<?php
/**
 * Copyright © 2006 Yuri Astrakhan "<Firstname><Lastname>@gmail.com"
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 */

namespace MediaWiki\Api;

use DatabaseLogEntry;
use LogEventsList;
use LogFormatterFactory;
use LogPage;
use MediaWiki\CommentFormatter\CommentFormatter;
use MediaWiki\CommentFormatter\RowCommentFormatter;
use MediaWiki\CommentStore\CommentStore;
use MediaWiki\MainConfigNames;
use MediaWiki\MediaWikiServices;
use MediaWiki\ParamValidator\TypeDef\NamespaceDef;
use MediaWiki\ParamValidator\TypeDef\UserDef;
use MediaWiki\Storage\NameTableAccessException;
use MediaWiki\Storage\NameTableStore;
use MediaWiki\Title\Title;
use MediaWiki\User\UserNameUtils;
use Wikimedia\ParamValidator\ParamValidator;
use Wikimedia\ParamValidator\TypeDef\IntegerDef;
use Wikimedia\Rdbms\IExpression;
use Wikimedia\Rdbms\LikeValue;

/**
 * Query action to List the log events, with optional filtering by various parameters.
 *
 * @ingroup API
 */
class ApiQueryLogEvents extends ApiQueryBase {

	private CommentStore $commentStore;
	private CommentFormatter $commentFormatter;
	private NameTableStore $changeTagDefStore;
	private UserNameUtils $userNameUtils;
	private LogFormatterFactory $logFormatterFactory;

	/** @var string[]|null */
	private $formattedComments;

	public function __construct(
		ApiQuery $query,
		string $moduleName,
		CommentStore $commentStore,
		RowCommentFormatter $commentFormatter,
		NameTableStore $changeTagDefStore,
		UserNameUtils $userNameUtils,
		LogFormatterFactory $logFormatterFactory
	) {
		parent::__construct( $query, $moduleName, 'le' );
		$this->commentStore = $commentStore;
		$this->commentFormatter = $commentFormatter;
		$this->changeTagDefStore = $changeTagDefStore;
		$this->userNameUtils = $userNameUtils;
		$this->logFormatterFactory = $logFormatterFactory;
	}

	private bool $fld_ids = false;
	private bool $fld_title = false;
	private bool $fld_type = false;
	private bool $fld_user = false;
	private bool $fld_userid = false;
	private bool $fld_timestamp = false;
	private bool $fld_comment = false;
	private bool $fld_parsedcomment = false;
	private bool $fld_details = false;
	private bool $fld_tags = false;

	public function execute() {
		$params = $this->extractRequestParams();
		$db = $this->getDB();
		$this->requireMaxOneParameter( $params, 'title', 'prefix', 'namespace' );

		$prop = array_fill_keys( $params['prop'], true );

		$this->fld_ids = isset( $prop['ids'] );
		$this->fld_title = isset( $prop['title'] );
		$this->fld_type = isset( $prop['type'] );
		$this->fld_user = isset( $prop['user'] );
		$this->fld_userid = isset( $prop['userid'] );
		$this->fld_timestamp = isset( $prop['timestamp'] );
		$this->fld_comment = isset( $prop['comment'] );
		$this->fld_parsedcomment = isset( $prop['parsedcomment'] );
		$this->fld_details = isset( $prop['details'] );
		$this->fld_tags = isset( $prop['tags'] );

		$hideLogs = LogEventsList::getExcludeClause( $db, 'user', $this->getAuthority() );
		if ( $hideLogs !== false ) {
			$this->addWhere( $hideLogs );
		}

		$this->addTables( 'logging' );

		$this->addFields( [
			'log_id',
			'log_type',
			'log_action',
			'log_timestamp',
			'log_deleted',
		] );

