User::isSafeToLoad() should return false if MW_NO_SESSION
[mediawiki.git] / includes / api / ApiQueryAllDeletedRevisions.php
bloba559683a33642cc415fdc0581ebb6039cead5bfc
1 <?php
2 /**
3 * Created on Oct 3, 2014
5 * Copyright © 2014 Brad Jorsch "bjorsch@wikimedia.org"
7 * Heavily based on ApiQueryDeletedrevs,
8 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
23 * http://www.gnu.org/copyleft/gpl.html
25 * @file
28 /**
29 * Query module to enumerate all deleted revisions.
31 * @ingroup API
33 class ApiQueryAllDeletedRevisions extends ApiQueryRevisionsBase {
35 public function __construct( ApiQuery $query, $moduleName ) {
36 parent::__construct( $query, $moduleName, 'adr' );
39 /**
40 * @param ApiPageSet $resultPageSet
41 * @return void
43 protected function run( ApiPageSet $resultPageSet = null ) {
44 $user = $this->getUser();
45 // Before doing anything at all, let's check permissions
46 if ( !$user->isAllowed( 'deletedhistory' ) ) {
47 $this->dieUsage(
48 'You don\'t have permission to view deleted revision information',
49 'permissiondenied'
53 $db = $this->getDB();
54 $params = $this->extractRequestParams( false );
56 $result = $this->getResult();
58 // This module operates in two modes:
59 // 'user': List deleted revs by a certain user
60 // 'all': List all deleted revs in NS
61 $mode = 'all';
62 if ( !is_null( $params['user'] ) ) {
63 $mode = 'user';
66 if ( $mode == 'user' ) {
67 foreach ( [ 'from', 'to', 'prefix', 'excludeuser' ] as $param ) {
68 if ( !is_null( $params[$param] ) ) {
69 $p = $this->getModulePrefix();
70 $this->dieUsage( "The '{$p}{$param}' parameter cannot be used with '{$p}user'",
71 'badparams' );
74 } else {
75 foreach ( [ 'start', 'end' ] as $param ) {
76 if ( !is_null( $params[$param] ) ) {
77 $p = $this->getModulePrefix();
78 $this->dieUsage( "The '{$p}{$param}' parameter may only be used with '{$p}user'",
79 'badparams' );
84 // If we're generating titles only, we can use DISTINCT for a better
85 // query. But we can't do that in 'user' mode (wrong index), and we can
86 // only do it when sorting ASC (because MySQL apparently can't use an
87 // index backwards for grouping even though it can for ORDER BY, WTF?)
88 $dir = $params['dir'];
89 $optimizeGenerateTitles = false;
90 if ( $mode === 'all' && $params['generatetitles'] && $resultPageSet !== null ) {
91 if ( $dir === 'newer' ) {
92 $optimizeGenerateTitles = true;
93 } else {
94 $p = $this->getModulePrefix();
95 $this->setWarning( "For better performance when generating titles, set {$p}dir=newer" );
99 $this->addTables( 'archive' );
100 if ( $resultPageSet === null ) {
101 $this->parseParameters( $params );
102 $this->addFields( Revision::selectArchiveFields() );
103 $this->addFields( [ 'ar_title', 'ar_namespace' ] );
104 } else {
105 $this->limit = $this->getParameter( 'limit' ) ?: 10;
106 $this->addFields( [ 'ar_title', 'ar_namespace' ] );
107 if ( $optimizeGenerateTitles ) {
108 $this->addOption( 'DISTINCT' );
109 } else {
110 $this->addFields( [ 'ar_timestamp', 'ar_rev_id', 'ar_id' ] );
114 if ( $this->fld_tags ) {
115 $this->addTables( 'tag_summary' );
116 $this->addJoinConds(
117 [ 'tag_summary' => [ 'LEFT JOIN', [ 'ar_rev_id=ts_rev_id' ] ] ]
119 $this->addFields( 'ts_tags' );
122 if ( !is_null( $params['tag'] ) ) {
123 $this->addTables( 'change_tag' );
124 $this->addJoinConds(
125 [ 'change_tag' => [ 'INNER JOIN', [ 'ar_rev_id=ct_rev_id' ] ] ]
127 $this->addWhereFld( 'ct_tag', $params['tag'] );
130 if ( $this->fetchContent ) {
131 // Modern MediaWiki has the content for deleted revs in the 'text'
132 // table using fields old_text and old_flags. But revisions deleted
133 // pre-1.5 store the content in the 'archive' table directly using
134 // fields ar_text and ar_flags, and no corresponding 'text' row. So
135 // we have to LEFT JOIN and fetch all four fields.
