r85000 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r84999‎ \| r85000 \| r85001 >
Date:	08:20, 30 March 2011
Author:	catrope
Status:	ok
Tags:
Comment:	1.17wmf1: MFT changes for UploadWizard deployment: r78426, r81393, r81401, r81638, r84731, r84761, r84762
Modified paths:	/branches/wmf/1.17wmf1/includes/api/ApiUpload.php (modified) (history) /branches/wmf/1.17wmf1/includes/specials/SpecialUpload.php (modified) (history) /branches/wmf/1.17wmf1/includes/specials/SpecialUploadStash.php (modified) (history) /branches/wmf/1.17wmf1/includes/upload/UploadBase.php (modified) (history) /branches/wmf/1.17wmf1/includes/upload/UploadFromUrl.php (modified) (history) /branches/wmf/1.17wmf1/includes/upload/UploadStash.php (modified) (history) /branches/wmf/1.17wmf1/languages/messages/MessagesEn.php (modified) (history)

Diff [purge]

Index: branches/wmf/1.17wmf1/languages/messages/MessagesEn.php
—	—	@@ -2185,6 +2185,15 @@
2186	2186	'upload-unknown-size' => 'Unknown size',
2187	2187	'upload-http-error' => 'An HTTP error occured: $1',
2188	2188
	2189	+# Special:UploadStash
	2190	+'uploadstash' => 'Upload stash',
	2191	+'uploadstash-summary' => 'This page provides access to files which are uploaded (or in the process of uploading) but are not yet published to the wiki. These files are not visible to anyone but the user who uploaded them. See the documentation for the upload API.',
	2192	+'uploadstash-clear' => 'Clear stashed files',
	2193	+'uploadstash-nofiles' => 'You have no stashed files.',
	2194	+'uploadstash-badtoken' => 'We could not perform that action, perhaps because your editing credentials expired. Try again.',
	2195	+'uploadstash-errclear' => 'We could not clear the files.',
	2196	+'uploadstash-refresh' => 'Refresh the list of files',
	2197	+
2189	2198	# img_auth script messages
2190	2199	'img-auth-accessdenied' => 'Access denied',
2191	2200	'img-auth-nopathinfo' => 'Missing PATH_INFO.
Index: branches/wmf/1.17wmf1/includes/specials/SpecialUpload.php
—	—	@@ -445,7 +445,7 @@
446	446	}
447	447
448	448	// Verify permissions for this title
449		~~- $permErrors = $this->mUpload->verifyPermissions( $wgUser );~~
	449	+ $permErrors = $this->mUpload->verifyTitlePermissions( $wgUser );
450	450	if( $permErrors !== true ) {
451	451	$code = array_shift( $permErrors[0] );
452	452	$this->showRecoverableUploadError( wfMsgExt( $code,
Property changes on: branches/wmf/1.17wmf1/includes/specials/SpecialUpload.php
___________________________________________________________________
Modified: svn:mergeinfo
453	453	Merged /trunk/phase3/includes/specials/SpecialUpload.php:r78426,84731,84761-84762
Index: branches/wmf/1.17wmf1/includes/specials/SpecialUploadStash.php
—	—	@@ -20,12 +20,6 @@
21	21	// UploadStash
22	22	private $stash;
23	23
24		~~- // is the edit request authorized? boolean~~
25		~~- private $isEditAuthorized;~~
26		-
27		~~- // did the user request us to clear the stash? boolean~~
28		~~- private $requestedClear;~~
29		-
30	24	// Since we are directly writing the file to STDOUT,
31	25	// we should not be reading in really big files and serving them out.
32	26	//
—	—	@@ -34,19 +28,15 @@
35	29	//
36	30	// This service is really for thumbnails and other such previews while
37	31	// uploading.
