MediaWiki 1.39.10
|
Base class for REST route handlers. More...
Public Member Functions | |
applyConditionalResponseHeaders (ResponseInterface $response) | |
Apply verifier headers to the response, per RFC 7231 §7.2. | |
checkPreconditions () | |
Check the conditional request headers and generate a response if appropriate. | |
checkSession () | |
Check the session (and session provider) | |
execute () | |
Execute the handler. | |
getAuthority () | |
Get the current acting authority. | |
getBodyValidator ( $contentType) | |
Fetch the BodyValidator. | |
getConfig () | |
Get the configuration array for the current route. | |
getParamSettings () | |
Fetch ParamValidator settings for parameters. | |
getRequest () | |
Get the current request. | |
getResponseFactory () | |
Get the ResponseFactory which can be used to generate Response objects. | |
getSession () | |
Get the Session. | |
getValidatedBody () | |
Fetch the validated body. | |
getValidatedParams () | |
Fetch the validated parameters. | |
init (Router $router, RequestInterface $request, array $config, Authority $authority, ResponseFactory $responseFactory, HookContainer $hookContainer, Session $session) | |
Initialise with dependencies from the Router. | |
needsReadAccess () | |
Indicates whether this route requires read rights. | |
needsWriteAccess () | |
Indicates whether this route requires write access. | |
requireSafeAgainstCsrf () | |
Indicates whether this route can be accessed only by session providers safe vs csrf. | |
validate (Validator $restValidator) | |
Validate the request parameters/attributes and body. | |
Public Attributes | |
const | PARAM_SOURCE = 'rest-param-source' |
(string) ParamValidator constant to specify the source of the parameter. | |
Protected Member Functions | |
getConditionalHeaderUtil () | |
Get a ConditionalHeaderUtil object. | |
getETag () | |
The subclass should override this to provide an ETag for the current state of the requested resource. | |
getHookContainer () | |
Get a HookContainer, for running extension hooks or for hook metadata. | |
getHookRunner () | |
Get a HookRunner for running core hooks. | |
getLastModified () | |
The subclass should override this to provide the maximum last modified timestamp of the requested resource. | |
getRouter () | |
Get the Router. | |
getRouteUrl ( $pathParams=[], $queryParams=[]) | |
Get the URL of this handler's endpoint. | |
hasRepresentation () | |
The subclass should override this to indicate whether the resource exists. | |
postInitSetup () | |
The handler can override this to do any necessary setup after init() is called to inject the dependencies. | |
postValidationSetup () | |
The handler can override this to do any necessary setup after validate() has been called. | |
urlEncodeTitle ( $title) | |
URL-encode titles in a "pretty" way. | |
Base class for REST route handlers.
Definition at line 20 of file Handler.php.
MediaWiki\Rest\Handler::applyConditionalResponseHeaders | ( | ResponseInterface | $response | ) |
Apply verifier headers to the response, per RFC 7231 §7.2.
This is called after execute() returns.
For GET and HEAD requests, the default behavior is to set the ETag and Last-Modified headers based on the values returned by getETag() and getLastModified() when they were called before execute() was run.
Other request methods are assumed to be state-changing, so no headers will be set per default.
This may be overridden to modify the verifier headers sent in the response. However, handlers that modify the resource's state would typically just set the ETag and Last-Modified headers in the execute() method.
ResponseInterface | $response |
Definition at line 291 of file Handler.php.
MediaWiki\Rest\Handler::checkPreconditions | ( | ) |
Check the conditional request headers and generate a response if appropriate.
This is called by the Router before execute() and may be overridden.
Definition at line 261 of file Handler.php.
MediaWiki\Rest\Handler::checkSession | ( | ) |
Check the session (and session provider)
HttpException | on failed check |
Definition at line 216 of file Handler.php.
|
abstract |
Execute the handler.
This is called after parameter validation. The return value can either be a Response or any type accepted by ResponseFactory::createFromReturnValue().
To automatically construct an error response, execute() should throw a \MediaWiki\Rest\HttpException. Such exceptions will not be logged like a normal exception.
If execute() throws any other kind of exception, the exception will be logged and a generic 500 error page will be shown.
