X-Git-Url: http://git.cyclocoop.org/%22%20%20.%20generer_url_ecrire%28%22mots_tous%22%29%20.%20%22?a=blobdiff_plain;f=includes%2Flogging%2FLogPager.php;h=24fdfb0195021852da75aaf90a09758411d86dcd;hb=fff578a12dc4bd75225c67ce82c3cedc2a50f24c;hp=f79fcfa61cf50ac8aa3ec8f7ae41ba3dddd28562;hpb=a8a5f03b3b6653136c4dc5925d6bb2b806010725;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/logging/LogPager.php b/includes/logging/LogPager.php
index f79fcfa61c..24fdfb0195 100644
--- a/includes/logging/LogPager.php
+++ b/includes/logging/LogPager.php
@@ -45,6 +45,12 @@ class LogPager extends ReverseChronologicalPager {
 	/** @var string */
 	private $action = '';
 
+	/** @var bool */
+	private $performerRestrictionsEnforced = false;
+
+	/** @var bool */
+	private $actionRestrictionsEnforced = false;
+
 	/** @var LogEventsList */
 	public $mLogEventsList;
 
@@ -97,13 +103,11 @@ class LogPager extends ReverseChronologicalPager {
 			return $filters;
 		}
 		foreach ( $wgFilterLogTypes as $type => $default ) {
-			// Avoid silly filtering
-			if ( $type !== 'patrol' || $this->getUser()->useNPPatrol() ) {
-				$hide = $this->getRequest()->getInt( "hide_{$type}_log", $default );
-				$filters[$type] = $hide;
-				if ( $hide ) {
-					$this->mConds[] = 'log_type != ' . $this->mDb->addQuotes( $type );
-				}
+			$hide = $this->getRequest()->getInt( "hide_{$type}_log", $default );
+
+			$filters[$type] = $hide;
+			if ( $hide ) {
+				$this->mConds[] = 'log_type != ' . $this->mDb->addQuotes( $type );
 			}
 		}
 
@@ -172,21 +176,13 @@ class LogPager extends ReverseChronologicalPager {
 		// Normalize username first so that non-existent users used
 		// in maintenance scripts work
 		$name = $usertitle->getText();
-		/* Fetch userid at first, if known, provides awesome query plan afterwards */
-		$userid = User::idFromName( $name );
-		if ( !$userid ) {
-			$this->mConds['log_user_text'] = IP::sanitizeIP( $name );
-		} else {
-			$this->mConds['log_user'] = $userid;
-		}
-		// Paranoia: avoid brute force searches (T19342)
-		$user = $this->getUser();
-		if ( !$user->isAllowed( 'deletedhistory' ) ) {
-			$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_USER ) . ' = 0';
-		} elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
-			$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_USER ) .
-				' != ' . LogPage::SUPPRESSED_USER;
-		}
+
+		// Assume no joins required for log_user
+		$this->mConds[] = ActorMigration::newMigration()->getWhere(
+			wfGetDB( DB_REPLICA ), 'log_user', User::newFromName( $name, false )
+		)['conds'];
+
+		$this->enforcePerformerRestrictions();
 
 		$this->performer = $name;
 	}
@@ -254,14 +250,7 @@ class LogPager extends ReverseChronologicalPager {
 		} else {
 			$this->mConds['log_title'] = $title->getDBkey();
 		}
-		// Paranoia: avoid brute force searches (T19342)
-		$user = $this->getUser();
-		if ( !$user->isAllowed( 'deletedhistory' ) ) {
-			$this->mConds[] = $db->bitAnd( 'log_deleted', LogPage::DELETED_ACTION ) . ' = 0';
-		} elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
-			$this->mConds[] = $db->bitAnd( 'log_deleted', LogPage::SUPPRESSED_ACTION ) .
-				' != ' . LogPage::SUPPRESSED_ACTION;
-		}
+		$this->enforceActionRestrictions();
 	}
 
 	/**
@@ -422,4 +411,39 @@ class LogPager extends ReverseChronologicalPager {
 		parent::doQuery();
 		$this->mDb->setBigSelects( 'default' );
 	}
+
+	/**
+	 * Paranoia: avoid brute force searches (T19342)
+	 */
+	private function enforceActionRestrictions() {
+		if ( $this->actionRestrictionsEnforced ) {
+			return;
+		}
+		$this->actionRestrictionsEnforced = true;
+		$user = $this->getUser();
+		if ( !$user->isAllowed( 'deletedhistory' ) ) {
+			$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_ACTION ) . ' = 0';
+		} elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
+			$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_ACTION ) .
+				' != ' . LogPage::SUPPRESSED_USER;
+		}
+	}
+
+	/**
+	 * Paranoia: avoid brute force searches (T19342)
+	 */
+	private function enforcePerformerRestrictions() {
+		// Same as enforceActionRestrictions(), except for _USER instead of _ACTION bits.
+		if ( $this->performerRestrictionsEnforced ) {
+			return;
+		}
+		$this->performerRestrictionsEnforced = true;
+		$user = $this->getUser();
+		if ( !$user->isAllowed( 'deletedhistory' ) ) {
+			$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_USER ) . ' = 0';
+		} elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
+			$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_USER ) .
+				' != ' . LogPage::SUPPRESSED_ACTION;
+		}
+	}
 }