protected function afterArticleInitialize($mode, $title, $article) { if ($mode == self::MODE_EDIT) { $aPageProps = BlogArticle::getProps($article->getId()); $this->mFormData['isCommentingEnabled'] = empty($aPageProps['commenting']) ? 0 : $aPageProps['commenting']; $isAllowed = $this->user->isAllowed("blog-articles-edit"); if (strtolower($this->user->getName()) != strtolower(BlogArticle::getOwner($title)) && !$isAllowed) { $this->titleStatus = self::STATUS_BLOG_PERMISSION_DENIED; $this->addEditNotice(wfMsg('create-blog-permission-denied')); } } else { $this->mFormData['isCommentingEnabled'] = true; } }
/** * @static * @param $comment ArticleComment * @return bool */ public static function addArticlePageToWatchlist($comment) { global $wgUser, $wgEnableArticleWatchlist, $wgBlogsEnableStaffAutoFollow; if (!wfRunHooks('ArticleCommentBeforeWatchlistAdd', array($comment))) { return true; } if (empty($wgEnableArticleWatchlist) || $wgUser->isAnon()) { return false; } $oArticlePage = $comment->getArticleTitle(); if (is_null($oArticlePage)) { return false; } if ($wgUser->getOption('watchdefault') && !$oArticlePage->userIsWatching()) { # and article page $wgUser->addWatch($oArticlePage); } if (!empty($wgBlogsEnableStaffAutoFollow) && defined('NS_BLOG_ARTICLE') && $comment->mTitle->getNamespace() == NS_BLOG_ARTICLE) { $owner = BlogArticle::getOwner($oArticlePage); $oUser = User::newFromName($owner); if ($oUser instanceof User) { $groups = $oUser->getEffectiveGroups(); if (is_array($groups) && in_array('staff', $groups)) { $wgUser->addWatch(Title::newFromText($oUser->getName(), NS_BLOG_ARTICLE)); } } } return true; }
/** * @static * @param Title $title * @param User $user * @param $action * @param $result * @return bool */ public static function userCan($title, $user, $action, &$result) { $namespace = $title->getNamespace(); /** * here we only handle Blog articles, everyone can read it */ if ($namespace != NS_BLOG_ARTICLE && $namespace != NS_BLOG_ARTICLE_TALK) { $result = null; return true; } /** * check if default blog post was passed (BugId:8331) */ if ($namespace == NS_BLOG_ARTICLE && $title->mTextform == '') { return true; } $username = $user->getName(); if ($namespace == NS_BLOG_ARTICLE_TALK && class_exists('ArticleComment')) { $oComment = ArticleComment::newFromTitle($title); // $oComment->load(); $canEdit = $oComment->canEdit(); $isOwner = (bool) ($canEdit && !in_array($action, array('watch', 'protect'))); $isArticle = false; //if this is TALK it is not article } else { $owner = BlogArticle::getOwner($title); $isOwner = (bool) ($username == $owner); $isArticle = (bool) ($namespace == NS_BLOG_ARTICLE); } /** * returned values */ $result = array(); $return = false; switch ($action) { case "move": case "move-target": if ($isArticle && ($user->isAllowed("blog-articles-move") || $isOwner)) { $result = true; $return = true; } break; case "read": $result = true; $return = true; break; /** * creating permissions: * -- article can be created only by blog owner * -- comment can be created by everyone */ /** * creating permissions: * -- article can be created only by blog owner * -- comment can be created by everyone */ case "create": if ($isArticle) { $return = $username == $owner; $result = $username == $owner; } else { $result = true; $return = true; } break; /** * edit permissions -- owner of blog and one who has * "blog-articles-edit" permission */ /** * edit permissions -- owner of blog and one who has * "blog-articles-edit" permission */ case "edit": if ($isArticle && ($user->isAllowed("blog-articles-edit") || $isOwner)) { $result = true; $return = true; } break; case "delete": if (!$isArticle && $user->isAllowed("blog-comments-delete")) { $result = true; $return = true; } if ($user->isAllowed('delete')) { $result = true; $return = true; } break; case "protect": if ($isArticle && $user->isAllowed("blog-articles-protect")) { $result = true; $return = true; } break; case "autopatrol": case "patrol": $result = true; $return = true; break; default: /** * for other actions we demand that user has to be logged in */ if ($user->isAnon()) { $result = array("{$action} is forbidden for anon user"); $return = false; } else { if (isset($owner) && $username != $owner) { $result = array(); } $return = isset($owner) && $username == $owner; } } return $return; }
