Follow-up I1462edc170127, which enabled the
UserDef::PARAM_RETURN_OBJECT flag for the 'user' parameter,
so that it returns UserIdentityValue objects instead of string
values, but the internal use of that value was still expecting
a string
Bug: T245159
Change-Id: I2f8d8c406ab81b6d5dc19a1fff389646af61001e
This brings significant modularization to the Action API's parameter
validation, and allows the Action API and MW REST API to share
validation code.
Note there are several changes in this patch that may affect other code;
see the entries in RELEASE-NOTES-1.35 for details.
Bug: T142080
Bug: T232672
Bug: T21195
Bug: T34675
Bug: T154774
Change-Id: I1462edc1701278760fa695308007006868b249fc
Depends-On: I10011be060fe6d27c7527312ad41218786b3f40d
Some of the callers of setExpectations() actually need to reset the old
expectations to avoid erroneous warnings.
Change-Id: I63c01c0f6cd748bdc849f1a5264e17bd377b9d11
It is the job of git and svn to provide this information/metadata.
The form was different, some with short, some with long month name
some with leading zero at the day, some without.
The year is also present in the Copyright clause
Change-Id: If006907b82b9e45f13cfa2e45d41107a95570e1a
PHP 7.2 broke existing functionality in making count( null ) raise a
warning. So add tests for null all over the place, or change tests where
we know the value is null or an array (but not false, empty-string, or
0) to just cast to boolean.
Bug: T182004
Change-Id: Idfe23a07daa9f60eee72f2daf04304be87057a29
Links generated by the API are now aware of the user's preferred
language and will show documents in that language if available.
To test, log in to mediawiki.org and set your language preference to 'es',
then on an MediaWiki installation with this patch view the generated
expanded API help at `api.php?action=help&recursivesubmodules=1&modules=main`.
Each link to documentation on mediawiki.org should take you to its
translated /es subpage, if one exists.
Bug: T104518
Change-Id: I339a1f3ae1bce9d759cf251899d57c32b1def91e
* Use errorformat for action=login Failed responses in non-BC mode.
* We removed 'messageHtml' from action=rollback's response on error, but
left it for success. Remove it there too, it's even less useful.
* We changed action=watch's reporting of errors, but left the
mostly-pointless reporting of "success" UI messages. These should be
handled on the client side.
Change-Id: Ia6c402a4254fbacf4c2c3f125ce8bf0bcc71e509
API warnings and error messages are currently hard-coded English
strings. This patch changes that.
With a few exceptions, this patch should be compatible with non-updated
extensions:
* The change to ApiBase::$messageMap will blow up anything trying to
mess with it.
* The changes to the 'ApiCheckCanExecute' hook will cause a wrong
(probably unparsed) error message to be emitted for extensions not
already using an ApiMessage. Unless they're currently broken like
Wikibase.
Bug: T37074
Bug: T47843
Depends-On: Ia2b66b57cd4eaddc30b3ffdd7b97d6ca3e02d898
Depends-On: I2e1bb975bb0045476c03ebe6cdec00259bae22ec
Depends-On: I53987bf87c48f6c00deec17a8e957d24fcc3eaa6
Depends-On: Ibf93a459eb62d30f7c70d20e91ec9faeb80d10ed
Depends-On: I3cf889811f44a15935e454dd42f081164d4a098c
Depends-On: Ieae527de86735ddcba34724730e8730fb277b99b
Depends-On: I535344c29d51521147c2a26c341dae38cec3e931
Change-Id: Iae0e2ce3bd42dd4776a9779664086119ac188412
Similar to WatchAction (converted in commit 77cdf1919).
* Make FormAction::getFormFields not abstract.
In most cases this will just be an empty array.
* Convert RollbackAction from FormlessAction to FormAction and implement the
required error handling scenarios (mostly moved out of from the old method, or
duplicated from the WikiPage method where necessary).
* In most cases the in-between form is never used since a JavaScript handler
takes over the link and uses the API over AJAX instead. In the no-js fallback
(as well as for any existing tokenless rollback links) copy the GET parameters
into the form for re-submission as POST (plus token, added by HTMLForm).
* Remove the distinction between WebUI and API tokens. This stronger token salt made it
unnecessarily complex and was only there because it used GET until now. This streamlining of
tokens matches what we already do for 'watch', 'edit', 'patrol' and other actions.
* Fix form submission bugs when 'from' query parameter is missing.
- Ensure the required 'from' query parameter is present before showing a form.
No need for the user to submit a form we know will fail.
- Plain GET request to action=rollback (with no parameters) is now a 400 Bad Request
instead of a form that would fail when submitted.
- Submitting the form without 'form' field now correctly says why it failed.
Previously it emitted a session error, which was a lie.
Bug: T88044
Change-Id: Ia457802fec2e90573c8e7d552bc1f3cee258f10b
Change tags to apply to an edit can now be passed directly to the
WikiPage::doEditContent function. They are then passed to the
RecentChange::notifyNew/Edit functions where tagging is made
after the recent change is saved. This ensures that other callers
of doEditContent will not run into the same issue as T100248.
ApiRollback is fixed in this way.
In addition, we'll have to pass tags in this way for core tagging
of edits (I2e48bd458fc8d7c289f04dc276f9287516e0b987), and this makes
it possible to merge the arrays of tags and call ChangeTags::addTags
only once.
Change-Id: I829960c7a33b70464065839d7504d7529dfd0b72
The API 'user' type accepts both user names and IP addresses, and
applies normalization but not canonicalization. We should be using this
on basically every user parameter to ensure that e.g. IPv6 usernames get
uppercased.