136 $this->addTables( 'text' );
137 $this->addJoinConds(
138 [ 'text' => [ 'LEFT JOIN', [ 'ar_text_id=old_id' ] ] ]
140 $this->addFields( [ 'ar_text', 'ar_flags', 'old_text', 'old_flags' ] );
142 // This also means stricter restrictions
143 if ( !$user->isAllowedAny( 'undelete', 'deletedtext' ) ) {
144 $this->dieUsage(
145 'You don\'t have permission to view deleted revision content',
146 'permissiondenied'
151 $miser_ns = null;
153 if ( $mode == 'all' ) {
154 if ( $params['namespace'] !== null ) {
155 $namespaces = $params['namespace'];
156 $this->addWhereFld( 'ar_namespace', $namespaces );
157 } else {
158 $namespaces = MWNamespace::getValidNamespaces();
161 // For from/to/prefix, we have to consider the potential
162 // transformations of the title in all specified namespaces.
163 // Generally there will be only one transformation, but wikis with
164 // some namespaces case-sensitive could have two.
165 if ( $params['from'] !== null || $params['to'] !== null ) {
166 $isDirNewer = ( $dir === 'newer' );
167 $after = ( $isDirNewer ? '>=' : '<=' );
168 $before = ( $isDirNewer ? '<=' : '>=' );
169 $where = [];
170 foreach ( $namespaces as $ns ) {
171 $w = [];
172 if ( $params['from'] !== null ) {
173 $w[] = 'ar_title' . $after .
174 $db->addQuotes( $this->titlePartToKey( $params['from'], $ns ) );
176 if ( $params['to'] !== null ) {
177 $w[] = 'ar_title' . $before .
178 $db->addQuotes( $this->titlePartToKey( $params['to'], $ns ) );
180 $w = $db->makeList( $w, LIST_AND );
181 $where[$w][] = $ns;
183 if ( count( $where ) == 1 ) {
184 $where = key( $where );
185 $this->addWhere( $where );
186 } else {
187 $where2 = [];
188 foreach ( $where as $w => $ns ) {
189 $where2[] = $db->makeList( [ $w, 'ar_namespace' => $ns ], LIST_AND );
191 $this->addWhere( $db->makeList( $where2, LIST_OR ) );
195 if ( isset( $params['prefix'] ) ) {
196 $where = [];
197 foreach ( $namespaces as $ns ) {
198 $w = 'ar_title' . $db->buildLike(
199 $this->titlePartToKey( $params['prefix'], $ns ),
200 $db->anyString() );
201 $where[$w][] = $ns;
203 if ( count( $where ) == 1 ) {
204 $where = key( $where );
205 $this->addWhere( $where );
206 } else {
207 $where2 = [];
208 foreach ( $where as $w => $ns ) {
209 $where2[] = $db->makeList( [ $w, 'ar_namespace' => $ns ], LIST_AND );
211 $this->addWhere( $db->makeList( $where2, LIST_OR ) );
214 } else {
215 if ( $this->getConfig()->get( 'MiserMode' ) ) {
216 $miser_ns = $params['namespace'];
217 } else {
218 $this->addWhereFld( 'ar_namespace', $params['namespace'] );
220 $this->addTimestampWhereRange( 'ar_timestamp', $dir, $params['start'], $params['end'] );
223 if ( !is_null( $params['user'] ) ) {
224 $this->addWhereFld( 'ar_user_text', $params['user'] );
225 } elseif ( !is_null( $params['excludeuser'] ) ) {
226 $this->addWhere( 'ar_user_text != ' .
