2007-12-06 16:06:22 +00:00
|
|
|
<?php
|
2010-02-23 18:05:46 +00:00
|
|
|
/**
|
2010-12-22 20:52:06 +00:00
|
|
|
*
|
2007-12-06 16:06:22 +00:00
|
|
|
*
|
2010-08-07 19:59:42 +00:00
|
|
|
* Created on Sep 1, 2007
|
|
|
|
|
*
|
2012-07-15 20:13:02 +00:00
|
|
|
* Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
|
2007-12-06 16:06:22 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License along
|
|
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
2010-06-21 13:13:32 +00:00
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
2007-12-06 16:06:22 +00:00
|
|
|
* http://www.gnu.org/copyleft/gpl.html
|
2010-08-07 19:59:42 +00:00
|
|
|
*
|
|
|
|
|
* @file
|
2007-12-06 16:06:22 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/**
|
WARNING: HUGE COMMIT
Doxygen documentation update:
* Changed alls @addtogroup to @ingroup. @addtogroup adds the comment to the group description, but doesn't add the file, class, function, ... to the group like @ingroup does. See for example http://svn.wikimedia.org/doc/group__SpecialPage.html where it's impossible to see related files, classes, ... that should belong to that group.
* Added @file to file description, it seems that it should be explicitely decalred for file descriptions, otherwise doxygen will think that the comment document the first class, variabled, function, ... that is in that file.
* Removed some empty comments
* Removed some ?>
Added following groups:
* ExternalStorage
* JobQueue
* MaintenanceLanguage
One more thing: there are still a lot of warnings when generating the doc.
2008-05-20 17:13:28 +00:00
|
|
|
* @ingroup API
|
2007-12-06 16:06:22 +00:00
|
|
|
*/
|
|
|
|
|
class ApiProtect extends ApiBase {
|
|
|
|
|
public function execute() {
|
Clean up handling of 'infinity'
There's a bunch of stuff that probably only works because the database
representation of infinity is actually 'infinity' on all databases
besides Oracle, and Oracle in general isn't maintained.
Generally, we should probably use 'infinity' everywhere except where
directly dealing with the database.
* Many extension callers of Language::formatExpiry() with $format !==
true are assuming it'll return 'infinity', none are checking for
$db->getInfinity().
* And Language::formatExpiry() would choke if passed 'infinity', despite
callers doing this.
* And Language::formatExpiry() could be more useful for the API if we
can override the string returned for infinity.
* As for core, Title is using Language::formatExpiry() with TS_MW which
is going to be changing anyway. Extension callers mostly don't exist.
* Block already normalizes its mExpiry field (and ->getExpiry()),
but some stuff is comparing it with $db->getInfinity() anyway. A few
external users set mExpiry to $db->getInfinity(), but this is mostly
because SpecialBlock::parseExpiryInput() returns $db->getInfinity()
while most callers (including all extensions) are assuming 'infinity'.
* And for that matter, Block should use $db->decodeExpiry() instead of
manually doing it, once we make that safe to call with 'infinity' for
all the extensions passing $db->getInfinity() to Block's contructor.
* WikiPage::doUpdateRestrictions() and some of its callers are using
$db->getInfinity(), when all the inserts using that value are using
$db->encodeExpiry() which will convert 'infinity'.
This also cleans up a slave-lag issue I noticed in ApiBlock while
testing.