protected function parseFormData() { global $wgUser, $wgRequest, $wgOut; wfRunHooks('BlogsAlternateEdit', array(false)); $this->mFormData['postId'] = $wgRequest->getVal('blogPostId'); $this->mFormData['postTitle'] = $wgRequest->getVal('blogPostTitle'); $this->mFormData['postBody'] = $wgRequest->getVal('wpTextbox1'); $this->mFormData['postEditSummary'] = $wgRequest->getVal('wpSummary'); $this->mFormData['postCategories'] = $wgRequest->getVal('wpCategoryTextarea1'); $this->mFormData['isVotingEnabled'] = $wgRequest->getCheck('blogPostIsVotingEnabled'); $this->mFormData['isCommentingEnabled'] = $wgRequest->getCheck('blogPostIsCommentingEnabled'); $this->mFormData['isExistingArticleEditAllowed'] = $wgRequest->getVal('articleEditAllowed'); $this->mFormData['isWatched'] = $wgRequest->getCheck('wpWatchthis'); if (empty($this->mFormData['postId'])) { if (empty($this->mFormData['postTitle'])) { $this->mFormErrors[] = wfMsg('create-blog-empty-title-error'); } else { $oPostTitle = Title::newFromText($wgUser->getName() . '/' . $this->mFormData['postTitle'], NS_BLOG_ARTICLE); if (!$oPostTitle instanceof Title) { $this->mFormErrors[] = wfMsg('create-blog-invalid-title-error'); } else { $sFragment = $oPostTitle->getFragment(); if (strlen($sFragment) > 0) { $this->mFormErrors[] = wfMsg('create-blog-invalid-title-error'); } else { $this->mPostArticle = new BlogArticle($oPostTitle, 0); if ($this->mPostArticle->exists() && !$this->mFormData['isExistingArticleEditAllowed']) { $this->mFormErrors[] = wfMsg('create-blog-article-already-exists'); } } } } } else { // we have an article id $isAllowed = $wgUser->isAllowed("blog-articles-edit"); $oPostTitle = Title::newFromID($this->mFormData['postId']); $this->mPostArticle = new BlogArticle($oPostTitle, 0); if (strtolower($wgUser->getName()) != strtolower(BlogArticle::getOwner($oPostTitle)) && !$isAllowed) { $this->mFormErrors[] = wfMsg('create-blog-permission-denied'); } } if (empty($this->mFormData['postBody'])) { $this->mFormErrors[] = wfMsg('create-blog-empty-post-error'); } //create EditPage object $this->createEditPage($this->mFormData['postBody']); // BugId:954 - show changes if (!empty($this->mPostArticle)) { $this->mEditPage->mArticle = $this->mPostArticle; } if (!count($this->mFormErrors) && $wgRequest->getVal('wpPreview')) { // preview mode $this->mEditPage->formtype = 'preview'; $this->mPreviewTitle = Title::newFromText($this->mFormData['postTitle']); //simple hack to show correct title in preview mode global $wgCustomTitle; $wgCustomTitle = $this->mPreviewTitle; // CategorySelect compatibility (add categories to article body) if ($this->mCategorySelectEnabled) { CategorySelectImportFormData($this->mEditPage, $wgRequest); } } }
private static function __getResults() { global $wgLang; wfProfileIn(__METHOD__); /* main query */ $aResult = array(); $aFields = array('/* BLOGS */ rev_page as page_id', 'page_namespace', 'page_title', 'min(rev_timestamp) as create_timestamp', 'unix_timestamp(rev_timestamp) as timestamp', 'rev_timestamp', 'min(rev_id) as rev_id', 'rev_user'); $res = self::$dbr->select(array_map(array(self::$dbr, 'tableName'), self::$aTables), $aFields, self::$aWhere, __METHOD__, self::__makeDBOrder()); while ($oRow = self::$dbr->fetchObject($res)) { if (class_exists('ArticleCommentList')) { $oComments = ArticleCommentList::newFromText($oRow->page_title, $oRow->page_namespace); $iCount = $oComments ? $oComments->getCountAllNested() : 0; } else { $iCount = 0; } /* username */ $oTitle = Title::newFromText($oRow->page_title, $oRow->page_namespace); $sUsername = ""; if (!$oTitle instanceof Title) { continue; } $username = BlogArticle::getOwner($oTitle); $oRevision = Revision::newFromTitle($oTitle); $aResult[$oRow->page_id] = array("page" => $oRow->page_id, "namespace" => $oRow->page_namespace, "title" => $oRow->page_title, "page_touched" => !is_null($oRevision) ? $oRevision->getTimestamp() : $oTitle->getTouched(), "rev_timestamp" => $oRow->rev_timestamp, "timestamp" => $oRow->timestamp, "username" => isset($username) ? $username : "", "text" => self::__getRevisionText($oRow->page_id, $oRevision), "revision" => $oRow->rev_id, "comments" => $iCount, "votes" => '', "props" => BlogArticle::getProps($oRow->page_id)); // Sort by comment count for popular blog posts module if (isset(self::$aOptions['order']) && self::$aOptions['order'] == 'page_id') { uasort($aResult, array("BlogTemplateClass", "__sortByCommentCount")); } // We may need to query for 50 results but display 5 if (isset(self::$aOptions['displaycount']) && self::$aOptions['displaycount'] != self::$aOptions['count']) { $aResult = array_slice($aResult, 0, self::$aOptions['displaycount']); } } // macbre: change for Oasis to add avatars and comments / likes data wfRunHooks('BlogTemplateGetResults', array(&$aResult)); self::$dbr->freeResult($res); wfProfileOut(__METHOD__); return $aResult; }