227 $db->addQuotes( $params['excludeuser'] ) );
230 if ( !is_null( $params['user'] ) || !is_null( $params['excludeuser'] ) ) {
231 // Paranoia: avoid brute force searches (bug 17342)
232 // (shouldn't be able to get here without 'deletedhistory', but
233 // check it again just in case)
234 if ( !$user->isAllowed( 'deletedhistory' ) ) {
235 $bitmask = Revision::DELETED_USER;
236 } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
237 $bitmask = Revision::DELETED_USER | Revision::DELETED_RESTRICTED;
238 } else {
239 $bitmask = 0;
241 if ( $bitmask ) {
242 $this->addWhere( $db->bitAnd( 'ar_deleted', $bitmask ) . " != $bitmask" );
246 if ( !is_null( $params['continue'] ) ) {
247 $cont = explode( '|', $params['continue'] );
248 $op = ( $dir == 'newer' ? '>' : '<' );
249 if ( $optimizeGenerateTitles ) {
250 $this->dieContinueUsageIf( count( $cont ) != 2 );
251 $ns = intval( $cont[0] );
252 $this->dieContinueUsageIf( strval( $ns ) !== $cont[0] );
253 $title = $db->addQuotes( $cont[1] );
254 $this->addWhere( "ar_namespace $op $ns OR " .
255 "(ar_namespace = $ns AND ar_title $op= $title)" );
256 } elseif ( $mode == 'all' ) {
257 $this->dieContinueUsageIf( count( $cont ) != 4 );
258 $ns = intval( $cont[0] );
259 $this->dieContinueUsageIf( strval( $ns ) !== $cont[0] );
260 $title = $db->addQuotes( $cont[1] );
261 $ts = $db->addQuotes( $db->timestamp( $cont[2] ) );
262 $ar_id = (int)$cont[3];
263 $this->dieContinueUsageIf( strval( $ar_id ) !== $cont[3] );
264 $this->addWhere( "ar_namespace $op $ns OR " .
265 "(ar_namespace = $ns AND " .
266 "(ar_title $op $title OR " .
267 "(ar_title = $title AND " .
268 "(ar_timestamp $op $ts OR " .
269 "(ar_timestamp = $ts AND " .
270 "ar_id $op= $ar_id)))))" );
271 } else {
272 $this->dieContinueUsageIf( count( $cont ) != 2 );
273 $ts = $db->addQuotes( $db->timestamp( $cont[0] ) );
274 $ar_id = (int)$cont[1];
275 $this->dieContinueUsageIf( strval( $ar_id ) !== $cont[1] );
276 $this->addWhere( "ar_timestamp $op $ts OR " .
277 "(ar_timestamp = $ts AND " .
278 "ar_id $op= $ar_id)" );
282 $this->addOption( 'LIMIT', $this->limit + 1 );
284 $sort = ( $dir == 'newer' ? '' : ' DESC' );
285 $orderby = [];
286 if ( $optimizeGenerateTitles ) {
287 // Targeting index name_title_timestamp
288 if ( $params['namespace'] === null || count( array_unique( $params['namespace'] ) ) > 1 ) {
289 $orderby[] = "ar_namespace $sort";
291 $orderby[] = "ar_title $sort";
292 } elseif ( $mode == 'all' ) {
293 // Targeting index name_title_timestamp
294 if ( $params['namespace'] === null || count( array_unique( $params['namespace'] ) ) > 1 ) {
295 $orderby[] = "ar_namespace $sort";
297 $orderby[] = "ar_title $sort";
298 $orderby[] = "ar_timestamp $sort";
299 $orderby[] = "ar_id $sort";
300 } else {
301 // Targeting index usertext_timestamp
302 // 'user' is always constant.
