cf004d524d
This trait is not needed in ApiBase and its presence here is proving to be problematic. See I795db12. In this patch, the trait usage (more precisely the 'use statement') has been removed from ApiBase and accordingly the signatures of ApiWatchlistTrait::getWatchlistValue() and ::setWatch() have been altered to now require User object. With these changes, the abstract getUser() method in the trait is no longer needed, so it has been removed also. All core usages of the affected functions are fixed in this patch. The trait is used in only one extension according to codesearch tool, the extension will be fixed in Ic22e163. Bug: T262175 Bug: T248512 Follow-up: Ia18627b9824dca81f44f0571e8420d89b7626cf6 Change-Id: Idabcea71edfca9e7ed42000a258c99ff407873d4
2168 lines
64 KiB
PHP
2168 lines
64 KiB
PHP
<?php
|
|
/**
|
|
* Copyright © 2006, 2010 Yuri Astrakhan "<Firstname><Lastname>@gmail.com"
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
* http://www.gnu.org/copyleft/gpl.html
|
|
*
|
|
* @file
|
|
*/
|
|
|
|
use MediaWiki\Api\ApiHookRunner;
|
|
use MediaWiki\Api\Validator\SubmoduleDef;
|
|
use MediaWiki\Block\AbstractBlock;
|
|
use MediaWiki\Block\DatabaseBlock;
|
|
use MediaWiki\HookContainer\HookContainer;
|
|
use MediaWiki\Linker\LinkTarget;
|
|
use MediaWiki\MediaWikiServices;
|
|
use MediaWiki\ParamValidator\TypeDef\NamespaceDef;
|
|
use MediaWiki\Permissions\PermissionManager;
|
|
use Wikimedia\ParamValidator\ParamValidator;
|
|
use Wikimedia\ParamValidator\TypeDef\EnumDef;
|
|
use Wikimedia\ParamValidator\TypeDef\IntegerDef;
|
|
use Wikimedia\ParamValidator\TypeDef\StringDef;
|
|
use Wikimedia\Rdbms\IDatabase;
|
|
|
|
/**
|
|
* This abstract class implements many basic API functions, and is the base of
|
|
* all API classes.
|
|
* The class functions are divided into several areas of functionality:
|
|
*
|
|
* Module parameters: Derived classes can define getAllowedParams() to specify
|
|
* which parameters to expect, how to parse and validate them.
|
|
*
|
|
* Self-documentation: code to allow the API to document its own state
|
|
*
|
|
* @stable to extend
|
|
*
|
|
* @ingroup API
|
|
*/
|
|
abstract class ApiBase extends ContextSource {
|
|
|
|
use ApiBlockInfoTrait;
|
|
|
|
/** @var HookContainer */
|
|
private $hookContainer;
|
|
|
|
/** @var ApiHookRunner */
|
|
private $hookRunner;
|
|
|
|
/**
|
|
* @name Old constants for ::getAllowedParams() arrays
|
|
* @deprecated since 1.35, use the equivalent ParamValidator or TypeDef constants instead.
|
|
* @{
|
|
*/
|
|
|
|
public const PARAM_DFLT = ParamValidator::PARAM_DEFAULT;
|
|
public const PARAM_ISMULTI = ParamValidator::PARAM_ISMULTI;
|
|
public const PARAM_TYPE = ParamValidator::PARAM_TYPE;
|
|
public const PARAM_MAX = IntegerDef::PARAM_MAX;
|
|
public const PARAM_MAX2 = IntegerDef::PARAM_MAX2;
|
|
public const PARAM_MIN = IntegerDef::PARAM_MIN;
|
|
public const PARAM_ALLOW_DUPLICATES = ParamValidator::PARAM_ALLOW_DUPLICATES;
|
|
public const PARAM_DEPRECATED = ParamValidator::PARAM_DEPRECATED;
|
|
public const PARAM_REQUIRED = ParamValidator::PARAM_REQUIRED;
|
|
public const PARAM_SUBMODULE_MAP = SubmoduleDef::PARAM_SUBMODULE_MAP;
|
|
public const PARAM_SUBMODULE_PARAM_PREFIX = SubmoduleDef::PARAM_SUBMODULE_PARAM_PREFIX;
|
|
public const PARAM_ALL = ParamValidator::PARAM_ALL;
|
|
public const PARAM_EXTRA_NAMESPACES = NamespaceDef::PARAM_EXTRA_NAMESPACES;
|
|
public const PARAM_SENSITIVE = ParamValidator::PARAM_SENSITIVE;
|
|
public const PARAM_DEPRECATED_VALUES = EnumDef::PARAM_DEPRECATED_VALUES;
|
|
public const PARAM_ISMULTI_LIMIT1 = ParamValidator::PARAM_ISMULTI_LIMIT1;
|
|
public const PARAM_ISMULTI_LIMIT2 = ParamValidator::PARAM_ISMULTI_LIMIT2;
|
|
public const PARAM_MAX_BYTES = StringDef::PARAM_MAX_BYTES;
|
|
public const PARAM_MAX_CHARS = StringDef::PARAM_MAX_CHARS;
|
|
|
|
/**
|
|
* (boolean) Inverse of IntegerDef::PARAM_IGNORE_RANGE
|
|
* @deprecated since 1.35
|
|
*/
|
|
public const PARAM_RANGE_ENFORCE = 'api-param-range-enforce';
|
|
|
|
/** @} */
|
|
|
|
/**
|
|
* @name API-specific constants for ::getAllowedParams() arrays
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* (string|array|Message) Specify an alternative i18n documentation message
|
|
* for this parameter. Default is apihelp-{$path}-param-{$param}.
|
|
* @since 1.25
|
|
*/
|
|
public const PARAM_HELP_MSG = 'api-param-help-msg';
|
|
|
|
/**
|
|
* ((string|array|Message)[]) Specify additional i18n messages to append to
|
|
* the normal message for this parameter.
|
|
* @since 1.25
|
|
*/
|
|
public const PARAM_HELP_MSG_APPEND = 'api-param-help-msg-append';
|
|
|
|
/**
|
|
* (array) Specify additional information tags for the parameter. Value is
|
|
* an array of arrays, with the first member being the 'tag' for the info
|
|
* and the remaining members being the values. In the help, this is
|
|
* formatted using apihelp-{$path}-paraminfo-{$tag}, which is passed
|
|
* $1 = count, $2 = comma-joined list of values, $3 = module prefix.
|
|
* @since 1.25
|
|
*/
|
|
public const PARAM_HELP_MSG_INFO = 'api-param-help-msg-info';
|
|
|
|
/**
|
|
* Deprecated and unused.
|
|
* @since 1.25
|
|
* @deprecated since 1.35
|
|
*/
|
|
public const PARAM_VALUE_LINKS = 'api-param-value-links';
|
|
|
|
/**
|
|
* ((string|array|Message)[]) When PARAM_TYPE is an array, this is an array
|
|
* mapping those values to $msg for ApiBase::makeMessage(). Any value not
|
|
* having a mapping will use apihelp-{$path}-paramvalue-{$param}-{$value}.
|
|
* Specify an empty array to use the default message key for all values.
|
|
* @since 1.25
|
|
*/
|
|
public const PARAM_HELP_MSG_PER_VALUE = 'api-param-help-msg-per-value';
|
|
|
|
/**
|
|
* (array) Indicate that this is a templated parameter, and specify replacements. Keys are the
|
|
* placeholders in the parameter name and values are the names of (unprefixed) parameters from
|
|
* which the replacement values are taken.
|
|
*
|
|
* For example, a parameter "foo-{ns}-{title}" could be defined with
|
|
* PARAM_TEMPLATE_VARS => [ 'ns' => 'namespaces', 'title' => 'titles' ]. Then a query for
|
|
* namespaces=0|1&titles=X|Y would support parameters foo-0-X, foo-0-Y, foo-1-X, and foo-1-Y.
|
|
*
|
|
* All placeholders must be present in the parameter's name. Each target parameter must have
|
|
* PARAM_ISMULTI true. If a target is itself a templated parameter, its PARAM_TEMPLATE_VARS must
|
|
* be a subset of the referring parameter's, mapping the same placeholders to the same targets.
|
|
* A parameter cannot target itself.
|
|
*
|
|
* @since 1.32
|
|
*/
|
|
public const PARAM_TEMPLATE_VARS = 'param-template-vars';
|
|
|
|
/** @} */
|
|
|
|
public const ALL_DEFAULT_STRING = '*';
|
|
|
|
/** Fast query, standard limit. */
|
|
public const LIMIT_BIG1 = 500;
|
|
/** Fast query, apihighlimits limit. */
|
|
public const LIMIT_BIG2 = 5000;
|
|
/** Slow query, standard limit. */
|
|
public const LIMIT_SML1 = 50;
|
|
/** Slow query, apihighlimits limit. */
|
|
public const LIMIT_SML2 = 500;
|
|
|
|
/**
|
|
* getAllowedParams() flag: When set, the result could take longer to generate,
|
|
* but should be more thorough. E.g. get the list of generators for ApiSandBox extension
|
|
* @since 1.21
|
|
*/
|
|
public const GET_VALUES_FOR_HELP = 1;
|
|
|
|
/** @var array Maps extension paths to info arrays */
|
|
private static $extensionInfo = null;
|
|
|
|
/** @var stdClass[][] Cache for self::filterIDs() */
|
|
private static $filterIDsCache = [];
|
|
|
|
/** $var array Map of web UI block messages to corresponding API messages and codes */
|
|
private static $blockMsgMap = [
|
|
'blockedtext' => [ 'apierror-blocked', 'blocked' ],
|
|
'blockedtext-partial' => [ 'apierror-blocked-partial', 'blocked' ],
|
|
'autoblockedtext' => [ 'apierror-autoblocked', 'autoblocked' ],
|
|
'systemblockedtext' => [ 'apierror-systemblocked', 'blocked' ],
|
|
'blockedtext-composite' => [ 'apierror-blocked', 'blocked' ],
|
|
];
|
|
|
|
/** @var ApiMain */
|
|
private $mMainModule;
|
|
/** @var string */
|
|
private $mModuleName, $mModulePrefix;
|
|
private $mReplicaDB = null;
|
|
/**
|
|
* @var array
|
|
*/
|
|
private $mParamCache = [];
|
|
/** @var array|null|bool */
|
|
private $mModuleSource = false;
|
|
|
|
/**
|
|
* @stable to call
|
|
* @param ApiMain $mainModule
|
|
* @param string $moduleName Name of this module
|
|
* @param string $modulePrefix Prefix to use for parameter names
|
|
*/
|
|
public function __construct( ApiMain $mainModule, $moduleName, $modulePrefix = '' ) {
|
|
$this->mMainModule = $mainModule;
|
|
$this->mModuleName = $moduleName;
|
|
$this->mModulePrefix = $modulePrefix;
|
|
|
|
if ( !$this->isMain() ) {
|
|
$this->setContext( $mainModule->getContext() );
|
|
}
|
|
}
|
|
|
|
/************************************************************************//**
|
|
* @name Methods to implement
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* Evaluates the parameters, performs the requested query, and sets up
|
|
* the result. Concrete implementations of ApiBase must override this
|
|
* method to provide whatever functionality their module offers.
