* action=setnotificationtimestamp will now update the watchlist asynchronously
if entirewatchlist is set, so updates may not be visible immediately
* Block info will be added to "blocked" errors from more modules.
+* (T216245) Autoblocks will now be spread by action=edit and action=move.
=== Action API internal changes in 1.33 ===
* A number of deprecated methods for API documentation, intended for overriding
hyphen. Methods such as ApiBase::dieWithError() and
ApiMessageTrait::setApiCode() will throw an InvalidArgumentException if
passed a bad code.
+* ApiBase::checkTitleUserPermissions() now takes an options array as its third
+ parameter. Passing a User object or null is deprecated.
=== Languages updated in 1.33 ===
MediaWiki supports over 350 languages. Many localisations are updated regularly.
Use require( 'mediawiki.language.specialCharacters' ) instead.
* ChangeTags::purgeTagUsageCache() has been deprecated, and is expected to be
removed in a future release.
+* Passing a User object or null as the third parameter to
+ ApiBase::checkTitleUserPermissions() has been deprecated. Pass an array
+ [ 'user' => $user ] instead.
=== Other changes in 1.33 ===
* (T201747) Html::openElement() warns if given an element name with a space
/**
* Helper function for permission-denied errors
* @since 1.29
+ * @since 1.33 Changed the third parameter from $user to $options.
* @param Title $title
* @param string|string[] $actions
- * @param User|null $user
+ * @param array $options Additional options
+ * - user: (User) User to use rather than $this->getUser()
+ * - autoblock: (bool, default false) Whether to spread autoblocks
+ * For compatibility, passing a User object is treated as the value for the 'user' option.
* @throws ApiUsageException if the user doesn't have all of the rights.
*/
- public function checkTitleUserPermissions( Title $title, $actions, $user = null ) {
- if ( !$user ) {
- $user = $this->getUser();
+ public function checkTitleUserPermissions( Title $title, $actions, $options = [] ) {
+ if ( !is_array( $options ) ) {
+ wfDeprecated( '$user as the third parameter to ' . __METHOD__, '1.33' );
+ $options = [ 'user' => $options ];
}
+ $user = $options['user'] ?? $this->getUser();
$errors = [];
foreach ( (array)$actions as $action ) {
$this->trackBlockNotices( $errors );
}
+ if ( !empty( $options['autoblock'] ) ) {
+ $user->spreadAnyEditBlock();
+ }
+
$this->dieStatus( $this->errorArrayToStatus( $errors, $user ) );
}
}
// Now let's check whether we're even allowed to do this
$this->checkTitleUserPermissions(
$titleObj,
- $titleObj->exists() ? 'edit' : [ 'edit', 'create' ]
+ $titleObj->exists() ? 'edit' : [ 'edit', 'create' ],
+ [ 'autoblock' => true ]
);
$toMD5 = $params['text'];
$status = $this->movePage( $fromTitle, $toTitle, $params['reason'], !$params['noredirect'],
$params['tags'] ?: [] );
if ( !$status->isOK() ) {
+ $user->spreadAnyEditBlock();
$this->dieStatus( $status );
}
public function testEditWhileBlocked() {
$name = 'Help:' . ucfirst( __FUNCTION__ );
- $this->setExpectedException( ApiUsageException::class,
- 'You have been blocked from editing.' );
+ $this->assertNull( Block::newFromTarget( '127.0.0.1' ), 'Sanity check' );
$block = new Block( [
'address' => self::$users['sysop']->getUser()->getName(),
'reason' => 'Capriciousness',
'timestamp' => '19370101000000',
'expiry' => 'infinity',
+ 'enableAutoblock' => true,
] );
$block->insert();
'title' => $name,
'text' => 'Some text',
] );
+ $this->fail( 'Expected exception not thrown' );
+ } catch ( ApiUsageException $ex ) {
+ $this->assertSame( 'You have been blocked from editing.', $ex->getMessage() );
+ $this->assertNotNull( Block::newFromTarget( '127.0.0.1' ), 'Autoblock spread' );
} finally {
$block->delete();
self::$users['sysop']->getUser()->clearInstanceCache();
}
}
+ public function testMoveWhileBlocked() {
+ $this->assertNull( Block::newFromTarget( '127.0.0.1' ), 'Sanity check' );
+
+ $block = new Block( [
+ 'address' => self::$users['sysop']->getUser()->getName(),
+ 'by' => self::$users['sysop']->getUser()->getId(),
+ 'reason' => 'Capriciousness',
+ 'timestamp' => '19370101000000',
+ 'expiry' => 'infinity',
+ 'enableAutoblock' => true,
+ ] );
+ $block->insert();
+
+ $name = ucfirst( __FUNCTION__ );
+ $id = $this->createPage( $name );
+
+ try {
+ $this->doApiRequestWithToken( [
+ 'action' => 'move',
+ 'from' => $name,
+ 'to' => "$name 2",
+ ] );
+ $this->fail( 'Expected exception not thrown' );
+ } catch ( ApiUsageException $ex ) {
+ $this->assertSame( 'You have been blocked from editing.', $ex->getMessage() );
+ $this->assertNotNull( Block::newFromTarget( '127.0.0.1' ), 'Autoblock spread' );
+ } finally {
+ $block->delete();
+ self::$users['sysop']->getUser()->clearInstanceCache();
+ $this->assertSame( $id, Title::newFromText( $name )->getArticleID() );
+ }
+ }
+
// @todo File moving
public function testPingLimiter() {