Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/includes/api/ApiOptions.php
Brad Jorsch 13f0f58f76 (bug 42639) Fix API action=options for multiselect prefs 
Preferences options using HTMLForm's "multiselect" type are stored in
the user preferences table as one key with a boolean value for each
option in the multiselect. The validation code added in change I98df55f2
does not take this into account, and therefore considers all of these
option keys invalid.

This changeset fixes that, and adds a unit test to verify correct
behavior.

Change-Id: I137c74a6045c7b39e2119a8edde2705738879bc9
2012-12-08 10:09:04 +01:00

206 lines
5.6 KiB
PHP
Raw Blame History

<?php
/**
*
*
* Created on Apr 15, 2012
*
* Copyright © 2012 Szymon Świerkosz beau@adres.pl
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @file
*/
/**
* API module that facilitates the changing of user's preferences.
* Requires API write mode to be enabled.
*
* @ingroup API
*/
class ApiOptions extends ApiBase {
public function __construct( $main, $action ) {
parent::__construct( $main, $action );
}
/**
* Changes preferences of the current user.
*/
public function execute() {
$user = $this->getUser();
if ( $user->isAnon() ) {
$this->dieUsage( 'Anonymous users cannot change preferences', 'notloggedin' );
}
$params = $this->extractRequestParams();
$changed = false;
if ( isset( $params['optionvalue'] ) && !isset( $params['optionname'] ) ) {
$this->dieUsageMsg( array( 'missingparam', 'optionname' ) );
}
if ( $params['reset'] ) {
$user->resetOptions();
$changed = true;
}
$changes = array();
if ( count( $params['change'] ) ) {
foreach ( $params['change'] as $entry ) {
$array = explode( '=', $entry, 2 );
$changes[$array[0]] = isset( $array[1] ) ? $array[1] : null;
}
}
if ( isset( $params['optionname'] ) ) {
$newValue = isset( $params['optionvalue'] ) ? $params['optionvalue'] : null;
$changes[$params['optionname']] = $newValue;
}
if ( !$changed && !count( $changes ) ) {
$this->dieUsage( 'No changes were requested', 'nochanges' );
}
$prefs = Preferences::getPreferences( $user, $this->getContext() );
// Multiselect options are stored in the database with one key per
// option, each having a boolean value. Extract those keys.
$multiselectOptions = array();
foreach ( $prefs as $name => $info ) {
if ( ( isset( $info['type'] ) && $info['type'] == 'multiselect' ) ||
( isset( $info['class'] ) && $info['class'] == 'HTMLMultiSelectField' ) ) {
$options = HTMLFormField::flattenOptions( $info['options'] );
$prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
foreach ( $options as $value ) {
$multiselectOptions["$prefix$value"] = true;
}
unset( $prefs[$name] );
}
}
foreach ( $changes as $key => $value ) {
if ( isset( $prefs[$key] ) ) {
$field = HTMLForm::loadInputFromParameters( $key, $prefs[$key] );
$validation = $field->validate( $value, $user->getOptions() );
} elseif( isset( $multiselectOptions[$key] ) ) {
// A key for a multiselect option.
$validation = true;
$value = (bool)$value;
} else {
$this->setWarning( "Not a valid preference: $key" );
continue;
}
if ( $validation === true ) {
$user->setOption( $key, $value );
$changed = true;
} else {
$this->setWarning( "Validation error for '$key': $validation" );
}
}
if ( $changed ) {
// Commit changes
$user->saveSettings();
}
$this->getResult()->addValue( null, $this->getModuleName(), 'success' );
}
public function mustBePosted() {
return true;
}
public function isWriteMode() {
return true;
}
public function getAllowedParams() {
return array(
'token' => array(
ApiBase::PARAM_TYPE => 'string',
ApiBase::PARAM_REQUIRED => true
),
'reset' => false,
'change' => array(
ApiBase::PARAM_ISMULTI => true,
),
'optionname' => array(
ApiBase::PARAM_TYPE => 'string',
),
'optionvalue' => array(
ApiBase::PARAM_TYPE => 'string',
),
);
}
public function getResultProperties() {
return array(
'' => array(
'*' => array(
ApiBase::PROP_TYPE => array(
'success'
)
)
)
);
}
public function getParamDescription() {
return array(
'token' => 'An options token previously obtained through the action=tokens',
'reset' => 'Resets all preferences to the site defaults',
'change' => 'List of changes, formatted name=value (e.g. skin=vector), value cannot contain pipe characters',
'optionname' => 'A name of a option which should have an optionvalue set',
'optionvalue' => 'A value of the option specified by the optionname, can contain pipe characters',
);
}
public function getDescription() {
return 'Change preferences of the current user';
}
public function getPossibleErrors() {
return array_merge( parent::getPossibleErrors(), array(
array( 'code' => 'notloggedin', 'info' => 'Anonymous users cannot change preferences' ),
array( 'code' => 'nochanges', 'info' => 'No changes were requested' ),
) );
}
public function needsToken() {
return true;
}
public function getTokenSalt() {
return '';
}
public function getHelpUrls() {
return 'https://www.mediawiki.org/wiki/API:Options';
}
public function getExamples() {
return array(
'api.php?action=options&reset=&token=123ABC',
'api.php?action=options&change=skin=vector|hideminor=1&token=123ABC',
'api.php?action=options&reset=&change=skin=monobook&optionname=nickname&optionvalue=[[User:Beau|Beau]]%20([[User_talk:Beau|talk]])&token=123ABC',
);
}
public function getVersion() {
return __CLASS__ . ': $Id$';
}
}
Reference in a new issue View git blame Copy permalink