		$user = $params['user'];
		if ( $this->fld_user || $this->fld_userid || $user !== null ) {
			$this->addTables( 'actor' );
			$this->addJoinConds( [
				'actor' => [ 'JOIN', 'actor_id=log_actor' ],
			] );
			$this->addFieldsIf( [ 'actor_name', 'actor_user' ], $this->fld_user );
			$this->addFieldsIf( 'actor_user', $this->fld_userid );
			if ( $user !== null ) {
				$this->addWhereFld( 'actor_name', $user );
			}
		}

		if ( $this->fld_ids ) {
			$this->addTables( 'page' );
			$this->addJoinConds( [
				'page' => [ 'LEFT JOIN',
					[ 'log_namespace=page_namespace',
						'log_title=page_title' ] ]
			] );
			// log_page is the page_id saved at log time, whereas page_id is from a
			// join at query time.  This leads to different results in various
			// scenarios, e.g. deletion, recreation.
			$this->addFields( [ 'page_id', 'log_page' ] );
		}
		$this->addFieldsIf(
			[ 'log_namespace', 'log_title' ],
			$this->fld_title || $this->fld_parsedcomment
		);
		$this->addFieldsIf( 'log_params', $this->fld_details || $this->fld_ids );

		if ( $this->fld_comment || $this->fld_parsedcomment ) {
			$commentQuery = $this->commentStore->getJoin( 'log_comment' );
			$this->addTables( $commentQuery['tables'] );
			$this->addFields( $commentQuery['fields'] );
			$this->addJoinConds( $commentQuery['joins'] );
		}

		if ( $this->fld_tags ) {
			$this->addFields( [
				'ts_tags' => MediaWikiServices::getInstance()->getChangeTagsStore()
					->makeTagSummarySubquery( 'logging' )
			] );
		}

		if ( $params['tag'] !== null ) {
			$this->addTables( 'change_tag' );
			$this->addJoinConds( [ 'change_tag' => [ 'JOIN',
				[ 'log_id=ct_log_id' ] ] ] );
			try {
				$this->addWhereFld( 'ct_tag_id', $this->changeTagDefStore->getId( $params['tag'] ) );
			} catch ( NameTableAccessException $exception ) {
				// Return nothing.
				$this->addWhere( '1=0' );
			}
		}

		if ( $params['action'] !== null ) {
			// Do validation of action param, list of allowed actions can contains wildcards
			// Allow the param, when the actions is in the list or a wildcard version is listed.
			$logAction = $params['action'];
			if ( !str_contains( $logAction, '/' ) ) {
				// all items in the list have a slash
				$valid = false;
			} else {
				$logActions = array_fill_keys( $this->getAllowedLogActions(), true );
				[ $type, $action ] = explode( '/', $logAction, 2 );
				$valid = isset( $logActions[$logAction] ) || isset( $logActions[$type . '/*'] );
			}

			if ( !$valid ) {
				$encParamName = $this->encodeParamName( 'action' );
				$this->dieWithError(
					[ 'apierror-unrecognizedvalue', $encParamName, wfEscapeWikiText( $logAction ) ],
					"unknown_$encParamName"
				);
			}

			// @phan-suppress-next-line PhanTypeMismatchArgumentNullable,PhanPossiblyUndeclaredVariable T240141
			$this->addWhereFld( 'log_type', $type );
			// @phan-suppress-next-line PhanTypeMismatchArgumentNullable,PhanPossiblyUndeclaredVariable T240141
			$this->addWhereFld( 'log_action', $action );
		} elseif ( $params['type'] !== null ) {
			$this->addWhereFld( 'log_type', $params['type'] );
		}

		$this->addTimestampWhereRange(
			'log_timestamp',
			$params['dir'],
			$params['start'],
			$params['end']
		);
		// Include in ORDER BY for uniqueness
		$this->addWhereRange( 'log_id', $params['dir'], null, null );

		if ( $params['continue'] !== null ) {
			$cont = $this->parseContinueParamOrDie( $params['continue'], [ 'timestamp', 'int' ] );
			$op = ( $params['dir'] === 'newer' ? '>=' : '<=' );
			$this->addWhere( $db->buildComparison( $op, [
				'log_timestamp' => $db->timestamp( $cont[0] ),
				'log_id' => $cont[1],
			] ) );
		}

		$limit = $params['limit'];
		$this->addOption( 'LIMIT', $limit + 1 );