|
|
* Implementations must not produce any output on their own and are not
|
|
* expected to handle any errors.
|
|
*
|
|
* The execute() method will be invoked directly by ApiMain immediately
|
|
* before the result of the module is output. Aside from the
|
|
* constructor, implementations should assume that no other methods
|
|
* will be called externally on the module before the result is
|
|
* processed.
|
|
*
|
|
* The result data should be stored in the ApiResult object available
|
|
* through getResult().
|
|
*/
|
|
abstract public function execute();
|
|
|
|
/**
|
|
* Get the module manager, or null if this module has no sub-modules
|
|
* @since 1.21
|
|
* @stable to override
|
|
* @return ApiModuleManager
|
|
*/
|
|
public function getModuleManager() {
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* If the module may only be used with a certain format module,
|
|
* it should override this method to return an instance of that formatter.
|
|
* A value of null means the default format will be used.
|
|
* @note Do not use this just because you don't want to support non-json
|
|
* formats. This should be used only when there is a fundamental
|
|
* requirement for a specific format.
|
|
* @stable to override
|
|
* @return mixed Instance of a derived class of ApiFormatBase, or null
|
|
*/
|
|
public function getCustomPrinter() {
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* Returns usage examples for this module.
|
|
*
|
|
* Return value has query strings as keys, with values being either strings
|
|
* (message key), arrays (message key + parameter), or Message objects.
|
|
*
|
|
* Do not call this base class implementation when overriding this method.
|
|
*
|
|
* @since 1.25
|
|
* @stable to override
|
|
* @return array
|
|
*/
|
|
protected function getExamplesMessages() {
|
|
return [];
|
|
}
|
|
|
|
/**
|
|
* Return links to more detailed help pages about the module.
|
|
* @since 1.25, returning boolean false is deprecated
|
|
* @stable to override
|
|
* @return string|array
|
|
*/
|
|
public function getHelpUrls() {
|
|
return [];
|
|
}
|
|
|
|
/**
|
|
* Returns an array of allowed parameters (parameter name) => (default
|
|
* value) or (parameter name) => (array with PARAM_* constants as keys)
|
|
* Don't call this function directly: use getFinalParams() to allow
|
|
* hooks to modify parameters as needed.
|
|
*
|
|
* Some derived classes may choose to handle an integer $flags parameter
|
|
* in the overriding methods. Callers of this method can pass zero or
|
|
* more OR-ed flags like GET_VALUES_FOR_HELP.
|
|
*
|
|
* @stable to override
|
|
* @return array
|
|
*/
|
|
protected function getAllowedParams( /* $flags = 0 */ ) {
|
|
// int $flags is not declared because it causes "Strict standards"
|
|
// warning. Most derived classes do not implement it.
|
|
return [];
|
|
}
|
|
|
|
/**
|
|
* Indicates if this module needs maxlag to be checked
|
|
* @stable to override
|
|
* @return bool
|
|
*/
|
|
public function shouldCheckMaxlag() {
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Indicates whether this module requires read rights
|
|
* @stable to override
|
|
* @return bool
|
|
*/
|
|
public function isReadMode() {
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Indicates whether this module requires write mode
|
|
*
|
|
* This should return true for modules that may require synchronous database writes.
|
|
* Modules that do not need such writes should also not rely on master database access,
|
|
* since only read queries are needed and each master DB is a single point of failure.
|
|
* Additionally, requests that only need replica DBs can be efficiently routed to any
|
|
* datacenter via the Promise-Non-Write-API-Action header.
|
|
*
|
|
* @stable to override
|
|
* @return bool
|
|
*/
|
|
public function isWriteMode() {
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Indicates whether this module must be called with a POST request
|
|
* @stable to override
|
|
* @return bool
|
|
*/
|
|
public function mustBePosted() {
|
|
return $this->needsToken() !== false;
|
|
}
|
|
|
|
/**
|
|
* Indicates whether this module is deprecated
|
|
* @since 1.25
|
|
* @stable to override
|
|
* @return bool
|
|
*/
|
|
public function isDeprecated() {
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Indicates whether this module is "internal"
|
|
* Internal API modules are not (yet) intended for 3rd party use and may be unstable.
|
|
* @since 1.25
|
|
* @stable to override
|
|
* @return bool
|
|
*/
|
|
public function isInternal() {
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Returns the token type this module requires in order to execute.
|
|
*
|
|
* Modules are strongly encouraged to use the core 'csrf' type unless they
|
|
* have specialized security needs. If the token type is not one of the
|
|
* core types, you must use the ApiQueryTokensRegisterTypes hook to
|
|
* register it.
|
|
*
|
|
* Returning a non-falsey value here will force the addition of an
|
|
* appropriate 'token' parameter in self::getFinalParams(). Also,
|
|
* self::mustBePosted() must return true when tokens are used.
|
|
*
|
|
* In previous versions of MediaWiki, true was a valid return value.
|
|
* Returning true will generate errors indicating that the API module needs
|
|
* updating.
|
|
*
|
|
* @stable to override
|
|
* @return string|false
|
|
*/
|
|
public function needsToken() {
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Fetch the salt used in the Web UI corresponding to this module.
|
|
*
|
|
* Only override this if the Web UI uses a token with a non-constant salt.
|
|
*
|
|
* @since 1.24
|
|
* @param array $params All supplied parameters for the module
|
|
* @stable to override
|
|
* @return string|array|null
|
|
*/
|
|
protected function getWebUITokenSalt( array $params ) {
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* Returns data for HTTP conditional request mechanisms.
|
|
*
|
|
* @since 1.26
|
|
* @stable to override
|
|
* @param string $condition Condition being queried:
|
|
* - last-modified: Return a timestamp representing the maximum of the
|
|
* last-modified dates for all resources involved in the request. See
|
|
* RFC 7232 § 2.2 for semantics.
|
|
* - etag: Return an entity-tag representing the state of all resources involved
|
|
* in the request. Quotes must be included. See RFC 7232 § 2.3 for semantics.
|
|
* @return string|bool|null As described above, or null if no value is available.
|
|
*/
|
|
public function getConditionalRequestData( $condition ) {
|
|
return null;
|
|
}
|
|
|
|
/** @} */
|
|
|
|
/************************************************************************//**
|
|
* @name Data access methods
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* Get the name of the module being executed by this instance
|
|
* @return string
|
|
*/
|
|
public function getModuleName() {
|
|
return $this->mModuleName;
|
|
}
|
|
|
|
/**
|
|
* Get parameter prefix (usually two letters or an empty string).
|
|
* @return string
|
|
*/
|
|
public function getModulePrefix() {
|
|
return $this->mModulePrefix;
|
|
}
|
|
|
|
/**
|
|
* Get the main module
|
|
* @return ApiMain
|
|
*/
|
|
public function getMain() {
|
|
return $this->mMainModule;
|
|
}
|
|
|
|
/**
|
|
* Returns true if this module is the main module ($this === $this->mMainModule),
|
|
* false otherwise.
|
|
* @return bool
|
|
*/
|
|
public function isMain() {
|
|
return $this === $this->mMainModule;
|
|
}
|
|
|
|
/**
|
|
* Get the parent of this module
|
|
* @stable to override
|
|
* @since 1.25
|
|
* @return ApiBase|null
|
|
*/
|
|
public function getParent() {
|
|
return $this->isMain() ? null : $this->getMain();
|
|
}
|
|
|
|
/**
|
|
* Returns true if the current request breaks the same-origin policy.
|
|
*
|
|
* For example, json with callbacks.
