private $mModule;
private $mCacheMode = 'private';
+ /** @var array */
private $mCacheControl = [];
private $mParamsUsed = [];
private $mParamsSensitive = [];
* @param IContextSource|WebRequest|null $context If this is an instance of
* FauxRequest, errors are thrown and no printing occurs
* @param bool $enableWrite Should be set to true if the api may modify data
+ * @suppress PhanUndeclaredMethod
*/
public function __construct( $context = null, $enableWrite = false ) {
if ( $context === null ) {
// Setup uselang. This doesn't use $this->getParameter()
// because we're not ready to handle errors yet.
- $uselang = $request->getVal( 'uselang', self::API_DEFAULT_USELANG );
+ // Optimisation: Avoid slow getVal(), this isn't user-generated content.
+ $uselang = $request->getRawVal( 'uselang', self::API_DEFAULT_USELANG );
if ( $uselang === 'user' ) {
// Assume the parent context is going to return the user language
// for uselang=user (see T85635).
// Set up the error formatter. This doesn't use $this->getParameter()
// because we're not ready to handle errors yet.
- $errorFormat = $request->getVal( 'errorformat', 'bc' );
- $errorLangCode = $request->getVal( 'errorlang', 'uselang' );
+ // Optimisation: Avoid slow getVal(), this isn't user-generated content.
+ $errorFormat = $request->getRawVal( 'errorformat', 'bc' );
+ $errorLangCode = $request->getRawVal( 'errorlang', 'uselang' );
$errorsUseDB = $request->getCheck( 'errorsuselocal' );
if ( in_array( $errorFormat, [ 'plaintext', 'wikitext', 'html', 'raw', 'none' ], true ) ) {
if ( $errorLangCode === 'uselang' ) {
}
$this->mResult->setErrorFormatter( $this->getErrorFormatter() );
- $this->mModuleMgr = new ApiModuleManager( $this );
+ $this->mModuleMgr = new ApiModuleManager(
+ $this,
+ MediaWikiServices::getInstance()->getObjectFactory()
+ );
$this->mModuleMgr->addModules( self::$Modules, 'action' );
$this->mModuleMgr->addModules( $config->get( 'APIModules' ), 'action' );
$this->mModuleMgr->addModules( self::$Formats, 'format' );
$this->mEnableWrite = $enableWrite;
$this->mCdnMaxAge = -1; // flag for executeActionWithErrorHandling()
- $this->mCommit = false;
}
/**
}
if ( $this->getParameter( 'curtimestamp' ) ) {
- $result->addValue( null, 'curtimestamp', wfTimestamp( TS_ISO_8601, time() ),
- ApiResult::NO_SIZE_CHECK );
+ $result->addValue( null, 'curtimestamp', wfTimestamp( TS_ISO_8601 ), ApiResult::NO_SIZE_CHECK );
}
if ( $this->getParameter( 'responselanginfo' ) ) {
*/
protected function checkExecutePermissions( $module ) {
$user = $this->getUser();
- if ( $module->isReadMode() && !User::isEveryoneAllowed( 'read' ) &&
- !$user->isAllowed( 'read' )
+ if ( $module->isReadMode() && !$this->getPermissionManager()->isEveryoneAllowed( 'read' ) &&
+ !$this->getPermissionManager()->userHasRight( $user, 'read' )
) {
$this->dieWithError( 'apierror-readapidenied' );
}
if ( $module->isWriteMode() ) {
if ( !$this->mEnableWrite ) {
$this->dieWithError( 'apierror-noapiwrite' );
- } elseif ( !$user->isAllowed( 'writeapi' ) ) {
+ } elseif ( !$this->getPermissionManager()->userHasRight( $user, 'writeapi' ) ) {
$this->dieWithError( 'apierror-writeapidenied' );
} elseif ( $this->getRequest()->getHeader( 'Promise-Non-Write-API-Action' ) ) {
$this->dieWithError( 'apierror-promised-nonwrite-api' );
}
break;
case 'bot':
- if ( !$user->isAllowed( 'bot' ) ) {
+ if ( !$this->getPermissionManager()->userHasRight( $user, 'bot' ) ) {
$this->dieWithError( 'apierror-assertbotfailed' );
}
break;
$this->dieWithErrorOrDebug( [ 'apierror-mustbeposted', $this->mAction ] );
}
+ if ( $request->wasPosted() && !$request->getHeader( 'Content-Type' ) ) {
+ $this->addDeprecation(
+ 'apiwarn-deprecation-post-without-content-type', 'post-without-content-type'
+ );
+ }
+
// See if custom printer is used
$this->mPrinter = $module->getCustomPrinter();
if ( is_null( $this->mPrinter ) ) {
* @return string
*/
protected function encodeRequestLogValue( $s ) {
- static $table;
+ static $table = [];
if ( !$table ) {
$chars = ';@$!*(),/:';
$numChars = strlen( $chars );
];
}
+ /**
+ * @inheritDoc
+ * @phan-param array{nolead?:bool,headerlevel?:int,tocnumber?:int[]} $options
+ */
public function modifyHelp( array &$help, array $options, array &$tocData ) {
// Wish PHP had an "array_insert_before". Instead, we have to manually
// reindex the array to get 'permissions' in the right place.
$groups = array_map( function ( $group ) {
return $group == '*' ? 'all' : $group;
- }, User::getGroupsWithPermission( $right ) );
+ }, $this->getPermissionManager()->getGroupsWithPermission( $right ) );
$help['permissions'] .= Html::rawElement( 'dd', null,
$this->msg( 'api-help-permissions-granted-to' )
*/
public function canApiHighLimits() {
if ( !isset( $this->mCanApiHighLimits ) ) {
- $this->mCanApiHighLimits = $this->getUser()->isAllowed( 'apihighlimits' );
+ $this->mCanApiHighLimits = $this->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'apihighlimits' );
}
return $this->mCanApiHighLimits;