<?php
-
-/*
+/**
+ *
+ *
* Created on Sep 1, 2007
- * API for MediaWiki 1.8+
*
- * Copyright (C) 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl
+ * Copyright © 2007 Roan Kattouw <Firstname>.<Lastname>@gmail.com
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
*/
-if (!defined('MEDIAWIKI')) {
+if ( !defined( 'MEDIAWIKI' ) ) {
// Eclipse helper - will be ignored in production
- require_once ("ApiBase.php");
+ require_once( "ApiBase.php" );
}
/**
- * @addtogroup API
+ * @ingroup API
*/
class ApiProtect extends ApiBase {
- public function __construct($main, $action) {
- parent :: __construct($main, $action);
+ public function __construct( $main, $action ) {
+ parent::__construct( $main, $action );
}
public function execute() {
- global $wgUser;
- $this->getMain()->requestWriteMode();
+ global $wgUser, $wgRestrictionLevels;
$params = $this->extractRequestParams();
-
- $titleObj = NULL;
- if(!isset($params['title']))
- $this->dieUsage('The title parameter must be set', 'notitle');
- if(!isset($params['token']))
- $this->dieUsage('The token parameter must be set', 'notoken');
- if(!isset($params['protections']) || empty($params['protections']))
- $this->dieUsage('The protections parameter must be set', 'noprotections');
-
- if($wgUser->isBlocked())
- $this->dieUsage('You have been blocked from editing', 'blocked');
- if(wfReadOnly())
- $this->dieUsage('The wiki is in read-only mode', 'readonly');
- if(!$wgUser->matchEditToken($params['token']))
- $this->dieUsage('Invalid token', 'badtoken');
-
- $titleObj = Title::newFromText($params['title']);
- if(!$titleObj)
- $this->dieUsage("Bad title ``{$params['title']}''", 'invalidtitle');
- if(!$titleObj->exists())
- $this->dieUsage("``{$params['title']}'' doesn't exist", 'missingtitle');
- if(!$titleObj->userCan('protect'))
- $this->dieUsage('You don\'t have permission to change protection levels', 'permissiondenied');
- $articleObj = new Article($titleObj);
-
- if(in_array($params['expiry'], array('infinite', 'indefinite', 'never')))
- $expiry = Block::infinity();
- else
- {
- $expiry = strtotime($params['expiry']);
- if($expiry < 0 || $expiry == false)
- $this->dieUsage('Invalid expiry time', 'invalidexpiry');
-
- $expiry = wfTimestamp(TS_MW, $expiry);
- if($expiry < wfTimestampNow())
- $this->dieUsage('Expiry time is in the past', 'pastexpiry');
+
+ $titleObj = Title::newFromText( $params['title'] );
+ if ( !$titleObj ) {
+ $this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) );
}
+ $errors = $titleObj->getUserPermissionsErrors( 'protect', $wgUser );
+ if ( $errors ) {
+ // We don't care about multiple errors, just report one of them
+ $this->dieUsageMsg( reset( $errors ) );
+ }
+
+ $expiry = (array)$params['expiry'];
+ if ( count( $expiry ) != count( $params['protections'] ) ) {
+ if ( count( $expiry ) == 1 ) {
+ $expiry = array_fill( 0, count( $params['protections'] ), $expiry[0] );
+ } else {
+ $this->dieUsageMsg( array( 'toofewexpiries', count( $expiry ), count( $params['protections'] ) ) );
+ }
+ }
+
+ $restrictionTypes = $titleObj->getRestrictionTypes();
+ $dbr = wfGetDB( DB_SLAVE );
+
$protections = array();
- foreach($params['protections'] as $prot)
- {
- $p = explode('=', $prot);
- $protections[$p[0]] = ($p[1] == 'all' ? '' : $p[1]);
+ $expiryarray = array();
+ $resultProtections = array();
+ foreach ( $params['protections'] as $i => $prot ) {
+ $p = explode( '=', $prot );
+ $protections[$p[0]] = ( $p[1] == 'all' ? '' : $p[1] );
+
+ if ( $titleObj->exists() && $p[0] == 'create' ) {
+ $this->dieUsageMsg( 'create-titleexists' );
+ }
+ if ( !$titleObj->exists() && $p[0] != 'create' ) {
+ $this->dieUsageMsg( 'missingtitle-createonly' );
+ }
+
+ if ( !in_array( $p[0], $restrictionTypes ) && $p[0] != 'create' ) {
+ $this->dieUsageMsg( array( 'protect-invalidaction', $p[0] ) );
+ }
+ if ( !in_array( $p[1], $wgRestrictionLevels ) && $p[1] != 'all' ) {
+ $this->dieUsageMsg( array( 'protect-invalidlevel', $p[1] ) );
+ }
+
+ if ( in_array( $expiry[$i], array( 'infinite', 'indefinite', 'never' ) ) ) {
+ $expiryarray[$p[0]] = $dbr->getInfinity();
+ } else {
+ $exp = strtotime( $expiry[$i] );
+ if ( $exp < 0 || !$exp ) {
+ $this->dieUsageMsg( array( 'invalidexpiry', $expiry[$i] ) );
+ }
+
+ $exp = wfTimestamp( TS_MW, $exp );
+ if ( $exp < wfTimestampNow() ) {
+ $this->dieUsageMsg( array( 'pastexpiry', $expiry[$i] ) );
+ }
+ $expiryarray[$p[0]] = $exp;
+ }
+ $resultProtections[] = array( $p[0] => $protections[$p[0]],
+ 'expiry' => ( $expiryarray[$p[0]] == $dbr->getInfinity() ?