Bug: T122803
Change-Id: Ic67fb54061ac311e54f325b2a1a4658f43b8fef4
* Potentially long running POST requests often use multiple transactions,
talk to multiple services, or defer updates. Try to make sure they have
a chance to complete all of the work. WMF already sets ignore_user_abort()
across the board in config, but this applies it to key spots for all
installs, in addition to bumping the time limit.
* Eventually this can lower the need for high overall time limits.
Bug: T102890
Change-Id: I893ddd773064dcd63b5b24c84c6391974f4b5aee
This also adds some new ApiBase::PARAM_* constants to generate more
helpful help, and a method to override the default description message
for the use of ApiDisabled and ApiQueryDisabled.
Bug: 71638
Change-Id: Ic0c3d232e0498d58a043037e2e0c6f0b1c3edad3
The current token handling is a mess. This simplifies things greatly:
* *All* tokens are obtained from action=query&meta=tokens, rather than
being spread over action=tokens, action=query&prop=info,
action=query&prop=revisions, action=query&prop=recentchanges, and
action=query&prop=users. All these old methods are deprecated.
* Similarly, there is only one hook to register new token types. All old
hooks are deprecated.
* All tokens are cacheable.
* Most token types are dropped in favor of a 'csrf' token. They already
were returning the same token anyway.
* All token-using modules will document the required token type in a
standard manner in action=help and are documented in machine-readable
fashion in action=paraminfo.
Note this will require updates to all extensions using tokens.
Change-Id: I2793a3f2dd64a4bebb0b4d065e09af1e9f63fb89
The format for 'props' was never specified and the list for 'errors' is
impossible to keep updated when considering that many errors come from
MediaWiki backend code and extension hook functions. And since there
doesn't seem to be any real use case for either of these, let's just
kill both of them instead of wasting effort on trying to fix them.
Note that neither getResultProperties nor getPossibleErrors are called
from any extensions in gerrit, and none of the other deprecated methods
are called outside of the implementations of those two methods. Removing
the obsolete methods is left to the maintainers of the extensions, as
keeping them hurts nothing and is needed to maintain compatibility with
earlier versions of MediaWiki.
Change-Id: Ie11a401d60c834059fbf1b5625ca8ea093b3337c
This change adds a preference in the 'watchlist' section to
automatically watchlist a page after rollbacking.
The setting is only visible, if the user has the 'rollback'-right.
I have removed the watch reverts function per advice by Vogone.
Bug: 4488
Change-Id: I3aa831c9c04d627684641af0ca5a332795c87062
requireOnlyOneParameter was added in
I346c6ae4fc0b48c5a794c3d621018baf9bde6b9e,
without update of the possible error list from that function call
Change-Id: Iea51b9fc54d6854541509d44fad48a99db278fff
Also made the code flow easier to understand by moving
calls to ApiBase::extractRequestParams up in the stack.
Change-Id: I346c6ae4fc0b48c5a794c3d621018baf9bde6b9e
Follows-up: I9c4e4fa
See bug 44341 for action=parse, but the problem with interwiki
processing can also be happen in other modules.
This gives clearer error message on some modules
For example action=move:
Bad title "*title*"
instead of:
Unknown error: "immobile-target-namespace-iw"
Change-Id: I86524533dfd778a169b39968999918a1f531efeb
For historical reasons, all our API class had a dummy __construct which
simply calls their parent constructor. This patch removes all such
occurences to save out some bytes.
Change-Id: I667955d7821f780fc5ce23823d74dedb1729b9fa
API was using SVN's version keyword which GIT does not support.
All related methods were either removed, or for those that
could have been used from extensions, emptied out.
api.php?version now shows unrecognized param warning.
Change-Id: I910ca1448ed2ed697ac19b17c486d130aa1d7e03
action=block/action=unblock can not have the token required because when
using the gettoken param, the token param can not set.
Change-Id: I15317f16c06f150d29c1b17de76f41a6cfa84820
Doxygen choke on text enclosed by '<' and '>' since it tries to
interpret them as HTML or XML elements. This patch adds double quotes
in includes/api/*.php files around the two following strings:
<Firstname>.<Lastname>@gmail.com
<Firstname><Lastname>@gmail.com
Which becomes:
"<Firstname>.<Lastname>@gmail.com"
"<Firstname><Lastname>@gmail.com"
Tested locally, it prevents doxygen 1.8.0 related warnings.
Change-Id: I36d82eb3fd4989ee3ffc65b0b527b83711d1ba69
* Moving setting of empty string to param description.
* Removing word "(optional)" from comment/reason param, because all not
required params are optional.
* Correct description of action=rollback for default comment.
Change-Id: Ifa5b60a7b55b216c43049cd81cb584b2e0518eed
Added information about the properties of the results of API calls
to action=paraminfo, including information about "property groups":
what should the prop parameter be set to to get that property.
Uses the same format for types as parameters already do.
The output format of some modules doesn't fit this, so the result
properties for them weren't added, or only partially.
Partially implemented modules:
* expandtemplates:
parsetree is in its own tag
* protect, allusers, backlinks, deletedrevs, info, imageinfo,
logevents, querypage, recentchanges, revisions, searchinfo,
usercontribs, userinfo, users, watchlist, upload:
response with partially complex structure
Not implemented modules:
* feedcontributions, feedwatchlist, opensearch, rds:
non-standard reponse
* help:
error is normal response; not very useful for automated tools anyway
* paraminfo, parse, pageprops, siteinfo, userrights:
response with complex structure
Change-Id: Iff2a9bef79f994e73eef3062b4dd5461bff968ab
It's a parctice that dates back to 2006 when the API was first written, and frankly isn't covered by the coding conventions. Same thing with the docblocks, they're all copypasted with some bits changed and don't even make sense if you look at them in the genereated code docs.
I don't feel that any of us depend on this anymore (get a better IDE), so in the inerest of consistancy it's time we said goodbye to it.
