3 namespace MediaWiki\Rest\BasicAccess
;
5 use MediaWiki\Rest\Handler
;
6 use MediaWiki\Rest\RequestInterface
;
9 * A request authorizer which checks needsReadAccess() and needsWriteAccess() in the
10 * handler and calls isReadAllowed() and/or isWriteAllowed() in the subclass
15 abstract class BasicRequestAuthorizer
{
20 * @param RequestInterface $request
21 * @param Handler $handler
23 public function __construct( RequestInterface
$request, Handler
$handler ) {
24 $this->request
= $request;
25 $this->handler
= $handler;
29 * @see BasicAuthorizerInterface::authorize()
30 * @return string|null If the request is denied, the string error code. If
31 * the request is allowed, null.
33 public function authorize() {
34 if ( $this->handler
->needsReadAccess() && !$this->isReadAllowed() ) {
35 return 'rest-read-denied';
37 if ( $this->handler
->needsWriteAccess() && !$this->isWriteAllowed() ) {
38 return 'rest-write-denied';
44 * Check if the current user is allowed to read from the wiki
48 abstract protected function isReadAllowed();
51 * Check if the current user is allowed to write to the wiki
55 abstract protected function isWriteAllowed();