+ 'infinite' :
+ wfTimestamp( TS_ISO_8601, $expiryarray[$p[0]] ) ) );
}
- $dbw = wfGetDb(DB_MASTER);
- $dbw->begin();
- $ok = $articleObj->updateRestrictions($protections, $params['reason'], $params['cascade'], $expiry);
- if(!$ok)
+ $cascade = $params['cascade'];
+ $articleObj = new Article( $titleObj );
+
+ $watch = $params['watch'] ? 'watch' : $params['watchlist'];
+ $this->setWatch( $watch, $titleObj );
+
+ if ( $titleObj->exists() ) {
+ $ok = $articleObj->updateRestrictions( $protections, $params['reason'], $cascade, $expiryarray );
+ } else {
+ $ok = $titleObj->updateTitleProtection( $protections['create'], $params['reason'], $expiryarray['create'] );
+ }
+ if ( !$ok ) {
// This is very weird. Maybe the article was deleted or the user was blocked/desysopped in the meantime?
- $this->dieUsage('Unknown error', 'unknownerror');
- $dbw->commit();
- $res = array('title' => $titleObj->getPrefixedText(), 'reason' => $params['reason'], 'expiry' => $expiry);
- if($params['cascade'])
+ // Just throw an unknown error in this case, as it's very likely to be a race condition
+ $this->dieUsageMsg( array() );
+ }
+ $res = array(
+ 'title' => $titleObj->getPrefixedText(),
+ 'reason' => $params['reason']
+ );
+ if ( $cascade ) {
$res['cascade'] = '';
- $res['protections'] = $protections;
- $this->getResult()->addValue(null, $this->getModuleName(), $res);
+ }
+ $res['protections'] = $resultProtections;
+ $result = $this->getResult();
+ $result->setIndexedTagName( $res['protections'], 'protection' );
+ $result->addValue( null, $this->getModuleName(), $res );
}
- protected function getAllowedParams() {
- return array (
- 'title' => null,
+ public function mustBePosted() {
+ return true;
+ }
+
+ public function isWriteMode() {
+ return true;
+ }
+
+ public function getAllowedParams() {
+ return array(
+ 'title' => array(
+ ApiBase::PARAM_TYPE => 'string',
+ ApiBase::PARAM_REQUIRED => true
+ ),
'token' => null,
'protections' => array(
- ApiBase :: PARAM_ISMULTI => true
+ ApiBase::PARAM_ISMULTI => true,
+ ApiBase::PARAM_REQUIRED => true,
+ ),
+ 'expiry' => array(
+ ApiBase::PARAM_ISMULTI => true,
+ ApiBase::PARAM_ALLOW_DUPLICATES => true,
+ ApiBase::PARAM_DFLT => 'infinite',
),
- 'expiry' => 'infinite',
'reason' => '',
- 'cascade' => false
+ 'cascade' => false,
+ 'watch' => array(
+ ApiBase::PARAM_DFLT => false,
+ ApiBase::PARAM_DEPRECATED => true,
+ ),
+ 'watchlist' => array(
+ ApiBase::PARAM_DFLT => 'preferences',
+ ApiBase::PARAM_TYPE => array(
+ 'watch',
+ 'unwatch',
+ 'preferences',
+ 'nochange'
+ ),
+ ),
);
}
- protected function getParamDescription() {
- return array (
- 'title' => 'Title of the page you want to restore.',
+ public function getParamDescription() {
+ return array(
+ 'title' => 'Title of the page you want to (un)protect',
'token' => 'A protect token previously retrieved through prop=info',
'protections' => 'Pipe-separated list of protection levels, formatted action=group (e.g. edit=sysop)',
- 'expiry' => 'Expiry timestamp. If set to \'infinite\', \'indefinite\' or \'never\', the protection will never expire.',
+ 'expiry' => array( 'Expiry timestamps. If only one timestamp is set, it\'ll be used for all protections.',
+ 'Use \'infinite\', \'indefinite\' or \'never\', for a neverexpiring protection.' ),
'reason' => 'Reason for (un)protecting (optional)',
- 'cascade' => 'Enable cascading protection (i.e. protect pages included in this page)'
+ 'cascade' => array( 'Enable cascading protection (i.e. protect pages included in this page)',
+ 'Ignored if not all protection levels are \'sysop\' or \'protect\'' ),
+ 'watch' => 'If set, add the page being (un)protected to your watchlist',
+ 'watchlist' => 'Unconditionally add or remove the page from your watchlist, use preferences or do not change watch',
);
}
- protected function getDescription() {
- return array(
- 'Change the protection level of a page.'
- );
+ public function getDescription() {
+ return 'Change the protection level of a page';
+ }
+
+ public function getPossibleErrors() {
+ return array_merge( parent::getPossibleErrors(), array(
+ array( 'invalidtitle', 'title' ),
+ array( 'toofewexpiries', 'noofexpiries', 'noofprotections' ),
+ array( 'create-titleexists' ),
+ array( 'missingtitle-createonly' ),
+ array( 'protect-invalidaction', 'action' ),
+ array( 'protect-invalidlevel', 'level' ),
+ array( 'invalidexpiry', 'expiry' ),
+ array( 'pastexpiry', 'expiry' ),
+ ) );
+ }
+
+ public function needsToken() {
+ return true;
+ }
+
+ public function getTokenSalt() {
+ return '';
}
protected function getExamples() {
- return array (
- 'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=sysop|move=sysop&cascade&expiry=20070901163000',
+ return array(
+ 'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=sysop|move=sysop&cascade=&expiry=20070901163000|never',
'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=all|move=all&reason=Lifting%20restrictions'
);
}
+ public function getHelpUrls() {
+ return 'http://www.mediawiki.org/wiki/API:Protect';
+ }
+
public function getVersion() {
return __CLASS__ . ': $Id$';
}