From: Tyler Romeo Date: Tue, 21 Aug 2012 15:52:47 +0000 (-0400) Subject: New hook ApiCheckCanExecute. X-Git-Tag: 1.31.0-rc.0~22460^2 X-Git-Url: http://git.cyclocoop.org/%22%20.%20generer_url_aide%28?a=commitdiff_plain;h=780b6878f754d68786bbb902393e5a9dd1ea9771;p=lhc%2Fweb%2Fwiklou.git New hook ApiCheckCanExecute. Added new hook in ApiMain::checkCanExecute so that extensions can authenticate and authorize API clients before the module is execute. (Necessary for extensions like OAuth that externally authnz clients.) Change-Id: I1b059fd9a4aa717928af8b09f5edebe899ab3ce1 Signed-off-by: Tyler Romeo --- diff --git a/docs/hooks.txt b/docs/hooks.txt index 2862d1ba87..8243f78122 100644 --- a/docs/hooks.txt +++ b/docs/hooks.txt @@ -314,6 +314,13 @@ $body: Body of the message Use this to extend core API modules. &$module: Module object +'APICheckCanExecute': Called during ApiMain::checkCanExecute. Use to +further authenticate and authorize API clients before executing the +module. Return false and set a message to cancel the request. +$module: Module object +$user: Current user +&$message: API usage message to die with + 'APIEditBeforeSave': before saving a page with api.php?action=edit, after processing request parameters. Return false to let the request fail, returning an error message or an tag diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php index 420acd3d9e..3dadb42283 100644 --- a/includes/api/ApiMain.php +++ b/includes/api/ApiMain.php @@ -758,6 +758,12 @@ class ApiMain extends ApiBase { $this->dieReadOnly(); } } + + // Allow extensions to stop execution for arbitrary reasons. + $message = false; + if( !wfRunHooks( 'ApiCheckCanExecute', array( $module, $user, &$message ) ) ) { + $this->dieUsageMsg( $message ); + } } /**