4 * API userrights module
6 * Copyright © 2009 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
21 * http://www.gnu.org/copyleft/gpl.html
29 class ApiUserrights
extends ApiBase
{
31 private $mUser = null;
34 * Get a UserrightsPage object, or subclass.
35 * @return UserrightsPage
37 protected function getUserRightsPage() {
38 return new UserrightsPage
;
42 * Get all available groups.
45 protected function getAllGroups() {
46 return User
::getAllGroups();
49 public function execute() {
50 $pUser = $this->getUser();
52 // Deny if the user is blocked and doesn't have the full 'userrights' permission.
53 // This matches what Special:UserRights does for the web UI.
54 if ( $pUser->isBlocked() && !$pUser->isAllowed( 'userrights' ) ) {
55 $this->dieBlocked( $pUser->getBlock() );
58 $params = $this->extractRequestParams();
60 // Figure out expiry times from the input
61 // $params['expiry'] is not set in CentralAuth's ApiGlobalUserRights subclass
62 if ( isset( $params['expiry'] ) ) {
63 $expiry = (array)$params['expiry'];
65 $expiry = [ 'infinity' ];
67 $add = (array)$params['add'];
70 } elseif ( count( $expiry ) !== count( $add ) ) {
71 if ( count( $expiry ) === 1 ) {
72 $expiry = array_fill( 0, count( $add ), $expiry[0] );
74 $this->dieWithError( [
75 'apierror-toofewexpiries',
82 // Validate the expiries
84 foreach ( $expiry as $index => $expiryValue ) {
85 $group = $add[$index];
86 $groupExpiries[$group] = UserrightsPage
::expiryToTimestamp( $expiryValue );
88 if ( $groupExpiries[$group] === false ) {
89 $this->dieWithError( [ 'apierror-invalidexpiry', wfEscapeWikiText( $expiryValue ) ] );
92 // not allowed to have things expiring in the past
93 if ( $groupExpiries[$group] && $groupExpiries[$group] < wfTimestampNow() ) {
94 $this->dieWithError( [ 'apierror-pastexpiry', wfEscapeWikiText( $expiryValue ) ] );
98 $user = $this->getUrUser( $params );
100 $tags = $params['tags'];
102 // Check if user can add tags
103 if ( $tags !== null ) {
104 $ableToTag = ChangeTags
::canAddTagsAccompanyingChange( $tags, $pUser );
105 if ( !$ableToTag->isOK() ) {
106 $this->dieStatus( $ableToTag );
110 $form = $this->getUserRightsPage();
111 $form->setContext( $this->getContext() );
112 $r['user'] = $user->getName();
113 $r['userid'] = $user->getId();
114 list( $r['added'], $r['removed'] ) = $form->doSaveUserGroups(
115 // Don't pass null to doSaveUserGroups() for array params, cast to empty array
116 $user, (array)$add, (array)$params['remove'],
117 $params['reason'], (array)$tags, $groupExpiries
120 $result = $this->getResult();
121 ApiResult
::setIndexedTagName( $r['added'], 'group' );
122 ApiResult
::setIndexedTagName( $r['removed'], 'group' );
123 $result->addValue( null, $this->getModuleName(), $r );
127 * @param array $params
130 private function getUrUser( array $params ) {
131 if ( $this->mUser
!== null ) {
135 $this->requireOnlyOneParameter( $params, 'user', 'userid' );
137 $user = $params['user'] ??
'#' . $params['userid'];
139 $form = $this->getUserRightsPage();
140 $form->setContext( $this->getContext() );
141 $status = $form->fetchUser( $user );
142 if ( !$status->isOK() ) {
143 $this->dieStatus( $status );
146 $this->mUser
= $status->value
;
148 return $status->value
;
151 public function mustBePosted() {
155 public function isWriteMode() {
159 public function getAllowedParams() {
162 ApiBase
::PARAM_TYPE
=> 'user',
165 ApiBase
::PARAM_TYPE
=> 'integer',
168 ApiBase
::PARAM_TYPE
=> $this->getAllGroups(),
169 ApiBase
::PARAM_ISMULTI
=> true
172 ApiBase
::PARAM_ISMULTI
=> true,
173 ApiBase
::PARAM_ALLOW_DUPLICATES
=> true,
174 ApiBase
::PARAM_DFLT
=> 'infinite',
177 ApiBase
::PARAM_TYPE
=> $this->getAllGroups(),
178 ApiBase
::PARAM_ISMULTI
=> true
181 ApiBase
::PARAM_DFLT
=> ''
184 // Standard definition automatically inserted
185 ApiBase
::PARAM_HELP_MSG_APPEND
=> [ 'api-help-param-token-webui' ],
188 ApiBase
::PARAM_TYPE
=> 'tags',
189 ApiBase
::PARAM_ISMULTI
=> true
192 // CentralAuth's ApiGlobalUserRights subclass can't handle expiries
193 if ( !$this->getUserRightsPage()->canProcessExpiries() ) {
194 unset( $a['expiry'] );
199 public function needsToken() {
203 protected function getWebUITokenSalt( array $params ) {
204 return $this->getUrUser( $params )->getName();
207 protected function getExamplesMessages() {
209 'action=userrights&user=FooBot&add=bot&remove=sysop|bureaucrat&token=123ABC'
210 => 'apihelp-userrights-example-user',
211 'action=userrights&userid=123&add=bot&remove=sysop|bureaucrat&token=123ABC'
212 => 'apihelp-userrights-example-userid',
214 if ( $this->getUserRightsPage()->canProcessExpiries() ) {
215 $a['action=userrights&user=SometimeSysop&add=sysop&expiry=1%20month&token=123ABC']
216 = 'apihelp-userrights-example-expiry';
221 public function getHelpUrls() {
222 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:User_group_membership';