}
/**
- * @addtogroup API
+ * @ingroup API
*/
class ApiProtect extends ApiBase {
}
public function execute() {
- global $wgUser;
+ global $wgUser, $wgRestrictionTypes, $wgRestrictionLevels;
$this->getMain()->requestWriteMode();
$params = $this->extractRequestParams();
-
+
$titleObj = NULL;
if(!isset($params['title']))
- $this->dieUsage('The title parameter must be set', 'notitle');
+ $this->dieUsageMsg(array('missingparam', 'title'));
if(!isset($params['token']))
- $this->dieUsage('The token parameter must be set', 'notoken');
- if(!isset($params['protections']) || empty($params['protections']))
- $this->dieUsage('The protections parameter must be set', 'noprotections');
-
- if($wgUser->isBlocked())
- $this->dieUsage('You have been blocked from editing', 'blocked');
- if(wfReadOnly())
- $this->dieUsage('The wiki is in read-only mode', 'readonly');
+ $this->dieUsageMsg(array('missingparam', 'token'));
+ if(empty($params['protections']))
+ $this->dieUsageMsg(array('missingparam', 'protections'));
+
if(!$wgUser->matchEditToken($params['token']))
- $this->dieUsage('Invalid token', 'badtoken');
+ $this->dieUsageMsg(array('sessionfailure'));
$titleObj = Title::newFromText($params['title']);
if(!$titleObj)
- $this->dieUsage("Bad title ``{$params['title']}''", 'invalidtitle');
- if(!$titleObj->exists())
- $this->dieUsage("``{$params['title']}'' doesn't exist", 'missingtitle');
- if(!$titleObj->userCan('protect'))
- $this->dieUsage('You don\'t have permission to change protection levels', 'permissiondenied');
- $articleObj = new Article($titleObj);
-
- if(in_array($params['expiry'], array('infinite', 'indefinite', 'never')))
- $expiry = Block::infinity();
- else
+ $this->dieUsageMsg(array('invalidtitle', $params['title']));
+
+ $errors = $titleObj->getUserPermissionsErrors('protect', $wgUser);
+ if($errors)
+ // We don't care about multiple errors, just report one of them
+ $this->dieUsageMsg(current($errors));
+
+ $expiry = (array)$params['expiry'];
+ if(count($expiry) != count($params['protections']))
{
- $expiry = strtotime($params['expiry']);
- if($expiry < 0 || $expiry == false)
- $this->dieUsage('Invalid expiry time', 'invalidexpiry');
-
- $expiry = wfTimestamp(TS_MW, $expiry);
- if($expiry < wfTimestampNow())
- $this->dieUsage('Expiry time is in the past', 'pastexpiry');
+ if(count($expiry) == 1)
+ $expiry = array_fill(0, count($params['protections']), $expiry[0]);
+ else
+ $this->dieUsageMsg(array('toofewexpiries', count($expiry), count($params['protections'])));
}
-
+
$protections = array();
- foreach($params['protections'] as $prot)
+ $expiryarray = array();
+ $resultProtections = array();
+ foreach($params['protections'] as $i => $prot)
{
$p = explode('=', $prot);
$protections[$p[0]] = ($p[1] == 'all' ? '' : $p[1]);
+ if($titleObj->exists() && $p[0] == 'create')
+ $this->dieUsageMsg(array('create-titleexists'));
+ if(!$titleObj->exists() && $p[0] != 'create')
+ $this->dieUsageMsg(array('missingtitles-createonly'));
+ if(!in_array($p[0], $wgRestrictionTypes) && $p[0] != 'create')
+ $this->dieUsageMsg(array('protect-invalidaction', $p[0]));
+ if(!in_array($p[1], $wgRestrictionLevels) && $p[1] != 'all')
+ $this->dieUsageMsg(array('protect-invalidlevel', $p[1]));
+
+ if(in_array($expiry[$i], array('infinite', 'indefinite', 'never')))
+ $expiryarray[$p[0]] = Block::infinity();
+ else
+ {
+ $exp = strtotime($expiry[$i]);
+ if($exp < 0 || $exp == false)
+ $this->dieUsageMsg(array('invalidexpiry', $expiry[$i]));
+
+ $exp = wfTimestamp(TS_MW, $exp);
+ if($exp < wfTimestampNow())
+ $this->dieUsageMsg(array('pastexpiry', $expiry[$i]));
+ $expiryarray[$p[0]] = $exp;
+ }
+ $resultProtections[] = array($p[0] => $protections[$p[0]],
+ 'expiry' => ($expiryarray[$p[0]] == Block::infinity() ?
