dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
context: Use getRawVal instead of getVal for 'uselang' and 'useskin'
[lhc/web/wiklou.git] / includes / context / RequestContext.php
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
17 *
18 * @since 1.18
19 *
20 * @author Alexandre Emsenhuber
21 * @author Daniel Friesen
22 * @file
23 */
24
25 use Wikimedia\AtEase\AtEase;
26 use MediaWiki\Logger\LoggerFactory;
27 use MediaWiki\MediaWikiServices;
28 use Wikimedia\ScopedCallback;
29
30 /**
31 * Group all the pieces relevant to the context of a request into one instance
32 */
33 class RequestContext implements IContextSource, MutableContext {
34 /**
35 * @var WebRequest
36 */
37 private $request;
38
39 /**
40 * @var Title
41 */
42 private $title;
43
44 /**
45 * @var WikiPage
46 */
47 private $wikipage;
48
49 /**
50 * @var OutputPage
51 */
52 private $output;
53
54 /**
55 * @var User
56 */
57 private $user;
58
59 /**
60 * @var Language
61 */
62 private $lang;
63
64 /**
65 * @var Skin
66 */
67 private $skin;
68
69 /**
70 * @var Timing
71 */
72 private $timing;
73
74 /**
75 * @var Config
76 */
77 private $config;
78
79 /**
80 * @var RequestContext
81 */
82 private static $instance = null;
83
84 /**
85 * @param Config $config
86 */
87 public function setConfig( Config $config ) {
88 $this->config = $config;
89 }
90
91 /**
92 * @return Config
93 */
94 public function getConfig() {
95 if ( $this->config === null ) {
96 // @todo In the future, we could move this to WebStart.php so
97 // the Config object is ready for when initialization happens
98 $this->config = MediaWikiServices::getInstance()->getMainConfig();
99 }
100
101 return $this->config;
102 }
103
104 /**
105 * @param WebRequest $request
106 */
107 public function setRequest( WebRequest $request ) {
108 $this->request = $request;
109 }
110
111 /**
112 * @return WebRequest
113 */
114 public function getRequest() {
115 if ( $this->request === null ) {
116 global $wgCommandLineMode;
117 // create the WebRequest object on the fly
118 if ( $wgCommandLineMode ) {
119 $this->request = new FauxRequest( [] );
120 } else {
121 $this->request = new WebRequest();
122 }
123 }
124
125 return $this->request;
126 }
127
128 /**
129 * @deprecated since 1.27 use a StatsdDataFactory from MediaWikiServices (preferably injected)
130 *
131 * @return IBufferingStatsdDataFactory
132 */
133 public function getStats() {
134 return MediaWikiServices::getInstance()->getStatsdDataFactory();
135 }
136
137 /**
138 * @return Timing
139 */
140 public function getTiming() {
141 if ( $this->timing === null ) {
142 $this->timing = new Timing( [
143 'logger' => LoggerFactory::getInstance( 'Timing' )
144 ] );
145 }
146 return $this->timing;
147 }
148
149 /**
150 * @param Title|null $title
151 */
152 public function setTitle( Title $title = null ) {
153 $this->title = $title;
154 // Erase the WikiPage so a new one with the new title gets created.
155 $this->wikipage = null;
156 }
157
158 /**
159 * @return Title|null
160 */
161 public function getTitle() {
162 if ( $this->title === null ) {
163 global $wgTitle; # fallback to $wg till we can improve this
164 $this->title = $wgTitle;
165 wfDebugLog(
166 'GlobalTitleFail',
167 __METHOD__ . ' called by ' . wfGetAllCallers( 5 ) . ' with no title set.'
168 );
169 }
170
171 return $this->title;
172 }
173
174 /**
175 * Check, if a Title object is set
176 *
177 * @since 1.25
178 * @return bool
179 */
180 public function hasTitle() {
181 return $this->title !== null;
182 }
183
184 /**
185 * Check whether a WikiPage object can be get with getWikiPage().
186 * Callers should expect that an exception is thrown from getWikiPage()
187 * if this method returns false.
188 *
189 * @since 1.19
190 * @return bool
191 */
192 public function canUseWikiPage() {
193 if ( $this->wikipage ) {
194 // If there's a WikiPage object set, we can for sure get it
195 return true;
196 }
197 // Only pages with legitimate titles can have WikiPages.
198 // That usually means pages in non-virtual namespaces.
199 $title = $this->getTitle();
200 return $title ? $title->canExist() : false;
201 }
202
203 /**
204 * @since 1.19
205 * @param WikiPage $wikiPage
206 */
207 public function setWikiPage( WikiPage $wikiPage ) {
208 $pageTitle = $wikiPage->getTitle();
209 if ( !$this->hasTitle() || !$pageTitle->equals( $this->getTitle() ) ) {
210 $this->setTitle( $pageTitle );
211 }
212 // Defer this to the end since setTitle sets it to null.
213 $this->wikipage = $wikiPage;
214 }
215
216 /**
217 * Get the WikiPage object.
218 * May throw an exception if there's no Title object set or the Title object
219 * belongs to a special namespace that doesn't have WikiPage, so use first
220 * canUseWikiPage() to check whether this method can be called safely.
221 *
222 * @since 1.19
223 * @throws MWException
224 * @return WikiPage
225 */
226 public function getWikiPage() {
227 if ( $this->wikipage === null ) {
228 $title = $this->getTitle();
229 if ( $title === null ) {
230 throw new MWException( __METHOD__ . ' called without Title object set' );
231 }
232 $this->wikipage = WikiPage::factory( $title );
233 }
234
235 return $this->wikipage;
236 }
237
238 /**
239 * @param OutputPage $output
240 */
241 public function setOutput( OutputPage $output ) {
242 $this->output = $output;
243 }
244
245 /**
246 * @return OutputPage
247 */
248 public function getOutput() {
249 if ( $this->output === null ) {
250 $this->output = new OutputPage( $this );
251 }
252
253 return $this->output;
254 }
255
256 /**
257 * @param User $user
258 */
259 public function setUser( User $user ) {
260 $this->user = $user;
261 // Invalidate cached user interface language
262 $this->lang = null;
263 }
264
265 /**
266 * @return User
267 */
268 public function getUser() {
269 if ( $this->user === null ) {
270 $this->user = User::newFromSession( $this->getRequest() );
271 }
272
273 return $this->user;
274 }
275
276 /**
277 * Accepts a language code and ensures it's sane. Outputs a cleaned up language
278 * code and replaces with $wgLanguageCode if not sane.
279 * @param string $code Language code
280 * @return string
281 */
282 public static function sanitizeLangCode( $code ) {
283 global $wgLanguageCode;
284
285 // BCP 47 - letter case MUST NOT carry meaning
286 $code = strtolower( $code );
287
288 # Validate $code
289 if ( !$code || !Language::isValidCode( $code ) || $code === 'qqq' ) {
290 $code = $wgLanguageCode;
291 }
292
293 return $code;
294 }
295
296 /**
297 * @param Language|string $language Language instance or language code
298 * @throws MWException
299 * @since 1.19
300 */
301 public function setLanguage( $language ) {
302 if ( $language instanceof Language ) {
303 $this->lang = $language;
304 } elseif ( is_string( $language ) ) {
305 $language = self::sanitizeLangCode( $language );
306 $obj = Language::factory( $language );
307 $this->lang = $obj;
308 } else {
309 throw new MWException( __METHOD__ . " was passed an invalid type of data." );
310 }
311 }
312
313 /**
314 * Get the Language object.
315 * Initialization of user or request objects can depend on this.
316 * @return Language
317 * @throws Exception
318 * @since 1.19
319 */
320 public function getLanguage() {
321 if ( isset( $this->recursion ) ) {
322 trigger_error( "Recursion detected in " . __METHOD__, E_USER_WARNING );
323 $e = new Exception;
324 wfDebugLog( 'recursion-guard', "Recursion detected:\n" . $e->getTraceAsString() );
325
326 $code = $this->getConfig()->get( 'LanguageCode' ) ?: 'en';
327 $this->lang = Language::factory( $code );
328 } elseif ( $this->lang === null ) {
329 $this->recursion = true;
330
331 try {
332 $request = $this->getRequest();
333 $user = $this->getUser();
334
335 // Optimisation: Avoid slow getVal(), this isn't user-generated content.
336 $code = $request->getRawVal( 'uselang', 'user' );
337 if ( $code === 'user' ) {
338 $code = $user->getOption( 'language' );
339 }
340 $code = self::sanitizeLangCode( $code );
341
342 Hooks::run( 'UserGetLanguageObject', [ $user, &$code, $this ] );
343
344 if ( $code === $this->getConfig()->get( 'LanguageCode' ) ) {
345 $this->lang = MediaWikiServices::getInstance()->getContentLanguage();
346 } else {
347 $obj = Language::factory( $code );
348 $this->lang = $obj;
349 }
350 } finally {
351 unset( $this->recursion );
352 }
353 }
354
355 return $this->lang;
356 }
357
358 /**
359 * @param Skin $skin
360 */
361 public function setSkin( Skin $skin ) {
362 $this->skin = clone $skin;
363 $this->skin->setContext( $this );
364 }
365
366 /**
367 * @return Skin
368 */
369 public function getSkin() {
370 if ( $this->skin === null ) {
371 $skin = null;
372 Hooks::run( 'RequestContextCreateSkin', [ $this, &$skin ] );
373 $factory = MediaWikiServices::getInstance()->getSkinFactory();
374
375 // If the hook worked try to set a skin from it
376 if ( $skin instanceof Skin ) {
377 $this->skin = $skin;
378 } elseif ( is_string( $skin ) ) {
379 // Normalize the key, just in case the hook did something weird.
380 $normalized = Skin::normalizeKey( $skin );
381 $this->skin = $factory->makeSkin( $normalized );
382 }
383
384 // If this is still null (the hook didn't run or didn't work)
385 // then go through the normal processing to load a skin
386 if ( $this->skin === null ) {
387 if ( !in_array( 'skin', $this->getConfig()->get( 'HiddenPrefs' ) ) ) {
388 # get the user skin
389 $userSkin = $this->getUser()->getOption( 'skin' );
390 // Optimisation: Avoid slow getVal(), this isn't user-generated content.
391 $userSkin = $this->getRequest()->getRawVal( 'useskin', $userSkin );
392 } else {
393 # if we're not allowing users to override, then use the default
394 $userSkin = $this->getConfig()->get( 'DefaultSkin' );
395 }
396
397 // Normalize the key in case the user is passing gibberish
398 // or has old preferences (T71566).
399 $normalized = Skin::normalizeKey( $userSkin );
400
401 // Skin::normalizeKey will also validate it, so
402 // this won't throw an exception
403 $this->skin = $factory->makeSkin( $normalized );
404 }
405
406 // After all that set a context on whatever skin got created
407 $this->skin->setContext( $this );
408 }
409
410 return $this->skin;
411 }
412
413 /**
414 * Get a Message object with context set
415 * Parameters are the same as wfMessage()
416 *
417 * @param string|string[]|MessageSpecifier $key Message key, or array of keys,
418 * or a MessageSpecifier.
419 * @param mixed $args,...
420 * @return Message
421 */
422 public function msg( $key ) {
423 $args = func_get_args();
424
425 return wfMessage( ...$args )->setContext( $this );
426 }
427
428 /**
429 * Get the RequestContext object associated with the main request
430 *
431 * @return RequestContext
432 */
433 public static function getMain() {
434 if ( self::$instance === null ) {
435 self::$instance = new self;
436 }
437
438 return self::$instance;
439 }
440
441 /**
442 * Get the RequestContext object associated with the main request
443 * and gives a warning to the log, to find places, where a context maybe is missing.
444 *
445 * @param string $func
446 * @return RequestContext
447 * @since 1.24
448 */
449 public static function getMainAndWarn( $func = __METHOD__ ) {
450 wfDebug( $func . ' called without context. ' .
451 "Using RequestContext::getMain() for sanity\n" );
452
453 return self::getMain();
454 }
455
456 /**
457 * Resets singleton returned by getMain(). Should be called only from unit tests.
458 */
459 public static function resetMain() {
460 if ( !( defined( 'MW_PHPUNIT_TEST' ) || defined( 'MW_PARSER_TEST' ) ) ) {
461 throw new MWException( __METHOD__ . '() should be called only from unit tests!' );
462 }
463 self::$instance = null;
464 }
465
466 /**
467 * Export the resolved user IP, HTTP headers, user ID, and session ID.
468 * The result will be reasonably sized to allow for serialization.
469 *
470 * @return array
471 * @since 1.21
472 */
473 public function exportSession() {
474 $session = MediaWiki\Session\SessionManager::getGlobalSession();
475 return [
476 'ip' => $this->getRequest()->getIP(),
477 'headers' => $this->getRequest()->getAllHeaders(),
478 'sessionId' => $session->isPersistent() ? $session->getId() : '',
479 'userId' => $this->getUser()->getId()
480 ];
481 }
482
483 /**
484 * Import an client IP address, HTTP headers, user ID, and session ID
485 *
486 * This sets the current session, $wgUser, and $wgRequest from $params.
487 * Once the return value falls out of scope, the old context is restored.
488 * This method should only be called in contexts where there is no session
489 * ID or end user receiving the response (CLI or HTTP job runners). This
490 * is partly enforced, and is done so to avoid leaking cookies if certain
491 * error conditions arise.
492 *
493 * This is useful when background scripts inherit context when acting on
494 * behalf of a user. In general the 'sessionId' parameter should be set
495 * to an empty string unless session importing is *truly* needed. This
496 * feature is somewhat deprecated.
497 *
498 * @note suhosin.session.encrypt may interfere with this method.