|
|
*
|
|
* https://en.wikipedia.org/wiki/Same-origin_policy
|
|
*
|
|
* @since 1.25
|
|
* @return bool
|
|
*/
|
|
public function lacksSameOriginSecurity() {
|
|
// Main module has this method overridden
|
|
// Safety - avoid infinite loop:
|
|
if ( $this->isMain() ) {
|
|
self::dieDebug( __METHOD__, 'base method was called on main module.' );
|
|
}
|
|
|
|
return $this->getMain()->lacksSameOriginSecurity();
|
|
}
|
|
|
|
/**
|
|
* Get the path to this module
|
|
*
|
|
* @since 1.25
|
|
* @return string
|
|
*/
|
|
public function getModulePath() {
|
|
if ( $this->isMain() ) {
|
|
return 'main';
|
|
} elseif ( $this->getParent()->isMain() ) {
|
|
return $this->getModuleName();
|
|
} else {
|
|
return $this->getParent()->getModulePath() . '+' . $this->getModuleName();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get a module from its module path
|
|
*
|
|
* @since 1.25
|
|
* @param string $path
|
|
* @return ApiBase|null
|
|
* @throws ApiUsageException
|
|
*/
|
|
public function getModuleFromPath( $path ) {
|
|
$module = $this->getMain();
|
|
if ( $path === 'main' ) {
|
|
return $module;
|
|
}
|
|
|
|
$parts = explode( '+', $path );
|
|
if ( count( $parts ) === 1 ) {
|
|
// In case the '+' was typed into URL, it resolves as a space
|
|
$parts = explode( ' ', $path );
|
|
}
|
|
|
|
$count = count( $parts );
|
|
for ( $i = 0; $i < $count; $i++ ) {
|
|
$parent = $module;
|
|
$manager = $parent->getModuleManager();
|
|
if ( $manager === null ) {
|
|
$errorPath = implode( '+', array_slice( $parts, 0, $i ) );
|
|
$this->dieWithError( [ 'apierror-badmodule-nosubmodules', $errorPath ], 'badmodule' );
|
|
}
|
|
$module = $manager->getModule( $parts[$i] );
|
|
|
|
if ( $module === null ) {
|
|
$errorPath = $i ? implode( '+', array_slice( $parts, 0, $i ) ) : $parent->getModuleName();
|
|
$this->dieWithError(
|
|
[ 'apierror-badmodule-badsubmodule', $errorPath, wfEscapeWikiText( $parts[$i] ) ],
|
|
'badmodule'
|
|
);
|
|
}
|
|
}
|
|
|
|
return $module;
|
|
}
|
|
|
|
/**
|
|
* Get the result object
|
|
* @return ApiResult
|
|
*/
|
|
public function getResult() {
|
|
// Main module has getResult() method overridden
|
|
// Safety - avoid infinite loop:
|
|
if ( $this->isMain() ) {
|
|
self::dieDebug( __METHOD__, 'base method was called on main module. ' );
|
|
}
|
|
|
|
return $this->getMain()->getResult();
|
|
}
|
|
|
|
/**
|
|
* Get the error formatter
|
|
* @stable to override
|
|
* @return ApiErrorFormatter
|
|
*/
|
|
public function getErrorFormatter() {
|
|
// Main module has getErrorFormatter() method overridden
|
|
// Safety - avoid infinite loop:
|
|
if ( $this->isMain() ) {
|
|
self::dieDebug( __METHOD__, 'base method was called on main module. ' );
|
|
}
|
|
|
|
return $this->getMain()->getErrorFormatter();
|
|
}
|
|
|
|
/**
|
|
* Gets a default replica DB connection object
|
|
* @stable to override
|
|
* @return IDatabase
|
|
*/
|
|
protected function getDB() {
|
|
if ( !isset( $this->mReplicaDB ) ) {
|
|
$this->mReplicaDB = wfGetDB( DB_REPLICA, 'api' );
|
|
}
|
|
|
|
return $this->mReplicaDB;
|
|
}
|
|
|
|
/**
|
|
* Get the continuation manager
|
|
* @return ApiContinuationManager|null
|
|
*/
|
|
public function getContinuationManager() {
|
|
// Main module has getContinuationManager() method overridden
|
|
// Safety - avoid infinite loop:
|
|
if ( $this->isMain() ) {
|
|
self::dieDebug( __METHOD__, 'base method was called on main module. ' );
|
|
}
|
|
|
|
return $this->getMain()->getContinuationManager();
|
|
}
|
|
|
|
/**
|
|
* Set the continuation manager
|
|
* @param ApiContinuationManager|null $manager
|
|
*/
|
|
public function setContinuationManager( ApiContinuationManager $manager = null ) {
|
|
// Main module has setContinuationManager() method overridden
|
|
// Safety - avoid infinite loop:
|
|
if ( $this->isMain() ) {
|
|
self::dieDebug( __METHOD__, 'base method was called on main module. ' );
|
|
}
|
|
|
|
$this->getMain()->setContinuationManager( $manager );
|
|
}
|
|
|
|
/**
|
|
* Obtain a PermissionManager instance that subclasses may use in their authorization checks.
|
|
*
|
|
* @since 1.34
|
|
* @return PermissionManager
|
|
*/
|
|
protected function getPermissionManager(): PermissionManager {
|
|
return MediaWikiServices::getInstance()->getPermissionManager();
|
|
}
|
|
|
|
/**
|
|
* Get a HookContainer, for running extension hooks or for hook metadata.
|
|
*
|
|
* @since 1.35
|
|
* @return HookContainer
|
|
*/
|
|
protected function getHookContainer() {
|
|
if ( !$this->hookContainer ) {
|
|
$this->hookContainer = MediaWikiServices::getInstance()->getHookContainer();
|
|
}
|
|
return $this->hookContainer;
|
|
}
|
|
|
|
/**
|
|
* Get an ApiHookRunner for running core API hooks.
|
|
*
|
|
* @internal This is for use by core only. Hook interfaces may be removed
|
|
* without notice.
|
|
* @since 1.35
|
|
* @return ApiHookRunner
|
|
*/
|
|
protected function getHookRunner() {
|
|
if ( !$this->hookRunner ) {
|
|
$this->hookRunner = new ApiHookRunner( $this->getHookContainer() );
|
|
}
|
|
return $this->hookRunner;
|
|
}
|
|
|
|
/** @} */
|
|
|
|
/************************************************************************//**
|
|
* @name Parameter handling
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* Indicate if the module supports dynamically-determined parameters that
|
|
* cannot be included in self::getAllowedParams().
|
|
* @stable to override
|
|
* @return string|array|Message|null Return null if the module does not
|
|
* support additional dynamic parameters, otherwise return a message
|
|
* describing them.
|
|
*/
|
|
public function dynamicParameterDocumentation() {
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* This method mangles parameter name based on the prefix supplied to the constructor.
|
|
* Override this method to change parameter name during runtime
|
|
* @param string|string[] $paramName Parameter name
|
|
* @return string|string[] Prefixed parameter name
|
|
* @since 1.29 accepts an array of strings
|
|
*/
|
|
public function encodeParamName( $paramName ) {
|
|
if ( is_array( $paramName ) ) {
|
|
return array_map( function ( $name ) {
|
|
return $this->mModulePrefix . $name;
|
|
}, $paramName );
|
|
} else {
|
|
return $this->mModulePrefix . $paramName;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Using getAllowedParams(), this function makes an array of the values
|
|
* provided by the user, with key being the name of the variable, and
|
|
* value - validated value from user or default. limits will not be
|
|
* parsed if $parseLimit is set to false; use this when the max
|
|
* limit is not definitive yet, e.g. when getting revisions.
|
|
* @param bool|array $options If a boolean, uses that as the value for 'parseLimit'
|
|
* - parseLimit: (bool, default true) Whether to parse the 'max' value for limit types
|
|
* - safeMode: (bool, default false) If true, avoid throwing for parameter validation errors.
|
|
* Returned parameter values might be ApiUsageException instances.
|
|
* @return array
|
|
*/
|
|
public function extractRequestParams( $options = [] ) {
|
|
if ( is_bool( $options ) ) {
|
|
$options = [ 'parseLimit' => $options ];
|
|
}
|
|
$options += [
|
|
'parseLimit' => true,
|
|
'safeMode' => false,
|
|
];
|
|
|
|
$parseLimit = (bool)$options['parseLimit'];
|
|
$cacheKey = (int)$parseLimit;
|
|
|
|
// Cache parameters, for performance and to avoid T26564.
|
|
if ( !isset( $this->mParamCache[$cacheKey] ) ) {
|
|
$params = $this->getFinalParams() ?: [];
|
|
$results = [];
|
|
$warned = [];
|
|
|
|
// Process all non-templates and save templates for secondary
|
|
// processing.
|
|
$toProcess = [];
|
|
foreach ( $params as $paramName => $paramSettings ) {
|
|
if ( isset( $paramSettings[self::PARAM_TEMPLATE_VARS] ) ) {
|
|
$toProcess[] = [ $paramName, $paramSettings[self::PARAM_TEMPLATE_VARS], $paramSettings ];
|
|
} else {
|
|
try {
|
|
$results[$paramName] = $this->getParameterFromSettings(
|
|
$paramName, $paramSettings, $parseLimit
|
|
);
|
|
} catch ( ApiUsageException $ex ) {
|
|
$results[$paramName] = $ex;
|
|
}
|
|
}
|
|
}
|
|
|
|
// Now process all the templates by successively replacing the
|
|
// placeholders with all client-supplied values.
|
|
// This bit duplicates JavaScript logic in
|
|
// ApiSandbox.PageLayout.prototype.updateTemplatedParams().
|
|
// If you update this, see if that needs updating too.
|
|
while ( $toProcess ) {
|
|
list( $name, $targets, $settings ) = array_shift( $toProcess );
|
|
|
|
foreach ( $targets as $placeholder => $target ) {
|
|
if ( !array_key_exists( $target, $results ) ) {
|
|
// The target wasn't processed yet, try the next one.
|
|
// If all hit this case, the parameter has no expansions.
|
|
continue;
|
|
}
|
|
if ( !is_array( $results[$target] ) || !$results[$target] ) {
|
|
// The target was processed but has no (valid) values.
|
|
// That means it has no expansions.
|
|
break;
|
|
}
|
|
|
|
// Expand this target in the name and all other targets,
|
|
// then requeue if there are more targets left or put in
|
|
// $results if all are done.
|
|
unset( $targets[$placeholder] );
|
|
$placeholder = '{' . $placeholder . '}';
|
|
// @phan-suppress-next-line PhanTypeNoAccessiblePropertiesForeach
|
|
foreach ( $results[$target] as $value ) {
|
|
if ( !preg_match( '/^[^{}]*$/', $value ) ) {
|
|
// Skip values that make invalid parameter names.
|
|
$encTargetName = $this->encodeParamName( $target );
|
|
if ( !isset( $warned[$encTargetName][$value] ) ) {
|
|
$warned[$encTargetName][$value] = true;
|
|
$this->addWarning( [
|
|
'apiwarn-ignoring-invalid-templated-value',
|
|
wfEscapeWikiText( $encTargetName ),
|
|
wfEscapeWikiText( $value ),
|
|
] );
|
|
}
|
|
continue;
|
|
}
|
|
|
|
$newName = str_replace( $placeholder, $value, $name );
|
|
if ( !$targets ) {
|
|
try {
|
|
$results[$newName] = $this->getParameterFromSettings(
|
|
$newName,
|
|
$settings,
|
|
$parseLimit
|
|
);
|
|
} catch ( ApiUsageException $ex ) {
|
|
$results[$newName] = $ex;
|
|
}
|
|
} else {
|
|
$newTargets = [];
|
|
foreach ( $targets as $k => $v ) {
|
|
$newTargets[$k] = str_replace( $placeholder, $value, $v );
|
|
}
|
|
$toProcess[] = [ $newName, $newTargets, $settings ];
|
|
}
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
|
|
$this->mParamCache[$cacheKey] = $results;
|
|
}
|
|
|
|
$ret = $this->mParamCache[$cacheKey];
|
|
if ( !$options['safeMode'] ) {
|
|
foreach ( $ret as $v ) {
|
|
if ( $v instanceof ApiUsageException ) {
|
|
throw $v;
|
|
}
|
|
}
|
|
}
|
|
|
|
return $this->mParamCache[$cacheKey];
|
|
}
|
|
|
|
/**
|
|
* Get a value for the given parameter
|
|
* @param string $paramName Parameter name
|
|
* @param bool $parseLimit See extractRequestParams()
|
|
* @return mixed Parameter value
|
|
*/
|
|
protected function getParameter( $paramName, $parseLimit = true ) {
|
|
$ret = $this->extractRequestParams( [
|
|
'parseLimit' => $parseLimit,
|
|
'safeMode' => true,
|
|
] )[$paramName];
|
|
if ( $ret instanceof ApiUsageException ) {
|
|
throw $ret;
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
/**
|
|
* Die if none or more than one of a certain set of parameters is set and not false.
