Fix protection rights usage
[mediawiki.git] / includes / actions / WatchAction.php
blob929c1b5f12408c2a1c17f4c856929b11e40198f4
1 <?php
2 /**
3 * Performs the watch and unwatch actions on a page
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 * @file
20 * @ingroup Actions
23 /**
24 * Page addition to a user's watchlist
26 * @ingroup Actions
28 class WatchAction extends FormAction {
30 public function getName() {
31 return 'watch';
34 public function requiresUnblock() {
35 return false;
38 protected function getDescription() {
39 return $this->msg( 'addwatch' )->escaped();
42 /**
43 * Just get an empty form with a single submit button
44 * @return array
46 protected function getFormFields() {
47 return array();
50 public function onSubmit( $data ) {
51 wfProfileIn( __METHOD__ );
52 self::doWatch( $this->getTitle(), $this->getUser() );
53 wfProfileOut( __METHOD__ );
54 return true;
57 /**
58 * This can be either formed or formless depending on the session token given
60 public function show() {
61 $this->setHeaders();
63 $user = $this->getUser();
64 // This will throw exceptions if there's a problem
65 $this->checkCanExecute( $user );
67 // Must have valid token for this action/title
68 $salt = array( $this->getName(), $this->getTitle()->getDBkey() );
70 if ( $user->matchEditToken( $this->getRequest()->getVal( 'token' ), $salt ) ) {
71 $this->onSubmit( array() );
72 $this->onSuccess();
73 } else {
74 $form = $this->getForm();
75 if ( $form->show() ) {
76 $this->onSuccess();
81 protected function checkCanExecute( User $user ) {
82 // Must be logged in
83 if ( $user->isAnon() ) {
84 throw new ErrorPageError( 'watchnologin', 'watchnologintext' );
87 return parent::checkCanExecute( $user );
90 /**
91 * Watch or unwatch a page
92 * @since 1.22
93 * @param bool $watch Whether to watch or unwatch the page
94 * @param Title $title Page to watch/unwatch
95 * @param User $user User who is watching/unwatching
96 * @return Status
98 public static function doWatchOrUnwatch( $watch, Title $title, User $user ) {
99 if ( $user->isLoggedIn() && $user->isWatched( $title, WatchedItem::IGNORE_USER_RIGHTS ) != $watch ) {
100 // If the user doesn't have 'editmywatchlist', we still want to
101 // allow them to add but not remove items via edits and such.
102 if ( $watch ) {
103 return self::doWatch( $title, $user, WatchedItem::IGNORE_USER_RIGHTS );
104 } else {
105 return self::doUnwatch( $title, $user );
108 return Status::newGood();
112 * Watch a page
113 * @since 1.22 Returns Status, $checkRights parameter added
114 * @param Title $title Page to watch/unwatch
115 * @param User $user User who is watching/unwatching
116 * @param int $checkRights Passed through to $user->addWatch()
117 * @return Status
119 public static function doWatch( Title $title, User $user, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
120 if ( $checkRights !== WatchedItem::IGNORE_USER_RIGHTS && !$user->isAllowed( 'editmywatchlist' ) ) {
121 return User::newFatalPermissionDeniedStatus( 'editmywatchlist' );
124 $page = WikiPage::factory( $title );
126 $status = Status::newFatal( 'hookaborted' );
127 if ( wfRunHooks( 'WatchArticle', array( &$user, &$page, &$status ) ) ) {
128 $status = Status::newGood();
129 $user->addWatch( $title, $checkRights );
130 wfRunHooks( 'WatchArticleComplete', array( &$user, &$page ) );
132 return $status;
136 * Unwatch a page
137 * @since 1.22 Returns Status
138 * @param Title $title Page to watch/unwatch
139 * @param User $user User who is watching/unwatching
140 * @return Status
142 public static function doUnwatch( Title $title, User $user ) {
143 if ( !$user->isAllowed( 'editmywatchlist' ) ) {
144 return User::newFatalPermissionDeniedStatus( 'editmywatchlist' );
147 $page = WikiPage::factory( $title );
149 $status = Status::newFatal( 'hookaborted' );
150 if ( wfRunHooks( 'UnwatchArticle', array( &$user, &$page, &$status ) ) ) {
151 $status = Status::newGood();
152 $user->removeWatch( $title );
153 wfRunHooks( 'UnwatchArticleComplete', array( &$user, &$page ) );
155 return $status;
159 * Get token to watch (or unwatch) a page for a user
161 * @param Title $title Title object of page to watch
162 * @param User $user User for whom the action is going to be performed
163 * @param string $action Optionally override the action to 'unwatch'
164 * @return string Token
165 * @since 1.18
167 public static function getWatchToken( Title $title, User $user, $action = 'watch' ) {
168 if ( $action != 'unwatch' ) {
169 $action = 'watch';
171 $salt = array( $action, $title->getDBkey() );
173 // This token stronger salted and not compatible with ApiWatch
174 // It's title/action specific because index.php is GET and API is POST
175 return $user->getEditToken( $salt );
179 * Get token to unwatch (or watch) a page for a user
181 * @param Title $title Title object of page to unwatch
182 * @param User $user User for whom the action is going to be performed
183 * @param string $action Optionally override the action to 'watch'
184 * @return string Token
185 * @since 1.18
187 public static function getUnwatchToken( Title $title, User $user, $action = 'unwatch' ) {
188 return self::getWatchToken( $title, $user, $action );
191 protected function alterForm( HTMLForm $form ) {
192 $form->setSubmitTextMsg( 'confirm-watch-button' );
195 protected function preText() {
196 return $this->msg( 'confirm-watch-top' )->parse();
199 public function onSuccess() {
200 $this->getOutput()->addWikiMsg( 'addedwatchtext', $this->getTitle()->getPrefixedText() );
205 * Page removal from a user's watchlist
207 * @ingroup Actions
209 class UnwatchAction extends WatchAction {
211 public function getName() {
212 return 'unwatch';
215 protected function getDescription() {
216 return $this->msg( 'removewatch' )->escaped();
219 public function onSubmit( $data ) {
220 wfProfileIn( __METHOD__ );
221 self::doUnwatch( $this->getTitle(), $this->getUser() );
222 wfProfileOut( __METHOD__ );
223 return true;
226 protected function alterForm( HTMLForm $form ) {
227 $form->setSubmitTextMsg( 'confirm-unwatch-button' );
230 protected function preText() {
231 return $this->msg( 'confirm-unwatch-top' )->parse();
234 public function onSuccess() {
235 $this->getOutput()->addWikiMsg( 'removedwatchtext', $this->getTitle()->getPrefixedText() );