38		~~- const MAX_SERVE_BYTES = 262144; // 256K~~
	32	+ const MAX_SERVE_BYTES = 1048576; // 1MB
39	33
40		~~- public function __construct( $request = null ) {~~
41		~~- global $wgRequest;~~
42		-
	34	+ public function __construct() {
43	35	parent::__construct( 'UploadStash', 'upload' );
44	36	try {
45	37	$this->stash = RepoGroup::singleton()->getLocalRepo()->getUploadStash();
46	38	} catch ( UploadStashNotAvailableException $e ) {
47	39	return null;
48	40	}
49		-
50		~~- $this->loadRequest( is_null( $request ) ? $wgRequest : $request );~~
51	41	}
52	42
53	43	/**
—	—	@@ -110,7 +100,7 @@
111	101	wfHttpError( $code, OutputPage::getStatusMessage( $code ), $message );
112	102	return false;
113	103	}
114		-
	104	+
115	105	/**
116	106	* Parse the key passed to the SpecialPage. Returns an array containing
117	107	* the associated file object, the type ('file' or 'thumb') and if
—	—	@@ -293,24 +283,7 @@
294	284	header( "Content-Length: $size", true );
295	285	}
296	286
297		-
298	287	/**
299		~~- * Initialize authorization & actions to take, from the request~~
300		~~- * @param $request: WebRequest~~
301		~~- */~~
302		~~- private function loadRequest( $request ) {~~
303		~~- global $wgUser;~~
304		~~- if ( $request->wasPosted() ) {~~
305		-
306		~~- $token = $request->getVal( 'wpEditToken' );~~
307		~~- $this->isEditAuthorized = $wgUser->matchEditToken( $token );~~
308		-
309		~~- $this->requestedClear = $request->getBool( 'clear' );~~
310		-
311		~~- }~~
312		~~- }~~
313		-
314		- /**
315	288	* Static callback for the HTMLForm in showUploads, to process
316	289	* Note the stash has to be recreated since this is being called in a static context.
317	290	* This works, because there really is only one stash per logged-in user, despite appearances.
—	—	@@ -318,9 +291,8 @@
319	292	* @return Status
320	293	*/
321	294	public static function tryClearStashedUploads( $formData ) {
322		~~- wfDebug( __METHOD__ . " form data : " . print_r( $formData, 1 ) );~~
323		~~- if ( isset( $formData['clear'] ) and $formData['clear'] ) {~~
324		~~- $stash = new UploadStash();~~
	295	+ if ( isset( $formData['Clear'] ) ) {
	296	+ $stash = RepoGroup::singleton()->getLocalRepo()->getUploadStash();
325	297	wfDebug( "stash has: " . print_r( $stash->listFiles(), 1 ) );
326	298	if ( ! $stash->clear() ) {
327	299	return Status::newFatal( 'uploadstash-errclear' );
—	—	@@ -355,29 +327,31 @@
356	328	'name' => 'clear',
357	329	)
358	330	), 'clearStashedUploads' );
359		~~- $form->setSubmitCallback( array( __CLASS__, 'tryClearStashedUploads' ) );~~
	331	+ $form->setSubmitCallback( array( __CLASS__ , 'tryClearStashedUploads' ) );
360	332	$form->setTitle( $this->getTitle() );
361		~~- $form->addHiddenField( 'clear', true, array( 'type' => 'boolean' ) );~~
362	333	$form->setSubmitText( wfMsg( 'uploadstash-clear' ) );
363	334
364		~~- $form->prepareForm();~~
365		~~- $formResult = $form->tryAuthorizedSubmit();~~
	335	+ $form->prepareForm();
	336	+ $formResult = $form->tryAuthorizedSubmit();
366	337
367	338
368	339	// show the files + form, if there are any, or just say there are none
369		~~- $refreshHtml = Html::element( 'a', array( 'href' => $this->getTitle()->getLocalURL() ), wfMsg( 'uploadstash-refresh' ) );~~
	340	+ $refreshHtml = Html::element( 'a',
	341	+ array( 'href' => $this->getTitle()->getLocalURL() ),
	342	+ wfMsg( 'uploadstash-refresh' ) );
370	343	$files = $this->stash->listFiles();
371	344	if ( count( $files ) ) {
372	345	sort( $files );
373	346	$fileListItemsHtml = '';
374	347	foreach ( $files as $file ) {
	348	+ // TODO: Use Linker::link or even construct the list in plain wikitext
375	349	$fileListItemsHtml .= Html::rawElement( 'li', array(),
376	350	Html::element( 'a', array( 'href' =>
377	351	$this->getTitle( "file/$file" )->getLocalURL() ), $file )
378	352	);
379	353	}
380	354	$wgOut->addHtml( Html::rawElement( 'ul', array(), $fileListItemsHtml ) );
