New hook ApiCheckCanExecute.

Added new hook in ApiMain::checkCanExecute
so that extensions can authenticate and
authorize API clients before the module is
execute. (Necessary for extensions like
OAuth that externally authnz clients.)

Change-Id: I1b059fd9a4aa717928af8b09f5edebe899ab3ce1
Signed-off-by: Tyler Romeo <tylerromeo@gmail.com>

diff --git a/docs/hooks.txt b/docs/hooks.txt
index 2862d1b..8243f78 100644 (file)
--- a/docs/hooks.txt
+++ b/docs/hooks.txt
@@ -314,6 +314,13 @@ $body: Body of the message
 Use this to extend core API modules.
 &$module: Module object
 
+'APICheckCanExecute': Called during ApiMain::checkCanExecute. Use to
+further authenticate and authorize API clients before executing the
+module. Return false and set a message to cancel the request.
+$module: Module object
+$user: Current user
+&$message: API usage message to die with
+
 'APIEditBeforeSave': before saving a page with api.php?action=edit,
 after processing request parameters. Return false to let the request
 fail, returning an error message or an <edit result="Failure"> tag

diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php
index 420acd3..3dadb42 100644 (file)
--- a/includes/api/ApiMain.php
+++ b/includes/api/ApiMain.php
@@ -758,6 +758,12 @@ class ApiMain extends ApiBase {
                                $this->dieReadOnly();
                        }
                }
+
+               // Allow extensions to stop execution for arbitrary reasons.
+               $message = false;
+               if( !wfRunHooks( 'ApiCheckCanExecute', array( $module, $user, &$message ) ) ) {
+                       $this->dieUsageMsg( $message );
+               }
        }
 
        /**