*/
const PARAM_MAX_CHARS = 24;
+ /**
+ * (array) Indicate that this is a templated parameter, and specify replacements. Keys are the
+ * placeholders in the parameter name and values are the names of (unprefixed) parameters from
+ * which the replacement values are taken.
+ *
+ * For example, a parameter "foo-{ns}-{title}" could be defined with
+ * PARAM_TEMPLATE_VARS => [ 'ns' => 'namespaces', 'title' => 'titles' ]. Then a query for
+ * namespaces=0|1&titles=X|Y would support parameters foo-0-X, foo-0-Y, foo-1-X, and foo-1-Y.
+ *
+ * All placeholders must be present in the parameter's name. Each target parameter must have
+ * PARAM_ISMULTI true. If a target is itself a templated parameter, its PARAM_TEMPLATE_VARS must
+ * be a subset of the referring parameter's, mapping the same placeholders to the same targets.
+ * A parameter cannot target itself.
+ *
+ * @since 1.32
+ */
+ const PARAM_TEMPLATE_VARS = 25;
+
/**@}*/
const ALL_DEFAULT_STRING = '*';
* Set the continuation manager
* @param ApiContinuationManager|null $manager
*/
- public function setContinuationManager( $manager ) {
+ public function setContinuationManager( ApiContinuationManager $manager = null ) {
// Main module has setContinuationManager() method overridden
// Safety - avoid infinite loop:
if ( $this->isMain() ) {
public function extractRequestParams( $parseLimit = true ) {
// Cache parameters, for performance and to avoid T26564.
if ( !isset( $this->mParamCache[$parseLimit] ) ) {
- $params = $this->getFinalParams();
+ $params = $this->getFinalParams() ?: [];
$results = [];
-
- if ( $params ) { // getFinalParams() can return false
- foreach ( $params as $paramName => $paramSettings ) {
+ $warned = [];
+
+ // Process all non-templates and save templates for secondary
+ // processing.
+ $toProcess = [];
+ foreach ( $params as $paramName => $paramSettings ) {
+ if ( isset( $paramSettings[self::PARAM_TEMPLATE_VARS] ) ) {
+ $toProcess[] = [ $paramName, $paramSettings[self::PARAM_TEMPLATE_VARS], $paramSettings ];
+ } else {
$results[$paramName] = $this->getParameterFromSettings(
- $paramName, $paramSettings, $parseLimit );
+ $paramName, $paramSettings, $parseLimit
+ );
}
}
+
+ // Now process all the templates by successively replacing the
+ // placeholders with all client-supplied values.
+ // This bit duplicates JavaScript logic in
+ // ApiSandbox.PageLayout.prototype.updateTemplatedParams().
+ // If you update this, see if that needs updating too.
+ while ( $toProcess ) {
+ list( $name, $targets, $settings ) = array_shift( $toProcess );
+
+ foreach ( $targets as $placeholder => $target ) {
+ if ( !array_key_exists( $target, $results ) ) {
+ // The target wasn't processed yet, try the next one.
+ // If all hit this case, the parameter has no expansions.
+ continue;
+ }
+ if ( !is_array( $results[$target] ) || !$results[$target] ) {
+ // The target was processed but has no (valid) values.
+ // That means it has no expansions.
+ break;
+ }
+
+ // Expand this target in the name and all other targets,
+ // then requeue if there are more targets left or put in
+ // $results if all are done.
+ unset( $targets[$placeholder] );
+ $placeholder = '{' . $placeholder . '}';
+ foreach ( $results[$target] as $value ) {
+ if ( !preg_match( '/^[^{}]*$/', $value ) ) {
+ // Skip values that make invalid parameter names.
+ $encTargetName = $this->encodeParamName( $target );
+ if ( !isset( $warned[$encTargetName][$value] ) ) {
+ $warned[$encTargetName][$value] = true;
+ $this->addWarning( [
+ 'apiwarn-ignoring-invalid-templated-value',
+ wfEscapeWikiText( $encTargetName ),
+ wfEscapeWikiText( $value ),
+ ] );
+ }
+ continue;
+ }
+
+ $newName = str_replace( $placeholder, $value, $name );
+ if ( !$targets ) {
+ $results[$newName] = $this->getParameterFromSettings( $newName, $settings, $parseLimit );
+ } else {
+ $newTargets = [];
+ foreach ( $targets as $k => $v ) {
+ $newTargets[$k] = str_replace( $placeholder, $value, $v );
+ }
+ $toProcess[] = [ $newName, $newTargets, $settings ];
+ }
+ }
+ break;
+ }
+ }
+
$this->mParamCache[$parseLimit] = $results;
}
* @return mixed Parameter value
*/
protected function getParameter( $paramName, $parseLimit = true ) {
- $paramSettings = $this->getFinalParams()[$paramName];
-
- return $this->getParameterFromSettings( $paramName, $paramSettings, $parseLimit );
+ return $this->extractRequestParams( $parseLimit )[$paramName];
}
/**
) {
$type = array_merge( $type, $paramSettings[self::PARAM_EXTRA_NAMESPACES] );
}
- // By default, namespace parameters allow ALL_DEFAULT_STRING to be used to specify
- // all namespaces.
