Added new hook in ApiMain::checkCanExecute
so that extensions can authenticate and
authorize API clients before the module is
execute. (Necessary for extensions like
OAuth that externally authnz clients.)
Change-Id: I1b059fd9a4aa717928af8b09f5edebe899ab3ce1
Signed-off-by: Tyler Romeo <tylerromeo@gmail.com>
Use this to extend core API modules.
&$module: Module object
+'APICheckCanExecute': Called during ApiMain::checkCanExecute. Use to
+further authenticate and authorize API clients before executing the
+module. Return false and set a message to cancel the request.
+$module: Module object
+$user: Current user
+&$message: API usage message to die with
+
'APIEditBeforeSave': before saving a page with api.php?action=edit,
after processing request parameters. Return false to let the request
fail, returning an error message or an <edit result="Failure"> tag
$this->dieReadOnly();
}
}
+
+ // Allow extensions to stop execution for arbitrary reasons.
+ $message = false;
+ if( !wfRunHooks( 'ApiCheckCanExecute', array( $module, $user, &$message ) ) ) {
+ $this->dieUsageMsg( $message );
+ }
}
/**