includes/api/ApiProtect.php

   1 <?php
   2
   3 /*
   4  * Created on Sep 1, 2007
   5  * API for MediaWiki 1.8+
   6  *
   7  * Copyright (C) 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License along
  20  * with this program; if not, write to the Free Software Foundation, Inc.,
  21  * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  22  * http://www.gnu.org/copyleft/gpl.html
  23  */
  24
  25 if ( !defined( 'MEDIAWIKI' ) ) {
  26         // Eclipse helper - will be ignored in production
  27         require_once ( "ApiBase.php" );
  28 }
  29
  30 /**
  31  * @ingroup API
  32  */
  33 class ApiProtect extends ApiBase {
  34
  35         public function __construct( $main, $action ) {
  36                 parent :: __construct( $main, $action );
  37         }
  38
  39         public function execute() {
  40                 global $wgUser, $wgRestrictionTypes, $wgRestrictionLevels;
  41                 $params = $this->extractRequestParams();
  42
  43                 $titleObj = null;
  44                 if ( !isset( $params['title'] ) )
  45                         $this->dieUsageMsg( array( 'missingparam', 'title' ) );
  46                 if ( !isset( $params['token'] ) )
  47                         $this->dieUsageMsg( array( 'missingparam', 'token' ) );
  48                 if ( empty( $params['protections'] ) )
  49                         $this->dieUsageMsg( array( 'missingparam', 'protections' ) );
  50
  51                 if ( !$wgUser->matchEditToken( $params['token'] ) )
  52                         $this->dieUsageMsg( array( 'sessionfailure' ) );
  53
  54                 $titleObj = Title::newFromText( $params['title'] );
  55                 if ( !$titleObj )
  56                         $this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) );
  57
  58                 $errors = $titleObj->getUserPermissionsErrors( 'protect', $wgUser );
  59                 if ( $errors )
  60                         // We don't care about multiple errors, just report one of them
  61                         $this->dieUsageMsg( reset( $errors ) );
  62
  63                 $expiry = (array)$params['expiry'];
  64                 if ( count( $expiry ) != count( $params['protections'] ) )
  65                 {
  66                         if ( count( $expiry ) == 1 )
  67                                 $expiry = array_fill( 0, count( $params['protections'] ), $expiry[0] );
  68                         else
  69                                 $this->dieUsageMsg( array( 'toofewexpiries', count( $expiry ), count( $params['protections'] ) ) );
  70                 }
  71
  72                 $restrictionTypes = $titleObj->getRestrictionTypes();
  73
  74                 $protections = array();
  75                 $expiryarray = array();
  76                 $resultProtections = array();
  77                 foreach ( $params['protections'] as $i => $prot )
  78                 {
  79                         $p = explode( '=', $prot );
  80                         $protections[$p[0]] = ( $p[1] == 'all' ? '' : $p[1] );
  81
  82                         if ( $titleObj->exists() && $p[0] == 'create' )
  83                                 $this->dieUsageMsg( array( 'create-titleexists' ) );
  84                         if ( !$titleObj->exists() && $p[0] != 'create' )
  85                                 $this->dieUsageMsg( array( 'missingtitle-createonly' ) );
  86
  87                         if ( !in_array( $p[0], $restrictionTypes ) && $p[0] != 'create' )
  88                                 $this->dieUsageMsg( array( 'protect-invalidaction', $p[0] ) );
  89                         if ( !in_array( $p[1], $wgRestrictionLevels ) && $p[1] != 'all' )
  90                                 $this->dieUsageMsg( array( 'protect-invalidlevel', $p[1] ) );
  91
  92                         if ( in_array( $expiry[$i], array( 'infinite', 'indefinite', 'never' ) ) )
  93                                 $expiryarray[$p[0]] = Block::infinity();
  94                         else
  95                         {
  96                                 $exp = strtotime( $expiry[$i] );
  97                                 if ( $exp < 0 || $exp == false )
  98                                         $this->dieUsageMsg( array( 'invalidexpiry', $expiry[$i] ) );
  99
 100                                 $exp = wfTimestamp( TS_MW, $exp );
 101                                 if ( $exp < wfTimestampNow() )
 102                                         $this->dieUsageMsg( array( 'pastexpiry', $expiry[$i] ) );
 103                                 $expiryarray[$p[0]] = $exp;
 104                         }
 105                         $resultProtections[] = array( $p[0] => $protections[$p[0]],
 106                                         'expiry' => ( $expiryarray[$p[0]] == Block::infinity() ?