499 *
500 * @param array $params Result of RequestContext::exportSession()
501 * @return ScopedCallback
502 * @throws MWException
503 * @since 1.21
504 */
505 public static function importScopedSession( array $params ) {
506 if ( strlen( $params['sessionId'] ) &&
507 MediaWiki\Session\SessionManager::getGlobalSession()->isPersistent()
508 ) {
509 // Sanity check to avoid sending random cookies for the wrong users.
510 // This method should only called by CLI scripts or by HTTP job runners.
511 throw new MWException( "Sessions can only be imported when none is active." );
512 } elseif ( !IP::isValid( $params['ip'] ) ) {
513 throw new MWException( "Invalid client IP address '{$params['ip']}'." );
514 }
515
516 if ( $params['userId'] ) { // logged-in user
517 $user = User::newFromId( $params['userId'] );
518 $user->load();
519 if ( !$user->getId() ) {
520 throw new MWException( "No user with ID '{$params['userId']}'." );
521 }
522 } else { // anon user
523 $user = User::newFromName( $params['ip'], false );
524 }
525
526 $importSessionFunc = function ( User $user, array $params ) {
527 global $wgRequest, $wgUser;
528
529 $context = RequestContext::getMain();
530
531 // Commit and close any current session
532 if ( MediaWiki\Session\PHPSessionHandler::isEnabled() ) {
533 session_write_close(); // persist
534 session_id( '' ); // detach
535 $_SESSION = []; // clear in-memory array
536 }
537
538 // Get new session, if applicable
539 $session = null;
540 if ( strlen( $params['sessionId'] ) ) { // don't make a new random ID
541 $manager = MediaWiki\Session\SessionManager::singleton();
542 $session = $manager->getSessionById( $params['sessionId'], true )
543 ?: $manager->getEmptySession();
544 }
545
546 // Remove any user IP or agent information, and attach the request
547 // with the new session.
548 $context->setRequest( new FauxRequest( [], false, $session ) );
549 $wgRequest = $context->getRequest(); // b/c
550
551 // Now that all private information is detached from the user, it should
552 // be safe to load the new user. If errors occur or an exception is thrown
553 // and caught (leaving the main context in a mixed state), there is no risk
554 // of the User object being attached to the wrong IP, headers, or session.
555 $context->setUser( $user );
556 $wgUser = $context->getUser(); // b/c
557 if ( $session && MediaWiki\Session\PHPSessionHandler::isEnabled() ) {
558 session_id( $session->getId() );
559 AtEase::quietCall( 'session_start' );
560 }
561 $request = new FauxRequest( [], false, $session );
562 $request->setIP( $params['ip'] );
563 foreach ( $params['headers'] as $name => $value ) {
564 $request->setHeader( $name, $value );
565 }
566 // Set the current context to use the new WebRequest
567 $context->setRequest( $request );
568 $wgRequest = $context->getRequest(); // b/c
569 };
570
571 // Stash the old session and load in the new one
572 $oUser = self::getMain()->getUser();
573 $oParams = self::getMain()->exportSession();
574 $oRequest = self::getMain()->getRequest();
575 $importSessionFunc( $user, $params );
576
577 // Set callback to save and close the new session and reload the old one
578 return new ScopedCallback(
579 function () use ( $importSessionFunc, $oUser, $oParams, $oRequest ) {
580 global $wgRequest;
581 $importSessionFunc( $oUser, $oParams );
582 // Restore the exact previous Request object (instead of leaving FauxRequest)
583 RequestContext::getMain()->setRequest( $oRequest );
584 $wgRequest = RequestContext::getMain()->getRequest(); // b/c
585 }
586 );
587 }
588
589 /**
590 * Create a new extraneous context. The context is filled with information
591 * external to the current session.
592 * - Title is specified by argument
593 * - Request is a FauxRequest, or a FauxRequest can be specified by argument
594 * - User is an anonymous user, for separation IPv4 localhost is used
595 * - Language will be based on the anonymous user and request, may be content
596 * language or a uselang param in the fauxrequest data may change the lang
597 * - Skin will be based on the anonymous user, should be the wiki's default skin
598 *
599 * @param Title $title Title to use for the extraneous request
600 * @param WebRequest|array $request A WebRequest or data to use for a FauxRequest
601 * @return RequestContext
602 */
603 public static function newExtraneousContext( Title $title, $request = [] ) {
604 $context = new self;
605 $context->setTitle( $title );
606 if ( $request instanceof WebRequest ) {
607 $context->setRequest( $request );
608 } else {
609 $context->setRequest( new FauxRequest( $request ) );
610 }
611 $context->user = User::newFromName( '127.0.0.1', false );
612
613 return $context;
614 }
615 }
Wiklou, le Wiki du Wiklou