381		~~- $form->displayForm( $formResult );~~
	355	+ $form->displayForm( $formResult );
382	356	$wgOut->addHtml( Html::rawElement( 'p', array(), $refreshHtml ) );
383	357	} else {
384	358	$wgOut->addHtml( Html::rawElement( 'p', array(),
Property changes on: branches/wmf/1.17wmf1/includes/specials/SpecialUploadStash.php
___________________________________________________________________
Modified: svn:mergeinfo
385	359	Merged /trunk/phase3/includes/specials/SpecialUploadStash.php:r78426,81393,81401,81638,84731,84761-84762
Index: branches/wmf/1.17wmf1/includes/api/ApiUpload.php
—	—	@@ -77,11 +77,15 @@
78	78	// Check if the uploaded file is sane
79	79	$this->verifyUpload();
80	80
81		~~- // Check permission to upload this file~~
82		~~- $permErrors = $this->mUpload->verifyPermissions( $wgUser );~~
83		~~- if ( $permErrors !== true ) {~~
84		~~- // TODO: stash the upload and allow choosing a new name~~
85		~~- $this->dieUsageMsg( array( 'badaccess-groups' ) );~~
	81	+ // Check if the user has the rights to modify or overwrite the requested title
	82	+ // (This check is irrelevant if stashing is already requested, since the errors
	83	+ // can always be fixed by changing the title)
	84	+ if ( ! $this->mParams['stash'] ) {
	85	+ $permErrors = $this->mUpload->verifyTitlePermissions( $wgUser );
	86	+ if ( $permErrors !== true ) {
	87	+ // TODO: stash the upload and allow choosing a new name
	88	+ $this->dieUsageMsg( array( 'badaccess-groups' ) );
	89	+ }
86	90	}
87	91
88	92	// Prepare the API result
Property changes on: branches/wmf/1.17wmf1/includes/api/ApiUpload.php
___________________________________________________________________
Modified: svn:mergeinfo
89	93	Merged /trunk/phase3/includes/api/ApiUpload.php:r78426,84731,84761-84762
Index: branches/wmf/1.17wmf1/includes/upload/UploadBase.php
—	—	@@ -25,7 +25,7 @@
26	26	const EMPTY_FILE = 3;
27	27	const MIN_LENGTH_PARTNAME = 4;
28	28	const ILLEGAL_FILENAME = 5;
29		~~- const OVERWRITE_EXISTING_FILE = 7; # Not used anymore; handled by verifyPermissions()~~
	29	+ const OVERWRITE_EXISTING_FILE = 7; # Not used anymore; handled by verifyTitlePermissions()
30	30	const FILETYPE_MISSING = 8;
31	31	const FILETYPE_BADTYPE = 9;
32	32	const VERIFICATION_ERROR = 10;
—	—	@@ -381,6 +381,17 @@
382	382	}
383	383
384	384	/**
	385	+ * Alias for verifyTitlePermissions. The function was originally 'verifyPermissions'
	386	+ * but that suggests it's checking the user, when it's really checking the title + user combination.
	387	+ * @param $user User object to verify the permissions against
	388	+ * @return mixed An array as returned by getUserPermissionsErrors or true
	389	+ * in case the user has proper permissions.
	390	+ */
	391	+ public function verifyPermissions( $user ) {
	392	+ return $this->verifyTitlePermissions( $user );
	393	+ }
	394	+
	395	+ /**
385	396	* Check whether the user can edit, upload and create the image. This
386	397	* checks only against the current title; if it returns errors, it may
387	398	* very well be that another title will not give errors. Therefore
—	—	@@ -391,7 +402,7 @@
392	403	* @return mixed An array as returned by getUserPermissionsErrors or true
393	404	* in case the user has proper permissions.
394	405	*/
395		~~- public function verifyPermissions( $user ) {~~
	406	+ public function verifyTitlePermissions( $user ) {
396	407	/**
397	408	* If the image is protected, non-sysop users won't be able
398	409	* to modify it by uploading a new revision.
Property changes on: branches/wmf/1.17wmf1/includes/upload/UploadBase.php
___________________________________________________________________
Modified: svn:mergeinfo
399	410	Merged /trunk/phase3/includes/upload/UploadBase.php:r78426,84731,84761-84762
Index: branches/wmf/1.17wmf1/includes/upload/UploadStash.php
—	—	@@ -30,13 +30,11 @@
31	31	/**
32	32	* Represents the session which contains temporarily stored files.