Reimplemented in MediaWiki\Rest\Handler\ActionModuleBasedHandler, MediaWiki\Rest\Handler\CompareHandler, MediaWiki\Rest\Handler\ContributionsCountHandler, MediaWiki\Rest\Handler\ParsoidHandler, MediaWiki\Rest\Handler\SearchHandler, MediaWiki\Rest\Handler\TransformHandler, MediaWiki\Rest\Handler\UserContributionsHandler, and MediaWiki\Rest\SimpleHandler.
MediaWiki\Rest\Handler::getAuthority | ( | ) |
Get the current acting authority.
The return type declaration causes it to raise a fatal error if init() has not yet been called.
Definition at line 157 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\CompareHandler\execute(), MediaWiki\Rest\Handler\ContributionsCountHandler\execute(), MediaWiki\Rest\Handler\UserContributionsHandler\execute(), MediaWiki\Rest\Handler\AbstractContributionHandler\getTargetUser(), MediaWiki\Rest\Handler\PageHTMLHandler\postValidationSetup(), MediaWiki\Rest\Handler\PageSourceHandler\postValidationSetup(), MediaWiki\Rest\Handler\RevisionHTMLHandler\postValidationSetup(), MediaWiki\Rest\Handler\RevisionSourceHandler\postValidationSetup(), and MediaWiki\Rest\Handler\PageHistoryCountHandler\run().
MediaWiki\Rest\Handler::getBodyValidator | ( | $contentType | ) |
Fetch the BodyValidator.
string | $contentType | Content type of the request. |
Reimplemented in MediaWiki\Rest\Handler\CreationHandler, and MediaWiki\Rest\Handler\UpdateHandler.
Definition at line 325 of file Handler.php.
Referenced by MediaWiki\Rest\Validator\Validator\validateBody().
|
protected |
Get a ConditionalHeaderUtil object.
On the first call to this method, the object will be initialized with validator values by calling getETag(), getLastModified() and hasRepresentation().
Definition at line 241 of file Handler.php.
References MediaWiki\Rest\ConditionalHeaderUtil\setValidators().
MediaWiki\Rest\Handler::getConfig | ( | ) |
Get the configuration array for the current route.
The return type declaration causes it to raise a fatal error if init() has not been called.
Definition at line 168 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\ParsoidHandler\assertDomainIsCorrect(), MediaWiki\Rest\Handler\AbstractContributionHandler\postInitSetup(), and MediaWiki\Rest\Handler\SearchHandler\postInitSetup().
|
protected |
The subclass should override this to provide an ETag for the current state of the requested resource.
This is called before execute() in order to decide whether to send a 304. If the request is going to change the state of the resource, the ETag returned must represent the state before the change. In other words, it must identify the entity that the change is going to be applied to.
For GET and HEAD requests, this ETag will also be included in the response.
Handlers that modify the resource and want to return an ETag header representing the new state in the response should set the header in the execute() method. However, note that responses to PUT requests must not return an ETag unless the new content of the resource is exactly the data that was sent by the client in the request body.
This must be a complete ETag, including double quotes. See RFC 7231 §7.2 and RFC 7232 §2.3 for semantics.
Reimplemented in MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\RevisionSourceHandler.
Definition at line 424 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\RevisionSourceHandler\getETag().
|
protected |
Get a HookContainer, for running extension hooks or for hook metadata.
Definition at line 358 of file Handler.php.
|
protected |
Get a HookRunner for running core hooks.
Definition at line 370 of file Handler.php.
|
protected |
The subclass should override this to provide the maximum last modified timestamp of the requested resource.
This is called before execute() in order to decide whether to send a 304. If the request is going to change the state of the resource, the time returned must represent the last modification date before the change. In other words, it must provide the timestamp of the entity that the change is going to be applied to.
For GET and HEAD requests, this value will automatically be included in the response in the Last-Modified header.
Handlers that modify the resource and want to return a Last-Modified header representing the new state in the response should set the header in the execute() method.
See RFC 7231 §7.2 and RFC 7232 §2.3 for semantics.
Reimplemented in MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryCountHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\RevisionSourceHandler.
Definition at line 396 of file Handler.php.
MediaWiki\Rest\Handler::getParamSettings | ( | ) |
Fetch ParamValidator settings for parameters.
Every setting must include self::PARAM_SOURCE to specify which part of the request is to contain the parameter.
