Matthias Mullie has uploaded a new change for review. https://gerrit.wikimedia.org/r/112163
Change subject: Make history entries also check previous revisions if restored ...................................................................... Make history entries also check previous revisions if restored If the restore was on a suppress, the restore action should not be displayed (unless the user has those permissions) Meanwhile cleaned up some of the history code in Topic/Header.php: permission checks automatically happen against the most recent permission now already. Change-Id: I0fda960a96af03cd04045088f06a49da79258859 --- M FlowActions.php M includes/Block/Header.php M includes/Block/Topic.php 3 files changed, 101 insertions(+), 111 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/Flow refs/changes/63/112163/1 diff --git a/FlowActions.php b/FlowActions.php index 408e308..1e35e73 100644 --- a/FlowActions.php +++ b/FlowActions.php @@ -451,7 +451,31 @@ 'performs-writes' => false, 'log_type' => false, 'permissions' => array( - PostRevision::MODERATED_NONE => '', + PostRevision::MODERATED_NONE => function( AbstractRevision $revision, RevisionActionPermissions $permissions ) { + // @todo: well, this does screw things up a bit because we're + // also checking against the most recent revision + // if that one was a restore, we still want all previous non- + // suppress-related stuff to show up... + + + // if a revision was the result of a restore-action, we have + // to look at the previous revision what the original moderation + // status was; permissions for the restore-actions visibility + // is the same as the moderation (e.g. if user can't see + // suppress actions, he can't see restores from suppress + if ( $revision->getChangeType() == 'restore-post' ) { + $revisionable = $revision->getRevisionable(); + $previous = $revisionable->getPreviousRevision( $revision ); + + if ( $previous->getModerationState() === AbstractRevision::MODERATED_NONE ) { + return ''; + } + + return $permissions->getPermission( $previous, 'topic-history' ); + } + + return ''; + }, PostRevision::MODERATED_HIDDEN => '', PostRevision::MODERATED_DELETED => '', PostRevision::MODERATED_SUPPRESSED => 'flow-suppress', @@ -463,7 +487,25 @@ 'performs-writes' => false, 'log_type' => false, 'permissions' => array( - PostRevision::MODERATED_NONE => '', + PostRevision::MODERATED_NONE => function( AbstractRevision $revision, RevisionActionPermissions $permissions ) { + // if a revision was the result of a restore-action, we have + // to look at the previous revision what the original moderation + // status was; permissions for the restore-actions visibility + // is the same as the moderation (e.g. if user can't see + // suppress actions, he can't see restores from suppress + if ( $revision->getChangeType() == 'restore-post' ) { + $revisionable = $revision->getRevisionable(); + $previous = $revisionable->getPreviousRevision( $revision ); + + if ( $previous->getModerationState() === AbstractRevision::MODERATED_NONE ) { + return ''; + } + + return $permissions->getPermission( $previous, 'topic-history' ); + } + + return ''; + }, PostRevision::MODERATED_HIDDEN => '', PostRevision::MODERATED_DELETED => '', PostRevision::MODERATED_SUPPRESSED => 'flow-suppress', @@ -475,7 +517,25 @@ 'performs-writes' => false, 'log_type' => false, 'permissions' => array( - PostRevision::MODERATED_NONE => '', + PostRevision::MODERATED_NONE => function( AbstractRevision $revision, RevisionActionPermissions $permissions ) { + // if a revision was the result of a restore-action, we have + // to look at the previous revision what the original moderation + // status was; permissions for the restore-actions visibility + // is the same as the moderation (e.g. if user can't see + // suppress actions, he can't see restores from suppress + if ( $revision->getChangeType() == 'restore-post' ) { + $revisionable = $revision->getRevisionable(); + $previous = $revisionable->getPreviousRevision( $revision ); + + if ( $previous->getModerationState() === AbstractRevision::MODERATED_NONE ) { + return ''; + } + + return $permissions->getPermission( $previous, 'topic-history' ); + } + + return ''; + }, PostRevision::MODERATED_HIDDEN => '', PostRevision::MODERATED_DELETED => '', PostRevision::MODERATED_SUPPRESSED => 'flow-suppress', diff --git a/includes/Block/Header.php b/includes/Block/Header.php index 28cb49d..2bee156 100644 --- a/includes/Block/Header.php +++ b/includes/Block/Header.php @@ -161,8 +161,7 @@ 'historyExists' => false, ); - $history = $this->filterBoardHistory( $this->loadBoardHistory() ); - + $history = $this->loadBoardHistory(); if ( $history ) { $tplVars['historyExists'] = true; $tplVars['history'] = new History( $history ); @@ -181,58 +180,6 @@ 'user' => $this->user, ) ); } - } - - protected function filterBoardHistory( array $history ) { - // get rid of history entries user doesn't have sufficient permissions for - $query = $needed = array(); - foreach ( $history as $i => $revision ) { - switch( $revision->getRevisionType() ) { - case 'header': - // headers can't be moderated - break; - case 'post': - if ( $revision->isTopicTitle() ) { - $needed[$revision->getPostId()->getHex()] = $i; - $query[] = array( 'tree_rev_descendant_id' => $revision->getPostId() ); - } else { - // comments should not be in board history - unset( $history[$i] ); - } - break; - } - } - - if ( !