Added release notes for 'ContentHandler::runLegacyHooks' removal
[mediawiki.git] / includes / api / ApiQueryUsers.php
blob2d620a4e9ed60ec566815a548e658bf00a44f4a9
1 <?php
2 /**
5 * Created on July 30, 2007
7 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
24 * @file
27 /**
28 * Query module to get information about a list of users
30 * @ingroup API
32 class ApiQueryUsers extends ApiQueryBase {
34 private $tokenFunctions, $prop;
36 /**
37 * Properties whose contents does not depend on who is looking at them. If the usprops field
38 * contains anything not listed here, the cache mode will never be public for logged-in users.
39 * @var array
41 protected static $publicProps = [
42 // everything except 'blockinfo' which might show hidden records if the user
43 // making the request has the appropriate permissions
44 'groups',
45 'implicitgroups',
46 'rights',
47 'editcount',
48 'registration',
49 'emailable',
50 'gender',
51 'centralids',
52 'cancreate',
55 public function __construct( ApiQuery $query, $moduleName ) {
56 parent::__construct( $query, $moduleName, 'us' );
59 /**
60 * Get an array mapping token names to their handler functions.
61 * The prototype for a token function is func($user)
62 * it should return a token or false (permission denied)
63 * @deprecated since 1.24
64 * @return array Array of tokenname => function
66 protected function getTokenFunctions() {
67 // Don't call the hooks twice
68 if ( isset( $this->tokenFunctions ) ) {
69 return $this->tokenFunctions;
72 // If we're in a mode that breaks the same-origin policy, no tokens can
73 // be obtained
74 if ( $this->lacksSameOriginSecurity() ) {
75 return [];
78 $this->tokenFunctions = [
79 'userrights' => [ 'ApiQueryUsers', 'getUserrightsToken' ],
81 Hooks::run( 'APIQueryUsersTokens', [ &$this->tokenFunctions ] );
83 return $this->tokenFunctions;
86 /**
87 * @deprecated since 1.24
88 * @param User $user
89 * @return string
91 public static function getUserrightsToken( $user ) {
92 global $wgUser;
94 // Since the permissions check for userrights is non-trivial,
95 // don't bother with it here
96 return $wgUser->getEditToken( $user->getName() );
99 public function execute() {
100 $params = $this->extractRequestParams();
101 $this->requireMaxOneParameter( $params, 'userids', 'users' );
103 if ( !is_null( $params['prop'] ) ) {
104 $this->prop = array_flip( $params['prop'] );
105 } else {
106 $this->prop = [];
108 $useNames = !is_null( $params['users'] );
110 $users = (array)$params['users'];
111 $userids = (array)$params['userids'];
113 $goodNames = $done = [];
114 $result = $this->getResult();
115 // Canonicalize user names
116 foreach ( $users as $u ) {
117 $n = User::getCanonicalName( $u );
118 if ( $n === false || $n === '' ) {
119 $vals = [ 'name' => $u, 'invalid' => true ];
120 $fit = $result->addValue( [ 'query', $this->getModuleName() ],
121 null, $vals );
122 if ( !$fit ) {
123 $this->setContinueEnumParameter( 'users',
124 implode( '|', array_diff( $users, $done ) ) );
125 $goodNames = [];
126 break;
128 $done[] = $u;
129 } else {
130 $goodNames[] = $n;
134 if ( $useNames ) {
135 $parameters = &$goodNames;
136 } else {
137 $parameters = &$userids;
140 $result = $this->getResult();
142 if ( count( $parameters ) ) {
143 $this->addTables( 'user' );
144 $this->addFields( User::selectFields() );
145 if ( $useNames ) {
146 $this->addWhereFld( 'user_name', $goodNames );
147 } else {