+ // Namespace parameters allow ALL_DEFAULT_STRING to be used to
+ // specify all namespaces irrespective of PARAM_ALL.
$allowAll = true;
}
if ( isset( $value ) && $type == 'submodule' ) {
return $value;
}
- if ( is_array( $allowedValues ) ) {
- $values = array_map( function ( $v ) {
- return '<kbd>' . wfEscapeWikiText( $v ) . '</kbd>';
- }, $allowedValues );
- $this->dieWithError( [
- 'apierror-multival-only-one-of',
- $valueName,
- Message::listParam( $values ),
- count( $values ),
- ], "multival_$valueName" );
- } else {
- $this->dieWithError( [
- 'apierror-multival-only-one',
- $valueName,
- ], "multival_$valueName" );
- }
+ $values = array_map( function ( $v ) {
+ return '<kbd>' . wfEscapeWikiText( $v ) . '</kbd>';
+ }, $allowedValues );
+ $this->dieWithError( [
+ 'apierror-multival-only-one-of',
+ $valueName,
+ Message::listParam( $values ),
+ count( $values ),
+ ], "multival_$valueName" );
}
if ( is_array( $allowedValues ) ) {
}
/**
- * Validate and normalize of parameters of type 'timestamp'
+ * Validate and normalize parameters of type 'timestamp'
* @param string $value Parameter value
* @param string $encParamName Parameter name
* @return string Validated and normalized parameter
return wfTimestamp( TS_MW );
}
- $unixTimestamp = wfTimestamp( TS_UNIX, $value );
- if ( $unixTimestamp === false ) {
+ $timestamp = wfTimestamp( TS_MW, $value );
+ if ( $timestamp === false ) {
$this->dieWithError(
[ 'apierror-badtimestamp', $encParamName, wfEscapeWikiText( $value ) ],
"badtimestamp_{$encParamName}"
);
}
- return wfTimestamp( TS_MW, $unixTimestamp );
+ return $timestamp;
}
/**
}
/**
- * Validate and normalize of parameters of type 'user'
+ * Validate and normalize parameters of type 'user'
* @param string $value Parameter value
* @param string $encParamName Parameter name
* @return string Validated and normalized parameter
return $value;
}
- $title = Title::makeTitleSafe( NS_USER, $value );
- if ( $title === null || $title->hasFragment() ) {
+ $titleObj = Title::makeTitleSafe( NS_USER, $value );
+
+ if ( $titleObj ) {
+ $value = $titleObj->getText();
+ }
+
+ if (
+ !User::isValidUserName( $value ) &&
+ // We allow ranges as well, for blocks.
+ !IP::isIPAddress( $value ) &&
+ // See comment for User::isIP. We don't just call that function
+ // here because it also returns true for things like
+ // 300.300.300.300 that are neither valid usernames nor valid IP
+ // addresses.
+ !preg_match(
+ '/^' . RE_IP_BYTE . '\.' . RE_IP_BYTE . '\.' . RE_IP_BYTE . '\.xxx$/',
+ $value
+ )
+ ) {
$this->dieWithError(
[ 'apierror-baduser', $encParamName, wfEscapeWikiText( $value ) ],
"baduser_{$encParamName}"
);
}
- return $title->getText();
+ return $value;
}
/**@}*/
return false;
}
- /**
- * @deprecated since 1.25, always returns empty string
- * @param IDatabase|bool $db
- * @return string
- */
- public function getModuleProfileName( $db = false ) {
- wfDeprecated( __METHOD__, '1.25' );
- return '';
- }
-
/**
* @deprecated since 1.25
*/
wfDeprecated( __METHOD__, '1.25' );
}
- /**
- * @deprecated since 1.25, always returns 0
- * @return float
- */
- public function getProfileTime() {
- wfDeprecated( __METHOD__, '1.25' );
- return 0;
- }
-
/**
* @deprecated since 1.25
*/
wfDeprecated( __METHOD__, '1.25' );
}
- /**
- * @deprecated since 1.25, always returns 0
- * @return float
- */
- public function getProfileDBTime() {
- wfDeprecated( __METHOD__, '1.25' );
- return 0;
- }
-
/**
* Call wfTransactionalTimeLimit() if this request was POSTed
* @since 1.26