Bug: T92550
Change-Id: I5eb68c1fb6029da8289276ecf7c81330575029ef
2015-03-12 16:37:04 +00:00
|
|
|
global $wgContLang;
|
|
|
|
|
|
2007-12-06 16:06:22 +00:00
|
|
|
$params = $this->extractRequestParams();
|
2008-04-14 07:45:50 +00:00
|
|
|
|
2012-04-28 13:45:37 +00:00
|
|
|
$pageObj = $this->getTitleOrPageId( $params, 'fromdbmaster' );
|
|
|
|
|
$titleObj = $pageObj->getTitle();
|
2010-01-11 15:55:52 +00:00
|
|
|
|
2011-10-26 23:27:01 +00:00
|
|
|
$errors = $titleObj->getUserPermissionsErrors( 'protect', $this->getUser() );
|
2010-02-23 18:05:46 +00:00
|
|
|
if ( $errors ) {
|
2008-01-18 16:34:40 +00:00
|
|
|
// We don't care about multiple errors, just report one of them
|
2010-01-11 15:55:52 +00:00
|
|
|
$this->dieUsageMsg( reset( $errors ) );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
2008-04-14 07:45:50 +00:00
|
|
|
|
2008-10-04 14:58:13 +00:00
|
|
|
$expiry = (array)$params['expiry'];
|
2010-02-23 18:05:46 +00:00
|
|
|
if ( count( $expiry ) != count( $params['protections'] ) ) {
|
|
|
|
|
if ( count( $expiry ) == 1 ) {
|
2010-01-11 15:55:52 +00:00
|
|
|
$expiry = array_fill( 0, count( $params['protections'] ), $expiry[0] );
|
2010-02-23 18:05:46 +00:00
|
|
|
} else {
|
2013-11-14 18:03:09 +00:00
|
|
|
$this->dieUsageMsg( array(
|
|
|
|
|
'toofewexpiries',
|
|
|
|
|
count( $expiry ),
|
|
|
|
|
count( $params['protections'] )
|
|
|
|
|
) );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
2007-12-06 16:06:22 +00:00
|
|
|
}
|
2010-02-23 18:05:46 +00:00
|
|
|
|
2009-11-09 12:05:30 +00:00
|
|
|
$restrictionTypes = $titleObj->getRestrictionTypes();
|
2010-02-23 18:05:46 +00:00
|
|
|
|
2007-12-06 16:06:22 +00:00
|
|
|
$protections = array();
|
2008-09-18 21:30:51 +00:00
|
|
|
$expiryarray = array();
|
2008-10-04 14:58:13 +00:00
|
|
|
$resultProtections = array();
|
2010-02-23 18:05:46 +00:00
|
|
|
foreach ( $params['protections'] as $i => $prot ) {
|
2010-01-11 15:55:52 +00:00
|
|
|
$p = explode( '=', $prot );
|
|
|
|
|
$protections[$p[0]] = ( $p[1] == 'all' ? '' : $p[1] );
|
2010-01-23 22:47:49 +00:00
|
|
|
|
2010-02-23 18:05:46 +00:00
|
|
|
if ( $titleObj->exists() && $p[0] == 'create' ) {
|
2011-05-19 17:51:16 +00:00
|
|
|
$this->dieUsageMsg( 'create-titleexists' );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
|
|
|
|
if ( !$titleObj->exists() && $p[0] != 'create' ) {
|
2011-05-19 17:51:16 +00:00
|
|
|
$this->dieUsageMsg( 'missingtitle-createonly' );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
2010-01-23 22:47:49 +00:00
|
|
|
|
2010-02-23 18:05:46 +00:00
|
|
|
if ( !in_array( $p[0], $restrictionTypes ) && $p[0] != 'create' ) {
|
2010-01-11 15:55:52 +00:00
|
|
|
$this->dieUsageMsg( array( 'protect-invalidaction', $p[0] ) );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
2014-01-24 02:51:11 +00:00
|
|
|
if ( !in_array( $p[1], $this->getConfig()->get( 'RestrictionLevels' ) ) && $p[1] != 'all' ) {
|
2010-01-11 15:55:52 +00:00
|
|
|
$this->dieUsageMsg( array( 'protect-invalidlevel', $p[1] ) );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
2010-01-11 15:55:52 +00:00
|
|
|
|
2014-06-18 02:45:32 +00:00
|
|
|
if ( wfIsInfinity( $expiry[$i] ) ) {
|
Clean up handling of 'infinity'
There's a bunch of stuff that probably only works because the database
representation of infinity is actually 'infinity' on all databases
besides Oracle, and Oracle in general isn't maintained.
Generally, we should probably use 'infinity' everywhere except where
directly dealing with the database.
* Many extension callers of Language::formatExpiry() with $format !==
true are assuming it'll return 'infinity', none are checking for
$db->getInfinity().
* And Language::formatExpiry() would choke if passed 'infinity', despite
callers doing this.
* And Language::formatExpiry() could be more useful for the API if we
can override the string returned for infinity.
* As for core, Title is using Language::formatExpiry() with TS_MW which
is going to be changing anyway. Extension callers mostly don't exist.
* Block already normalizes its mExpiry field (and ->getExpiry()),
but some stuff is comparing it with $db->getInfinity() anyway. A few
external users set mExpiry to $db->getInfinity(), but this is mostly
because SpecialBlock::parseExpiryInput() returns $db->getInfinity()
while most callers (including all extensions) are assuming 'infinity'.
* And for that matter, Block should use $db->decodeExpiry() instead of
manually doing it, once we make that safe to call with 'infinity' for
all the extensions passing $db->getInfinity() to Block's contructor.
* WikiPage::doUpdateRestrictions() and some of its callers are using
$db->getInfinity(), when all the inserts using that value are using
$db->encodeExpiry() which will convert 'infinity'.
This also cleans up a slave-lag issue I noticed in ApiBlock while
testing.
Bug: T92550
Change-Id: I5eb68c1fb6029da8289276ecf7c81330575029ef
2015-03-12 16:37:04 +00:00
|
|
|
$expiryarray[$p[0]] = 'infinity';
|
2010-02-23 18:05:46 +00:00
|
|
|
} else {
|
2010-01-11 15:55:52 +00:00
|
|
|
$exp = strtotime( $expiry[$i] );
|
2010-06-09 11:44:05 +00:00
|
|
|
if ( $exp < 0 || !$exp ) {
|
2010-01-11 15:55:52 +00:00
|
|
|
$this->dieUsageMsg( array( 'invalidexpiry', $expiry[$i] ) );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
2008-10-04 14:58:13 +00:00
|
|
|
|
2010-01-11 15:55:52 +00:00
|
|
|
$exp = wfTimestamp( TS_MW, $exp );
|
2010-02-23 18:05:46 +00:00
|
|
|
if ( $exp < wfTimestampNow() ) {
|
2010-01-11 15:55:52 +00:00
|
|
|
$this->dieUsageMsg( array( 'pastexpiry', $expiry[$i] ) );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
2008-10-04 14:58:13 +00:00
|
|
|
$expiryarray[$p[0]] = $exp;
|
|
|
|
|
}
|
2014-02-05 11:02:29 +00:00
|
|
|
$resultProtections[] = array(
|
|
|
|
|
$p[0] => $protections[$p[0]],
|
Clean up handling of 'infinity'
There's a bunch of stuff that probably only works because the database
representation of infinity is actually 'infinity' on all databases
besides Oracle, and Oracle in general isn't maintained.
Generally, we should probably use 'infinity' everywhere except where
directly dealing with the database.
* Many extension callers of Language::formatExpiry() with $format !==
true are assuming it'll return 'infinity', none are checking for
$db->getInfinity().
* And Language::formatExpiry() would choke if passed 'infinity', despite
callers doing this.
* And Language::formatExpiry() could be more useful for the API if we
can override the string returned for infinity.
* As for core, Title is using Language::formatExpiry() with TS_MW which
is going to be changing anyway. Extension callers mostly don't exist.
* Block already normalizes its mExpiry field (and ->getExpiry()),
but some stuff is comparing it with $db->getInfinity() anyway. A few
external users set mExpiry to $db->getInfinity(), but this is mostly
because SpecialBlock::parseExpiryInput() returns $db->getInfinity()
while most callers (including all extensions) are assuming 'infinity'.
* And for that matter, Block should use $db->decodeExpiry() instead of
manually doing it, once we make that safe to call with 'infinity' for
all the extensions passing $db->getInfinity() to Block's contructor.
* WikiPage::doUpdateRestrictions() and some of its callers are using
$db->getInfinity(), when all the inserts using that value are using
$db->encodeExpiry() which will convert 'infinity'.
This also cleans up a slave-lag issue I noticed in ApiBlock while
testing.
Bug: T92550
Change-Id: I5eb68c1fb6029da8289276ecf7c81330575029ef
2015-03-12 16:37:04 +00:00
|
|
|
'expiry' => $wgContLang->formatExpiry( $expiryarray[$p[0]], TS_ISO_8601, 'infinite' ),
|
2014-02-05 11:02:29 +00:00
|
|
|
);
|
2007-12-06 16:06:22 +00:00
|
|
|
}
|
|
|
|
|
|
2008-12-10 22:39:41 +00:00
|
|
|
$cascade = $params['cascade'];
|
2010-04-10 06:11:02 +00:00
|
|
|
|
|
|
|
|
$watch = $params['watch'] ? 'watch' : $params['watchlist'];
|
2013-11-08 18:01:28 +00:00
|
|
|
$this->setWatch( $watch, $titleObj, 'watchdefault' );
|
2010-03-25 22:15:08 +00:00
|
|
|
|
2013-11-14 18:03:09 +00:00
|
|
|
$status = $pageObj->doUpdateRestrictions(
|
|
|
|
|
$protections,
|
|
|
|
|
$expiryarray,
|
|
|
|
|
$cascade,
|
|
|
|
|
$params['reason'],
|
|
|
|
|
$this->getUser()
|
|
|
|
|
);
|
2011-12-18 16:01:31 +00:00
|
|
|
|
|
|
|
|
if ( !$status->isOK() ) {
|
2013-06-13 17:56:29 +00:00
|
|
|
$this->dieStatus( $status );
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
|
|
|
|
$res = array(
|
|
|
|
|
'title' => $titleObj->getPrefixedText(),
|
|
|
|
|
'reason' => $params['reason']
|
|
|
|
|
);
|
|
|
|
|
if ( $cascade ) {
|
2015-01-16 19:00:07 +00:00
|
|
|
$res['cascade'] = true;
|
2010-02-23 18:05:46 +00:00
|
|
|
}
|
2008-10-04 14:58:13 +00:00
|
|
|
$res['protections'] = $resultProtections;
|
2011-06-30 01:06:17 +00:00
|
|
|
$result = $this->getResult();
|
API: Overhaul ApiResult, make format=xml not throw, and add json formatversion
ApiResult was a mess: some methods could only be used with an array
reference instead of manipulating the stored data, methods that had both
array-ref and internal-data versions had names that didn't at all
correspond, some methods that worked on an array reference were
annoyingly non-static, and then the whole mess with setIndexedTagName.
ApiFormatXml is also entirely annoying to deal with, as it liked to
throw exceptions if certain metadata wasn't provided that no other
formatter required. Its legacy also means we have this silly convention
of using empty-string rather than boolean true, annoying restrictions on
keys (leading to things that should be hashes being arrays of key-value
object instead), '*' used as a key all over the place, and so on.
So, changes here:
* ApiResult is no longer an ApiBase or a ContextSource.
* Wherever sensible, ApiResult provides a static method working on an
arrayref and a non-static method working on internal data.
* Metadata is now always added to ApiResult's internal data structure.
Formatters are responsible for stripping it if necessary. "raw mode"
is deprecated.
* New metadata to replace the '*' key, solve the array() => '[]' vs '{}'
question, and so on.
* New class for formatting warnings and errors using i18n messages, and
support for multiple errors and a more machine-readable format for
warnings. For the moment, though, the actual output will not be changing
yet (see T47843 for future plans).
* New formatversion parameter for format=json and format=php, to select
between BC mode and the modern output.
* In BC mode, booleans will be converted to empty-string presence style;
modules currently returning booleans will need to use
ApiResult::META_BC_BOOLS to preserve their current output.
Actual changes to the API modules' output (e.g. actually returning
booleans for the new formatversion) beyond the use of
ApiResult::setContentValue() are left for a future change.