 107                                                                 'infinite' :
 108                                                                 wfTimestamp( TS_ISO_8601, $expiryarray[$p[0]] ) ) );
 109                 }
 110
 111                 $cascade = $params['cascade'];
 112                 $articleObj = new Article( $titleObj );
 113                 if ( $params['watch'] )
 114                         $articleObj->doWatch();
 115                 if ( $titleObj->exists() )
 116                         $ok = $articleObj->updateRestrictions( $protections, $params['reason'], $cascade, $expiryarray );
 117                 else
 118                         $ok = $titleObj->updateTitleProtection( $protections['create'], $params['reason'], $expiryarray['create'] );
 119                 if ( !$ok )
 120                         // This is very weird. Maybe the article was deleted or the user was blocked/desysopped in the meantime?
 121                         // Just throw an unknown error in this case, as it's very likely to be a race condition
 122                         $this->dieUsageMsg( array() );
 123                 $res = array( 'title' => $titleObj->getPrefixedText(), 'reason' => $params['reason'] );
 124                 if ( $cascade )
 125                         $res['cascade'] = '';
 126                 $res['protections'] = $resultProtections;
 127                 $this->getResult()->setIndexedTagName( $res['protections'], 'protection' );
 128                 $this->getResult()->addValue( null, $this->getModuleName(), $res );
 129         }
 130
 131         public function mustBePosted() { return true; }
 132
 133         public function isWriteMode() {
 134                 return true;
 135         }
 136
 137         public function getAllowedParams() {
 138                 return array (
 139                         'title' => null,
 140                         'token' => null,
 141                         'protections' => array(
 142                                 ApiBase :: PARAM_ISMULTI => true
 143                         ),
 144                         'expiry' => array(
 145                                 ApiBase :: PARAM_ISMULTI => true,
 146                                 ApiBase :: PARAM_ALLOW_DUPLICATES => true,
 147                                 ApiBase :: PARAM_DFLT => 'infinite',
 148                         ),
 149                         'reason' => '',
 150                         'cascade' => false,
 151                         'watch' => false,
 152                 );
 153         }
 154
 155         public function getParamDescription() {
 156                 return array (
 157                         'title' => 'Title of the page you want to (un)protect.',
 158                         'token' => 'A protect token previously retrieved through prop=info',
 159                         'protections' => 'Pipe-separated list of protection levels, formatted action=group (e.g. edit=sysop)',
 160                         'expiry' => array( 'Expiry timestamps. If only one timestamp is set, it\'ll be used for all protections.',
 161                                         'Use \'infinite\', \'indefinite\' or \'never\', for a neverexpiring protection.' ),
 162                         'reason' => 'Reason for (un)protecting (optional)',
 163                         'cascade' => array( 'Enable cascading protection (i.e. protect pages included in this page)',
 164                                         'Ignored if not all protection levels are \'sysop\' or \'protect\'' ),
 165                         'watch' => 'If set, add the page being (un)protected to your watchlist',
 166                 );
 167         }
 168
 169         public function getDescription() {
 170                 return array(
 171                         'Change the protection level of a page.'
 172                 );
 173         }
 174
 175         protected function getExamples() {
 176                 return array (
 177                         'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=sysop|move=sysop&cascade&expiry=20070901163000|never',
 178                         'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=all|move=all&reason=Lifting%20restrictions'
 179                 );
 180         }
 181
 182         public function getVersion() {
 183                 return __CLASS__ . ': $Id$';
 184         }
 185 }