. 					}
    269. 

  269. 				}
    270. 

  270. 			}
    271. 

  271. 		}
    272. 

  272. 

  273. 		$context = $this->getContext();
    274. 

  274. 		// Second pass: add result data to $retval
    275. 

  275. 		foreach ( $parameters as $u ) {
    276. 

  276. 			if ( !isset( $data[$u] ) ) {
    277. 

  277. 				if ( $useNames ) {
    278. 

  278. 					$data[$u] = [ 'name' => $u ];
    279. 

  279. 					$urPage = new UserrightsPage;
    280. 

  280. 					$urPage->setContext( $context );
    281. 

  281. 

  282. 					$iwUser = $urPage->fetchUser( $u );
    283. 

  283. 

  284. 					if ( $iwUser instanceof UserRightsProxy ) {
    285. 

  285. 						$data[$u]['interwiki'] = true;
    286. 

  286. 

  287. 						if ( !is_null( $params['token'] ) ) {
    288. 

  288. 							$tokenFunctions = $this->getTokenFunctions();
    289. 

  289. 

  290. 							foreach ( $params['token'] as $t ) {
    291. 

  291. 								$val = call_user_func( $tokenFunctions[$t], $iwUser );
    292. 

  292. 								if ( $val === false ) {
    293. 

  293. 									$this->addWarning( [ 'apiwarn-tokennotallowed', $t ] );
    294. 

  294. 								} else {
    295. 

  295. 									$data[$u][$t . 'token'] = $val;
    296. 

  296. 								}
    297. 

  297. 							}
    298. 

  298. 						}
    299. 

  299. 					} else {
    300. 

  300. 						$data[$u]['missing'] = true;
    301. 

  301. 						if ( isset( $this->prop['cancreate'] ) ) {
    302. 

  302. 							$status = MediaWiki\Auth\AuthManager::singleton()->canCreateAccount( $u );
    303. 

  303. 							$data[$u]['cancreate'] = $status->isGood();
    304. 

  304. 							if ( !$status->isGood() ) {
    305. 

  305. 								$data[$u]['cancreateerror'] = $this->getErrorFormatter()->arrayFromStatus( $status );
    306. 

  306. 							}
    307. 

  307. 						}
    308. 

  308. 					}
    309. 

  309. 				} else {
    310. 

  310. 					$data[$u] = [ 'userid' => $u, 'missing' => true ];
    311. 

  311. 				}
    312. 

  312. 

  313. 			} else {
    314. 

  314. 				if ( isset( $this->prop['groups'] ) && isset( $data[$u]['groups'] ) ) {
    315. 

  315. 					ApiResult::setArrayType( $data[$u]['groups'], 'array' );
    316. 

  316. 					ApiResult::setIndexedTagName( $data[$u]['groups'], 'g' );
    317. 

  317. 				}
    318. 

  318. 				if ( isset( $this->prop['groupmemberships'] ) && isset( $data[$u]['groupmemberships'] ) ) {
    319. 

  319. 					ApiResult::setArrayType( $data[$u]['groupmemberships'], 'array' );
    320. 

  320. 					ApiResult::setIndexedTagName( $data[$u]['groupmemberships'], 'groupmembership' );
    321. 

  321. 				}
    322. 

  322. 				if ( isset( $this->prop['implicitgroups'] ) && isset( $data[$u]['implicitgroups'] ) ) {
    323. 

  323. 					ApiResult::setArrayType( $data[$u]['implicitgroups'], 'array' );
    324. 

  324. 					ApiResult::setIndexedTagName( $data[$u]['implicitgroups'], 'g' );
    325. 

  325. 				}
    326. 

  326. 				if ( isset( $this->prop['rights'] ) && isset( $data[$u]['rights'] ) ) {
    327. 

  327. 					ApiResult::setArrayType( $data[$u]['rights'], 'array' );
    328. 

  328. 					ApiResult::setIndexedTagName( $data[$u]['rights'], 'r' );
    329. 

  329. 				}
    330. 