303 $orderby[] = "ar_timestamp $sort";
304 $orderby[] = "ar_id $sort";
306 $this->addOption( 'ORDER BY', $orderby );
308 $res = $this->select( __METHOD__ );
309 $pageMap = []; // Maps ns&title to array index
310 $count = 0;
311 $nextIndex = 0;
312 $generated = [];
313 foreach ( $res as $row ) {
314 if ( ++$count > $this->limit ) {
315 // We've had enough
316 if ( $optimizeGenerateTitles ) {
317 $this->setContinueEnumParameter( 'continue', "$row->ar_namespace|$row->ar_title" );
318 } elseif ( $mode == 'all' ) {
319 $this->setContinueEnumParameter( 'continue',
320 "$row->ar_namespace|$row->ar_title|$row->ar_timestamp|$row->ar_id"
322 } else {
323 $this->setContinueEnumParameter( 'continue', "$row->ar_timestamp|$row->ar_id" );
325 break;
328 // Miser mode namespace check
329 if ( $miser_ns !== null && !in_array( $row->ar_namespace, $miser_ns ) ) {
330 continue;
333 if ( $resultPageSet !== null ) {
334 if ( $params['generatetitles'] ) {
335 $key = "{$row->ar_namespace}:{$row->ar_title}";
336 if ( !isset( $generated[$key] ) ) {
337 $generated[$key] = Title::makeTitle( $row->ar_namespace, $row->ar_title );
339 } else {
340 $generated[] = $row->ar_rev_id;
342 } else {
343 $revision = Revision::newFromArchiveRow( $row );
344 $rev = $this->extractRevisionInfo( $revision, $row );
346 if ( !isset( $pageMap[$row->ar_namespace][$row->ar_title] ) ) {
347 $index = $nextIndex++;
348 $pageMap[$row->ar_namespace][$row->ar_title] = $index;
349 $title = $revision->getTitle();
350 $a = [
351 'pageid' => $title->getArticleID(),
352 'revisions' => [ $rev ],
354 ApiResult::setIndexedTagName( $a['revisions'], 'rev' );
355 ApiQueryBase::addTitleInfo( $a, $title );
356 $fit = $result->addValue( [ 'query', $this->getModuleName() ], $index, $a );
357 } else {
358 $index = $pageMap[$row->ar_namespace][$row->ar_title];
359 $fit = $result->addValue(
360 [ 'query', $this->getModuleName(), $index, 'revisions' ],
361 null, $rev );
363 if ( !$fit ) {
364 if ( $mode == 'all' ) {
365 $this->setContinueEnumParameter( 'continue',
366 "$row->ar_namespace|$row->ar_title|$row->ar_timestamp|$row->ar_id"
368 } else {
369 $this->setContinueEnumParameter( 'continue', "$row->ar_timestamp|$row->ar_id" );
371 break;
376 if ( $resultPageSet !== null ) {
377 if ( $params['generatetitles'] ) {
378 $resultPageSet->populateFromTitles( $generated );
379 } else {
380 $resultPageSet->populateFromRevisionIDs( $generated );
382 } else {
383 $result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'page' );
387 public function getAllowedParams() {
388 $ret = parent::getAllowedParams() + [
389 'user' => [
390 ApiBase::PARAM_TYPE => 'user'
392 'namespace' => [
393 ApiBase::PARAM_ISMULTI => true,
394 ApiBase::PARAM_TYPE => 'namespace',
396 'start' => [
397 ApiBase::PARAM_TYPE => 'timestamp',
398 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'useronly' ] ],
400 'end' => [
401 ApiBase::PARAM_TYPE => 'timestamp',
402 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'useronly' ] ],
404 'dir' => [
405 ApiBase::PARAM_TYPE => [
406 'newer',
407 'older'
409 ApiBase::PARAM_DFLT => 'older',
410 ApiBase::PARAM_HELP_MSG => 'api-help-param-direction',
412 'from' => [
413 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'nonuseronly' ] ],
415 'to' => [
416 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'nonuseronly' ] ],
418 'prefix' => [
419 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'nonuseronly' ] ],
421 'excludeuser' => [
422 ApiBase::PARAM_TYPE => 'user',
423 ApiBase::PARAM_HELP_MSG_INFO => [ [ 'nonuseronly' ] ],
425 'tag' => null,
426 'continue' => [
427 ApiBase::PARAM_HELP_MSG => 'api-help-param-continue',
429 'generatetitles' => [
430 ApiBase::PARAM_DFLT => false
434 if ( $this->getConfig()->get( 'MiserMode' ) ) {
435 $ret['user'][ApiBase::PARAM_HELP_MSG_APPEND] = [
436 'apihelp-query+alldeletedrevisions-param-miser-user-namespace',
438 $ret['namespace'][ApiBase::PARAM_HELP_MSG_APPEND] = [
439 'apihelp-query+alldeletedrevisions-param-miser-user-namespace',
443 return $ret;
446 protected function getExamplesMessages() {
447 return [
448 'action=query&list=alldeletedrevisions&adruser=Example&adrlimit=50'
449 => 'apihelp-query+alldeletedrevisions-example-user',
450 'action=query&list=alldeletedrevisions&adrdir=newer&adrlimit=50'
451 => 'apihelp-query+alldeletedrevisions-example-ns-main',
455 public function getHelpUrls() {
456 return 'https://www.mediawiki.org/wiki/API:Alldeletedrevisions';