		$title = $params['title'];
		if ( $title !== null ) {
			$titleObj = Title::newFromText( $title );
			if ( $titleObj === null || $titleObj->isExternal() ) {
				$this->dieWithError( [ 'apierror-invalidtitle', wfEscapeWikiText( $title ) ] );
			}
			$this->addWhereFld( 'log_namespace', $titleObj->getNamespace() );
			$this->addWhereFld( 'log_title', $titleObj->getDBkey() );
		}

		if ( $params['namespace'] !== null ) {
			$this->addWhereFld( 'log_namespace', $params['namespace'] );
		}

		$prefix = $params['prefix'];

		if ( $prefix !== null ) {
			if ( $this->getConfig()->get( MainConfigNames::MiserMode ) ) {
				$this->dieWithError( 'apierror-prefixsearchdisabled' );
			}

			$title = Title::newFromText( $prefix );
			if ( $title === null || $title->isExternal() ) {
				$this->dieWithError( [ 'apierror-invalidtitle', wfEscapeWikiText( $prefix ) ] );
			}
			$this->addWhereFld( 'log_namespace', $title->getNamespace() );
			$this->addWhere(
				$db->expr( 'log_title', IExpression::LIKE, new LikeValue( $title->getDBkey(), $db->anyString() ) )
			);
		}

		// Paranoia: avoid brute force searches (T19342)
		if ( $params['namespace'] !== null || $title !== null || $user !== null ) {
			if ( !$this->getAuthority()->isAllowed( 'deletedhistory' ) ) {
				$titleBits = LogPage::DELETED_ACTION;
				$userBits = LogPage::DELETED_USER;
			} elseif ( !$this->getAuthority()->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
				$titleBits = LogPage::DELETED_ACTION | LogPage::DELETED_RESTRICTED;
				$userBits = LogPage::DELETED_USER | LogPage::DELETED_RESTRICTED;
			} else {
				$titleBits = 0;
				$userBits = 0;
			}
			if ( ( $params['namespace'] !== null || $title !== null ) && $titleBits ) {
				$this->addWhere( $db->bitAnd( 'log_deleted', $titleBits ) . " != $titleBits" );
			}
			if ( $user !== null && $userBits ) {
				$this->addWhere( $db->bitAnd( 'log_deleted', $userBits ) . " != $userBits" );
			}
		}

		// T220999: MySQL/MariaDB (10.1.37) can sometimes irrationally decide that querying `actor` before
		// `logging` and filesorting is somehow better than querying $limit+1 rows from `logging`.
		// Tell it not to reorder the query. But not when `letag` was used, as it seems as likely
		// to be harmed as helped in that case.
		// If "user" was specified, it's obviously correct to query actor first (T282122)
		if ( $params['tag'] === null && $user === null ) {
			$this->addOption( 'STRAIGHT_JOIN' );
		}

		$this->addOption(
			'MAX_EXECUTION_TIME',
			$this->getConfig()->get( MainConfigNames::MaxExecutionTimeForExpensiveQueries )
		);

		$count = 0;
		$res = $this->select( __METHOD__ );

		if ( $this->fld_title ) {
			$this->executeGenderCacheFromResultWrapper( $res, __METHOD__, 'log' );
		}
		if ( $this->fld_parsedcomment ) {
			$this->formattedComments = $this->commentFormatter->formatItems(
				$this->commentFormatter->rows( $res )
					->commentKey( 'log_comment' )
					->indexField( 'log_id' )
					->namespaceField( 'log_namespace' )
					->titleField( 'log_title' )
			);
		}

		$result = $this->getResult();
		foreach ( $res as $row ) {
			if ( ++$count > $limit ) {
				// We've reached the one extra which shows that there are
				// additional pages to be had. Stop here...
				$this->setContinueEnumParameter( 'continue', "$row->log_timestamp|$row->log_id" );
				break;
			}

