// Setup uselang. This doesn't use $this->getParameter()
// because we're not ready to handle errors yet.
- $uselang = $request->getVal( 'uselang', self::API_DEFAULT_USELANG );
+ // Optimisation: Avoid slow getVal(), this isn't user-generated content.
+ $uselang = $request->getRawVal( 'uselang', self::API_DEFAULT_USELANG );
if ( $uselang === 'user' ) {
// Assume the parent context is going to return the user language
// for uselang=user (see T85635).
// Set up the error formatter. This doesn't use $this->getParameter()
// because we're not ready to handle errors yet.
- $errorFormat = $request->getVal( 'errorformat', 'bc' );
- $errorLangCode = $request->getVal( 'errorlang', 'uselang' );
+ // Optimisation: Avoid slow getVal(), this isn't user-generated content.
+ $errorFormat = $request->getRawVal( 'errorformat', 'bc' );
+ $errorLangCode = $request->getRawVal( 'errorlang', 'uselang' );
$errorsUseDB = $request->getCheck( 'errorsuselocal' );
if ( in_array( $errorFormat, [ 'plaintext', 'wikitext', 'html', 'raw', 'none' ], true ) ) {
if ( $errorLangCode === 'uselang' ) {
*/
protected function checkExecutePermissions( $module ) {
$user = $this->getUser();
- if ( $module->isReadMode() && !User::isEveryoneAllowed( 'read' ) &&
- !$user->isAllowed( 'read' )
+ if ( $module->isReadMode() && !$this->getPermissionManager()->isEveryoneAllowed( 'read' ) &&
+ !$this->getPermissionManager()->userHasRight( $user, 'read' )
) {
$this->dieWithError( 'apierror-readapidenied' );
}
if ( $module->isWriteMode() ) {
if ( !$this->mEnableWrite ) {
$this->dieWithError( 'apierror-noapiwrite' );
- } elseif ( !$user->isAllowed( 'writeapi' ) ) {
+ } elseif ( !$this->getPermissionManager()->userHasRight( $user, 'writeapi' ) ) {
$this->dieWithError( 'apierror-writeapidenied' );
} elseif ( $this->getRequest()->getHeader( 'Promise-Non-Write-API-Action' ) ) {
$this->dieWithError( 'apierror-promised-nonwrite-api' );
}
break;
case 'bot':
- if ( !$user->isAllowed( 'bot' ) ) {
+ if ( !$this->getPermissionManager()->userHasRight( $user, 'bot' ) ) {
$this->dieWithError( 'apierror-assertbotfailed' );
}
break;
$this->dieWithErrorOrDebug( [ 'apierror-mustbeposted', $this->mAction ] );
}
+ if ( $request->wasPosted() && !$request->getHeader( 'Content-Type' ) ) {
+ $this->addDeprecation(
+ 'apiwarn-deprecation-post-without-content-type', 'post-without-content-type'
+ );
+ }
+
// See if custom printer is used
$this->mPrinter = $module->getCustomPrinter();
if ( is_null( $this->mPrinter ) ) {
$groups = array_map( function ( $group ) {
return $group == '*' ? 'all' : $group;
- }, User::getGroupsWithPermission( $right ) );
+ }, $this->getPermissionManager()->getGroupsWithPermission( $right ) );
$help['permissions'] .= Html::rawElement( 'dd', null,
$this->msg( 'api-help-permissions-granted-to' )
*/
public function canApiHighLimits() {
if ( !isset( $this->mCanApiHighLimits ) ) {
- $this->mCanApiHighLimits = $this->getUser()->isAllowed( 'apihighlimits' );
+ $this->mCanApiHighLimits = $this->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'apihighlimits' );
}
return $this->mCanApiHighLimits;