Can be used for validating parameters inside an application/x-www-form-urlencoded or multipart/form-data POST body (i.e. parameters which would be present in PHP's $_POST array). For validating other kinds of request bodies, override getBodyValidator().
Reimplemented in MediaWiki\Rest\Handler\CompareHandler, MediaWiki\Rest\Handler\ContributionsCountHandler, MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryCountHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, MediaWiki\Rest\Handler\RevisionSourceHandler, MediaWiki\Rest\Handler\SearchHandler, MediaWiki\Rest\Handler\TransformHandler, MediaWiki\Rest\Handler\UpdateHandler, and MediaWiki\Rest\Handler\UserContributionsHandler.
Definition at line 313 of file Handler.php.
Referenced by MediaWiki\Rest\SimpleHandler\execute().
MediaWiki\Rest\Handler::getRequest | ( | ) |
Get the current request.
The return type declaration causes it to raise a fatal error if init() has not yet been called.
Definition at line 146 of file Handler.php.
Referenced by MediaWiki\Rest\SimpleHandler\execute().
MediaWiki\Rest\Handler::getResponseFactory | ( | ) |
Get the ResponseFactory which can be used to generate Response objects.
This will raise a fatal error if init() has not been called.
Definition at line 179 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\ActionModuleBasedHandler\execute(), MediaWiki\Rest\Handler\CompareHandler\execute(), MediaWiki\Rest\Handler\LanguageLinksHandler\run(), MediaWiki\Rest\Handler\MediaLinksHandler\run(), MediaWiki\Rest\Handler\PageHistoryHandler\run(), MediaWiki\Rest\Handler\PageHistoryCountHandler\run(), and MediaWiki\Rest\Handler\RevisionSourceHandler\run().
|
protected |
Get the Router.
The return type declaration causes it to raise a fatal error if init() has not yet been called.
Definition at line 95 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\CreationHandler\mapActionModuleResponse().
|
protected |
Get the URL of this handler's endpoint.
Supports the substitution of path parameters, and additions of query parameters.
string[] | $pathParams | Path parameters to be injected into the path |
string[] | $queryParams | Query parameters to be attached to the URL |
Definition at line 110 of file Handler.php.
MediaWiki\Rest\Handler::getSession | ( | ) |
Get the Session.
This will raise a fatal error if init() has not been called.
Definition at line 190 of file Handler.php.
MediaWiki\Rest\Handler::getValidatedBody | ( | ) |
Fetch the validated body.
Definition at line 348 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\CreationHandler\getActionModuleParameters(), MediaWiki\Rest\Handler\UpdateHandler\getActionModuleParameters(), and MediaWiki\Rest\Handler\CreationHandler\getTitleParameter().
MediaWiki\Rest\Handler::getValidatedParams | ( | ) |
Fetch the validated parameters.
This must be called after validate() is called. During execute() is fine.
\RuntimeException If validate() has not been called
Definition at line 336 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\ContributionsCountHandler\execute(), MediaWiki\Rest\Handler\UserContributionsHandler\execute(), MediaWiki\Rest\SimpleHandler\execute(), MediaWiki\Rest\Handler\AbstractContributionHandler\getTargetUser(), MediaWiki\Rest\Handler\UpdateHandler\getTitleParameter(), MediaWiki\Rest\Handler\UpdateHandler\mapActionModuleResult(), MediaWiki\Rest\Handler\PageHTMLHandler\postValidationSetup(), MediaWiki\Rest\Handler\PageSourceHandler\postValidationSetup(), MediaWiki\Rest\Handler\RevisionHTMLHandler\postValidationSetup(), MediaWiki\Rest\Handler\RevisionSourceHandler\postValidationSetup(), and MediaWiki\Rest\Handler\PageHistoryHandler\run().
|
protected |
The subclass should override this to indicate whether the resource exists.
This is used for wildcard validators, for example "If-Match: *" fails if the resource does not exist.
In a state-changing request, the return value of this method should reflect the state before the requested change is applied.
Reimplemented in MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\RevisionSourceHandler.
Definition at line 440 of file Handler.php.
|
final |
Initialise with dependencies from the Router.
This is called after construction.
Router | $router | |
RequestInterface | $request | |
array | $config | |
Authority | $authority | |
ResponseFactory | $responseFactory | |
HookContainer | $hookContainer | |
Session | $session |
Definition at line 75 of file Handler.php.
