dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
WatchAction: Require POST for index.php action=watch
[lhc/web/wiklou.git] / includes / actions / WatchAction.php
1 <?php
2 /**
3 * Performs the watch actions on a page
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
18 *
19 * @file
20 * @ingroup Actions
21 */
22
23 /**
24 * Page addition to a user's watchlist
25 *
26 * @ingroup Actions
27 */
28 class WatchAction extends FormAction {
29
30 public function getName() {
31 return 'watch';
32 }
33
34 public function requiresUnblock() {
35 return false;
36 }
37
38 /**
39 * @return string HTML
40 */
41 protected function getDescription() {
42 return $this->msg( 'addwatch' )->escaped();
43 }
44
45 /**
46 * Just get an empty form with a single submit button
47 * @return array
48 */
49 protected function getFormFields() {
50 return array();
51 }
52
53 public function onSubmit( $data ) {
54 self::doWatch( $this->getTitle(), $this->getUser() );
55
56 return true;
57 }
58
59 /**
60 * This can be either formed or formless depending on the session token given
61 */
62 public function show() {
63 $this->setHeaders();
64
65 $user = $this->getUser();
66 // This will throw exceptions if there's a problem
67 $this->checkCanExecute( $user );
68
69 $form = $this->getForm();
70 if ( $form->show() ) {
71 $this->onSuccess();
72 }
73 }
74
75 protected function checkCanExecute( User $user ) {
76 // Must be logged in
77 if ( $user->isAnon() ) {
78 throw new UserNotLoggedIn( 'watchlistanontext', 'watchnologin' );
79 }
80
81 parent::checkCanExecute( $user );
82 }
83
84 protected function alterForm( HTMLForm $form ) {
85 $form->setSubmitTextMsg( 'confirm-watch-button' );
86 $form->setTokenSalt( 'watch' );
87 }
88
89 protected function preText() {
90 return $this->msg( 'confirm-watch-top' )->parse();
91 }
92
93 public function onSuccess() {
94 $this->getOutput()->addWikiMsg( 'addedwatchtext', $this->getTitle()->getPrefixedText() );
95 }
96
97 /* Static utility methods */
98
99 /**
100 * Watch or unwatch a page
101 * @since 1.22
102 * @param bool $watch Whether to watch or unwatch the page
103 * @param Title $title Page to watch/unwatch
104 * @param User $user User who is watching/unwatching
105 * @return Status
106 */
107 public static function doWatchOrUnwatch( $watch, Title $title, User $user ) {
108 if ( $user->isLoggedIn() &&
109 $user->isWatched( $title, WatchedItem::IGNORE_USER_RIGHTS ) != $watch
110 ) {
111 // If the user doesn't have 'editmywatchlist', we still want to
112 // allow them to add but not remove items via edits and such.
113 if ( $watch ) {
114 return self::doWatch( $title, $user, WatchedItem::IGNORE_USER_RIGHTS );
115 } else {
116 return self::doUnwatch( $title, $user );
117 }
118 }
119
120 return Status::newGood();
121 }
122
123 /**
124 * Watch a page
125 * @since 1.22 Returns Status, $checkRights parameter added
126 * @param Title $title Page to watch/unwatch
127 * @param User $user User who is watching/unwatching
128 * @param int $checkRights Passed through to $user->addWatch()
129 * @return Status
130 */
131 public static function doWatch( Title $title, User $user,
132 $checkRights = WatchedItem::CHECK_USER_RIGHTS
133 ) {
134 if ( $checkRights !== WatchedItem::IGNORE_USER_RIGHTS &&
135 !$user->isAllowed( 'editmywatchlist' )
136 ) {
137 return User::newFatalPermissionDeniedStatus( 'editmywatchlist' );
138 }
139
140 $page = WikiPage::factory( $title );
141
142 $status = Status::newFatal( 'hookaborted' );
143 if ( Hooks::run( 'WatchArticle', array( &$user, &$page, &$status ) ) ) {
144 $status = Status::newGood();
145 $user->addWatch( $title, $checkRights );
146 Hooks::run( 'WatchArticleComplete', array( &$user, &$page ) );
147 }
148
149 return $status;
150 }
151
152 /**
153 * Unwatch a page
154 * @since 1.22 Returns Status
155 * @param Title $title Page to watch/unwatch
156 * @param User $user User who is watching/unwatching
157 * @return Status
158 */
159 public static function doUnwatch( Title $title, User $user ) {
160 if ( !$user->isAllowed( 'editmywatchlist' ) ) {
161 return User::newFatalPermissionDeniedStatus( 'editmywatchlist' );
162 }
163
164 $page = WikiPage::factory( $title );
165
166 $status = Status::newFatal( 'hookaborted' );
167 if ( Hooks::run( 'UnwatchArticle', array( &$user, &$page, &$status ) ) ) {
168 $status = Status::newGood();
169 $user->removeWatch( $title );
170 Hooks::run( 'UnwatchArticleComplete', array( &$user, &$page ) );
171 }
172
173 return $status;
174 }
175
176 /**
177 * Get token to watch (or unwatch) a page for a user
178 *
179 * @param Title $title Title object of page to watch
180 * @param User $user User for whom the action is going to be performed
181 * @param string $action Optionally override the action to 'unwatch'
182 * @return string Token
183 * @since 1.18
184 */
185 public static function getWatchToken( Title $title, User $user, $action = 'watch' ) {
186 if ( $action != 'unwatch' ) {
187 $action = 'watch';
188 }
189 // Match ApiWatch and ResourceLoaderUserTokensModule
190 return $user->getEditToken( $action );
191 }
192
193 /**
194 * Get token to unwatch (or watch) a page for a user
195 *
196 * @param Title $title Title object of page to unwatch
197 * @param User $user User for whom the action is going to be performed
198 * @param string $action Optionally override the action to 'watch'
199 * @return string Token
200 * @since 1.18
201 */
202 public static function getUnwatchToken( Title $title, User $user, $action = 'unwatch' ) {
203 return self::getWatchToken( $title, $user, $action );
204 }
205 }
Wiklou, le Wiki du Wiklou