dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Refactor requiresToken to getTokenSalt - Returns salt if exists, null if no salt...
[lhc/web/wiklou.git] / includes / api / ApiProtect.php
1 <?php
2
3 /*
4 * Created on Sep 1, 2007
5 * API for MediaWiki 1.8+
6 *
7 * Copyright (C) 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 * http://www.gnu.org/copyleft/gpl.html
23 */
24
25 if ( !defined( 'MEDIAWIKI' ) ) {
26 // Eclipse helper - will be ignored in production
27 require_once ( "ApiBase.php" );
28 }
29
30 /**
31 * @ingroup API
32 */
33 class ApiProtect extends ApiBase {
34
35 public function __construct( $main, $action ) {
36 parent :: __construct( $main, $action );
37 }
38
39 public function execute() {
40 global $wgUser, $wgRestrictionTypes, $wgRestrictionLevels;
41 $params = $this->extractRequestParams();
42
43 $titleObj = null;
44 if ( !isset( $params['title'] ) )
45 $this->dieUsageMsg( array( 'missingparam', 'title' ) );
46 if ( empty( $params['protections'] ) )
47 $this->dieUsageMsg( array( 'missingparam', 'protections' ) );
48
49 $titleObj = Title::newFromText( $params['title'] );
50 if ( !$titleObj )
51 $this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) );
52
53 $errors = $titleObj->getUserPermissionsErrors( 'protect', $wgUser );
54 if ( $errors )
55 // We don't care about multiple errors, just report one of them
56 $this->dieUsageMsg( reset( $errors ) );
57
58 $expiry = (array)$params['expiry'];
59 if ( count( $expiry ) != count( $params['protections'] ) )
60 {
61 if ( count( $expiry ) == 1 )
62 $expiry = array_fill( 0, count( $params['protections'] ), $expiry[0] );
63 else
64 $this->dieUsageMsg( array( 'toofewexpiries', count( $expiry ), count( $params['protections'] ) ) );
65 }
66
67 $restrictionTypes = $titleObj->getRestrictionTypes();
68
69 $protections = array();
70 $expiryarray = array();
71 $resultProtections = array();
72 foreach ( $params['protections'] as $i => $prot )
73 {
74 $p = explode( '=', $prot );
75 $protections[$p[0]] = ( $p[1] == 'all' ? '' : $p[1] );
76
77 if ( $titleObj->exists() && $p[0] == 'create' )
78 $this->dieUsageMsg( array( 'create-titleexists' ) );
79 if ( !$titleObj->exists() && $p[0] != 'create' )
80 $this->dieUsageMsg( array( 'missingtitle-createonly' ) );
81
82 if ( !in_array( $p[0], $restrictionTypes ) && $p[0] != 'create' )
83 $this->dieUsageMsg( array( 'protect-invalidaction', $p[0] ) );
84 if ( !in_array( $p[1], $wgRestrictionLevels ) && $p[1] != 'all' )
85 $this->dieUsageMsg( array( 'protect-invalidlevel', $p[1] ) );
86
87 if ( in_array( $expiry[$i], array( 'infinite', 'indefinite', 'never' ) ) )
88 $expiryarray[$p[0]] = Block::infinity();
89 else
90 {
91 $exp = strtotime( $expiry[$i] );
92 if ( $exp < 0 || $exp == false )
93 $this->dieUsageMsg( array( 'invalidexpiry', $expiry[$i] ) );
94
95 $exp = wfTimestamp( TS_MW, $exp );
96 if ( $exp < wfTimestampNow() )
97 $this->dieUsageMsg( array( 'pastexpiry', $expiry[$i] ) );
98 $expiryarray[$p[0]] = $exp;
99 }
100 $resultProtections[] = array( $p[0] => $protections[$p[0]],
101 'expiry' => ( $expiryarray[$p[0]] == Block::infinity() ?
