use MediaWiki\Rest\RequestInterface;
/**
- * A request authorizer which checks needsReadAccess() in the
- * handler and calls isReadAllowed() in the subclass
+ * A request authorizer which checks needsReadAccess() and needsWriteAccess() in the
+ * handler and calls isReadAllowed() and/or isWriteAllowed() in the subclass
* accordingly.
*
* @internal
if ( $this->handler->needsReadAccess() && !$this->isReadAllowed() ) {
return 'rest-read-denied';
}
+ if ( $this->handler->needsWriteAccess() && !$this->isWriteAllowed() ) {
+ return 'rest-write-denied';
+ }
return null;
}
* @return bool
*/
abstract protected function isReadAllowed();
+
+ /**
+ * Check if the current user is allowed to write to the wiki
+ *
+ * @return bool
+ */
+ abstract protected function isWriteAllowed();
}