+ 'infinite' :
+ wfTimestamp(TS_ISO_8601, $expiryarray[$p[0]])));
}
- $dbw = wfGetDb(DB_MASTER);
- $dbw->begin();
- $ok = $articleObj->updateRestrictions($protections, $params['reason'], $params['cascade'], $expiry);
+ if($titleObj->exists()) {
+ $articleObj = new Article($titleObj);
+ $ok = $articleObj->updateRestrictions($protections, $params['reason'], $params['cascade'], $expiryarray);
+ } else
+ $ok = $titleObj->updateTitleProtection($protections['create'], $params['reason'], $expiry);
if(!$ok)
// This is very weird. Maybe the article was deleted or the user was blocked/desysopped in the meantime?
- $this->dieUsage('Unknown error', 'unknownerror');
- $dbw->commit();
- $res = array('title' => $titleObj->getPrefixedText(), 'reason' => $params['reason'], 'expiry' => $expiry);
+ // Just throw an unknown error in this case, as it's very likely to be a race condition
+ $this->dieUsageMsg(array());
+ $res = array('title' => $titleObj->getPrefixedText(), 'reason' => $params['reason']);
if($params['cascade'])
$res['cascade'] = '';
- $res['protections'] = $protections;
+ $res['protections'] = $resultProtections;
+ $this->getResult()->setIndexedTagName($res['protections'], 'protection');
$this->getResult()->addValue(null, $this->getModuleName(), $res);
}
- protected function getAllowedParams() {
+ public function mustBePosted() { return true; }
+
+ public function getAllowedParams() {
return array (
'title' => null,
'token' => null,
'protections' => array(
ApiBase :: PARAM_ISMULTI => true
),
- 'expiry' => 'infinite',
+ 'expiry' => array(
+ ApiBase :: PARAM_ISMULTI => true,
+ ApiBase :: PARAM_ALLOW_DUPLICATES => true,
+ ApiBase :: PARAM_DFLT => 'infinite',
+ ),
'reason' => '',
'cascade' => false
);
}
- protected function getParamDescription() {
+ public function getParamDescription() {
return array (
- 'title' => 'Title of the page you want to restore.',
+ 'title' => 'Title of the page you want to (un)protect.',
'token' => 'A protect token previously retrieved through prop=info',
'protections' => 'Pipe-separated list of protection levels, formatted action=group (e.g. edit=sysop)',
- 'expiry' => 'Expiry timestamp. If set to \'infinite\', \'indefinite\' or \'never\', the protection will never expire.',
+ 'expiry' => array('Expiry timestamps. If only one timestamp is set, it\'ll be used for all protections.',
+ 'Use \'infinite\', \'indefinite\' or \'never\', for a neverexpiring protection.'),
'reason' => 'Reason for (un)protecting (optional)',
'cascade' => 'Enable cascading protection (i.e. protect pages included in this page)'
);
}
- protected function getDescription() {
+ public function getDescription() {
return array(
'Change the protection level of a page.'
);
protected function getExamples() {
return array (
- 'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=sysop|move=sysop&cascade&expiry=20070901163000',
+ 'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=sysop|move=sysop&cascade&expiry=20070901163000|never',
'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=all|move=all&reason=Lifting%20restrictions'
);
}