use AppendIterator;
use BagOStuff;
+use Wikimedia\Message\MessageValue;
use MediaWiki\Rest\BasicAccess\BasicAuthorizerInterface;
use MediaWiki\Rest\PathTemplateMatcher\PathMatcher;
+use MediaWiki\Rest\Validator\Validator;
use Wikimedia\ObjectFactory;
/**
/** @var BasicAuthorizerInterface */
private $basicAuth;
+ /** @var ObjectFactory */
+ private $objectFactory;
+
+ /** @var Validator */
+ private $restValidator;
+
/**
* @param string[] $routeFiles List of names of JSON files containing routes
* @param array $extraRoutes Extension route array
* @param BagOStuff $cacheBag A cache in which to store the matcher trees
* @param ResponseFactory $responseFactory
* @param BasicAuthorizerInterface $basicAuth
+ * @param ObjectFactory $objectFactory
+ * @param Validator $restValidator
*/
public function __construct( $routeFiles, $extraRoutes, $rootPath,
BagOStuff $cacheBag, ResponseFactory $responseFactory,
- BasicAuthorizerInterface $basicAuth
+ BasicAuthorizerInterface $basicAuth, ObjectFactory $objectFactory,
+ Validator $restValidator
) {
$this->routeFiles = $routeFiles;
$this->extraRoutes = $extraRoutes;
$this->cacheBag = $cacheBag;
$this->responseFactory = $responseFactory;
$this->basicAuth = $basicAuth;
+ $this->objectFactory = $objectFactory;
+ $this->restValidator = $restValidator;
}
/**
$path = $request->getUri()->getPath();
$relPath = $this->getRelativePath( $path );
if ( $relPath === false ) {
- return $this->responseFactory->createHttpError( 404 );
+ return $this->responseFactory->createLocalizedHttpError( 404,
+ ( new MessageValue( 'rest-prefix-mismatch' ) )
+ ->plaintextParams( $path, $this->rootPath )
+ );
}
+ $requestMethod = $request->getMethod();
$matchers = $this->getMatchers();
- $matcher = $matchers[$request->getMethod()] ?? null;
+ $matcher = $matchers[$requestMethod] ?? null;
$match = $matcher ? $matcher->match( $relPath ) : null;
+ // For a HEAD request, execute the GET handler instead if one exists.
+ // The webserver will discard the body.
+ if ( !$match && $requestMethod === 'HEAD' && isset( $matchers['GET'] ) ) {
+ $match = $matchers['GET']->match( $relPath );
+ }
+
if ( !$match ) {
// Check for 405 wrong method
$allowed = [];
foreach ( $matchers as $allowedMethod => $allowedMatcher ) {
- if ( $allowedMethod === $request->getMethod() ) {
+ if ( $allowedMethod === $requestMethod ) {
continue;
}
if ( $allowedMatcher->match( $relPath ) ) {
}
}
if ( $allowed ) {
- $response = $this->responseFactory->createHttpError( 405 );
+ $response = $this->responseFactory->createLocalizedHttpError( 405,
+ ( new MessageValue( 'rest-wrong-method' ) )
+ ->textParams( $requestMethod )
+ ->commaListParams( $allowed )
+ ->numParams( count( $allowed ) )
+ );
$response->setHeader( 'Allow', $allowed );
return $response;
} else {
// Did not match with any other method, must be 404
- return $this->responseFactory->createHttpError( 404 );
+ return $this->responseFactory->createLocalizedHttpError( 404,
+ ( new MessageValue( 'rest-no-match' ) )
+ ->plaintextParams( $relPath )
+ );
}
}
$request->setPathParams( array_map( 'rawurldecode', $match['params'] ) );
$spec = $match['userData'];
$objectFactorySpec = array_intersect_key( $spec,
+ // @todo ObjectFactory supports more keys than this.
[ 'factory' => true, 'class' => true, 'args' => true ] );
/** @var $handler Handler (annotation for PHPStorm) */
- $handler = ObjectFactory::getObjectFromSpec( $objectFactorySpec );
+ $handler = $this->objectFactory->createObject( $objectFactorySpec );
$handler->init( $this, $request, $spec, $this->responseFactory );
try {
/**
* Execute a fully-constructed handler
+ *
* @param Handler $handler
* @return ResponseInterface
*/
private function executeHandler( $handler ): ResponseInterface {
+ // @phan-suppress-next-line PhanAccessMethodInternal
$authResult = $this->basicAuth->authorize( $handler->getRequest(), $handler );
if ( $authResult ) {
return $this->responseFactory->createHttpError( 403, [ 'error' => $authResult ] );
}
+
+ $handler->validate( $this->restValidator );
+
$response = $handler->execute();
if ( !( $response instanceof ResponseInterface ) ) {
$response = $this->responseFactory->createFromReturnValue( $response );