33	33	* Designed to be compatible with the session stashing code in UploadBase (should replace it eventually)
34		- *
35		~~- * @param $repo FileRepo: optional -- repo in which to store files. Will choose LocalRepo if not supplied.~~
36	34	*/
37		~~- public function __construct( $repo ) {~~
	35	+ public function __construct() {
38	36
39	37	// this might change based on wiki's configuration.
40		~~- $this->repo = $repo;~~
	38	+ $this->repo = RepoGroup::singleton()->getLocalRepo();
41	39
42	40	if ( ! isset( $_SESSION ) ) {
43	41	throw new UploadStashNotAvailableException( 'no session variable' );
—	—	@@ -48,6 +46,7 @@
49	47
50	48	}
51	49
	50	+
52	51	/**
53	52	* Get a file and its metadata from the stash.
54	53	* May throw exception if session data cannot be parsed due to schema change, or key not found.
—	—	@@ -78,7 +77,7 @@
79	78	unset( $data['mTempPath'] );
80	79
81	80	$file = new UploadStashFile( $this, $this->repo, $path, $key, $data );
82		~~- if ( $file->getSize === 0 ) {~~
	81	+ if ( $file->getSize() === 0 ) {
83	82	throw new UploadStashZeroLengthFileException( "File is zero length" );
84	83	}
85	84	$this->files[$key] = $file;
—	—	@@ -167,6 +166,36 @@
168	167	}
169	168
170	169	/**
	170	+ * Remove all files from the stash.
	171	+ * Does not clean up files in the repo, just the record of them.
	172	+ * @return boolean: success
	173	+ */
	174	+ public function clear() {
	175	+ $_SESSION[UploadBase::SESSION_KEYNAME] = array();
	176	+ return true;
	177	+ }
	178	+
	179	+
	180	+ /**
	181	+ * Remove a particular file from the stash.
	182	+ * Does not clean up file in the repo, just the record of it.
	183	+ * @return boolean: success
	184	+ */
	185	+ public function removeFile( $key ) {
	186	+ unset ( $_SESSION[UploadBase::SESSION_KEYNAME][$key] );
	187	+ return true;
	188	+ }
	189	+
	190	+
	191	+ /**
	192	+ * List all files in the stash.
	193	+ */
	194	+ public function listFiles() {
	195	+ return array_keys( $_SESSION[UploadBase::SESSION_KEYNAME] );
	196	+ }
	197	+
	198	+
	199	+ /**
171	200	* Find or guess extension -- ensuring that our extension matches our mime type.
172	201	* Since these files are constructed from php tempnames they may not start off
173	202	* with an extension.
Property changes on: branches/wmf/1.17wmf1/includes/upload/UploadStash.php
___________________________________________________________________
Modified: svn:mergeinfo
174	203	Merged /trunk/phase3/includes/upload/UploadStash.php:r78426,84731,84761-84762
Index: branches/wmf/1.17wmf1/includes/upload/UploadFromUrl.php
—	—	@@ -166,11 +166,11 @@
167	167	* Wrapper around the parent function in order to defer checking protection
168	168	* until we are sure that the file can actually be uploaded
169	169	*/
170		~~- public function verifyPermissions( $user ) {~~
	170	+ public function verifyTitlePermissions( $user ) {
171	171	if ( $this->mAsync ) {
172	172	return true;
173	173	}
174		~~- return parent::verifyPermissions( $user );~~
	174	+ return parent::verifyTitlePermissions( $user );
175	175	}
176	176
177	177	/**

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r78426	added a page to list all stashed files, and clear them if necessary -- helpfu...	neilk	01:21, 15 December 2010
r81393	Remove the $request parameter fro SpecialUploadStash::__construct(). This par...	btongminh	15:30, 2 February 2011
r81401	Cleanup SpecialUploadStash...	btongminh	16:07, 2 February 2011
r81638	Follow-up r81401: fix callback, apparently it was the other way around than I...	btongminh	18:13, 7 February 2011
r84731	fix bug #28071. Many video previews are relatively large, esp. since MediaWik...	neilk	06:37, 25 March 2011
r84761	change the name of UploadBase::verifyPermissions() to verifyTitlePermissions(...	neilk	20:37, 25 March 2011
r84762	don't check title permissions if upload is destined for stash anyway	neilk	20:42, 25 March 2011

Status & tagging log

12:20, 30 March 2011 😂 (talk | contribs) changed the status of r85000 [removed: new added: ok]