|
|
*
|
|
* @param array $params User provided set of parameters, as from $this->extractRequestParams()
|
|
* @param string ...$required Names of parameters of which exactly one must be set
|
|
*/
|
|
public function requireOnlyOneParameter( $params, ...$required ) {
|
|
$intersection = array_intersect( array_keys( array_filter( $params,
|
|
[ $this, 'parameterNotEmpty' ] ) ), $required );
|
|
|
|
if ( count( $intersection ) > 1 ) {
|
|
$this->dieWithError( [
|
|
'apierror-invalidparammix',
|
|
Message::listParam( array_map(
|
|
function ( $p ) {
|
|
return '<var>' . $this->encodeParamName( $p ) . '</var>';
|
|
},
|
|
array_values( $intersection )
|
|
) ),
|
|
count( $intersection ),
|
|
] );
|
|
} elseif ( count( $intersection ) == 0 ) {
|
|
$this->dieWithError( [
|
|
'apierror-missingparam-one-of',
|
|
Message::listParam( array_map(
|
|
function ( $p ) {
|
|
return '<var>' . $this->encodeParamName( $p ) . '</var>';
|
|
},
|
|
$required
|
|
) ),
|
|
count( $required ),
|
|
], 'missingparam' );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Die if more than one of a certain set of parameters is set and not false.
|
|
*
|
|
* @param array $params User provided set of parameters, as from $this->extractRequestParams()
|
|
* @param string ...$required Names of parameters of which at most one must be set
|
|
*/
|
|
public function requireMaxOneParameter( $params, ...$required ) {
|
|
$intersection = array_intersect( array_keys( array_filter( $params,
|
|
[ $this, 'parameterNotEmpty' ] ) ), $required );
|
|
|
|
if ( count( $intersection ) > 1 ) {
|
|
$this->dieWithError( [
|
|
'apierror-invalidparammix',
|
|
Message::listParam( array_map(
|
|
function ( $p ) {
|
|
return '<var>' . $this->encodeParamName( $p ) . '</var>';
|
|
},
|
|
array_values( $intersection )
|
|
) ),
|
|
count( $intersection ),
|
|
] );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Die if none of a certain set of parameters is set and not false.
|
|
*
|
|
* @since 1.23
|
|
* @param array $params User provided set of parameters, as from $this->extractRequestParams()
|
|
* @param string ...$required Names of parameters of which at least one must be set
|
|
*/
|
|
public function requireAtLeastOneParameter( $params, ...$required ) {
|
|
$intersection = array_intersect(
|
|
array_keys( array_filter( $params, [ $this, 'parameterNotEmpty' ] ) ),
|
|
$required
|
|
);
|
|
|
|
if ( count( $intersection ) == 0 ) {
|
|
$this->dieWithError( [
|
|
'apierror-missingparam-at-least-one-of',
|
|
Message::listParam( array_map(
|
|
function ( $p ) {
|
|
return '<var>' . $this->encodeParamName( $p ) . '</var>';
|
|
},
|
|
$required
|
|
) ),
|
|
count( $required ),
|
|
], 'missingparam' );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Die if any of the specified parameters were found in the query part of
|
|
* the URL rather than the post body.
|
|
* @since 1.28
|
|
* @param string[] $params Parameters to check
|
|
* @param string $prefix Set to 'noprefix' to skip calling $this->encodeParamName()
|
|
*/
|
|
public function requirePostedParameters( $params, $prefix = 'prefix' ) {
|
|
// Skip if $wgDebugAPI is set or we're in internal mode
|
|
if ( $this->getConfig()->get( 'DebugAPI' ) || $this->getMain()->isInternalMode() ) {
|
|
return;
|
|
}
|
|
|
|
$queryValues = $this->getRequest()->getQueryValuesOnly();
|
|
$badParams = [];
|
|
foreach ( $params as $param ) {
|
|
if ( $prefix !== 'noprefix' ) {
|
|
$param = $this->encodeParamName( $param );
|
|
}
|
|
if ( array_key_exists( $param, $queryValues ) ) {
|
|
$badParams[] = $param;
|
|
}
|
|
}
|
|
|
|
if ( $badParams ) {
|
|
$this->dieWithError(
|
|
[ 'apierror-mustpostparams', implode( ', ', $badParams ), count( $badParams ) ]
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Callback function used in requireOnlyOneParameter to check whether required parameters are set
|
|
*
|
|
* @param object $x Parameter to check is not null/false
|
|
* @return bool
|
|
*/
|
|
private function parameterNotEmpty( $x ) {
|
|
return $x !== null && $x !== false;
|
|
}
|
|
|
|
/**
|
|
* Get a WikiPage object from a title or pageid param, if possible.
|
|
* Can die, if no param is set or if the title or page id is not valid.
|
|
*
|
|
* @param array $params User provided set of parameters, as from $this->extractRequestParams()
|
|
* @param bool|string $load Whether load the object's state from the database:
|
|
* - false: don't load (if the pageid is given, it will still be loaded)
|
|
* - 'fromdb': load from a replica DB
|
|
* - 'fromdbmaster': load from the master database
|
|
* @return WikiPage
|
|
*/
|
|
public function getTitleOrPageId( $params, $load = false ) {
|
|
$this->requireOnlyOneParameter( $params, 'title', 'pageid' );
|
|
|
|
$pageObj = null;
|
|
if ( isset( $params['title'] ) ) {
|
|
$titleObj = Title::newFromText( $params['title'] );
|
|
if ( !$titleObj || $titleObj->isExternal() ) {
|
|
$this->dieWithError( [ 'apierror-invalidtitle', wfEscapeWikiText( $params['title'] ) ] );
|
|
}
|
|
if ( !$titleObj->canExist() ) {
|
|
$this->dieWithError( 'apierror-pagecannotexist' );
|
|
}
|
|
$pageObj = WikiPage::factory( $titleObj );
|
|
if ( $load !== false ) {
|
|
$pageObj->loadPageData( $load );
|
|
}
|
|
} elseif ( isset( $params['pageid'] ) ) {
|
|
if ( $load === false ) {
|
|
$load = 'fromdb';
|
|
}
|
|
$pageObj = WikiPage::newFromID( $params['pageid'], $load );
|
|
if ( !$pageObj ) {
|
|
$this->dieWithError( [ 'apierror-nosuchpageid', $params['pageid'] ] );
|
|
}
|
|
}
|
|
|
|
return $pageObj;
|
|
}
|
|
|
|
/**
|
|
* Get a Title object from a title or pageid param, if possible.
|
|
* Can die, if no param is set or if the title or page id is not valid.
|
|
*
|
|
* @since 1.29
|
|
* @param array $params User provided set of parameters, as from $this->extractRequestParams()
|
|
* @return Title
|
|
*/
|
|
public function getTitleFromTitleOrPageId( $params ) {
|
|
$this->requireOnlyOneParameter( $params, 'title', 'pageid' );
|
|
|
|
$titleObj = null;
|
|
if ( isset( $params['title'] ) ) {
|
|
$titleObj = Title::newFromText( $params['title'] );
|
|
if ( !$titleObj || $titleObj->isExternal() ) {
|
|
$this->dieWithError( [ 'apierror-invalidtitle', wfEscapeWikiText( $params['title'] ) ] );
|
|
}
|
|
return $titleObj;
|
|
} elseif ( isset( $params['pageid'] ) ) {
|
|
$titleObj = Title::newFromID( $params['pageid'] );
|
|
if ( !$titleObj ) {
|
|
$this->dieWithError( [ 'apierror-nosuchpageid', $params['pageid'] ] );
|
|
}
|
|
}
|
|
|
|
return $titleObj;
|
|
}
|
|
|
|
/**
|
|
* Using the settings determine the value for the given parameter
|
|
*
|
|
* @param string $name Parameter name
|
|
* @param array|mixed $settings Default value or an array of settings
|
|
* using PARAM_* constants.
|
|
* @param bool $parseLimit Whether to parse and validate 'limit' parameters
|
|
* @return mixed Parameter value
|
|
*/
|
|
protected function getParameterFromSettings( $name, $settings, $parseLimit ) {
|
|
$validator = $this->getMain()->getParamValidator();
|
|
$value = $validator->getValue( $this, $name, $settings, [
|
|
'parse-limit' => $parseLimit,
|
|
] );
|
|
|
|
// @todo Deprecate and remove this, if possible.
|
|
if ( $parseLimit && isset( $settings[ParamValidator::PARAM_TYPE] ) &&
|
|
$settings[ParamValidator::PARAM_TYPE] === 'limit' &&
|
|
$this->getMain()->getVal( $this->encodeParamName( $name ) ) === 'max'
|
|
) {
|
|
$this->getResult()->addParsedLimit( $this->getModuleName(), $value );
|
|
}
|
|
|
|
return $value;
|
|
}
|
|
|
|
/**
|
|
* Handle when a parameter was Unicode-normalized
|
|
* @since 1.28
|
|
* @since 1.35 $paramName is prefixed
|
|
* @internal For overriding by subclasses and use by ApiParamValidatorCallbacks only.
|
|
* @param string $paramName Prefixed parameter name
|
|
* @param string $value Input that will be used.
|
|
* @param string $rawValue Input before normalization.
|
|
*/
|
|
public function handleParamNormalization( $paramName, $value, $rawValue ) {
|
|
$this->addWarning( [ 'apiwarn-badutf8', $paramName ] );
|
|
}
|
|
|
|
/**
|
|
* Validate the supplied token.
|
|
*
|
|
* @since 1.24
|
|
* @param string $token Supplied token
|
|
* @param array $params All supplied parameters for the module
|
|
* @return bool
|
|
* @throws MWException
|
|
*/
|
|
final public function validateToken( $token, array $params ) {
|
|
$tokenType = $this->needsToken();
|
|
$salts = ApiQueryTokens::getTokenTypeSalts();
|
|
if ( !isset( $salts[$tokenType] ) ) {
|
|
throw new MWException(
|
|
"Module '{$this->getModuleName()}' tried to use token type '$tokenType' " .
