dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Stylize on Api
[lhc/web/wiklou.git] / includes / api / ApiUserrights.php
diff --git a/includes/api/ApiUserrights.php b/includes/api/ApiUserrights.php
index e5ffe4e..377fd74 100644 (file)
--- a/includes/api/ApiUserrights.php
+++ b/includes/api/ApiUserrights.php
@@ -37,21 +37,11 @@ class ApiUserrights extends ApiBase {
        }
 
        public function execute() {
-               global $wgUser;
                $params = $this->extractRequestParams();
-               if ( is_null( $params['user'] ) )
-                       $this->dieUsageMsg( array( 'missingparam', 'user' ) );
-               if ( is_null( $params['token'] ) )
-                       $this->dieUsageMsg( array( 'missingparam', 'token' ) );
-
+               
+               // User already validated in call to getTokenSalt from Main
                $form = new UserrightsPage;
                $user = $form->fetchUser( $params['user'] );
-               if ( $user instanceof WikiErrorMsg )
-                       $this->dieUsageMsg( array_merge(
-                               (array)$user->getMessageKey(), $user->getMessageArgs() ) );
-
-               if ( !$wgUser->matchEditToken( $params['token'], $user->getName() ) )
-                       $this->dieUsageMsg( array( 'sessionfailure' ) );
                
                $r['user'] = $user->getName();
                list( $r['added'], $r['removed'] ) =
@@ -109,10 +99,22 @@ class ApiUserrights extends ApiBase {
     public function getPossibleErrors() {
                return array_merge( parent::getPossibleErrors(), array(
                        array( 'missingparam', 'user' ),
-                       array( 'missingparam', 'token' ),
-                       array( 'sessionfailure' ),
         ) );
        }
+       
+       public function getTokenSalt() {
+               $params = $this->extractRequestParams();
+               if ( is_null( $params['user'] ) )
+                       $this->dieUsageMsg( array( 'missingparam', 'user' ) );
+
+               $form = new UserrightsPage;
+               $user = $form->fetchUser( $params['user'] );
+               if ( $user instanceof WikiErrorMsg )
+                       $this->dieUsageMsg( array_merge(
+                               (array)$user->getMessageKey(), $user->getMessageArgs() ) );
+
+               return $user->getName();
+       }
 
        protected function getExamples() {
                return array (
Wiklou, le Wiki du Wiklou