X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;f=includes%2Fapi%2FApiUserrights.php;h=5f253ce229449061b7cf7d9f3bed9fb762de4021;hb=95aea4129be17ff18fdb5727dd091462484ba35f;hp=e5ffe4ec075a522d88454119d36250f018ad6374;hpb=d2d950d256e6ac9e7ddcc117da9b262384204194;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/api/ApiUserrights.php b/includes/api/ApiUserrights.php index e5ffe4ec07..5f253ce229 100644 --- a/includes/api/ApiUserrights.php +++ b/includes/api/ApiUserrights.php @@ -1,10 +1,11 @@ .@home.nl + * Created on Mar 24, 2009 + * + * Copyright © 2009 Roan Kattouw .@home.nl * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -18,13 +19,15 @@ * * You should have received a copy of the GNU General Public License along * with this program; if not, write to the Free Software Foundation, Inc., - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * http://www.gnu.org/copyleft/gpl.html + * + * @file */ if ( !defined( 'MEDIAWIKI' ) ) { // Eclipse helper - will be ignored in production - require_once ( "ApiBase.php" ); + require_once( "ApiBase.php" ); } /** @@ -33,26 +36,17 @@ if ( !defined( 'MEDIAWIKI' ) ) { class ApiUserrights extends ApiBase { public function __construct( $main, $action ) { - parent :: __construct( $main, $action ); + parent::__construct( $main, $action ); } + private $mUser = null; + public function execute() { - global $wgUser; $params = $this->extractRequestParams(); - if ( is_null( $params['user'] ) ) - $this->dieUsageMsg( array( 'missingparam', 'user' ) ); - if ( is_null( $params['token'] ) ) - $this->dieUsageMsg( array( 'missingparam', 'token' ) ); + + $user = $this->getUser(); $form = new UserrightsPage; - $user = $form->fetchUser( $params['user'] ); - if ( $user instanceof WikiErrorMsg ) - $this->dieUsageMsg( array_merge( - (array)$user->getMessageKey(), $user->getMessageArgs() ) ); - - if ( !$wgUser->matchEditToken( $params['token'], $user->getName() ) ) - $this->dieUsageMsg( array( 'sessionfailure' ) ); - $r['user'] = $user->getName(); list( $r['added'], $r['removed'] ) = $form->doSaveUserGroups( @@ -64,6 +58,26 @@ class ApiUserrights extends ApiBase { $this->getResult()->addValue( null, $this->getModuleName(), $r ); } + private function getUser() { + if ( $this->mUser !== null ) { + return $this->mUser; + } + + $params = $this->extractRequestParams(); + + $form = new UserrightsPage; + $status = $form->fetchUser( $params['user'] ); + if ( !$status->isOK() ) { + $errors = $status->getErrorsArray(); + $this->dieUsageMsg( $errors[0] ); + } else { + $user = $status->value; + } + + $this->mUser = $user; + return $user; + } + public function mustBePosted() { return true; } @@ -74,24 +88,27 @@ class ApiUserrights extends ApiBase { public function getAllowedParams() { return array ( - 'user' => null, + 'user' => array( + ApiBase::PARAM_TYPE => 'string', + ApiBase::PARAM_REQUIRED => true + ), 'add' => array( - ApiBase :: PARAM_TYPE => User::getAllGroups(), - ApiBase :: PARAM_ISMULTI => true + ApiBase::PARAM_TYPE => User::getAllGroups(), + ApiBase::PARAM_ISMULTI => true ), 'remove' => array( - ApiBase :: PARAM_TYPE => User::getAllGroups(), - ApiBase :: PARAM_ISMULTI => true + ApiBase::PARAM_TYPE => User::getAllGroups(), + ApiBase::PARAM_ISMULTI => true ), 'token' => null, 'reason' => array( - ApiBase :: PARAM_DFLT => '' + ApiBase::PARAM_DFLT => '' ) ); } public function getParamDescription() { - return array ( + return array( 'user' => 'User name', 'add' => 'Add the user to these groups', 'remove' => 'Remove the user from these groups', @@ -101,21 +118,21 @@ class ApiUserrights extends ApiBase { } public function getDescription() { - return array( - 'Add/remove a user to/from groups', - ); + return 'Add/remove a user to/from groups'; } - - public function getPossibleErrors() { + + public function getPossibleErrors() { return array_merge( parent::getPossibleErrors(), array( array( 'missingparam', 'user' ), - array( 'missingparam', 'token' ), - array( 'sessionfailure' ), - ) ); + ) ); + } + + public function getTokenSalt() { + return $this->getUser()->getName(); } protected function getExamples() { - return array ( + return array( 'api.php?action=userrights&user=FooBot&add=bot&remove=sysop|bureaucrat&token=123ABC' ); }