|
|
'without registering it'
|
|
);
|
|
}
|
|
|
|
$tokenObj = ApiQueryTokens::getToken(
|
|
$this->getUser(), $this->getRequest()->getSession(), $salts[$tokenType]
|
|
);
|
|
if ( $tokenObj->match( $token ) ) {
|
|
return true;
|
|
}
|
|
|
|
$webUiSalt = $this->getWebUITokenSalt( $params );
|
|
if ( $webUiSalt !== null && $this->getUser()->matchEditToken(
|
|
$token,
|
|
$webUiSalt,
|
|
$this->getRequest()
|
|
) ) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/** @} */
|
|
|
|
/************************************************************************//**
|
|
* @name Utility methods
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* Gets the user for whom to get the watchlist
|
|
*
|
|
* @param array $params
|
|
* @return User
|
|
*/
|
|
public function getWatchlistUser( $params ) {
|
|
if ( $params['owner'] !== null && $params['token'] !== null ) {
|
|
$user = User::newFromName( $params['owner'], false );
|
|
if ( !( $user && $user->getId() ) ) {
|
|
$this->dieWithError(
|
|
[ 'nosuchusershort', wfEscapeWikiText( $params['owner'] ) ], 'bad_wlowner'
|
|
);
|
|
}
|
|
$token = $user->getOption( 'watchlisttoken' );
|
|
if ( $token == '' || !hash_equals( $token, $params['token'] ) ) {
|
|
$this->dieWithError( 'apierror-bad-watchlist-token', 'bad_wltoken' );
|
|
}
|
|
} else {
|
|
if ( !$this->getUser()->isLoggedIn() ) {
|
|
$this->dieWithError( 'watchlistanontext', 'notloggedin' );
|
|
}
|
|
$this->checkUserRightsAny( 'viewmywatchlist' );
|
|
$user = $this->getUser();
|
|
}
|
|
|
|
return $user;
|
|
}
|
|
|
|
/**
|
|
* Create a Message from a string or array
|
|
*
|
|
* A string is used as a message key. An array has the message key as the
|
|
* first value and message parameters as subsequent values.
|
|
*
|
|
* @since 1.25
|
|
* @param string|array|Message $msg
|
|
* @param IContextSource $context
|
|
* @param array|null $params
|
|
* @return Message|null
|
|
*/
|
|
public static function makeMessage( $msg, IContextSource $context, array $params = null ) {
|
|
if ( is_string( $msg ) ) {
|
|
$msg = wfMessage( $msg );
|
|
} elseif ( is_array( $msg ) ) {
|
|
$msg = wfMessage( ...$msg );
|
|
}
|
|
if ( !$msg instanceof Message ) {
|
|
return null;
|
|
}
|
|
|
|
$msg->setContext( $context );
|
|
if ( $params ) {
|
|
$msg->params( $params );
|
|
}
|
|
|
|
return $msg;
|
|
}
|
|
|
|
/**
|
|
* Turn an array of message keys or key+param arrays into a Status
|
|
* @since 1.29
|
|
* @param array $errors
|
|
* @param User|null $user
|
|
* @return Status
|
|
*/
|
|
public function errorArrayToStatus( array $errors, User $user = null ) {
|
|
if ( $user === null ) {
|
|
$user = $this->getUser();
|
|
}
|
|
|
|
$status = Status::newGood();
|
|
foreach ( $errors as $error ) {
|
|
if ( !is_array( $error ) ) {
|
|
$error = [ $error ];
|
|
}
|
|
if ( is_string( $error[0] ) && isset( self::$blockMsgMap[$error[0]] ) && $user->getBlock() ) {
|
|
list( $msg, $code ) = self::$blockMsgMap[$error[0]];
|
|
$status->fatal( ApiMessage::create( $msg, $code,
|
|
[ 'blockinfo' => $this->getBlockDetails( $user->getBlock() ) ]
|
|
) );
|
|
} else {
|
|
$status->fatal( ...$error );
|
|
}
|
|
}
|
|
return $status;
|
|
}
|
|
|
|
/**
|
|
* Add block info to block messages in a Status
|
|
* @since 1.33
|
|
* @param StatusValue $status
|
|
* @param User|null $user
|
|
*/
|
|
public function addBlockInfoToStatus( StatusValue $status, User $user = null ) {
|
|
if ( $user === null ) {
|
|
$user = $this->getUser();
|
|
}
|
|
|
|
foreach ( self::$blockMsgMap as $msg => list( $apiMsg, $code ) ) {
|
|
if ( $status->hasMessage( $msg ) && $user->getBlock() ) {
|
|
$status->replaceMessage( $msg, ApiMessage::create( $apiMsg, $code,
|
|
[ 'blockinfo' => $this->getBlockDetails( $user->getBlock() ) ]
|
|
) );
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Call wfTransactionalTimeLimit() if this request was POSTed
|
|
* @since 1.26
|
|
*/
|
|
protected function useTransactionalTimeLimit() {
|
|
if ( $this->getRequest()->wasPosted() ) {
|
|
wfTransactionalTimeLimit();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Filter out-of-range values from a list of positive integer IDs
|
|
* @since 1.33
|
|
* @param array $fields Array of pairs of table and field to check
|
|
* @param (string|int)[] $ids IDs to filter. Strings in the array are
|
|
* expected to be stringified ints.
|
|
* @return (string|int)[] Filtered IDs.
|
|
*/
|
|
protected function filterIDs( $fields, array $ids ) {
|
|
$min = INF;
|
|
$max = 0;
|
|
foreach ( $fields as list( $table, $field ) ) {
|
|
if ( isset( self::$filterIDsCache[$table][$field] ) ) {
|
|
$row = self::$filterIDsCache[$table][$field];
|
|
} else {
|
|
$row = $this->getDB()->selectRow(
|
|
$table,
|
|
[
|
|
'min_id' => "MIN($field)",
|
|
'max_id' => "MAX($field)",
|
|
],
|
|
'',
|
|
__METHOD__
|
|
);
|
|
self::$filterIDsCache[$table][$field] = $row;
|
|
}
|
|
$min = min( $min, $row->min_id );
|
|
$max = max( $max, $row->max_id );
|
|
}
|
|
return array_filter( $ids, function ( $id ) use ( $min, $max ) {
|
|
return ( is_int( $id ) && $id >= 0 || ctype_digit( $id ) )
|
|
&& $id >= $min && $id <= $max;
|
|
} );
|
|
}
|
|
|
|
/** @} */
|
|
|
|
/************************************************************************//**
|
|
* @name Warning and error reporting
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* Add a warning for this module.
|
|
*
|
|
* Users should monitor this section to notice any changes in API. Multiple
|
|
* calls to this function will result in multiple warning messages.
|
|
*
|
|
* If $msg is not an ApiMessage, the message code will be derived from the
|
|
* message key by stripping any "apiwarn-" or "apierror-" prefix.
|
|
*
|
|
* @since 1.29
|
|
* @param string|array|Message $msg See ApiErrorFormatter::addWarning()
|
|
* @param string|null $code See ApiErrorFormatter::addWarning()
|
|
* @param array|null $data See ApiErrorFormatter::addWarning()
|
|
*/
|
|
public function addWarning( $msg, $code = null, $data = null ) {
|
|
$this->getErrorFormatter()->addWarning( $this->getModulePath(), $msg, $code, $data );
|
|
}
|
|
|
|
/**
|
|
* Add a deprecation warning for this module.
|
|
*
|
|
* A combination of $this->addWarning() and $this->logFeatureUsage()
|
|
*
|
|
* @since 1.29
|
|
* @param string|array|Message $msg See ApiErrorFormatter::addWarning()
|
|
* @param string|null $feature See ApiBase::logFeatureUsage()
|
|
* @param array|null $data See ApiErrorFormatter::addWarning()
|
|
*/
|
|
public function addDeprecation( $msg, $feature, $data = [] ) {
|
|
$data = (array)$data;
|
|
if ( $feature !== null ) {
|
|
$data['feature'] = $feature;
|
|
$this->logFeatureUsage( $feature );
|
|
}
|
|
$this->addWarning( $msg, 'deprecation', $data );
|
|
|
|
// No real need to deduplicate here, ApiErrorFormatter does that for
|
|
// us (assuming the hook is deterministic).
|
|
$msgs = [ $this->msg( 'api-usage-mailinglist-ref' ) ];
|
|
$this->getHookRunner()->onApiDeprecationHelp( $msgs );
|
|
if ( count( $msgs ) > 1 ) {
|
|
$key = '$' . implode( ' $', range( 1, count( $msgs ) ) );
|
|
$msg = ( new RawMessage( $key ) )->params( $msgs );
|
|
} else {
|
|
$msg = reset( $msgs );
|
|
}
|
|
$this->getMain()->addWarning( $msg, 'deprecation-help' );
|
|
}
|
|
|
|
/**
|
|
* Add an error for this module without aborting
|
|
*
|
|
* If $msg is not an ApiMessage, the message code will be derived from the
|
|
* message key by stripping any "apiwarn-" or "apierror-" prefix.
|
|
*
|
|
* @note If you want to abort processing, use self::dieWithError() instead.
|
|
* @since 1.29
|
|
* @param string|array|Message $msg See ApiErrorFormatter::addError()
|
|
* @param string|null $code See ApiErrorFormatter::addError()
|
|
* @param array|null $data See ApiErrorFormatter::addError()
|
|
*/
|
|
public function addError( $msg, $code = null, $data = null ) {
|
|
$this->getErrorFormatter()->addError( $this->getModulePath(), $msg, $code, $data );
|
|
}
|
|
|
|
/**
|
|
* Add warnings and/or errors from a Status
|
|
*
|
|
* @note If you want to abort processing, use self::dieStatus() instead.
|
|
* @since 1.29
|
|
* @param StatusValue $status
|
|
* @param string[] $types 'warning' and/or 'error'
|
|
* @param string[] $filter Message keys to filter out (since 1.33)
|
|
*/
|
|
public function addMessagesFromStatus(
|
|
StatusValue $status, $types = [ 'warning', 'error' ], array $filter = []
|
|
) {
|
|
$this->getErrorFormatter()->addMessagesFromStatus(
|
|
$this->getModulePath(), $status, $types, $filter
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Abort execution with an error
|
|
*
|
|
* If $msg is not an ApiMessage, the message code will be derived from the
|
|
* message key by stripping any "apiwarn-" or "apierror-" prefix.
