$describe = $req->describeCredentials();
$reqInfo = [
'id' => $req->getUniqueId(),
- 'metadata' => $req->getMetadata(),
+ 'metadata' => $req->getMetadata() + [ ApiResult::META_TYPE => 'assoc' ],
];
switch ( $req->required ) {
case AuthenticationRequest::OPTIONAL:
private function formatFields( array $fields ) {
static $copy = [
'type' => true,
- 'image' => true,
'value' => true,
];
}
public function isReadMode() {
- // We need to make an exception for ApiQueryTokens so login tokens can
- // be fetched on private wikis. Restrict that exception as much as
- // possible: no other modules allowed, and no pageset parameters
- // either. We do allow the 'rawcontinue' and 'indexpageids' parameters
- // since frameworks might add these unconditionally and they can't
- // expose anything here.
+ // We need to make an exception for certain meta modules that should be
+ // accessible even without the 'read' right. Restrict the exception as
+ // much as possible: no other modules allowed, and no pageset
+ // parameters either. We do allow the 'rawcontinue' and 'indexpageids'
+ // parameters since frameworks might add these unconditionally and they
+ // can't expose anything here.
+ $this->mParams = $this->extractRequestParams();
$params = array_filter(
array_diff_key(
- $this->extractRequestParams() + $this->getPageSet()->extractRequestParams(),
+ $this->mParams + $this->getPageSet()->extractRequestParams(),
[ 'rawcontinue' => 1, 'indexpageids' => 1 ]
)
);
- if ( $params === [ 'meta' => [ 'tokens' ] ] ) {
- return false;
+ if ( array_keys( $params ) !== [ 'meta' ] ) {
+ return true;
+ }
+
+ // Ask each module if it requires read mode. Any true => this returns
+ // true.
+ $modules = [];
+ $this->instantiateModules( $modules, 'meta' );
+ foreach ( $modules as $module ) {
+ if ( $module->isReadMode() ) {
+ return true;
+ }
}
- return true;
+ return false;
}
protected function getExamplesMessages() {
$this->getResult()->addValue( [ 'query' ], $this->getModuleName(), $ret );
}
- public function getCacheMode( $params ) {
- return 'public';
+ public function isReadMode() {
+ return false;
}
public function getAllowedParams() {
AuthManager::ACTION_UNLINK,
],
],
- ] + ApiAuthManagerHelper::getStandardParams( '', 'mergerequestfields' );
+ ] + ApiAuthManagerHelper::getStandardParams( '', 'mergerequestfields', 'messageformat' );
}
protected function getExamplesMessages() {
* - select: <select>
* - checkbox: <input type="checkbox">
* - multiselect: More a grid of checkboxes than <select multi>
- * - button: <input type="image"> if 'image' is set, otherwise <input type="submit">
- * (uses 'label' as button text)
+ * - button: <input type="submit"> (uses 'label' as button text)
* - hidden: Not visible to the user, but needs to be preserved for the next request
* - null: No widget, just display the 'label' message.
* - options: (array) Maps option values to Messages for the
* 'select' and 'multiselect' types.
* - value: (string) Value (for 'null' and 'hidden') or default value (for other types).
- * - image: (string) URL of an image to use in connection with the input
* - label: (Message) Text suitable for a label in an HTML form
* - help: (Message) Text suitable as a description of what the field is
* - optional: (bool) If set and truthy, the field may be left empty