Now that ParserOptions->isSafeToCache() exists, use it where necessary.
This also moves the use inside the makeParserOptions() method so other
callers can pick it up as well.
Then pass the flag as $forceParse into WikiPage::getParserOutput()
instead of duplicating the logic in several cases, and generally clean
up the logic in the module to let WikiPage decide when to use the cache
in more cases.
Change-Id: I0079e10a40997e4a3b59ac21ef6c92246a147736
Support diffing deleted revisions, user-supplied text, and additional
properties about the diffed revisions such as the user and edit summary.
Bug: T20189
Bug: T30047
Bug: T164529
Change-Id: I5565d717d9c2fd19da7cae02890a15e244cc238b
If the load() triggered by User method calls fails, then mId becomes 0
which means there is no "user" right set in getAutomaticGroups().
Bug: T75174
Change-Id: I2d719e4b96c0142e9d408aa2d4f7c5e7a767a754
Replaces \TestingAccessWrapper (defined in core) with
\Wikimedia\TestingAccessWrapper (defined in the composer package
wikimedia/testing-access-wrapper).
See https://gerrit.wikimedia.org/r/#/q/topic:librarize-testing-access-wrapper
for downstream patches.
The core version of the class is kept around for a while to avoid
circular dependency problems.
Bug: T163434
Change-Id: I52cc257e593da3d6c3b01a909e554a950225aec8
The default will remain PHPUnit 4.x due to PHP 5.5 support.
But, we should allow developers to run tests with newer PHPUnit
versions which are noticably faster (especially for code coverage
reports).
* <https://github.com/sebastianbergmann/phpunit/wiki/Release-Announcement-for-PHPUnit-5.4.0>
PHPUnit 5 deprecates the getMock() shortcut for getMockBuilder()->getMock().
It instead introduces the shortcut createMock() which has better defaults
than getMockBuilder(). For example, it sets 'disableArgumentCloning' and
other things by default.
Going forward, code should either use getMockBuilder directly and configure
it using the setter methods (instead of the confusing variadic arguments
of getMock) or simply use the new minimalistic createMock method. This patch
backports the createMock method to MediaWikiTestCase so that we can start
using it.
Change-Id: I091c0289b21d2b1c876adba89529dc3e72b99af2
API tests are all subclasses of MediaWikiLangTestCase, which overrides
the content language when the tests are actually running. So we need to
always use 'en' to match that.
Bug: T162007
Change-Id: Ie001576fb62ae88c9141e471fd8fcbc49592be32
For example Special:MyPage, Special:MyTalk, and Special:MyLanguage.
Don't follow other redirect special pages like Special:MyContributions,
though, because the following only really makes sense when the redirect
is to an article.
Bug: T145541
Change-Id: I8c8065552ed128017887e48285e359def8bd3cd3
Apparently Jenkins sets $wgShowExceptionDetails to true but travis
doesn't. The test should make sure it's set since it depends on it.
And apparently no one ever added $wgShowDBErrorBacktrace to the API.
Let's do that too.
Change-Id: I0793eda349426b265a47900cdeb87bb920b5c291
It's unreasonable to expect newbies to know that "bug 12345" means "Task T14345"
except where it doesn't, so let's just standardise on the real numbers.
Change-Id: I46261416f7603558dceb76ebe695a5cac274e417
Before Iae0e2ce3b, the only place in the API that had to deal with
choosing from multiple errors was ApiBase::dieStatus(), which chose the
first one in the Status object. Iae0e2ce3b changed this to choose the
last one instead, which is an unnecessary backwards compatibility break.
While we could make the change in ApiBase::dieStatus(), it's cleaner to
change ApiErrorFormatter_BackCompat's behavior instead since it seems
unlikely anything else was using that code path.
Bug: T155268
Change-Id: Ia06527f8480c3d4a689792ceb8671b0d399ffbe3
This was suggested at a Developer Summit session as a way to get people
to know about the mailing list.
This also adds a hook so ApiFeatureUsage can mention itself in
deprecation warnings too.
Bug: T148855
Change-Id: I04a7cf89e87e48f6504803dd173e779017a205d0
Validating this should be as simple as it can be: if the tests run,
this change should be fine. :-)
Change-Id: I8e4a3dfc83fdc9b8c8d7f5bbd067e088ebd2133d
Tests were failing if class cannot be loaded using `\AutoLoader` but can be loaded by composer's autoloader.
Change-Id: I005c9d99245f4733a9666c4bfe9e39baeaad3960
Use booleans, not the old empty-string-or-undefined.
This bugfix is a breaking change, but chances are it won't affect many
clients.
Bug: T153518
Change-Id: If5fa2cdcb973b186349307b29e4266daceef0a9d
Blocks made for configured proxies, dnsbls, or the configured range
soft-blocks being added in I6c11a6b9 aren't real blocks stored in the
database. Let's actually flag these blocks as such and use a more
appropriate message when displaying them to the user.
Change-Id: I697e3eec2520792e98c193200c2b1c28c35bf382
Add feature to block/unblock users by their ID. For this,a new
parameter `userid` is added to block & unblock API request.
Bug: T34496
Change-Id: I084a4e275cd937053c505cd388a365b316990ece
This is a pure documentation change. It mostly removes empty lines from
comments (and entirely empty comments), as well as adds a few missing
documentation blocks and fixes a minor mistake. I hope it's ok to have
this in one patch. I can split it, please tell me.
Change-Id: I9668338602ac77b903ab6b02ff56bd52743c37c4
API warnings and error messages are currently hard-coded English
strings. This patch changes that.
With a few exceptions, this patch should be compatible with non-updated
extensions:
* The change to ApiBase::$messageMap will blow up anything trying to
mess with it.