|
|
*
|
|
* @since 1.29
|
|
* @param string|array|Message $msg See ApiErrorFormatter::addError()
|
|
* @param string|null $code See ApiErrorFormatter::addError()
|
|
* @param array|null $data See ApiErrorFormatter::addError()
|
|
* @param int|null $httpCode HTTP error code to use
|
|
* @throws ApiUsageException always
|
|
*/
|
|
public function dieWithError( $msg, $code = null, $data = null, $httpCode = null ) {
|
|
throw ApiUsageException::newWithMessage( $this, $msg, $code, $data, $httpCode );
|
|
}
|
|
|
|
/**
|
|
* Abort execution with an error derived from a throwable
|
|
*
|
|
* @since 1.29
|
|
* @param Throwable $exception See ApiErrorFormatter::getMessageFromException()
|
|
* @param array $options See ApiErrorFormatter::getMessageFromException()
|
|
* @throws ApiUsageException always
|
|
*/
|
|
public function dieWithException( Throwable $exception, array $options = [] ) {
|
|
$this->dieWithError(
|
|
// @phan-suppress-next-line PhanTypeMismatchArgument
|
|
$this->getErrorFormatter()->getMessageFromException( $exception, $options )
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Throw an ApiUsageException, which will (if uncaught) call the main module's
|
|
* error handler and die with an error message including block info.
|
|
*
|
|
* @since 1.27
|
|
* @param AbstractBlock $block The block used to generate the ApiUsageException
|
|
* @throws ApiUsageException always
|
|
*/
|
|
public function dieBlocked( AbstractBlock $block ) {
|
|
// Die using the appropriate message depending on block type
|
|
if ( $block->getType() == DatabaseBlock::TYPE_AUTO ) {
|
|
$this->dieWithError(
|
|
'apierror-autoblocked',
|
|
'autoblocked',
|
|
[ 'blockinfo' => $this->getBlockDetails( $block ) ]
|
|
);
|
|
} elseif ( !$block->isSitewide() ) {
|
|
$this->dieWithError(
|
|
'apierror-blocked-partial',
|
|
'blocked',
|
|
[ 'blockinfo' => $this->getBlockDetails( $block ) ]
|
|
);
|
|
} else {
|
|
$this->dieWithError(
|
|
'apierror-blocked',
|
|
'blocked',
|
|
[ 'blockinfo' => $this->getBlockDetails( $block ) ]
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Throw an ApiUsageException based on the Status object.
|
|
*
|
|
* @since 1.22
|
|
* @since 1.29 Accepts a StatusValue
|
|
* @param StatusValue $status
|
|
* @throws ApiUsageException always
|
|
*/
|
|
public function dieStatus( StatusValue $status ) {
|
|
if ( $status->isGood() ) {
|
|
throw new MWException( 'Successful status passed to ApiBase::dieStatus' );
|
|
}
|
|
|
|
// ApiUsageException needs a fatal status, but this method has
|
|
// historically accepted any non-good status. Convert it if necessary.
|
|
$status->setOK( false );
|
|
if ( !$status->getErrorsByType( 'error' ) ) {
|
|
$newStatus = Status::newGood();
|
|
foreach ( $status->getErrorsByType( 'warning' ) as $err ) {
|
|
$newStatus->fatal( $err['message'], ...$err['params'] );
|
|
}
|
|
if ( !$newStatus->getErrorsByType( 'error' ) ) {
|
|
$newStatus->fatal( 'unknownerror-nocode' );
|
|
}
|
|
$status = $newStatus;
|
|
}
|
|
|
|
$this->addBlockInfoToStatus( $status );
|
|
throw new ApiUsageException( $this, $status );
|
|
}
|
|
|
|
/**
|
|
* Helper function for readonly errors
|
|
*
|
|
* @throws ApiUsageException always
|
|
*/
|
|
public function dieReadOnly() {
|
|
$this->dieWithError(
|
|
'apierror-readonly',
|
|
'readonly',
|
|
[ 'readonlyreason' => wfReadOnlyReason() ]
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Helper function for permission-denied errors
|
|
* @since 1.29
|
|
* @param string|string[] $rights
|
|
* @param User|null $user
|
|
* @throws ApiUsageException if the user doesn't have any of the rights.
|
|
* The error message is based on $rights[0].
|
|
*/
|
|
public function checkUserRightsAny( $rights, $user = null ) {
|
|
if ( !$user ) {
|
|
$user = $this->getUser();
|
|
}
|
|
$rights = (array)$rights;
|
|
if ( !$this->getPermissionManager()
|
|
->userHasAnyRight( $user, ...$rights )
|
|
) {
|
|
$this->dieWithError( [ 'apierror-permissiondenied', $this->msg( "action-{$rights[0]}" ) ] );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Helper function for permission-denied errors
|
|
*
|
|
* @param LinkTarget $linkTarget
|
|
* @param string|string[] $actions
|
|
* @param array $options Additional options
|
|
* - user: (User) User to use rather than $this->getUser()
|
|
* - autoblock: (bool, default false) Whether to spread autoblocks
|
|
* @throws ApiUsageException if the user doesn't have all of the rights.
|
|
*
|
|
* @since 1.29
|
|
* @since 1.33 Changed the third parameter from $user to $options.
|
|
*/
|
|
public function checkTitleUserPermissions(
|
|
LinkTarget $linkTarget,
|
|
$actions,
|
|
array $options = []
|
|
) {
|
|
$user = $options['user'] ?? $this->getUser();
|
|
|
|
$errors = [];
|
|
foreach ( (array)$actions as $action ) {
|
|
$errors = array_merge(
|
|
$errors,
|
|
$this->getPermissionManager()->getPermissionErrors( $action, $user, $linkTarget )
|
|
);
|
|
}
|
|
|
|
if ( $errors ) {
|
|
if ( !empty( $options['autoblock'] ) ) {
|
|
$user->spreadAnyEditBlock();
|
|
}
|
|
|
|
$this->dieStatus( $this->errorArrayToStatus( $errors, $user ) );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Will only set a warning instead of failing if the global $wgDebugAPI
|
|
* is set to true. Otherwise behaves exactly as self::dieWithError().
|
|
*
|
|
* @since 1.29
|
|
* @param string|array|Message $msg
|
|
* @param string|null $code
|
|
* @param array|null $data
|
|
* @param int|null $httpCode
|
|
* @throws ApiUsageException
|
|
*/
|
|
public function dieWithErrorOrDebug( $msg, $code = null, $data = null, $httpCode = null ) {
|
|
if ( $this->getConfig()->get( 'DebugAPI' ) !== true ) {
|
|
$this->dieWithError( $msg, $code, $data, $httpCode );
|
|
} else {
|
|
$this->addWarning( $msg, $code, $data );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Die with the 'badcontinue' error.
|
|
*
|
|
* This call is common enough to make it into the base method.
|
|
*
|
|
* @param bool $condition Will only die if this value is true
|
|
* @throws ApiUsageException
|
|
* @since 1.21
|
|
* @phan-assert-false-condition $condition
|
|
*/
|
|
protected function dieContinueUsageIf( $condition ) {
|
|
if ( $condition ) {
|
|
$this->dieWithError( 'apierror-badcontinue' );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Internal code errors should be reported with this method
|
|
* @param string $method Method or function name
|
|
* @param string $message Error message
|
|
* @throws MWException always
|
|
*/
|
|
protected static function dieDebug( $method, $message ) {
|
|
throw new MWException( "Internal error in $method: $message" );
|
|
}
|
|
|
|
/**
|
|
* Write logging information for API features to a debug log, for usage
|
|
* analysis.
|
|
* @note Consider using $this->addDeprecation() instead to both warn and log.
|
|
* @param string $feature Feature being used.
|
|
*/
|
|
public function logFeatureUsage( $feature ) {
|
|
static $loggedFeatures = [];
|
|
|
|
// Only log each feature once per request. We can get multiple calls from calls to
|
|
// extractRequestParams() with different values for 'parseLimit', for example.
|
|
if ( isset( $loggedFeatures[$feature] ) ) {
|
|
return;
|
|
}
|
|
$loggedFeatures[$feature] = true;
|
|
|
|
$request = $this->getRequest();
|
|
$ctx = [
|
|
'feature' => $feature,
|
|
// Spaces to underscores in 'username' for historical reasons.
|
|
'username' => str_replace( ' ', '_', $this->getUser()->getName() ),
|
|
'clientip' => $request->getIP(),
|
|
'referer' => (string)$request->getHeader( 'Referer' ),
|
|
'agent' => $this->getMain()->getUserAgent(),
|
|
];
|
|
|
|
// Text string is deprecated. Remove (or replace with just $feature) in MW 1.34.
|
|
$s = '"' . addslashes( $ctx['feature'] ) . '"' .
|
|
' "' . wfUrlencode( $ctx['username'] ) . '"' .
|
|
' "' . $ctx['clientip'] . '"' .
|
|
' "' . addslashes( $ctx['referer'] ) . '"' .
|
|
' "' . addslashes( $ctx['agent'] ) . '"';
|
|
|
|
wfDebugLog( 'api-feature-usage', $s, 'private', $ctx );
|
|
}
|
|
|
|
/** @} */
|
|
|
|
/************************************************************************//**
|
|
* @name Help message generation
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* Return the summary message.
|
|
*
|
|
* This is a one-line description of the module, suitable for display in a
|
|
* list of modules.
|
|
*
|
|
* @since 1.30
|
|
* @stable to override
|
|
* @return string|array|Message
|
|
*/
|
|
protected function getSummaryMessage() {
|
|
return "apihelp-{$this->getModulePath()}-summary";
|
|
}
|
|
|
|
/**
|
|
* Return the extended help text message.
|
|
*
|
|
* This is additional text to display at the top of the help section, below
|
|
* the summary.
|
|
*
|
|
* @since 1.30
|
|
* @stable to override
|
|
* @return string|array|Message
|
|
*/
|
|
protected function getExtendedDescription() {
|
|
return [ [
|
|
"apihelp-{$this->getModulePath()}-extended-description",
|
|
'api-help-no-extended-description',
|
|
] ];
|
|
}
|
|
|
|
/**
|
|
* Get final module summary
|
|
*
|
|
* @since 1.30
|
|
* @stable to override
|
|
* @return Message
|
|
*/
|
|
public function getFinalSummary() {
|
|
$msg = self::makeMessage( $this->getSummaryMessage(), $this->getContext(), [
|
|
$this->getModulePrefix(),
|
|
$this->getModuleName(),
|
|
$this->getModulePath(),
|
|
] );
|
|
return $msg;
|
|
}
|
|
|
|
/**
|
|
* Get final module description, after hooks have had a chance to tweak it as
|
|
* needed.