			$vals = $this->extractRowInfo( $row );
			$fit = $result->addValue( [ 'query', $this->getModuleName() ], null, $vals );
			if ( !$fit ) {
				$this->setContinueEnumParameter( 'continue', "$row->log_timestamp|$row->log_id" );
				break;
			}
		}
		$result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'item' );
	}

	private function extractRowInfo( $row ) {
		$logEntry = DatabaseLogEntry::newFromRow( $row );
		$vals = [
			ApiResult::META_TYPE => 'assoc',
		];
		$anyHidden = false;

		if ( $this->fld_ids ) {
			$vals['logid'] = (int)$row->log_id;
		}

		if ( $this->fld_title ) {
			$title = Title::makeTitle( $row->log_namespace, $row->log_title );
		}

		$authority = $this->getAuthority();
		if ( $this->fld_title || $this->fld_ids || ( $this->fld_details && $row->log_params !== '' ) ) {
			if ( LogEventsList::isDeleted( $row, LogPage::DELETED_ACTION ) ) {
				$vals['actionhidden'] = true;
				$anyHidden = true;
			}
			if ( LogEventsList::userCan( $row, LogPage::DELETED_ACTION, $authority ) ) {
				if ( $this->fld_title ) {
					// @phan-suppress-next-next-line PhanTypeMismatchArgumentNullable,PhanPossiblyUndeclaredVariable
					// title is set when used
					ApiQueryBase::addTitleInfo( $vals, $title );
				}
				if ( $this->fld_ids ) {
					$vals['pageid'] = (int)$row->page_id;
					$vals['logpage'] = (int)$row->log_page;
					$revId = $logEntry->getAssociatedRevId();
					if ( $revId ) {
						$vals['revid'] = (int)$revId;
					}
				}
				if ( $this->fld_details ) {
					$vals['params'] = $this->logFormatterFactory->newFromEntry( $logEntry )->formatParametersForApi();
				}
			}
		}

		if ( $this->fld_type ) {
			$vals['type'] = $row->log_type;
			$vals['action'] = $row->log_action;
		}

		if ( $this->fld_user || $this->fld_userid ) {
			if ( LogEventsList::isDeleted( $row, LogPage::DELETED_USER ) ) {
				$vals['userhidden'] = true;
				$anyHidden = true;
			}
			if ( LogEventsList::userCan( $row, LogPage::DELETED_USER, $authority ) ) {
				if ( $this->fld_user ) {
					$vals['user'] = $row->actor_name;
				}
				if ( $this->fld_userid ) {
					$vals['userid'] = (int)$row->actor_user;
				}

				if ( isset( $vals['user'] ) && $this->userNameUtils->isTemp( $vals['user'] ) ) {
					$vals['temp'] = true;
				}

				if ( !$row->actor_user ) {
					$vals['anon'] = true;
				}
			}
		}
		if ( $this->fld_timestamp ) {
			$vals['timestamp'] = wfTimestamp( TS_ISO_8601, $row->log_timestamp );
		}

		if ( $this->fld_comment || $this->fld_parsedcomment ) {
			if ( LogEventsList::isDeleted( $row, LogPage::DELETED_COMMENT ) ) {
				$vals['commenthidden'] = true;
				$anyHidden = true;
			}
			if ( LogEventsList::userCan( $row, LogPage::DELETED_COMMENT, $authority ) ) {
				if ( $this->fld_comment ) {
					$vals['comment'] = $this->commentStore->getComment( 'log_comment', $row )->text;
				}

				if ( $this->fld_parsedcomment ) {
					// @phan-suppress-next-line PhanTypeArraySuspiciousNullable
					$vals['parsedcomment'] = $this->formattedComments[$row->log_id];
				}
			}
		}

		if ( $this->fld_tags ) {
			if ( $row->ts_tags ) {
				$tags = explode( ',', $row->ts_tags );
				ApiResult::setIndexedTagName( $tags, 'tag' );
				$vals['tags'] = $tags;
			} else {
				$vals['tags'] = [];
			}
		}

		if ( $anyHidden && LogEventsList::isDeleted( $row, LogPage::DELETED_RESTRICTED ) ) {
			$vals['suppressed'] = true;
		}

