/**
* Called by img_auth.php when a file has fully been sent to a client
* @param Title $title
* @param string $filename
* @return boolean Always returns true
*/
public static function onImgAuthFullyStreamedFile(&$title, $filename)
{
$namespace = $title->getNamespace();
$db_key = $title->getDBkey();
// skip if the file looks not attached to a wikiplace
if (!WpPage::isInWikiplace($namespace, $db_key)) {
return true;
// nothing to do
}
// get file infos
$stat = stat($filename);
if (!$stat) {
return true;
// should not occur, but just in case, avoid a PHP error
}
// prepare update infos
$root = WpWikiplace::extractWikiplaceRoot($db_key, $namespace);
$size = $stat['size'];
// in bytes
WpWikiplace::updateBandwidthUsage($root, $size);
return true;
}
/**
*
* @global Output $wgOut
* @global User $wgUser
* @global Request $wgRequest
* @global Boolean $wgProtectOwnDoProtect
* @global Array $wgProtectOwnGroups
* @param String $action
* @param Wikipage $article
* @return Boolean
*/
function poForm($action, $article)
{
if ($action != PROTECTOWN_ACTION) {
// not our extension
return true;
//don't stop processing
}
global $wgOut, $wgUser, $wgRequest, $wgProtectOwnDoProtect;
// is the user allowed to use ProtectOwn
if (!$wgUser->isAllowed(PROTECTOWN_ACTION)) {
$wgOut->permissionRequired(PROTECTOWN_ACTION);
return false;
//stop processing
}
# user is allowed to use ProtectOwn
$title = $article->getTitle();
// is the user the owner?
if (!poIsOwner($title, $wgUser)) {
// user is not the owner of the page
$wgOut->setPageTitle(wfMsg('errorpagetitle'));
$wgOut->addHTML(wfMessage('po-notowner')->parse());
return false;
//stop processing
}
# user is the owner
// start displaying page
$wgOut->setPageTitle(wfMsg('collaborate-title', $title->getPrefixedText()));
// as defined in Title.php, around lines 1550 (mw1.18.1),
// being authorized to 'protect' require being authorized to 'edit'
/* Title.php >>
* private function checkActionPermissions( $action, $user, $errors, $doExpensiveQueries, $short ) {
* if ( $action == 'protect' ) {
* if ( $this->getUserPermissionsErrors( 'edit', $user ) != array() ) {
* ...
*/
# temporary assign protect right, in order to update the restricitons
$wgProtectOwnDoProtect = true;
// tells spSetProtectionAssignDynamicRights to add the "protect" right
// wfDebugLog( 'ProtectOwn', 'Form: purge user\'s rights then force reload');
$wgUser->mRights = null;
// clear current user rights
$wgUser->getRights();
// force rights reloading
$wgProtectOwnDoProtect = false;
# check that the user can protect (check also write right)
$readonly = $title->getUserPermissionsErrors('protect', $wgUser);
$readonly = !empty($readonly);
# remove temporary assigned protect right by reloading rights with $wgProtectOwnDoProtect = false
// wfDebugLog( 'ProtectOwn', 'Form: purge user\'s rights then force reload');
$wgUser->mRights = null;
// clear current user rights (and clear the "protect" right
$wgUser->getRights();
// force rights reloading
wfDebugLog('ProtectOwn', 'Form: ' . ($readonly ? 'READ-ONLY' : 'READ/WRITE'));
// can we AND do we have a request to handle?
if ($readonly || !$wgRequest->wasPosted()) {
// readonly OR no data submitted, so construct the form (maybe readonly)
// display the header.
if (!$readonly) {
$wgOut->addHTML(Html::rawElement('div', array('class' => 'form_header informations'), wfMessage('po-header', $title->getPrefixedText(), WpWikiplace::extractWikiplaceRoot($title->getDBkey(), $title->getNamespace()))->parse()));
} else {
$wgOut->addHTML(Html::rawElement('div', array('class' => 'form_header informations'), wfMsg('po-locked')));
}
$wgOut->addHTML(poMakeForm($title, $readonly));
return false;
//stop processing
}
// ensure that the form was submitted from the user's own login session
if (!$wgUser->matchEditToken($wgRequest->getText('wpToken'))) {
// hummm.... how did this case happen?
