Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€

Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€ - Ð ÐµÐ´Ð°ÐºÑ‚Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ - /var/www/html/mediawiki-1.43.1/extensions/CheckUser/src/Api/Rest/Handler/AbstractTemporaryAccountHandler.php

ÐÐ°Ð·Ð°Ð´
<?php namespace MediaWiki\CheckUser\Api\Rest\Handler; use JobQueueGroup; use JobSpecification; use MediaWiki\Block\BlockManager; use MediaWiki\Config\Config; use MediaWiki\Permissions\PermissionManager; use MediaWiki\Rest\LocalizedHttpException; use MediaWiki\Rest\Response; use MediaWiki\Rest\SimpleHandler; use MediaWiki\Rest\TokenAwareHandlerTrait; use MediaWiki\Rest\Validator\JsonBodyValidator; use MediaWiki\Rest\Validator\UnsupportedContentTypeBodyValidator; use MediaWiki\Rest\Validator\Validator; use MediaWiki\User\ActorStore; use MediaWiki\User\Options\UserOptionsLookup; use MediaWiki\User\UserNameUtils; use Wikimedia\Message\MessageValue; use Wikimedia\ParamValidator\ParamValidator; use Wikimedia\Rdbms\IConnectionProvider; use Wikimedia\Rdbms\IReadableDatabase; abstract class AbstractTemporaryAccountHandler extends SimpleHandler { use TokenAwareHandlerTrait; protected Config $config; protected JobQueueGroup $jobQueueGroup; protected PermissionManager $permissionManager; protected UserOptionsLookup $userOptionsLookup; protected UserNameUtils $userNameUtils; protected IConnectionProvider $dbProvider; protected ActorStore $actorStore; protected BlockManager $blockManager; /** * @param Config $config * @param JobQueueGroup $jobQueueGroup * @param PermissionManager $permissionManager * @param UserOptionsLookup $userOptionsLookup * @param UserNameUtils $userNameUtils * @param IConnectionProvider $dbProvider * @param ActorStore $actorStore * @param BlockManager $blockManager / public function __construct( Config $config, JobQueueGroup $jobQueueGroup, PermissionManager $permissionManager, UserOptionsLookup $userOptionsLookup, UserNameUtils $userNameUtils, IConnectionProvider $dbProvider, ActorStore $actorStore, BlockManager $blockManager ) { $this->config = $config; $this->jobQueueGroup = $jobQueueGroup; $this->permissionManager = $permissionManager; $this->userOptionsLookup = $userOptionsLookup; $this->userNameUtils = $userNameUtils; $this->dbProvider = $dbProvider; $this->actorStore = $actorStore; $this->blockManager = $blockManager; } /* * @inheritDoc / public function run( string $name ): Response { if ( !$this->getAuthority()->isNamed() ) { throw new LocalizedHttpException( new MessageValue( 'checkuser-rest-access-denied' ), 401 ); } if ( !$this->permissionManager->userHasRight( $this->getAuthority()->getUser(), 'checkuser-temporary-account-no-preference' ) && ( !$this->permissionManager->userHasRight( $this->getAuthority()->getUser(), 'checkuser-temporary-account' ) \|\| !$this->userOptionsLookup->getOption( $this->getAuthority()->getUser(), 'checkuser-temporary-account-enable' ) ) ) { throw new LocalizedHttpException( new MessageValue( 'checkuser-rest-access-denied' ), 403 ); } if ( $this->getAuthority()->getBlock() ) { throw new LocalizedHttpException( new MessageValue( 'checkuser-rest-access-denied-blocked-user' ), 403 ); } if ( !$this->userNameUtils->isTemp( $name ) ) { throw new LocalizedHttpException( new MessageValue( 'rest-invalid-user', [ $name ] ), 404 ); } $dbr = $this->dbProvider->getReplicaDatabase(); $actorId = $this->actorStore->findActorIdByName( $name, $dbr ); $userIdentity = $this->actorStore->getUserIdentityByName( $name ); if ( $actorId === null \|\| $userIdentity === null ) { throw new LocalizedHttpException( new MessageValue( 'rest-nonexistent-user', [ $name ] ), 404 ); } $blockOnTempAccount = $this->blockManager->getBlock( $userIdentity, null ); if ( $blockOnTempAccount && $blockOnTempAccount->getHideName() && !$this->permissionManager->userHasRight( $this->getAuthority()->getUser(), 'viewsuppressed' ) ) { if ( $this->permissionManager->userHasRight( $this->getAuthority()->getUser(), 'hideuser' ) ) { // The user knows that this user exists, because they have the 'hideuser' right. Instead of pretending // the user does not exist, we instead should inform the user that they don't have the // permission to view this information. throw new LocalizedHttpException( new MessageValue( 'checkuser-rest-access-denied' ), 403 ); } else { // Pretend the username does not exist if the temporary account is hidden and the user does not have the // rights to see suppressed information or blocks with 'hideuser' set. throw new LocalizedHttpException( new MessageValue( 'rest-nonexistent-user', [ $name ] ), 404 ); } } $data = $this->getData( $actorId, $dbr ); $this->jobQueueGroup->push( new JobSpecification( 'checkuserLogTemporaryAccountAccess', [ 'performer' => $this->getAuthority()->getUser()->getName(), 'tempUser' => $this->urlEncodeTitle( $name ), 'timestamp' => (int)wfTimestamp(), ], [], null ) ); $maxAge = $this->config->get( 'CheckUserTemporaryAccountMaxAge' ); $response = $this->getResponseFactory()->createJson( $data ); $response->setHeader( 'Cache-Control', "private, max-age=$maxAge" ); return $response; } /* * @param int $actorId * @param IReadableDatabase $dbr * @return array IP addresses used by the temporary account / abstract protected function getData( int $actorId, IReadableDatabase $dbr ): array; /* * @inheritDoc / public function getParamSettings() { return [ 'name' => [ self::PARAM_SOURCE => 'path', ParamValidator::PARAM_TYPE => 'string', ParamValidator::PARAM_REQUIRED => true, ], ]; } /* @inheritDoc / public function getBodyValidator( $contentType ) { if ( $contentType !== 'application/json' ) { return new UnsupportedContentTypeBodyValidator( $contentType ); } return new JsonBodyValidator( $this->getTokenParamDefinition() ); } /* @inheritDoc */ public function validate( Validator $restValidator ) { parent::validate( $restValidator ); $this->validateToken(); } }

| ver. 1.1 | | . | PHP 8.4.18 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ ÑÑ‚Ñ€Ð°Ð½Ð¸Ñ†Ñ‹: 0 | proxy | phpinfo | ÐÐ°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ°