*/
protected function checkExecutePermissions( $module ) {
$user = $this->getUser();
- if ( $module->isReadMode() && !User::isEveryoneAllowed( 'read' ) &&
- !$user->isAllowed( 'read' )
+ if ( $module->isReadMode() && !$this->getPermissionManager()->isEveryoneAllowed( 'read' ) &&
+ !$this->getPermissionManager()->userHasRight( $user, 'read' )
) {
$this->dieWithError( 'apierror-readapidenied' );
}
if ( $module->isWriteMode() ) {
if ( !$this->mEnableWrite ) {
$this->dieWithError( 'apierror-noapiwrite' );
- } elseif ( !$user->isAllowed( 'writeapi' ) ) {
+ } elseif ( !$this->getPermissionManager()->userHasRight( $user, 'writeapi' ) ) {
$this->dieWithError( 'apierror-writeapidenied' );
} elseif ( $this->getRequest()->getHeader( 'Promise-Non-Write-API-Action' ) ) {
$this->dieWithError( 'apierror-promised-nonwrite-api' );
}
break;
case 'bot':
- if ( !$user->isAllowed( 'bot' ) ) {
+ if ( !$this->getPermissionManager()->userHasRight( $user, 'bot' ) ) {
$this->dieWithError( 'apierror-assertbotfailed' );
}
break;
$this->dieWithErrorOrDebug( [ 'apierror-mustbeposted', $this->mAction ] );
}
+ if ( $request->wasPosted() && !$request->getHeader( 'Content-Type' ) ) {
+ $this->addDeprecation(
+ 'apiwarn-deprecation-post-without-content-type', 'post-without-content-type'
+ );
+ }
+
// See if custom printer is used
$this->mPrinter = $module->getCustomPrinter();
if ( is_null( $this->mPrinter ) ) {
$groups = array_map( function ( $group ) {
return $group == '*' ? 'all' : $group;
- }, User::getGroupsWithPermission( $right ) );
+ }, $this->getPermissionManager()->getGroupsWithPermission( $right ) );
$help['permissions'] .= Html::rawElement( 'dd', null,
$this->msg( 'api-help-permissions-granted-to' )
*/
public function canApiHighLimits() {
if ( !isset( $this->mCanApiHighLimits ) ) {
- $this->mCanApiHighLimits = $this->getUser()->isAllowed( 'apihighlimits' );
+ $this->mCanApiHighLimits = $this->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'apihighlimits' );
}
return $this->mCanApiHighLimits;