		return $vals;
	}

	/**
	 * @return array
	 */
	private function getAllowedLogActions() {
		$config = $this->getConfig();
		return array_keys( array_merge(
			$config->get( MainConfigNames::LogActions ),
			$config->get( MainConfigNames::LogActionsHandlers )
		) );
	}

	public function getCacheMode( $params ) {
		if ( $this->userCanSeeRevDel() ) {
			return 'private';
		}
		if ( $params['prop'] !== null && in_array( 'parsedcomment', $params['prop'] ) ) {
			// MediaWiki\CommentFormatter\CommentFormatter::formatItems() calls wfMessage() among other things
			return 'anon-public-user-private';
		} elseif ( LogEventsList::getExcludeClause( $this->getDB(), 'user', $this->getAuthority() )
			=== LogEventsList::getExcludeClause( $this->getDB(), 'public' )
		) { // Output can only contain public data.
			return 'public';
		} else {
			return 'anon-public-user-private';
		}
	}

	public function getAllowedParams( $flags = 0 ) {
		$config = $this->getConfig();
		if ( $flags & ApiBase::GET_VALUES_FOR_HELP ) {
			$logActions = $this->getAllowedLogActions();
			sort( $logActions );
		} else {
			$logActions = null;
		}
		$ret = [
			'prop' => [
				ParamValidator::PARAM_ISMULTI => true,
				ParamValidator::PARAM_DEFAULT => 'ids|title|type|user|timestamp|comment|details',
				ParamValidator::PARAM_TYPE => [
					'ids',
					'title',
					'type',
					'user',
					'userid',
					'timestamp',
					'comment',
					'parsedcomment',
					'details',
					'tags'
				],
				ApiBase::PARAM_HELP_MSG_PER_VALUE => [],
			],
			'type' => [
				ParamValidator::PARAM_TYPE => LogPage::validTypes(),
			],
			'action' => [
				// validation on request is done in execute()
				ParamValidator::PARAM_TYPE => $logActions
			],
			'start' => [
				ParamValidator::PARAM_TYPE => 'timestamp'
			],
			'end' => [
				ParamValidator::PARAM_TYPE => 'timestamp'
			],
			'dir' => [
				ParamValidator::PARAM_DEFAULT => 'older',
				ParamValidator::PARAM_TYPE => [
					'newer',
					'older'
				],
				ApiBase::PARAM_HELP_MSG => 'api-help-param-direction',
				ApiBase::PARAM_HELP_MSG_PER_VALUE => [
					'newer' => 'api-help-paramvalue-direction-newer',
					'older' => 'api-help-paramvalue-direction-older',
				],
			],
			'user' => [
				ParamValidator::PARAM_TYPE => 'user',
				UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'ip', 'temp', 'id', 'interwiki' ],
			],
			'title' => null,
			'namespace' => [
				ParamValidator::PARAM_TYPE => 'namespace',
				NamespaceDef::PARAM_EXTRA_NAMESPACES => [ NS_MEDIA, NS_SPECIAL ],
			],
			'prefix' => [],
			'tag' => null,
			'limit' => [
				ParamValidator::PARAM_DEFAULT => 10,
				ParamValidator::PARAM_TYPE => 'limit',
				IntegerDef::PARAM_MIN => 1,
				IntegerDef::PARAM_MAX => ApiBase::LIMIT_BIG1,
				IntegerDef::PARAM_MAX2 => ApiBase::LIMIT_BIG2
			],
			'continue' => [
				ApiBase::PARAM_HELP_MSG => 'api-help-param-continue',
			],
		];

		if ( $config->get( MainConfigNames::MiserMode ) ) {
			$ret['prefix'][ApiBase::PARAM_HELP_MSG] = 'api-help-param-disabled-in-miser-mode';
		}

		return $ret;
	}

	protected function getExamplesMessages() {
		return [
			'action=query&list=logevents'
				=> 'apihelp-query+logevents-example-simple',
		];
	}

	public function getHelpUrls() {
		return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Logevents';
	}
}

/** @deprecated class alias since 1.43 */
class_alias( ApiQueryLogEvents::class, 'ApiQueryLogEvents' );