$needed ) { - return $history; - } - - // check permissions against most recent revision - $found = $this->storage->findMulti( - 'PostRevision', - $query, - array( 'sort' => 'rev_id', 'order' => 'DESC', 'limit' => 1 ) - ); - foreach ( $found as $newest ) { - $newest = reset( $newest ); - $id = $newest->getPostId()->getHex(); - - if ( isset( $needed[$id] ) ) { - $i = $needed[$id]; - unset( $needed[$id] ); - - if ( !$this->permissions->isAllowed( $newest, 'board-history' ) ) { - unset( $history[$i] ); - } - } - } - - // not found - foreach ( $needed as $i ) { - unset( $history[$i] ); - } - - return $history; } public function renderAPI( Templating $templating, array $options ) { @@ -262,13 +209,22 @@ } protected function loadBoardHistory() { - $found = $this->storage->find( + $history = $this->storage->find( 'BoardHistoryEntry', array( 'topic_list_id' => $this->workflow->getId() ), array( 'sort' => 'rev_id', 'order' => 'DESC', 'limit' => 300 ) ); + if ( $history ) { + // get rid of history entries user doesn't have sufficient permissions for + foreach ( $history as $i => $revision ) { + // only check against the specific revision, ignoring the most recent + if ( !$this->permissions->isRevisionAllowed( $revision, 'post-history' ) ) { + unset( $history[$i] ); + } + } - if ( $found === false ) { + return $history; + } else { throw new InvalidDataException( 'Unable to load topic list history for ' . $this->workflow->getId()->getHex(), 'fail-load-history' ); } diff --git a/includes/Block/Topic.php b/includes/Block/Topic.php index 479d3df..7151bc0 100644 --- a/includes/Block/Topic.php +++ b/includes/Block/Topic.php @@ -417,43 +417,6 @@ case 'topic-history': $history = $this->loadTopicHistory(); - - // get rid of history entries user doesn't have sufficient permissions for - $needed = $query = array(); - foreach ( $history as $i => $revision ) { - $hex = $revision->getPostId()->getHex(); - if ( !isset( $needed[$hex] ) ) { - $query[] = array( 'tree_rev_descendant_id' => $revision->getPostId() ); - } - $needed[$hex][] = $i; - } - $found = $this->storage->findMulti( - 'PostRevision', - $query, - array( 'sort' => 'rev_id', 'order' => 'DESC', 'limit' => 1 ) - ); - foreach ( $found as $newest ) { - $newest = reset( $newest ); - $hex = $newest->getPostId()->getHex(); - if ( !isset( $needed[$hex] ) ) { - wfWarn( __METHOD__ . ': Received unrequested postId : ' . $hex ); - continue; - } - $indexes = $needed[$hex]; - unset( $needed[$hex] ); - if ( !$this->permissions->isAllowed( $newest, 'topic-history' ) ) { - foreach ( $indexes as $i ) { - unset( $history[$i] ); - } - } - } - foreach ( $needed as $hex => $indexes ) { - wfWarn( __METHOD__ . ': Did not receive postId: ' . $hex ); - foreach ( $indexes as $i ) { - unset( $history[$i] ); - } - } - $root = $this->loadRootPost(); if ( !$root ) { return; @@ -609,17 +572,7 @@ return; } - $history = array(); - // don't show post history if user doesn't have permissions - // @todo: if some day, we have rev-delete, we'll need to also check for that in here - if ( $this->permissions->isAllowed( $post, 'post-history' ) ) { - // get rid of history entries user doesn't have sufficient permissions for - foreach ( $this->getHistory( $options['postId'] ) as $i => $post ) { - if ( $this->permissions->isAllowed( $post, 'post-history' ) ) { - $history[$i] = $post; - } - } - } + $history = $this->getHistory( $options['postId'] ); return $templating->render( "flow:post-history.html.php", array( 'block' => $this, @@ -797,11 +750,24 @@ } protected function getHistory( $postId ) { - return $this->storage->find( + $history = $this->storage->find( 'PostRevision', array( 'tree_rev_descendant_id' => UUID::create( $postId ) ), array( 'sort' => 'rev_id', 'order' => 'DESC', 'limit' => 100 ) ); + if ( $history ) { + // get rid of history entries user doesn't have sufficient permissions for + foreach ( $history as $i => $revision ) { + // only check against the specific revision, ignoring the most recent + if ( !$this->permissions->isRevisionAllowed( $revision, 'post-history' ) ) { + unset( $history[$i] ); + } + } + + return $history; + } else { + throw new InvalidDataException( 'Unable to load post history for post ' . $postId, 'fail-load-history' ); + } } protected function getHistoryBatch( $postIds ) { @@ -889,13 +855,21 @@ } protected function loadTopicHistory() { - $found = $this->storage->find( + $history = $this->storage->find( 'PostRevision', array( 'topic_root_id' => $this->workflow->getId() ), array( 'sort' => 'rev_id', 'order' => 'DESC', 'limit' => 100 ) ); - if ( $found ) { - return $found; + if ( $history ) { + // get rid of history entries user doesn't have sufficient permissions for + foreach ( $history as $i => $revision ) { + // only check against the specific revision, ignoring the most recent + if ( !$this->permissions->isRevisionAllowed( $revision, 'topic-history' ) ) { + unset( $history[$i] ); + } + } + + return $history; } else { throw new InvalidDataException( 'Unable to load topic history for topic ' . $this->workflow->getId()->getHex(), 'fail-load-history' ); } -- To view, visit https://gerrit.wikimedia.org/r/112163 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I0fda960a96af03cd04045088f06a49da79258859 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/Flow Gerrit-Branch: master Gerrit-Owner: Matthias Mullie <mmul...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits