New hook ApiCheckCanExecute.

Added new hook in ApiMain::checkCanExecute so that extensions can authenticate and authorize API clients before the module is execute. (Necessary for extensions like OAuth that externally authnz clients.) Change-Id: I1b059fd9a4aa717928af8b09f5edebe899ab3ce1 Signed-off-by: Tyler Romeo <tylerromeo@gmail.com>
2012-08-21 11:52:47 -04:00 · 2012-08-21 11:52:47 -04:00 · 780b6878f7
commit 780b6878f7
parent 69379b2b88
2 changed files with 13 additions and 0 deletions
--- a/docs/hooks.txt
+++ b/docs/hooks.txt
@ -314,6 +314,13 @@ $body: Body of the message
 Use this to extend core API modules.
 &$module: Module object

+'APICheckCanExecute': Called during ApiMain::checkCanExecute. Use to
+further authenticate and authorize API clients before executing the
+module. Return false and set a message to cancel the request.
+$module: Module object
+$user: Current user
+&$message: API usage message to die with
+
 'APIEditBeforeSave': before saving a page with api.php?action=edit,
 after processing request parameters. Return false to let the request
 fail, returning an error message or an <edit result="Failure"> tag
--- a/includes/api/ApiMain.php
+++ b/includes/api/ApiMain.php
@ -758,6 +758,12 @@ class ApiMain extends ApiBase {
 				$this->dieReadOnly();
 			}
 		}
+
+		// Allow extensions to stop execution for arbitrary reasons.
+		$message = false;
+		if( !wfRunHooks( 'ApiCheckCanExecute', array( $module, $user, &$message ) ) ) {
+			$this->dieUsageMsg( $message );
+		}
 	}

 	/**