148 $this->addWhereFld( 'user_id', $userids );
151 $this->showHiddenUsersAddBlockInfo( isset( $this->prop['blockinfo'] ) );
153 $data = [];
154 $res = $this->select( __METHOD__ );
155 $this->resetQueryParams();
157 // get user groups if needed
158 if ( isset( $this->prop['groups'] ) || isset( $this->prop['rights'] ) ) {
159 $userGroups = [];
161 $this->addTables( 'user' );
162 if ( $useNames ) {
163 $this->addWhereFld( 'user_name', $goodNames );
164 } else {
165 $this->addWhereFld( 'user_id', $userids );
168 $this->addTables( 'user_groups' );
169 $this->addJoinConds( [ 'user_groups' => [ 'INNER JOIN', 'ug_user=user_id' ] ] );
170 $this->addFields( [ 'user_name', 'ug_group' ] );
171 $userGroupsRes = $this->select( __METHOD__ );
173 foreach ( $userGroupsRes as $row ) {
174 $userGroups[$row->user_name][] = $row->ug_group;
178 foreach ( $res as $row ) {
180 // create user object and pass along $userGroups if set
181 // that reduces the number of database queries needed in User dramatically
182 if ( !isset( $userGroups ) ) {
183 $user = User::newFromRow( $row );
184 } else {
185 if ( !isset( $userGroups[$row->user_name] ) || !is_array( $userGroups[$row->user_name] ) ) {
186 $userGroups[$row->user_name] = [];
188 $user = User::newFromRow( $row, [ 'user_groups' => $userGroups[$row->user_name] ] );
190 if ( $useNames ) {
191 $key = $user->getName();
192 } else {
193 $key = $user->getId();
195 $data[$key]['userid'] = $user->getId();
196 $data[$key]['name'] = $user->getName();
198 if ( isset( $this->prop['editcount'] ) ) {
199 $data[$key]['editcount'] = $user->getEditCount();
202 if ( isset( $this->prop['registration'] ) ) {
203 $data[$key]['registration'] = wfTimestampOrNull( TS_ISO_8601, $user->getRegistration() );
206 if ( isset( $this->prop['groups'] ) ) {
207 $data[$key]['groups'] = $user->getEffectiveGroups();
210 if ( isset( $this->prop['implicitgroups'] ) ) {
211 $data[$key]['implicitgroups'] = $user->getAutomaticGroups();
214 if ( isset( $this->prop['rights'] ) ) {
215 $data[$key]['rights'] = $user->getRights();
217 if ( $row->ipb_deleted ) {
218 $data[$key]['hidden'] = true;
220 if ( isset( $this->prop['blockinfo'] ) && !is_null( $row->ipb_by_text ) ) {
221 $data[$key]['blockid'] = (int)$row->ipb_id;
222 $data[$key]['blockedby'] = $row->ipb_by_text;
223 $data[$key]['blockedbyid'] = (int)$row->ipb_by;
224 $data[$key]['blockedtimestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
225 $data[$key]['blockreason'] = $row->ipb_reason;
226 $data[$key]['blockexpiry'] = $row->ipb_expiry;
229 if ( isset( $this->prop['emailable'] ) ) {
230 $data[$key]['emailable'] = $user->canReceiveEmail();
233 if ( isset( $this->prop['gender'] ) ) {
234 $gender = $user->getOption( 'gender' );
235 if ( strval( $gender ) === '' ) {
236 $gender = 'unknown';
238 $data[$key]['gender'] = $gender;
241 if ( isset( $this->prop['centralids'] ) ) {
242 $data[$key] += ApiQueryUserInfo::getCentralUserInfo(
243 $this->getConfig(), $user, $params['attachedwiki']
247 if ( !is_null( $params['token'] ) ) {
248 $tokenFunctions = $this->getTokenFunctions();
249 foreach ( $params['token'] as $t ) {
250 $val = call_user_func( $tokenFunctions[$t], $user );
251 if ( $val === false ) {
252 $this->addWarning( [ 'apiwarn-tokennotallowed', $t ] );
253 } else {
254 $data[$key][$t . 'token'] = $val;
261 $context = $this->getContext();
262 // Second pass: add result data to $retval
263 foreach ( $parameters as $u ) {
