From: Roan Kattouw <catrope@users.mediawiki.org>
Date: Wed, 21 May 2008 14:33:27 +0000 (+0000)
Subject: API: Requesting a token you aren't allowed to request no longer dies with an error... 
X-Git-Tag: 1.31.0-rc.0~47493
X-Git-Url: http://git.cyclocoop.org/%7B%24www_url%7Dadmin/password.php?a=commitdiff_plain;h=903732fd15bfbabf758abec8b15fd3d29df44241;p=lhc%2Fweb%2Fwiklou.git

API: Requesting a token you aren't allowed to request no longer dies with an error but just throws a warning and doesn't give you the token.
---

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index e91c4ad49c..aa2310b107 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -353,6 +353,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
 * (bug 13606) Allow deletion of images
 * Added iiprop=mime and aiprop=metadata
 * Handled unrecognized values for parameters more gracefully
+* Handled requesting disallowed tokens more gracefully
 
 === Languages updated in 1.13 ===
 
diff --git a/includes/api/ApiQueryBase.php b/includes/api/ApiQueryBase.php
index 7cb5bb07ef..e1d9fc3cdf 100644
--- a/includes/api/ApiQueryBase.php
+++ b/includes/api/ApiQueryBase.php
@@ -355,7 +355,10 @@ abstract class ApiQueryBase extends ApiBase {
 			if ($wgUser->isAllowed($action))
 				return true;
 			else
-				$this->dieUsage("Action '$action' is not allowed for the current user", 'permissiondenied');
+			{
+				$this->setWarning("Action '$action' is not allowed for the current user");
+				return false;
+			}
 		}
 		return false;
 	}