Bug: T76728
Bug: T57371
Bug: T33629
Change-Id: I7b37295e8862b188d1f3b0cd07f66ac34629678f
2014-12-03 22:14:22 +00:00
|
|
|
ApiResult::setIndexedTagName( $res['protections'], 'protection' );
|
2011-06-30 01:06:17 +00:00
|
|
|
$result->addValue( null, $this->getModuleName(), $res );
|
2007-12-06 16:06:22 +00:00
|
|
|
}
|
|
|
|
|
|
2010-02-14 21:12:11 +00:00
|
|
|
public function mustBePosted() {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2008-01-18 20:43:59 +00:00
|
|
|
|
2009-03-06 13:49:44 +00:00
|
|
|
public function isWriteMode() {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2008-01-28 19:05:26 +00:00
|
|
|
public function getAllowedParams() {
|
2010-02-23 18:05:46 +00:00
|
|
|
return array(
|
2010-08-04 14:15:33 +00:00
|
|
|
'title' => array(
|
|
|
|
|
ApiBase::PARAM_TYPE => 'string',
|
2012-04-07 19:31:27 +00:00
|
|
|
),
|
|
|
|
|
'pageid' => array(
|
|
|
|
|
ApiBase::PARAM_TYPE => 'integer',
|
2010-08-04 14:15:33 +00:00
|
|
|
),
|
2007-12-06 16:06:22 +00:00
|
|
|
'protections' => array(
|
2010-08-04 14:15:33 +00:00
|
|
|
ApiBase::PARAM_ISMULTI => true,
|
2010-08-04 14:29:39 +00:00
|
|
|
ApiBase::PARAM_REQUIRED => true,
|
2007-12-06 16:06:22 +00:00
|
|
|
),
|
2008-10-04 14:58:13 +00:00
|
|
|
'expiry' => array(
|
2010-02-23 18:05:46 +00:00
|
|
|
ApiBase::PARAM_ISMULTI => true,
|
|
|
|
|
ApiBase::PARAM_ALLOW_DUPLICATES => true,
|
|
|
|
|
ApiBase::PARAM_DFLT => 'infinite',
|
2008-10-04 14:58:13 +00:00
|
|
|
),
|
2007-12-06 16:06:22 +00:00
|
|
|
'reason' => '',
|
2009-02-02 16:38:40 +00:00
|
|
|
'cascade' => false,
|
2010-03-25 22:15:08 +00:00
|
|
|
'watch' => array(
|
|
|
|
|
ApiBase::PARAM_DFLT => false,
|
|
|
|
|
ApiBase::PARAM_DEPRECATED => true,
|
|
|
|
|
),
|
|
|
|
|
'watchlist' => array(
|
|
|
|
|
ApiBase::PARAM_DFLT => 'preferences',
|
|
|
|
|
ApiBase::PARAM_TYPE => array(
|
|
|
|
|
'watch',
|
|
|
|
|
'unwatch',
|
|
|
|
|
'preferences',
|
|
|
|
|
'nochange'
|
|
|
|
|
),
|
|
|
|
|
),
|
2007-12-06 16:06:22 +00:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-01 20:12:50 +00:00
|
|
|
public function needsToken() {
|
2014-08-08 16:56:07 +00:00
|
|
|
return 'csrf';
|
2010-02-14 22:20:27 +00:00
|
|
|
}
|
2007-12-06 16:06:22 +00:00
|
|
|
|
2014-10-28 17:17:02 +00:00
|
|
|
protected function getExamplesMessages() {
|
2010-02-23 18:05:46 +00:00
|
|
|
return array(
|
2014-09-18 17:38:23 +00:00
|
|
|
'action=protect&title=Main%20Page&token=123ABC&' .
|
|
|
|
|
'protections=edit=sysop|move=sysop&cascade=&expiry=20070901163000|never'
|
|
|
|
|
=> 'apihelp-protect-example-protect',
|
|
|
|
|
'action=protect&title=Main%20Page&token=123ABC&' .
|
2013-11-14 18:03:09 +00:00
|
|
|
'protections=edit=all|move=all&reason=Lifting%20restrictions'
|
2014-09-18 17:38:23 +00:00
|
|
|
=> 'apihelp-protect-example-unprotect',
|
|
|
|
|
'action=protect&title=Main%20Page&token=123ABC&' .
|
|
|
|
|
'protections=&reason=Lifting%20restrictions'
|
|
|
|
|
=> 'apihelp-protect-example-unprotect2',
|
2007-12-06 16:06:22 +00:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2011-07-17 16:38:24 +00:00
|
|
|
public function getHelpUrls() {
|
2011-11-28 15:43:11 +00:00
|
|
|
return 'https://www.mediawiki.org/wiki/API:Protect';
|
2011-07-17 16:38:24 +00:00
|
|
|
}
|
2007-12-06 16:06:22 +00:00
|
|
|
}
|
