search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
AuthManager: Break AuthPlugin::addUser more explicitly
[mediawiki.git] / includes / specials / SpecialListgrouprights.php
blobd64306beab26bb2afd15a95aa0267d03d5757a1d
1 <?php
2 /**
3 * Implements Special:Listgrouprights
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 /**
25 * This special page lists all defined user groups and the associated rights.
26 * See also @ref $wgGroupPermissions.
27 *
28 * @ingroup SpecialPage
29 * @author Petr Kadlec <mormegil@centrum.cz>
30 */
31 class SpecialListGroupRights extends SpecialPage {
32 function __construct() {
33 parent::__construct( 'Listgrouprights' );
34 }
35
36 /**
37 * Show the special page
38 * @param string|null $par
39 */
40 public function execute( $par ) {
41 $this->setHeaders();
42 $this->outputHeader();
43
44 $out = $this->getOutput();
45 $out->addModuleStyles( 'mediawiki.special' );
46
47 $out->wrapWikiMsg( "<div class=\"mw-listgrouprights-key\">\n$1\n</div>", 'listgrouprights-key' );
48
49 $out->addHTML(
50 Xml::openElement( 'table', [ 'class' => 'wikitable mw-listgrouprights-table' ] ) .
51 '<tr>' .
52 Xml::element( 'th', null, $this->msg( 'listgrouprights-group' )->text() ) .
53 Xml::element( 'th', null, $this->msg( 'listgrouprights-rights' )->text() ) .
54 '</tr>'
55 );
56
57 $config = $this->getConfig();
58 $groupPermissions = $config->get( 'GroupPermissions' );
59 $revokePermissions = $config->get( 'RevokePermissions' );
60 $addGroups = $config->get( 'AddGroups' );
61 $removeGroups = $config->get( 'RemoveGroups' );
62 $groupsAddToSelf = $config->get( 'GroupsAddToSelf' );
63 $groupsRemoveFromSelf = $config->get( 'GroupsRemoveFromSelf' );
64 $allGroups = array_unique( array_merge(
65 array_keys( $groupPermissions ),
66 array_keys( $revokePermissions ),
67 array_keys( $addGroups ),
68 array_keys( $removeGroups ),
69 array_keys( $groupsAddToSelf ),
70 array_keys( $groupsRemoveFromSelf )
71 ) );
72 asort( $allGroups );
73
74 foreach ( $allGroups as $group ) {
75 $permissions = isset( $groupPermissions[$group] )
76 ? $groupPermissions[$group]
77 : [];
78 $groupname = ( $group == '*' ) // Replace * with a more descriptive groupname
79 ? 'all'
80 : $group;
81
82 $msg = $this->msg( 'group-' . $groupname );
83 $groupnameLocalized = !$msg->isBlank() ? $msg->text() : $groupname;
84
85 $msg = $this->msg( 'grouppage-' . $groupname )->inContentLanguage();
86 $grouppageLocalized = !$msg->isBlank() ?
87 $msg->text() :
88 MWNamespace::getCanonicalName( NS_PROJECT ) . ':' . $groupname;
89 $grouppageLocalizedTitle = Title::newFromText( $grouppageLocalized );
90
91 if ( $group == '*' || !$grouppageLocalizedTitle ) {
92 // Do not make a link for the generic * group or group with invalid group page
93 $grouppage = htmlspecialchars( $groupnameLocalized );
94 } else {
95 $grouppage = Linker::link(
96 $grouppageLocalizedTitle,
97 htmlspecialchars( $groupnameLocalized )
98 );
99 }
100
101 if ( $group === 'user' ) {
102 // Link to Special:listusers for implicit group 'user'
103 $grouplink = '<br />' . Linker::linkKnown(
104 SpecialPage::getTitleFor( 'Listusers' ),
105 $this->msg( 'listgrouprights-members' )->escaped()
106 );
107 } elseif ( !in_array( $group, $config->get( 'ImplicitGroups' ) ) ) {
108 $grouplink = '<br />' . Linker::linkKnown(
109 SpecialPage::getTitleFor( 'Listusers' ),
110 $this->msg( 'listgrouprights-members' )->escaped(),
111 [],
112 [ 'group' => $group ]
113 );
114 } else {
115 // No link to Special:listusers for other implicit groups as they are unlistable
116 $grouplink = '';
117 }
118
119 $revoke = isset( $revokePermissions[$group] ) ? $revokePermissions[$group] : [];
120 $addgroups = isset( $addGroups[$group] ) ? $addGroups[$group] : [];
121 $removegroups = isset( $removeGroups[$group] ) ? $removeGroups[$group] : [];
122 $addgroupsSelf = isset( $groupsAddToSelf[$group] ) ? $groupsAddToSelf[$group] : [];
123 $removegroupsSelf = isset( $groupsRemoveFromSelf[$group] )
124 ? $groupsRemoveFromSelf[$group]
125 : [];
126
127 $id = $group == '*' ? false : Sanitizer::escapeId( $group );
128 $out->addHTML( Html::rawElement( 'tr', [ 'id' => $id ], "
129 <td>$grouppage$grouplink</td>
130 <td>" .
131 $this->formatPermissions( $permissions, $revoke, $addgroups, $removegroups,
132 $addgroupsSelf, $removegroupsSelf ) .