264 if ( !isset( $data[$u] ) ) {
265 if ( $useNames ) {
266 $data[$u] = [ 'name' => $u ];
267 $urPage = new UserrightsPage;
268 $urPage->setContext( $context );
270 $iwUser = $urPage->fetchUser( $u );
272 if ( $iwUser instanceof UserRightsProxy ) {
273 $data[$u]['interwiki'] = true;
275 if ( !is_null( $params['token'] ) ) {
276 $tokenFunctions = $this->getTokenFunctions();
278 foreach ( $params['token'] as $t ) {
279 $val = call_user_func( $tokenFunctions[$t], $iwUser );
280 if ( $val === false ) {
281 $this->addWarning( [ 'apiwarn-tokennotallowed', $t ] );
282 } else {
283 $data[$u][$t . 'token'] = $val;
287 } else {
288 $data[$u]['missing'] = true;
289 if ( isset( $this->prop['cancreate'] ) ) {
290 $status = MediaWiki\Auth\AuthManager::singleton()->canCreateAccount( $u );
291 $data[$u]['cancreate'] = $status->isGood();
292 if ( !$status->isGood() ) {
293 $data[$u]['cancreateerror'] = $this->getErrorFormatter()->arrayFromStatus( $status );
297 } else {
298 $data[$u] = [ 'userid' => $u, 'missing' => true ];
301 } else {
302 if ( isset( $this->prop['groups'] ) && isset( $data[$u]['groups'] ) ) {
303 ApiResult::setArrayType( $data[$u]['groups'], 'array' );
304 ApiResult::setIndexedTagName( $data[$u]['groups'], 'g' );
306 if ( isset( $this->prop['implicitgroups'] ) && isset( $data[$u]['implicitgroups'] ) ) {
307 ApiResult::setArrayType( $data[$u]['implicitgroups'], 'array' );
308 ApiResult::setIndexedTagName( $data[$u]['implicitgroups'], 'g' );
310 if ( isset( $this->prop['rights'] ) && isset( $data[$u]['rights'] ) ) {
311 ApiResult::setArrayType( $data[$u]['rights'], 'array' );
312 ApiResult::setIndexedTagName( $data[$u]['rights'], 'r' );
316 $fit = $result->addValue( [ 'query', $this->getModuleName() ],
317 null, $data[$u] );
318 if ( !$fit ) {
319 if ( $useNames ) {
320 $this->setContinueEnumParameter( 'users',
321 implode( '|', array_diff( $users, $done ) ) );
322 } else {
323 $this->setContinueEnumParameter( 'userids',
324 implode( '|', array_diff( $userids, $done ) ) );
326 break;
328 $done[] = $u;
330 $result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'user' );
333 public function getCacheMode( $params ) {
334 if ( isset( $params['token'] ) ) {
335 return 'private';
336 } elseif ( array_diff( (array)$params['prop'], static::$publicProps ) ) {
337 return 'anon-public-user-private';
338 } else {
339 return 'public';
343 public function getAllowedParams() {
344 return [
345 'prop' => [
346 ApiBase::PARAM_ISMULTI => true,
347 ApiBase::PARAM_TYPE => [
348 'blockinfo',
349 'groups',
350 'implicitgroups',
351 'rights',
352 'editcount',
353 'registration',
354 'emailable',
355 'gender',
356 'centralids',
357 'cancreate',
358 // When adding a prop, consider whether it should be added
359 // to self::$publicProps
361 ApiBase::PARAM_HELP_MSG_PER_VALUE => [],
363 'attachedwiki' => null,
364 'users' => [
365 ApiBase::PARAM_ISMULTI => true
367 'userids' => [
368 ApiBase::PARAM_ISMULTI => true,
369 ApiBase::PARAM_TYPE => 'integer'
371 'token' => [
372 ApiBase::PARAM_DEPRECATED => true,
373 ApiBase::PARAM_TYPE => array_keys( $this->getTokenFunctions() ),
374 ApiBase::PARAM_ISMULTI => true
379 protected function getExamplesMessages() {
380 return [
381 'action=query&list=users&ususers=Example&usprop=groups|editcount|gender'
382 => 'apihelp-query+users-example-simple',
386 public function getHelpUrls() {
387 return 'https://www.mediawiki.org/wiki/API:Users';