  330. 			}
    331. 

  331. 

  332. 			// @phan-suppress-next-line PhanTypeArraySuspiciousNullable
    333. 

  333. 			$fit = $result->addValue( [ 'query', $this->getModuleName() ], null, $data[$u] );
    334. 

  334. 			if ( !$fit ) {
    335. 

  335. 				if ( $useNames ) {
    336. 

  336. 					$this->setContinueEnumParameter( 'users',
    337. 

  337. 						implode( '|', array_diff( $users, $done ) ) );
    338. 

  338. 				} else {
    339. 

  339. 					$this->setContinueEnumParameter( 'userids',
    340. 

  340. 						implode( '|', array_diff( $userids, $done ) ) );
    341. 

  341. 				}
    342. 

  342. 				break;
    343. 

  343. 			}
    344. 

  344. 			$done[] = $u;
    345. 

  345. 		}
    346. 

  346. 		$result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'user' );
    347. 

  347. 	}
    348. 

  348. 

  349. 	public function getCacheMode( $params ) {
    350. 

  350. 		if ( isset( $params['token'] ) ) {
    351. 

  351. 			return 'private';
    352. 

  352. 		} elseif ( array_diff( (array)$params['prop'], static::$publicProps ) ) {
    353. 

  353. 			return 'anon-public-user-private';
    354. 

  354. 		} else {
    355. 

  355. 			return 'public';
    356. 

  356. 		}
    357. 

  357. 	}
    358. 

  358. 

  359. 	public function getAllowedParams() {
    360. 

  360. 		return [
    361. 

  361. 			'prop' => [
    362. 

  362. 				ApiBase::PARAM_ISMULTI => true,
    363. 

  363. 				ApiBase::PARAM_TYPE => [
    364. 

  364. 					'blockinfo',
    365. 

  365. 					'groups',
    366. 

  366. 					'groupmemberships',
    367. 

  367. 					'implicitgroups',
    368. 

  368. 					'rights',
    369. 

  369. 					'editcount',
    370. 

  370. 					'registration',
    371. 

  371. 					'emailable',
    372. 

  372. 					'gender',
    373. 

  373. 					'centralids',
    374. 

  374. 					'cancreate',
    375. 

  375. 					// When adding a prop, consider whether it should be added
    376. 

  376. 					// to self::$publicProps
    377. 

  377. 				],
    378. 

  378. 				ApiBase::PARAM_HELP_MSG_PER_VALUE => [],
    379. 

  379. 			],
    380. 

  380. 			'attachedwiki' => null,
    381. 

  381. 			'users' => [
    382. 

  382. 				ApiBase::PARAM_ISMULTI => true
    383. 

  383. 			],
    384. 

  384. 			'userids' => [
    385. 

  385. 				ApiBase::PARAM_ISMULTI => true,
    386. 

  386. 				ApiBase::PARAM_TYPE => 'integer'
    387. 

  387. 			],
    388. 

  388. 			'token' => [
    389. 

  389. 				ApiBase::PARAM_DEPRECATED => true,
    390. 

  390. 				ApiBase::PARAM_TYPE => array_keys( $this->getTokenFunctions() ),
    391. 

  391. 				ApiBase::PARAM_ISMULTI => true
    392. 

  392. 			],
    393. 

  393. 		];
    394. 

  394. 	}
    395. 

  395. 

  396. 	protected function getExamplesMessages() {
    397. 

  397. 		return [
    398. 

  398. 			'action=query&list=users&ususers=Example&usprop=groups|editcount|gender'
    399. 

  399. 				=> 'apihelp-query+users-example-simple',
    400. 

  400. 		];
    401. 

  401. 	}
    402. 

  402. 

  403. 	public function getHelpUrls() {
    404. 

  404. 		return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Users';
    405. 

  405. 	}
    406. 

  406. }
    407. 

  407.