API: Requesting a token you aren't allowed to request no longer dies with an error...

author Roan Kattouw <catrope@users.mediawiki.org>

Wed, 21 May 2008 14:33:27 +0000 (14:33 +0000)

committer Roan Kattouw <catrope@users.mediawiki.org>

Wed, 21 May 2008 14:33:27 +0000 (14:33 +0000)
author Roan Kattouw <catrope@users.mediawiki.org>
Wed, 21 May 2008 14:33:27 +0000 (14:33 +0000)
committer Roan Kattouw <catrope@users.mediawiki.org>
Wed, 21 May 2008 14:33:27 +0000 (14:33 +0000)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES

index e91c4ad..aa2310b 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -353,6 +353,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
  * (bug 13606) Allow deletion of images
  * Added iiprop=mime and aiprop=metadata
  * Handled unrecognized values for parameters more gracefully
+* Handled requesting disallowed tokens more gracefully
  
  === Languages updated in 1.13 ===
  
diff --git a/includes/api/ApiQueryBase.php b/includes/api/ApiQueryBase.php

index 7cb5bb0..e1d9fc3 100644 (file)
--- a/includes/api/ApiQueryBase.php
+++ b/includes/api/ApiQueryBase.php
@@ -355,7 +355,10 @@ abstract class ApiQueryBase extends ApiBase {
                         if ($wgUser->isAllowed($action))
                                 return true;
                         else
-                               $this->dieUsage("Action '$action' is not allowed for the current user", 'permissiondenied');
+                       {
+                               $this->setWarning("Action '$action' is not allowed for the current user");
+                               return false;
+                       }
                 }
                 return false;
         }
author	Roan Kattouw <catrope@users.mediawiki.org>
	Wed, 21 May 2008 14:33:27 +0000 (14:33 +0000)
committer	Roan Kattouw <catrope@users.mediawiki.org>
	Wed, 21 May 2008 14:33:27 +0000 (14:33 +0000)
RELEASE-NOTES		patch \| blob \| history
includes/api/ApiQueryBase.php		patch \| blob \| history