From: Roan Kattouw Date: Sat, 5 Jul 2008 11:18:50 +0000 (+0000) Subject: Fix regression from r37046: tokens should not be supplied when in JSON callback mode... X-Git-Tag: 1.31.0-rc.0~46730 X-Git-Url: http://git.cyclocoop.org/%24action?a=commitdiff_plain;h=07db2080a54fa4c1df30b64d4bd52bff3328d749;p=lhc%2Fweb%2Fwiklou.git Fix regression from r37046: tokens should not be supplied when in JSON callback mode. Also remove ApiQueryBase::getTokenFlag() which is now obsolete. --- diff --git a/includes/api/ApiQueryBase.php b/includes/api/ApiQueryBase.php index 4661f0d1db..31658b1ed1 100644 --- a/includes/api/ApiQueryBase.php +++ b/includes/api/ApiQueryBase.php @@ -343,31 +343,6 @@ abstract class ApiQueryBase extends ApiBase { return $t->getPrefixedText(); } - /** - * Check whether the current user requested a certain token and - * is actually allowed to request it. - * @param array $tokenArr Array of tokens the user requested - * @param string $action Action to check for - * @return bool true if the user requested the token and is allowed to, false otherwise - */ - public function getTokenFlag($tokenArr, $action) { - if ($this->getMain()->getRequest()->getVal('callback') !== null) { - // Don't do any session-specific data. - return false; - } - if (in_array($action, $tokenArr)) { - global $wgUser; - if ($wgUser->isAllowed($action)) - return true; - else - { - $this->setWarning("Action '$action' is not allowed for the current user"); - return false; - } - } - return false; - } - /** * Get version string for use in the API help output * @return string diff --git a/includes/api/ApiQueryInfo.php b/includes/api/ApiQueryInfo.php index 8fea5835d4..55e59dc700 100644 --- a/includes/api/ApiQueryInfo.php +++ b/includes/api/ApiQueryInfo.php @@ -58,6 +58,10 @@ class ApiQueryInfo extends ApiQueryBase { if(isset($this->tokenFunctions)) return $this->tokenFunctions; + // If we're in JSON callback mode, no tokens can be obtained + if(!is_null($this->getMain()->getRequest()->getVal('callback'))) + return array(); + $this->tokenFunctions = array( 'edit' => 'ApiQueryInfo::getEditToken', 'delete' => 'ApiQueryInfo::getDeleteToken', diff --git a/includes/api/ApiQueryRevisions.php b/includes/api/ApiQueryRevisions.php index fb14a4c49f..09c35eceae 100644 --- a/includes/api/ApiQueryRevisions.php +++ b/includes/api/ApiQueryRevisions.php @@ -52,6 +52,11 @@ class ApiQueryRevisions extends ApiQueryBase { // Don't call the hooks twice if(isset($this->tokenFunctions)) return $this->tokenFunctions; + + // If we're in JSON callback mode, no tokens can be obtained + if(!is_null($this->getMain()->getRequest()->getVal('callback'))) + return array(); + $this->tokenFunctions = array( 'rollback' => 'ApiQueryRevisions::getRollbackToken' );