$wgOut->setPageTitle(wfMsg('errorpagetitle'));
$wgOut->addWikiMsg('sessionfailure');
return false;
// stop processing
}
# ok, so let's change restrictions!
$new_restrictions = array();
$expiration = array();
$expiry = Block::infinity();
// the restriction will never expire
// we load the title specific available restrictions
$applicableRestrictionTypes = $title->getRestrictionTypes();
// for each of theses available restrictions
foreach ($applicableRestrictionTypes as $action) {
// 'read', 'upload', ...
$current_restrictions = $title->getRestrictions($action);
//'sysop', 'owner', ...
wfDebugLog('ProtectOwn', 'Form: current title, action "' . $action . '" restricted to level(s) "' . implode(',', $current_restrictions) . '"');
// ensure that we have not to keep the previous restrictions
$keep_old_restriction_for_this_action = false;
// does the title have already a restriction ?
if ($current_restrictions !== array()) {
// check that the user can change the current restriction(s)
// so, if there is multiple restrictions (for one action), user need to
// satisfy all current restrictions in order to change at least on of them
// (maybe, this behviour can be improved)
// (the mediawiki check that the user satisfy all to allow an action... that's it)
foreach ($current_restrictions as $current_restriction) {
if (!poCanTheUserSetToThisLevel($wgUser, $title, $current_restriction)) {
// if the user cannot set this restriction, we keep the previous restrictions
// if giving few restrictions, MW core raises a warning:
// mysql_real_escape_string() expects parameter 1 to be string,
// array given in /var/seizam/seizamcore/WikiZam/includes/db/DatabaseMysql.php on line 331
// so, only one restriction per action
$new_restrictions[$action] = $current_restriction;
$keep_old_restriction_for_this_action = true;
break;
// end $current_restrictions foreach
}
}
}
if ($keep_old_restriction_for_this_action) {
continue;
}
// end $applicableRestrictionTypes current iteration foreach
// set expiry
$expiration[$action] = $expiry;
# we arrive here if user can change the restrictions
// by default, restricted to owner
$new_restrictions[$action] = 'owner';
// check what's checked, taking account $wgProtectOwnGroups order
global $wgProtectOwnGroups;
foreach ($wgProtectOwnGroups as $current_level) {
// convert from BACK-END to FRONT-END: 'everyone' = ''
$current_level = $current_level == '' ? 'everyone' : $current_level;
// is the checkbox $action/$current_level checked ?
if ($wgRequest->getText("radio-{$action}") == $current_level) {
// convert from FRONT-END to BACK-END
$current_level = $current_level == 'everyone' ? '' : $current_level;
// can the user set to this level?
if (poCanTheUserSetToThisLevel($wgUser, $title, $current_level)) {
wfDebugLog('ProtectOwn', 'Form: restricting ' . $action . ' to ' . $current_level);
// so we can set the restriction to it
$new_restrictions[$action] = $current_level;
} else {
# the user wanted to restrict the action to a level, in which she is not
# what to do? diplay an error message?
# if no code in this block, we will resume checkboxes getting values,
# and set to restriction level 'owner' if no one else checked
}
}
}
}
// END foreach $applicableRestrictionTypes
// don't cascade the owner restriction, because a subpage may not have the same owner
// so casacing won't make sens, and can be very problematic
// don't change this unless you know serioulsy what you are doing !!!
// display the header.
// display error/succes message
if (poUpdateRestrictions($article, $new_restrictions)) {
$wgOut->addHTML(Html::rawElement('div', array('class' => 'informations success'), wfMessage('po-success')->text()));
} else {
$wgOut->addHTML(Html::rawElement('div', array('class' => 'informations error'), wfMessage('po-failure')->text()));
}
if (!$readonly) {
$wgOut->addHTML(Html::rawElement('div', array('class' => 'form_header informations'), wfMessage('po-header', $title->getPrefixedText(), WpWikiplace::extractWikiplaceRoot($title->getDBkey(), $title->getNamespace()))->parse()));
} else {
$wgOut->addHTML(Html::rawElement('div', array('class' => 'form_header informations'), wfMsg('po-locked')));
}
// re-display the ProtectOwn form with the current restrictions (reloaded above)
$wgOut->addHTML(poMakeForm($article->getTitle()));
// stop hook processing, and doesn't throw an error message
return false;
}