|
|
*
|
|
* @since 1.25, returns Message[] rather than string[]
|
|
* @return Message[]
|
|
*/
|
|
public function getFinalDescription() {
|
|
$summary = self::makeMessage( $this->getSummaryMessage(), $this->getContext(), [
|
|
$this->getModulePrefix(),
|
|
$this->getModuleName(),
|
|
$this->getModulePath(),
|
|
] );
|
|
$extendedDescription = self::makeMessage(
|
|
$this->getExtendedDescription(), $this->getContext(), [
|
|
$this->getModulePrefix(),
|
|
$this->getModuleName(),
|
|
$this->getModulePath(),
|
|
]
|
|
);
|
|
|
|
$msgs = [ $summary, $extendedDescription ];
|
|
|
|
$this->getHookRunner()->onAPIGetDescriptionMessages( $this, $msgs );
|
|
|
|
return $msgs;
|
|
}
|
|
|
|
/**
|
|
* Get final list of parameters, after hooks have had a chance to
|
|
* tweak it as needed.
|
|
*
|
|
* @param int $flags Zero or more flags like GET_VALUES_FOR_HELP
|
|
* @return array|bool False on no parameters
|
|
* @since 1.21 $flags param added
|
|
*/
|
|
public function getFinalParams( $flags = 0 ) {
|
|
// @phan-suppress-next-line PhanParamTooMany
|
|
$params = $this->getAllowedParams( $flags );
|
|
if ( !$params ) {
|
|
$params = [];
|
|
}
|
|
|
|
if ( $this->needsToken() ) {
|
|
$params['token'] = [
|
|
self::PARAM_TYPE => 'string',
|
|
self::PARAM_REQUIRED => true,
|
|
self::PARAM_SENSITIVE => true,
|
|
self::PARAM_HELP_MSG => [
|
|
'api-help-param-token',
|
|
$this->needsToken(),
|
|
],
|
|
] + ( $params['token'] ?? [] );
|
|
}
|
|
|
|
$this->getHookRunner()->onAPIGetAllowedParams( $this, $params, $flags );
|
|
|
|
return $params;
|
|
}
|
|
|
|
/**
|
|
* Get final parameter descriptions, after hooks have had a chance to tweak it as
|
|
* needed.
|
|
*
|
|
* @since 1.25, returns array of Message[] rather than array of string[]
|
|
* @return array Keys are parameter names, values are arrays of Message objects
|
|
*/
|
|
public function getFinalParamDescription() {
|
|
$prefix = $this->getModulePrefix();
|
|
$name = $this->getModuleName();
|
|
$path = $this->getModulePath();
|
|
|
|
$params = $this->getFinalParams( self::GET_VALUES_FOR_HELP );
|
|
$msgs = [];
|
|
foreach ( $params as $param => $settings ) {
|
|
if ( !is_array( $settings ) ) {
|
|
$settings = [];
|
|
}
|
|
|
|
if ( isset( $settings[self::PARAM_HELP_MSG] ) ) {
|
|
$msg = $settings[self::PARAM_HELP_MSG];
|
|
} else {
|
|
$msg = $this->msg( "apihelp-{$path}-param-{$param}" );
|
|
}
|
|
$msg = self::makeMessage( $msg, $this->getContext(),
|
|
[ $prefix, $param, $name, $path ] );
|
|
if ( !$msg ) {
|
|
self::dieDebug( __METHOD__,
|
|
'Value in ApiBase::PARAM_HELP_MSG is not valid' );
|
|
}
|
|
$msgs[$param] = [ $msg ];
|
|
|
|
if ( isset( $settings[self::PARAM_TYPE] ) &&
|
|
$settings[self::PARAM_TYPE] === 'submodule'
|
|
) {
|
|
if ( isset( $settings[self::PARAM_SUBMODULE_MAP] ) ) {
|
|
$map = $settings[self::PARAM_SUBMODULE_MAP];
|
|
} else {
|
|
$prefix = $this->isMain() ? '' : ( $this->getModulePath() . '+' );
|
|
$map = [];
|
|
foreach ( $this->getModuleManager()->getNames( $param ) as $submoduleName ) {
|
|
$map[$submoduleName] = $prefix . $submoduleName;
|
|
}
|
|
}
|
|
|
|
$submodules = [];
|
|
$submoduleFlags = []; // for sorting: higher flags are sorted later
|
|
$submoduleNames = []; // for sorting: lexicographical, ascending
|
|
foreach ( $map as $v => $m ) {
|
|
$isDeprecated = false;
|
|
$isInternal = false;
|
|
$summary = null;
|
|
try {
|
|
$submod = $this->getModuleFromPath( $m );
|
|
if ( $submod ) {
|
|
$summary = $submod->getFinalSummary();
|
|
$isDeprecated = $submod->isDeprecated();
|
|
$isInternal = $submod->isInternal();
|
|
}
|
|
} catch ( ApiUsageException $ex ) {
|
|
// Ignore
|
|
}
|
|
if ( $summary ) {
|
|
$key = $summary->getKey();
|
|
$params = $summary->getParams();
|
|
} else {
|
|
$key = 'api-help-undocumented-module';
|
|
$params = [ $m ];
|
|
}
|
|
$m = new ApiHelpParamValueMessage(
|
|
"[[Special:ApiHelp/$m|$v]]",
|
|
$key,
|
|
$params,
|
|
$isDeprecated,
|
|
$isInternal
|
|
);
|
|
$submodules[] = $m->setContext( $this->getContext() );
|
|
$submoduleFlags[] = ( $isDeprecated ? 1 : 0 ) | ( $isInternal ? 2 : 0 );
|
|
$submoduleNames[] = $v;
|
|
}
|
|
// sort $submodules by $submoduleFlags and $submoduleNames
|
|
array_multisort( $submoduleFlags, $submoduleNames, $submodules );
|
|
$msgs[$param] = array_merge( $msgs[$param], $submodules );
|
|
} elseif ( isset( $settings[self::PARAM_HELP_MSG_PER_VALUE] ) ) {
|
|
if ( !is_array( $settings[self::PARAM_HELP_MSG_PER_VALUE] ) ) {
|
|
self::dieDebug( __METHOD__,
|
|
'ApiBase::PARAM_HELP_MSG_PER_VALUE is not valid' );
|
|
}
|
|
if ( !is_array( $settings[self::PARAM_TYPE] ) ) {
|
|
self::dieDebug( __METHOD__,
|
|
'ApiBase::PARAM_HELP_MSG_PER_VALUE may only be used when ' .
|
|
'ApiBase::PARAM_TYPE is an array' );
|
|
}
|
|
|
|
$valueMsgs = $settings[self::PARAM_HELP_MSG_PER_VALUE];
|
|
$deprecatedValues = $settings[self::PARAM_DEPRECATED_VALUES] ?? [];
|
|
|
|
foreach ( $settings[self::PARAM_TYPE] as $value ) {
|
|
if ( isset( $valueMsgs[$value] ) ) {
|
|
$msg = $valueMsgs[$value];
|
|
} else {
|
|
$msg = "apihelp-{$path}-paramvalue-{$param}-{$value}";
|
|
}
|
|
$m = self::makeMessage( $msg, $this->getContext(),
|
|
[ $prefix, $param, $name, $path, $value ] );
|
|
if ( $m ) {
|
|
$m = new ApiHelpParamValueMessage(
|
|
$value,
|
|
// @phan-suppress-next-line PhanTypeMismatchArgument
|
|
[ $m->getKey(), 'api-help-param-no-description' ],
|
|
$m->getParams(),
|
|
isset( $deprecatedValues[$value] )
|
|
);
|
|
$msgs[$param][] = $m->setContext( $this->getContext() );
|
|
} else {
|
|
self::dieDebug( __METHOD__,
|
|
"Value in ApiBase::PARAM_HELP_MSG_PER_VALUE for $value is not valid" );
|
|
}
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings[self::PARAM_HELP_MSG_APPEND] ) ) {
|
|
if ( !is_array( $settings[self::PARAM_HELP_MSG_APPEND] ) ) {
|
|
self::dieDebug( __METHOD__,
|
|
'Value for ApiBase::PARAM_HELP_MSG_APPEND is not an array' );
|
|
}
|
|
foreach ( $settings[self::PARAM_HELP_MSG_APPEND] as $m ) {
|
|
$m = self::makeMessage( $m, $this->getContext(),
|
|
[ $prefix, $param, $name, $path ] );
|
|
if ( $m ) {
|
|
$msgs[$param][] = $m;
|
|
} else {
|
|
self::dieDebug( __METHOD__,
|
|
'Value in ApiBase::PARAM_HELP_MSG_APPEND is not valid' );
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$this->getHookRunner()->onAPIGetParamDescriptionMessages( $this, $msgs );
|
|
|
|
return $msgs;
|
|
}
|
|
|
|
/**
|
|
* Generates the list of flags for the help screen and for action=paraminfo
|
|
*
|
|
* Corresponding messages: api-help-flag-deprecated,
|
|
* api-help-flag-internal, api-help-flag-readrights,
|
|
* api-help-flag-writerights, api-help-flag-mustbeposted
|
|
*
|
|
* @return string[]
|
|
*/
|
|
protected function getHelpFlags() {
|
|
$flags = [];
|
|
|
|
if ( $this->isDeprecated() ) {
|
|
$flags[] = 'deprecated';
|
|
}
|
|
if ( $this->isInternal() ) {
|
|
$flags[] = 'internal';
|
|
}
|
|
if ( $this->isReadMode() ) {
|
|
$flags[] = 'readrights';
|
|
}
|
|
if ( $this->isWriteMode() ) {
|
|
$flags[] = 'writerights';
|
|
}
|
|
if ( $this->mustBePosted() ) {
|
|
$flags[] = 'mustbeposted';
|
|
}
|
|
|
|
return $flags;
|
|
}
|
|
|
|
/**
|
|
* Returns information about the source of this module, if known
|
|
*
|
|
* Returned array is an array with the following keys:
|
|
* - path: Install path
|
|
* - name: Extension name, or "MediaWiki" for core
|
|
* - namemsg: (optional) i18n message key for a display name
|
|
* - license-name: (optional) Name of license
|
|
*
|
|
* @return array|null
|
|
*/
|
|
protected function getModuleSourceInfo() {
|
|
global $IP;
|
|
|
|
if ( $this->mModuleSource !== false ) {
|
|
return $this->mModuleSource;
|
|
}
|
|
|
|
// First, try to find where the module comes from...
