From 9bf28ce7c9f8472b13fb0ce576ed8360449e67c5 Mon Sep 17 00:00:00 2001
From: Yuri Astrakhan <yurik@users.mediawiki.org>
Date: Wed, 1 Aug 2007 22:46:22 +0000
Subject: [PATCH] API: Added various edit tokens to prop=info (except rollback
 - will be added to revisions)

---
 includes/api/ApiQueryBase.php | 11 +++++++++++
 includes/api/ApiQueryInfo.php | 37 ++++++++++++++++++++++++++++++++---
 2 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/includes/api/ApiQueryBase.php b/includes/api/ApiQueryBase.php
index 6079c8b015..69492dbe97 100644
--- a/includes/api/ApiQueryBase.php
+++ b/includes/api/ApiQueryBase.php
@@ -214,6 +214,17 @@ abstract class ApiQueryBase extends ApiBase {
 		return str_replace('_', ' ', $key);
 	}
 
+	public function getTokenFlag($tokenArr, $action) {
+		if (in_array($action, $tokenArr)) {
+			global $wgUser;
+			if ($wgUser->isAllowed($action))
+				return true;
+			else
+				$this->dieUsage("Action '$action' is not allowed for the current user", 'permissiondenied');
+		}
+		return false;
+	}
+	
 	public static function getBaseVersion() {
 		return __CLASS__ . ': $Id$';
 	}
diff --git a/includes/api/ApiQueryInfo.php b/includes/api/ApiQueryInfo.php
index f285c72f67..1cacff6f16 100644
--- a/includes/api/ApiQueryInfo.php
+++ b/includes/api/ApiQueryInfo.php
@@ -50,12 +50,21 @@ class ApiQueryInfo extends ApiQueryBase {
 
 	public function execute() {
 
+		global $wgUser;
+
 		$params = $this->extractRequestParams();
 		$fld_protection = false;
 		if(!is_null($params['prop'])) {
 			$prop = array_flip($params['prop']);
 			$fld_protection = isset($prop['protection']);
 		}
+		if(!is_null($params['token'])) {
+			$token = $params['token'];
+			$tok_edit = $this->getTokenFlag($token, 'edit');
+			$tok_delete = $this->getTokenFlag($token, 'delete');
+			$tok_protect = $this->getTokenFlag($token, 'protect');
+			$tok_move = $this->getTokenFlag($token, 'move');
+		}
 		
 		$pageSet = $this->getPageSet();
 		$titles = $pageSet->getGoodTitles();
@@ -85,7 +94,7 @@ class ApiQueryInfo extends ApiQueryBase {
 			$db->freeResult($res);
 		}
 		
-		foreach ( $titles as $pageid => $unused ) {
+		foreach ( $titles as $pageid => $title ) {
 			$pageInfo = array (
 				'touched' => wfTimestamp(TS_ISO_8601, $pageTouched[$pageid]),
 				'lastrevid' => intval($pageLatest[$pageid]),
@@ -99,6 +108,18 @@ class ApiQueryInfo extends ApiQueryBase {
 			if ($pageIsNew[$pageid])
 				$pageInfo['new'] = '';
 
+			if (!is_null($token)) {
+				// Currently all tokens are generated the same way, but it might change
+				if ($tok_edit)
+					$pageInfo['edittoken'] = $wgUser->editToken();
+				if ($tok_delete)
+					$pageInfo['deletetoken'] = $wgUser->editToken();
+				if ($tok_protect)
+					$pageInfo['protecttoken'] = $wgUser->editToken();
+				if ($tok_move)
+					$pageInfo['movetoken'] = $wgUser->editToken();
+			}
+			
 			if($fld_protection) {
 				if (isset($protections[$pageid])) {
 					$pageInfo['protection'] = $protections[$pageid];
@@ -122,7 +143,16 @@ class ApiQueryInfo extends ApiQueryBase {
 				ApiBase :: PARAM_ISMULTI => true,
 				ApiBase :: PARAM_TYPE => array (
 					'protection'
-				))
+				)),
+			'token' => array (
+				ApiBase :: PARAM_DFLT => NULL,
+				ApiBase :: PARAM_ISMULTI => true,
+				ApiBase :: PARAM_TYPE => array (
+					'edit',
+					'delete',
+					'protect',
+					'move',
+				)),
 		);
 	}
 
@@ -131,7 +161,8 @@ class ApiQueryInfo extends ApiQueryBase {
 			'prop' => array (
 				'Which additional properties to get:',
 				' "protection"   - List the protection level of each page'
-			)
+			),
+			'token' => 'Request a token to perform a data-modifying action on a page',
 		);
 	}
 
-- 
2.20.1