includes/Rest/BasicAccess/BasicRequestAuthorizer.php

   1 <?php
   2
   3 namespace MediaWiki\Rest\BasicAccess;
   4
   5 use MediaWiki\Rest\Handler;
   6 use MediaWiki\Rest\RequestInterface;
   7
   8 /**
   9  * A request authorizer which checks needsReadAccess() in the
  10  * handler and calls isReadAllowed() in the subclass
  11  * accordingly.
  12  *
  13  * @internal
  14  */
  15 abstract class BasicRequestAuthorizer {
  16         protected $request;
  17         protected $handler;
  18
  19         /**
  20          * @param RequestInterface $request
  21          * @param Handler $handler
  22          */
  23         public function __construct( RequestInterface $request, Handler $handler ) {
  24                 $this->request = $request;
  25                 $this->handler = $handler;
  26         }
  27
  28         /**
  29          * @see BasicAuthorizerInterface::authorize()
  30          * @return string|null If the request is denied, the string error code. If
  31          *   the request is allowed, null.
  32          */
  33         public function authorize() {
  34                 if ( $this->handler->needsReadAccess() && !$this->isReadAllowed() ) {
  35                         return 'rest-read-denied';
  36                 }
  37                 return null;
  38         }
  39
  40         /**
  41          * Check if the current user is allowed to read from the wiki
  42          *
  43          * @return bool
  44          */
  45         abstract protected function isReadAllowed();
  46 }