|
|
$rClass = new ReflectionClass( $this );
|
|
$path = $rClass->getFileName();
|
|
if ( !$path ) {
|
|
// No path known?
|
|
$this->mModuleSource = null;
|
|
return null;
|
|
}
|
|
$path = realpath( $path ) ?: $path;
|
|
|
|
// Build map of extension directories to extension info
|
|
if ( self::$extensionInfo === null ) {
|
|
$extDir = $this->getConfig()->get( 'ExtensionDirectory' );
|
|
self::$extensionInfo = [
|
|
realpath( __DIR__ ) ?: __DIR__ => [
|
|
'path' => $IP,
|
|
'name' => 'MediaWiki',
|
|
'license-name' => 'GPL-2.0-or-later',
|
|
],
|
|
realpath( "$IP/extensions" ) ?: "$IP/extensions" => null,
|
|
realpath( $extDir ) ?: $extDir => null,
|
|
];
|
|
$keep = [
|
|
'path' => null,
|
|
'name' => null,
|
|
'namemsg' => null,
|
|
'license-name' => null,
|
|
];
|
|
$credits = SpecialVersion::getCredits( ExtensionRegistry::getInstance(), $this->getConfig() );
|
|
foreach ( $credits as $group ) {
|
|
foreach ( $group as $ext ) {
|
|
if ( !isset( $ext['path'] ) || !isset( $ext['name'] ) ) {
|
|
// This shouldn't happen, but does anyway.
|
|
continue;
|
|
}
|
|
|
|
$extpath = $ext['path'];
|
|
if ( !is_dir( $extpath ) ) {
|
|
$extpath = dirname( $extpath );
|
|
}
|
|
self::$extensionInfo[realpath( $extpath ) ?: $extpath] =
|
|
array_intersect_key( $ext, $keep );
|
|
}
|
|
}
|
|
}
|
|
|
|
// Now traverse parent directories until we find a match or run out of
|
|
// parents.
|
|
do {
|
|
if ( array_key_exists( $path, self::$extensionInfo ) ) {
|
|
// Found it!
|
|
$this->mModuleSource = self::$extensionInfo[$path];
|
|
return $this->mModuleSource;
|
|
}
|
|
|
|
$oldpath = $path;
|
|
$path = dirname( $path );
|
|
} while ( $path !== $oldpath );
|
|
|
|
// No idea what extension this might be.
|
|
$this->mModuleSource = null;
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* Called from ApiHelp before the pieces are joined together and returned.
|
|
*
|
|
* This exists mainly for ApiMain to add the Permissions and Credits
|
|
* sections. Other modules probably don't need it.
|
|
*
|
|
* @stable to override
|
|
* @param string[] &$help Array of help data
|
|
* @param array $options Options passed to ApiHelp::getHelp
|
|
* @param array &$tocData If a TOC is being generated, this array has keys
|
|
* as anchors in the page and values as for Linker::generateTOC().
|
|
*/
|
|
public function modifyHelp( array &$help, array $options, array &$tocData ) {
|
|
}
|
|
|
|
/** @} */
|
|
|
|
/************************************************************************//**
|
|
* @name Deprecated methods
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* Split a multi-valued parameter string, like explode()
|
|
* @since 1.28
|
|
* @deprecated since 1.35, use ParamValidator::explodeMultiValue() instead
|
|
* @param string $value
|
|
* @param int $limit
|
|
* @return string[]
|
|
*/
|
|
protected function explodeMultiValue( $value, $limit ) {
|
|
wfDeprecated( __METHOD__, '1.35' );
|
|
return ParamValidator::explodeMultiValue( $value, $limit );
|
|
}
|
|
|
|
/**
|
|
* Return an array of values that were given in a 'a|b|c' notation,
|
|
* after it optionally validates them against the list allowed values.
|
|
*
|
|
* @deprecated since 1.35, no replacement
|
|
* @param string $valueName The name of the parameter (for error
|
|
* reporting)
|
|
* @param mixed $value The value being parsed
|
|
* @param bool $allowMultiple Can $value contain more than one value
|
|
* separated by '|'?
|
|
* @param string[]|null $allowedValues An array of values to check against. If
|
|
* null, all values are accepted.
|
|
* @param string|null $allSpecifier String to use to specify all allowed values, or null
|
|
* if this behavior should not be allowed
|
|
* @param int|null $limit1 Maximum number of values, for normal users.
|
|
* @param int|null $limit2 Maximum number of values, for users with the apihighlimits right.
|
|
* @return string|string[] (allowMultiple ? an_array_of_values : a_single_value)
|
|
*/
|
|
protected function parseMultiValue( $valueName, $value, $allowMultiple, $allowedValues,
|
|
$allSpecifier = null, $limit1 = null, $limit2 = null
|
|
) {
|
|
wfDeprecated( __METHOD__, '1.35' );
|
|
|
|
if ( ( $value === '' || $value === "\x1f" ) && $allowMultiple ) {
|
|
return [];
|
|
}
|
|
$limit1 = $limit1 ?: self::LIMIT_SML1;
|
|
$limit2 = $limit2 ?: self::LIMIT_SML2;
|
|
|
|
// This is a bit awkward, but we want to avoid calling canApiHighLimits()
|
|
// because it unstubs $wgUser
|
|
$valuesList = $this->explodeMultiValue( $value, $limit2 + 1 );
|
|
$sizeLimit = count( $valuesList ) > $limit1 && $this->mMainModule->canApiHighLimits()
|
|
? $limit2
|
|
: $limit1;
|
|
|
|
if ( $allowMultiple && is_array( $allowedValues ) && $allSpecifier &&
|
|
count( $valuesList ) === 1 && $valuesList[0] === $allSpecifier
|
|
) {
|
|
return $allowedValues;
|
|
}
|
|
|
|
if ( count( $valuesList ) > $sizeLimit ) {
|
|
$this->dieWithError(
|
|
[ 'apierror-toomanyvalues', $valueName, $sizeLimit ],
|
|
"too-many-$valueName"
|
|
);
|
|
}
|
|
|
|
if ( !$allowMultiple && count( $valuesList ) != 1 ) {
|
|
// T35482 - Allow entries with | in them for non-multiple values
|
|
if ( in_array( $value, $allowedValues, true ) ) {
|
|
return $value;
|
|
}
|
|
|
|
$values = array_map( function ( $v ) {
|
|
return '<kbd>' . wfEscapeWikiText( $v ) . '</kbd>';
|
|
}, $allowedValues );
|
|
$this->dieWithError( [
|
|
'apierror-multival-only-one-of',
|
|
$valueName,
|
|
Message::listParam( $values ),
|
|
count( $values ),
|
|
], "multival_$valueName" );
|
|
}
|
|
|
|
if ( is_array( $allowedValues ) ) {
|
|
// Check for unknown values
|
|
$unknown = array_map( 'wfEscapeWikiText', array_diff( $valuesList, $allowedValues ) );
|
|
if ( count( $unknown ) ) {
|
|
if ( $allowMultiple ) {
|
|
$this->addWarning( [
|
|
'apiwarn-unrecognizedvalues',
|
|
$valueName,
|
|
Message::listParam( $unknown, 'comma' ),
|
|
count( $unknown ),
|
|
] );
|
|
} else {
|
|
$this->dieWithError(
|
|
[ 'apierror-unrecognizedvalue', $valueName, wfEscapeWikiText( $valuesList[0] ) ],
|
|
"unknown_$valueName"
|
|
);
|
|
}
|
|
}
|
|
// Now throw them out
|
|
$valuesList = array_intersect( $valuesList, $allowedValues );
|
|
}
|
|
|
|
return $allowMultiple ? $valuesList : $valuesList[0];
|
|
}
|
|
|
|
/**
|
|
* Validate the value against the minimum and user/bot maximum limits.
|
|
* Prints usage info on failure.
|
|
* @deprecated since 1.35, use $this->getMain()->getParamValidator()->validateValue() instead.
|
|
* @param string $name Parameter name, unprefixed
|
|
* @param int &$value Parameter value
|
|
* @param int|null $min Minimum value
|
|
* @param int|null $max Maximum value for users
|
|
* @param int|null $botMax Maximum value for sysops/bots
|
|
* @param bool $enforceLimits Whether to enforce (die) if value is outside limits
|
|
*/
|
|
protected function validateLimit( $name, &$value, $min, $max, $botMax = null,
|
|
$enforceLimits = false
|
|
) {
|
|
wfDeprecated( __METHOD__, '1.35' );
|
|
$value = $this->getMain()->getParamValidator()->validateValue(
|
|
$this, $name, $value, [
|
|
ParamValidator::PARAM_TYPE => 'limit',
|
|
IntegerDef::PARAM_MIN => $min,
|
|
IntegerDef::PARAM_MAX => $max,
|
|
IntegerDef::PARAM_MAX2 => $botMax,
|
|
IntegerDef::PARAM_IGNORE_RANGE => !$enforceLimits,
|
|
]
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Validate and normalize parameters of type 'timestamp'
|
|
* @deprecated since 1.35, use $this->getMain()->getParamValidator()->validateValue() instead.
|
|
* @param string $value Parameter value
|
|
* @param string $encParamName Parameter name
|
|
* @return string Validated and normalized parameter
|
|
*/
|
|
protected function validateTimestamp( $value, $encParamName ) {
|
|
wfDeprecated( __METHOD__, '1.35' );
|
|
|
|
// Sigh.
|
|
$name = $encParamName;
|
|
$p = (string)$this->getModulePrefix();
|
|
$l = strlen( $p );
|
|
if ( $l && substr( $name, 0, $l ) === $p ) {
|
|
$name = substr( $name, $l );
|
|
}
|
|
|
|
return $this->getMain()->getParamValidator()->validateValue(
|
|
$this, $name, $value, [
|
|
ParamValidator::PARAM_TYPE => 'timestamp',
|
|
]
|
|
);
|
|
}
|
|
|
|
/** @} */
|
|
|
|
}
|
|
|
|
/**
|
|
* For really cool vim folding this needs to be at the end:
|
|
* vim: foldmarker=@{,@} foldmethod=marker
|
|
*/
|