133 '</td>
134 '
135 ) );
136 }
137 $out->addHTML( Xml::closeElement( 'table' ) );
138 $this->outputNamespaceProtectionInfo();
139 }
140
141 private function outputNamespaceProtectionInfo() {
142 global $wgParser, $wgContLang;
143 $out = $this->getOutput();
144 $namespaceProtection = $this->getConfig()->get( 'NamespaceProtection' );
145
146 if ( count( $namespaceProtection ) == 0 ) {
147 return;
148 }
149
150 $header = $this->msg( 'listgrouprights-namespaceprotection-header' )->parse();
151 $out->addHTML(
152 Html::rawElement( 'h2', [], Html::element( 'span', [
153 'class' => 'mw-headline',
154 'id' => $wgParser->guessSectionNameFromWikiText( $header )
155 ], $header ) ) .
156 Xml::openElement( 'table', [ 'class' => 'wikitable' ] ) .
157 Html::element(
158 'th',
159 [],
160 $this->msg( 'listgrouprights-namespaceprotection-namespace' )->text()
161 ) .
162 Html::element(
163 'th',
164 [],
165 $this->msg( 'listgrouprights-namespaceprotection-restrictedto' )->text()
166 )
167 );
168
169 ksort( $namespaceProtection );
170 foreach ( $namespaceProtection as $namespace => $rights ) {
171 if ( !in_array( $namespace, MWNamespace::getValidNamespaces() ) ) {
172 continue;
173 }
174
175 if ( $namespace == NS_MAIN ) {
176 $namespaceText = $this->msg( 'blanknamespace' )->text();
177 } else {
178 $namespaceText = $wgContLang->convertNamespace( $namespace );
179 }
180
181 $out->addHTML(
182 Xml::openElement( 'tr' ) .
183 Html::rawElement(
184 'td',
185 [],
186 Linker::link(
187 SpecialPage::getTitleFor( 'Allpages' ),
188 htmlspecialchars( $namespaceText ),
189 [],
190 [ 'namespace' => $namespace ]
191 )
192 ) .
193 Xml::openElement( 'td' ) . Xml::openElement( 'ul' )
194 );
195
196 if ( !is_array( $rights ) ) {
197 $rights = [ $rights ];
198 }
199
200 foreach ( $rights as $right ) {
201 $out->addHTML(
202 Html::rawElement( 'li', [], $this->msg(
203 'listgrouprights-right-display',
204 User::getRightDescription( $right ),
205 Html::element(
206 'span',
207 [ 'class' => 'mw-listgrouprights-right-name' ],
208 $right
209 )
210 )->parse() )
211 );
212 }
213
214 $out->addHTML(
215 Xml::closeElement( 'ul' ) .
216 Xml::closeElement( 'td' ) .
217 Xml::closeElement( 'tr' )
218 );
219 }
220 $out->addHTML( Xml::closeElement( 'table' ) );
221 }
222
223 /**
224 * Create a user-readable list of permissions from the given array.
225 *
226 * @param array $permissions Array of permission => bool (from $wgGroupPermissions items)
227 * @param array $revoke Array of permission => bool (from $wgRevokePermissions items)
228 * @param array $add Array of groups this group is allowed to add or true
229 * @param array $remove Array of groups this group is allowed to remove or true
230 * @param array $addSelf Array of groups this group is allowed to add to self or true
231 * @param array $removeSelf Array of group this group is allowed to remove from self or true
232 * @return string List of all granted permissions, separated by comma separator
233 */
234 private function formatPermissions( $permissions, $revoke, $add, $remove, $addSelf, $removeSelf ) {
235 $r = [];
236 foreach ( $permissions as $permission => $granted ) {
237 // show as granted only if it isn't revoked to prevent duplicate display of permissions
238 if ( $granted && ( !isset( $revoke[$permission] ) || !$revoke[$permission] ) ) {
239 $r[] = $this->msg( 'listgrouprights-right-display',
240 User::getRightDescription( $permission ),
241 '<span class="mw-listgrouprights-right-name">' . $permission . '</span>'
242 )->parse();
243 }
244 }
245 foreach ( $revoke as $permission => $revoked ) {
246 if ( $revoked ) {
247 $r[] = $this->msg( 'listgrouprights-right-revoked',
248 User::getRightDescription( $permission ),
249 '<span class="mw-listgrouprights-right-name">' . $permission . '</span>'
250 )->parse();
251 }
252 }
253
254 sort( $r );
255
256 $lang = $this->getLanguage();
257 $allGroups = User::getAllGroups();
258
259 $changeGroups = [
260 'addgroup' => $add,
261 'removegroup' => $remove,
262 'addgroup-self' => $addSelf,
263 'removegroup-self' => $removeSelf
264 ];
265
266 foreach ( $changeGroups as $messageKey => $changeGroup ) {
267 if ( $changeGroup === true ) {
268 // For grep: listgrouprights-addgroup-all, listgrouprights-removegroup-all,
269 // listgrouprights-addgroup-self-all, listgrouprights-removegroup-self-all
270 $r[] = $this->msg( 'listgrouprights-' . $messageKey . '-all' )->escaped();
271 } elseif ( is_array( $changeGroup ) ) {
272 $changeGroup = array_intersect( array_values( array_unique( $changeGroup ) ), $allGroups );
273 if ( count( $changeGroup ) ) {
274 // For grep: listgrouprights-addgroup, listgrouprights-removegroup,
275 // listgrouprights-addgroup-self, listgrouprights-removegroup-self
276 $r[] = $this->msg( 'listgrouprights-' . $messageKey,
277 $lang->listToText( array_map( [ 'User', 'makeGroupLinkWiki' ], $changeGroup ) ),
278 count( $changeGroup )
279 )->parse();
280 }
281 }
282 }
283
284 if ( empty( $r ) ) {
285 return '';
286 } else {
287 return '<ul><li>' . implode( "</li>\n<li>", $r ) . '</li></ul>';
288 }
289 }
290
291 protected function getGroupName() {
292 return 'users';
293 }
294 }
MediaWiki Core