* The changes to the 'ApiCheckCanExecute' hook will cause a wrong
(probably unparsed) error message to be emitted for extensions not
already using an ApiMessage. Unless they're currently broken like
Wikibase.
Bug: T37074
Bug: T47843
Depends-On: Ia2b66b57cd4eaddc30b3ffdd7b97d6ca3e02d898
Depends-On: I2e1bb975bb0045476c03ebe6cdec00259bae22ec
Depends-On: I53987bf87c48f6c00deec17a8e957d24fcc3eaa6
Depends-On: Ibf93a459eb62d30f7c70d20e91ec9faeb80d10ed
Depends-On: I3cf889811f44a15935e454dd42f081164d4a098c
Depends-On: Ieae527de86735ddcba34724730e8730fb277b99b
Depends-On: I535344c29d51521147c2a26c341dae38cec3e931
Change-Id: Iae0e2ce3bd42dd4776a9779664086119ac188412
Message::__toString() used the same formatting mode that the last
explicit transformation used:
$msg = new Message( 'foo' );
echo $msg; // escaped
echo $msg->plain();
echo $msg; // not escaped
This is not particularly useful and makes code review hard, so let's
get rid of it.
The same behavior with $msg->toString() is left intact (and logged)
for now.
Bug: T146416
Change-Id: Ia9b2a1dcf09d52348b2c6d8299fd849b809f6e74
It looks like there is something missing after the last statement
Also remove some other empty lines at begin of functions, ifs or loops
while at these files
Change-Id: Ib00b5cfd31ca4dcd0c32ce33754d3c80bae70641
This was requested for the use of scripts that are concerned about the
possibility that the user might log in with a different account in
another browser window, thereby changing the expected user out from
underneath the script.
Bug: T146770
Change-Id: I94e0421cb263a418e86649f0d22ece4cfec6a395
All deprecated ApiResult methods are removed. These have been deprecated
since 1.24 or 1.25, and the only users remaining in Gerrit are wrapped
in backwards-compatibility checks and so should not be being called.
ApiBase, ApiFormatBase, ApiMain, and ApiQuery methods for generating the
pre-Ib14c00df help text are removed. Nothing has called these for a long
time, and only Flow implemented them in any way. Deprecated methods for
providing the text for such help, such as getDescription(), haven't been
removed yet, though, since some extensions still call some of them.
Change-Id: I3ca7c98174b4a3f6f67f2b023e0f4446637e7a84
Useful for search engines that allow users to customize search profiles.
Depends-On: Icd577c8ebc6e162befe30bde4fe276e633d2e434
Change-Id: I471cd090730d2a25cb70d622ec3bebbe9583118c
An @ in the username caused the password to be treated as a bot password,
but apparently some real usernames still contain it. Try both logins
instead. Security considerations are the same as for the other bot
password syntax: the length check makes sure we do not provide any
information on a timing side channel about the password unless it is
extremely long.
Change-Id: I58f42544a08c3208c41f54cfae932632d9c5affa
If a client submits data that is not NFC-normalized Unicode or that
contains C0 controls other than HT, LF, and CR, it gets normalized before
the API ever sees it. Which can lead to difficult-to-handle bugs when,
for example, a title is subject to normalization so the client can't
find the specific title it submitted anywhere in the response (T139130).
This patch does two things:
* Detects when normalization was applied to an input value (at the
MediaWiki level, anyway; if PHP or earlier does it we're just out of
luck) and add a warning to that effect.
* For ApiPageSet's 'titles' parameter, split into the individual titles
and add them to the 'normalized' list in the response. This requires
encoding the pre-normalized strings to avoid ApiResult's own
normalization.
Bug: T29849
Bug: T144071
Change-Id: I215fd3edd7a5e1b45292e60768bf6dd5ad7f34de
When a multi-valued parameter's value begins with U+001F, the values
will be split on that character instead of pipes. This will be useful
for things such as action=options&change= or meta=allmessages&amargs=.
Since MediaWiki doesn't otherwise accept C0 control characters
(WebRequest::getVal() replaces them with �), there's no possibility that
this will conflict with a literal use of U+001F.
Special:ApiSandbox and mw.Api are updated to make use of this, with the
latter having an option to disable the behavior in case something is
depending on [ 'foo', 'bar|baz' ] turning into 'foo|bar|baz'.
Pipe is still used as the separator when the value doesn't begin with
U+001F, and will be forever since it's generally more human-friendly and
is needed for backwards compatibility with basically every API client in
existence. The requirement that the value begin with U+001F, rather than
simply contain U+001F, is to avoid clients having to somehow
special-case "param=foo|bar" where that's intended to be a single value
"foo|bar" rather than two values "foo" and "bar".
Bug: T141960
Change-Id: I45f69997667b48887a2b67e93906364a652ace5a
* Set an indexed tag name in ApiParamInfo and ApiAuthManagerHelper.
* Use 'key' instead of 'message' for the (not yet used) non-BC
ApiErrorFormatter.
Change-Id: I07f0a690e263b34e09210673241af8bf750cbd1b
Revert commit 23e5cdb503
temporarily so Pywikibot users can catch up with API changes
Bug: T121527
Bug: T142155
Change-Id: I3879a5d76a1727dd653daeebc79d4d9cabd0332e
In I6f987db this parameter was inadvertantly renamed to qiprofile. The
qiprofile is something different, and is also a BC break. The BC break is
pretty minor, for a randomly chosen day this looks to be used 157 times
out of 28.7M requests, but since this really isn't a qiprofile rename
it back to what it was.
Change-Id: I1cc07945888c15ea4b4c9596eea447b706606fae