References MediaWiki\Rest\Handler\postInitSetup().
MediaWiki\Rest\Handler::needsReadAccess | ( | ) |
Indicates whether this route requires read rights.
The handler should override this if it does not need to read from the wiki. This is uncommon, but may be useful for login and other account management APIs.
Definition at line 455 of file Handler.php.
MediaWiki\Rest\Handler::needsWriteAccess | ( | ) |
Indicates whether this route requires write access.
The handler should override this if the route does not need to write to the database.
This should return true for routes that may require synchronous database writes. Modules that do not need such writes should also not rely on primary database access, since only read queries are needed and each primary DB is a single point of failure.
Reimplemented in MediaWiki\Rest\Handler\EditHandler, MediaWiki\Rest\Handler\LanguageLinksHandler, MediaWiki\Rest\Handler\MediaFileHandler, MediaWiki\Rest\Handler\MediaLinksHandler, MediaWiki\Rest\Handler\PageHistoryCountHandler, MediaWiki\Rest\Handler\PageHistoryHandler, MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, MediaWiki\Rest\Handler\RevisionSourceHandler, and MediaWiki\Rest\Handler\SearchHandler.
Definition at line 473 of file Handler.php.
Referenced by MediaWiki\Rest\CorsUtils\authorize().
|
protected |
The handler can override this to do any necessary setup after init() is called to inject the dependencies.
Reimplemented in MediaWiki\Rest\Handler\AbstractContributionHandler, and MediaWiki\Rest\Handler\SearchHandler.
Definition at line 501 of file Handler.php.
Referenced by MediaWiki\Rest\Handler\init().
|
protected |
The handler can override this to do any necessary setup after validate() has been called.
This gives the handler an opportunity to do initialization based on parameters before pre-execution calls like getLastModified() or getETag().
Reimplemented in MediaWiki\Rest\Handler\PageHTMLHandler, MediaWiki\Rest\Handler\PageSourceHandler, MediaWiki\Rest\Handler\RevisionHTMLHandler, and MediaWiki\Rest\Handler\RevisionSourceHandler.
Definition at line 512 of file Handler.php.
MediaWiki\Rest\Handler::requireSafeAgainstCsrf | ( | ) |
Indicates whether this route can be accessed only by session providers safe vs csrf.
The handler should override this if the route must only be accessed by session providers that are safe against csrf.
A return value of false does not necessarily mean the route is vulnerable to csrf attacks. It means the route can be accessed by session providers that are not automatically safe against csrf attacks, so the possibility of csrf attacks must be considered.
Definition at line 491 of file Handler.php.
|
protected |
URL-encode titles in a "pretty" way.
Keeps intact ;$!*(),~: (urlencode does not, but wfUrlencode does). Encodes spaces as underscores (wfUrlencode does not). Encodes slashes (wfUrlencode does not, but keeping them messes with REST paths). Encodes pluses (this is not necessary, and may change).
string | $title |
Definition at line 129 of file Handler.php.
References $title.
Referenced by MediaWiki\Rest\Handler\CreationHandler\mapActionModuleResponse().
MediaWiki\Rest\Handler::validate | ( | Validator | $restValidator | ) |
Validate the request parameters/attributes and body.
If there is a validation failure, a response with an error message should be returned or an HttpException should be thrown.
Validator | $restValidator |
HttpException | On validation failure. |
Definition at line 203 of file Handler.php.
References MediaWiki\Rest\Validator\Validator\validateBody(), and MediaWiki\Rest\Validator\Validator\validateParams().
const MediaWiki\Rest\Handler::PARAM_SOURCE = 'rest-param-source' |
(string) ParamValidator constant to specify the source of the parameter.
Value must be 'path', 'query', or 'post'. 'post' refers to application/x-www-form-urlencoded or multipart/form-data encoded parameters in the body of a POST request (in other words, parameters in PHP's $_POST). For other kinds of POST parameters, such as JSON fields, use BodyValidator instead of ParamValidator.
Definition at line 29 of file Handler.php.
Referenced by MediaWiki\Rest\SimpleHandler\execute(), MediaWiki\Rest\Handler\CompareHandler\getParamSettings(), and MediaWiki\Rest\Validator\Validator\validateParams().