Merge "Exclude redirects from Special:Fewestrevisions"

[lhc/web/wiklou.git] / includes / Rest / EntryPoint.php

diff --git a/includes/Rest/EntryPoint.php b/includes/Rest/EntryPoint.php
index d5924f0..a14c1a1 100644 (file)
--- a/includes/Rest/EntryPoint.php
+++ b/includes/Rest/EntryPoint.php
@@ -4,10 +4,19 @@ namespace MediaWiki\Rest;
 
 use ExtensionRegistry;
 use MediaWiki\MediaWikiServices;
+use MediaWiki\Rest\BasicAccess\MWBasicAuthorizer;
 use RequestContext;
 use Title;
+use WebResponse;
 
 class EntryPoint {
+       /** @var RequestInterface */
+       private $request;
+       /** @var WebResponse */
+       private $webResponse;
+       /** @var Router */
+       private $router;
+
        public static function main() {
                // URL safety checks
                global $wgRequest;
@@ -21,35 +30,60 @@ class EntryPoint {
                RequestContext::getMain()->setTitle( $wgTitle );
 
                $services = MediaWikiServices::getInstance();
-
                $conf = $services->getMainConfig();
+
+               if ( !$conf->get( 'EnableRestAPI' ) ) {
+                       wfHttpError( 403, 'Access Denied',
+                               'Set $wgEnableRestAPI to true to enable the experimental REST API' );
+                       return;
+               }
+
                $request = new RequestFromGlobals( [
                        'cookiePrefix' => $conf->get( 'CookiePrefix' )
                ] );
 
+               $authorizer = new MWBasicAuthorizer( RequestContext::getMain()->getUser(),
+                       $services->getPermissionManager() );
+
                global $IP;
                $router = new Router(
                        [ "$IP/includes/Rest/coreRoutes.json" ],
                        ExtensionRegistry::getInstance()->getAttribute( 'RestRoutes' ),
                        $conf->get( 'RestPath' ),
                        $services->getLocalServerObjectCache(),
-                       new ResponseFactory
+                       new ResponseFactory,
+                       $authorizer
                );
 
-               $response = $router->execute( $request );
+               $entryPoint = new self(
+                       $request,
+                       $wgRequest->response(),
+                       $router );
+               $entryPoint->execute();
+       }
+
+       public function __construct( RequestInterface $request, WebResponse $webResponse,
+               Router $router
+       ) {
+               $this->request = $request;
+               $this->webResponse = $webResponse;
+               $this->router = $router;
+       }
+
+       public function execute() {
+               $response = $this->router->execute( $this->request );
 
-               $webResponse = $wgRequest->response();
-               $webResponse->header(
+               $this->webResponse->header(
                        'HTTP/' . $response->getProtocolVersion() . ' ' .
                        $response->getStatusCode() . ' ' .
                        $response->getReasonPhrase() );
 
                foreach ( $response->getRawHeaderLines() as $line ) {
-                       $webResponse->header( $line );
+                       $this->webResponse->header( $line );
                }
 
                foreach ( $response->getCookies() as $cookie ) {
-                       $webResponse->setCookie(
+                       $this->webResponse->setCookie(
                                $cookie['name'],
                                $cookie['value'],
                                $cookie['expiry'],