102 'infinite' :
103 wfTimestamp( TS_ISO_8601, $expiryarray[$p[0]] ) ) );
104 }
105
106 $cascade = $params['cascade'];
107 $articleObj = new Article( $titleObj );
108 if ( $params['watch'] )
109 $articleObj->doWatch();
110 if ( $titleObj->exists() )
111 $ok = $articleObj->updateRestrictions( $protections, $params['reason'], $cascade, $expiryarray );
112 else
113 $ok = $titleObj->updateTitleProtection( $protections['create'], $params['reason'], $expiryarray['create'] );
114 if ( !$ok )
115 // This is very weird. Maybe the article was deleted or the user was blocked/desysopped in the meantime?
116 // Just throw an unknown error in this case, as it's very likely to be a race condition
117 $this->dieUsageMsg( array() );
118 $res = array( 'title' => $titleObj->getPrefixedText(), 'reason' => $params['reason'] );
119 if ( $cascade )
120 $res['cascade'] = '';
121 $res['protections'] = $resultProtections;
122 $this->getResult()->setIndexedTagName( $res['protections'], 'protection' );
123 $this->getResult()->addValue( null, $this->getModuleName(), $res );
124 }
125
126 public function mustBePosted() {
127 return true;
128 }
129
130 public function isWriteMode() {
131 return true;
132 }
133
134 public function getAllowedParams() {
135 return array (
136 'title' => null,
137 'token' => null,
138 'protections' => array(
139 ApiBase :: PARAM_ISMULTI => true
140 ),
141 'expiry' => array(
142 ApiBase :: PARAM_ISMULTI => true,
143 ApiBase :: PARAM_ALLOW_DUPLICATES => true,
144 ApiBase :: PARAM_DFLT => 'infinite',
145 ),
146 'reason' => '',
147 'cascade' => false,
148 'watch' => false,
149 );
150 }
151
152 public function getParamDescription() {
153 return array (
154 'title' => 'Title of the page you want to (un)protect.',
155 'token' => 'A protect token previously retrieved through prop=info',
156 'protections' => 'Pipe-separated list of protection levels, formatted action=group (e.g. edit=sysop)',
157 'expiry' => array( 'Expiry timestamps. If only one timestamp is set, it\'ll be used for all protections.',
158 'Use \'infinite\', \'indefinite\' or \'never\', for a neverexpiring protection.' ),
159 'reason' => 'Reason for (un)protecting (optional)',
160 'cascade' => array( 'Enable cascading protection (i.e. protect pages included in this page)',
161 'Ignored if not all protection levels are \'sysop\' or \'protect\'' ),
162 'watch' => 'If set, add the page being (un)protected to your watchlist',
163 );
164 }
165
166 public function getDescription() {
167 return array(
168 'Change the protection level of a page.'
169 );
170 }
171
172 public function getPossibleErrors() {
173 return array_merge( parent::getPossibleErrors(), array(
174 array( 'missingparam', 'title' ),
175 array( 'missingparam', 'protections' ),
176 array( 'invalidtitle', 'title' ),
177 array( 'toofewexpiries', 'noofexpiries', 'noofprotections' ),
178 array( 'create-titleexists' ),
179 array( 'missingtitle-createonly' ),
180 array( 'protect-invalidaction', 'action' ),
181 array( 'protect-invalidlevel', 'level' ),
182 array( 'invalidexpiry', 'expiry' ),
183 array( 'pastexpiry', 'expiry' ),
184 ) );
185 }
186
187 public function getTokenSalt() {
188 return null;
189 }
190
191 protected function getExamples() {
192 return array (
193 'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=sysop|move=sysop&cascade&expiry=20070901163000|never',
194 'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=all|move=all&reason=Lifting%20restrictions'
195 );
196 }
197
198 public function getVersion() {
199 return __CLASS__ . ': $Id$';
200 }
201 }
Wiklou, le Wiki du Wiklou